From 00f677e0ada95522edf37c288392d92b4d6e18c5 Mon Sep 17 00:00:00 2001 From: rtel Date: Fri, 18 Jul 2014 18:54:25 +0000 Subject: [PATCH] Update CyaSSL to latest version. git-svn-id: https://svn.code.sf.net/p/freertos/code/trunk@2280 1d2547de-c912-0410-9cb9-b8ca96c0e9e2 --- .../WIN32.vcxproj | 2 + .../WIN32.vcxproj.filters | 6 + .../ca-cert.pem | 104 +- .../server-cert.pem | 203 +- FreeRTOS-Plus/Source/CyaSSL/COPYING | 41 +- .../Projects/CyaSSL-Lib/CyaSSL-Lib.ewp | 2000 + .../Projects/CyaSSL-Lib/CyaSSL-Lib.eww | 16 + .../Projects/CyaSSL-Lib/benchmark-main.c | 40 + .../IAR-EWARM/Projects/CyaSSL-Lib/test-main.c | 36 + .../CyaSSL-Lib/wolfCrypt-benchmark.ewd | 2601 ++ .../CyaSSL-Lib/wolfCrypt-benchmark.ewp | 1877 + .../CyaSSL-Lib/wolfCrypt-benchmark.icf | 32 + .../Projects/CyaSSL-Lib/wolfCrypt-test.ewd | 2601 ++ .../Projects/CyaSSL-Lib/wolfCrypt-test.ewp | 1877 + .../Projects/CyaSSL-Lib/wolfCrypt-test.icf | 31 + .../Source/CyaSSL/IDE/IAR-EWARM/README | 49 + .../CyaSSL/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c | 166 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c | 261 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c | 28 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h | 39 + .../MDK-ARM/CyaSSL/config-BARE-METAL.h | 291 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h | 329 + .../MDK-ARM/CyaSSL/config-RTX-TCP-FS.h | 351 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h | 46 + .../MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c | 249 + .../MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h | 103 + .../CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c | 172 + .../CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c | 595 + .../IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c | 53 + .../MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt | 1757 + .../MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj | 3510 ++ .../MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt | 1656 + .../MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj | 3964 ++ .../STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c | 299 + .../CyaSSL/IDE/MDK5-ARM/Conf/config-Crypt.h | 185 + .../CyaSSL/IDE/MDK5-ARM/Conf/config-CyaSSL.h | 144 + .../Docs/CyaSSLManual-TableofContents.htm | 1 + .../CyaSSLManual-wolfCryptUsageReference.htm | 1 + .../CyaSSL/IDE/MDK5-ARM/Inc/cert_data.h | 39 + .../Source/CyaSSL/IDE/MDK5-ARM/Inc/config.h | 62 + .../CyaSSL/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h | 106 + .../Projects/CryptBenchmark/Abstract.txt | 15 + .../CryptBenchmark/CryptBenchmark.uvoptx | 1169 + .../CryptBenchmark/CryptBenchmark.uvprojx | 945 + .../CryptBenchmark/RTE/wolfSSL/settings.h | 667 + .../Projects/CryptBenchmark/benchmark.c | 1222 + .../MDK5-ARM/Projects/CryptBenchmark/main.c | 71 + .../Projects/CryptBenchmark/time-CortexM3-4.c | 41 + .../Projects/CryptBenchmark/time-dummy.c | 34 + .../MDK5-ARM/Projects/CryptTest/Abstract.txt | 16 + .../Projects/CryptTest/CryptTest.uvoptx | 1147 + .../Projects/CryptTest/CryptTest.uvprojx | 946 + .../Projects/CryptTest/RTE/wolfSSL/settings.h | 667 + .../MDK5-ARM/Projects/CryptTest/cert_data.c | 28 + .../IDE/MDK5-ARM/Projects/CryptTest/main.c | 76 + .../IDE/MDK5-ARM/Projects/CryptTest/test.c | 4758 +++ .../Projects/CyaSSL-Full/Abstract.txt | 85 + .../Projects/CyaSSL-Full/CyaSSL-Full.uvoptx | 1621 + .../Projects/CyaSSL-Full/CyaSSL-Full.uvprojx | 1155 + .../CyaSSL-Full/RTE/wolfSSL/settings.h | 667 + .../MDK5-ARM/Projects/CyaSSL-Full/benchmark.c | 1222 + .../MDK5-ARM/Projects/CyaSSL-Full/cert_data.c | 28 + .../MDK5-ARM/Projects/CyaSSL-Full/client.c | 858 + .../Projects/CyaSSL-Full/echoclient.c | 282 + .../Projects/CyaSSL-Full/echoserver.c | 368 + .../IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c | 102 + .../MDK5-ARM/Projects/CyaSSL-Full/server.c | 604 + .../IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c | 657 + .../IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c | 4758 +++ .../Projects/CyaSSL-Full/time-CortexM3-4.c | 41 + .../Projects/CyaSSL-Full/time-dummy.c | 34 + .../MDK5-ARM/Projects/EchoClient/Abstract.txt | 22 + .../Projects/EchoClient/EchoClient.uvoptx | 1465 + .../Projects/EchoClient/EchoClient.uvprojx | 1122 + .../EchoClient/RTE/wolfSSL/settings.h | 627 + .../Projects/EchoClient/config-EchoClient.h | 34 + .../MDK5-ARM/Projects/EchoClient/echoclient.c | 282 + .../IDE/MDK5-ARM/Projects/EchoClient/main.c | 100 + .../MDK5-ARM/Projects/EchoClient/time-dummy.c | 34 + .../MDK5-ARM/Projects/EchoServer/Abstract.txt | 24 + .../Projects/EchoServer/EchoServer.uvoptx | 1465 + .../Projects/EchoServer/EchoServer.uvprojx | 1122 + .../EchoServer/RTE/wolfSSL/settings.h | 627 + .../MDK5-ARM/Projects/EchoServer/echoserver.c | 368 + .../IDE/MDK5-ARM/Projects/EchoServer/main.c | 98 + .../MDK5-ARM/Projects/EchoServer/time-dummy.c | 34 + .../Projects/SimpleClient/Abstract.txt | 23 + .../SimpleClient/RTE/wolfSSL/settings.h | 667 + .../Projects/SimpleClient/SimpleClient.uvoptx | 1497 + .../MDK5-ARM/Projects/SimpleClient/client.c | 854 + .../SimpleClient/config-SimpleClient.h | 70 + .../IDE/MDK5-ARM/Projects/SimpleClient/main.c | 113 + .../SimpleClient/simpleClient.uvprojx | 1132 + .../Projects/SimpleClient/time-CortexM3-4.c | 41 + .../Projects/SimpleClient/time-STM32F2xx.c | 82 + .../Projects/SimpleClient/time-dummy.c | 34 + .../Projects/SimpleServer/Abstract.txt | 24 + .../SimpleServer/RTE/wolfSSL/settings.h | 627 + .../Projects/SimpleServer/SimpleServer.uvoptx | 1481 + .../SimpleServer/SimpleServer.uvprojx | 1127 + .../SimpleServer/config-SimpleServer.h | 31 + .../IDE/MDK5-ARM/Projects/SimpleServer/main.c | 105 + .../MDK5-ARM/Projects/SimpleServer/server.c | 604 + .../Projects/SimpleServer/time-dummy.c | 34 + .../CyaSSL/IDE/MDK5-ARM/Src/cert_data.c | 28 + .../CyaSSL/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c | 247 + .../CyaSSL/IDE/MDK5-ARM/Src/ssl-dummy.c | 52 + .../Source/CyaSSL/LICENSE_INFORMATION.txt | 7 - FreeRTOS-Plus/Source/CyaSSL/Makefile.am | 98 +- FreeRTOS-Plus/Source/CyaSSL/Makefile.in | 2970 +- FreeRTOS-Plus/Source/CyaSSL/README | 343 +- FreeRTOS-Plus/Source/CyaSSL/aclocal.m4 | 919 +- FreeRTOS-Plus/Source/CyaSSL/build-aux/compile | 347 + .../CyaSSL/{config => build-aux}/config.guess | 626 +- .../CyaSSL/{config => build-aux}/config.sub | 387 +- FreeRTOS-Plus/Source/CyaSSL/build-aux/depcomp | 791 + .../CyaSSL/{config => build-aux}/install-sh | 258 +- .../CyaSSL/{config => build-aux}/ltmain.sh | 2495 +- FreeRTOS-Plus/Source/CyaSSL/build-aux/missing | 215 + .../Source/CyaSSL/build-aux/test-driver | 139 + .../Source/CyaSSL/certs/1024/client-cert.der | Bin 0 -> 752 bytes .../Source/CyaSSL/certs/1024/client-cert.pem | 59 + .../Source/CyaSSL/certs/1024/client-key.der | Bin 0 -> 608 bytes .../Source/CyaSSL/certs/1024/client-key.pem | 15 + .../Source/CyaSSL/certs/1024/dh1024.der | Bin 0 -> 138 bytes .../Source/CyaSSL/certs/1024/dh1024.pem | 17 + .../Source/CyaSSL/certs/1024/dsa1024.der | Bin 0 -> 448 bytes .../Source/CyaSSL/certs/1024/dsa1024.pem | 12 + .../Source/CyaSSL/certs/1024/include.am | 17 + .../Source/CyaSSL/certs/1024/rsa1024.der | Bin 0 -> 609 bytes FreeRTOS-Plus/Source/CyaSSL/certs/ca-cert.der | Bin 0 -> 1198 bytes FreeRTOS-Plus/Source/CyaSSL/certs/ca-cert.pem | 104 +- .../Source/CyaSSL/certs/client-cert.der | Bin 1180 -> 1198 bytes .../Source/CyaSSL/certs/client-cert.pem | 100 +- .../Source/CyaSSL/certs/crl/cliCrl.pem | 62 +- FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.pem | 62 +- .../Source/CyaSSL/certs/crl/crl.revoked | 50 +- .../Source/CyaSSL/certs/crl/eccCliCRL.pem | 30 +- .../Source/CyaSSL/certs/crl/eccSrvCRL.pem | 30 +- FreeRTOS-Plus/Source/CyaSSL/certs/include.am | 8 +- .../Source/CyaSSL/certs/ntru-cert.pem | 52 +- .../Source/CyaSSL/certs/ntru-key.raw | Bin 607 -> 607 bytes .../Source/CyaSSL/certs/server-cert.der | Bin 0 -> 1186 bytes .../Source/CyaSSL/certs/server-cert.pem | 203 +- .../Source/CyaSSL/certs/server-ecc-rsa.pem | 93 +- .../Source/CyaSSL/certs/server-ecc.pem | 30 +- .../Source/CyaSSL/certs/server-key.der | Bin 0 -> 1193 bytes FreeRTOS-Plus/Source/CyaSSL/certs/taoCert.txt | 26 +- FreeRTOS-Plus/Source/CyaSSL/config.in | 66 +- FreeRTOS-Plus/Source/CyaSSL/config/compile | 142 - FreeRTOS-Plus/Source/CyaSSL/config/depcomp | 584 - FreeRTOS-Plus/Source/CyaSSL/config/missing | 367 - FreeRTOS-Plus/Source/CyaSSL/configure | 30661 ++++++++-------- FreeRTOS-Plus/Source/CyaSSL/configure.ac | 1741 +- .../CyaSSL/ctaocrypt/benchmark/benchmark.c | 1054 +- .../CyaSSL/ctaocrypt/benchmark/include.am | 1 + .../Source/CyaSSL/ctaocrypt/src/aes.c | 1630 +- .../Source/CyaSSL/ctaocrypt/src/aes_asm.asm | 972 + .../Source/CyaSSL/ctaocrypt/src/aes_asm.s | 376 +- .../Source/CyaSSL/ctaocrypt/src/arc4.c | 109 +- .../Source/CyaSSL/ctaocrypt/src/asm.c | 423 +- .../Source/CyaSSL/ctaocrypt/src/asn.c | 5082 ++- .../Source/CyaSSL/ctaocrypt/src/blake2b.c | 433 + .../Source/CyaSSL/ctaocrypt/src/camellia.c | 1621 + .../Source/CyaSSL/ctaocrypt/src/coding.c | 206 +- .../Source/CyaSSL/ctaocrypt/src/compress.c | 169 + .../Source/CyaSSL/ctaocrypt/src/des3.c | 1143 +- .../Source/CyaSSL/ctaocrypt/src/dh.c | 25 +- .../Source/CyaSSL/ctaocrypt/src/dsa.c | 23 +- .../Source/CyaSSL/ctaocrypt/src/ecc.c | 4157 ++- .../Source/CyaSSL/ctaocrypt/src/error.c | 295 + .../Source/CyaSSL/ctaocrypt/src/fips.c | 0 .../Source/CyaSSL/ctaocrypt/src/fips_test.c | 0 .../CyaSSL/ctaocrypt/src/fp_mont_small.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_12.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_17.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_20.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_24.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_28.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_3.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_32.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_4.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_48.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_6.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_64.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_7.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_8.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_mul_comba_9.i | 4 +- .../ctaocrypt/src/fp_mul_comba_small_set.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_12.i | 8 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_17.i | 7 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_20.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_24.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_28.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_3.i | 9 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_32.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_4.i | 9 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_48.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_6.i | 7 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_64.i | 4 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_7.i | 7 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_8.i | 7 +- .../CyaSSL/ctaocrypt/src/fp_sqr_comba_9.i | 7 +- .../ctaocrypt/src/fp_sqr_comba_small_set.i | 4 +- .../Source/CyaSSL/ctaocrypt/src/hc128.c | 80 +- .../Source/CyaSSL/ctaocrypt/src/hmac.c | 847 +- .../Source/CyaSSL/ctaocrypt/src/include.am | 3 +- .../Source/CyaSSL/ctaocrypt/src/integer.c | 132 +- .../Source/CyaSSL/ctaocrypt/src/logging.c | 19 +- .../Source/CyaSSL/ctaocrypt/src/md2.c | 34 +- .../Source/CyaSSL/ctaocrypt/src/md4.c | 11 +- .../Source/CyaSSL/ctaocrypt/src/md5.c | 189 +- .../Source/CyaSSL/ctaocrypt/src/memory.c | 96 +- .../Source/CyaSSL/ctaocrypt/src/misc.c | 36 +- .../Source/CyaSSL/ctaocrypt/src/pkcs7.c | 1849 + .../Source/CyaSSL/ctaocrypt/src/pwdbased.c | 255 +- .../Source/CyaSSL/ctaocrypt/src/rabbit.c | 86 +- .../Source/CyaSSL/ctaocrypt/src/random.c | 739 +- .../Source/CyaSSL/ctaocrypt/src/ripemd.c | 13 +- .../Source/CyaSSL/ctaocrypt/src/rsa.c | 309 +- .../Source/CyaSSL/ctaocrypt/src/sha.c | 270 +- .../Source/CyaSSL/ctaocrypt/src/sha256.c | 169 +- .../Source/CyaSSL/ctaocrypt/src/sha512.c | 204 +- .../Source/CyaSSL/ctaocrypt/src/tfm.c | 144 +- .../Source/CyaSSL/ctaocrypt/src/wc_port.c | 436 + .../CyaSSL/ctaocrypt/src/wolfcrypt_first.c | 47 + .../CyaSSL/ctaocrypt/src/wolfcrypt_last.c | 47 + .../Source/CyaSSL/ctaocrypt/test/include.am | 2 + .../Source/CyaSSL/ctaocrypt/test/test.c | 3575 +- .../Source/CyaSSL/ctaocrypt/test/test.h | 33 + .../cyassl-ios.xcodeproj/project.pbxproj | 383 + .../Source/CyaSSL/cyassl-ntru.vcproj | 28 + FreeRTOS-Plus/Source/CyaSSL/cyassl.vcproj | 29 + FreeRTOS-Plus/Source/CyaSSL/cyassl.vcxproj | 182 + .../Source/CyaSSL/cyassl/callbacks.h | 8 +- .../Source/CyaSSL/cyassl/certs_test.h | 1178 + FreeRTOS-Plus/Source/CyaSSL/cyassl/crl.h | 10 +- .../Source/CyaSSL/cyassl/ctaocrypt/aes.h | 89 +- .../Source/CyaSSL/cyassl/ctaocrypt/arc4.h | 15 +- .../Source/CyaSSL/cyassl/ctaocrypt/asn.h | 282 +- .../CyaSSL/cyassl/ctaocrypt/asn_public.h | 52 +- .../CyaSSL/cyassl/ctaocrypt/blake2-impl.h | 154 + .../CyaSSL/cyassl/ctaocrypt/blake2-int.h | 183 + .../Source/CyaSSL/cyassl/ctaocrypt/blake2.h | 60 + .../Source/CyaSSL/cyassl/ctaocrypt/camellia.h | 96 + .../Source/CyaSSL/cyassl/ctaocrypt/coding.h | 13 +- .../Source/CyaSSL/cyassl/ctaocrypt/compress.h | 52 + .../Source/CyaSSL/cyassl/ctaocrypt/des3.h | 72 +- .../Source/CyaSSL/cyassl/ctaocrypt/dh.h | 4 +- .../Source/CyaSSL/cyassl/ctaocrypt/dsa.h | 4 +- .../Source/CyaSSL/cyassl/ctaocrypt/ecc.h | 73 +- .../ctaocrypt/{error.h => error-crypt.h} | 45 +- .../CyaSSL/cyassl/ctaocrypt/fips_test.h | 43 + .../Source/CyaSSL/cyassl/ctaocrypt/hc128.h | 8 +- .../Source/CyaSSL/cyassl/ctaocrypt/hmac.h | 142 +- .../Source/CyaSSL/cyassl/ctaocrypt/include.am | 10 +- .../Source/CyaSSL/cyassl/ctaocrypt/integer.h | 32 +- .../Source/CyaSSL/cyassl/ctaocrypt/logging.h | 6 +- .../Source/CyaSSL/cyassl/ctaocrypt/md2.h | 5 +- .../Source/CyaSSL/cyassl/ctaocrypt/md4.h | 4 +- .../Source/CyaSSL/cyassl/ctaocrypt/md5.h | 22 +- .../Source/CyaSSL/cyassl/ctaocrypt/memory.h | 4 +- .../Source/CyaSSL/cyassl/ctaocrypt/misc.h | 8 +- .../CyaSSL/cyassl/ctaocrypt/mpi_class.h | 4 +- .../CyaSSL/cyassl/ctaocrypt/mpi_superclass.h | 4 +- .../Source/CyaSSL/cyassl/ctaocrypt/pkcs7.h | 123 + .../Source/CyaSSL/cyassl/ctaocrypt/pwdbased.h | 4 +- .../Source/CyaSSL/cyassl/ctaocrypt/rabbit.h | 8 +- .../Source/CyaSSL/cyassl/ctaocrypt/random.h | 94 +- .../Source/CyaSSL/cyassl/ctaocrypt/ripemd.h | 4 +- .../Source/CyaSSL/cyassl/ctaocrypt/rsa.h | 69 +- .../Source/CyaSSL/cyassl/ctaocrypt/settings.h | 393 +- .../Source/CyaSSL/cyassl/ctaocrypt/sha.h | 42 +- .../Source/CyaSSL/cyassl/ctaocrypt/sha256.h | 33 +- .../Source/CyaSSL/cyassl/ctaocrypt/sha512.h | 47 +- .../Source/CyaSSL/cyassl/ctaocrypt/tfm.h | 113 +- .../Source/CyaSSL/cyassl/ctaocrypt/types.h | 157 +- .../CyaSSL/cyassl/ctaocrypt/visibility.h | 4 +- .../Source/CyaSSL/cyassl/ctaocrypt/wc_port.h | 195 + .../Source/CyaSSL/cyassl/error-ssl.h | 150 + FreeRTOS-Plus/Source/CyaSSL/cyassl/error.h | 133 - FreeRTOS-Plus/Source/CyaSSL/cyassl/include.am | 9 +- FreeRTOS-Plus/Source/CyaSSL/cyassl/internal.h | 1223 +- FreeRTOS-Plus/Source/CyaSSL/cyassl/ocsp.h | 16 +- .../Source/CyaSSL/cyassl/openssl/des.h | 4 +- .../Source/CyaSSL/cyassl/openssl/evp.h | 8 +- .../Source/CyaSSL/cyassl/openssl/hmac.h | 4 +- .../Source/CyaSSL/cyassl/openssl/sha.h | 2 +- .../Source/CyaSSL/cyassl/openssl/ssl.h | 8 +- FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h | 34 + .../Source/CyaSSL/cyassl/options.h.in | 34 + FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer.h | 4 +- .../Source/CyaSSL/cyassl/sniffer_error.h | 7 +- .../Source/CyaSSL/cyassl/sniffer_error.rc | 3 + FreeRTOS-Plus/Source/CyaSSL/cyassl/ssl.h | 605 +- FreeRTOS-Plus/Source/CyaSSL/cyassl/test.h | 1175 +- FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h | 8 +- .../Source/CyaSSL/cyassl/version.h.in | 4 +- FreeRTOS-Plus/Source/CyaSSL/cyassl64.sln | 86 + FreeRTOS-Plus/Source/CyaSSL/doc/include.am | 2 +- .../Source/CyaSSL/examples/client/client.c | 653 +- .../Source/CyaSSL/examples/client/client.h | 25 + .../CyaSSL/examples/client/client.vcxproj | 175 + .../Source/CyaSSL/examples/client/include.am | 7 +- .../CyaSSL/examples/echoclient/echoclient.c | 143 +- .../CyaSSL/examples/echoclient/echoclient.h | 23 + .../examples/echoclient/echoclient.vcxproj | 175 + .../CyaSSL/examples/echoclient/include.am | 8 +- .../CyaSSL/examples/echoserver/echoserver.c | 131 +- .../CyaSSL/examples/echoserver/echoserver.h | 24 + .../examples/echoserver/echoserver.vcxproj | 175 + .../CyaSSL/examples/echoserver/include.am | 7 +- .../Source/CyaSSL/examples/server/include.am | 8 +- .../Source/CyaSSL/examples/server/server.c | 400 +- .../Source/CyaSSL/examples/server/server.h | 24 + .../CyaSSL/examples/server/server.vcxproj | 175 + FreeRTOS-Plus/Source/CyaSSL/gencertbuf.pl | 124 + .../Source/CyaSSL/m4/ax_add_am_macro.m4 | 29 + .../Source/CyaSSL/m4/ax_am_jobserver.m4 | 55 + .../Source/CyaSSL/m4/ax_am_macros.m4 | 44 + .../CyaSSL/m4/ax_append_compile_flags.m4 | 65 + .../Source/CyaSSL/m4/ax_append_flag.m4 | 69 + .../Source/CyaSSL/m4/ax_append_to_file.m4 | 27 + .../Source/CyaSSL/m4/ax_check_compile_flag.m4 | 72 + .../Source/CyaSSL/m4/ax_check_link_flag.m4 | 71 + .../Source/CyaSSL/m4/ax_count_cpus.m4 | 57 + .../CyaSSL/m4/ax_create_generic_config.m4 | 195 + FreeRTOS-Plus/Source/CyaSSL/m4/ax_debug.m4 | 63 + .../Source/CyaSSL/m4/ax_file_escapes.m4 | 30 + .../CyaSSL/m4/ax_harden_compiler_flags.m4 | 238 + .../Source/CyaSSL/m4/ax_print_to_file.m4 | 27 + FreeRTOS-Plus/Source/CyaSSL/m4/ax_pthread.m4 | 48 +- FreeRTOS-Plus/Source/CyaSSL/m4/ax_tls.m4 | 92 + .../Source/CyaSSL/m4/ax_vcs_checkout.m4 | 75 + FreeRTOS-Plus/Source/CyaSSL/m4/libtool.m4 | 1329 +- FreeRTOS-Plus/Source/CyaSSL/m4/ltoptions.m4 | 19 +- FreeRTOS-Plus/Source/CyaSSL/m4/ltversion.m4 | 12 +- FreeRTOS-Plus/Source/CyaSSL/m4/visibility.m4 | 23 +- .../Source/CyaSSL/m4/wolfssl_darwin_clang.m4 | 37 + .../Source/CyaSSL/mcapi/PIC32MZ-serial.h | 28 + FreeRTOS-Plus/Source/CyaSSL/mcapi/README | 79 + FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.c | 703 + FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.h | 268 + .../CyaSSL/mcapi/ctaocrypt_mcapi.X/Makefile | 108 + .../nbproject/configurations.xml | 175 + .../ctaocrypt_mcapi.X/nbproject/include.am | 11 + .../ctaocrypt_mcapi.X/nbproject/project.xml | 18 + .../CyaSSL/mcapi/ctaocrypt_test.X/Makefile | 108 + .../nbproject/configurations.xml | 192 + .../ctaocrypt_test.X/nbproject/include.am | 11 + .../ctaocrypt_test.X/nbproject/project.xml | 18 + .../Source/CyaSSL/mcapi/cyassl.X/Makefile | 108 + .../cyassl.X/nbproject/configurations.xml | 192 + .../mcapi/cyassl.X/nbproject/include.am | 11 + .../mcapi/cyassl.X/nbproject/project.xml | 15 + FreeRTOS-Plus/Source/CyaSSL/mcapi/include.am | 19 + .../Source/CyaSSL/mcapi/mcapi_test.c | 1482 + .../Source/CyaSSL/mcapi/zlib.X/Makefile | 108 + .../mcapi/zlib.X/nbproject/configurations.xml | 157 + .../CyaSSL/mcapi/zlib.X/nbproject/include.am | 11 + .../CyaSSL/mcapi/zlib.X/nbproject/project.xml | 15 + .../Source/CyaSSL/mplabx/PIC32MZ-serial.h | 28 + FreeRTOS-Plus/Source/CyaSSL/mplabx/README | 57 + .../Source/CyaSSL/mplabx/benchmark_main.c | 141 + .../mplabx/ctaocrypt_benchmark.X/Makefile | 108 + .../nbproject/configurations.xml | 193 + .../nbproject/include.am | 11 + .../nbproject/project.xml | 19 + .../CyaSSL/mplabx/ctaocrypt_test.X/Makefile | 108 + .../nbproject/configurations.xml | 194 + .../ctaocrypt_test.X/nbproject/include.am | 11 + .../ctaocrypt_test.X/nbproject/project.xml | 19 + .../Source/CyaSSL/mplabx/cyassl.X/Makefile | 108 + .../cyassl.X/nbproject/configurations.xml | 208 + .../mplabx/cyassl.X/nbproject/include.am | 11 + .../mplabx/cyassl.X/nbproject/project.xml | 17 + FreeRTOS-Plus/Source/CyaSSL/mplabx/include.am | 10 + .../Source/CyaSSL/mplabx/test_main.c | 77 + FreeRTOS-Plus/Source/CyaSSL/mqx/README | 37 + .../CyaSSL/mqx/ctaocrypt_test/.cproject | 2542 ++ .../Source/CyaSSL/mqx/ctaocrypt_test/.project | 98 + .../ctaocrypt_test/ReferencedRSESystems.xml | 144 + .../mqx/ctaocrypt_test/Sources/include.am | 15 + .../CyaSSL/mqx/ctaocrypt_test/Sources/main.c | 103 + .../CyaSSL/mqx/ctaocrypt_test/Sources/main.h | 21 + ...lash_SramData_Debug_PnE_U-MultiLink.launch | 162 + ...sh_SramData_Release_PnE_U-MultiLink.launch | 158 + .../Source/CyaSSL/mqx/cyassl/.cproject | 2579 ++ .../Source/CyaSSL/mqx/cyassl/.project | 103 + .../Source/CyaSSL/mqx/cyassl/include.am | 11 + .../Source/CyaSSL/mqx/cyassl_client/.cproject | 2585 ++ .../Source/CyaSSL/mqx/cyassl_client/.project | 80 + .../cyassl_client/ReferencedRSESystems.xml | 144 + .../mqx/cyassl_client/Sources/include.am | 15 + .../CyaSSL/mqx/cyassl_client/Sources/main.c | 239 + .../CyaSSL/mqx/cyassl_client/Sources/main.h | 61 + ...lash_SramData_Debug_PnE_U-MultiLink.launch | 162 + ...sh_SramData_Release_PnE_U-MultiLink.launch | 164 + .../Source/CyaSSL/mqx/util_lib/.cproject | 2538 ++ .../Source/CyaSSL/mqx/util_lib/.project | 76 + .../CyaSSL/mqx/util_lib/Sources/include.am | 12 + .../Source/CyaSSL/mqx/util_lib/Sources/util.c | 178 + .../Source/CyaSSL/mqx/util_lib/Sources/util.h | 14 + FreeRTOS-Plus/Source/CyaSSL/rpm/include.am | 37 + FreeRTOS-Plus/Source/CyaSSL/rpm/spec.in | 166 + FreeRTOS-Plus/Source/CyaSSL/src/crl.c | 211 +- FreeRTOS-Plus/Source/CyaSSL/src/include.am | 130 +- FreeRTOS-Plus/Source/CyaSSL/src/internal.c | 10003 +++-- FreeRTOS-Plus/Source/CyaSSL/src/io.c | 927 +- FreeRTOS-Plus/Source/CyaSSL/src/keys.c | 1437 +- FreeRTOS-Plus/Source/CyaSSL/src/ocsp.c | 581 +- FreeRTOS-Plus/Source/CyaSSL/src/sniffer.c | 448 +- FreeRTOS-Plus/Source/CyaSSL/src/ssl.c | 11321 ++++-- FreeRTOS-Plus/Source/CyaSSL/src/tls.c | 1868 +- .../CyaSSL/sslSniffer/sslSniffer.vcproj | 4 +- .../CyaSSL/sslSniffer/sslSniffer.vcxproj | 181 + .../sslSniffer/sslSnifferTest/include.am | 4 +- .../sslSniffer/sslSnifferTest/snifftest.c | 61 +- .../sslSnifferTest/sslSniffTest.vcproj | 4 +- FreeRTOS-Plus/Source/CyaSSL/support/cyassl.pc | 10 + .../support/{libcyassl.pc.in => cyassl.pc.in} | 0 .../Source/CyaSSL/support/include.am | 10 + FreeRTOS-Plus/Source/CyaSSL/swig/cyassl.i | 4 +- .../Source/CyaSSL/swig/cyassl_adds.c | 8 +- FreeRTOS-Plus/Source/CyaSSL/tests/api.c | 689 +- FreeRTOS-Plus/Source/CyaSSL/tests/hash.c | 344 +- FreeRTOS-Plus/Source/CyaSSL/tests/include.am | 33 +- FreeRTOS-Plus/Source/CyaSSL/tests/suites.c | 320 +- .../Source/CyaSSL/tests/test-aesgcm-ecc.conf | 80 - .../CyaSSL/tests/test-aesgcm-openssl.conf | 16 - .../Source/CyaSSL/tests/test-aesgcm.conf | 16 - .../Source/CyaSSL/tests/test-dtls.conf | 770 +- .../Source/CyaSSL/tests/test-ecc.conf | 480 - .../Source/CyaSSL/tests/test-hc128.conf | 48 - .../Source/CyaSSL/tests/test-ntru.conf | 132 - .../Source/CyaSSL/tests/test-openssl.conf | 96 - .../Source/CyaSSL/tests/test-psk.conf | 60 - FreeRTOS-Plus/Source/CyaSSL/tests/test.conf | 1748 +- FreeRTOS-Plus/Source/CyaSSL/tests/unit.c | 61 +- FreeRTOS-Plus/Source/CyaSSL/tests/unit.h | 53 +- .../Source/CyaSSL/testsuite/include.am | 16 +- .../Source/CyaSSL/testsuite/testsuite.c | 258 +- .../Source/CyaSSL/testsuite/testsuite.vcxproj | 180 + FreeRTOS-Plus/Source/CyaSSL/valgrind-error.sh | 22 + .../media-drv/ram/ramdrv_f.c | 132 +- 445 files changed, 168875 insertions(+), 32682 deletions(-) create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.ewp create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.eww create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/benchmark-main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/test-main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewd create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewp create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.icf create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewd create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewp create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.icf create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/README create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-BARE-METAL.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Conf/config-Crypt.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Conf/config-CyaSSL.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Docs/CyaSSLManual-TableofContents.htm create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Docs/CyaSSLManual-wolfCryptUsageReference.htm create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/cert_data.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/config.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/settings.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/time-CortexM3-4.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/time-dummy.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/settings.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/cert_data.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/test.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/Abstract.txt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvoptx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvprojx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/settings.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/cert_data.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoclient.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoserver.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/Abstract.txt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/settings.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/config-EchoClient.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/echoclient.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/time-dummy.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/Abstract.txt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/settings.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/echoserver.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/time-dummy.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/Abstract.txt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/settings.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/client.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/simpleClient.uvprojx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-CortexM3-4.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-STM32F2xx.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-dummy.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/Abstract.txt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/settings.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/config-SimpleServer.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/server.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/time-dummy.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/cert_data.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/ssl-dummy.c delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/LICENSE_INFORMATION.txt create mode 100644 FreeRTOS-Plus/Source/CyaSSL/build-aux/compile rename FreeRTOS-Plus/Source/CyaSSL/{config => build-aux}/config.guess (76%) rename FreeRTOS-Plus/Source/CyaSSL/{config => build-aux}/config.sub (81%) create mode 100644 FreeRTOS-Plus/Source/CyaSSL/build-aux/depcomp rename FreeRTOS-Plus/Source/CyaSSL/{config => build-aux}/install-sh (69%) rename FreeRTOS-Plus/Source/CyaSSL/{config => build-aux}/ltmain.sh (79%) create mode 100644 FreeRTOS-Plus/Source/CyaSSL/build-aux/missing create mode 100644 FreeRTOS-Plus/Source/CyaSSL/build-aux/test-driver create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-cert.der create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-cert.pem create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-key.der create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-key.pem create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/dh1024.der create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/dh1024.pem create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/dsa1024.der create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/dsa1024.pem create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/1024/rsa1024.der create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/ca-cert.der create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/server-cert.der create mode 100644 FreeRTOS-Plus/Source/CyaSSL/certs/server-key.der delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/config/compile delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/config/depcomp delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/config/missing create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.asm create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/blake2b.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/camellia.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/compress.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/error.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fips.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fips_test.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pkcs7.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wc_port.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wolfcrypt_first.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wolfcrypt_last.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl-ios.xcodeproj/project.pbxproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl.vcxproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/certs_test.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-impl.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-int.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/camellia.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/compress.h rename FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/{error.h => error-crypt.h} (72%) create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/fips_test.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pkcs7.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/wc_port.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/error-ssl.h delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/error.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h.in create mode 100644 FreeRTOS-Plus/Source/CyaSSL/cyassl64.sln create mode 100644 FreeRTOS-Plus/Source/CyaSSL/examples/client/client.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/examples/client/client.vcxproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.vcxproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.vcxproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/examples/server/server.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/examples/server/server.vcxproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/gencertbuf.pl create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_add_am_macro.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_am_jobserver.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_am_macros.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_compile_flags.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_flag.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_to_file.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_check_compile_flag.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_check_link_flag.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_count_cpus.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_create_generic_config.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_debug.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_file_escapes.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_harden_compiler_flags.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_print_to_file.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_tls.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/ax_vcs_checkout.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/m4/wolfssl_darwin_clang.m4 create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/PIC32MZ-serial.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/README create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/Makefile create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/project.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/Makefile create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/configurations.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/project.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/Makefile create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/configurations.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/project.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/mcapi_test.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/Makefile create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/configurations.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/project.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/PIC32MZ-serial.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/README create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/benchmark_main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/Makefile create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/project.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/Makefile create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/configurations.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/project.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/Makefile create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/configurations.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/project.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mplabx/test_main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/README create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/.cproject create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/.project create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ReferencedRSESystems.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/main.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/.cproject create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/.project create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/.cproject create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/.project create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/ReferencedRSESystems.xml create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/main.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/main.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/.cproject create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/.project create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/util.c create mode 100644 FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/util.h create mode 100644 FreeRTOS-Plus/Source/CyaSSL/rpm/include.am create mode 100644 FreeRTOS-Plus/Source/CyaSSL/rpm/spec.in create mode 100644 FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSniffer.vcxproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/support/cyassl.pc rename FreeRTOS-Plus/Source/CyaSSL/support/{libcyassl.pc.in => cyassl.pc.in} (100%) create mode 100644 FreeRTOS-Plus/Source/CyaSSL/support/include.am delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-ecc.conf delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-openssl.conf delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm.conf delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/tests/test-ecc.conf delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/tests/test-hc128.conf delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/tests/test-ntru.conf delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/tests/test-openssl.conf delete mode 100644 FreeRTOS-Plus/Source/CyaSSL/tests/test-psk.conf create mode 100644 FreeRTOS-Plus/Source/CyaSSL/testsuite/testsuite.vcxproj create mode 100644 FreeRTOS-Plus/Source/CyaSSL/valgrind-error.sh diff --git a/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/WIN32.vcxproj b/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/WIN32.vcxproj index 0290eb1a8..373e390c3 100644 --- a/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/WIN32.vcxproj +++ b/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/WIN32.vcxproj @@ -135,6 +135,7 @@ + @@ -149,6 +150,7 @@ + diff --git a/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/WIN32.vcxproj.filters b/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/WIN32.vcxproj.filters index 82abb1f50..c1376b889 100644 --- a/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/WIN32.vcxproj.filters +++ b/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/WIN32.vcxproj.filters @@ -135,6 +135,12 @@ Demo App Source + + FreeRTOS+\CyaSSL\ctaocrypt + + + FreeRTOS+\CyaSSL\ctaocrypt + diff --git a/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/ca-cert.pem b/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/ca-cert.pem index 4a9786a50..7e64eb479 100644 --- a/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/ca-cert.pem +++ b/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/ca-cert.pem @@ -1,18 +1,45 @@ +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIJAJpBR82hFGKMMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G +A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe +Fw0xNDA3MTEwMzIwMDhaFw0xNzA0MDYwMzIwMDhaMIGUMQswCQYDVQQGEwJVUzEQ +MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 +dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D +mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx +i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J +XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc +/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI +/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB ++TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU +J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD +VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 +aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYD +VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAeXgMbXmIkfw6FZz5J2IW8CEf ++n0/oqgyHvfyEal0FnRe3BjK8AAq1QMGJjDxR4P9Mm787apPfQxjYDEvfAy/mWaH +7ScIhi3EM+iYIxz+o9uaSU78WkLvccM/rdxKqNKjHQmsMwR7hvNtAFmjyNvRPHP2 +DpDWXkngvzZjCHulsI81O1aMETVJBBzQ57pWxQ0KkY3Wt2IZNBJSTNJtfMU9DxiB +VMv2POWE0tZxFewaNAvwoCF0Q8ijsN/ZZ9rirZNI+KCHvXkU4GIK3/cxLjF70TIq +Cv5dFO/ZZFDkg5G8cA3XiI3ZvIQOxRqzv2QCTlGRpKKFFYOv8FubKElfsrMD2A== +-----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: - e9:d0:a7:5f:79:25:f4:3c - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com + 9a:41:47:cd:a1:14:62:8c + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Validity - Not Before: Oct 24 18:18:15 2011 GMT - Not After : Jul 20 18:18:15 2014 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com + Not Before: Jul 11 03:20:08 2014 GMT + Not After : Apr 6 03:20:08 2017 GMT + Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): + Public-Key: (2048 bit) + Modulus: 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98: @@ -37,51 +64,24 @@ Certificate: 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com - serial:E9:D0:A7:5F:79:25:F4:3C + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:9A:41:47:CD:A1:14:62:8C X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption - 5f:86:14:f4:51:8b:bc:a5:4e:30:da:5e:ac:9a:f8:6c:d9:26: - 4b:93:f9:e3:1c:89:6f:9e:ee:b3:9d:77:3e:89:20:76:a3:e6: - e8:86:15:21:db:e2:33:b2:34:d5:d0:9f:f3:c1:a4:87:92:5c: - f9:d1:ff:30:2f:8e:03:bc:b3:3c:0c:32:a3:90:5f:1a:90:1e: - af:9d:f3:9e:d7:07:02:a9:7d:27:66:63:2f:af:18:d7:ac:18: - 98:8c:83:8f:38:f3:0b:ac:36:10:75:fb:ca:76:13:50:5b:02: - 8f:73:bf:e3:a0:ee:83:52:25:54:ce:26:ce:9c:bd:2f:79:ab: - 1b:60:b8:92:f1:03:c0:fc:3b:08:d9:c0:ad:d5:72:08:25:80: - 61:2d:dc:9f:a7:83:62:07:47:e0:07:4c:4b:07:30:04:a9:87: - 1c:55:7f:07:12:d0:cb:42:5d:cb:cf:66:01:1a:17:ee:f9:0f: - 60:b7:db:6f:68:e5:4e:41:62:6e:d3:6f:60:4f:4b:27:de:cf: - 18:07:f1:13:5d:cb:3f:a9:25:44:da:52:5c:c8:04:e1:56:12: - f5:2a:90:4e:d1:e2:af:01:b5:23:a1:ec:31:da:7b:63:69:c4: - b8:f3:e7:ce:a1:3d:c0:db:6d:f3:b2:d9:46:c8:9f:c3:b8:70: - 5a:1f:7f:ca ------BEGIN CERTIFICATE----- -MIIEnjCCA4agAwIBAgIJAOnQp195JfQ8MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD -VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G -A1UEChMIU2F3dG9vdGgxEzARBgNVBAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3 -dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMB4XDTEx -MTAyNDE4MTgxNVoXDTE0MDcyMDE4MTgxNVowgZAxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhTYXd0b290 -aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEd -MBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQC/DMotFLIehEJbzTgfSvJNdRDxtjWf38p9A5jTrN4DZu4q -8diwfW4HVAsQmCFNgMsSIOfMT95FfclydzLqypC7aVIQAy+o85XF8YtiVhvvZ2+k -EEGVrQqb46XAsNJwdlAwW6joCCx87aeieo04KRysx+3yfJWwlYJ9SVw4zXcl772A -dVOUPD3KY1ufFbXTHRMvGdE823Y6zLh9yeXC19pAb9gh3HMbQi1TnP4a/H2rejY/ -mN6EfAVnzmoUOIep8Yy1aMtof3EgK/WgY/VWL6Mm0rdvsVoX1ziZCP6TWG/+wxNJ -CBYLp01nAFIxZyNOmO1RRR25BNkL7Ngos0u97TZ5AgMBAAGjgfgwgfUwHQYDVR0O -BBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHFBgNVHSMEgb0wgbqAFCeOZxF0wyYd -P+0zY7Ok2B0w5ejVoYGWpIGTMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHTW9u -dGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8GA1UEChMIU2F3dG9vdGgxEzARBgNV -BAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG -9w0BCQEWDmluZm9AeWFzc2wuY29tggkA6dCnX3kl9DwwDAYDVR0TBAUwAwEB/zAN -BgkqhkiG9w0BAQUFAAOCAQEAX4YU9FGLvKVOMNperJr4bNkmS5P54xyJb57us513 -PokgdqPm6IYVIdviM7I01dCf88Gkh5Jc+dH/MC+OA7yzPAwyo5BfGpAer53zntcH -Aql9J2ZjL68Y16wYmIyDjzjzC6w2EHX7ynYTUFsCj3O/46Dug1IlVM4mzpy9L3mr -G2C4kvEDwPw7CNnArdVyCCWAYS3cn6eDYgdH4AdMSwcwBKmHHFV/BxLQy0Jdy89m -ARoX7vkPYLfbb2jlTkFibtNvYE9LJ97PGAfxE13LP6klRNpSXMgE4VYS9SqQTtHi -rwG1I6HsMdp7Y2nEuPPnzqE9wNtt87LZRsifw7hwWh9/yg== ------END CERTIFICATE----- + 79:78:0c:6d:79:88:91:fc:3a:15:9c:f9:27:62:16:f0:21:1f: + fa:7d:3f:a2:a8:32:1e:f7:f2:11:a9:74:16:74:5e:dc:18:ca: + f0:00:2a:d5:03:06:26:30:f1:47:83:fd:32:6e:fc:ed:aa:4f: + 7d:0c:63:60:31:2f:7c:0c:bf:99:66:87:ed:27:08:86:2d:c4: + 33:e8:98:23:1c:fe:a3:db:9a:49:4e:fc:5a:42:ef:71:c3:3f: + ad:dc:4a:a8:d2:a3:1d:09:ac:33:04:7b:86:f3:6d:00:59:a3: + c8:db:d1:3c:73:f6:0e:90:d6:5e:49:e0:bf:36:63:08:7b:a5: + b0:8f:35:3b:56:8c:11:35:49:04:1c:d0:e7:ba:56:c5:0d:0a: + 91:8d:d6:b7:62:19:34:12:52:4c:d2:6d:7c:c5:3d:0f:18:81: + 54:cb:f6:3c:e5:84:d2:d6:71:15:ec:1a:34:0b:f0:a0:21:74: + 43:c8:a3:b0:df:d9:67:da:e2:ad:93:48:f8:a0:87:bd:79:14: + e0:62:0a:df:f7:31:2e:31:7b:d1:32:2a:0a:fe:5d:14:ef:d9: + 64:50:e4:83:91:bc:70:0d:d7:88:8d:d9:bc:84:0e:c5:1a:b3: + bf:64:02:4e:51:91:a4:a2:85:15:83:af:f0:5b:9b:28:49:5f: + b2:b3:03:d8 diff --git a/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/server-cert.pem b/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/server-cert.pem index 8381265ee..f56cba9de 100644 --- a/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/server-cert.pem +++ b/FreeRTOS-Plus/Demo/FreeRTOS_Plus_CyaSSL_Windows_Simulator/server-cert.pem @@ -1,17 +1,17 @@ Certificate: Data: - Version: 1 (0x0) - Serial Number: 2 (0x2) - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com + Version: 3 (0x2) + Serial Number: 1 (0x1) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Validity - Not Before: Oct 24 18:27:13 2011 GMT - Not After : Jul 20 18:27:13 2014 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=yaSSL, OU=Support, CN=www.yassl.com/emailAddress=info@yassl.com + Not Before: Jul 11 17:20:14 2014 GMT + Not After : Apr 6 17:20:14 2017 GMT + Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Support, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): + Public-Key: (2048 bit) + Modulus: 00:c0:95:08:e1:57:41:f2:71:6d:b7:d2:45:41:27: 01:65:c6:45:ae:f2:bc:24:30:b8:95:ce:2f:4e:d6: f6:1c:88:bc:7c:9f:fb:a8:67:7f:fe:5c:9c:51:75: @@ -31,59 +31,74 @@ Certificate: a7:aa:eb:c4:e1:e6:61:83:c5:d2:96:df:d9:d0:4f: ad:d7 Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + B3:11:32:C9:92:98:84:E2:C9:F8:D0:3B:6E:03:42:CA:1F:0E:8E:3C + X509v3 Authority Key Identifier: + keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:9A:41:47:CD:A1:14:62:8C + + X509v3 Basic Constraints: + CA:TRUE Signature Algorithm: sha1WithRSAEncryption - 71:4e:d3:62:df:cc:4c:f7:cd:b7:6e:52:0b:6c:6e:e0:bd:c2: - 2d:07:d7:c0:b0:6e:43:1e:35:bc:30:01:50:f0:ff:99:23:6c: - 18:1a:41:b6:11:d6:d4:19:61:fd:e4:77:97:1c:39:e1:57:ab: - c5:15:63:77:11:36:5e:74:e2:24:0b:1f:41:78:ad:b7:81:e7: - b4:40:66:80:f0:4b:91:a0:6d:a8:6e:3d:53:d9:8b:ce:2a:e1: - 0b:45:65:87:a1:96:ae:ee:3e:88:d5:12:1f:78:17:ae:2c:c5: - 73:44:d8:dc:f4:af:d8:cc:ae:4c:e1:0c:be:55:a4:99:f7:6e: - 96:c0:c8:45:87:bf:dc:51:57:ff:9e:73:37:6a:18:9c:c3:f9: - 22:7a:f4:b0:52:bd:fc:21:30:f8:c5:ff:1e:87:7d:ad:a2:5a: - 35:f5:22:a8:b4:0a:76:38:e6:76:b0:98:af:1b:ec:8a:0a:43: - 74:d2:85:34:37:84:07:e1:f6:23:b2:29:de:a6:b6:b7:4c:57: - 7e:96:06:cb:a9:16:25:29:3a:03:2d:55:7d:a6:8c:a4:f7:9e: - 81:c9:95:b6:7c:c1:4a:ce:94:66:0c:ca:88:eb:d2:09:f5:5b: - 19:58:82:df:27:fd:67:95:78:b7:02:06:d5:a7:61:bd:ef:3a: - fc:b2:61:cd + 3d:8c:70:05:5b:62:4b:bf:6c:b6:48:61:01:10:1d:5e:05:ba: + 55:94:2c:ae:59:6f:97:80:5d:6c:86:ec:9a:eb:15:45:44:e4: + 56:f8:75:ca:8a:45:32:f4:c7:e1:fa:f2:98:1c:91:d3:3f:e8: + 0e:c9:1b:fa:e1:79:99:67:0e:0d:6b:8a:ec:1a:2c:59:c4:34: + 04:8d:39:77:cd:b5:e9:60:5b:82:bf:34:ce:ed:c6:4f:3f:b4: + 5c:4d:8a:b4:f4:0a:04:12:a0:56:c1:e1:33:37:a1:54:87:48: + e9:81:c2:0f:8f:6f:d3:52:4c:4c:32:4c:6b:9f:3a:04:8f:77: + 5d:ad:dc:3d:2b:f2:c9:df:3c:60:5d:d8:fc:86:72:7c:3d:d0: + 84:4b:8c:df:26:43:fe:c0:cc:5b:e1:36:b3:3d:32:28:a3:ef: + 0c:20:d6:b1:50:39:d6:67:a9:8b:84:bc:92:34:eb:19:23:e8: + 10:8f:ea:bd:18:8c:93:27:3c:74:75:8e:58:04:fa:2a:74:44: + 7d:fc:4d:39:df:54:17:ba:78:e1:5d:6a:70:d3:7c:a2:80:81: + e6:19:51:91:c3:44:51:ec:bb:88:a9:53:e1:d7:a9:8c:28:f4: + 21:1c:42:51:09:b4:12:6d:a0:d6:25:09:85:c6:2a:0c:af:a7: + 58:e6:52:8b -----BEGIN CERTIFICATE----- -MIIDkDCCAngCAQIwDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhTYXd0b290 -aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEd -MBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wHhcNMTExMDI0MTgyNzEzWhcN -MTQwNzIwMTgyNzEzWjCBijELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB01vbnRhbmEx -EDAOBgNVBAcTB0JvemVtYW4xDjAMBgNVBAoTBXlhU1NMMRAwDgYDVQQLEwdTdXBw -b3J0MRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZv -QHlhc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMCVCOFX -QfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W9hyIvHyf+6hnf/5cnFF194rKB+c1L4/h -vXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/XGQ0lT+FjY1GLC2Q/rUO4 -pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bMQLRpo0YzaYduxLsXpvPo -3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq0KGWSrzh1Bpbx6DAwWN4 -D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ6dgIvDMgs1gip6rrxOHm -YYPF0pbf2dBPrdcCAwEAATANBgkqhkiG9w0BAQUFAAOCAQEAcU7TYt/MTPfNt25S -C2xu4L3CLQfXwLBuQx41vDABUPD/mSNsGBpBthHW1Blh/eR3lxw54VerxRVjdxE2 -XnTiJAsfQXitt4HntEBmgPBLkaBtqG49U9mLzirhC0Vlh6GWru4+iNUSH3gXrizF -c0TY3PSv2MyuTOEMvlWkmfdulsDIRYe/3FFX/55zN2oYnMP5Inr0sFK9/CEw+MX/ -Hod9raJaNfUiqLQKdjjmdrCYrxvsigpDdNKFNDeEB+H2I7Ip3qa2t0xXfpYGy6kW -JSk6Ay1VfaaMpPeegcmVtnzBSs6UZgzKiOvSCfVbGViC3yf9Z5V4twIG1adhve86 -/LJhzQ== +MIIEnjCCA4agAwIBAgIBATANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMx +EDAOBgNVBAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNh +d3Rvb3RoMRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNz +bC5jb20xHzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20wHhcNMTQwNzEx +MTcyMDE0WhcNMTcwNDA2MTcyMDE0WjCBkDELMAkGA1UEBhMCVVMxEDAOBgNVBAgM +B01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wxEDAO +BgNVBAsMB1N1cHBvcnQxGDAWBgNVBAMMD3d3dy53b2xmc3NsLmNvbTEfMB0GCSqG +SIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP +ADCCAQoCggEBAMCVCOFXQfJxbbfSRUEnAWXGRa7yvCQwuJXOL07W9hyIvHyf+6hn +f/5cnFF194rKB+c1L4/hvXvAL3yrZKgX/Mpde7rgIeVyLm8uhtiVc9qsG1O5Xz/X +GQ0lT+FjY1GLC2Q/rUO4pRxcNLOuAKBjxfZ/C1loeHOmjBipAm2vwxkBLrgQ48bM +QLRpo0YzaYduxLsXpvPo3a1zvHsvIbX9ZlEMvVSz4W1fHLwjc9EJA4kU0hC5ZMMq +0KGWSrzh1Bpbx6DAwWN4D0Q3MDKWgDIjlaF3uhPSl3PiXSXJag3DOWCktLBpQkIJ +6dgIvDMgs1gip6rrxOHmYYPF0pbf2dBPrdcCAwEAAaOB/DCB+TAdBgNVHQ4EFgQU +sxEyyZKYhOLJ+NA7bgNCyh8OjjwwgckGA1UdIwSBwTCBvoAUJ45nEXTDJh0/7TNj +s6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYDVQQIDAdNb250YW5h +MRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290aDETMBEGA1UECwwK +Q29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29tMR8wHQYJKoZIhvcN +AQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYDVR0TBAUwAwEB/zAN +BgkqhkiG9w0BAQUFAAOCAQEAPYxwBVtiS79stkhhARAdXgW6VZQsrllvl4BdbIbs +musVRUTkVvh1yopFMvTH4frymByR0z/oDskb+uF5mWcODWuK7BosWcQ0BI05d821 +6WBbgr80zu3GTz+0XE2KtPQKBBKgVsHhMzehVIdI6YHCD49v01JMTDJMa586BI93 +Xa3cPSvyyd88YF3Y/IZyfD3QhEuM3yZD/sDMW+E2sz0yKKPvDCDWsVA51mepi4S8 +kjTrGSPoEI/qvRiMkyc8dHWOWAT6KnREffxNOd9UF7p44V1qcNN8ooCB5hlRkcNE +Uey7iKlT4depjCj0IRxCUQm0Em2g1iUJhcYqDK+nWOZSiw== -----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: - e9:d0:a7:5f:79:25:f4:3c - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com + 9a:41:47:cd:a1:14:62:8c + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Validity - Not Before: Oct 24 18:18:15 2011 GMT - Not After : Jul 20 18:18:15 2014 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com + Not Before: Jul 11 03:20:08 2014 GMT + Not After : Apr 6 03:20:08 2017 GMT + Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): + Public-Key: (2048 bit) + Modulus: 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98: @@ -108,51 +123,51 @@ Certificate: 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com - serial:E9:D0:A7:5F:79:25:F4:3C + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:9A:41:47:CD:A1:14:62:8C X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption - 5f:86:14:f4:51:8b:bc:a5:4e:30:da:5e:ac:9a:f8:6c:d9:26: - 4b:93:f9:e3:1c:89:6f:9e:ee:b3:9d:77:3e:89:20:76:a3:e6: - e8:86:15:21:db:e2:33:b2:34:d5:d0:9f:f3:c1:a4:87:92:5c: - f9:d1:ff:30:2f:8e:03:bc:b3:3c:0c:32:a3:90:5f:1a:90:1e: - af:9d:f3:9e:d7:07:02:a9:7d:27:66:63:2f:af:18:d7:ac:18: - 98:8c:83:8f:38:f3:0b:ac:36:10:75:fb:ca:76:13:50:5b:02: - 8f:73:bf:e3:a0:ee:83:52:25:54:ce:26:ce:9c:bd:2f:79:ab: - 1b:60:b8:92:f1:03:c0:fc:3b:08:d9:c0:ad:d5:72:08:25:80: - 61:2d:dc:9f:a7:83:62:07:47:e0:07:4c:4b:07:30:04:a9:87: - 1c:55:7f:07:12:d0:cb:42:5d:cb:cf:66:01:1a:17:ee:f9:0f: - 60:b7:db:6f:68:e5:4e:41:62:6e:d3:6f:60:4f:4b:27:de:cf: - 18:07:f1:13:5d:cb:3f:a9:25:44:da:52:5c:c8:04:e1:56:12: - f5:2a:90:4e:d1:e2:af:01:b5:23:a1:ec:31:da:7b:63:69:c4: - b8:f3:e7:ce:a1:3d:c0:db:6d:f3:b2:d9:46:c8:9f:c3:b8:70: - 5a:1f:7f:ca + 79:78:0c:6d:79:88:91:fc:3a:15:9c:f9:27:62:16:f0:21:1f: + fa:7d:3f:a2:a8:32:1e:f7:f2:11:a9:74:16:74:5e:dc:18:ca: + f0:00:2a:d5:03:06:26:30:f1:47:83:fd:32:6e:fc:ed:aa:4f: + 7d:0c:63:60:31:2f:7c:0c:bf:99:66:87:ed:27:08:86:2d:c4: + 33:e8:98:23:1c:fe:a3:db:9a:49:4e:fc:5a:42:ef:71:c3:3f: + ad:dc:4a:a8:d2:a3:1d:09:ac:33:04:7b:86:f3:6d:00:59:a3: + c8:db:d1:3c:73:f6:0e:90:d6:5e:49:e0:bf:36:63:08:7b:a5: + b0:8f:35:3b:56:8c:11:35:49:04:1c:d0:e7:ba:56:c5:0d:0a: + 91:8d:d6:b7:62:19:34:12:52:4c:d2:6d:7c:c5:3d:0f:18:81: + 54:cb:f6:3c:e5:84:d2:d6:71:15:ec:1a:34:0b:f0:a0:21:74: + 43:c8:a3:b0:df:d9:67:da:e2:ad:93:48:f8:a0:87:bd:79:14: + e0:62:0a:df:f7:31:2e:31:7b:d1:32:2a:0a:fe:5d:14:ef:d9: + 64:50:e4:83:91:bc:70:0d:d7:88:8d:d9:bc:84:0e:c5:1a:b3: + bf:64:02:4e:51:91:a4:a2:85:15:83:af:f0:5b:9b:28:49:5f: + b2:b3:03:d8 -----BEGIN CERTIFICATE----- -MIIEnjCCA4agAwIBAgIJAOnQp195JfQ8MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD -VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G -A1UEChMIU2F3dG9vdGgxEzARBgNVBAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3 -dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMB4XDTEx -MTAyNDE4MTgxNVoXDTE0MDcyMDE4MTgxNVowgZAxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhTYXd0b290 -aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEd -MBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQC/DMotFLIehEJbzTgfSvJNdRDxtjWf38p9A5jTrN4DZu4q -8diwfW4HVAsQmCFNgMsSIOfMT95FfclydzLqypC7aVIQAy+o85XF8YtiVhvvZ2+k -EEGVrQqb46XAsNJwdlAwW6joCCx87aeieo04KRysx+3yfJWwlYJ9SVw4zXcl772A -dVOUPD3KY1ufFbXTHRMvGdE823Y6zLh9yeXC19pAb9gh3HMbQi1TnP4a/H2rejY/ -mN6EfAVnzmoUOIep8Yy1aMtof3EgK/WgY/VWL6Mm0rdvsVoX1ziZCP6TWG/+wxNJ -CBYLp01nAFIxZyNOmO1RRR25BNkL7Ngos0u97TZ5AgMBAAGjgfgwgfUwHQYDVR0O -BBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHFBgNVHSMEgb0wgbqAFCeOZxF0wyYd -P+0zY7Ok2B0w5ejVoYGWpIGTMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHTW9u -dGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8GA1UEChMIU2F3dG9vdGgxEzARBgNV -BAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG -9w0BCQEWDmluZm9AeWFzc2wuY29tggkA6dCnX3kl9DwwDAYDVR0TBAUwAwEB/zAN -BgkqhkiG9w0BAQUFAAOCAQEAX4YU9FGLvKVOMNperJr4bNkmS5P54xyJb57us513 -PokgdqPm6IYVIdviM7I01dCf88Gkh5Jc+dH/MC+OA7yzPAwyo5BfGpAer53zntcH -Aql9J2ZjL68Y16wYmIyDjzjzC6w2EHX7ynYTUFsCj3O/46Dug1IlVM4mzpy9L3mr -G2C4kvEDwPw7CNnArdVyCCWAYS3cn6eDYgdH4AdMSwcwBKmHHFV/BxLQy0Jdy89m -ARoX7vkPYLfbb2jlTkFibtNvYE9LJ97PGAfxE13LP6klRNpSXMgE4VYS9SqQTtHi -rwG1I6HsMdp7Y2nEuPPnzqE9wNtt87LZRsifw7hwWh9/yg== +MIIEqjCCA5KgAwIBAgIJAJpBR82hFGKMMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G +A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe +Fw0xNDA3MTEwMzIwMDhaFw0xNzA0MDYwMzIwMDhaMIGUMQswCQYDVQQGEwJVUzEQ +MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 +dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D +mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx +i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J +XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc +/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI +/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB ++TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU +J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD +VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 +aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYD +VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAeXgMbXmIkfw6FZz5J2IW8CEf ++n0/oqgyHvfyEal0FnRe3BjK8AAq1QMGJjDxR4P9Mm787apPfQxjYDEvfAy/mWaH +7ScIhi3EM+iYIxz+o9uaSU78WkLvccM/rdxKqNKjHQmsMwR7hvNtAFmjyNvRPHP2 +DpDWXkngvzZjCHulsI81O1aMETVJBBzQ57pWxQ0KkY3Wt2IZNBJSTNJtfMU9DxiB +VMv2POWE0tZxFewaNAvwoCF0Q8ijsN/ZZ9rirZNI+KCHvXkU4GIK3/cxLjF70TIq +Cv5dFO/ZZFDkg5G8cA3XiI3ZvIQOxRqzv2QCTlGRpKKFFYOv8FubKElfsrMD2A== -----END CERTIFICATE----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/COPYING b/FreeRTOS-Plus/Source/CyaSSL/COPYING index d60c31a97..d159169d1 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/COPYING +++ b/FreeRTOS-Plus/Source/CyaSSL/COPYING @@ -1,12 +1,12 @@ - GNU GENERAL PUBLIC LICENSE - Version 2, June 1991 + GNU GENERAL PUBLIC LICENSE + Version 2, June 1991 - Copyright (C) 1989, 1991 Free Software Foundation, Inc. - 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + Copyright (C) 1989, 1991 Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. - Preamble + Preamble The licenses for most software are designed to take away your freedom to share and change it. By contrast, the GNU General Public @@ -15,7 +15,7 @@ software--to make sure the software is free for all its users. This General Public License applies to most of the Free Software Foundation's software and to any other program whose authors commit to using it. (Some other Free Software Foundation software is covered by -the GNU Library General Public License instead.) You can apply it to +the GNU Lesser General Public License instead.) You can apply it to your programs, too. When we speak of free software, we are referring to freedom, not @@ -55,8 +55,8 @@ patent must be licensed for everyone's free use or not licensed at all. The precise terms and conditions for copying, distribution and modification follow. - - GNU GENERAL PUBLIC LICENSE + + GNU GENERAL PUBLIC LICENSE TERMS AND CONDITIONS FOR COPYING, DISTRIBUTION AND MODIFICATION 0. This License applies to any program or other work which contains @@ -110,7 +110,7 @@ above, provided that you also meet all of these conditions: License. (Exception: if the Program itself is interactive but does not normally print such an announcement, your work based on the Program is not required to print an announcement.) - + These requirements apply to the modified work as a whole. If identifiable sections of that work are not derived from the Program, and can be reasonably considered independent and separate works in @@ -168,7 +168,7 @@ access to copy from a designated place, then offering equivalent access to copy the source code from the same place counts as distribution of the source code, even though third parties are not compelled to copy the source along with the object code. - + 4. You may not copy, modify, sublicense, or distribute the Program except as expressly provided under this License. Any attempt otherwise to copy, modify, sublicense or distribute the Program is @@ -225,7 +225,7 @@ impose that choice. This section is intended to make thoroughly clear what is believed to be a consequence of the rest of this License. - + 8. If the distribution and/or use of the Program is restricted in certain countries either by patents or by copyrighted interfaces, the original copyright holder who places the Program under this License @@ -255,7 +255,7 @@ make exceptions for this. Our decision will be guided by the two goals of preserving the free status of all derivatives of our free software and of promoting the sharing and reuse of software generally. - NO WARRANTY + NO WARRANTY 11. BECAUSE THE PROGRAM IS LICENSED FREE OF CHARGE, THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY APPLICABLE LAW. EXCEPT WHEN @@ -277,9 +277,9 @@ YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. - END OF TERMS AND CONDITIONS - - How to Apply These Terms to Your New Programs + END OF TERMS AND CONDITIONS + + How to Apply These Terms to Your New Programs If you develop a new program, and you want it to be of the greatest possible use to the public, the best way to achieve this is to make it @@ -303,17 +303,16 @@ the "copyright" line and a pointer to where the full notice is found. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for more details. - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA - + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. Also add information on how to contact you by electronic and paper mail. If the program is interactive, make it output a short notice like this when it starts in an interactive mode: - Gnomovision version 69, Copyright (C) year name of author + Gnomovision version 69, Copyright (C) year name of author Gnomovision comes with ABSOLUTELY NO WARRANTY; for details type `show w'. This is free software, and you are welcome to redistribute it under certain conditions; type `show c' for details. @@ -336,5 +335,5 @@ necessary. Here is a sample; alter the names: This General Public License does not permit incorporating your program into proprietary programs. If your program is a subroutine library, you may consider it more useful to permit linking proprietary applications with the -library. If this is what you want to do, use the GNU Library General +library. If this is what you want to do, use the GNU Lesser General Public License instead of this License. diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.ewp b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.ewp new file mode 100644 index 000000000..bc278a468 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.ewp @@ -0,0 +1,2000 @@ + + + + 2 + + Debug + + ARM + + 1 + + General + 3 + + 22 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 1 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 1 + + + + + + + BILINK + 0 + + + + + Release + + ARM + + 0 + + General + 3 + + 22 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 0 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 0 + + + + + + + BILINK + 0 + + + + + CyaSSL + + $PROJ_DIR$\..\..\..\..\src\crl.c + + + $PROJ_DIR$\..\..\..\..\src\internal.c + + + $PROJ_DIR$\..\..\..\..\src\io.c + + + $PROJ_DIR$\..\..\..\..\src\keys.c + + + $PROJ_DIR$\..\..\..\..\src\ocsp.c + + + $PROJ_DIR$\..\..\..\..\src\sniffer.c + + + $PROJ_DIR$\..\..\..\..\src\ssl.c + + + $PROJ_DIR$\..\..\..\..\src\tls.c + + + + wolfCrypt + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\aes.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\arc4.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\asm.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\asn.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\blake2b.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\camellia.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\coding.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\compress.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\des3.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\dh.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\dsa.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\ecc.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\ecc_fp.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\error.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\hc128.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\hmac.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\integer.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\logging.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\md2.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\md4.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\md5.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\memory.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\misc.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\wc_port.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\pwdbased.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\rabbit.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\random.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\ripemd.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\rsa.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\sha.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\sha256.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\sha512.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\src\tfm.c + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.eww b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.eww new file mode 100644 index 000000000..9702cae02 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/CyaSSL-Lib.eww @@ -0,0 +1,16 @@ + + + + + $WS_DIR$\CyaSSL-Lib.ewp + + + $WS_DIR$\wolfCrypt-benchmark.ewp + + + $WS_DIR$\wolfCrypt-test.ewp + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/benchmark-main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/benchmark-main.c new file mode 100644 index 000000000..bd0aad9bf --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/benchmark-main.c @@ -0,0 +1,40 @@ +/* benchmark-main.c + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#include "stdio.h" + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +func_args args = { 0 } ; + +extern int benchmark_test(void *args) ; + +main(void) { + benchmark_test(&args) ; + return 0; +} + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/test-main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/test-main.c new file mode 100644 index 000000000..d31dd9bc4 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/test-main.c @@ -0,0 +1,36 @@ +/* test-main.c + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +func_args args = { 0 } ; + +extern int ctaocrypt_test(void *args) ; + +main(void) { + ctaocrypt_test(&args) ; + return 0; +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewd b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewd new file mode 100644 index 000000000..0bf90e8eb --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewd @@ -0,0 +1,2601 @@ + + + + 2 + + Debug + + ARM + + 1 + + C-SPY + 2 + + 25 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ARMSIM_ID + 2 + + 1 + 1 + 1 + + + + + + + + ANGEL_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + + CMSISDAP_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + GDBSERVER_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + IARROM_ID + 2 + + 1 + 1 + 1 + + + + + + + + + IJET_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + JLINK_ID + 2 + + 15 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LMIFTDI_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + MACRAIGOR_ID + 2 + + 3 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + PEMICRO_ID + 2 + + 1 + 1 + 1 + + + + + + + + + + + + + + + + + + + RDI_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + + + + STLINK_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + THIRDPARTY_ID + 2 + + 0 + 1 + 1 + + + + + + + + XDS100_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + $TOOLKIT_DIR$\plugins\middleware\HCCWare\HCCWare.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\AVIX\AVIX.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxTinyArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\embOS\embOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\MQX\MQXRtosPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\OpenRTOS\OpenRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\PowerPac\PowerPacRTOS.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\Quadros\Quadros_EWB6_Plugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\SafeRTOS\SafeRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\ThreadX\ThreadXArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-286-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-III\uCOS-III-KA-CSpy.ewplugin + 0 + + + $EW_DIR$\common\plugins\CodeCoverage\CodeCoverage.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\Orti\Orti.ENU.ewplugin + 0 + + + $EW_DIR$\common\plugins\SymList\SymList.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\uCProbe\uCProbePlugin.ENU.ewplugin + 0 + + + + + Release + + ARM + + 0 + + C-SPY + 2 + + 25 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ARMSIM_ID + 2 + + 1 + 1 + 0 + + + + + + + + ANGEL_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + + CMSISDAP_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + GDBSERVER_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + IARROM_ID + 2 + + 1 + 1 + 0 + + + + + + + + + IJET_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + JLINK_ID + 2 + + 15 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LMIFTDI_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + MACRAIGOR_ID + 2 + + 3 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + PEMICRO_ID + 2 + + 1 + 1 + 0 + + + + + + + + + + + + + + + + + + + RDI_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + + + + STLINK_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + THIRDPARTY_ID + 2 + + 0 + 1 + 0 + + + + + + + + XDS100_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + $TOOLKIT_DIR$\plugins\middleware\HCCWare\HCCWare.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\AVIX\AVIX.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxTinyArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\embOS\embOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\MQX\MQXRtosPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\OpenRTOS\OpenRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\PowerPac\PowerPacRTOS.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\Quadros\Quadros_EWB6_Plugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\SafeRTOS\SafeRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\ThreadX\ThreadXArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-286-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-III\uCOS-III-KA-CSpy.ewplugin + 0 + + + $EW_DIR$\common\plugins\CodeCoverage\CodeCoverage.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\Orti\Orti.ENU.ewplugin + 0 + + + $EW_DIR$\common\plugins\SymList\SymList.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\uCProbe\uCProbePlugin.ENU.ewplugin + 0 + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewp b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewp new file mode 100644 index 000000000..d61e0a0e9 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.ewp @@ -0,0 +1,1877 @@ + + + + 2 + + Debug + + ARM + + 1 + + General + 3 + + 22 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 1 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 1 + + + + + + + BILINK + 0 + + + + + Release + + ARM + + 0 + + General + 3 + + 22 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 0 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 0 + + + + + + + BILINK + 0 + + + + + $PROJ_DIR$\benchmark-main.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\benchmark\benchmark.c + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.icf b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.icf new file mode 100644 index 000000000..a4ab009ee --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-benchmark.icf @@ -0,0 +1,32 @@ +/*###ICF### Section handled by ICF editor, don't touch! ****/ +/*-Editor annotation file-*/ +/* IcfEditorFile="$TOOLKIT_DIR$\config\ide\IcfEditor\cortex_v1_0.xml" */ +/*-Specials-*/ +define symbol __ICFEDIT_intvec_start__ = 0x00000000; +/*-Memory Regions-*/ +define symbol __ICFEDIT_region_ROM_start__ = 0x00000000; +define symbol __ICFEDIT_region_ROM_end__ = 0x0007FFFF; +define symbol __ICFEDIT_region_RAM_start__ = 0x20000000; +define symbol __ICFEDIT_region_RAM_end__ = 0x2000FFFF; +/*-Sizes-*/ +define symbol __ICFEDIT_size_cstack__ = 0x2000; +define symbol __ICFEDIT_size_heap__ = 0x2000; +/**** End of ICF editor section. ###ICF###*/ + + +define memory mem with size = 4G; +define region ROM_region = mem:[from __ICFEDIT_region_ROM_start__ to __ICFEDIT_region_ROM_end__]; +define region RAM_region = mem:[from __ICFEDIT_region_RAM_start__ to __ICFEDIT_region_RAM_end__]; + +define block CSTACK with alignment = 8, size = __ICFEDIT_size_cstack__ { }; +define block HEAP with alignment = 8, size = __ICFEDIT_size_heap__ { }; + +initialize by copy { readwrite }; +//initialize by copy with packing = none { section __DLIB_PERTHREAD }; // Required in a multi-threaded application +do not initialize { section .noinit }; + +place at address mem:__ICFEDIT_intvec_start__ { readonly section .intvec }; + +place in ROM_region { readonly }; +place in RAM_region { readwrite, + block CSTACK, block HEAP }; \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewd b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewd new file mode 100644 index 000000000..6c2de8d14 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewd @@ -0,0 +1,2601 @@ + + + + 2 + + Debug + + ARM + + 1 + + C-SPY + 2 + + 25 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ARMSIM_ID + 2 + + 1 + 1 + 1 + + + + + + + + ANGEL_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + + CMSISDAP_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + GDBSERVER_ID + 2 + + 0 + 1 + 1 + + + + + + + + + + + IARROM_ID + 2 + + 1 + 1 + 1 + + + + + + + + + IJET_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + JLINK_ID + 2 + + 15 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LMIFTDI_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + MACRAIGOR_ID + 2 + + 3 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + PEMICRO_ID + 2 + + 1 + 1 + 1 + + + + + + + + + + + + + + + + + + + RDI_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + + + + STLINK_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + THIRDPARTY_ID + 2 + + 0 + 1 + 1 + + + + + + + + XDS100_ID + 2 + + 2 + 1 + 1 + + + + + + + + + + + + + $TOOLKIT_DIR$\plugins\middleware\HCCWare\HCCWare.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\AVIX\AVIX.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxTinyArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\embOS\embOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\MQX\MQXRtosPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\OpenRTOS\OpenRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\PowerPac\PowerPacRTOS.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\Quadros\Quadros_EWB6_Plugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\SafeRTOS\SafeRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\ThreadX\ThreadXArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-286-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-III\uCOS-III-KA-CSpy.ewplugin + 0 + + + $EW_DIR$\common\plugins\CodeCoverage\CodeCoverage.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\Orti\Orti.ENU.ewplugin + 0 + + + $EW_DIR$\common\plugins\SymList\SymList.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\uCProbe\uCProbePlugin.ENU.ewplugin + 0 + + + + + Release + + ARM + + 0 + + C-SPY + 2 + + 25 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ARMSIM_ID + 2 + + 1 + 1 + 0 + + + + + + + + ANGEL_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + + CMSISDAP_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + GDBSERVER_ID + 2 + + 0 + 1 + 0 + + + + + + + + + + + IARROM_ID + 2 + + 1 + 1 + 0 + + + + + + + + + IJET_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + JLINK_ID + 2 + + 15 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + LMIFTDI_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + MACRAIGOR_ID + 2 + + 3 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + PEMICRO_ID + 2 + + 1 + 1 + 0 + + + + + + + + + + + + + + + + + + + RDI_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + + + + STLINK_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + THIRDPARTY_ID + 2 + + 0 + 1 + 0 + + + + + + + + XDS100_ID + 2 + + 2 + 1 + 0 + + + + + + + + + + + + + $TOOLKIT_DIR$\plugins\middleware\HCCWare\HCCWare.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\AVIX\AVIX.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\CMX\CmxTinyArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\embOS\embOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\MQX\MQXRtosPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\OpenRTOS\OpenRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\PowerPac\PowerPacRTOS.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\Quadros\Quadros_EWB6_Plugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\SafeRTOS\SafeRTOSPlugin.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\ThreadX\ThreadXArmPlugin.ENU.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-286-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-II\uCOS-II-KA-CSpy.ewplugin + 0 + + + $TOOLKIT_DIR$\plugins\rtos\uCOS-III\uCOS-III-KA-CSpy.ewplugin + 0 + + + $EW_DIR$\common\plugins\CodeCoverage\CodeCoverage.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\Orti\Orti.ENU.ewplugin + 0 + + + $EW_DIR$\common\plugins\SymList\SymList.ENU.ewplugin + 1 + + + $EW_DIR$\common\plugins\uCProbe\uCProbePlugin.ENU.ewplugin + 0 + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewp b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewp new file mode 100644 index 000000000..60e146e43 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.ewp @@ -0,0 +1,1877 @@ + + + + 2 + + Debug + + ARM + + 1 + + General + 3 + + 22 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 1 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 1 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 1 + + + + + + + BILINK + 0 + + + + + Release + + ARM + + 0 + + General + 3 + + 22 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + ICCARM + 2 + + 29 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + AARM + 2 + + 9 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + OBJCOPY + 0 + + 1 + 1 + 0 + + + + + + + + + CUSTOM + 3 + + + + + + + BICOMP + 0 + + + + BUILDACTION + 1 + + + + + + + ILINK + 0 + + 16 + 1 + 0 + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + IARCHIVE + 0 + + 0 + 1 + 0 + + + + + + + BILINK + 0 + + + + + $PROJ_DIR$\test-main.c + + + $PROJ_DIR$\..\..\..\..\ctaocrypt\test\test.c + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.icf b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.icf new file mode 100644 index 000000000..211d253d4 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/Projects/CyaSSL-Lib/wolfCrypt-test.icf @@ -0,0 +1,31 @@ +/*###ICF### Section handled by ICF editor, don't touch! ****/ +/*-Editor annotation file-*/ +/* IcfEditorFile="$TOOLKIT_DIR$\config\ide\IcfEditor\cortex_v1_0.xml" */ +/*-Specials-*/ +define symbol __ICFEDIT_intvec_start__ = 0x0; +/*-Memory Regions-*/ +define symbol __ICFEDIT_region_ROM_start__ = 0x0; +define symbol __ICFEDIT_region_ROM_end__ = 0x000FFFFF; +define symbol __ICFEDIT_region_RAM_start__ = 0x1FFF0000; +define symbol __ICFEDIT_region_RAM_end__ = 0x2000FFFF; +/*-Sizes-*/ +define symbol __ICFEDIT_size_cstack__ = 0x2000; +define symbol __ICFEDIT_size_heap__ = 0x3000; +/**** End of ICF editor section. ###ICF###*/ + + +define memory mem with size = 4G; +define region ROM_region = mem:[from __ICFEDIT_region_ROM_start__ to __ICFEDIT_region_ROM_end__]; +define region RAM_region = mem:[from __ICFEDIT_region_RAM_start__ to __ICFEDIT_region_RAM_end__]; + +define block CSTACK with alignment = 8, size = __ICFEDIT_size_cstack__ { }; +define block HEAP with alignment = 8, size = __ICFEDIT_size_heap__ { }; + +initialize by copy { readwrite }; +do not initialize { section .noinit }; + +place at address mem:__ICFEDIT_intvec_start__ { readonly section .intvec }; + +place in ROM_region { readonly }; +place in RAM_region { readwrite, + block CSTACK, block HEAP }; \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/README b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/README new file mode 100644 index 000000000..f393cae30 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/IAR-EWARM/README @@ -0,0 +1,49 @@ +CyaSSL IAR Project Files + +This directory contains project files for IAR EWARM IDE. These +projects have been set up to generic ARM Cortex-M MPUs. +In order to generate project for specific target MPU, take following steps. + + +Included Project Files +----------------------- +1. Workspace: CyaSSL-Lib.eww + The workspace includes CyaSSL-Lib library and wolfCrypt-test, wolfCrypt-benchmark + executable projects. The library project generates full set library of wolfCrypt + and CyaSSL functions. + +2. Test suites Project: wolfCrypt-test.ewp + generates test.out test suites executable + +3. Benchmark Project: wolfCrypt-benchmark.ewp + generates benchmark.out benchmark executable + +Set Up Steps +------------ +0. Default Setting + Default Target of the projects are set to Cortex-M3 Simulator. + For check the projects, you can build and download to the simulator. + Open Terminal I/O window, by "view"->"Terminal I/O", and start execution. + +1. Project option settings + For each project,... + General Options: Choose appropriate "Target" options + + For executable projects,... + Add "SystemInit" and "startup" for your MPU + Debugger: Choose your debug "Driver" + +2. For benchmark project,... + Write your own "current_time" benchmark timer under "defined(CYASSL_IAR_ARM)" in benchmark.c + +3. settings.h + Uncomment the "CYASSL_IAR_ARM" define located in: + /cyassl/ctaocrypt/settings. + +4. Build and download + Go to "Project->Make" and "Download and Debug" in Menu bar for EWARM build and download. + + +Support +------- +Please send questions or comments to support@wolfssl.com diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c new file mode 100644 index 000000000..4b1a5aba2 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/LPC43xx/time-LCP43xx.c @@ -0,0 +1,166 @@ +/* time.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + + +/*----------------------------------------------------------------------------- + * initialize RTC + *----------------------------------------------------------------------------*/ +#include +#include "lpc43xx_rtc.h" +#include "lpc43xx_cgu.h" + +static void init_RTC() +{ + /* Enable GPIO register interface clock */ + LPC_CCU1->CLK_M4_GPIO_CFG |= 1; + while (!(LPC_CCU1->CLK_M4_GPIO_STAT & 1)) ; + + /* RTC Block section ------------------------------------------------------ */ + /* Init RTC module */ + RTC_Init(LPC_RTC); + + /* Set ALARM time for second */ + RTC_SetAlarmTime (LPC_RTC, RTC_TIMETYPE_SECOND, 30); + + /* Set the AMR for 30s match alarm interrupt */ + RTC_AlarmIntConfig (LPC_RTC, RTC_TIMETYPE_SECOND, ENABLE); + + /* Set the CIIR for minute counter interrupt*/ + RTC_CntIncrIntConfig (LPC_RTC, RTC_TIMETYPE_MINUTE, ENABLE); + + /* Enable rtc (starts increase the tick counter and second counter register) */ + RTC_Cmd(LPC_RTC, ENABLE); + +} + +/*----------------------------------------------------------------------------- + * initialize TIM + *----------------------------------------------------------------------------*/ + +#include "lpc43xx_timer.h" + +static void init_TIM() +{ + TIM_TIMERCFG_Type TIM_ConfigStruct; + /* Initialize timer 0, prescale count time of 1uS */ + TIM_ConfigStruct.PrescaleOption = TIM_PRESCALE_TICKVAL; + TIM_ConfigStruct.PrescaleValue = 204; /* 204MHz */ + /* Set configuration for Tim_config and Tim_MatchConfig */ + TIM_Init(LPC_TIMER2, TIM_TIMER_MODE,&TIM_ConfigStruct); + TIM_ResetCounter(LPC_TIMER2); + /* To start timer 2 */ + TIM_Cmd(LPC_TIMER2,ENABLE); +} + +double current_time() +{ + return (double)LPC_TIMER2->TC/1000000.0; +} + + +void init_time(void) { + init_RTC() ; + init_TIM() ; +} + +#include + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + static struct tm date ; + + RTC_TIME_Type RTCFullTime; + RTC_GetFullTime (LPC_RTC, &RTCFullTime); + + date.tm_year = RTCFullTime.YEAR + 100 ; + date.tm_mon = RTCFullTime.MONTH - 1 ; + date.tm_mday = RTCFullTime.DOM ; + date.tm_hour = RTCFullTime.HOUR ; + date.tm_min = RTCFullTime.MIN ; + date.tm_sec = RTCFullTime.SEC ; + + #if defined(DEBUG_CYASSL) + { + extern void CYASSL_MSG(char *msg) ; + char msg[100] ; + sprintf(msg, "Debug::Cyassl_KEIL_gmtime(DATE=/%4d/%02d/%02d TIME=%02d:%02d:%02d)\n", + RTCFullTime.YEAR+2000, RTCFullTime.MONTH, RTCFullTime.DOM, + RTCFullTime.HOUR, RTCFullTime.MIN, RTCFullTime.SEC) ; + CYASSL_MSG(msg) ; + } + #endif + + return(&date) ; +} + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +#include + +void time_main(void *args) +{ + char * datetime ; + int year ; + RTC_TIME_Type RTCFullTime; + + if( args == NULL || ((func_args *)args)->argc == 1) { + RTC_GetFullTime (LPC_RTC, &RTCFullTime); + printf("Date: %d/%d/%d, Time: %02d:%02d:%02d\n", + RTCFullTime.MONTH, RTCFullTime.DOM, RTCFullTime.YEAR+2000, + RTCFullTime.HOUR, RTCFullTime.MIN, RTCFullTime.SEC) ; + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 'd' ) { + + datetime = ((func_args *)args)->argv[2]; + sscanf(datetime, "%d/%d/%d", + (int *)&RTCFullTime.MONTH, (int *)&RTCFullTime.DOM, &year) ; + RTCFullTime.YEAR = year - 2000 ; + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MONTH, RTCFullTime.MONTH); + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_YEAR, RTCFullTime.YEAR); + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_DAYOFMONTH, RTCFullTime.DOM); + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 't' ) { + RTC_GetFullTime (LPC_RTC, &RTCFullTime); + datetime = ((func_args *)args)->argv[2]; + sscanf(datetime, "%d:%d:%d", + (int *)&RTCFullTime.HOUR, + (int *)&RTCFullTime.MIN, + (int *)&RTCFullTime.SEC + ) ; + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_SECOND, RTCFullTime.SEC); + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_MINUTE, RTCFullTime.MIN); + RTC_SetTime (LPC_RTC, RTC_TIMETYPE_HOUR, RTCFullTime.HOUR); + } else printf("Invalid argument\n") ; +} + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c new file mode 100644 index 000000000..bb59c8ce1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/Retarget.c @@ -0,0 +1,261 @@ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include +#include +#include +#include + + +#include + +#pragma import(__use_no_semihosting_swi) + +/* The following macro definitions may be used to translate this file: + + STDIO - use standard Input/Output device + (default is NOT used) + */ + +/* Standard IO device handles. */ +#define STDIN 0x8001 +#define STDOUT 0x8002 +#define STDERR 0x8003 + +/* Standard IO device name defines. */ +const char __stdin_name[] = "STDIN"; +const char __stdout_name[] = "STDOUT"; +const char __stderr_name[] = "STDERR"; + +struct __FILE { int handle; /* Add whatever you need here */ }; + +#ifdef STDIO +extern int SER_GetChar (void); +extern int SER_PutChar (int ch); + +/*----------------------------------------------------------------------------- + Write character to the Serial Port + *----------------------------------------------------------------------------*/ +int sendchar (int c) +{ + if (c == '\n') { + SER_PutChar ('\r'); + } + SER_PutChar (c); + return (c); +} + + +/*----------------------------------------------------------------------------- + Read character from the Serial Port + *----------------------------------------------------------------------------*/ +int getkey (void) +{ + int ch = SER_GetChar(); + + if (ch < 0) { + return 0; + } + return ch; +} +#endif + +/*--------------------------- _ttywrch ---------------------------------------*/ + +void _ttywrch (int ch) +{ +#ifdef STDIO + sendchar (ch); +#endif +} + +/*--------------------------- _sys_open --------------------------------------*/ +#ifndef NO_FILESYSTEM +static int KEIL_FS_open(const char *name, int openmode) +{ + int i ; int ret ; + #define PATHSIZE 100 + char path[PATHSIZE] ; char *p ; + + if(strlen(name) > PATHSIZE)return(-1) ; + + for(i = 0; i<= strlen(name); i++) { + if(name[i] == '/')path[i] = '\\' ; + else path[i] = name[i] ; + } + if(path[0] == '.' && path[1] == '\\') p = path + 2 ; + else p = path ; + + ret = __sys_open (p, openmode) ; + + return(ret) ; +} +#endif + +FILEHANDLE _sys_open (const char *name, int openmode) +{ + /* Register standard Input Output devices. */ + if (strcmp(name, "STDIN") == 0) { + return (STDIN); + } + if (strcmp(name, "STDOUT") == 0) { + return (STDOUT); + } + if (strcmp(name, "STDERR") == 0) { + return (STDERR); + } + #ifndef NO_FILESYSTEM + return (KEIL_FS_open(name, openmode)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_close -------------------------------------*/ + +int _sys_close (FILEHANDLE fh) +{ + if (fh > 0x8000) { + return (0); + } + #ifndef NO_FILESYSTEM + return (__sys_close (fh)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_write -------------------------------------*/ + +int _sys_write (FILEHANDLE fh, const U8 *buf, U32 len, int mode) +{ +#ifdef STDIO + if (fh == STDOUT) { + /* Standard Output device. */ + for ( ; len; len--) { + sendchar (*buf++); + } + return (0); + } +#endif + if (fh > 0x8000) { + return (-1); + } + #ifndef NO_FILESYSTEM + return (__sys_write (fh, buf, len)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_read --------------------------------------*/ + +int _sys_read (FILEHANDLE fh, U8 *buf, U32 len, int mode) +{ +#ifdef STDIO + if (fh == STDIN) { + /* Standard Input device. */ + int sz ; + while((buf[0] = getkey()) == 0) ; + ; + for (sz = 0 ; sz <= len ; sz ++ ) { + if(buf[sz] == 0) break ; + else sz++ ; + buf[sz] = getkey (); + } + return (sz); + } +#endif + if (fh > 0x8000) { + return (-1); + } + #ifndef NO_FILESYSTEM + return (__sys_read (fh, buf, len)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_istty -------------------------------------*/ + +int _sys_istty (FILEHANDLE fh) +{ + if (fh > 0x8000) { + return (1); + } + return (0); +} + +/*--------------------------- _sys_seek --------------------------------------*/ + +int _sys_seek (FILEHANDLE fh, long pos) +{ + if (fh > 0x8000) { + return (-1); + } + #ifndef NO_FILESYSTEM + return (__sys_seek (fh, pos)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_ensure ------------------------------------*/ + +int _sys_ensure (FILEHANDLE fh) +{ + if (fh > 0x8000) { + return (-1); + } + #ifndef NO_FILESYSTEM + return (__sys_ensure (fh)); + #else + return(0) ; + #endif +} + +/*--------------------------- _sys_flen --------------------------------------*/ + +long _sys_flen (FILEHANDLE fh) +{ + if (fh > 0x8000) { + return (0); + } + #ifndef NO_FILESYSTEM + return (__sys_flen (fh)); + #else + return(0) ; + #endif +} + + +/*--------------------------- _sys_tmpnam ------------------------------------*/ + +int _sys_tmpnam (char *name, int sig, unsigned maxlen) +{ + return (1); +} + +/*--------------------------- _sys_command_string ----------------------------*/ + +char *_sys_command_string (char *cmd, int len) +{ + return (cmd); +} + +/*--------------------------- _sys_exit --------------------------------------*/ + +void _sys_exit (int return_code) +{ +#ifdef CYASSL_MDK_SHELL + return ; +#else + /* Endless loop. */ + while (1); +#endif + +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c new file mode 100644 index 000000000..d29fbf3b1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.c @@ -0,0 +1,28 @@ +/* certs_test.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* Define initial data for cert buffers */ +#include + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h new file mode 100644 index 000000000..6629ee051 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cert_data.h @@ -0,0 +1,39 @@ +#ifndef CYASSL_CERT_DATA_H +#define CYASSL_CERT_DATA_H + +#ifdef USE_CERT_BUFFERS_1024 +extern const unsigned char client_key_der_1024[] ; +extern int sizeof_client_key_der_1024 ; +/* ./certs/1024/client-cert.der, 1024-bit */ +extern const unsigned char client_cert_der_1024[] ; +extern int sizeof_client_cert_der_1024 ; +/* ./certs/1024/dh1024.der, 1024-bit */ +extern const unsigned char dh_key_der_1024[] ; +extern int sizeof_dh_key_der_1024 ; +/* ./certs/1024/dsa1024.der, 1024-bit */ +extern const unsigned char dsa_key_der_1024[] ; +extern int sizeof_dsa_key_der_1024 ; +/* ./certs/1024/rsa1024.der, 1024-bit */ +extern const unsigned char rsa_key_der_1024[] ; +extern int sizeof_rsa_key_der_1024 ; + +#elif defined(USE_CERT_BUFFERS_2048) +/* ./certs/client-key.der, 2048-bit */ +extern const unsigned char client_key_der_2048[] ; +extern int sizeof_client_key_der_2048 ; +/* ./certs/client-cert.der, 2048-bit */ +extern const unsigned char client_cert_der_2048[] ; +extern int sizeof_client_cert_der_2048 ; +/* ./certs/dh2048.der, 2048-bit */ +extern const unsigned char dh_key_der_2048[] ; +extern int sizeof_dh_key_der_2048 ; +/* ./certs/dsa2048.der, 2048-bit */ +extern const unsigned char dsa_key_der_2048[] ; +extern int sizeof_dsa_key_der_2048; +/* ./certs/rsa2048.der, 2048-bit */ +extern const unsigned char rsa_key_der_2048[] ; +extern int sizeof_rsa_key_der_2048 ; +#endif + +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-BARE-METAL.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-BARE-METAL.h new file mode 100644 index 000000000..8bd713cd8 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-BARE-METAL.h @@ -0,0 +1,291 @@ +/* config-BEREFOOT.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define SINGLE_THREADED +#define NO_FILESYSTEM +#define NO_TLS + +#define NO_ECHOSERVER +#define NO_ECHOCLIENT +#define NO_SIMPLE_SERVER +#define NO_SIMPLE_CLIENT + +// <<< Use Configuration Wizard in Context Menu >>> + +// Build Target: KEIL-BAREFOOT +// Single Threaded, No File System, No TCP-net +// +// Command Shell +#define MDK_CONF_SHELL 1 +#if MDK_CONF_SHELL == 1 +#define CYASSL_MDK_SHELL +#endif +// +// CyaSSL Apps +// Crypt/Cipher +// Cert Storage <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes) +#define MDK_CONF_CERT_BUFF 1 +#if MDK_CONF_CERT_BUFF == 1 +#define USE_CERT_BUFFERS_1024 +#elif MDK_CONF_CERT_BUFF == 2 +#define USE_CERT_BUFFERS_2048 +#endif + +// Crypt/Cipher Test Suite +#define MDK_CONF_CTaoCryptTest 1 +#if MDK_CONF_CTaoCryptTest == 0 +#define NO_CRYPT_TEST +#endif +// +// Crypt/Cipher Benchmark +#define MDK_CONF_CTaoCryptBenchmark 1 +#if MDK_CONF_CTaoCryptBenchmark == 0 +#define NO_CRYPT_BENCHMARK +#define BENCH_EMBEDDED +#endif +// +// + +// STM32 Hardware Crypt +// STM32F2 Hardware RNG +#define MDK_CONF_STM32F2_RNG 0 +#if MDK_CONF_STM32F2_RNG == 1 +#define STM32F2_RNG +#else +#define NO_DEV_RANDOM +#endif +// +// STM32F2 Hardware Crypt +#define MDK_CONF_STM32F2_CRYPTO 0 +#if MDK_CONF_STM32F2_CRYPTO == 1 +#define STM32F2_CRYPTO +#endif +// + +// + + +// CTaoCrypt Library + +// MD5, SHA, SHA-256, AES, RC4, ASN, RSA +// +// MD2 +#define MDK_CONF_MD2 0 +#if MDK_CONF_MD2 == 1 +#define CYASSL_MD2 +#endif +// +// MD4 +#define MDK_CONF_MD4 1 +#if MDK_CONF_MD4 == 0 +#define NO_MD4 +#endif +// +// SHA-384 +// This has to be with SHA512 +#define MDK_CONF_SHA384 0 +#if MDK_CONF_SHA384 == 1 +#define CYASSL_SHA384 +#endif +// +// SHA-512 +#define MDK_CONF_SHA512 0 +#if MDK_CONF_SHA512 == 1 +#define CYASSL_SHA512 +#endif +// +// RIPEMD +#define MDK_CONF_RIPEMD 0 +#if MDK_CONF_RIPEMD == 1 +#define CYASSL_RIPEMD +#endif +// +// HMAC +#define MDK_CONF_HMAC 1 +#if MDK_CONF_HMAC == 0 +#define NO_HMAC +#endif +// +// HC128 +#define MDK_CONF_HC128 0 +#if MDK_CONF_HC128 == 1 +#define HAVE_HC128 +#endif +// +// RABBIT +#define MDK_CONF_RABBIT 1 +#if MDK_CONF_RABBI == 0 +#define NO_RABBIT +#endif +// + +// AEAD +#define MDK_CONF_AEAD 0 +#if MDK_CONF_AEAD == 1 +#define HAVE_AEAD +#endif +// +// DES3 +#define MDK_CONF_DES3 1 +#if MDK_CONF_DES3 == 0 +#define NO_DES3 +#endif +// +// CAMELLIA +#define MDK_CONF_CAMELLIA 0 +#if MDK_CONF_CAMELLIA == 1 +#define HAVE_CAMELLIA +#endif +// + +// DH +// need this for CYASSL_SERVER, OPENSSL_EXTRA +#define MDK_CONF_DH 1 +#if MDK_CONF_DH == 0 +#define NO_DH +#endif +// +// DSA +#define MDK_CONF_DSA 1 +#if MDK_CONF_DSA == 0 +#define NO_DSA +#endif +// +// PWDBASED +#define MDK_CONF_PWDBASED 1 +#if MDK_CONF_PWDBASED == 0 +#define NO_PWDBASED +#endif +// + +// ECC +#define MDK_CONF_ECC 0 +#if MDK_CONF_ECC == 1 +#define HAVE_ECC +#endif +// +// PSK +#define MDK_CONF_PSK 1 +#if MDK_CONF_PSK == 0 +#define NO_PSK +#endif +// +// AESCCM (Turn off Hardware Crypt) +#define MDK_CONF_AESCCM 0 +#if MDK_CONF_AESCCM == 1 +#define HAVE_AESCCM +#endif +// +// AESGCM (Turn off Hardware Crypt) +#define MDK_CONF_AESGCM 0 +#if MDK_CONF_AESGCM == 1 +#define HAVE_AESGCM +#define BUILD_AESGCM +#endif +// +// NTRU (need License, "crypto_ntru.h") +#define MDK_CONF_NTRU 0 +#if MDK_CONF_NTRU == 1 +#define HAVE_NTRU +#endif +// +// + +// Others + +// Inline +#define MDK_CONF_INLINE 0 +#if MDK_CONF_INLINE == 0 +#define NO_INLINE +#endif +// +// Debug +// Debug Message +#define MDK_CONF_DebugMessage 0 +#if MDK_CONF_DebugMessage == 1 +#define DEBUG_CYASSL +#endif +// +// Check malloc +#define MDK_CONF_CheckMalloc 1 +#if MDK_CONF_CheckMalloc == 1 +#define CYASSL_MALLOC_CHECK +#endif +// + + +// +// ErrNo.h +#define MDK_CONF_ErrNo 0 +#if MDK_CONF_ErrNo == 1 +#define HAVE_ERRNO +#endif +// +// zlib (need "zlib.h") +#define MDK_CONF_LIBZ 0 +#if MDK_CONF_LIBZ == 1 +#define HAVE_LIBZ +#endif +// +// CAVIUM (need CAVIUM headers) +#define MDK_CONF_CAVIUM 0 +#if MDK_CONF_CAVIUM == 1 +#define HAVE_CAVIUM +#endif +// + +// Error Strings +#define MDK_CONF_ErrorStrings 1 +#if MDK_CONF_ErrorStrings == 0 +#define NO_ERROR_STRINGS +#endif +// + +// Small Stack +#define MDK_CONF_SmallStack 1 +#if MDK_CONF_SmallStack == 0 +#define NO_CYASSL_SMALL_STACK +#endif +// +// Use Fast Math +#define MDK_CONF_FASTMATH 0 +#if MDK_CONF_FASTMATH == 1 +#define USE_FAST_MATH +#endif +// + + +// + +// +// <<< end of configuration section >>> diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h new file mode 100644 index 000000000..c05fba661 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-FS.h @@ -0,0 +1,329 @@ +/* config-FS.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_KEIL_RL +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define SINGLE_THREADED + +#define NO_ECHOSERVER +#define NO_ECHOCLIENT +#define NO_SIMPLE_SERVER +#define NO_SIMPLE_CLIENT + +// <<< Use Configuration Wizard in Context Menu >>> + +// Build Target: KEIL-FS +// Single Threaded, With File System, No TCP-net +// +// Command Shell +#define MDK_CONF_SHELL 1 +#if MDK_CONF_SHELL == 1 +#define CYASSL_MDK_SHELL +#endif +// +// CyaSSL Apps +// Crypt/Cipher +// Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes) +#define MDK_CONF_CERT_BUFF 0 +#if MDK_CONF_CERT_BUFF== 1 +#define USE_CERT_BUFFERS_1024 +#elif MDK_CONF_CERT_BUFF == 2 +#define USE_CERT_BUFFERS_2048 +#endif + +// Crypt/Cipher Test Suite +#define MDK_CONF_CTaoCryptTest 1 +#if MDK_CONF_CTaoCryptTest == 0 +#define NO_CRYPT_TEST +#endif +// +// Crypt/Cipher Benchmark +#define MDK_CONF_CTaoCryptBenchmark 1 +#if MDK_CONF_CTaoCryptBenchmark == 0 +#define NO_CRYPT_BENCHMARK +#endif +// +// + +// STM32 Hardware Crypt +// STM32F2 Hardware RNG +#define MDK_CONF_STM32F2_RNG 0 +#if MDK_CONF_STM32F2_RNG == 1 +#define STM32F2_RNG +#else +#define NO_DEV_RANDOM +#endif +// +// STM32F2 Hardware Crypt +#define MDK_CONF_STM32F2_CRYPTO 0 +#if MDK_CONF_STM32F2_CRYPTO == 1 +#define STM32F2_CRYPTO +#endif +// + +// + +// CyaSSL Library +// SSL (Included by default) +// + +// TLS +#define MDK_CONF_TLS 1 +#if MDK_CONF_TLS == 0 +#define NO_TLS +#endif +// + +// CertGen +#define MDK_CONF_CERT_GEN 0 +#if MDK_CONF_CERT_GEN == 1 +#define CYASSL_CERT_GEN +#endif +// +// KeyGen +#define MDK_CONF_KEY_GEN 0 +#if MDK_CONF_KEY_GEN == 1 +#define CYASSL_KEY_GEN +#endif +// +// CRL +#define MDK_CONF_DER_LOAD 0 +#if MDK_CONF_DER_LOAD == 1 +#define CYASSL_DER_LOAD +#endif +// +// OpenSSL Extra +#define MDK_CONF_OPENSSL_EXTRA 0 +#if MDK_CONF_OPENSSL_EXTRA == 1 +#define OPENSSL_EXTRA +#endif +// +// CRL Monitor, OCSP (not supported with KEIL) +// + +// + +// CTaoCrypt Library + +// MD5, SHA, SHA-256, AES, RC4, ASN, RSA +// + +// MD2 +#define MDK_CONF_MD2 0 +#if MDK_CONF_MD2 == 1 +#define CYASSL_MD2 +#endif +// +// MD4 +#define MDK_CONF_MD4 1 +#if MDK_CONF_MD4 == 0 +#define NO_MD4 +#endif +// +// SHA-384 +// This has to be with SHA512 +#define MDK_CONF_SHA384 0 +#if MDK_CONF_SHA384 == 1 +#define CYASSL_SHA384 +#endif +// +// SHA-512 +#define MDK_CONF_SHA512 0 +#if MDK_CONF_SHA512 == 1 +#define CYASSL_SHA512 +#endif +// +// RIPEMD +#define MDK_CONF_RIPEMD 0 +#if MDK_CONF_RIPEMD == 1 +#define CYASSL_RIPEMD +#endif +// +// HMAC +#define MDK_CONF_HMAC 1 +#if MDK_CONF_HMAC == 0 +#define NO_HMAC +#endif +// +// HC128 +#define MDK_CONF_HC128 0 +#if MDK_CONF_HC128 == 1 +#define HAVE_HC128 +#endif +// +// RABBIT +#define MDK_CONF_RABBIT 1 +#if MDK_CONF_RABBI == 0 +#define NO_RABBIT +#endif +// + +// AEAD +#define MDK_CONF_AEAD 0 +#if MDK_CONF_AEAD == 1 +#define HAVE_AEAD +#endif +// +// DES3 +#define MDK_CONF_DES3 1 +#if MDK_CONF_DES3 == 0 +#define NO_DES3 +#endif +// +// CAMELLIA +#define MDK_CONF_CAMELLIA 0 +#if MDK_CONF_CAMELLIA == 1 +#define HAVE_CAMELLIA +#endif +// + +// DH +// need this for CYASSL_SERVER, OPENSSL_EXTRA +#define MDK_CONF_DH 1 +#if MDK_CONF_DH == 0 +#define NO_DH +#endif +// +// DSA +#define MDK_CONF_DSA 1 +#if MDK_CONF_DSA == 0 +#define NO_DSA +#endif +// +// PWDBASED +#define MDK_CONF_PWDBASED 1 +#if MDK_CONF_PWDBASED == 0 +#define NO_PWDBASED +#endif +// + +// ECC +#define MDK_CONF_ECC 0 +#if MDK_CONF_ECC == 1 +#define HAVE_ECC +#endif +// +// PSK +#define MDK_CONF_PSK 1 +#if MDK_CONF_PSK == 0 +#define NO_PSK +#endif +// +// AESCCM (Turn off Hardware Crypt) +#define MDK_CONF_AESCCM 0 +#if MDK_CONF_AESCCM == 1 +#define HAVE_AESCCM +#endif +// +// AESGCM (Turn off Hardware Crypt) +#define MDK_CONF_AESGCM 0 +#if MDK_CONF_AESGCM == 1 +#define HAVE_AESGCM +#define BUILD_AESGCM +#endif +// +// NTRU (need License, "crypto_ntru.h") +#define MDK_CONF_NTRU 0 +#if MDK_CONF_NTRU == 1 +#define HAVE_NTRU +#endif +// +// + +// Others + +// Inline +#define MDK_CONF_INLINE 0 +#if MDK_CONF_INLINE == 0 +#define NO_INLINE +#endif +// +// Debug +// Debug Message +#define MDK_CONF_DebugMessage 0 +#if MDK_CONF_DebugMessage == 1 +#define DEBUG_CYASSL +#endif +// +// Check malloc +#define MDK_CONF_CheckMalloc 1 +#if MDK_CONF_CheckMalloc == 1 +#define CYASSL_MALLOC_CHECK +#endif +// + + +// +// ErrNo.h +#define MDK_CONF_ErrNo 0 +#if MDK_CONF_ErrNo == 1 +#define HAVE_ERRNO +#endif +// +// zlib (need "zlib.h") +#define MDK_CONF_LIBZ 0 +#if MDK_CONF_LIBZ == 1 +#define HAVE_LIBZ +#endif +// +// CAVIUM (need CAVIUM headers) +#define MDK_CONF_CAVIUM 0 +#if MDK_CONF_CAVIUM == 1 +#define HAVE_CAVIUM +#endif +// + +// Error Strings +#define MDK_CONF_ErrorStrings 1 +#if MDK_CONF_ErrorStrings == 0 +#define NO_ERROR_STRINGS +#endif +// + +// Small Stack +#define MDK_CONF_SmallStack 1 +#if MDK_CONF_SmallStack == 0 +#define NO_CYASSL_SMALL_STACK +#endif +// +// Use Fast Math +#define MDK_CONF_FASTMATH 0 +#if MDK_CONF_FASTMATH == 1 +#define USE_FAST_MATH +#endif +// + + +// + +// +// <<< end of configuration section >>> diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h new file mode 100644 index 000000000..106e7718b --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config-RTX-TCP-FS.h @@ -0,0 +1,351 @@ +/* config-RTX-TCP-FS.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define HAVE_KEIL_RTX +#define CYASSL_KEIL_TCP_NET + + +// <<< Use Configuration Wizard in Context Menu >>> +// Build Target: KEIL-RTX-TCP-FS +// RTOS, File System and TCP-net +// +// Command Shell +#define MDK_CONF_SHELL 1 +#if MDK_CONF_SHELL == 1 +#define CYASSL_MDK_SHELL +#endif +// +// CyaSSL Apps +// Crypt/Cipher +// Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes) +#define MDK_CONF_CERT_BUFF 0 +#if MDK_CONF_CERT_BUFF== 1 +#define USE_CERT_BUFFERS_1024 +#elif MDK_CONF_CERT_BUFF == 2 +#define USE_CERT_BUFFERS_2048 +#endif + +// Crypt/Cipher Test Suite +#define MDK_CONF_CTaoCryptTest 1 +#if MDK_CONF_CTaoCryptTest == 0 +#define NO_CRYPT_TEST +#endif +// +// Crypt/Cipher Benchmark +#define MDK_CONF_CTaoCryptBenchmark 1 +#if MDK_CONF_CTaoCryptBenchmark == 0 +#define NO_CRYPT_BENCHMARK +#define BENCH_EMBEDDED +#endif +// +// +// SSL/TLS Server/Client +// echoServer +#define MDK_CONF_echoServer 1 +#if MDK_CONF_echoServer == 0 +#define NO_ECHOSERVER +#endif +// +// echoClient +#define MDK_CONF_echoClient 1 +#if MDK_CONF_echoClient == 0 +#define NO_ECHOCLIENT +#endif +// +// SimpleServer +#define MDK_CONF_simpleServer 1 +#if MDK_CONF_simpleServer == 0 +#define NO_SIMPLE_SERVER +#endif +// +// SimpleCliet +#define MDK_CONF_simpleClient 1 +#if MDK_CONF_simpleClient == 0 +#define NO_SIMPLE_CLIENT +#endif +// +// +// +// STM32 Hardware Crypt +// STM32F2 Hardware RNG +#define MDK_CONF_STM32F2_RNG 0 +#if MDK_CONF_STM32F2_RNG == 1 +#define STM32F2_RNG +#else +#define NO_DEV_RANDOM +#endif +// +// STM32F2 Hardware Crypt +#define MDK_CONF_STM32F2_CRYPTO 0 +#if MDK_CONF_STM32F2_CRYPTO == 1 +#define STM32F2_CRYPTO +#endif +// + +// + +// CyaSSL Library +// SSL (Included by default) +// + +// TLS +#define MDK_CONF_TLS 1 +#if MDK_CONF_TLS == 0 +#define NO_TLS +#endif +// + +// CertGen +#define MDK_CONF_CERT_GEN 0 +#if MDK_CONF_CERT_GEN == 1 +#define CYASSL_CERT_GEN +#endif +// +// KeyGen +#define MDK_CONF_KEY_GEN 0 +#if MDK_CONF_KEY_GEN == 1 +#define CYASSL_KEY_GEN +#endif +// +// CRL +#define MDK_CONF_DER_LOAD 0 +#if MDK_CONF_DER_LOAD == 1 +#define CYASSL_DER_LOAD +#endif +// +// OpenSSL Extra +#define MDK_CONF_OPENSSL_EXTRA 1 +#if MDK_CONF_OPENSSL_EXTRA == 1 +#define OPENSSL_EXTRA +#endif +// +// CRL Monitor, OCSP (not supported with KEIL) +// + +// + +// CTaoCrypt Library + +// MD5, SHA, SHA-256, AES, RC4, ASN, RSA +// +// MD2 +#define MDK_CONF_MD2 0 +#if MDK_CONF_MD2 == 1 +#define CYASSL_MD2 +#endif +// +// MD4 +#define MDK_CONF_MD4 1 +#if MDK_CONF_MD4 == 0 +#define NO_MD4 +#endif +// +// SHA-384 +// This has to be with SHA512 +#define MDK_CONF_SHA384 0 +#if MDK_CONF_SHA384 == 1 +#define CYASSL_SHA384 +#endif +// +// SHA-512 +#define MDK_CONF_SHA512 0 +#if MDK_CONF_SHA512 == 1 +#define CYASSL_SHA512 +#endif +// +// RIPEMD +#define MDK_CONF_RIPEMD 1 +#if MDK_CONF_RIPEMD == 1 +#define CYASSL_RIPEMD +#endif +// +// HMAC +#define MDK_CONF_HMAC 1 +#if MDK_CONF_HMAC == 0 +#define NO_HMAC +#endif +// +// HC128 +#define MDK_CONF_HC128 0 +#if MDK_CONF_HC128 == 1 +#define HAVE_HC128 +#endif +// +// RABBIT +#define MDK_CONF_RABBIT 1 +#if MDK_CONF_RABBI == 0 +#define NO_RABBIT +#endif +// + +// AEAD +#define MDK_CONF_AEAD 0 +#if MDK_CONF_AEAD == 1 +#define HAVE_AEAD +#endif +// +// DES3 +#define MDK_CONF_DES3 1 +#if MDK_CONF_DES3 == 0 +#define NO_DES3 +#endif +// +// CAMELLIA +#define MDK_CONF_CAMELLIA 0 +#if MDK_CONF_CAMELLIA == 1 +#define HAVE_CAMELLIA +#endif +// + +// DH +// need this for CYASSL_SERVER, OPENSSL_EXTRA +#define MDK_CONF_DH 1 +#if MDK_CONF_DH == 0 +#define NO_DH +#endif +// +// DSA +#define MDK_CONF_DSA 1 +#if MDK_CONF_DSA == 0 +#define NO_DSA +#endif +// +// PWDBASED +#define MDK_CONF_PWDBASED 1 +#if MDK_CONF_PWDBASED == 0 +#define NO_PWDBASED +#endif +// + +// ECC +#define MDK_CONF_ECC 1 +#if MDK_CONF_ECC == 1 +#define HAVE_ECC +#endif +// +// PSK +#define MDK_CONF_PSK 1 +#if MDK_CONF_PSK == 0 +#define NO_PSK +#endif +// +// AESCCM (Turn off Hardware Crypt) +#define MDK_CONF_AESCCM 0 +#if MDK_CONF_AESCCM == 1 +#define HAVE_AESCCM +#endif +// +// AESGCM (Turn off Hardware Crypt) +#define MDK_CONF_AESGCM 0 +#if MDK_CONF_AESGCM == 1 +#define HAVE_AESGCM +#define BUILD_AESGCM +#endif +// +// NTRU (need License, "crypto_ntru.h") +#define MDK_CONF_NTRU 0 +#if MDK_CONF_NTRU == 1 +#define HAVE_NTRU +#endif +// +// + +// Others + +// Inline +#define MDK_CONF_INLINE 0 +#if MDK_CONF_INLINE == 0 +#define NO_INLINE +#endif +// +// Debug +// Debug Message +#define MDK_CONF_DEBUG_MSG 0 +#if MDK_CONF_DEBUG_MSG == 1 +#define DEBUG_CYASSL +#endif +// +// Check malloc +#define MDK_CONF_CHECK_MALLOC 1 +#if MDK_CONF_CHECK_MALLOC == 1 +#define CYASSL_MALLOC_CHECK +#endif +// + + +// +// ErrNo.h +#define MDK_CONF_ERR_NO 0 +#if MDK_CONF_ERR_NO == 1 +#define HAVE_ERRNO +#endif +// +// zlib (need "zlib.h") +#define MDK_CONF_LIBZ 0 +#if MDK_CONF_LIBZ == 1 +#define HAVE_LIBZ +#endif +// +// CAVIUM (need CAVIUM headers) +#define MDK_CONF_CAVIUM 0 +#if MDK_CONF_CAVIUM == 1 +#define HAVE_CAVIUM +#endif +// + +// Error Strings +#define MDK_CONF_ErrorStrings 1 +#if MDK_CONF_ErrorStrings == 0 +#define NO_ERROR_STRINGS +#endif +// + +// Small Stack +#define MDK_CONF_SMALL_STACK 1 +#if MDK_CONF_SMALL_STACK == 0 +#define NO_CYASSL_SMALL_STACK +#endif +// +// Use Fast Math +#define MDK_CONF_FASTMATH 0 +#if MDK_CONF_FASTMATH == 1 +#define USE_FAST_MATH +#endif +// + + +// + +// +// <<< end of configuration section >>> diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h new file mode 100644 index 000000000..4d89d8fca --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/config.h @@ -0,0 +1,46 @@ +/* config.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR + +/* for Retarget.c */ +#define STDIO +#define BENCH_EMBEDDED + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#if defined(MDK_CONF_RTX_TCP_FS) +#include "config-RTX-TCP-FS.h" +#elif defined(MDK_CONF_TCP_FS) +#include "config-TCP-FS.h" +#elif defined(MDK_CONF_FS) +#include "config-FS.h" +#elif defined(MDK_CONF_BARE_METAL) +#include "config-BARE-METAL.h" +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c new file mode 100644 index 000000000..b8e3d59a7 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.c @@ -0,0 +1,249 @@ +/* cyassl_MDK_ARM.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/***************************************************************************************/ +/** This file is for defining functions for specific to KEIL-RL. **/ +/***************************************************************************************/ +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#if defined (CYASSL_MDK5) + #include "cmsis_os.h" + #if defined(CYASSL_KEIL_TCP_NET) + #include "rl_net.h" + #endif +#else + #include +#endif + +#include "cyassl_MDK_ARM.h" + +#include +#include + +#if defined (CYASSL_CMSIS_RTOS) + #define os_dly_wait(t) osDelay(10*t) +#endif + + +/** KEIL-RL TCPnet ****/ +/** TCPnet BSD socket does not have following functions. **/ + +#if defined(CYASSL_KEIL_TCP_NET) +char *inet_ntoa(struct in_addr in) +{ + #define NAMESIZE 16 + static char name[NAMESIZE] ; + sprintf(name, "%d.%d.%d.%d", (in.s_addr>>24)&0xff, (in.s_addr>>16)&0xff, (in.s_addr>>8)&0xff, in.s_addr&0xff) ; + return name ; +} + +unsigned long inet_addr(const char *cp) +{ + unsigned int a[4] ; unsigned long ret ; + sscanf(cp, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]) ; + ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ; + return(ret) ; +} + + +/*** tcp_connect is actually associated with following syassl_tcp_connect. ***/ +int Cyassl_connect(int sd, const struct sockaddr* sa, int sz) +{ + int ret = 0 ; + #if defined(CYASSL_KEIL_TCP_NET) + + SOCKADDR_IN addr ; + + addr = *(SOCKADDR_IN *)sa ; + + do { + #undef connect /* Go to KEIL TCPnet connect */ + ret = connect(sd, (SOCKADDR *)&addr, sizeof(addr)) ; + os_dly_wait(50); + } while(ret == SCK_EWOULDBLOCK) ; + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Connect return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; +} + + +int Cyassl_accept(int sd, struct sockaddr *addr, int *addrlen) +{ + int ret = 0 ; + + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef accept /* Go to KEIL TCPnet accept */ + ret = accept(sd, addr, addrlen) ; + if(ret != SCK_EWOULDBLOCK) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Accept return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; + +} + +int Cyassl_recv(int sd, void *buf, size_t len, int flags) +{ + int ret = 0; + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef recv /* Go to KEIL TCPnet recv */ + ret = recv(sd, buf, len, flags) ; + if((ret != SCK_EWOULDBLOCK) &&( ret != SCK_ETIMEOUT)) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Recv return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; +} + +int Cyassl_send(int sd, const void *buf, size_t len, int flags) +{ + int ret = 0 ; + + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef send /* Go to KEIL TCPnet send */ + ret = send(sd, buf, len, flags) ; + if(ret != SCK_EWOULDBLOCK) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Send return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + +#endif /* CYASSL_KEIL_TCP_NET */ + return(ret) ; + +} + +#endif /* CYASSL_KEIL_TCP_NET */ + +#if defined(CYASSL_KEIL_TCP_NET) +void Cyassl_sleep(int t) +{ + #if defined(HAVE_KEIL_RTX) + os_dly_wait(t/1000+1) ; + #endif +} + +int Cyassl_tcp_select(int sd, int timeout) +{ + + return 0 ; + +} +#endif + +extern int strlen(const char *s) ; + +FILE * CyaSSL_fopen(const char *name, const char *openmode) +{ + int i ; FILE * ret ; + #define PATHSIZE 100 + char path[PATHSIZE] ; char *p ; + + if(strlen(name) > PATHSIZE)return(NULL) ; + + for(i = 0; i<= strlen(name); i++) { + if(name[i] == '/')path[i] = '\\' ; + else path[i] = name[i] ; + } + if(path[0] == '.' && path[1] == '\\') p = path + 2 ; + else p = path ; + + ret = fopen (p, openmode) ; + + return(ret) ; +} + +#if defined (CYASSL_MDK5) +#define getkey getchar +#define sendchar putchar +#else +extern int getkey(void) ; +extern int sendchar(int c) ; +#endif + +char * Cyassl_fgets ( char * str, int num, FILE * f ) +{ + int i ; + + for(i = 0 ; i< num ; i++) { + while((str[i] = getkey()) == 0) { + #if defined (HAVE_KEIL_RTX) + #if !defined(CYASSL_CMSIS_RTOS) + os_tsk_pass (); + #else + osThreadYield (); + #endif + #endif + } + if(str[i] == '\n' || str[i] == '\012' || str[i] == '\015') { + sendchar('\n') ; + str[i++] = '\n' ; + str[i] = '\0' ; + break ; + } else if(str[i] == '\010') { /* BS */ + if(i) { /* erace one char */ + sendchar('\010') ; sendchar(' ') ; sendchar('\010') ; + i = (i>0 ? (i-2) : -1 ) ; + continue ; + } + } else if(str[i] == '\033' || str[i] == '\004' ) { /* ESC or ^D */ + str[i] = '\0' ; + return(0) ; + } + sendchar(str[i]) ; + } + return(str) ; +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h new file mode 100644 index 000000000..b26164339 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/cyassl_MDK_ARM.h @@ -0,0 +1,103 @@ +/* cyassl_KEIL_RL.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/******************************************************************************/ +/** This file is for defining types, values for specific to KEIL-MDK-ARM. **/ +/******************************************************************************/ +#ifndef CYASSL_KEIL_RL_H +#define CYASSL_KEIL_RL_H + + + +#include + +/* Go to STDIN */ +#define fgets(buff, sz, fd) Cyassl_fgets(buff, sz, fd) +extern char * Cyassl_fgets ( char * str, int num, FILE * f ) ; + +#define SOCKET_T int + +/*** #include ***/ +#define NUMBITSPERBYTE 8 +#define FD_SETSIZE 10 + +typedef long fd_mask; +#define NFDBITS (sizeof(fd_mask) * NUMBITSPERBYTE) /* bits per mask */ + +typedef struct fd_set { + fd_mask fds_bits[(FD_SETSIZE + NFDBITS - 1) / NFDBITS]; +} fd_set; + +/*** #include ***/ +struct timeval { + long tv_sec; /* seconds */ + long tv_usec; /* microseconds */ +}; + + +/*** #include **/ +/* + int select(int nfds, fd_set *readfds, fd_set *writefds, + fd_set *exceptfds, const struct timeval *timeout); + void FD_CLR(int fd, fd_set *set); + int FD_ISSET(int fd, fd_set *set); + void FD_SET(int fd, fd_set *set); + void FD_ZERO(fd_set *set); +*/ +typedef int socklen_t ; + +/* for avoiding conflict with KEIL-TCPnet BSD socket */ +/* Bodies are in cyassl_KEIL_RL.c */ +#define connect Cyassl_connect +#define accept Cyassl_accept +#define recv Cyassl_recv +#define send Cyassl_send +#define sleep Cyassl_sleep + +/* for avoiding conflicting with KEIL-TCPnet TCP socket */ +/* Bodies are in test.h */ +#define tcp_connect Cyassl_tcp_connect +#define tcp_socket Cyassl_tcp_soket +#define tcp_listen Cyassl_tcp_listen +#define tcp_select Cyassl_tcp_select + +extern int Cyassl_connect(int sd, const struct sockaddr * sa, int sz) ; +extern int Cyassl_accept(int sd, struct sockaddr *addr, socklen_t *addrlen); +extern int Cyassl_recv(int sd, void *buf, size_t len, int flags); +extern int Cyassl_send(int sd, const void *buf, size_t len, int flags); +extern void Cyassl_sleep(int sec) ; +extern int Cyassl_tcp_select(int sd, int timeout) ; + +/** KEIL-RL TCPnet ****/ +/* TCPnet BSD socket does not have following functions. */ +extern char *inet_ntoa(struct in_addr in); +extern unsigned long inet_addr(const char *cp); +extern int setsockopt(int sockfd, int level, int optname, + const void *optval, socklen_t optlen); +extern int select(int nfds, fd_set *readfds, fd_set *writefds, + fd_set *exceptfds, const struct timeval *timeout); + +/* CyaSSL MDK-ARM time functions */ +#include +struct tm *Cyassl_MDK_gmtime(const time_t *c) ; +extern double current_time(void) ; + +#endif /* CYASSL_KEIL_RL_H */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c new file mode 100644 index 000000000..635267e39 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/main.c @@ -0,0 +1,172 @@ +/* main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include +#include +#include "cyassl_MDK_ARM.h" + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +#if !defined(NO_FILESYSTEM) +static void init_card (void) +{ + U32 retv; + + while ((retv = finit (NULL)) != 0) { /* Wait until the Card is ready */ + if (retv == 1) { + printf ("\nSD/MMC Init Failed"); + printf ("\nInsert Memory card and press key...\n"); + } else { + printf ("\nSD/MMC Card is Unformatted"); + } + } +} +#endif + + +/*----------------------------------------------------------------------------- + * TCP/IP tasks + *----------------------------------------------------------------------------*/ +#ifdef CYASSL_KEIL_TCP_NET +__task void tcp_tick (void) +{ + + CYASSL_MSG("Time tick started.") ; + #if defined (HAVE_KEIL_RTX) + os_itv_set (10); + #endif + + while (1) { + #if defined (HAVE_KEIL_RTX) + os_itv_wait (); + #endif + /* Timer tick every 100 ms */ + timer_tick (); + } +} + +__task void tcp_poll (void) +{ + CYASSL_MSG("TCP polling started.\n") ; + while (1) { + main_TcpNet (); + #if defined (HAVE_KEIL_RTX) + os_tsk_pass (); + #endif + } +} +#endif + +#if defined(HAVE_KEIL_RTX) && defined(CYASSL_MDK_SHELL) +#define SHELL_STACKSIZE 1000 +static unsigned char Shell_stack[SHELL_STACKSIZE] ; +#endif + + +#if defined(CYASSL_MDK_SHELL) +extern void shell_main(void) ; +#endif + +extern void time_main(int) ; +extern void benchmark_test(void) ; +extern void SER_Init(void) ; + +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ + +/*** This is the parent task entry ***/ +void main_task (void) +{ + #ifdef CYASSL_KEIL_TCP_NET + init_TcpNet (); + + os_tsk_create (tcp_tick, 2); + os_tsk_create (tcp_poll, 1); + #endif + + #ifdef CYASSL_MDK_SHELL + #ifdef HAVE_KEIL_RTX + os_tsk_create_user(shell_main, 1, Shell_stack, SHELL_STACKSIZE) ; + #else + shell_main() ; + #endif + #else + + /************************************/ + /*** USER APPLICATION HERE ***/ + /************************************/ + printf("USER LOGIC STARTED\n") ; + + #endif + + #ifdef HAVE_KEIL_RTX + CYASSL_MSG("Terminating tcp_main\n") ; + os_tsk_delete_self (); + #endif + +} + + + int myoptind = 0; + char* myoptarg = NULL; + +#if defined(DEBUG_CYASSL) + extern void CyaSSL_Debugging_ON(void) ; +#endif + + +/*** main entry ***/ +extern void init_time(void) ; +extern void SystemInit(void); + +int main() { + + SystemInit(); + SER_Init() ; + #if !defined(NO_FILESYSTEM) + init_card () ; /* initializing SD card */ + #endif + + init_time() ; + + #if defined(DEBUG_CYASSL) + printf("Turning ON Debug message\n") ; + CyaSSL_Debugging_ON() ; + #endif + + #ifdef HAVE_KEIL_RTX + os_sys_init (main_task) ; + #else + main_task() ; + #endif + + return 0 ; /* There should be no return here */ + +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c new file mode 100644 index 000000000..7b76c1d29 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/shell.c @@ -0,0 +1,595 @@ +/*shell.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + /*** tiny Shell for CyaSSL apps ***/ + + #ifdef HAVE_CONFIG_H + #include +#endif + +#include "cyassl/internal.h" +#undef RNG +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + #include + #include + #include "cyassl_MDK_ARM.h" +#endif + +#ifdef CYASSL_KEIL_NET +#include "cyassl/test.h" +#else +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; +#endif + +#ifdef NO_ECHOCLIENT +#define echoclient_test command_not_found +#endif +#ifdef NO_ECHOSERVER +#define echoserver_test command_not_found +#endif +#ifdef NO_SIMPLE_CLIENT +#define client_test command_not_found +#endif +#ifdef NO_SIMPLE_SERVER +#define server_test command_not_found +#endif +#ifdef NO_CRYPT_BENCHMARK +#define benchmark_test command_not_found +#endif +#ifdef NO_CRYPT_TEST +#define ctaocrypt_test command_not_found +#endif + +#ifndef CYASSL_KEIL_NET +#define ipaddr_comm command_not_found +#endif + +#if !defined(HAVE_KEIL_RTX) +#define stack_comm command_not_found +#endif + + +#if !defined(DEBUG_CYASSL) +#define dbg_comm command_not_found +#endif + + +void command_not_found(void *argv) { + printf("Command not found\n") ; +} + +extern void echoclient_test(void *args) ; +extern void echoserver_test(void *args) ; +extern void benchmark_test(void *args) ; +extern void ctaocrypt_test(void *args) ; +extern void client_test(void *args) ; +extern void server_test(void *args) ; +extern void kill_task(void *args) ; +extern void time_main(void *args) ; +extern void ipaddr_comm(void *args) ; +extern void stack_comm(void *args) ; +extern void for_command(void *args) ; +extern void dbg_comm(void *arg) ; +extern void help_comm(void *arg) ; + +#if !defined(NO_CRYPT_TEST) + +#ifndef NO_MD5 +extern void md5_test(void *arg) ; +#endif +#ifdef CYASSL_MD2 +extern void md2_test(void *arg) ; +#endif +#ifndef NO_MD4 +extern void md4_test(void *arg) ; +#endif + +extern void sha_test(void *arg) ; + +#ifndef NO_SHA256 +extern void sha256_test(void *arg) ; +#endif +#ifdef CYASSL_SHA384 +extern void sha384_test(void *arg) ; +#endif + +#ifdef CYASSL_SHA512 +extern void sha512_test(void *arg) ; +#endif + +#ifdef CYASSL_RIPEMD +extern void ripemd_test(void *arg) ; +#endif +#ifndef NO_HMAC + #ifndef NO_MD5 +extern void hmac_md5_test(void *arg) ; + #endif +extern void hmac_sha_test(void *arg) ; + + #ifndef NO_SHA256 +extern void hmac_sha256_test(void *arg) ; + #endif + + #ifdef CYASSL_SHA384 +extern void hmac_sha384_test(void *arg) ; + #endif +#endif +#ifndef NO_RC4 +extern void arc4_test(void *arg) ; +#endif + +#ifndef NO_HC128 +extern void hc128_test(void *arg) ; +#endif + +#ifndef NO_RABBIT +extern void rabbit_test(void *arg) ; +#endif + +#ifndef NO_DES3 +extern void des_test(void *arg) ; +extern void des3_test(void *arg) ; +#endif + +#ifndef NO_AES +extern void aes_test(void *arg) ; +#ifdef HAVE_AESGCM +extern void aesgcm_test(void *arg) ; +#endif + +#ifdef HAVE_AESCCM +extern void aesccm_test(void *arg) ; +#endif +#endif + +#ifdef HAVE_CAMELLIA +extern void camellia_test(void *arg) ; +#endif +extern void random_test(void *arg) ; + +#ifndef NO_RSA +extern void rsa_test(void *arg) ; +#endif + +#ifndef NO_DH +extern void dh_test(void *arg) ; +#endif + +#ifndef NO_DSA +extern void dsa_test(void *arg) ; +#endif + +#ifndef NO_PWDBASED +extern void pwdbased_test(void *arg) ; +#endif + +#ifdef HAVE_ECC +extern void openssl_test(void *arg) ; +#endif + +#ifdef HAVE_ECC +extern void ecc_test(void *arg) ; +#endif + +#endif /* NO_CRYPT_TEST */ + +static struct { + const char *command ; + void (*func)(void *args) ; +} commandTable[] = { + "echoclient", echoclient_test, + "echoserver", echoserver_test, + "benchmark", benchmark_test, + "test", ctaocrypt_test, + "client", client_test, + "server", server_test, + "time", time_main, /* get/set RTC: [-d yy/mm/dd] [-t hh:mm:ss]*/ + "ipaddr", ipaddr_comm, /* TBD */ + "stack", stack_comm, /* On/Off check stack size */ + "for", for_command, /* iterate next command X times */ + "debug", dbg_comm, /* On/Off debug message */ + "help", help_comm, /* Breif description about the commands */ + + /** short name **/ + "ec", echoclient_test, + "es", echoserver_test, + "bm", benchmark_test, + "te", ctaocrypt_test, + "cl", client_test, + "sv", server_test, + "ip", ipaddr_comm, + "st", stack_comm, + "dbg", dbg_comm, + "?", help_comm, + +/*** test suites ****/ +#if !defined(NO_CRYPT_TEST) +#ifndef NO_MD5 + "md5", md5_test, +#endif +#ifdef CYASSL_MD2 + "md2", md2_test, +#endif +#ifndef NO_MD4 + "md4", md4_test, +#endif + "sha", sha_test, +#ifndef NO_SHA256 + "sha256", sha256_test, +#endif +#ifdef CYASSL_SHA384 + "sha384", sha384_test, +#endif +#ifdef CYASSL_SHA512 + "sha512", sha512_test, +#endif +#ifdef CYASSL_RIPEMD + "ripemd", ripemd_test, +#endif +#ifndef NO_HMAC + #ifndef NO_MD5 + "hmac_md5", hmac_md5_test, + #endif + "hmac_sha", hmac_sha_test, + #ifndef NO_SHA256 + "hmac_sha256", hmac_sha256_test, + #endif + #ifdef CYASSL_SHA384 + "hmac_sha384", hmac_sha384_test, + #endif +#endif +#ifndef NO_RC4 + "arc4", arc4_test, +#endif +#ifndef NO_HC128 + "hc128", hc128_test, +#endif +#ifndef NO_RABBIT + "rabbit", rabbit_test, +#endif +#ifndef NO_DES3 + "des", des_test, + "des3", des3_test, +#endif +#ifndef NO_AES + "aes", aes_test, + #ifdef HAVE_AESGCM + "aesgcm", aesgcm_test, + #endif + #ifdef HAVE_AESCCM + "aesccm", aesccm_test, + #endif +#endif + +#ifdef HAVE_CAMELLIA + "camellia", camellia_test, +#endif + "random", random_test, +#ifndef NO_RSA + "rsa", rsa_test, +#endif +#ifndef NO_DH + "dh", dh_test, +#endif +#ifndef NO_DSA + "dsa", dsa_test, +#endif +#ifndef NO_PWDBASED + "pwdbased", pwdbased_test, +#endif +#ifdef OPENSSL_EXTRA + "openssl", openssl_test, +#endif +#ifdef HAVE_ECC + "ecc", ecc_test, +#endif + +#endif /* NO_CRYPT_TEST */ + + "", NULL +} ; + +enum jobtype { FORGROUND, BACKGROUND } ; + +#define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n') + +/******* Get Command Line *****************************/ +static int getline(char * line, int sz, func_args *args, int*bf_flg) +{ + char * ret ; + int i ; + + #define MAXARGS 10 + #define MAXARGLEN 30 + static char *argv[MAXARGS] ; + args->argv = argv ; + + putchar('>') ; + fflush(stdout) ; + ret = fgets(line, sz, stdin) ; + #define SHELL_ERROR_FGETS -102 + if(ret != line) return(SHELL_ERROR_FGETS) ; + + if(line[strlen(line)-2] == '&') { + (*bf_flg) = BACKGROUND ; + line[strlen(line)-2] = '\n' ; + } else { + (*bf_flg) = FORGROUND ; + } + args->argc = 0 ; + for(i=0; iargv[args->argc] = &(line[i]) ; + while(!IF_DELIMITER(line[i])) i++ ; + args->argc++ ; + if(line[i] == '\n') { + line[i] = '\0' ; + break ; + } else { + line[i] = '\0' ; + } + } + return i ; +} + +static int BackGround = 0 ; /* 1: background job is running */ + +/************* Embedded Shell Commands **********************************/ +#define IP_SIZE 16 + +#ifdef CYASSL_KEIL_NET +static void ipaddr_comm(void *args) +{ + if(((func_args *)args)->argc == 1) { + printf("IP addr: %s, port %d\n", yasslIP, yasslPort) ; + } else { + if(BackGround != 0) { + printf("Cannot change IP addr while background server is running\n") ; + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-'&& + ((func_args *)args)->argv[1][1] == 'a' ) { +/* strcpy(yasslIP, ((func_args *)args)->argv[2]) ; */ + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 'p' ) { +/* yasslPort = atoi(((func_args *)args)->argv[2]) ; */ + } else printf("Invalid argument\n") ; + } +} + +#endif + + + +#if defined(HAVE_KEIL_RTX) +static int stack_ck = 0 ; + +static void stack_comm(void *args) +{ + if(stack_ck) { + printf("Stack Check: Off\n") ; + stack_ck = 0 ; + } else { + printf("Stack Check: On\n") ; + stack_ck = 1 ; + } +} + +#define FILL_PATTERN 0xa596695a +void stack_fill(char * stack, int size) +{ + int i ; + + if(stack_ck == 0)return ; + for(i=1; iargc == 1) { + printf("For %d times\n", for_iteration) ; + } else if( args == NULL || ((func_args *)args)->argc == 2) { + for_iteration = atoi(((func_args *)args)->argv[1]) ; + } else printf("Invalid argument\n") ; +} + + +#if defined(DEBUG_CYASSL) + +static int CyasslDebug = 1 ; + +static void dbg_comm(void *args) +{ + if(CyasslDebug == 1) { + CyasslDebug = 0 ; + printf("Turning OFF Debug message\n") ; + CyaSSL_Debugging_OFF() ; + } else { + CyasslDebug = 1 ; + printf("Turning ON Debug message\n") ; + CyaSSL_Debugging_ON() ; + } +} +#endif + +static void help_comm(void *args) +{ + +} + + + +#define BG_JOB_STACK_SIZE 12000 +#if (!defined(NO_SIMPLE_SERVER) && !defined(NO_ECHOSERVER)) && \ + defined(HAVE_KEIL_RTX) +static char bg_job_stack[BG_JOB_STACK_SIZE] ; +#endif + +#define COMMAND_STACK_SIZE 12000 +#if defined(HAVE_KEIL_RTX) +static char command_stack[COMMAND_STACK_SIZE] ; +#endif + + +#ifdef HAVE_KEIL_RTX +static CyaSSL_Mutex command_mutex ; +#endif + +/*********** Invoke Forground Command *********************/ +static void command_invoke(void *args) +{ + void (*func)(void * ) ; + int i,iteration ; + + func = (void(*)(void *))((func_args *)args)->argv[0] ; + #ifdef HAVE_KEIL_RTX + LockMutex((CyaSSL_Mutex *)&command_mutex) ; + #endif + iteration = for_iteration ; + for(i=0; i< iteration; i++) { + if(iteration > 1) printf("--- Start for %d ---->\n", i) ; + #if defined(HAVE_KEIL_RTX) + stack_fill(command_stack, COMMAND_STACK_SIZE) ; + #endif + + func(args) ; /* invoke command */ + + #if defined(HAVE_KEIL_RTX) + stack_check(command_stack, COMMAND_STACK_SIZE) ; + #endif + } + if(iteration > 1) + for_iteration = 1 ; + #ifdef HAVE_KEIL_RTX + UnLockMutex((CyaSSL_Mutex *)&command_mutex) ; + os_tsk_delete_self() ; + #endif +} + +#if (!defined(NO_SIMPLE_SERVER) && !defined(NO_ECHOSERVER)) && \ + defined(HAVE_KEIL_RTX) +/******* Invoke Background Job *******************************/ +static void bg_job_invoke(void *args) +{ + void (*func)(void * ) ; + BackGround = 1 ; + stack_fill(bg_job_stack, BG_JOB_STACK_SIZE) ; + func = (void(*)(void *))((func_args *)args)->argv[0] ; + func(args) ; /* invoke command */ + stack_check(bg_job_stack, BG_JOB_STACK_SIZE) ; + #ifdef CYASSL_KEIL_NET + init_TcpNet (); + #endif + BackGround = 0 ; + os_tsk_delete_self() ; ; +} +#endif + +#define LINESIZE 100 +static char line[LINESIZE] ; + + +/********* SHEULL MAIN LOOP ***********************************/ +void shell_main(void) { + int i ; + func_args args ; + int bf_flg ; + + i = BackGround ; + /* Dummy for avoiding warning: BackGround is defined but not used. */ + + + #if defined(HAVE_KEIL_RTX) + InitMutex(&command_mutex) ; +#endif + time_main(NULL) ; + printf("Starting Shell\n") ; + while(1) { + if(getline(line, LINESIZE, &args, &bf_flg) > 0) { + for(i=0; commandTable[i].func != NULL; i++) { + if(strcmp(commandTable[i].command, args.argv[0]) == 0) { + args.argv[0] = (char *) commandTable[i].func ; + if(bf_flg == FORGROUND) { + #ifdef HAVE_KEIL_RTX + UnLockMutex((CyaSSL_Mutex *)&command_mutex) ; + os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7, + command_stack, COMMAND_STACK_SIZE, &args) ; + #else + command_invoke(&args) ; + #endif + #ifdef HAVE_KEIL_RTX + LockMutex((CyaSSL_Mutex *)&command_mutex) ; + #endif + } else { + #if (!defined(NO_SIMPLE_SERVER) && \ + !defined(NO_ECHOSERVER)) && \ + defined(HAVE_KEIL_RTX) + if(BackGround != 0) { + printf("Multiple background servers not supported.\n") ; + } else { + printf("\"%s\" is running with the background mode.\n", + commandTable[i].command) ; + os_tsk_create_user_ex( (void(*)(void *))&bg_job_invoke, + 6, bg_job_stack, BG_JOB_STACK_SIZE, &args) ; + } + #else + printf("Invalid Command: no background job\n") ; + #endif + } + break ; + } + } + if(commandTable[i].func == NULL) + printf("Command not found\n") ; + } + } +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c new file mode 100644 index 000000000..47f0b201c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/MDK-ARM/CyaSSL/ssl-dummy.c @@ -0,0 +1,53 @@ +/* ssl-dummy.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include +#include +#include + +Signer* GetCA(void* vp, byte* hash) +{ + Signer*s ; + return s ; +} + +int CyaSSL_dtls(CYASSL* ssl) +{ + return ssl->options.dtls; +} + +int CyaSSL_get_using_nonblock(CYASSL* ssl) +{ + CYASSL_ENTER("CyaSSL_get_using_nonblock"); + CYASSL_LEAVE("CyaSSL_get_using_nonblock", ssl->options.usingNonblock); + return ssl->options.usingNonblock; +} + +Signer* GetCAByName(void* vp, byte* hash) +{ + Signer * ca ; + return(ca) ; +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt new file mode 100644 index 000000000..1e83de18e --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvopt @@ -0,0 +1,1757 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + MDK-RTX-TCP-FS + 0x4 + ARM-ADS + + 12000000 + + 1 + 0 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Lst\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 8 + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O974 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000 + + + + + + 1 + 0 + 0x10005960 + + + + + 0 + Reset Peripherals + Per_Reset() + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + MDK-FS + 0x4 + ARM-ADS + + 12000000 + + 1 + 1 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Lst\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 0 + + 8 + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O974 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000 + + + + + + 1 + 0 + 0x10005960 + + + + + 0 + Reset Peripherals + Per_Reset() + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + MDK-BARE-METAL + 0x4 + ARM-ADS + + 12000000 + + 1 + 1 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Lst\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 0 + + 8 + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O975 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC120000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP9 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000 + + + + + + 1 + 0 + 0x10005960 + + + + + 0 + Reset Peripherals + Per_Reset() + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + CyaSSL Apps + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\echoclient\echoclient.c + echoclient.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\echoserver\echoserver.c + echoserver.c + 0 + 0 + + + 1 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\test\test.c + test.c + 0 + 0 + + + 1 + 4 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\benchmark\benchmark.c + benchmark.c + 0 + 0 + + + 1 + 5 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\client\client.c + client.c + 0 + 0 + + + 1 + 6 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\server\server.c + server.c + 0 + 0 + + + 1 + 7 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\shell.c + shell.c + 0 + 0 + + + 1 + 8 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\main.c + main.c + 0 + 0 + + + 1 + 9 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\cert_data.c + cert_data.c + 0 + 0 + + + + + LPC43xx + 1 + 0 + 0 + 0 + + 2 + 10 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\Drivers\source\lpc43xx_rtc.c + lpc43xx_rtc.c + 0 + 0 + + + 2 + 11 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\Drivers\source\lpc43xx_timer.c + lpc43xx_timer.c + 0 + 0 + + + 2 + 12 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\Drivers\source\lpc43xx_cgu.c + lpc43xx_cgu.c + 0 + 0 + + + 2 + 13 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\Drivers\source\lpc43xx_scu.c + lpc43xx_scu.c + 0 + 0 + + + + + MDK-ARM + 1 + 0 + 0 + 0 + + 3 + 14 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + FS_CM3.lib + 0 + 0 + + + 3 + 15 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + RTX_CM3.lib + 0 + 0 + + + 3 + 16 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + TCPD_CM3.lib + 0 + 0 + + + 3 + 17 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + TCP_CM3.lib + 0 + 0 + + + 3 + 18 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\Serial.c + Serial.c + 0 + 0 + + + 3 + 19 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\RL\TCPnet\Drivers\ETH_LPC43xx.c + ETH_LPC43xx.c + 0 + 0 + + + 3 + 20 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\SDIO_LPC43xx.c + SDIO_LPC43xx.c + 0 + 0 + + + 3 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\system_LPC43xx.c + system_LPC43xx.c + 0 + 0 + + + + + CyaSSL Library + 0 + 0 + 0 + 0 + + 4 + 22 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\crl.c + crl.c + 0 + 0 + + + 4 + 23 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\internal.c + internal.c + 0 + 0 + + + 4 + 24 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\io.c + io.c + 0 + 0 + + + 4 + 25 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\keys.c + keys.c + 0 + 0 + + + 4 + 26 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\ocsp.c + ocsp.c + 0 + 0 + + + 4 + 27 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\sniffer.c + sniffer.c + 0 + 0 + + + 4 + 28 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\ssl.c + ssl.c + 0 + 0 + + + 4 + 29 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\tls.c + tls.c + 0 + 0 + + + 4 + 30 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + ssl-dummy.c + 0 + 0 + + + + + Crypt/Cipher Library + 1 + 0 + 0 + 0 + + 5 + 31 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\aes.c + aes.c + 0 + 0 + + + 5 + 32 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\arc4.c + arc4.c + 0 + 0 + + + 5 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\asm.c + asm.c + 0 + 0 + + + 5 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\asn.c + asn.c + 0 + 0 + + + 5 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\camellia.c + camellia.c + 0 + 0 + + + 5 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\coding.c + coding.c + 0 + 0 + + + 5 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\des3.c + des3.c + 0 + 0 + + + 5 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\dh.c + dh.c + 0 + 0 + + + 5 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\dsa.c + dsa.c + 0 + 0 + + + 5 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ecc.c + ecc.c + 0 + 0 + + + 5 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 0 + 0 + + + 5 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\error.c + error.c + 0 + 0 + + + 5 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\hc128.c + hc128.c + 0 + 0 + + + 5 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\hmac.c + hmac.c + 0 + 0 + + + 5 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\integer.c + integer.c + 0 + 0 + + + 5 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\logging.c + logging.c + 0 + 0 + + + 5 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md2.c + md2.c + 0 + 0 + + + 5 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md4.c + md4.c + 0 + 0 + + + 5 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md5.c + md5.c + 0 + 0 + + + 5 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\memory.c + memory.c + 0 + 0 + + + 5 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\misc.c + misc.c + 0 + 0 + + + 5 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\pwdbased.c + pwdbased.c + 0 + 0 + + + 5 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\rabbit.c + rabbit.c + 0 + 0 + + + 5 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\random.c + random.c + 0 + 0 + + + 5 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ripemd.c + ripemd.c + 0 + 0 + + + 5 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\rsa.c + rsa.c + 0 + 0 + + + 5 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha.c + sha.c + 0 + 0 + + + 5 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha256.c + sha256.c + 0 + 0 + + + 5 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha512.c + sha512.c + 0 + 0 + + + 5 + 60 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\tfm.c + tfm.c + 0 + 0 + + + 5 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\wc_port.c + wc_port.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 6 + 62 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\File_Config.c + File_Config.c + 0 + 0 + + + 6 + 63 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\Net_Config.c + Net_Config.c + 0 + 0 + + + 6 + 64 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config.h + config.h + 0 + 0 + + + 6 + 65 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\RTX_Conf_CM.c + RTX_Conf_CM.c + 0 + 0 + + + 6 + 66 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\Net_Debug.c + Net_Debug.c + 0 + 0 + + + 6 + 67 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-FS.h + config-FS.h + 0 + 0 + + + 6 + 68 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + config-RTX-TCP-FS.h + 0 + 0 + + + 6 + 69 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + config-BARE-METAL.h + 0 + 0 + + + 6 + 70 + 2 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\startup_LPC43xx.s + startup_LPC43xx.s + 0 + 0 + + + + + CyaSSL-MDK + 1 + 0 + 0 + 0 + + 7 + 71 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 0 + 0 + + + 7 + 72 + 1 + 0 + 0 + 8 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\Retarget.c + Retarget.c + 0 + 0 + + + 7 + 73 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\LPC43xx\time-LCP43xx.c + time-LCP43xx.c + 0 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj new file mode 100644 index 000000000..6504d782a --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-LPC43xx.uvproj @@ -0,0 +1,3510 @@ + + + + 1.1 + +
### uVision Project, (C) Keil Software
+ + + + MDK-RTX-TCP-FS + 0x4 + ARM-ADS + + + LPC4357 + NXP (founded by Philips) + IRAM(0x10000000-0x10007FFF) IRAM2(0x20000000-0x2000FFFF) IROM(0x1A000000-0x1A07FFFF) IROM2(0x1B000000-0x1B07FFFF) CLOCK(12000000) CPUTYPE("Cortex-M4") FPU2 + + "STARTUP\NXP\LPC43xx\startup_LPC43xx.s" ("NXP LPC43xx Startup Code") + UL2CM3(-O975 -S0 -C0 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000) + 6414 + LPC43xx.H + + + + + + + + + + SFD\NXP\LPC43xx\LPC43xx.SFR + 0 + + + + NXP\LPC43xx\ + NXP\LPC43xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-RTX-TCP-FS\ + LCP43xx-MDK-RTX-TCP-FS + 1 + 0 + 0 + 1 + 1 + .\Lst\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 1 + 0 + $K\ARM\BIN\ElfDwT.exe !L BASEADDRESS(0x1A000000) + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M4" + + 1 + 0 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 8 + 0 + 0 + 0 + 3 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 1 + 0 + 0 + 1 + 1 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 1 + 0x1a000000 + 0x80000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x1a000000 + 0x80000 + + + 1 + 0x1b000000 + 0x80000 + + + 0 + 0x10080000 + 0xa000 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 0 + 0x20000000 + 0x10000 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_LPC43xx __DBG_ITM CORE_M4 __RTX USE_STDPERIPH_DRIVER MDK_CONF_RTX_TCP_FS + + ..\MDK-ARM\CyaSSL;../../..;..\LPC43xx\Drivers\include;..\LPC43xx\LPC43xx\Include + + + + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + + + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + server.c + 1 + ..\..\..\examples\server\server.c + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + LPC43xx + + + lpc43xx_rtc.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_rtc.c + + + lpc43xx_timer.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_timer.c + + + lpc43xx_cgu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_cgu.c + + + lpc43xx_scu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_scu.c + + + + + MDK-ARM + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + Serial.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\Serial.c + + + ETH_LPC43xx.c + 1 + C:\Keil\ARM\RL\TCPnet\Drivers\ETH_LPC43xx.c + + + SDIO_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\SDIO_LPC43xx.c + + + system_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\system_LPC43xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + internal.c + 1 + ..\..\..\src\internal.c + + + io.c + 1 + ..\..\..\src\io.c + + + keys.c + 1 + ..\..\..\src\keys.c + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + tls.c + 1 + ..\..\..\src\tls.c + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_LPC43xx.s + 2 + ..\LPC43xx\startup_LPC43xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-LCP43xx.c + 1 + ..\LPC43xx\time-LCP43xx.c + + + + + + + MDK-FS + 0x4 + ARM-ADS + + + LPC4357 + NXP (founded by Philips) + IRAM(0x10000000-0x10007FFF) IRAM2(0x20000000-0x2000FFFF) IROM(0x1A000000-0x1A07FFFF) IROM2(0x1B000000-0x1B07FFFF) CLOCK(12000000) CPUTYPE("Cortex-M4") FPU2 + + "STARTUP\NXP\LPC43xx\startup_LPC43xx.s" ("NXP LPC43xx Startup Code") + UL2CM3(-O975 -S0 -C0 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000) + 6414 + LPC43xx.H + + + + + + + + + + SFD\NXP\LPC43xx\LPC43xx.SFR + 0 + + + + NXP\LPC43xx\ + NXP\LPC43xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-FS\ + LCP43xx-MDK-FS + 1 + 0 + 0 + 1 + 1 + .\Lst\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 1 + 0 + $K\ARM\BIN\ElfDwT.exe !L BASEADDRESS(0x1A000000) + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M4" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 8 + 0 + 0 + 0 + 3 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 1 + 0 + 0 + 1 + 1 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 1 + 0x1a000000 + 0x80000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x1a000000 + 0x80000 + + + 1 + 0x1b000000 + 0x80000 + + + 0 + 0x10080000 + 0xa000 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 0 + 0x20000000 + 0x10000 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_LPC43xx __DBG_ITM CORE_M4 __RTX USE_STDPERIPH_DRIVER MDK_CONF_FS + + ..\MDK-ARM\CyaSSL;../../..;..\LPC43xx\Drivers\include;..\LPC43xx\LPC43xx\Include + + + + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + + + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + server.c + 1 + ..\..\..\examples\server\server.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + LPC43xx + + + lpc43xx_rtc.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_rtc.c + + + lpc43xx_timer.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_timer.c + + + lpc43xx_cgu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_cgu.c + + + lpc43xx_scu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_scu.c + + + + + MDK-ARM + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + Serial.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\Serial.c + + + ETH_LPC43xx.c + 1 + C:\Keil\ARM\RL\TCPnet\Drivers\ETH_LPC43xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + SDIO_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\SDIO_LPC43xx.c + + + system_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\system_LPC43xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + internal.c + 1 + ..\..\..\src\internal.c + + + io.c + 1 + ..\..\..\src\io.c + + + keys.c + 1 + ..\..\..\src\keys.c + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + tls.c + 1 + ..\..\..\src\tls.c + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_LPC43xx.s + 2 + ..\LPC43xx\startup_LPC43xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-LCP43xx.c + 1 + ..\LPC43xx\time-LCP43xx.c + + + + + + + MDK-BARE-METAL + 0x4 + ARM-ADS + + + LPC4357 + NXP (founded by Philips) + IRAM(0x10000000-0x10007FFF) IRAM2(0x20000000-0x2000FFFF) IROM(0x1A000000-0x1A07FFFF) IROM2(0x1B000000-0x1B07FFFF) CLOCK(12000000) CPUTYPE("Cortex-M4") FPU2 + + "STARTUP\NXP\LPC43xx\startup_LPC43xx.s" ("NXP LPC43xx Startup Code") + UL2CM3(-O975 -S0 -C0 -FO7 -FD10000000 -FC800 -FN2 -FF0LPC18xx43xx_512_BA -FS01A000000 -FL080000 -FF1LPC18xx43xx_512_BB -FS11B000000 -FL180000) + 6414 + LPC43xx.H + + + + + + + + + + SFD\NXP\LPC43xx\LPC43xx.SFR + 0 + + + + NXP\LPC43xx\ + NXP\LPC43xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-BARE-METAL\ + LCP43xx-MDK-BARE-METAL + 1 + 0 + 0 + 1 + 1 + .\Lst\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 1 + 0 + $K\ARM\BIN\ElfDwT.exe !L BASEADDRESS(0x1A000000) + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DCM.DLL + -pCM4 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM4 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\Dbg_Flash.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M4" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 8 + 0 + 0 + 0 + 3 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 1 + 0 + 0 + 1 + 1 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 1 + 0x1a000000 + 0x80000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x1a000000 + 0x80000 + + + 1 + 0x1b000000 + 0x80000 + + + 0 + 0x10080000 + 0xa000 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x10000000 + 0x8000 + + + 0 + 0x20000000 + 0x10000 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_LPC43xx __DBG_ITM CORE_M4 __RTX USE_STDPERIPH_DRIVER MDK_CONF_BARE_METAL + + ..\MDK-ARM\CyaSSL;../../..;..\LPC43xx\Drivers\include;..\LPC43xx\LPC43xx\Include + + + + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + + + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + server.c + 1 + ..\..\..\examples\server\server.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + LPC43xx + + + lpc43xx_rtc.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_rtc.c + + + lpc43xx_timer.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_timer.c + + + lpc43xx_cgu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_cgu.c + + + lpc43xx_scu.c + 1 + ..\LPC43xx\Drivers\source\lpc43xx_scu.c + + + + + MDK-ARM + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + Serial.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\Serial.c + + + ETH_LPC43xx.c + 1 + C:\Keil\ARM\RL\TCPnet\Drivers\ETH_LPC43xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + SDIO_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\SDIO_LPC43xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + system_LPC43xx.c + 1 + C:\Keil\ARM\Boards\Keil\MCB4300\RL\FlashFS\SD_File\system_LPC43xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + internal.c + 1 + ..\..\..\src\internal.c + + + io.c + 1 + ..\..\..\src\io.c + + + keys.c + 1 + ..\..\..\src\keys.c + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + tls.c + 1 + ..\..\..\src\tls.c + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_LPC43xx.s + 2 + ..\LPC43xx\startup_LPC43xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-LCP43xx.c + 1 + ..\LPC43xx\time-LCP43xx.c + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt new file mode 100644 index 000000000..f051310b2 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvopt @@ -0,0 +1,1656 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + MDK-RTX-TCP-FS + 0x4 + ARM-ADS + + 25000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Flash\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 0 + + 255 + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S0 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 + + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + + + + + + + + MDK-FS + 0x4 + ARM-ADS + + 25000000 + + 1 + 1 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Flash\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S0 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP8 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 + + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + MDK-BARE-METAL + 0x4 + ARM-ADS + + 25000000 + + 1 + 1 + 1 + 0 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Flash\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 0 + + 255 + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 9 + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + DLGUARM + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S0 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO23 -TC10000000 -TP18 -TDX0 -TDD0 -TDS7 -TDT0 -TDC1F -TIEFFFFFFFF -TIP0 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 + + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + CyaSSL Apps + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\echoclient\echoclient.c + echoclient.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\echoserver\echoserver.c + echoserver.c + 0 + 0 + + + 1 + 3 + 1 + 0 + 0 + 5 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\test\test.c + test.c + 0 + 0 + + + 1 + 4 + 1 + 0 + 0 + 21 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\benchmark\benchmark.c + benchmark.c + 0 + 0 + + + 1 + 5 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\client\client.c + client.c + 0 + 0 + + + 1 + 6 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\examples\server\server.c + server.c + 0 + 0 + + + 1 + 7 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\shell.c + shell.c + 0 + 0 + + + 1 + 8 + 1 + 0 + 0 + 0 + 0 + 106 + 149 + 0 + ..\MDK-ARM\CyaSSL\main.c + main.c + 0 + 0 + + + 1 + 9 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\cert_data.c + cert_data.c + 0 + 0 + + + + + STM32F2xx_StdPeriph_Lib + 1 + 0 + 0 + 0 + + + + MDK-ARM + 1 + 0 + 0 + 0 + + 3 + 10 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\Boards\Keil\MCBSTM32F200\RL\FlashFS\SD_File\Serial.c + Serial.c + 0 + 0 + + + 3 + 11 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RL\FlashFS\Drivers\SDIO_STM32F2xx.c + SDIO_STM32F2xx.c + 0 + 0 + + + 3 + 12 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + FS_CM3.lib + 0 + 0 + + + 3 + 13 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + RTX_CM3.lib + 0 + 0 + + + 3 + 14 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RL\TCPnet\Drivers\ETH_STM32F2xx.c + ETH_STM32F2xx.c + 0 + 0 + + + 3 + 15 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + TCPD_CM3.lib + 0 + 0 + + + 3 + 16 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + TCP_CM3.lib + 0 + 0 + + + 3 + 17 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil\ARM\Startup\ST\STM32F2xx\system_stm32f2xx.c + system_stm32f2xx.c + 0 + 0 + + + + + CyaSSL Library + 1 + 0 + 0 + 0 + + 4 + 18 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\crl.c + crl.c + 0 + 0 + + + 4 + 19 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\internal.c + internal.c + 0 + 0 + + + 4 + 20 + 1 + 0 + 0 + 23 + 0 + 0 + 0 + 0 + ..\..\..\src\io.c + io.c + 0 + 0 + + + 4 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\keys.c + keys.c + 0 + 0 + + + 4 + 22 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\ocsp.c + ocsp.c + 0 + 0 + + + 4 + 23 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\sniffer.c + sniffer.c + 0 + 0 + + + 4 + 24 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\ssl.c + ssl.c + 0 + 0 + + + 4 + 25 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\src\tls.c + tls.c + 0 + 0 + + + 4 + 26 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + ssl-dummy.c + 0 + 0 + + + + + Crypt/Cipher Library + 1 + 0 + 0 + 0 + + 5 + 27 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\aes.c + aes.c + 0 + 0 + + + 5 + 28 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\arc4.c + arc4.c + 0 + 0 + + + 5 + 29 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\asm.c + asm.c + 0 + 0 + + + 5 + 30 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\asn.c + asn.c + 0 + 0 + + + 5 + 31 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\camellia.c + camellia.c + 0 + 0 + + + 5 + 32 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\coding.c + coding.c + 0 + 0 + + + 5 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\des3.c + des3.c + 0 + 0 + + + 5 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\dh.c + dh.c + 0 + 0 + + + 5 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\dsa.c + dsa.c + 0 + 0 + + + 5 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ecc.c + ecc.c + 0 + 0 + + + 5 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 0 + 0 + + + 5 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\error.c + error.c + 0 + 0 + + + 5 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\hc128.c + hc128.c + 0 + 0 + + + 5 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\hmac.c + hmac.c + 0 + 0 + + + 5 + 41 + 1 + 0 + 0 + 19 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\integer.c + integer.c + 0 + 0 + + + 5 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\logging.c + logging.c + 0 + 0 + + + 5 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md2.c + md2.c + 0 + 0 + + + 5 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md4.c + md4.c + 0 + 0 + + + 5 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\md5.c + md5.c + 0 + 0 + + + 5 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\memory.c + memory.c + 0 + 0 + + + 5 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\misc.c + misc.c + 0 + 0 + + + 5 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\wc_port.c + wc_port.c + 0 + 0 + + + 5 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\pwdbased.c + pwdbased.c + 0 + 0 + + + 5 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\rabbit.c + rabbit.c + 0 + 0 + + + 5 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\random.c + random.c + 0 + 0 + + + 5 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\ripemd.c + ripemd.c + 0 + 0 + + + 5 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\rsa.c + rsa.c + 0 + 0 + + + 5 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha.c + sha.c + 0 + 0 + + + 5 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha256.c + sha256.c + 0 + 0 + + + 5 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\sha512.c + sha512.c + 0 + 0 + + + 5 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\..\..\ctaocrypt\src\tfm.c + tfm.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 6 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\File_Config.c + File_Config.c + 0 + 0 + + + 6 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\Net_Config.c + Net_Config.c + 0 + 0 + + + 6 + 60 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config.h + config.h + 0 + 0 + + + 6 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\RTX_Conf_CM.c + RTX_Conf_CM.c + 0 + 0 + + + 6 + 62 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\config\Net_Debug.c + Net_Debug.c + 0 + 0 + + + 6 + 63 + 5 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + ..\MDK-ARM\CyaSSL\config-FS.h + config-FS.h + 0 + 0 + + + 6 + 64 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + config-RTX-TCP-FS.h + 0 + 0 + + + 6 + 65 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + config-BARE-METAL.h + 0 + 0 + + + 6 + 66 + 2 + 0 + 0 + 0 + 0 + 152 + 169 + 0 + ..\MDK-ARM\config\startup_stm32f2xx.s + startup_stm32f2xx.s + 0 + 0 + + + + + CyaSSL-MDK + 1 + 0 + 0 + 0 + + 7 + 67 + 1 + 0 + 0 + 0 + 0 + 182 + 222 + 0 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 0 + 0 + + + 7 + 68 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + ..\MDK-ARM\CyaSSL\Retarget.c + Retarget.c + 0 + 0 + + + 7 + 69 + 1 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + ..\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + time-STM32F2xx.c + 0 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj new file mode 100644 index 000000000..f7cf9b176 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/Projects/MDK-ARM-STM32F2xx.uvproj @@ -0,0 +1,3964 @@ + + + + 1.1 + +
### uVision Project, (C) Keil Software
+ + + + MDK-RTX-TCP-FS + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000-0x2001FFFF) IROM(0x8000000-0x80FFFFF) CLOCK(25000000) CPUTYPE("Cortex-M3") + + "STARTUP\ST\STM32F2xx\startup_stm32f2xx.s" ("STM32F2xx Startup Code") + UL2CM3(-O207 -S0 -C0 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000) + 5124 + stm32f2xx.h + + + + + + + + + + SFD\ST\STM32F2xx\STM32F20x.sfr + 0 + + + + ST\STM32F2xx\ + ST\STM32F2xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-RTX-TCP-FS\ + STM32F2xx-MDK-RTX-TCP-FS + 1 + 0 + 0 + 1 + 1 + .\Flash\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 1 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_STM32F2xx __DBG_ITM __RTX MDK_CONF_RTX_TCP_FS + + ..\MDK-ARM\CyaSSL;C:..\STM32F2xx_StdPeriph_Lib\inc;..\..\..\ + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + server.c + 1 + ..\..\..\examples\server\server.c + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + STM32F2xx_StdPeriph_Lib + + + MDK-ARM + + + Serial.c + 1 + c:\Keil\ARM\Boards\Keil\MCBSTM32F200\RL\FlashFS\SD_File\Serial.c + + + SDIO_STM32F2xx.c + 1 + c:\Keil\ARM\RL\FlashFS\Drivers\SDIO_STM32F2xx.c + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + ETH_STM32F2xx.c + 1 + c:\Keil\ARM\RL\TCPnet\Drivers\ETH_STM32F2xx.c + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + system_stm32f2xx.c + 1 + C:\Keil\ARM\Startup\ST\STM32F2xx\system_stm32f2xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + internal.c + 1 + ..\..\..\src\internal.c + + + io.c + 1 + ..\..\..\src\io.c + + + keys.c + 1 + ..\..\..\src\keys.c + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + tls.c + 1 + ..\..\..\src\tls.c + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_stm32f2xx.s + 2 + ..\MDK-ARM\config\startup_stm32f2xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-STM32F2xx.c + 1 + ..\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + + + + + + + MDK-FS + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000-0x2001FFFF) IROM(0x8000000-0x80FFFFF) CLOCK(25000000) CPUTYPE("Cortex-M3") + + "STARTUP\ST\STM32F2xx\startup_stm32f2xx.s" ("STM32F2xx Startup Code") + UL2CM3(-O207 -S0 -C0 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000) + 5124 + stm32f2xx.h + + + + + + + + + + SFD\ST\STM32F2xx\STM32F20x.sfr + 0 + + + + ST\STM32F2xx\ + ST\STM32F2xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-FS\ + STM32F2xx-MDK-FS + 1 + 0 + 0 + 1 + 1 + .\Flash\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_STM32F2xx __DBG_ITM MDK_CONF_FS + + ..\MDK-ARM\CyaSSL;..\MDK-ARM\inc;..\STM32F2xx_StdPeriph_Lib\inc;..\POSIX\..\..\..\ + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + server.c + 1 + ..\..\..\examples\server\server.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + STM32F2xx_StdPeriph_Lib + + + MDK-ARM + + + Serial.c + 1 + c:\Keil\ARM\Boards\Keil\MCBSTM32F200\RL\FlashFS\SD_File\Serial.c + + + SDIO_STM32F2xx.c + 1 + c:\Keil\ARM\RL\FlashFS\Drivers\SDIO_STM32F2xx.c + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + ETH_STM32F2xx.c + 1 + c:\Keil\ARM\RL\TCPnet\Drivers\ETH_STM32F2xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + system_stm32f2xx.c + 1 + C:\Keil\ARM\Startup\ST\STM32F2xx\system_stm32f2xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + internal.c + 1 + ..\..\..\src\internal.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + io.c + 1 + ..\..\..\src\io.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + keys.c + 1 + ..\..\..\src\keys.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + tls.c + 1 + ..\..\..\src\tls.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_stm32f2xx.s + 2 + ..\MDK-ARM\config\startup_stm32f2xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-STM32F2xx.c + 1 + ..\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + + + + + + + MDK-BARE-METAL + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000-0x2001FFFF) IROM(0x8000000-0x80FFFFF) CLOCK(25000000) CPUTYPE("Cortex-M3") + + "STARTUP\ST\STM32F2xx\startup_stm32f2xx.s" ("STM32F2xx Startup Code") + UL2CM3(-O207 -S0 -C0 -FO7 -FD20000000 -FC800 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000) + 5124 + stm32f2xx.h + + + + + + + + + + SFD\ST\STM32F2xx\STM32F20x.sfr + 0 + + + + ST\STM32F2xx\ + ST\STM32F2xx\ + + 0 + 0 + 0 + 0 + 1 + + .\MDK-BARE-METAL\ + STM32F2xx-MDK-BARE-METAL + 1 + 0 + 0 + 1 + 1 + .\Flash\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + + + SARMCM3.DLL + -MPU + DARMSTM.DLL + -pSTM32F207IG + SARMCM3.DLL + -MPU + TARMSTM.DLL + -pSTM32F207IG + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 0 + 1 + 1 + 1 + 0 + 1 + 0 + + 0 + 9 + + + + + + + + + + + + + ..\MDK-ARM\config\STM32_SWO.ini + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H CYASSL_STM32F2xx __DBG_ITM MDK_CONF_BARE_METAL + + ..\MDK-ARM\CyaSSL;..\MDK-ARM\inc;..\STM32F2xx_StdPeriph_Lib\inc;..\POSIX;..\..\..\ + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + CyaSSL Apps + + + echoclient.c + 1 + ..\..\..\examples\echoclient\echoclient.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + echoserver.c + 1 + ..\..\..\examples\echoserver\echoserver.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + test.c + 1 + ..\..\..\ctaocrypt\test\test.c + + + benchmark.c + 1 + ..\..\..\ctaocrypt\benchmark\benchmark.c + + + client.c + 1 + ..\..\..\examples\client\client.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + server.c + 1 + ..\..\..\examples\server\server.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + shell.c + 1 + ..\MDK-ARM\CyaSSL\shell.c + + + main.c + 1 + ..\MDK-ARM\CyaSSL\main.c + + + cert_data.c + 1 + ..\MDK-ARM\CyaSSL\cert_data.c + + + + + STM32F2xx_StdPeriph_Lib + + + MDK-ARM + + + Serial.c + 1 + c:\Keil\ARM\Boards\Keil\MCBSTM32F200\RL\FlashFS\SD_File\Serial.c + + + SDIO_STM32F2xx.c + 1 + c:\Keil\ARM\RL\FlashFS\Drivers\SDIO_STM32F2xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + FS_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\FS_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + RTX_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\\RTX_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + ETH_STM32F2xx.c + 1 + c:\Keil\ARM\RL\TCPnet\Drivers\ETH_STM32F2xx.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + TCPD_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCPD_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + TCP_CM3.lib + 4 + c:\Keil\ARM\RV31\LIB\TCP_CM3.lib + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + + + system_stm32f2xx.c + 1 + C:\Keil\ARM\Startup\ST\STM32F2xx\system_stm32f2xx.c + + + + + CyaSSL Library + + + crl.c + 1 + ..\..\..\src\crl.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + internal.c + 1 + ..\..\..\src\internal.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + io.c + 1 + ..\..\..\src\io.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + keys.c + 1 + ..\..\..\src\keys.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ocsp.c + 1 + ..\..\..\src\ocsp.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + sniffer.c + 1 + ..\..\..\src\sniffer.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ssl.c + 1 + ..\..\..\src\ssl.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + tls.c + 1 + ..\..\..\src\tls.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + ssl-dummy.c + 1 + ..\MDK-ARM\CyaSSL\ssl-dummy.c + + + + + Crypt/Cipher Library + + + aes.c + 1 + ..\..\..\ctaocrypt\src\aes.c + + + arc4.c + 1 + ..\..\..\ctaocrypt\src\arc4.c + + + asm.c + 1 + ..\..\..\ctaocrypt\src\asm.c + + + asn.c + 1 + ..\..\..\ctaocrypt\src\asn.c + + + camellia.c + 1 + ..\..\..\ctaocrypt\src\camellia.c + + + coding.c + 1 + ..\..\..\ctaocrypt\src\coding.c + + + des3.c + 1 + ..\..\..\ctaocrypt\src\des3.c + + + dh.c + 1 + ..\..\..\ctaocrypt\src\dh.c + + + dsa.c + 1 + ..\..\..\ctaocrypt\src\dsa.c + + + ecc.c + 1 + ..\..\..\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + ..\..\..\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + ..\..\..\ctaocrypt\src\error.c + + + hc128.c + 1 + ..\..\..\ctaocrypt\src\hc128.c + + + hmac.c + 1 + ..\..\..\ctaocrypt\src\hmac.c + + + integer.c + 1 + ..\..\..\ctaocrypt\src\integer.c + + + logging.c + 1 + ..\..\..\ctaocrypt\src\logging.c + + + md2.c + 1 + ..\..\..\ctaocrypt\src\md2.c + + + md4.c + 1 + ..\..\..\ctaocrypt\src\md4.c + + + md5.c + 1 + ..\..\..\ctaocrypt\src\md5.c + + + memory.c + 1 + ..\..\..\ctaocrypt\src\memory.c + + + misc.c + 1 + ..\..\..\ctaocrypt\src\misc.c + + + wc_port.c + 1 + ..\..\..\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + ..\..\..\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + ..\..\..\ctaocrypt\src\rabbit.c + + + random.c + 1 + ..\..\..\ctaocrypt\src\random.c + + + ripemd.c + 1 + ..\..\..\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + ..\..\..\ctaocrypt\src\rsa.c + + + sha.c + 1 + ..\..\..\ctaocrypt\src\sha.c + + + sha256.c + 1 + ..\..\..\ctaocrypt\src\sha256.c + + + sha512.c + 1 + ..\..\..\ctaocrypt\src\sha512.c + + + tfm.c + 1 + ..\..\..\ctaocrypt\src\tfm.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + + + Configuration + + + File_Config.c + 1 + ..\MDK-ARM\config\File_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Config.c + 1 + ..\MDK-ARM\config\Net_Config.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config.h + 5 + ..\MDK-ARM\CyaSSL\config.h + + + RTX_Conf_CM.c + 1 + ..\MDK-ARM\config\RTX_Conf_CM.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + Net_Debug.c + 1 + ..\MDK-ARM\config\Net_Debug.c + + + 2 + 0 + 0 + 0 + 0 + 0 + 2 + 2 + 2 + 2 + 11 + + + + + + 2 + 0 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 2 + 0 + 2 + 2 + + + + + + + + + + + + config-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-FS.h + + + config-RTX-TCP-FS.h + 5 + ..\MDK-ARM\CyaSSL\config-RTX-TCP-FS.h + + + config-BARE-METAL.h + 5 + ..\MDK-ARM\CyaSSL\config-BARE-METAL.h + + + startup_stm32f2xx.s + 2 + ..\MDK-ARM\config\startup_stm32f2xx.s + + + + + CyaSSL-MDK + + + cyassl_MDK_ARM.c + 1 + ..\MDK-ARM\CyaSSL\cyassl_MDK_ARM.c + + + Retarget.c + 1 + ..\MDK-ARM\CyaSSL\Retarget.c + + + time-STM32F2xx.c + 1 + ..\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c new file mode 100644 index 000000000..e2912d19f --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK-ARM/STM32F2xx_StdPeriph_Lib/time-STM32F2xx.c @@ -0,0 +1,299 @@ +/* main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +#define PERIPH_BASE ((uint32_t)0x40000000) +/*----------------------------------------------------------------------------- + * initialize RTC + *----------------------------------------------------------------------------*/ +#include "stm32f2xx.h" + +#define assert_param(a) + +#define RTC_RSF_MASK ((uint32_t)0xFFFFFF5F) +#define SYNCHRO_TIMEOUT ((uint32_t) 0x00008000) +#define Bcd2ToByte(v) \ + ((((uint8_t)(v & (uint8_t)0xF0) >> (uint8_t)0x4) * 10) + (v & (uint8_t)0x0F)) +#define RTC_TR_RESERVED_MASK ((uint32_t)0x007F7F7F) +#define RTC_TR_MNT ((uint32_t)0x00007000) +#define RTC_TR_MNU ((uint32_t)0x00000F00) + +#define PWR_OFFSET (PWR_BASE - PERIPH_BASE) +#define CR_OFFSET (PWR_OFFSET + 0x00) +#define DBP_BitNumber 0x08 +#define CR_DBP_BB (PERIPH_BB_BASE + (CR_OFFSET * 32) + (DBP_BitNumber * 4)) +#define RTC_INIT_MASK ((uint32_t)0xFFFFFFFF) +#define INITMODE_TIMEOUT ((uint32_t) 0x00010000) + +static void init_RTC() +{ + __IO uint32_t initcounter = 0x00 ; + uint32_t initstatus = 0x00; /* Enable the PWR clock : RCC_APB1Periph_PWR */ + ((uint32_t *)RCC)[0x10] |= ((uint32_t)0x10000000) ; + + /* Allow access to RTC */ + *(__IO uint32_t *) CR_DBP_BB = ENABLE ; + /* RCC_LSEConfig(RCC_LSE_ON) */ + *(__IO uint8_t *) (RCC_BASE + 0x70) = ((uint8_t)0x00); + /* Reset LSEBYP bit */ + *(__IO uint8_t *) (RCC_BASE + 0x70) = ((uint8_t)0x00); + *(__IO uint8_t *) (RCC_BASE + 0x70) = ((uint8_t)0x01); + /* Wait till LSE is ready */ + while((RCC->BDCR << 0x2) == 0x0) { } + /* Select the RTC clock source: RCC_RTCCLKSource_LSE */ + ((RCC_TypeDef *)RCC)->BDCR |= (uint32_t)0x00000100; + + /* Enable the RTC Clock */ + *(__IO uint32_t *) (PERIPH_BB_BASE + (((RCC_BASE - PERIPH_BASE)+ 0x70) * 32) + (0x0F* 4)) = (uint32_t)ENABLE; + + *(__IO uint32_t *) CR_DBP_BB = (uint32_t)ENABLE; + RTC->ISR = (uint32_t) RTC_INIT_MASK; + do { + initstatus = RTC->ISR & RTC_ISR_INITF; + initcounter++; + } while((initcounter != INITMODE_TIMEOUT) && (initstatus == 0x00)); + + /* Disable the write protection for RTC registers */ + RTC->WPR = 0xCA; + RTC->WPR = 0x53; + + RTC->CR &= ((uint32_t)~(RTC_CR_FMT)); /* Clear RTC CR FMT Bit */ + /* Set RTC_CR register */ + RTC->CR |= ((uint32_t)0x00000000) ; /* RTC_HourFormat_24 */ + + /* Configure the RTC PRER */ + RTC->PRER = 0x7f ; + RTC->PRER |= (uint32_t)(0xff << 16); + + /* Exit Initialization mode */ + RTC->ISR &= (uint32_t)~RTC_ISR_INIT; + + /* Enable the write protection for RTC registers */ + RTC->WPR = 0xFF; +} + +/*----------------------------------------------------------------------------- + * initialize TIM + *----------------------------------------------------------------------------*/ +#define RCC_APB1Periph_TIM2 ((uint32_t)0x00000001) + +static void init_TIM() +{ + uint16_t tmpcr1 = 0; + + ((uint32_t *)RCC)[0x10] |= RCC_APB1Periph_TIM2 ; + + tmpcr1 = TIM2->CR1 ; + tmpcr1 &= (uint16_t) (~(((uint16_t)0x0010) | ((uint16_t)0x0060) )); + /* CR1 &= ~(TIM_CR1_DIR | TIM_CR1_CMS) */ + tmpcr1 |= (uint16_t)0x0000 ; /* CR1 |= TIM_CounterMode_Up */ + TIM2->CR1= tmpcr1 ; + + TIM2->ARR = 0xffffffff ; /* ARR= TIM_Period */ + TIM2->PSC = 60 ; /* PSC = TIM_Prescaler */ + TIM2->EGR = ((uint16_t)0x0001) ; /* EGR = TIM_PSCReloadMode_Immediate */ + + *(uint16_t *)(PERIPH_BASE+0x0) |=((uint16_t)0x0001) ; + /* TIM_Cmd(TIM2, ENABLE) ; */ +} + +void init_time(void) { + init_RTC() ; + init_TIM() ; +} + +static void GetTime(uint8_t *h, uint8_t *m, uint8_t *s) +{ + uint32_t tmpreg = 0; + tmpreg = (uint32_t)(RTC->TR & RTC_TR_RESERVED_MASK); + *h = (uint8_t)Bcd2ToByte((uint8_t)((tmpreg & (RTC_TR_HT | RTC_TR_HU)) >> 16)); + *m = (uint8_t)Bcd2ToByte((uint8_t)((tmpreg & (RTC_TR_MNT | RTC_TR_MNU)) >>8)); + *s = (uint8_t)Bcd2ToByte((tmpreg & (RTC_TR_ST | RTC_TR_SU))); +} + +static uint32_t ByteToBcd2(uint8_t Value) +{ + uint8_t bcdhigh = 0; + while (Value >= 10) { + bcdhigh++; + Value -= 10; + } + return ((uint8_t)(bcdhigh << 4) | Value); +} + +static void SetTime(uint8_t h, uint8_t m, uint8_t s) +{ + __IO uint32_t synchrocounter = 0; + uint32_t synchrostatus = 0x00; + __IO uint32_t initcounter = 0; + uint32_t initstatus = 0x00; + uint32_t tmpreg ; + + tmpreg = ((ByteToBcd2(h) << 16) | (ByteToBcd2(m) << 8) | ByteToBcd2(s)) ; + /* Disable the write protection for RTC registers */ + RTC->WPR = 0xCA; + RTC->WPR = 0x53; + RTC->ISR &= (uint32_t)~RTC_ISR_INIT; + + RTC->ISR = (uint32_t)RTC_INIT_MASK; + + /* Wait till RTC is in INIT state and if Time out is reached exit */ + do { + initstatus = RTC->ISR & RTC_ISR_INITF; + initcounter++; + } while((initcounter != INITMODE_TIMEOUT) && (initstatus == 0x00)); + + RTC->TR = (uint32_t)(tmpreg & RTC_TR_RESERVED_MASK); + + RTC->ISR &= (uint32_t)RTC_RSF_MASK; + /* Wait the registers to be synchronised */ + do { + synchrostatus = RTC->ISR & RTC_ISR_RSF; + synchrocounter++; + } while((synchrocounter != SYNCHRO_TIMEOUT) && (synchrostatus == 0x00)); + + RTC->WPR = 0xFF; +} + +static void GetDate(uint8_t *y, uint8_t *m, uint8_t *d) +{ + uint32_t tmpreg = 0; + tmpreg = (uint32_t)(RTC->DR & RTC_TR_RESERVED_MASK); + *y = (uint8_t)Bcd2ToByte((uint8_t)((tmpreg & (RTC_DR_YT|RTC_DR_YU)) >>16)); + *m = (uint8_t)Bcd2ToByte((uint8_t)((tmpreg & (RTC_DR_MT|RTC_DR_MU)) >> 8)); + *d = (uint8_t)Bcd2ToByte((uint8_t)(tmpreg & (RTC_DR_DT |RTC_DR_DU))); +} + +static void SetDate(uint8_t y, uint8_t m, uint8_t d) +{ + __IO uint32_t synchrocounter = 0; + uint32_t synchrostatus = 0x00; + __IO uint32_t initcounter = 0; + uint32_t initstatus = 0x00; + uint32_t tmpreg = 0 ; + + tmpreg = ((ByteToBcd2(y) << 16) | (ByteToBcd2(m) << 8) | ByteToBcd2(d)) ; + /* Disable the write protection for RTC registers */ + RTC->WPR = 0xCA; + RTC->WPR = 0x53; + RTC->ISR &= (uint32_t)~RTC_ISR_INIT; + + RTC->ISR = (uint32_t)RTC_INIT_MASK; + + /* Wait till RTC is in INIT state and if Time out is reached exit */ + do { + initstatus = RTC->ISR & RTC_ISR_INITF; + initcounter++; + } while((initcounter != INITMODE_TIMEOUT) && (initstatus == 0x00)); + + RTC->DR = (uint32_t)(tmpreg & RTC_TR_RESERVED_MASK); + + RTC->ISR &= (uint32_t)RTC_RSF_MASK; + /* Wait the registers to be synchronised */ + do { + synchrostatus = RTC->ISR & RTC_ISR_RSF; + synchrocounter++; + } while((synchrocounter != SYNCHRO_TIMEOUT) && (synchrostatus == 0x00)); + + RTC->WPR = 0xFF; +} + + +#include +void CYASSL_MSG(const char *msg) ; + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + uint8_t h, m, s ; + uint8_t y, mo, d ; + static struct tm date ; + + GetTime(&h, &m, &s) ; + GetDate(&y, &mo, &d) ; + + date.tm_year = y + 100 ; + date.tm_mon = mo - 1 ; + date.tm_mday = d ; + date.tm_hour = h ; + date.tm_min = m ; + date.tm_sec = s ; + + #if defined(DEBUG_CYASSL) + { + char msg[100] ; + sprintf(msg, + "Debug::Cyassl_KEIL_gmtime(DATE=/%2d/%02d/%04d TIME=%02d:%02d:%02d)\n", + d, mo, y+2000, h, m, s) ; + CYASSL_MSG(msg) ; + } + #endif + + return(&date) ; +} + +double current_time() +{ + return ((double)TIM2->CNT/1000000.0) ; +} + +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +void time_main(void *args) +{ + char * datetime ; + uint8_t h, m, s ; + uint8_t y, mo, d ; + + if( args == NULL || ((func_args *)args)->argc == 1) { + GetTime(&h, &m, &s) ; + GetDate(&y, &mo, &d) ; + printf("Date: %d/%d/%d, Time: %02d:%02d:%02d\n", + mo, d, y+2000, h, m, s) ; + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 'd' ) { + datetime = ((func_args *)args)->argv[2]; + sscanf(datetime, "%d/%d/%d", (int *)&mo, (int *)&d, (int *) &y) ; + SetDate(y-2000, mo, d) ; + } else if(((func_args *)args)->argc == 3 && + ((func_args *)args)->argv[1][0] == '-' && + ((func_args *)args)->argv[1][1] == 't' ) { + datetime = ((func_args *)args)->argv[2]; + sscanf(datetime, "%d:%d:%d", + (int *)&h, (int *)&m, (int *)&s) ; + SetTime(h, m, s) ; + } else printf("Invalid argument\n") ; +} + + +/******************************************************************* + time() +********************************************************************/ +time_t time(time_t * t) { return 0 ; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Conf/config-Crypt.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Conf/config-Crypt.h new file mode 100644 index 000000000..a11c3ef24 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Conf/config-Crypt.h @@ -0,0 +1,185 @@ +/* config-FS.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +// <<< Use Configuration Wizard in Context Menu >>> + +// wolfCrypt Configuration + +// Cert/Key Strage +// Cert Storage <0=> SD Card <1=> Mem Buff (1024bytes) <2=> Mem Buff (2048bytes) +#define MDK_CONF_CERT_BUFF 0 +#if MDK_CONF_CERT_BUFF== 1 +#define USE_CERT_BUFFERS_1024 +#elif MDK_CONF_CERT_BUFF == 2 +#define USE_CERT_BUFFERS_2048 +#endif +// + +// Crypt Algrithm + +// MD5, SHA, SHA-256, AES, RC4, ASN, RSA +// + +// MD2 +#define MDK_CONF_MD2 0 +#if MDK_CONF_MD2 == 1 +#define CYASSL_MD2 +#endif +// +// MD4 +#define MDK_CONF_MD4 1 +#if MDK_CONF_MD4 == 0 +#define NO_MD4 +#endif +// +// SHA-384 +// This has to be with SHA512 +#define MDK_CONF_SHA384 0 +#if MDK_CONF_SHA384 == 1 +#define CYASSL_SHA384 +#endif +// +// SHA-512 +#define MDK_CONF_SHA512 0 +#if MDK_CONF_SHA512 == 1 +#define CYASSL_SHA512 +#endif +// +// RIPEMD +#define MDK_CONF_RIPEMD 0 +#if MDK_CONF_RIPEMD == 1 +#define CYASSL_RIPEMD +#endif +// +// HMAC +#define MDK_CONF_HMAC 1 +#if MDK_CONF_HMAC == 0 +#define NO_HMAC +#endif +// +// HC128 +#define MDK_CONF_HC128 0 +#if MDK_CONF_HC128 == 1 +#define HAVE_HC128 +#endif +// +// RABBIT +#define MDK_CONF_RABBIT 1 +#if MDK_CONF_RABBI == 0 +#define NO_RABBIT +#endif +// + +// AEAD +#define MDK_CONF_AEAD 0 +#if MDK_CONF_AEAD == 1 +#define HAVE_AEAD +#endif +// +// DES3 +#define MDK_CONF_DES3 1 +#if MDK_CONF_DES3 == 0 +#define NO_DES3 +#endif +// +// CAMELLIA +#define MDK_CONF_CAMELLIA 0 +#if MDK_CONF_CAMELLIA == 1 +#define HAVE_CAMELLIA +#endif +// + +// DH +// need this for CYASSL_SERVER, OPENSSL_EXTRA +#define MDK_CONF_DH 1 +#if MDK_CONF_DH == 0 +#define NO_DH +#endif +// +// DSA +#define MDK_CONF_DSA 1 +#if MDK_CONF_DSA == 0 +#define NO_DSA +#endif +// +// PWDBASED +#define MDK_CONF_PWDBASED 1 +#if MDK_CONF_PWDBASED == 0 +#define NO_PWDBASED +#endif +// + +// ECC +#define MDK_CONF_ECC 0 +#if MDK_CONF_ECC == 1 +#define HAVE_ECC +#endif +// +// PSK +#define MDK_CONF_PSK 1 +#if MDK_CONF_PSK == 0 +#define NO_PSK +#endif +// +// AESCCM (Turn off Hardware Crypt) +#define MDK_CONF_AESCCM 0 +#if MDK_CONF_AESCCM == 1 +#define HAVE_AESCCM +#endif +// +// AESGCM (Turn off Hardware Crypt) +#define MDK_CONF_AESGCM 0 +#if MDK_CONF_AESGCM == 1 +#define HAVE_AESGCM +#define BUILD_AESGCM +#endif +// +// NTRU (need License, "crypto_ntru.h") +#define MDK_CONF_NTRU 0 +#if MDK_CONF_NTRU == 1 +#define HAVE_NTRU +#endif +// +// + +// Hardware Crypt (See document for usage) +// Hardware RNG +#define MDK_CONF_STM32F2_RNG 0 +#if MDK_CONF_STM32F2_RNG == 1 +#define STM32F2_RNG +#else + +#endif +// +// Hardware Crypt +#define MDK_CONF_STM32F2_CRYPTO 0 +#if MDK_CONF_STM32F2_CRYPTO == 1 +#define STM32F2_CRYPTO +#endif +// + +// + + + +// +// <<< end of configuration section >>> diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Conf/config-CyaSSL.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Conf/config-CyaSSL.h new file mode 100644 index 000000000..02ba94bd4 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Conf/config-CyaSSL.h @@ -0,0 +1,144 @@ +/* config-RTX-TCP-FS.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define HAVE_KEIL_RTX +#define CYASSL_CMSIS_RTOS +#define CYASSL_KEIL_TCP_NET + + +// <<< Use Configuration Wizard in Context Menu >>> +// CyaSSL Configuration + +// SSL (Included by default) +// + +// TLS +#define MDK_CONF_TLS 1 +#if MDK_CONF_TLS == 0 +#define NO_TLS +#endif +// + +// CRL +#define MDK_CONF_DER_LOAD 0 +#if MDK_CONF_DER_LOAD == 1 +#define CYASSL_DER_LOAD +#endif +// +// OpenSSL Extra +#define MDK_CONF_OPENSSL_EXTRA 1 +#if MDK_CONF_OPENSSL_EXTRA == 1 +#define OPENSSL_EXTRA +#endif +// +// + +// Cert/Key Generation +// CertGen +#define MDK_CONF_CERT_GEN 0 +#if MDK_CONF_CERT_GEN == 1 +#define CYASSL_CERT_GEN +#endif +// +// KeyGen +#define MDK_CONF_KEY_GEN 0 +#if MDK_CONF_KEY_GEN == 1 +#define CYASSL_KEY_GEN +#endif +// +// + +// Others + +// Inline +#define MDK_CONF_INLINE 0 +#if MDK_CONF_INLINE == 0 +#define NO_INLINE +#endif +// +// Debug +// Debug Message +#define MDK_CONF_DebugMessage 0 +#if MDK_CONF_DebugMessage == 1 +#define DEBUG_CYASSL +#endif +// +// Check malloc +#define MDK_CONF_CheckMalloc 1 +#if MDK_CONF_CheckMalloc == 1 +#define CYASSL_MALLOC_CHECK +#endif +// + + +// +// ErrNo.h +#define MDK_CONF_ErrNo 0 +#if MDK_CONF_ErrNo == 1 +#define HAVE_ERRNO +#endif +// +// Error Strings +#define MDK_CONF_ErrorStrings 1 +#if MDK_CONF_ErrorStrings == 0 +#define NO_ERROR_STRINGS +#endif +// +// zlib (need "zlib.h") +#define MDK_CONF_LIBZ 0 +#if MDK_CONF_LIBZ == 1 +#define HAVE_LIBZ +#endif +// +// CAVIUM (need CAVIUM headers) +#define MDK_CONF_CAVIUM 0 +#if MDK_CONF_CAVIUM == 1 +#define HAVE_CAVIUM +#endif +// +// Small Stack +#define MDK_CONF_SmallStack 1 +#if MDK_CONF_SmallStack == 0 +#define NO_CYASSL_SMALL_STACK +#endif +// +// Use Fast Math +#define MDK_CONF_FASTMATH 0 +#if MDK_CONF_FASTMATH == 1 +#define USE_FAST_MATH +#endif +// +// + +// <<< end of configuration section >>> diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Docs/CyaSSLManual-TableofContents.htm b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Docs/CyaSSLManual-TableofContents.htm new file mode 100644 index 000000000..2f90e2972 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Docs/CyaSSLManual-TableofContents.htm @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Docs/CyaSSLManual-wolfCryptUsageReference.htm b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Docs/CyaSSLManual-wolfCryptUsageReference.htm new file mode 100644 index 000000000..d860715fd --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Docs/CyaSSLManual-wolfCryptUsageReference.htm @@ -0,0 +1 @@ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/cert_data.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/cert_data.h new file mode 100644 index 000000000..6629ee051 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/cert_data.h @@ -0,0 +1,39 @@ +#ifndef CYASSL_CERT_DATA_H +#define CYASSL_CERT_DATA_H + +#ifdef USE_CERT_BUFFERS_1024 +extern const unsigned char client_key_der_1024[] ; +extern int sizeof_client_key_der_1024 ; +/* ./certs/1024/client-cert.der, 1024-bit */ +extern const unsigned char client_cert_der_1024[] ; +extern int sizeof_client_cert_der_1024 ; +/* ./certs/1024/dh1024.der, 1024-bit */ +extern const unsigned char dh_key_der_1024[] ; +extern int sizeof_dh_key_der_1024 ; +/* ./certs/1024/dsa1024.der, 1024-bit */ +extern const unsigned char dsa_key_der_1024[] ; +extern int sizeof_dsa_key_der_1024 ; +/* ./certs/1024/rsa1024.der, 1024-bit */ +extern const unsigned char rsa_key_der_1024[] ; +extern int sizeof_rsa_key_der_1024 ; + +#elif defined(USE_CERT_BUFFERS_2048) +/* ./certs/client-key.der, 2048-bit */ +extern const unsigned char client_key_der_2048[] ; +extern int sizeof_client_key_der_2048 ; +/* ./certs/client-cert.der, 2048-bit */ +extern const unsigned char client_cert_der_2048[] ; +extern int sizeof_client_cert_der_2048 ; +/* ./certs/dh2048.der, 2048-bit */ +extern const unsigned char dh_key_der_2048[] ; +extern int sizeof_dh_key_der_2048 ; +/* ./certs/dsa2048.der, 2048-bit */ +extern const unsigned char dsa_key_der_2048[] ; +extern int sizeof_dsa_key_der_2048; +/* ./certs/rsa2048.der, 2048-bit */ +extern const unsigned char rsa_key_der_2048[] ; +extern int sizeof_rsa_key_der_2048 ; +#endif + +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/config.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/config.h new file mode 100644 index 000000000..8cf08b1b4 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/config.h @@ -0,0 +1,62 @@ +/* config.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define CYASSL_MDK5 +#define CYASSL_CMSIS_RTOS + +#define NO_WRITEV +#define NO_CYASSL_DIR +#define BENCH_EMBEDDED + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER +#define NO_MAIN_DRIVER + +#if defined(MDK_CONF_CYASSL) +#define CYASSL_MDK_SHELL +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_SimpleClient) +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_SimpleServer) +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_EchoClient) +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_EchoServer) +#include "config-Crypt.h" +#include "config-CyaSSL.h" +#elif defined(MDK_CONF_Benchmark) +#define SINGLE_THREADED +#define NO_INLINE +#include "config-Crypt.h" +#elif defined(MDK_CONF_CryptTest) +#define SINGLE_THREADED +#define NO_INLINE +#include "config-Crypt.h" + +#endif + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h new file mode 100644 index 000000000..e99e9b8b0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Inc/cyassl_MDK_ARM.h @@ -0,0 +1,106 @@ +/* cyassl_KEIL_RL.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/******************************************************************************/ +/** This file is for defining types, values for specific to KEIL-MDK-ARM. **/ +/******************************************************************************/ +#ifndef CYASSL_KEIL_RL_H +#define CYASSL_KEIL_RL_H + + + +#include + +/* Go to STDIN */ +#define fgets(buff, sz, fd) Cyassl_fgets(buff, sz, fd) +extern char * Cyassl_fgets ( char * str, int num, FILE * f ) ; + +#define SOCKET_T int + +/*** #include ***/ +#define NUMBITSPERBYTE 8 +#define FD_SETSIZE 10 + +typedef long fd_mask; +#define NFDBITS (sizeof(fd_mask) * NUMBITSPERBYTE) /* bits per mask */ + +typedef struct fd_set { + fd_mask fds_bits[(FD_SETSIZE + NFDBITS - 1) / NFDBITS]; +} fd_set; + +/*** #include ***/ +struct timeval { + long tv_sec; /* seconds */ + long tv_usec; /* microseconds */ +}; + + +#if defined(CYASSL_KEIL_TCP_NET) + + +#if defined(CYASSL_MDK5) +#define SCK_EWOULDBLOCK BSD_ERROR_WOULDBLOCK +#define SCK_ETIMEOUT BSD_ERROR_TIMEOUT +#include "rl_net.h" +#endif + +typedef int socklen_t ; + +/* for avoiding conflict with KEIL-TCPnet BSD socket */ +/* Bodies are in cyassl_KEIL_RL.c */ +#define connect Cyassl_connect +#define accept Cyassl_accept +#define recv Cyassl_recv +#define send Cyassl_send +#define sleep Cyassl_sleep + +/* for avoiding conflicting with KEIL-TCPnet TCP socket */ +/* Bodies are in test.h */ +#define tcp_connect Cyassl_tcp_connect +#define tcp_socket Cyassl_tcp_soket +#define tcp_listen Cyassl_tcp_listen +#define tcp_select Cyassl_tcp_select + +extern int Cyassl_connect(int sd, const struct sockaddr * sa, int sz) ; +extern int Cyassl_accept(int sd, struct sockaddr *addr, socklen_t *addrlen); +extern int Cyassl_recv(int sd, void *buf, size_t len, int flags); +extern int Cyassl_send(int sd, const void *buf, size_t len, int flags); +extern void Cyassl_sleep(int sec) ; +extern int Cyassl_tcp_select(int sd, int timeout) ; + +/** KEIL-RL TCPnet ****/ +/* TCPnet BSD socket does not have following functions. */ +extern char *inet_ntoa(struct in_addr in); +extern unsigned long inet_addr(const char *cp); +extern int setsockopt(int sockfd, int level, int optname, + const void *optval, socklen_t optlen); +extern int select(int nfds, fd_set *readfds, fd_set *writefds, + fd_set *exceptfds, const struct timeval *timeout); + +#endif /* CYASSL_KEIL_TCP_NET */ + + +/* CyaSSL MDK-ARM time functions */ +#include +struct tm *Cyassl_MDK_gmtime(const time_t *c) ; +extern double current_time(void) ; + +#endif /* CYASSL_KEIL_RL_H */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt new file mode 100644 index 000000000..b929f9bc9 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/Abstract.txt @@ -0,0 +1,15 @@ +This program is a simple benchmark of wolfCrypt library. + +In order to run this benchmark, copy +{PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory. + +For benchmark configuration, refer config-Crypt.h. + +For the hardware crypt on config-Crypt.h, download +STSW-STM32062: STM32F2xx standard peripherals library at +http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to + {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib + +Support +------- +Please send questions or comments to support@wolfssl.com diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx new file mode 100644 index 000000000..4217560bf --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvoptx @@ -0,0 +1,1169 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + CryptBenchmark + 0x4 + ARM-ADS + + 120000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM3 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + DLGUARM + + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 ) -FN1 -FC1000 -FD20000000 -FF0STM32F2xx_1024 -FL0100000 -FS08000000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.FLM) + + + + + + 1 + 8 + 0x20000408 + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 40 + 62 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\benchmark.c + benchmark.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 3 + 5 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 4 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\settings.h + settings.h + 0 + 0 + + + + + Documentation + 1 + 0 + 0 + 0 + + 3 + 5 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + Devices + 1 + 0 + 0 + 0 + + 4 + 6 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-CortexM3-4.c + time-CortexM3-4.c + 0 + 0 + + + 4 + 7 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + + + ::CMSIS + 1 + 0 + 0 + 1 + + 5 + 8 + 1 + 0 + 0 + 0 + 0 + 205 + 218 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 5 + 9 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 1 + 0 + 0 + 1 + + 6 + 10 + 5 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 6 + 11 + 2 + 0 + 0 + 0 + 0 + 166 + 179 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 6 + 12 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 6 + 13 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 6 + 14 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 7 + 15 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 8 + 16 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 8 + 17 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 8 + 18 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 0 + 0 + 0 + 1 + + 9 + 19 + 5 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 9 + 20 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 9 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + 9 + 22 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\ssl-dummy.c + ssl-dummy.c + 1 + 0 + + + 9 + 23 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 9 + 24 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 9 + 25 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 9 + 26 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 9 + 27 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 9 + 28 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 9 + 29 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 9 + 30 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 9 + 31 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 9 + 32 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 9 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 9 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 9 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 9 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 9 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 9 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 9 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 9 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 9 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 9 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 9 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 9 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 9 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 9 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + 9 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 9 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 9 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 9 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 9 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 9 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 9 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 9 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 9 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx new file mode 100644 index 000000000..6382ff2c5 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/CryptBenchmark.uvprojx @@ -0,0 +1,945 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + CryptBenchmark + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + CryptBenchmark + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_Benchmark + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + main.c + 1 + .\main.c + + + benchmark.c + 1 + .\benchmark.c + + + + + Configuration + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + .\RTE\wolfSSL\settings.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + Devices + + + time-CortexM3-4.c + 1 + .\time-CortexM3-4.c + + + time-dummy.c + 1 + .\time-dummy.c + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + ssl-dummy.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\ssl-dummy.c + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + RTE\Network\Net_Debug.c + + + + + + RTE\Other\config-Crypt.h + + + + + + RTE\Other\config-FS.h + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/settings.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/settings.h new file mode 100644 index 000000000..a506755ff --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/RTE/wolfSSL/settings.h @@ -0,0 +1,667 @@ +/* settings.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using PIC32MZ Crypto Engine */ +/* #define CYASSL_MICROCHIP_PIC32MZ */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + +/* Uncomment next line if using LwIP native TCP socket settings */ +/* #define HAVE_LWIP_NATIVE */ + +/* Uncomment next line if building for EROAD */ +/* #define CYASSL_EROAD */ + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef CYASSL_USER_SETTINGS + #include +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ + #define CYASSL_LWIP + #define NO_WRITEV + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_FILESYSTEM +#endif + +#ifdef MICROCHIP_PIC32 + /* #define CYASSL_MICROCHIP_PIC32MZ */ + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef CYASSL_MICROCHIP_PIC32MZ + #define CYASSL_PIC32MZ_CE + #define CYASSL_PIC32MZ_CRYPT + #define HAVE_AES_ENGINE + #define CYASSL_PIC32MZ_RNG + /* #define CYASSL_PIC32MZ_HASH */ + #define CYASSL_AES_COUNTER + #define HAVE_AESGCM + #define NO_BIG_INT + +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "system/system_services.h" + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define CYASSL_USER_IO + #define NO_FILESYSTEM + #define NO_CERT + #define USE_CERT_BUFFERS_1024 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define HAVE_ECC + #define NO_SESSION_CACHE + #define CYASSL_CMSIS_RTOS +#endif + + +#ifdef CYASSL_EROAD + #define FREESCALE_MQX + #define FREESCALE_MMCAU + #define SINGLE_THREADED + #define NO_STDIO_FILESYSTEM + #define CYASSL_LEANPSK + #define HAVE_NULL_CIPHER + #define NO_OLD_TLS + #define NO_ASN + #define NO_BIG_INT + #define NO_RSA + #define NO_DSA + #define NO_DH + #define NO_CERTS + #define NO_PWDBASED + #define NO_DES3 + #define NO_MD4 + #define NO_RC4 + #define NO_MD5 + #define NO_SESSION_CACHE + #define NO_MAIN_DRIVER +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) && !defined(CYASSL_EROAD) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c new file mode 100644 index 000000000..2cccd362a --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/benchmark.c @@ -0,0 +1,1222 @@ +/* benchmark.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* CTaoCrypt benchmark */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif + +#if defined(CYASSL_MDK_ARM) + extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; + #define fopen CyaSSL_fopen +#endif + +#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) + /* include test cert and key buffers for use with NO_FILESYSTEM */ + #if defined(CYASSL_MDK_ARM) + #include "cert_data.h" /* use certs_test.c for initial data, + so other commands can share the data. */ + #else + #include + #endif +#endif + + +#ifdef HAVE_BLAKE2 + #include + void bench_blake2(void); +#endif + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable: 4996) +#endif + +void bench_des(void); +void bench_arc4(void); +void bench_hc128(void); +void bench_rabbit(void); +void bench_aes(int); +void bench_aesgcm(void); +void bench_aesccm(void); +void bench_aesctr(void); +void bench_camellia(void); + +void bench_md5(void); +void bench_sha(void); +void bench_sha256(void); +void bench_sha512(void); +void bench_ripemd(void); + +void bench_rsa(void); +void bench_rsaKeyGen(void); +void bench_dh(void); +#ifdef HAVE_ECC +void bench_eccKeyGen(void); +void bench_eccKeyAgree(void); +#endif + +double current_time(int); + + +#ifdef HAVE_CAVIUM + +static int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif + + +/* so embedded projects can pull in tests on their own */ +#if !defined(NO_MAIN_DRIVER) + +int main(int argc, char** argv) + +{ + (void)argc; + (void)argv; +#else +int benchmark_test(void *args) +{ +#endif + + #ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) { + printf("Cavium OpenNitroxDevice failed\n"); + exit(-1); + } +#endif /* HAVE_CAVIUM */ +#ifndef NO_AES + bench_aes(0); + bench_aes(1); +#endif +#ifdef HAVE_AESGCM + bench_aesgcm(); +#endif + +#ifdef CYASSL_AES_COUNTER + bench_aesctr(); +#endif + +#ifdef HAVE_AESCCM + bench_aesccm(); +#endif +#ifdef HAVE_CAMELLIA + bench_camellia(); +#endif +#ifndef NO_RC4 + bench_arc4(); +#endif +#ifdef HAVE_HC128 + bench_hc128(); +#endif +#ifndef NO_RABBIT + bench_rabbit(); +#endif +#ifndef NO_DES3 + bench_des(); +#endif + + printf("\n"); + +#ifndef NO_MD5 + bench_md5(); +#endif +#ifndef NO_SHA + bench_sha(); +#endif +#ifndef NO_SHA256 + bench_sha256(); +#endif +#ifdef CYASSL_SHA512 + bench_sha512(); +#endif +#ifdef CYASSL_RIPEMD + bench_ripemd(); +#endif +#ifdef HAVE_BLAKE2 + bench_blake2(); +#endif + + printf("\n"); + +#ifndef NO_RSA + bench_rsa(); +#endif + +#ifndef NO_DH + bench_dh(); +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) + bench_rsaKeyGen(); +#endif + +#ifdef HAVE_ECC + bench_eccKeyGen(); + bench_eccKeyAgree(); +#endif + + return 0; +} + + +#ifdef BENCH_EMBEDDED +enum BenchmarkBounds { + numBlocks = 25, /* how many kB to test (en/de)cryption */ + ntimes = 1, + genTimes = 5, /* public key iterations */ + agreeTimes = 5 +}; +static const char blockType[] = "kB"; /* used in printf output */ +#else +enum BenchmarkBounds { + numBlocks = 5, /* how many megs to test (en/de)cryption */ + ntimes = 100, + genTimes = 100, + agreeTimes = 100 +}; +static const char blockType[] = "megs"; /* used in printf output */ +#endif + +static const byte key[] = +{ + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, + 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, + 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 +}; + +static const byte iv[] = +{ + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 + +}; + + +/* use kB instead of mB for embedded benchmarking */ +#ifdef BENCH_EMBEDDED +static byte plain [1024]; +static byte cipher[1024]; +#else +static byte plain [1024*1024]; +static byte cipher[1024*1024]; +#endif + + +#ifndef NO_AES +void bench_aes(int show) +{ + Aes enc; + double start, total, persec; + int i; + int ret; + +#ifdef HAVE_CAVIUM + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) { + printf("aes init cavium failed\n"); + return; + } +#endif + + ret = AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("AesSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + if (show) + printf("AES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + AesFreeCavium(&enc); +#endif +} +#endif + + +#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) + static byte additional[13]; + static byte tag[16]; +#endif + + +#ifdef HAVE_AESGCM +void bench_aesgcm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesGcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesGcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-GCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_AES_COUNTER +void bench_aesctr(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesSetKeyDirect(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCtrEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CTR %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + + +#ifdef HAVE_AESCCM +void bench_aesccm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesCcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_CAMELLIA +void bench_camellia(void) +{ + Camellia cam; + double start, total, persec; + int i, ret; + + ret = CamelliaSetKey(&cam, key, 16, iv); + if (ret != 0) { + printf("CamelliaSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + CamelliaCbcEncrypt(&cam, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("Camellia %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifndef NO_DES3 +void bench_des(void) +{ + Des3 enc; + double start, total, persec; + int i, ret; + +#ifdef HAVE_CAVIUM + if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("des3 init cavium failed\n"); +#endif + ret = Des3_SetKey(&enc, key, iv, DES_ENCRYPTION); + if (ret != 0) { + printf("Des3_SetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Des3_CbcEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("3DES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Des3_FreeCavium(&enc); +#endif +} +#endif + + +#ifndef NO_RC4 +void bench_arc4(void) +{ + Arc4 enc; + double start, total, persec; + int i; + +#ifdef HAVE_CAVIUM + if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("arc4 init cavium failed\n"); +#endif + + Arc4SetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Arc4Process(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("ARC4 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Arc4FreeCavium(&enc); +#endif +} +#endif + + +#ifdef HAVE_HC128 +void bench_hc128(void) +{ + HC128 enc; + double start, total, persec; + int i; + + Hc128_SetKey(&enc, key, iv); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Hc128_Process(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("HC128 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* HAVE_HC128 */ + + +#ifndef NO_RABBIT +void bench_rabbit(void) +{ + Rabbit enc; + double start, total, persec; + int i; + + RabbitSetKey(&enc, key, iv); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + RabbitProcess(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("RABBIT %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_RABBIT */ + + +#ifndef NO_MD5 +void bench_md5(void) +{ + Md5 hash; + byte digest[MD5_DIGEST_SIZE]; + double start, total, persec; + int i; + + InitMd5(&hash); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Md5Update(&hash, plain, sizeof(plain)); + + Md5Final(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("MD5 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_MD5 */ + + +#ifndef NO_SHA +void bench_sha(void) +{ + Sha hash; + byte digest[SHA_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha(&hash); + if (ret != 0) { + printf("InitSha failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + ShaUpdate(&hash, plain, sizeof(plain)); + + ShaFinal(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_SHA */ + + +#ifndef NO_SHA256 +void bench_sha256(void) +{ + Sha256 hash; + byte digest[SHA256_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha256(&hash); + if (ret != 0) { + printf("InitSha256 failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Sha256Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha256Update failed, ret = %d\n", ret); + return; + } + } + + ret = Sha256Final(&hash, digest); + if (ret != 0) { + printf("Sha256Final failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-256 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_SHA512 +void bench_sha512(void) +{ + Sha512 hash; + byte digest[SHA512_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha512(&hash); + if (ret != 0) { + printf("InitSha512 failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Sha512Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha512Update failed, ret = %d\n", ret); + return; + } + } + + ret = Sha512Final(&hash, digest); + if (ret != 0) { + printf("Sha512Final failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-512 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_RIPEMD +void bench_ripemd(void) +{ + RipeMd hash; + byte digest[RIPEMD_DIGEST_SIZE]; + double start, total, persec; + int i; + + InitRipeMd(&hash); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + RipeMdUpdate(&hash, plain, sizeof(plain)); + + RipeMdFinal(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("RIPEMD %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_BLAKE2 +void bench_blake2(void) +{ + Blake2b b2b; + byte digest[64]; + double start, total, persec; + int i, ret; + + ret = InitBlake2b(&b2b, 64); + if (ret != 0) { + printf("InitBlake2b failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Blake2bUpdate(&b2b, plain, sizeof(plain)); + if (ret != 0) { + printf("Blake2bUpdate failed, ret = %d\n", ret); + return; + } + } + + ret = Blake2bFinal(&b2b, digest, 64); + if (ret != 0) { + printf("Blake2bFinal failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("BLAKE2b %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#if !defined(NO_RSA) || !defined(NO_DH) \ + || defined(CYASSL_KEYGEN) || defined(HAVE_ECC) +static RNG rng; +#endif + +#ifndef NO_RSA + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + defined(CYASSL_MDK_SHELL) +static char *certRSAname = "certs/rsa2048.der" ; +static void set_Bench_RSA_File(char * cert) { certRSAname = cert ; } + /* set by shell command */ +#elif defined(CYASSL_MDK_SHELL) + /* nothing */ +#else +static const char *certRSAname = "certs/rsa2048.der" ; +#endif + +void bench_rsa(void) +{ + int i; + int ret; + byte tmp[3072]; + size_t bytes; + word32 idx = 0; + + byte message[] = "Everyone gets Friday off."; + byte enc[512]; /* for up to 4096 bit */ + const int len = (int)strlen((char*)message); + double start, total, each, milliEach; + + RsaKey rsaKey; + int rsaKeySz = 2048; /* used in printf */ + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, rsa_key_der_1024, sizeof_rsa_key_der_1024); + bytes = sizeof_rsa_key_der_1024; + rsaKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, rsa_key_der_2048, sizeof_rsa_key_der_2048); + bytes = sizeof_rsa_key_der_2048; +#else + FILE* file = fopen(certRSAname, "rb"); + + if (!file) { + printf("can't find %s, Please run from CyaSSL home dir\n", certRSAname); + return; + } + + bytes = fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + +#ifdef HAVE_CAVIUM + if (RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0) + printf("RSA init cavium failed\n"); +#endif + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + ret = InitRsaKey(&rsaKey, 0); + if (ret < 0) { + printf("InitRsaKey failed\n"); + return; + } + ret = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes); + + start = current_time(1); + + for (i = 0; i < ntimes; i++) + ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("RSA %d encryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); + + if (ret < 0) { + printf("Rsa Public Encrypt failed\n"); + return; + } + + start = current_time(1); + + for (i = 0; i < ntimes; i++) { + byte out[512]; /* for up to 4096 bit */ + RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey); + } + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("RSA %d decryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); + + FreeRsaKey(&rsaKey); +#ifdef HAVE_CAVIUM + RsaFreeCavium(&rsaKey); +#endif +} +#endif + + +#ifndef NO_DH + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + defined(CYASSL_MDK_SHELL) +static char *certDHname = "certs/dh2048.der" ; +void set_Bench_DH_File(char * cert) { certDHname = cert ; } + /* set by shell command */ +#elif defined(CYASSL_MDK_SHELL) + /* nothing */ +#else +static const char *certDHname = "certs/dh2048.der" ; +#endif + +void bench_dh(void) +{ + int i, ret; + byte tmp[1024]; + size_t bytes; + word32 idx = 0, pubSz, privSz = 0, pubSz2, privSz2, agreeSz; + + byte pub[256]; /* for 2048 bit */ + byte priv[256]; /* for 2048 bit */ + byte pub2[256]; /* for 2048 bit */ + byte priv2[256]; /* for 2048 bit */ + byte agree[256]; /* for 2048 bit */ + + double start, total, each, milliEach; + DhKey dhKey; + int dhKeySz = 2048; /* used in printf */ + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); + bytes = sizeof_dh_key_der_1024; + dhKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); + bytes = sizeof_dh_key_der_2048; +#else + FILE* file = fopen(certDHname, "rb"); + + if (!file) { + printf("can't find %s, Please run from CyaSSL home dir\n", certDHname); + return; + } + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + bytes = fread(tmp, 1, sizeof(tmp), file); +#endif /* USE_CERT_BUFFERS */ + + + InitDhKey(&dhKey); + bytes = DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes); + if (bytes != 0) { + printf("dhekydecode failed, can't benchmark\n"); + #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); + #endif + return; + } + + start = current_time(1); + + for (i = 0; i < ntimes; i++) + DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("DH %d key generation %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); + + DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2); + start = current_time(1); + + for (i = 0; i < ntimes; i++) + DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("DH %d key agreement %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); +#endif + FreeDhKey(&dhKey); +} +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) +void bench_rsaKeyGen(void) +{ + RsaKey genKey; + double start, total, each, milliEach; + int i; + + /* 1024 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + InitRsaKey(&genKey, 0); + MakeRsaKey(&genKey, 1024, 65537, &rng); + FreeRsaKey(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("\n"); + printf("RSA 1024 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); + + /* 2048 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + InitRsaKey(&genKey, 0); + MakeRsaKey(&genKey, 2048, 65537, &rng); + FreeRsaKey(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("RSA 2048 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); +} +#endif /* CYASSL_KEY_GEN */ + +#ifdef HAVE_ECC +void bench_eccKeyGen(void) +{ + ecc_key genKey; + double start, total, each, milliEach; + int i, ret; + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + /* 256 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + ecc_make_key(&rng, 32, &genKey); + ecc_free(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("\n"); + printf("ECC 256 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); +} + + +void bench_eccKeyAgree(void) +{ + ecc_key genKey, genKey2; + double start, total, each, milliEach; + int i, ret; + byte shared[1024]; + byte sig[1024]; + byte digest[32]; + word32 x = 0; + + ecc_init(&genKey); + ecc_init(&genKey2); + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + + ret = ecc_make_key(&rng, 32, &genKey); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + ret = ecc_make_key(&rng, 32, &genKey2); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + + /* 256 bit */ + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + x = sizeof(shared); + ret = ecc_shared_secret(&genKey, &genKey2, shared, &x); + if (ret != 0) { + printf("ecc_shared_secret failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DHE key agreement %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + /* make dummy digest */ + for (i = 0; i < (int)sizeof(digest); i++) + digest[i] = (byte)i; + + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + x = sizeof(sig); + ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &genKey); + if (ret != 0) { + printf("ecc_sign_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA sign time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + int verify = 0; + ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &genKey); + if (ret != 0) { + printf("ecc_verify_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA verify time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + ecc_free(&genKey2); + ecc_free(&genKey); +} +#endif /* HAVE_ECC */ + + +#ifdef _WIN32 + + #define WIN32_LEAN_AND_MEAN + #include + + double current_time(int reset) + { + static int init = 0; + static LARGE_INTEGER freq; + + LARGE_INTEGER count; + + (void)reset; + + if (!init) { + QueryPerformanceFrequency(&freq); + init = 1; + } + + QueryPerformanceCounter(&count); + + return (double)count.QuadPart / freq.QuadPart; + } + +#elif defined MICROCHIP_PIC32 + #if defined(CYASSL_MICROCHIP_PIC32MZ) + #define CLOCK 8000000.0 + #else + #include + #define CLOCK 4000000.0 + #endif + + double current_time(int reset) + { + unsigned int ns; + + if (reset) { + WriteCoreTimer(0); + } + + /* get timer in ns */ + ns = ReadCoreTimer(); + + /* return seconds as a double */ + return ( ns / CLOCK * 2.0); + } + +#elif defined CYASSL_MDK_ARM + + extern double current_time(int reset) ; + +#elif defined FREERTOS + + double current_time(int reset) + { + (void) reset; + + portTickType tickCount; + + /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */ + tickCount = xTaskGetTickCount(); + return (double)tickCount / 1000; + } + +#else + + #include + + double current_time(int reset) + { + struct timeval tv; + + (void)reset; + + gettimeofday(&tv, 0); + + return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; + } + +#endif /* _WIN32 */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c new file mode 100644 index 000000000..a89c9ce13 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/main.c @@ -0,0 +1,71 @@ +/* main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include "cmsis_os.h" +#include "rl_fs.h" + +#include + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +static void init_filesystem (void) { + int32_t retv; + + retv = finit ("M0:"); + if (retv == 0) { + retv = fmount ("M0:"); + if (retv == 0) { + printf ("Drive M0 ready!\n"); + } + else { + printf ("Drive M0 mount failed!\n"); + } + } + else { + printf ("Drive M0 initialization failed!\n"); + } +} +extern void benchmark_test(void * arg) ; +extern void init_time(void) ; + +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ + +int main() +{ + void * arg = NULL ; + + init_filesystem (); + + printf("=== Start: Crypt Benchmark ===\n") ; + benchmark_test(arg) ; + printf("=== End: Crypt Benchmark ===\n") ; + +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/time-CortexM3-4.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/time-CortexM3-4.c new file mode 100644 index 000000000..46712b34c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/time-CortexM3-4.c @@ -0,0 +1,41 @@ +/* time-STM32F2.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + + +#include +#define DWT ((DWT_Type *) (0xE0001000UL) ) +typedef struct +{ + uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */ + uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */ +} DWT_Type; + +extern uint32_t SystemCoreClock ; + +double current_time(int reset) +{ + if(reset) DWT->CYCCNT = 0 ; + return ((double)DWT->CYCCNT/SystemCoreClock) ; +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/time-dummy.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/time-dummy.c new file mode 100644 index 000000000..2525eba38 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptBenchmark/time-dummy.c @@ -0,0 +1,34 @@ +/* time-dummy.c.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + static struct tm date ; + return(&date) ; +} + +time_t time(time_t * t) { return 0 ; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt new file mode 100644 index 000000000..886be85b8 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/Abstract.txt @@ -0,0 +1,16 @@ +This program is a simple test suite of wolfCrypt library. + +In order to run this test suite, copy +{PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory. + +For selecting test crypt algorism options, refer config-Crypt.h. + +For the hardware crypt on config-Crypt.h, download +STSW-STM32062: STM32F2xx standard peripherals library at +http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to + {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib + + + Support +------- +Please send questions or comments to support@wolfssl.com diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx new file mode 100644 index 000000000..3d3905ab1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvoptx @@ -0,0 +1,1147 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + CryptTest + 0x4 + ARM-ADS + + 120000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + 0 + DLGUARM + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO3 -TC10000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 45 + 65 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\test.c + test.c + 0 + 0 + + + 1 + 3 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\cert_data.c + cert_data.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 4 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 5 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\settings.h + settings.h + 0 + 0 + + + + + Documentation + 0 + 0 + 0 + 0 + + 3 + 6 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + ::CMSIS + 0 + 0 + 0 + 1 + + 4 + 7 + 1 + 0 + 0 + 0 + 0 + 212 + 218 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 4 + 8 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 0 + 0 + 0 + 1 + + 5 + 9 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 5 + 10 + 2 + 0 + 0 + 0 + 0 + 163 + 169 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 5 + 11 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 5 + 12 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 5 + 13 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 6 + 14 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 7 + 15 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 7 + 16 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 7 + 17 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 0 + 0 + 0 + 1 + + 8 + 18 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 8 + 19 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 8 + 20 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + 8 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\ssl-dummy.c + ssl-dummy.c + 1 + 0 + + + 8 + 22 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 8 + 23 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 8 + 24 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 8 + 25 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 8 + 26 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 8 + 27 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 8 + 28 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 8 + 29 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 8 + 30 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 8 + 31 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 8 + 32 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 8 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 8 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 8 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 8 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 8 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 8 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 8 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 8 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 8 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 8 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 8 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 8 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 8 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + 8 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 8 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 8 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 8 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 8 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 8 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 8 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 8 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 8 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 8 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.2\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + time-STM32F2xx.c + 1 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx new file mode 100644 index 000000000..2f9123d53 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/CryptTest.uvprojx @@ -0,0 +1,946 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + CryptTest + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + CryptTest + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_CryptTest + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + main.c + 1 + .\main.c + + + test.c + 1 + .\test.c + + + cert_data.c + 1 + .\cert_data.c + + + + + Configuration + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + .\RTE\wolfSSL\settings.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + ssl-dummy.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\ssl-dummy.c + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + + + time-STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\2.8.2\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib\time-STM32F2xx.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + RTE\Network\Net_Debug.c + + + + + + RTE\Other\config-Crypt.h + + + + + + RTE\Other\config-FS.h + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/settings.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/settings.h new file mode 100644 index 000000000..33d41cfdb --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/RTE/wolfSSL/settings.h @@ -0,0 +1,667 @@ +/* settings.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using PIC32MZ Crypto Engine */ +/* #define CYASSL_MICROCHIP_PIC32MZ */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + +/* Uncomment next line if using LwIP native TCP socket settings */ +/* #define HAVE_LWIP_NATIVE */ + +/* Uncomment next line if building for EROAD */ +/* #define CYASSL_EROAD */ + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef CYASSL_USER_SETTINGS + #include +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ + #define CYASSL_LWIP + #define NO_WRITEV + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_FILESYSTEM +#endif + +#ifdef MICROCHIP_PIC32 + /* #define CYASSL_MICROCHIP_PIC32MZ */ + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef CYASSL_MICROCHIP_PIC32MZ + #define CYASSL_PIC32MZ_CE + #define CYASSL_PIC32MZ_CRYPT + #define HAVE_AES_ENGINE + #define CYASSL_PIC32MZ_RNG + /* #define CYASSL_PIC32MZ_HASH */ + #define CYASSL_AES_COUNTER + #define HAVE_AESGCM + #define NO_BIG_INT + +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "system/system_services.h" + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define CYASSL_USER_IO + #define NO_FILESYSTEM + #define NO_CERT + #define USE_CERT_BUFFERS_1024 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define HAVE_ECC + #define NO_SESSION_CACHE + #define CYASSL_CMSIS_RTOS +#endif + + +#ifdef CYASSL_EROAD + #define FREESCALE_MQX + #define FREESCALE_MMCAU + #define SINGLE_THREADED + #define NO_STDIO_FILESYSTEM + #define CYASSL_LEANPSK + #define HAVE_NULL_CIPHER + #define NO_OLD_TLS + #define NO_ASN + #define NO_BIG_INT + #define NO_RSA + #define NO_DSA + #define NO_DH + #define NO_CERTS + #define NO_PWDBASED + #define NO_DES3 + #define NO_MD4 + #define NO_RC4 + #define NO_MD5 + #define NO_SESSION_CACHE + #define NO_MAIN_DRIVER +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) && !defined(CYASSL_EROAD) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/cert_data.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/cert_data.c new file mode 100644 index 000000000..d29fbf3b1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/cert_data.c @@ -0,0 +1,28 @@ +/* certs_test.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* Define initial data for cert buffers */ +#include + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/main.c new file mode 100644 index 000000000..d1940f89b --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/main.c @@ -0,0 +1,76 @@ +/* main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include "cmsis_os.h" + +#include + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +#if !defined(NO_FILESYSTEM) +#include "rl_fs.h" + +static void init_filesystem (void) { + int32_t retv; + + retv = finit ("M0:"); + if (retv == 0) { + retv = fmount ("M0:"); + if (retv == 0) { + printf ("Drive M0 ready!\n"); + } + else { + printf ("Drive M0 mount failed!\n"); + } + } + else { + printf ("Drive M0 initialization failed!\n"); + } +} +#endif + +extern void ctaocrypt_test(void * arg) ; + +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ + +int main() +{ + void * arg = NULL ; + + #if !defined(NO_FILESYSTEM) + init_filesystem (); + #endif + + printf("=== Start: Crypt test ===\n") ; + ctaocrypt_test(arg) ; + printf("=== End: Crypt test ===\n") ; + +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/test.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/test.c new file mode 100644 index 000000000..e19675bd9 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CryptTest/test.c @@ -0,0 +1,4758 @@ +/* test.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#ifdef XMALLOC_USER + #include /* we're using malloc / free direct here */ +#endif + +#ifndef NO_CRYPT_TEST + +#ifdef CYASSL_TEST_CERT + #include +#else + #include +#endif +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#ifdef HAVE_ECC + #include +#endif +#ifdef HAVE_BLAKE2 + #include +#endif +#ifdef HAVE_LIBZ + #include +#endif +#ifdef HAVE_PKCS7 + #include +#endif + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable: 4996) +#endif + +#ifdef OPENSSL_EXTRA + #include + #include + #include + #include +#endif + + +#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) + /* include test cert and key buffers for use with NO_FILESYSTEM */ + #if defined(CYASSL_MDK_ARM) + #include "cert_data.h" + /* use certs_test.c for initial data, so other + commands can share the data. */ + #else + #include + #endif +#endif + +#if defined(CYASSL_MDK_ARM) + #include + #include + extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; + #define fopen CyaSSL_fopen +#endif + +#ifdef HAVE_NTRU + #include "crypto_ntru.h" +#endif +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif + +#ifdef FREESCALE_MQX + #include + #include + #include +#else + #include +#endif + + +#ifdef THREADX + /* since just testing, use THREADX log printf instead */ + int dc_log_printf(char*, ...); + #undef printf + #define printf dc_log_printf +#endif + +#include "ctaocrypt/test/test.h" + + +typedef struct testVector { + const char* input; + const char* output; + size_t inLen; + size_t outLen; +} testVector; + +int md2_test(void); +int md5_test(void); +int md4_test(void); +int sha_test(void); +int sha256_test(void); +int sha512_test(void); +int sha384_test(void); +int hmac_md5_test(void); +int hmac_sha_test(void); +int hmac_sha256_test(void); +int hmac_sha384_test(void); +int hmac_sha512_test(void); +int hmac_blake2b_test(void); +int hkdf_test(void); +int arc4_test(void); +int hc128_test(void); +int rabbit_test(void); +int des_test(void); +int des3_test(void); +int aes_test(void); +int aesgcm_test(void); +int gmac_test(void); +int aesccm_test(void); +int camellia_test(void); +int rsa_test(void); +int dh_test(void); +int dsa_test(void); +int random_test(void); +int pwdbased_test(void); +int ripemd_test(void); +int openssl_test(void); /* test mini api */ +int pbkdf1_test(void); +int pkcs12_test(void); +int pbkdf2_test(void); +#ifdef HAVE_ECC + int ecc_test(void); + #ifdef HAVE_ECC_ENCRYPT + int ecc_encrypt_test(void); + #endif +#endif +#ifdef HAVE_BLAKE2 + int blake2b_test(void); +#endif +#ifdef HAVE_LIBZ + int compress_test(void); +#endif +#ifdef HAVE_PKCS7 + int pkcs7enveloped_test(void); + int pkcs7signed_test(void); +#endif + + + +static void err_sys(const char* msg, int es) +{ + printf("%s error = %d\n", msg, es); + #if !defined(THREADX) && !defined(CYASSL_MDK_ARM) + if (msg) + exit(es); + #endif + return; +} + +/* func_args from test.h, so don't have to pull in other junk */ +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + + + +void ctaocrypt_test(void* args) +{ + int ret = 0; + + ((func_args*)args)->return_code = -1; /* error state */ + +#if !defined(NO_BIG_INT) + if (CheckCtcSettings() != 1) + err_sys("Build vs runtime math mismatch\n", -1234); + +#ifdef USE_FAST_MATH + if (CheckFastMathSettings() != 1) + err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", -1235); +#endif /* USE_FAST_MATH */ +#endif /* !NO_BIG_INT */ + + +#ifndef NO_MD5 + if ( (ret = md5_test()) != 0) + err_sys("MD5 test failed!\n", ret); + else + printf( "MD5 test passed!\n"); +#endif + +#ifdef CYASSL_MD2 + if ( (ret = md2_test()) != 0) + err_sys("MD2 test failed!\n", ret); + else + printf( "MD2 test passed!\n"); +#endif + +#ifndef NO_MD4 + if ( (ret = md4_test()) != 0) + err_sys("MD4 test failed!\n", ret); + else + printf( "MD4 test passed!\n"); +#endif + +#ifndef NO_SHA + if ( (ret = sha_test()) != 0) + err_sys("SHA test failed!\n", ret); + else + printf( "SHA test passed!\n"); +#endif + +#ifndef NO_SHA256 + if ( (ret = sha256_test()) != 0) + err_sys("SHA-256 test failed!\n", ret); + else + printf( "SHA-256 test passed!\n"); +#endif + +#ifdef CYASSL_SHA384 + if ( (ret = sha384_test()) != 0) + err_sys("SHA-384 test failed!\n", ret); + else + printf( "SHA-384 test passed!\n"); +#endif + +#ifdef CYASSL_SHA512 + if ( (ret = sha512_test()) != 0) + err_sys("SHA-512 test failed!\n", ret); + else + printf( "SHA-512 test passed!\n"); +#endif + +#ifdef CYASSL_RIPEMD + if ( (ret = ripemd_test()) != 0) + err_sys("RIPEMD test failed!\n", ret); + else + printf( "RIPEMD test passed!\n"); +#endif + +#ifdef HAVE_BLAKE2 + if ( (ret = blake2b_test()) != 0) + err_sys("BLAKE2b test failed!\n", ret); + else + printf( "BLAKE2b test passed!\n"); +#endif + +#ifndef NO_HMAC + #ifndef NO_MD5 + if ( (ret = hmac_md5_test()) != 0) + err_sys("HMAC-MD5 test failed!\n", ret); + else + printf( "HMAC-MD5 test passed!\n"); + #endif + + #ifndef NO_SHA + if ( (ret = hmac_sha_test()) != 0) + err_sys("HMAC-SHA test failed!\n", ret); + else + printf( "HMAC-SHA test passed!\n"); + #endif + + #ifndef NO_SHA256 + if ( (ret = hmac_sha256_test()) != 0) + err_sys("HMAC-SHA256 test failed!\n", ret); + else + printf( "HMAC-SHA256 test passed!\n"); + #endif + + #ifdef CYASSL_SHA384 + if ( (ret = hmac_sha384_test()) != 0) + err_sys("HMAC-SHA384 test failed!\n", ret); + else + printf( "HMAC-SHA384 test passed!\n"); + #endif + + #ifdef CYASSL_SHA512 + if ( (ret = hmac_sha512_test()) != 0) + err_sys("HMAC-SHA512 test failed!\n", ret); + else + printf( "HMAC-SHA512 test passed!\n"); + #endif + + #ifdef HAVE_BLAKE2 + if ( (ret = hmac_blake2b_test()) != 0) + err_sys("HMAC-BLAKE2 test failed!\n", ret); + else + printf( "HMAC-BLAKE2 test passed!\n"); + #endif + + #ifdef HAVE_HKDF + if ( (ret = hkdf_test()) != 0) + err_sys("HMAC-KDF test failed!\n", ret); + else + printf( "HMAC-KDF test passed!\n"); + #endif + +#endif + +#ifdef HAVE_AESGCM + if ( (ret = gmac_test()) != 0) + err_sys("GMAC test passed!\n", ret); + else + printf( "GMAC test passed!\n"); +#endif + +#ifndef NO_RC4 + if ( (ret = arc4_test()) != 0) + err_sys("ARC4 test failed!\n", ret); + else + printf( "ARC4 test passed!\n"); +#endif + +#ifndef NO_HC128 + if ( (ret = hc128_test()) != 0) + err_sys("HC-128 test failed!\n", ret); + else + printf( "HC-128 test passed!\n"); +#endif + +#ifndef NO_RABBIT + if ( (ret = rabbit_test()) != 0) + err_sys("Rabbit test failed!\n", ret); + else + printf( "Rabbit test passed!\n"); +#endif + +#ifndef NO_DES3 + if ( (ret = des_test()) != 0) + err_sys("DES test failed!\n", ret); + else + printf( "DES test passed!\n"); +#endif + +#ifndef NO_DES3 + if ( (ret = des3_test()) != 0) + err_sys("DES3 test failed!\n", ret); + else + printf( "DES3 test passed!\n"); +#endif + +#ifndef NO_AES + if ( (ret = aes_test()) != 0) + err_sys("AES test failed!\n", ret); + else + printf( "AES test passed!\n"); + +#ifdef HAVE_AESGCM + if ( (ret = aesgcm_test()) != 0) + err_sys("AES-GCM test failed!\n", ret); + else + printf( "AES-GCM test passed!\n"); +#endif + +#ifdef HAVE_AESCCM + if ( (ret = aesccm_test()) != 0) + err_sys("AES-CCM test failed!\n", ret); + else + printf( "AES-CCM test passed!\n"); +#endif +#endif + +#ifdef HAVE_CAMELLIA + if ( (ret = camellia_test()) != 0) + err_sys("CAMELLIA test failed!\n", ret); + else + printf( "CAMELLIA test passed!\n"); +#endif + + if ( (ret = random_test()) != 0) + err_sys("RANDOM test failed!\n", ret); + else + printf( "RANDOM test passed!\n"); + +#ifndef NO_RSA + if ( (ret = rsa_test()) != 0) + err_sys("RSA test failed!\n", ret); + else + printf( "RSA test passed!\n"); +#endif + +#ifndef NO_DH + if ( (ret = dh_test()) != 0) + err_sys("DH test failed!\n", ret); + else + printf( "DH test passed!\n"); +#endif + +#ifndef NO_DSA + if ( (ret = dsa_test()) != 0) + err_sys("DSA test failed!\n", ret); + else + printf( "DSA test passed!\n"); +#endif + +#ifndef NO_PWDBASED + if ( (ret = pwdbased_test()) != 0) + err_sys("PWDBASED test failed!\n", ret); + else + printf( "PWDBASED test passed!\n"); +#endif + +#ifdef OPENSSL_EXTRA + if ( (ret = openssl_test()) != 0) + err_sys("OPENSSL test failed!\n", ret); + else + printf( "OPENSSL test passed!\n"); +#endif + +#ifdef HAVE_ECC + if ( (ret = ecc_test()) != 0) + err_sys("ECC test failed!\n", ret); + else + printf( "ECC test passed!\n"); + #ifdef HAVE_ECC_ENCRYPT + if ( (ret = ecc_encrypt_test()) != 0) + err_sys("ECC Enc test failed!\n", ret); + else + printf( "ECC Enc test passed!\n"); + #endif +#endif + +#ifdef HAVE_LIBZ + if ( (ret = compress_test()) != 0) + err_sys("COMPRESS test failed!\n", ret); + else + printf( "COMPRESS test passed!\n"); +#endif + +#ifdef HAVE_PKCS7 + if ( (ret = pkcs7enveloped_test()) != 0) + err_sys("PKCS7enveloped test failed!\n", ret); + else + printf( "PKCS7enveloped test passed!\n"); + + if ( (ret = pkcs7signed_test()) != 0) + err_sys("PKCS7signed test failed!\n", ret); + else + printf( "PKCS7signed test passed!\n"); +#endif + + ((func_args*)args)->return_code = ret; +} + + +#ifndef NO_MAIN_DRIVER + +#ifdef HAVE_CAVIUM + +static int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif /* HAVE_CAVIUM */ + + /* so overall tests can pull in test function */ + + int main(int argc, char** argv) + { + + func_args args; + + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed", -1236); +#endif /* HAVE_CAVIUM */ + + args.argc = argc; + args.argv = argv; + + ctaocrypt_test(&args); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + + return args.return_code; + } + +#endif /* NO_MAIN_DRIVER */ + + +#ifdef CYASSL_MD2 +int md2_test() +{ + Md2 md2; + byte hash[MD2_DIGEST_SIZE]; + + testVector a, b, c, d, e, f, g; + testVector test_md2[7]; + int times = sizeof(test_md2) / sizeof(testVector), i; + + a.input = ""; + a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69" + "\x27\x73"; + a.inLen = strlen(a.input); + a.outLen = MD2_DIGEST_SIZE; + + b.input = "a"; + b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0" + "\xb5\xd1"; + b.inLen = strlen(b.input); + b.outLen = MD2_DIGEST_SIZE; + + c.input = "abc"; + c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde" + "\xd6\xbb"; + c.inLen = strlen(c.input); + c.outLen = MD2_DIGEST_SIZE; + + d.input = "message digest"; + d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe" + "\x06\xb0"; + d.inLen = strlen(d.input); + d.outLen = MD2_DIGEST_SIZE; + + e.input = "abcdefghijklmnopqrstuvwxyz"; + e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47" + "\x94\x0b"; + e.inLen = strlen(e.input); + e.outLen = MD2_DIGEST_SIZE; + + f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" + "6789"; + f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03" + "\x38\xcd"; + f.inLen = strlen(f.input); + f.outLen = MD2_DIGEST_SIZE; + + g.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3" + "\xef\xd8"; + g.inLen = strlen(g.input); + g.outLen = MD2_DIGEST_SIZE; + + test_md2[0] = a; + test_md2[1] = b; + test_md2[2] = c; + test_md2[3] = d; + test_md2[4] = e; + test_md2[5] = f; + test_md2[6] = g; + + InitMd2(&md2); + + for (i = 0; i < times; ++i) { + Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen); + Md2Final(&md2, hash); + + if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0) + return -155 - i; + } + + return 0; +} +#endif + +#ifndef NO_MD5 +int md5_test(void) +{ + Md5 md5; + byte hash[MD5_DIGEST_SIZE]; + + testVector a, b, c, d, e; + testVector test_md5[5]; + int times = sizeof(test_md5) / sizeof(testVector), i; + + a.input = "abc"; + a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f" + "\x72"; + a.inLen = strlen(a.input); + a.outLen = MD5_DIGEST_SIZE; + + b.input = "message digest"; + b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61" + "\xd0"; + b.inLen = strlen(b.input); + b.outLen = MD5_DIGEST_SIZE; + + c.input = "abcdefghijklmnopqrstuvwxyz"; + c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1" + "\x3b"; + c.inLen = strlen(c.input); + c.outLen = MD5_DIGEST_SIZE; + + d.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" + "6789"; + d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d" + "\x9f"; + d.inLen = strlen(d.input); + d.outLen = MD5_DIGEST_SIZE; + + e.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" + "\x7a"; + e.inLen = strlen(e.input); + e.outLen = MD5_DIGEST_SIZE; + + test_md5[0] = a; + test_md5[1] = b; + test_md5[2] = c; + test_md5[3] = d; + test_md5[4] = e; + + InitMd5(&md5); + + for (i = 0; i < times; ++i) { + Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen); + Md5Final(&md5, hash); + + if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0) + return -5 - i; + } + + return 0; +} +#endif /* NO_MD5 */ + + +#ifndef NO_MD4 + +int md4_test(void) +{ + Md4 md4; + byte hash[MD4_DIGEST_SIZE]; + + testVector a, b, c, d, e, f, g; + testVector test_md4[7]; + int times = sizeof(test_md4) / sizeof(testVector), i; + + a.input = ""; + a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" + "\xc0"; + a.inLen = strlen(a.input); + a.outLen = MD4_DIGEST_SIZE; + + b.input = "a"; + b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" + "\x24"; + b.inLen = strlen(b.input); + b.outLen = MD4_DIGEST_SIZE; + + c.input = "abc"; + c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" + "\x9d"; + c.inLen = strlen(c.input); + c.outLen = MD4_DIGEST_SIZE; + + d.input = "message digest"; + d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" + "\x4b"; + d.inLen = strlen(d.input); + d.outLen = MD4_DIGEST_SIZE; + + e.input = "abcdefghijklmnopqrstuvwxyz"; + e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" + "\xa9"; + e.inLen = strlen(e.input); + e.outLen = MD4_DIGEST_SIZE; + + f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" + "6789"; + f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" + "\xe4"; + f.inLen = strlen(f.input); + f.outLen = MD4_DIGEST_SIZE; + + g.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" + "\x36"; + g.inLen = strlen(g.input); + g.outLen = MD4_DIGEST_SIZE; + + test_md4[0] = a; + test_md4[1] = b; + test_md4[2] = c; + test_md4[3] = d; + test_md4[4] = e; + test_md4[5] = f; + test_md4[6] = g; + + InitMd4(&md4); + + for (i = 0; i < times; ++i) { + Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen); + Md4Final(&md4, hash); + + if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0) + return -205 - i; + } + + return 0; +} + +#endif /* NO_MD4 */ + +#ifndef NO_SHA + +int sha_test(void) +{ + Sha sha; + byte hash[SHA_DIGEST_SIZE]; + + testVector a, b, c, d; + testVector test_sha[4]; + int ret; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2" + "\x6C\x9C\xD0\xD8\x9D"; + a.inLen = strlen(a.input); + a.outLen = SHA_DIGEST_SIZE; + + b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29" + "\xE5\xE5\x46\x70\xF1"; + b.inLen = strlen(b.input); + b.outLen = SHA_DIGEST_SIZE; + + c.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaa"; + c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44" + "\x2A\x25\xEC\x64\x4D"; + c.inLen = strlen(c.input); + c.outLen = SHA_DIGEST_SIZE; + + d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaa"; + d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" + "\x53\x99\x5E\x26\xA0"; + d.inLen = strlen(d.input); + d.outLen = SHA_DIGEST_SIZE; + + test_sha[0] = a; + test_sha[1] = b; + test_sha[2] = c; + test_sha[3] = d; + + ret = InitSha(&sha); + if (ret != 0) + return -4001; + + for (i = 0; i < times; ++i) { + ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); + ShaFinal(&sha, hash); + + if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} + +#endif /* NO_SHA */ + +#ifdef CYASSL_RIPEMD +int ripemd_test(void) +{ + RipeMd ripemd; + byte hash[RIPEMD_DIGEST_SIZE]; + + testVector a, b, c, d; + testVector test_ripemd[4]; + int times = sizeof(test_ripemd) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6" + "\xb0\x87\xf1\x5a\x0b\xfc"; + a.inLen = strlen(a.input); + a.outLen = RIPEMD_DIGEST_SIZE; + + b.input = "message digest"; + b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8" + "\x5f\xfa\x21\x59\x5f\x36"; + b.inLen = strlen(b.input); + b.outLen = RIPEMD_DIGEST_SIZE; + + c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc" + "\xf4\x9a\xda\x62\xeb\x2b"; + c.inLen = strlen(c.input); + c.outLen = RIPEMD_DIGEST_SIZE; + + d.input = "12345678901234567890123456789012345678901234567890123456" + "789012345678901234567890"; + d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab" + "\x82\xbf\x63\x32\x6b\xfb"; + d.inLen = strlen(d.input); + d.outLen = RIPEMD_DIGEST_SIZE; + + test_ripemd[0] = a; + test_ripemd[1] = b; + test_ripemd[2] = c; + test_ripemd[3] = d; + + InitRipeMd(&ripemd); + + for (i = 0; i < times; ++i) { + RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input, + (word32)test_ripemd[i].inLen); + RipeMdFinal(&ripemd, hash); + + if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif /* CYASSL_RIPEMD */ + + +#ifdef HAVE_BLAKE2 + + +#define BLAKE2_TESTS 3 + +static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] = +{ + { + 0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03, + 0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72, + 0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61, + 0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19, + 0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53, + 0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B, + 0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55, + 0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE + }, + { + 0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95, + 0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7, + 0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44, + 0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C, + 0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB, + 0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4, + 0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48, + 0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B + }, + { + 0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9, + 0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72, + 0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF, + 0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15, + 0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB, + 0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04, + 0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1, + 0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5 + } +}; + + + +int blake2b_test(void) +{ + Blake2b b2b; + byte digest[64]; + byte input[64]; + int i, ret; + + for (i = 0; i < (int)sizeof(input); i++) + input[i] = (byte)i; + + for (i = 0; i < BLAKE2_TESTS; i++) { + ret = InitBlake2b(&b2b, 64); + if (ret != 0) + return -4002; + + ret = Blake2bUpdate(&b2b, input, i); + if (ret != 0) + return -4003; + + ret = Blake2bFinal(&b2b, digest, 64); + if (ret != 0) + return -4004; + + if (memcmp(digest, blake2b_vec[i], 64) != 0) { + return -300 - i; + } + } + + return 0; +} +#endif /* HAVE_BLAKE2 */ + + +#ifndef NO_SHA256 +int sha256_test(void) +{ + Sha256 sha; + byte hash[SHA256_DIGEST_SIZE]; + + testVector a, b; + testVector test_sha[2]; + int ret; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22" + "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" + "\x15\xAD"; + a.inLen = strlen(a.input); + a.outLen = SHA256_DIGEST_SIZE; + + b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" + "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" + "\x06\xC1"; + b.inLen = strlen(b.input); + b.outLen = SHA256_DIGEST_SIZE; + + test_sha[0] = a; + test_sha[1] = b; + + ret = InitSha256(&sha); + if (ret != 0) + return -4005; + + for (i = 0; i < times; ++i) { + ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4006; + ret = Sha256Final(&sha, hash); + if (ret != 0) + return -4007; + + if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif + + +#ifdef CYASSL_SHA512 +int sha512_test(void) +{ + Sha512 sha; + byte hash[SHA512_DIGEST_SIZE]; + int ret; + + testVector a, b; + testVector test_sha[2]; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" + "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55" + "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3" + "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f" + "\xa5\x4c\xa4\x9f"; + a.inLen = strlen(a.input); + a.outLen = SHA512_DIGEST_SIZE; + + b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" + "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" + "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" + "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" + "\x87\x4b\xe9\x09"; + b.inLen = strlen(b.input); + b.outLen = SHA512_DIGEST_SIZE; + + test_sha[0] = a; + test_sha[1] = b; + + ret = InitSha512(&sha); + if (ret != 0) + return -4009; + + for (i = 0; i < times; ++i) { + ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4010; + + ret = Sha512Final(&sha, hash); + if (ret != 0) + return -4011; + + if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif + + +#ifdef CYASSL_SHA384 +int sha384_test(void) +{ + Sha384 sha; + byte hash[SHA384_DIGEST_SIZE]; + int ret; + + testVector a, b; + testVector test_sha[2]; + int times = sizeof(test_sha) / sizeof(struct testVector), i; + + a.input = "abc"; + a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" + "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff" + "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" + "\xc8\x25\xa7"; + a.inLen = strlen(a.input); + a.outLen = SHA384_DIGEST_SIZE; + + b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" + "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" + "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" + "\x74\x60\x39"; + b.inLen = strlen(b.input); + b.outLen = SHA384_DIGEST_SIZE; + + test_sha[0] = a; + test_sha[1] = b; + + ret = InitSha384(&sha); + if (ret != 0) + return -4012; + + for (i = 0; i < times; ++i) { + ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4013; + + ret = Sha384Final(&sha, hash); + if (ret != 0) + return -4014; + + if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0) + return -10 - i; + } + + return 0; +} +#endif /* CYASSL_SHA384 */ + + +#if !defined(NO_HMAC) && !defined(NO_MD5) +int hmac_md5_test(void) +{ + Hmac hmac; + byte hash[MD5_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc" + "\x9d"; + a.inLen = strlen(a.input); + a.outLen = MD5_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" + "\x38"; + b.inLen = strlen(b.input); + b.outLen = MD5_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3" + "\xf6"; + c.inLen = strlen(c.input); + c.outLen = MD5_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#ifdef HAVE_CAVIUM + if (i == 1) + continue; /* driver can't handle keys <= bytes */ + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20009; +#endif + ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4015; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4016; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4017; + + if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif /* NO_HMAC && NO_MD5 */ + +#if !defined(NO_HMAC) && !defined(NO_SHA) +int hmac_sha_test(void) +{ + Hmac hmac; + byte hash[SHA_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c" + "\x8e\xf1\x46\xbe\x00"; + a.inLen = strlen(a.input); + a.outLen = SHA_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf" + "\x9c\x25\x9a\x7c\x79"; + b.inLen = strlen(b.input); + b.outLen = SHA_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b" + "\x4f\x63\xf1\x75\xd3"; + c.inLen = strlen(c.input); + c.outLen = SHA_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#ifdef HAVE_CAVIUM + if (i == 1) + continue; /* driver can't handle keys <= bytes */ + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20010; +#endif + ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4018; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4019; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4020; + + if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && !defined(NO_SHA256) +int hmac_sha256_test(void) +{ + Hmac hmac; + byte hash[SHA256_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1" + "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32" + "\xcf\xf7"; + a.inLen = strlen(a.input); + a.outLen = SHA256_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75" + "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec" + "\x38\x43"; + b.inLen = strlen(b.input); + b.outLen = SHA256_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81" + "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5" + "\x65\xfe"; + c.inLen = strlen(c.input); + c.outLen = SHA256_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#ifdef HAVE_CAVIUM + if (i == 1) + continue; /* driver can't handle keys <= bytes */ + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20011; +#endif + ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4021; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4022; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4023; + + if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(HAVE_BLAKE2) +int hmac_blake2b_test(void) +{ + Hmac hmac; + byte hash[BLAKE2B_256]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51" + "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75" + "\xac\xfd"; + a.inLen = strlen(a.input); + a.outLen = BLAKE2B_256; + + b.input = "what do ya want for nothing?"; + b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67" + "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c" + "\xda\x2b"; + b.inLen = strlen(b.input); + b.outLen = BLAKE2B_256; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7" + "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3" + "\x0f\x87"; + c.inLen = strlen(c.input); + c.outLen = BLAKE2B_256; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#ifdef HAVE_CAVIUM + if (i == 1) + continue; /* driver can't handle keys <= bytes */ + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20011; +#endif + ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i], + (word32)strlen(keys[i])); + if (ret != 0) + return -4024; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4025; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4026; + + if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(CYASSL_SHA384) +int hmac_sha384_test(void) +{ + Hmac hmac; + byte hash[SHA384_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90" + "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb" + "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2" + "\xfa\x9c\xb6"; + a.inLen = strlen(a.input); + a.outLen = SHA384_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b" + "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22" + "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa" + "\xb2\x16\x49"; + b.inLen = strlen(b.input); + b.outLen = SHA384_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8" + "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66" + "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01" + "\xa3\x4f\x27"; + c.inLen = strlen(c.input); + c.outLen = SHA384_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { + ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4027; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4028; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4029; + + if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(CYASSL_SHA512) +int hmac_sha512_test(void) +{ + Hmac hmac; + byte hash[SHA512_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c" + "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1" + "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae" + "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20" + "\x3a\x12\x68\x54"; + a.inLen = strlen(a.input); + a.outLen = SHA512_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0" + "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25" + "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8" + "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a" + "\x38\xbc\xe7\x37"; + b.inLen = strlen(b.input); + b.outLen = SHA512_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b" + "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27" + "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e" + "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59" + "\xe1\x32\x92\xfb"; + c.inLen = strlen(c.input); + c.outLen = SHA512_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { + ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4030; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4031; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4032; + + if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + + +#ifndef NO_RC4 +int arc4_test(void) +{ + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x01\x23\x45\x67\x89\xab\xcd\xef", + "\x01\x23\x45\x67\x89\xab\xcd\xef", + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\xef\x01\x23\x45" + }; + + testVector a, b, c, d; + testVector test_arc4[4]; + + int times = sizeof(test_arc4) / sizeof(testVector), i; + + a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef"; + a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96"; + a.inLen = 8; + a.outLen = 8; + + b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79"; + b.inLen = 8; + b.outLen = 8; + + c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a"; + c.inLen = 8; + c.outLen = 8; + + d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61"; + d.inLen = 10; + d.outLen = 10; + + test_arc4[0] = a; + test_arc4[1] = b; + test_arc4[2] = c; + test_arc4[3] = d; + + for (i = 0; i < times; ++i) { + Arc4 enc; + Arc4 dec; + int keylen = 8; /* strlen with key 0x00 not good */ + if (i == 3) + keylen = 4; + +#ifdef HAVE_CAVIUM + if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20001; + if (Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20002; +#endif + + Arc4SetKey(&enc, (byte*)keys[i], keylen); + Arc4SetKey(&dec, (byte*)keys[i], keylen); + + Arc4Process(&enc, cipher, (byte*)test_arc4[i].input, + (word32)test_arc4[i].outLen); + Arc4Process(&dec, plain, cipher, (word32)test_arc4[i].outLen); + + if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen)) + return -20 - i; + + if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen)) + return -20 - 5 - i; + +#ifdef HAVE_CAVIUM + Arc4FreeCavium(&enc); + Arc4FreeCavium(&dec); +#endif + } + + return 0; +} +#endif + + +int hc128_test(void) +{ +#ifdef HAVE_HC128 + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD", + "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC" + }; + + const char* ivs[] = + { + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16", + "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31" + }; + + + testVector a, b, c, d; + testVector test_hc128[4]; + + int times = sizeof(test_hc128) / sizeof(testVector), i; + + a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48"; + a.inLen = 8; + a.outLen = 8; + + b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F"; + b.inLen = 8; + b.outLen = 8; + + c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"; + c.inLen = 8; + c.outLen = 8; + + d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29"; + d.inLen = 15; + d.outLen = 15; + + test_hc128[0] = a; + test_hc128[1] = b; + test_hc128[2] = c; + test_hc128[3] = d; + + for (i = 0; i < times; ++i) { + HC128 enc; + HC128 dec; + + /* align keys/ivs in plain/cipher buffers */ + memcpy(plain, keys[i], 16); + memcpy(cipher, ivs[i], 16); + + Hc128_SetKey(&enc, plain, cipher); + Hc128_SetKey(&dec, plain, cipher); + + /* align input */ + memcpy(plain, test_hc128[i].input, test_hc128[i].outLen); + Hc128_Process(&enc, cipher, plain, (word32)test_hc128[i].outLen); + Hc128_Process(&dec, plain, cipher, (word32)test_hc128[i].outLen); + + if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen)) + return -120 - i; + + if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen)) + return -120 - 5 - i; + } + +#endif /* HAVE_HC128 */ + return 0; +} + + +#ifndef NO_RABBIT +int rabbit_test(void) +{ + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91" + }; + + const char* ivs[] = + { + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\x59\x7E\x26\xC1\x75\xF5\x73\xC3", + 0 + }; + + testVector a, b, c; + testVector test_rabbit[3]; + + int times = sizeof(test_rabbit) / sizeof(testVector), i; + + a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C"; + a.inLen = 8; + a.outLen = 8; + + b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0"; + b.inLen = 8; + b.outLen = 8; + + c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77"; + c.inLen = 8; + c.outLen = 8; + + test_rabbit[0] = a; + test_rabbit[1] = b; + test_rabbit[2] = c; + + for (i = 0; i < times; ++i) { + Rabbit enc; + Rabbit dec; + byte* iv; + + /* align keys/ivs in plain/cipher buffers */ + memcpy(plain, keys[i], 16); + if (ivs[i]) { + memcpy(cipher, ivs[i], 8); + iv = cipher; + } else + iv = NULL; + RabbitSetKey(&enc, plain, iv); + RabbitSetKey(&dec, plain, iv); + + /* align input */ + memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen); + RabbitProcess(&enc, cipher, plain, (word32)test_rabbit[i].outLen); + RabbitProcess(&dec, plain, cipher, (word32)test_rabbit[i].outLen); + + if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen)) + return -130 - i; + + if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen)) + return -130 - 5 - i; + } + + return 0; +} +#endif /* NO_RABBIT */ + + +#ifndef NO_DES3 +int des_test(void) +{ + const byte vector[] = { /* "now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + byte plain[24]; + byte cipher[24]; + + Des enc; + Des dec; + + const byte key[] = + { + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef + }; + + const byte iv[] = + { + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef + }; + + const byte verify[] = + { + 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, + 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, + 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b + }; + + int ret; + + ret = Des_SetKey(&enc, key, iv, DES_ENCRYPTION); + if (ret != 0) + return -31; + + Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); + ret = Des_SetKey(&dec, key, iv, DES_DECRYPTION); + if (ret != 0) + return -32; + Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); + + if (memcmp(plain, vector, sizeof(plain))) + return -33; + + if (memcmp(cipher, verify, sizeof(cipher))) + return -34; + + return 0; +} +#endif /* NO_DES3 */ + + +#ifndef NO_DES3 +int des3_test(void) +{ + const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */ + 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + byte plain[24]; + byte cipher[24]; + + Des3 enc; + Des3 dec; + + const byte key3[] = + { + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, + 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, + 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 + }; + const byte iv3[] = + { + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 + + }; + + const byte verify3[] = + { + 0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e, + 0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98, + 0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0 + }; + + int ret; + + +#ifdef HAVE_CAVIUM + if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20005; + if (Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20006; +#endif + ret = Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION); + if (ret != 0) + return -31; + ret = Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION); + if (ret != 0) + return -32; + ret = Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); + if (ret != 0) + return -33; + ret = Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); + if (ret != 0) + return -34; + + if (memcmp(plain, vector, sizeof(plain))) + return -35; + + if (memcmp(cipher, verify3, sizeof(cipher))) + return -36; + +#ifdef HAVE_CAVIUM + Des3_FreeCavium(&enc); + Des3_FreeCavium(&dec); +#endif + return 0; +} +#endif /* NO_DES */ + + +#ifndef NO_AES +int aes_test(void) +{ + Aes enc; + Aes dec; + + const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + const byte verify[] = + { + 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, + 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb + }; + + byte key[] = "0123456789abcdef "; /* align */ + byte iv[] = "1234567890abcdef "; /* align */ + + byte cipher[AES_BLOCK_SIZE * 4]; + byte plain [AES_BLOCK_SIZE * 4]; + int ret; + +#ifdef HAVE_CAVIUM + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20003; + if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20004; +#endif + ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + if (ret != 0) + return -1001; + ret = AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); + if (ret != 0) + return -1002; + + ret = AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); + if (ret != 0) + return -1005; + ret = AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); + if (ret != 0) + return -1006; + + if (memcmp(plain, msg, AES_BLOCK_SIZE)) + return -60; + + if (memcmp(cipher, verify, AES_BLOCK_SIZE)) + return -61; + +#ifdef HAVE_CAVIUM + AesFreeCavium(&enc); + AesFreeCavium(&dec); +#endif +#ifdef CYASSL_AES_COUNTER + { + const byte ctrKey[] = + { + 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, + 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c + }; + + const byte ctrIv[] = + { + 0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7, + 0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff + }; + + + const byte ctrPlain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a, + 0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c, + 0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51, + 0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11, + 0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef, + 0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17, + 0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10 + }; + + const byte ctrCipher[] = + { + 0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26, + 0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce, + 0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff, + 0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff, + 0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e, + 0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab, + 0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1, + 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee + }; + + const byte oddCipher[] = + { + 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0, + 0xc2 + }; + + AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + /* Ctr only uses encrypt, even on key setup */ + AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + + AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4); + AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4); + + if (memcmp(plain, ctrPlain, AES_BLOCK_SIZE*4)) + return -66; + + if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4)) + return -67; + + /* let's try with just 9 bytes, non block size test */ + AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + /* Ctr only uses encrypt, even on key setup */ + AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + + AesCtrEncrypt(&enc, cipher, ctrPlain, 9); + AesCtrEncrypt(&dec, plain, cipher, 9); + + if (memcmp(plain, ctrPlain, 9)) + return -68; + + if (memcmp(cipher, ctrCipher, 9)) + return -69; + + /* and an additional 9 bytes to reuse tmp left buffer */ + AesCtrEncrypt(&enc, cipher, ctrPlain, 9); + AesCtrEncrypt(&dec, plain, cipher, 9); + + if (memcmp(plain, ctrPlain, 9)) + return -70; + + if (memcmp(cipher, oddCipher, 9)) + return -71; + } +#endif /* CYASSL_AES_COUNTER */ + +#if defined(CYASSL_AESNI) && defined(CYASSL_AES_DIRECT) + { + const byte niPlain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a + }; + + const byte niCipher[] = + { + 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, + 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 + }; + + const byte niKey[] = + { + 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, + 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, + 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, + 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 + }; + + XMEMSET(cipher, 0, AES_BLOCK_SIZE); + ret = AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); + if (ret != 0) + return -1003; + AesEncryptDirect(&enc, cipher, niPlain); + if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0) + return -20006; + + XMEMSET(plain, 0, AES_BLOCK_SIZE); + ret = AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); + if (ret != 0) + return -1004; + AesDecryptDirect(&dec, plain, niCipher); + if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0) + return -20007; + } +#endif /* CYASSL_AESNI && CYASSL_AES_DIRECT */ + + return 0; +} + +#ifdef HAVE_AESGCM +int aesgcm_test(void) +{ + Aes enc; + + /* + * This is Test Case 16 from the document Galois/ + * Counter Mode of Operation (GCM) by McGrew and + * Viega. + */ + const byte k[] = + { + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08, + 0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c, + 0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08 + }; + + const byte iv[] = + { + 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, + 0xde, 0xca, 0xf8, 0x88 + }; + + const byte p[] = + { + 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, + 0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a, + 0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda, + 0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72, + 0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53, + 0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25, + 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, + 0xba, 0x63, 0x7b, 0x39 + }; + + const byte a[] = + { + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, + 0xab, 0xad, 0xda, 0xd2 + }; + + const byte c[] = + { + 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, + 0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d, + 0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9, + 0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa, + 0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d, + 0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38, + 0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a, + 0xbc, 0xc9, 0xf6, 0x62 + }; + + const byte t[] = + { + 0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68, + 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b + }; + + byte t2[sizeof(t)]; + byte p2[sizeof(c)]; + byte c2[sizeof(p)]; + + int result; + + memset(t2, 0, sizeof(t2)); + memset(c2, 0, sizeof(c2)); + memset(p2, 0, sizeof(p2)); + + AesGcmSetKey(&enc, k, sizeof(k)); + /* AES-GCM encrypt and decrypt both use AES encrypt internally */ + AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (memcmp(c, c2, sizeof(c2))) + return -68; + if (memcmp(t, t2, sizeof(t2))) + return -69; + + result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (result != 0) + return -70; + if (memcmp(p, p2, sizeof(p2))) + return -71; + + return 0; +} + +int gmac_test(void) +{ + Gmac gmac; + + const byte k1[] = + { + 0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01, + 0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8 + }; + const byte iv1[] = + { + 0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94, + 0xe2, 0x8c, 0x8f, 0x16 + }; + const byte a1[] = + { + 0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9, + 0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77 + }; + const byte t1[] = + { + 0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43, + 0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b + }; + + const byte k2[] = + { + 0x40, 0xf7, 0xec, 0xb2, 0x52, 0x6d, 0xaa, 0xd4, + 0x74, 0x25, 0x1d, 0xf4, 0x88, 0x9e, 0xf6, 0x5b + }; + const byte iv2[] = + { + 0xee, 0x9c, 0x6e, 0x06, 0x15, 0x45, 0x45, 0x03, + 0x1a, 0x60, 0x24, 0xa7 + }; + const byte a2[] = + { + 0x94, 0x81, 0x2c, 0x87, 0x07, 0x4e, 0x15, 0x18, + 0x34, 0xb8, 0x35, 0xaf, 0x1c, 0xa5, 0x7e, 0x56 + }; + const byte t2[] = + { + 0xc6, 0x81, 0x79, 0x8e, 0x3d, 0xda, 0xb0, 0x9f, + 0x8d, 0x83, 0xb0, 0xbb, 0x14, 0xb6, 0x91 + }; + + const byte k3[] = + { + 0xb8, 0xe4, 0x9a, 0x5e, 0x37, 0xf9, 0x98, 0x2b, + 0xb9, 0x6d, 0xd0, 0xc9, 0xb6, 0xab, 0x26, 0xac + }; + const byte iv3[] = + { + 0xe4, 0x4a, 0x42, 0x18, 0x8c, 0xae, 0x94, 0x92, + 0x6a, 0x9c, 0x26, 0xb0 + }; + const byte a3[] = + { + 0x9d, 0xb9, 0x61, 0x68, 0xa6, 0x76, 0x7a, 0x31, + 0xf8, 0x29, 0xe4, 0x72, 0x61, 0x68, 0x3f, 0x8a + }; + const byte t3[] = + { + 0x23, 0xe2, 0x9f, 0x66, 0xe4, 0xc6, 0x52, 0x48 + }; + + byte tag[16]; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k1, sizeof(k1)); + GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1)); + if (memcmp(t1, tag, sizeof(t1)) != 0) + return -126; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k2, sizeof(k2)); + GmacUpdate(&gmac, iv2, sizeof(iv2), a2, sizeof(a2), tag, sizeof(t2)); + if (memcmp(t2, tag, sizeof(t2)) != 0) + return -127; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k3, sizeof(k3)); + GmacUpdate(&gmac, iv3, sizeof(iv3), a3, sizeof(a3), tag, sizeof(t3)); + if (memcmp(t3, tag, sizeof(t3)) != 0) + return -128; + + return 0; +} +#endif /* HAVE_AESGCM */ + +#ifdef HAVE_AESCCM +int aesccm_test(void) +{ + Aes enc; + + /* key */ + const byte k[] = + { + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf + }; + + /* nonce */ + const byte iv[] = + { + 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 + }; + + /* plaintext */ + const byte p[] = + { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e + }; + + const byte a[] = + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + + const byte c[] = + { + 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, + 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, + 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84 + }; + + const byte t[] = + { + 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 + }; + + byte t2[sizeof(t)]; + byte p2[sizeof(p)]; + byte c2[sizeof(c)]; + + int result; + + memset(t2, 0, sizeof(t2)); + memset(c2, 0, sizeof(c2)); + memset(p2, 0, sizeof(p2)); + + AesCcmSetKey(&enc, k, sizeof(k)); + /* AES-CCM encrypt and decrypt both use AES encrypt internally */ + AesCcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (memcmp(c, c2, sizeof(c2))) + return -107; + if (memcmp(t, t2, sizeof(t2))) + return -108; + + result = AesCcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (result != 0) + return -109; + if (memcmp(p, p2, sizeof(p2))) + return -110; + + /* Test the authentication failure */ + t2[0]++; /* Corrupt the authentication tag. */ + result = AesCcmDecrypt(&enc, p2, c, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (result == 0) + return -111; + + /* Clear c2 to compare against p2. p2 should be set to zero in case of + * authentication fail. */ + memset(c2, 0, sizeof(c2)); + if (memcmp(p2, c2, sizeof(p2))) + return -112; + + return 0; +} +#endif /* HAVE_AESCCM */ + + +#endif /* NO_AES */ + + +#ifdef HAVE_CAMELLIA + +enum { + CAM_ECB_ENC, CAM_ECB_DEC, CAM_CBC_ENC, CAM_CBC_DEC +}; + +typedef struct { + int type; + const byte* plaintext; + const byte* iv; + const byte* ciphertext; + const byte* key; + word32 keySz; + int errorCode; +} test_vector_t; + +int camellia_test(void) +{ + /* Camellia ECB Test Plaintext */ + static const byte pte[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 + }; + + /* Camellia ECB Test Initialization Vector */ + static const byte ive[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; + + /* Test 1: Camellia ECB 128-bit key */ + static const byte k1[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 + }; + static const byte c1[] = + { + 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73, + 0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 + }; + + /* Test 2: Camellia ECB 192-bit key */ + static const byte k2[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 + }; + static const byte c2[] = + { + 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8, + 0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 + }; + + /* Test 3: Camellia ECB 256-bit key */ + static const byte k3[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, + 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff + }; + static const byte c3[] = + { + 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c, + 0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 + }; + + /* Camellia CBC Test Plaintext */ + static const byte ptc[] = + { + 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, + 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A + }; + + /* Camellia CBC Test Initialization Vector */ + static const byte ivc[] = + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }; + + /* Test 4: Camellia-CBC 128-bit key */ + static const byte k4[] = + { + 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C + }; + static const byte c4[] = + { + 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0, + 0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB + }; + + /* Test 5: Camellia-CBC 192-bit key */ + static const byte k5[] = + { + 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, + 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B + }; + static const byte c5[] = + { + 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2, + 0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 + }; + + /* Test 6: CBC 256-bit key */ + static const byte k6[] = + { + 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, + 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, + 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 + }; + static const byte c6[] = + { + 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A, + 0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA + }; + + byte out[CAMELLIA_BLOCK_SIZE]; + Camellia cam; + int i, testsSz; + const test_vector_t testVectors[] = + { + {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114}, + {CAM_ECB_ENC, pte, ive, c2, k2, sizeof(k2), -115}, + {CAM_ECB_ENC, pte, ive, c3, k3, sizeof(k3), -116}, + {CAM_ECB_DEC, pte, ive, c1, k1, sizeof(k1), -117}, + {CAM_ECB_DEC, pte, ive, c2, k2, sizeof(k2), -118}, + {CAM_ECB_DEC, pte, ive, c3, k3, sizeof(k3), -119}, + {CAM_CBC_ENC, ptc, ivc, c4, k4, sizeof(k4), -120}, + {CAM_CBC_ENC, ptc, ivc, c5, k5, sizeof(k5), -121}, + {CAM_CBC_ENC, ptc, ivc, c6, k6, sizeof(k6), -122}, + {CAM_CBC_DEC, ptc, ivc, c4, k4, sizeof(k4), -123}, + {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124}, + {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125} + }; + + testsSz = sizeof(testVectors)/sizeof(test_vector_t); + for (i = 0; i < testsSz; i++) { + if (CamelliaSetKey(&cam, testVectors[i].key, testVectors[i].keySz, + testVectors[i].iv) != 0) + return testVectors[i].errorCode; + + switch (testVectors[i].type) { + case CAM_ECB_ENC: + CamelliaEncryptDirect(&cam, out, testVectors[i].plaintext); + if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_ECB_DEC: + CamelliaDecryptDirect(&cam, out, testVectors[i].ciphertext); + if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_CBC_ENC: + CamelliaCbcEncrypt(&cam, out, testVectors[i].plaintext, + CAMELLIA_BLOCK_SIZE); + if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_CBC_DEC: + CamelliaCbcDecrypt(&cam, out, testVectors[i].ciphertext, + CAMELLIA_BLOCK_SIZE); + if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + default: + break; + } + } + + /* Setting the IV and checking it was actually set. */ + CamelliaSetIV(&cam, ivc); + if (XMEMCMP(cam.reg, ivc, CAMELLIA_BLOCK_SIZE)) + return -1; + + /* Setting the IV to NULL should be same as all zeros IV */ + if (CamelliaSetIV(&cam, NULL) != 0 || + XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE)) + return -1; + + /* First parameter should never be null */ + if (CamelliaSetIV(NULL, NULL) == 0) + return -1; + + /* First parameter should never be null, check it fails */ + if (CamelliaSetKey(NULL, k1, sizeof(k1), NULL) == 0) + return -1; + + /* Key should have a size of 16, 24, or 32 */ + if (CamelliaSetKey(&cam, k1, 0, NULL) == 0) + return -1; + + return 0; +} +#endif /* HAVE_CAMELLIA */ + + +int random_test(void) +{ + RNG rng; + byte block[32]; + int ret; + +#ifdef HAVE_CAVIUM + ret = InitRngCavium(&rng, CAVIUM_DEV_ID); + if (ret != 0) return -2007; +#endif + ret = InitRng(&rng); + if (ret != 0) return -39; + + ret = RNG_GenerateBlock(&rng, block, sizeof(block)); + if (ret != 0) return -40; + + return 0; +} + + +#ifdef HAVE_NTRU + +byte GetEntropy(ENTROPY_CMD cmd, byte* out); + +byte GetEntropy(ENTROPY_CMD cmd, byte* out) +{ + static RNG rng; + + if (cmd == INIT) + return (InitRng(&rng) == 0) ? 1 : 0; + + if (out == NULL) + return 0; + + if (cmd == GET_BYTE_OF_ENTROPY) + return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0; + + if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) { + *out = 1; + return 1; + } + + return 0; +} + +#endif /* HAVE_NTRU */ + +#ifndef NO_RSA + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* clientKey = "a:\\certs\\client-key.der"; + static const char* clientCert = "a:\\certs\\client-cert.der"; + #ifdef CYASSL_CERT_GEN + static const char* caKeyFile = "a:\\certs\\ca-key.der"; + static const char* caCertFile = "a:\\certs\\ca-cert.pem"; + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der"; + static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem"; + #endif + #endif + #elif defined(CYASSL_MKD_SHELL) + static char* clientKey = "certs/client-key.der"; + static char* clientCert = "certs/client-cert.der"; + void set_clientKey(char *key) { clientKey = key ; } + void set_clientCert(char *cert) { clientCert = cert ; } + #ifdef CYASSL_CERT_GEN + static char* caKeyFile = "certs/ca-key.der"; + static char* caCertFile = "certs/ca-cert.pem"; + void set_caKeyFile (char * key) { caKeyFile = key ; } + void set_caCertFile(char * cert) { caCertFile = cert ; } + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "certs/ecc-key.der"; + static const char* eccCaCertFile = "certs/server-ecc.pem"; + void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; } + void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; } + #endif + #endif + #else + static const char* clientKey = "./certs/client-key.der"; + static const char* clientCert = "./certs/client-cert.der"; + #ifdef CYASSL_CERT_GEN + static const char* caKeyFile = "./certs/ca-key.der"; + static const char* caCertFile = "./certs/ca-cert.pem"; + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "./certs/ecc-key.der"; + static const char* eccCaCertFile = "./certs/server-ecc.pem"; + #endif + #endif + #endif +#endif + + + +#define FOURK_BUF 4096 + +int rsa_test(void) +{ + byte* tmp; + size_t bytes; + RsaKey key; + RNG rng; + word32 idx = 0; + int ret; + byte in[] = "Everyone gets Friday off."; + word32 inLen = (word32)strlen((char*)in); + byte out[256]; + byte plain[256]; +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + FILE* file, * file2; +#endif +#ifdef CYASSL_TEST_CERT + DecodedCert cert; +#endif + + tmp = (byte*)malloc(FOURK_BUF); + if (tmp == NULL) + return -40; + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024); + bytes = sizeof_client_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048); + bytes = sizeof_client_key_der_2048; +#else + file = fopen(clientKey, "rb"); + + if (!file) + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -40); + + bytes = fread(tmp, 1, FOURK_BUF, file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + +#ifdef HAVE_CAVIUM + RsaInitCavium(&key, CAVIUM_DEV_ID); +#endif + ret = InitRsaKey(&key, 0); + if (ret != 0) return -39; + ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); + if (ret != 0) return -41; + + ret = InitRng(&rng); + if (ret != 0) return -42; + + ret = RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng); + if (ret < 0) return -43; + + ret = RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key); + if (ret < 0) return -44; + + if (memcmp(plain, in, inLen)) return -45; + + ret = RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng); + if (ret < 0) return -46; + + memset(plain, 0, sizeof(plain)); + ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &key); + if (ret < 0) return -47; + + if (memcmp(plain, in, ret)) return -48; + +#if defined(CYASSL_MDK_ARM) + #define sizeof(s) strlen((char *)(s)) +#endif + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, client_cert_der_1024, sizeof_client_cert_der_1024); + bytes = sizeof_client_cert_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, client_cert_der_2048, sizeof_client_cert_der_2048); + bytes = sizeof_client_cert_der_2048; +#else + file2 = fopen(clientCert, "rb"); + if (!file2) + return -49; + + bytes = fread(tmp, 1, FOURK_BUF, file2); + fclose(file2); +#endif + +#ifdef sizeof + #undef sizeof +#endif + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&cert, tmp, (word32)bytes, 0); + + ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) return -491; + + FreeDecodedCert(&cert); +#else + (void)bytes; +#endif + + +#ifdef CYASSL_KEY_GEN + { + byte* der; + byte* pem; + int derSz = 0; + int pemSz = 0; + RsaKey derIn; + RsaKey genKey; + FILE* keyFile; + FILE* pemFile; + + ret = InitRsaKey(&genKey, 0); + if (ret != 0) + return -300; + ret = MakeRsaKey(&genKey, 1024, 65537, &rng); + if (ret != 0) + return -301; + + der = (byte*)malloc(FOURK_BUF); + if (der == NULL) { + FreeRsaKey(&genKey); + return -307; + } + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(der); + FreeRsaKey(&genKey); + return -308; + } + + derSz = RsaKeyToDer(&genKey, der, FOURK_BUF); + if (derSz < 0) { + free(der); + free(pem); + return -302; + } + + keyFile = fopen("./key.der", "wb"); + if (!keyFile) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -303; + } + ret = (int)fwrite(der, 1, derSz, keyFile); + fclose(keyFile); + if (ret != derSz) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -313; + } + + pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE); + if (pemSz < 0) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -304; + } + + pemFile = fopen("./key.pem", "wb"); + if (!pemFile) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -305; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + fclose(pemFile); + if (ret != pemSz) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -314; + } + + ret = InitRsaKey(&derIn, 0); + if (ret != 0) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -3060; + } + idx = 0; + ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz); + if (ret != 0) { + free(der); + free(pem); + FreeRsaKey(&derIn); + FreeRsaKey(&genKey); + return -306; + } + + FreeRsaKey(&derIn); + FreeRsaKey(&genKey); + free(pem); + free(der); + } +#endif /* CYASSL_KEY_GEN */ + + +#ifdef CYASSL_CERT_GEN + /* self signed */ + { + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + int certSz; + int pemSz; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -309; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -310; + } + + InitCert(&myCert); + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); + myCert.isCA = 1; + myCert.sigType = CTC_SHA256wRSA; + + certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + return -401; + } + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -402; + } + FreeDecodedCert(&decode); +#endif + derFile = fopen("./cert.der", "wb"); + if (!derFile) { + free(derCert); + free(pem); + return -403; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(derCert); + free(pem); + return -414; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); + return -404; + } + + pemFile = fopen("./cert.pem", "wb"); + if (!pemFile) { + free(derCert); + free(pem); + return -405; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + fclose(pemFile); + if (ret != pemSz) { + free(derCert); + free(pem); + return -406; + } + free(pem); + free(derCert); + } + /* CA style */ + { + RsaKey caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + int certSz; + int pemSz; + size_t bytes3; + word32 idx3 = 0; + FILE* file3 ; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -312; + } + + file3 = fopen(caKeyFile, "rb"); + + if (!file3) { + free(derCert); + free(pem); + return -412; + } + + bytes3 = fread(tmp, 1, FOURK_BUF, file3); + fclose(file3); + + ret = InitRsaKey(&caKey, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -411; + } + ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); + if (ret != 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -413; + } + + InitCert(&myCert); + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); + + ret = SetIssuer(&myCert, caCertFile); + if (ret < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -405; + } + + certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -407; + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -408; + } + + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -409; + } + FreeDecodedCert(&decode); +#endif + + derFile = fopen("./othercert.der", "wb"); + if (!derFile) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -410; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -416; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -411; + } + + pemFile = fopen("./othercert.pem", "wb"); + if (!pemFile) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -412; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + if (ret != pemSz) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -415; + } + fclose(pemFile); + free(pem); + free(derCert); + FreeRsaKey(&caKey); + } +#ifdef HAVE_ECC + /* ECC CA style */ + { + ecc_key caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + int certSz; + int pemSz; + size_t bytes3; + word32 idx3 = 0; + FILE* file3; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -5311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -5312; + } + + file3 = fopen(eccCaKeyFile, "rb"); + + if (!file3) { + free(derCert); + free(pem); + return -5412; + } + + bytes3 = fread(tmp, 1, FOURK_BUF, file3); + fclose(file3); + + ecc_init(&caKey); + ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); + if (ret != 0) { + free(derCert); + free(pem); + return -5413; + } + + InitCert(&myCert); + myCert.sigType = CTC_SHA256wECDSA; + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE); + + ret = SetIssuer(&myCert, eccCaCertFile); + if (ret < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5405; + } + + certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); + if (certSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5407; + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + NULL, &caKey, &rng); + if (certSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5408; + } + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5409; + } + FreeDecodedCert(&decode); +#endif + + derFile = fopen("./certecc.der", "wb"); + if (!derFile) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5410; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5414; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5411; + } + + pemFile = fopen("./certecc.pem", "wb"); + if (!pemFile) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5412; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + if (ret != pemSz) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5415; + } + fclose(pemFile); + free(pem); + free(derCert); + ecc_free(&caKey); + } +#endif /* HAVE_ECC */ +#ifdef HAVE_NTRU + { + RsaKey caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + FILE* caFile; + FILE* ntruPrivFile; + int certSz; + int pemSz; + word32 idx3; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -312; + } + + byte public_key[557]; /* sized for EES401EP2 */ + word16 public_key_len; /* no. of octets in public key */ + byte private_key[607]; /* sized for EES401EP2 */ + word16 private_key_len; /* no. of octets in private key */ + DRBG_HANDLE drbg; + static uint8_t const pers_str[] = { + 'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't' + }; + word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str), + GetEntropy, &drbg); + if (rc != DRBG_OK) { + free(derCert); + free(pem); + return -450; + } + + rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len, + NULL, &private_key_len, NULL); + if (rc != NTRU_OK) { + free(derCert); + free(pem); + return -451; + } + + rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len, + public_key, &private_key_len, private_key); + crypto_drbg_uninstantiate(drbg); + + if (rc != NTRU_OK) { + free(derCert); + free(pem); + return -452; + } + + caFile = fopen(caKeyFile, "rb"); + + if (!caFile) { + free(derCert); + free(pem); + return -453; + } + + bytes = fread(tmp, 1, FOURK_BUF, caFile); + fclose(caFile); + + ret = InitRsaKey(&caKey, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -459; + } + ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes); + if (ret != 0) { + free(derCert); + free(pem); + return -454; + } + + InitCert(&myCert); + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); + + ret = SetIssuer(&myCert, caCertFile); + if (ret < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -455; + } + + certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key, + public_key_len, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -456; + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); + FreeRsaKey(&caKey); + if (certSz < 0) { + free(derCert); + free(pem); + return -457; + } + + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -458; + } + FreeDecodedCert(&decode); +#endif + derFile = fopen("./ntru-cert.der", "wb"); + if (!derFile) { + free(derCert); + free(pem); + return -459; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(derCert); + free(pem); + return -473; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); + return -460; + } + + pemFile = fopen("./ntru-cert.pem", "wb"); + if (!pemFile) { + free(derCert); + free(pem); + return -461; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + fclose(pemFile); + if (ret != pemSz) { + free(derCert); + free(pem); + return -474; + } + + ntruPrivFile = fopen("./ntru-key.raw", "wb"); + if (!ntruPrivFile) { + free(derCert); + free(pem); + return -462; + } + ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile); + fclose(ntruPrivFile); + if (ret != private_key_len) { + free(pem); + free(derCert); + return -475; + } + free(pem); + free(derCert); + } +#endif /* HAVE_NTRU */ +#ifdef CYASSL_CERT_REQ + { + Cert req; + byte* der; + byte* pem; + int derSz; + int pemSz; + FILE* reqFile; + + der = (byte*)malloc(FOURK_BUF); + if (der == NULL) + return -463; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(der); + return -464; + } + + InitCert(&req); + + req.version = 0; + req.isCA = 1; + strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE); + strncpy(req.subject.country, "US", CTC_NAME_SIZE); + strncpy(req.subject.state, "OR", CTC_NAME_SIZE); + strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(req.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE); + req.sigType = CTC_SHA256wRSA; + + derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL); + if (derSz < 0) { + free(pem); + free(der); + return -465; + } + + derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF, + &key, NULL, &rng); + if (derSz < 0) { + free(pem); + free(der); + return -466; + } + + pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE); + if (pemSz < 0) { + free(pem); + free(der); + return -467; + } + + reqFile = fopen("./certreq.der", "wb"); + if (!reqFile) { + free(pem); + free(der); + return -468; + } + + ret = (int)fwrite(der, 1, derSz, reqFile); + fclose(reqFile); + if (ret != derSz) { + free(pem); + free(der); + return -471; + } + + reqFile = fopen("./certreq.pem", "wb"); + if (!reqFile) { + free(pem); + free(der); + return -469; + } + ret = (int)fwrite(pem, 1, pemSz, reqFile); + fclose(reqFile); + if (ret != pemSz) { + free(pem); + free(der); + return -470; + } + + free(pem); + free(der); + } +#endif /* CYASSL_CERT_REQ */ +#endif /* CYASSL_CERT_GEN */ + + FreeRsaKey(&key); +#ifdef HAVE_CAVIUM + RsaFreeCavium(&key); +#endif + free(tmp); + + return 0; +} + +#endif + + +#ifndef NO_DH + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* dhKey = "a:\certs\\dh2048.der"; + #else + static const char* dhKey = "./certs/dh2048.der"; + #endif +#endif + +int dh_test(void) +{ + int ret; + word32 bytes; + word32 idx = 0, privSz, pubSz, privSz2, pubSz2, agreeSz, agreeSz2; + byte tmp[1024]; + byte priv[256]; + byte pub[256]; + byte priv2[256]; + byte pub2[256]; + byte agree[256]; + byte agree2[256]; + DhKey key; + DhKey key2; + RNG rng; + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); + bytes = sizeof_dh_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); + bytes = sizeof_dh_key_der_2048; +#else + FILE* file = fopen(dhKey, "rb"); + + if (!file) + return -50; + + bytes = (word32) fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + InitDhKey(&key); + InitDhKey(&key2); + ret = DhKeyDecode(tmp, &idx, &key, bytes); + if (ret != 0) + return -51; + + idx = 0; + ret = DhKeyDecode(tmp, &idx, &key2, bytes); + if (ret != 0) + return -52; + + ret = InitRng(&rng); + if (ret != 0) + return -53; + + ret = DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz); + ret += DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2); + if (ret != 0) + return -54; + + ret = DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2); + ret += DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz); + if (ret != 0) + return -55; + + if (memcmp(agree, agree2, agreeSz)) + return -56; + + FreeDhKey(&key); + FreeDhKey(&key2); + + return 0; +} + +#endif /* NO_DH */ + + +#ifndef NO_DSA + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* dsaKey = "a:\\certs\\dsa2048.der"; + #else + static const char* dsaKey = "./certs/dsa2048.der"; + #endif +#endif + +int dsa_test(void) +{ + int ret, answer; + word32 bytes; + word32 idx = 0; + byte tmp[1024]; + DsaKey key; + RNG rng; + Sha sha; + byte hash[SHA_DIGEST_SIZE]; + byte signature[40]; + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); + bytes = sizeof_dsa_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); + bytes = sizeof_dsa_key_der_2048; +#else + FILE* file = fopen(dsaKey, "rb"); + + if (!file) + return -60; + + bytes = (word32) fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + ret = InitSha(&sha); + if (ret != 0) + return -4002; + ShaUpdate(&sha, tmp, bytes); + ShaFinal(&sha, hash); + + InitDsaKey(&key); + ret = DsaPrivateKeyDecode(tmp, &idx, &key, bytes); + if (ret != 0) return -61; + + ret = InitRng(&rng); + if (ret != 0) return -62; + + ret = DsaSign(hash, signature, &key, &rng); + if (ret != 0) return -63; + + ret = DsaVerify(hash, signature, &key, &answer); + if (ret != 0) return -64; + if (answer != 1) return -65; + + FreeDsaKey(&key); + + return 0; +} + +#endif /* NO_DSA */ + + +#ifdef OPENSSL_EXTRA + +int openssl_test(void) +{ + EVP_MD_CTX md_ctx; + testVector a, b, c, d, e, f; + byte hash[SHA_DIGEST_SIZE*4]; /* max size */ + + (void)e; + (void)f; + + a.input = "1234567890123456789012345678901234567890123456789012345678" + "9012345678901234567890"; + a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" + "\x7a"; + a.inLen = strlen(a.input); + a.outLen = MD5_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_md5()); + + EVP_DigestUpdate(&md_ctx, a.input, a.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0) + return -71; + + b.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" + "aaaaaaaaaa"; + b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" + "\x53\x99\x5E\x26\xA0"; + b.inLen = strlen(b.input); + b.outLen = SHA_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha1()); + + EVP_DigestUpdate(&md_ctx, b.input, b.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0) + return -72; + + + d.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" + "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" + "\x06\xC1"; + d.inLen = strlen(d.input); + d.outLen = SHA256_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha256()); + + EVP_DigestUpdate(&md_ctx, d.input, d.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0) + return -78; + +#ifdef CYASSL_SHA384 + + e.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" + "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" + "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" + "\x74\x60\x39"; + e.inLen = strlen(e.input); + e.outLen = SHA384_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha384()); + + EVP_DigestUpdate(&md_ctx, e.input, e.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, e.output, SHA384_DIGEST_SIZE) != 0) + return -79; + +#endif /* CYASSL_SHA384 */ + + +#ifdef CYASSL_SHA512 + + f.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" + "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; + f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14" + "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" + "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" + "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" + "\x87\x4b\xe9\x09"; + f.inLen = strlen(f.input); + f.outLen = SHA512_DIGEST_SIZE; + + EVP_MD_CTX_init(&md_ctx); + EVP_DigestInit(&md_ctx, EVP_sha512()); + + EVP_DigestUpdate(&md_ctx, f.input, f.inLen); + EVP_DigestFinal(&md_ctx, hash, 0); + + if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0) + return -80; + +#endif /* CYASSL_SHA512 */ + + + if (RAND_bytes(hash, sizeof(hash)) != 1) + return -73; + + c.input = "what do ya want for nothing?"; + c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" + "\x38"; + c.inLen = strlen(c.input); + c.outLen = MD5_DIGEST_SIZE; + + HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0); + + if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0) + return -74; + + { /* des test */ + const byte vector[] = { /* "now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + byte plain[24]; + byte cipher[24]; + + const_DES_cblock key = + { + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef + }; + + DES_cblock iv = + { + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef + }; + + DES_key_schedule sched; + + const byte verify[] = + { + 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, + 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, + 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b + }; + + DES_key_sched(&key, &sched); + + DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT); + DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT); + + if (memcmp(plain, vector, sizeof(vector)) != 0) + return -75; + + if (memcmp(cipher, verify, sizeof(verify)) != 0) + return -76; + + /* test changing iv */ + DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT); + DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT); + + if (memcmp(cipher, verify, sizeof(verify)) != 0) + return -77; + + } /* end des test */ + + { /* evp_cipher test */ + EVP_CIPHER_CTX ctx; + + + const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */ + 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, + 0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20, + 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 + }; + + const byte verify[] = + { + 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, + 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb + }; + + byte key[] = "0123456789abcdef "; /* align */ + byte iv[] = "1234567890abcdef "; /* align */ + + byte cipher[AES_BLOCK_SIZE * 4]; + byte plain [AES_BLOCK_SIZE * 4]; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0) + return -81; + + if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0) + return -82; + + if (memcmp(cipher, verify, AES_BLOCK_SIZE)) + return -83; + + EVP_CIPHER_CTX_init(&ctx); + if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0) + return -84; + + if (EVP_Cipher(&ctx, plain, cipher, 16) == 0) + return -85; + + if (memcmp(plain, msg, AES_BLOCK_SIZE)) + return -86; + + + } /* end evp_cipher test */ + + return 0; +} + +#endif /* OPENSSL_EXTRA */ + + +#ifndef NO_PWDBASED + +int pkcs12_test(void) +{ + const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67, + 0x00, 0x00 }; + const byte salt[] = { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f }; + + const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65, + 0x00, 0x67, 0x00, 0x00 }; + const byte salt2[] = { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 }; + byte derived[64]; + + const byte verify[] = { + 0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46, + 0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E, + 0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3 + }; + + const byte verify2[] = { + 0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E, + 0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB, + 0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F + }; + + int id = 1; + int kLen = 24; + int iterations = 1; + int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations, + kLen, SHA, id); + + if (ret < 0) + return -103; + + if ( (ret = memcmp(derived, verify, kLen)) != 0) + return -104; + + iterations = 1000; + ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations, + kLen, SHA, id); + if (ret < 0) + return -105; + + if ( (ret = memcmp(derived, verify2, 24)) != 0) + return -106; + + return 0; +} + + +int pbkdf2_test(void) +{ + char passwd[] = "password"; + const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 }; + int iterations = 2048; + int kLen = 24; + byte derived[64]; + + const byte verify[] = { + 0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2, + 0x0A, 0x02, 0x55, 0xEC, 0x32, 0x7C, 0xB9, 0x36, 0xFF, 0xE9, 0x36, 0x43 + + }; + + int ret = PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, + iterations, kLen, SHA); + if (ret != 0) + return ret; + + if (memcmp(derived, verify, sizeof(verify)) != 0) + return -102; + + return 0; +} + + +int pbkdf1_test(void) +{ + char passwd[] = "password"; + const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 }; + int iterations = 1000; + int kLen = 16; + byte derived[16]; + + const byte verify[] = { + 0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB, + 0x4A, 0x3D, 0x2A, 0x20 + }; + + PBKDF1(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations, + kLen, SHA); + + if (memcmp(derived, verify, sizeof(verify)) != 0) + return -101; + + return 0; +} + + +int pwdbased_test(void) +{ + int ret = pbkdf1_test(); + ret += pbkdf2_test(); + + return ret + pkcs12_test(); +} + +#endif /* NO_PWDBASED */ + +#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256)) + +int hkdf_test(void) +{ + int ret; + int L = 42; + byte okm1[42]; + byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; + byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c }; + byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9 }; + byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61, + 0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06, + 0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06, + 0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0, + 0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3, + 0x49, 0x18 }; + byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69, + 0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81, + 0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15, + 0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2, + 0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3, + 0xf8, 0x96 }; + byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f, + 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31, + 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e, + 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d, + 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a, + 0x96, 0xc8 }; + byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, + 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, + 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, + 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, + 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, + 0x58, 0x65 }; + + (void)res1; + (void)res2; + (void)res3; + (void)res4; + +#ifndef NO_SHA + ret = HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L); + if (ret != 0) + return -2001; + + if (memcmp(okm1, res1, L) != 0) + return -2002; + + ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L); + if (ret != 0) + return -2003; + + if (memcmp(okm1, res2, L) != 0) + return -2004; +#endif /* NO_SHA */ + +#ifndef NO_SHA256 + ret = HKDF(SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L); + if (ret != 0) + return -2005; + + if (memcmp(okm1, res3, L) != 0) + return -2006; + + ret = HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L); + if (ret != 0) + return -2007; + + if (memcmp(okm1, res4, L) != 0) + return -2007; +#endif /* NO_SHA256 */ + + return 0; +} + +#endif /* HAVE_HKDF */ + + +#ifdef HAVE_ECC + +int ecc_test(void) +{ + RNG rng; + byte sharedA[1024]; + byte sharedB[1024]; + byte sig[1024]; + byte digest[20]; + byte exportBuf[1024]; + word32 x, y; + int i, verify, ret; + ecc_key userA, userB, pubKey; + + ret = InitRng(&rng); + if (ret != 0) + return -1001; + + ecc_init(&userA); + ecc_init(&userB); + ecc_init(&pubKey); + + ret = ecc_make_key(&rng, 32, &userA); + + if (ret != 0) + return -1014; + + ret = ecc_make_key(&rng, 32, &userB); + + if (ret != 0) + return -1002; + + x = sizeof(sharedA); + ret = ecc_shared_secret(&userA, &userB, sharedA, &x); + + if (ret != 0) + return -1015; + + y = sizeof(sharedB); + ret = ecc_shared_secret(&userB, &userA, sharedB, &y); + + if (ret != 0) + return -1003; + + if (y != x) + return -1004; + + if (memcmp(sharedA, sharedB, x)) + return -1005; + + x = sizeof(exportBuf); + ret = ecc_export_x963(&userA, exportBuf, &x); + if (ret != 0) + return -1006; + + ret = ecc_import_x963(exportBuf, x, &pubKey); + + if (ret != 0) + return -1007; + + y = sizeof(sharedB); + ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y); + + if (ret != 0) + return -1008; + + if (memcmp(sharedA, sharedB, y)) + return -1010; + + /* test DSA sign hash */ + for (i = 0; i < (int)sizeof(digest); i++) + digest[i] = (byte)i; + + x = sizeof(sig); + ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA); + + if (ret != 0) + return -1016; + + verify = 0; + ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA); + + if (ret != 0) + return -1011; + + if (verify != 1) + return -1012; + + x = sizeof(exportBuf); + ret = ecc_export_private_only(&userA, exportBuf, &x); + if (ret != 0) + return -1013; + + ecc_free(&pubKey); + ecc_free(&userB); + ecc_free(&userA); + + return 0; +} + +#ifdef HAVE_ECC_ENCRYPT + +int ecc_encrypt_test(void) +{ + RNG rng; + int ret; + ecc_key userA, userB; + byte msg[48]; + byte plain[48]; + byte out[80]; + word32 outSz = sizeof(out); + word32 plainSz = sizeof(plain); + int i; + + ret = InitRng(&rng); + if (ret != 0) + return -3001; + + ecc_init(&userA); + ecc_init(&userB); + + ret = ecc_make_key(&rng, 32, &userA); + ret += ecc_make_key(&rng, 32, &userB); + + if (ret != 0) + return -3002; + + for (i = 0; i < 48; i++) + msg[i] = i; + + /* encrypt msg to B */ + ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL); + if (ret != 0) + return -3003; + + /* decrypt msg from A */ + ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL); + if (ret != 0) + return -3004; + + if (memcmp(plain, msg, sizeof(msg)) != 0) + return -3005; + + + { /* let's verify message exchange works, A is client, B is server */ + ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng); + ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng); + + byte cliSalt[EXCHANGE_SALT_SZ]; + byte srvSalt[EXCHANGE_SALT_SZ]; + const byte* tmpSalt; + + if (cliCtx == NULL || srvCtx == NULL) + return -3006; + + /* get salt to send to peer */ + tmpSalt = ecc_ctx_get_own_salt(cliCtx); + if (tmpSalt == NULL) + return -3007; + memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ); + + tmpSalt = ecc_ctx_get_own_salt(srvCtx); + if (tmpSalt == NULL) + return -3007; + memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ); + + /* in actual use, we'd get the peer's salt over the transport */ + ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt); + ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt); + + if (ret != 0) + return -3008; + + /* get encrypted msg (request) to send to B */ + outSz = sizeof(out); + ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx); + if (ret != 0) + return -3009; + + /* B decrypts msg (request) from A */ + plainSz = sizeof(plain); + ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx); + if (ret != 0) + return -3010; + + if (memcmp(plain, msg, sizeof(msg)) != 0) + return -3011; + + { + /* msg2 (response) from B to A */ + byte msg2[48]; + byte plain2[48]; + byte out2[80]; + word32 outSz2 = sizeof(out2); + word32 plainSz2 = sizeof(plain2); + + for (i = 0; i < 48; i++) + msg2[i] = i+48; + + /* get encrypted msg (response) to send to B */ + ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2, + &outSz2, srvCtx); + if (ret != 0) + return -3012; + + /* A decrypts msg (response) from B */ + ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2, + cliCtx); + if (ret != 0) + return -3013; + + if (memcmp(plain2, msg2, sizeof(msg2)) != 0) + return -3014; + } + + /* cleanup */ + ecc_ctx_free(srvCtx); + ecc_ctx_free(cliCtx); + } + + /* cleanup */ + ecc_free(&userB); + ecc_free(&userA); + + return 0; +} + +#endif /* HAVE_ECC_ENCRYPT */ +#endif /* HAVE_ECC */ + +#ifdef HAVE_LIBZ + +const byte sample_text[] = + "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n" + "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n" + "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n" + "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n" + "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n" + "small batch meggings kogi dolore food truck bespoke gastropub.\n" + "\n" + "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n" + "four loko you probably haven't heard of them high life. Messenger bag\n" + "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n" + "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n" + "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n" + "food truck next level, tousled irony non semiotics PBR ethical anim cred\n" + "readymade. Mumblecore brunch lomo odd future, portland organic terry\n" + "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n" + "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n" + "four loko whatever street art yr farm-to-table.\n" + "\n" + "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n" + "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n" + "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n" + "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n" + "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n" + "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n" + "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n" + "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n" + "locavore.\n" + "\n" + "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n" + "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n" + "cillum pickled velit, YOLO officia you probably haven't heard of them\n" + "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n" + "small batch american apparel. Put a bird on it cosby sweater before they\n" + "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n" + "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n" + "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n" + "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n" + "neutra PBR selvage.\n" + "\n" + "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n" + "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n" + "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n" + "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n" + "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n" + "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n" + "incididunt flannel sustainable helvetica pork belly pug banksy you\n" + "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n" + "mollit magna, sriracha sartorial helvetica.\n" + "\n" + "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n" + "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n" + "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n" + "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n" + "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n" + "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n" + "Veniam sunt food truck leggings, sint vinyl fap.\n" + "\n" + "Hella dolore pork belly, truffaut carles you probably haven't heard of\n" + "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n" + "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n" + "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n" + "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n" + "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n" + "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n" + "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n" + "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n" + "\n" + "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n" + "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n" + "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n" + "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n" + "tousled beard mollit mustache leggings portland next level. Nihil esse\n" + "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n" + "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n" + "bag dolor terry richardson sapiente.\n"; + + +int compress_test(void) +{ + int ret = 0; + word32 dSz = sizeof(sample_text); + word32 cSz = (dSz + (word32)(dSz * 0.001) + 12); + byte *c = NULL; + byte *d = NULL; + + c = calloc(cSz, sizeof(byte)); + d = calloc(dSz, sizeof(byte)); + + if (c == NULL || d == NULL) + ret = -300; + + if (ret == 0 && (ret = Compress(c, cSz, sample_text, dSz, 0)) < 0) + ret = -301; + + if (ret > 0) { + cSz = (word32)ret; + ret = 0; + } + + if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz) + ret = -302; + + if (ret == 0 && memcmp(d, sample_text, dSz)) + ret = -303; + + if (c) free(c); + if (d) free(d); + + return ret; +} + +#endif /* HAVE_LIBZ */ + +#ifdef HAVE_PKCS7 + +int pkcs7enveloped_test(void) +{ + int ret = 0; + + int cipher = DES3b; + int envelopedSz, decodedSz; + PKCS7 pkcs7; + byte* cert; + byte* privKey; + byte enveloped[2048]; + byte decoded[2048]; + + size_t certSz; + size_t privKeySz; + FILE* certFile; + FILE* keyFile; + FILE* pkcs7File; + const char* pkcs7OutFile = "pkcs7envelopedData.der"; + + const byte data[] = { /* Hello World */ + 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, + 0x72,0x6c,0x64 + }; + + /* read client cert and key in DER format */ + cert = (byte*)malloc(FOURK_BUF); + if (cert == NULL) + return -201; + + privKey = (byte*)malloc(FOURK_BUF); + if (privKey == NULL) { + free(cert); + return -202; + } + + certFile = fopen(clientCert, "rb"); + if (!certFile) { + free(cert); + free(privKey); + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -42); + } + + certSz = fread(cert, 1, FOURK_BUF, certFile); + fclose(certFile); + + keyFile = fopen(clientKey, "rb"); + if (!keyFile) { + free(cert); + free(privKey); + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -43); + } + + privKeySz = fread(privKey, 1, FOURK_BUF, keyFile); + fclose(keyFile); + + PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz); + pkcs7.content = (byte*)data; + pkcs7.contentSz = (word32)sizeof(data); + pkcs7.contentOID = DATA; + pkcs7.encryptOID = cipher; + pkcs7.privateKey = privKey; + pkcs7.privateKeySz = (word32)privKeySz; + + /* encode envelopedData */ + envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped, + sizeof(enveloped)); + if (envelopedSz <= 0) { + free(cert); + free(privKey); + return -203; + } + + /* decode envelopedData */ + decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz, + decoded, sizeof(decoded)); + if (decodedSz <= 0) { + free(cert); + free(privKey); + return -204; + } + + /* test decode result */ + if (memcmp(decoded, data, sizeof(data)) != 0) { + free(cert); + free(privKey); + return -205; + } + + /* output pkcs7 envelopedData for external testing */ + pkcs7File = fopen(pkcs7OutFile, "wb"); + if (!pkcs7File) { + free(cert); + free(privKey); + return -206; + } + + ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File); + fclose(pkcs7File); + + free(cert); + free(privKey); + PKCS7_Free(&pkcs7); + + if (ret > 0) + return 0; + + return ret; +} + +int pkcs7signed_test(void) +{ + int ret = 0; + + FILE* file; + byte* certDer; + byte* keyDer; + byte* out; + char data[] = "Hello World"; + word32 dataSz, outSz, certDerSz, keyDerSz; + PKCS7 msg; + RNG rng; + + byte transIdOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x07 }; + byte messageTypeOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x02 }; + byte senderNonceOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x05 }; + byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; + byte messageType[] = { 0x13, 2, '1', '9' }; + byte senderNonce[PKCS7_NONCE_SZ + 2]; + + PKCS7Attrib attribs[] = + { + { transIdOid, sizeof(transIdOid), + transId, sizeof(transId) - 1 }, /* take off the null */ + { messageTypeOid, sizeof(messageTypeOid), + messageType, sizeof(messageType) }, + { senderNonceOid, sizeof(senderNonceOid), + senderNonce, sizeof(senderNonce) } + }; + + dataSz = (word32) strlen(data); + outSz = FOURK_BUF; + + certDer = (byte*)malloc(FOURK_BUF); + if (certDer == NULL) + return -207; + keyDer = (byte*)malloc(FOURK_BUF); + if (keyDer == NULL) { + free(certDer); + return -208; + } + out = (byte*)malloc(FOURK_BUF); + if (out == NULL) { + free(certDer); + free(keyDer); + return -209; + } + + /* read in DER cert of recipient, into cert of size certSz */ + file = fopen(clientCert, "rb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -44); + } + certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file); + fclose(file); + + file = fopen(clientKey, "rb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -45); + } + keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file); + fclose(file); + + ret = InitRng(&rng); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -210; + } + + senderNonce[0] = 0x04; + senderNonce[1] = PKCS7_NONCE_SZ; + + ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -211; + } + + PKCS7_InitWithCert(&msg, certDer, certDerSz); + msg.privateKey = keyDer; + msg.privateKeySz = keyDerSz; + msg.content = (byte*)data; + msg.contentSz = dataSz; + msg.hashOID = SHAh; + msg.encryptOID = RSAk; + msg.signedAttribs = attribs; + msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib); + msg.rng = &rng; + { + Sha sha; + byte digest[SHA_DIGEST_SIZE]; + int i,j; + + transId[0] = 0x13; + transId[1] = SHA_DIGEST_SIZE * 2; + + ret = InitSha(&sha); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -4003; + } + ShaUpdate(&sha, msg.publicKey, msg.publicKeySz); + ShaFinal(&sha, digest); + + for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) { + snprintf((char*)&transId[j], 3, "%02x", digest[i]); + } + } + ret = PKCS7_EncodeSignedData(&msg, out, outSz); + if (ret < 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -212; + } + else + outSz = ret; + + /* write PKCS#7 to output file for more testing */ + file = fopen("./pkcs7signedData.der", "wb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -213; + } + ret = (int)fwrite(out, 1, outSz, file); + fclose(file); + if (ret != (int)outSz) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -218; + } + + PKCS7_Free(&msg); + PKCS7_InitWithCert(&msg, NULL, 0); + + ret = PKCS7_VerifySignedData(&msg, out, outSz); + if (ret < 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -214; + } + + if (msg.singleCert == NULL || msg.singleCertSz == 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -215; + } + + file = fopen("./pkcs7cert.der", "wb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -216; + } + ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file); + fclose(file); + + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + + if (ret > 0) + return 0; + + return ret; +} + +#endif /* HAVE_PKCS7 */ + +#endif /* NO_CRYPT_TEST */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/Abstract.txt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/Abstract.txt new file mode 100644 index 000000000..dde67ce4f --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/Abstract.txt @@ -0,0 +1,85 @@ +This program gives wolfCrypt and CyaSSL library demo. + +In order to run the demo, +Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory. +For demo configuration, refer config-Crypt.h and config-CyaSSL.h. + +After download and start the execution, you can type in commands through the +Debug(printf) viewer. + +test wolfCrypt Simple test suite +benchmark wolfCrypt Simple benchmark +server& simple server in background mode +client simple client +echoserver& echo server in background mode +echoclient echo client +server/client -h help for server/client command + + +=== Typical Command Usage Scenario === + +Starting Shell +>test +MD5 test passed! +MD4 test passed! +SHA test passed! +... + +>benchmark +AES 25 kB took 0.025 seconds, 0.96 MB/s +ARC4 25 kB took 0.006 seconds, 3.83 MB/s +... + +DH 2048 key agreement 685.93 milliseconds, avg over 1 iterations + +>echoserver& +"echoserver" is running with the background mode. + +>echoclient +ABCDEFG +ABCDEFG +WXYZ +WXYZ +quit +sending server shutdown command: quit! +client sent quit command: shutting down! + +>server& +"server" is running with the background mode. + +>client +peer's cert info: + issuer : /C=... + subject: /C=... + serial number:02 +SSL version is TLSv1.2 +SSL cipher suite is TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 +peer's cert info: + issuer : /C=... + subject: /C=... + serial number:... +SSL version is TLSv1.2 +SSL cipher suite is TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 +Client message: hello cyassl! +Server response: I hear you fa shizzle! + +>client -h 192.168.2.100 -p 443 -g -v 0 +peer's cert info: + issuer : /CN=... + subject: /CN=... + serial number:44:39:... +SSL version is SSLv3 +SSL cipher suite is SSL_RSA_WITH_RC4_128_SHA +SSL connect ok, sending GET... +... +=== + +For the hardware crypt on config-Crypt.h, download +STSW-STM32062: STM32F2xx standard peripherals library at +http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to + {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib + + +Support +------- +Please send questions or comments to support@wolfssl.com diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvoptx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvoptx new file mode 100644 index 000000000..ab0d90db3 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvoptx @@ -0,0 +1,1621 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + CyaSSL-Full + 0x4 + ARM-ADS + + 25000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + 0 + DLGUARM + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 ) -FN1 -FC1000 -FD20000000 -FF0STM32F2xx_1024 -FL0100000 -FS08000000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + + + + 0 + 1 + str[i] + + + 1 + 1 + str + + + + + 1 + 3 + 0x20003d9e + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 2 + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\benchmark.c + benchmark.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 24 + 0 + 0 + 0 + 0 + .\client.c + client.c + 0 + 0 + + + 1 + 3 + 1 + 0 + 0 + 10 + 0 + 0 + 0 + 0 + .\echoclient.c + echoclient.c + 0 + 0 + + + 1 + 4 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\echoserver.c + echoserver.c + 0 + 0 + + + 1 + 5 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\server.c + server.c + 0 + 0 + + + 1 + 6 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\cert_data.c + cert_data.c + 0 + 0 + + + 1 + 7 + 1 + 0 + 0 + 34 + 0 + 0 + 0 + 0 + .\test.c + test.c + 0 + 0 + + + 1 + 8 + 1 + 0 + 0 + 0 + 0 + 72 + 84 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 9 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\shell.c + shell.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 10 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 0 + 0 + + + 2 + 11 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 12 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\settings.h + settings.h + 0 + 0 + + + 2 + 13 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 0 + 0 + + + + + Documentation + 1 + 0 + 0 + 0 + + 3 + 14 + 5 + 0 + 0 + 10 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + Devices + 1 + 0 + 0 + 0 + + 4 + 15 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-CortexM3-4.c + time-CortexM3-4.c + 0 + 0 + + + 4 + 16 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + + + ::CMSIS + 1 + 0 + 0 + 1 + + 5 + 17 + 1 + 0 + 0 + 0 + 0 + 278 + 285 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 5 + 18 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 0 + 0 + 0 + 1 + + 6 + 19 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 6 + 20 + 2 + 0 + 0 + 0 + 0 + 164 + 169 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 6 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 6 + 22 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 6 + 23 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 7 + 24 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + PHY_ST802RT1.c + 1 + 0 + + + 7 + 25 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + EMAC_STM32F2xx.c + 1 + 0 + + + 7 + 26 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 8 + 27 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 8 + 28 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 8 + 29 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::Network + 0 + 0 + 0 + 1 + + 9 + 30 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config.c + Net_Config.c + 1 + 0 + + + 9 + 31 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_BSD.h + Net_Config_BSD.h + 1 + 0 + + + 9 + 32 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_DNS_Client.h + Net_Config_DNS_Client.h + 1 + 0 + + + 9 + 33 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 1 + 0 + + + 9 + 34 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_TCP.h + Net_Config_TCP.h + 1 + 0 + + + 9 + 35 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_UDP.h + Net_Config_UDP.h + 1 + 0 + + + 9 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Debug.c + Net_Debug.c + 1 + 0 + + + 9 + 37 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + Net_Dbg_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 0 + 0 + 0 + 1 + + 10 + 38 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 10 + 39 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 1 + 0 + + + 10 + 40 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 10 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + 10 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 10 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 10 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 10 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 10 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 10 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 10 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 10 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 10 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 10 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 10 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 10 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 10 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 10 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 10 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 10 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 10 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 10 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 10 + 60 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 10 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 10 + 62 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 10 + 63 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 10 + 64 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 10 + 65 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + 10 + 66 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 10 + 67 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 10 + 68 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 10 + 69 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 10 + 70 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 10 + 71 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 10 + 72 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 10 + 73 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 10 + 74 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 10 + 75 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + crl.c + 1 + 0 + + + 10 + 76 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + internal.c + 1 + 0 + + + 10 + 77 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + io.c + 1 + 0 + + + 10 + 78 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + keys.c + 1 + 0 + + + 10 + 79 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + ocsp.c + 1 + 0 + + + 10 + 80 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + sniffer.c + 1 + 0 + + + 10 + 81 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + ssl.c + 1 + 0 + + + 10 + 82 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + tls.c + 1 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvprojx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvprojx new file mode 100644 index 000000000..dc54ce825 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/CyaSSL-Full.uvprojx @@ -0,0 +1,1155 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + CyaSSL-Full + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + CyaSSL-Full + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 0 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_CYASSL + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + benchmark.c + 1 + .\benchmark.c + + + client.c + 1 + .\client.c + + + echoclient.c + 1 + .\echoclient.c + + + echoserver.c + 1 + .\echoserver.c + + + server.c + 1 + .\server.c + + + cert_data.c + 1 + .\cert_data.c + + + test.c + 1 + .\test.c + + + main.c + 1 + .\main.c + + + shell.c + 1 + .\shell.c + + + + + Configuration + + + config-CyaSSL.h + 5 + .\RTE\wolfSSL\config-CyaSSL.h + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + settings.h + 5 + .\RTE\wolfSSL\settings.h + + + Net_Config_ETH_0.h + 5 + .\RTE\Network\Net_Config_ETH_0.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + Devices + + + time-CortexM3-4.c + 1 + .\time-CortexM3-4.c + + + time-dummy.c + 1 + .\time-dummy.c + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + PHY_ST802RT1.c + 1 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + + + EMAC_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::Network + + + Net_Config.c + 1 + RTE\Network\Net_Config.c + + + Net_Config_BSD.h + 5 + RTE\Network\Net_Config_BSD.h + + + Net_Config_DNS_Client.h + 5 + RTE\Network\Net_Config_DNS_Client.h + + + Net_Config_ETH_0.h + 5 + RTE\Network\Net_Config_ETH_0.h + + + Net_Config_TCP.h + 5 + RTE\Network\Net_Config_TCP.h + + + Net_Config_UDP.h + 5 + RTE\Network\Net_Config_UDP.h + + + Net_Debug.c + 1 + RTE\Network\Net_Debug.c + + + Net_Dbg_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + config-CyaSSL.h + 5 + RTE\wolfSSL\config-CyaSSL.h + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + + + crl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + + + internal.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + + + io.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + + + keys.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + + + ocsp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + + + sniffer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + + + ssl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + + + tls.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + + + RTE\Network\Net_Debug.c + + + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config-CyaSSL.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/settings.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/settings.h new file mode 100644 index 000000000..33d41cfdb --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/RTE/wolfSSL/settings.h @@ -0,0 +1,667 @@ +/* settings.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using PIC32MZ Crypto Engine */ +/* #define CYASSL_MICROCHIP_PIC32MZ */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + +/* Uncomment next line if using LwIP native TCP socket settings */ +/* #define HAVE_LWIP_NATIVE */ + +/* Uncomment next line if building for EROAD */ +/* #define CYASSL_EROAD */ + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef CYASSL_USER_SETTINGS + #include +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ + #define CYASSL_LWIP + #define NO_WRITEV + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_FILESYSTEM +#endif + +#ifdef MICROCHIP_PIC32 + /* #define CYASSL_MICROCHIP_PIC32MZ */ + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef CYASSL_MICROCHIP_PIC32MZ + #define CYASSL_PIC32MZ_CE + #define CYASSL_PIC32MZ_CRYPT + #define HAVE_AES_ENGINE + #define CYASSL_PIC32MZ_RNG + /* #define CYASSL_PIC32MZ_HASH */ + #define CYASSL_AES_COUNTER + #define HAVE_AESGCM + #define NO_BIG_INT + +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "system/system_services.h" + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define CYASSL_USER_IO + #define NO_FILESYSTEM + #define NO_CERT + #define USE_CERT_BUFFERS_1024 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define HAVE_ECC + #define NO_SESSION_CACHE + #define CYASSL_CMSIS_RTOS +#endif + + +#ifdef CYASSL_EROAD + #define FREESCALE_MQX + #define FREESCALE_MMCAU + #define SINGLE_THREADED + #define NO_STDIO_FILESYSTEM + #define CYASSL_LEANPSK + #define HAVE_NULL_CIPHER + #define NO_OLD_TLS + #define NO_ASN + #define NO_BIG_INT + #define NO_RSA + #define NO_DSA + #define NO_DH + #define NO_CERTS + #define NO_PWDBASED + #define NO_DES3 + #define NO_MD4 + #define NO_RC4 + #define NO_MD5 + #define NO_SESSION_CACHE + #define NO_MAIN_DRIVER +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) && !defined(CYASSL_EROAD) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c new file mode 100644 index 000000000..2cccd362a --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/benchmark.c @@ -0,0 +1,1222 @@ +/* benchmark.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* CTaoCrypt benchmark */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#include +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif + +#if defined(CYASSL_MDK_ARM) + extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; + #define fopen CyaSSL_fopen +#endif + +#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) + /* include test cert and key buffers for use with NO_FILESYSTEM */ + #if defined(CYASSL_MDK_ARM) + #include "cert_data.h" /* use certs_test.c for initial data, + so other commands can share the data. */ + #else + #include + #endif +#endif + + +#ifdef HAVE_BLAKE2 + #include + void bench_blake2(void); +#endif + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable: 4996) +#endif + +void bench_des(void); +void bench_arc4(void); +void bench_hc128(void); +void bench_rabbit(void); +void bench_aes(int); +void bench_aesgcm(void); +void bench_aesccm(void); +void bench_aesctr(void); +void bench_camellia(void); + +void bench_md5(void); +void bench_sha(void); +void bench_sha256(void); +void bench_sha512(void); +void bench_ripemd(void); + +void bench_rsa(void); +void bench_rsaKeyGen(void); +void bench_dh(void); +#ifdef HAVE_ECC +void bench_eccKeyGen(void); +void bench_eccKeyAgree(void); +#endif + +double current_time(int); + + +#ifdef HAVE_CAVIUM + +static int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif + + +/* so embedded projects can pull in tests on their own */ +#if !defined(NO_MAIN_DRIVER) + +int main(int argc, char** argv) + +{ + (void)argc; + (void)argv; +#else +int benchmark_test(void *args) +{ +#endif + + #ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) { + printf("Cavium OpenNitroxDevice failed\n"); + exit(-1); + } +#endif /* HAVE_CAVIUM */ +#ifndef NO_AES + bench_aes(0); + bench_aes(1); +#endif +#ifdef HAVE_AESGCM + bench_aesgcm(); +#endif + +#ifdef CYASSL_AES_COUNTER + bench_aesctr(); +#endif + +#ifdef HAVE_AESCCM + bench_aesccm(); +#endif +#ifdef HAVE_CAMELLIA + bench_camellia(); +#endif +#ifndef NO_RC4 + bench_arc4(); +#endif +#ifdef HAVE_HC128 + bench_hc128(); +#endif +#ifndef NO_RABBIT + bench_rabbit(); +#endif +#ifndef NO_DES3 + bench_des(); +#endif + + printf("\n"); + +#ifndef NO_MD5 + bench_md5(); +#endif +#ifndef NO_SHA + bench_sha(); +#endif +#ifndef NO_SHA256 + bench_sha256(); +#endif +#ifdef CYASSL_SHA512 + bench_sha512(); +#endif +#ifdef CYASSL_RIPEMD + bench_ripemd(); +#endif +#ifdef HAVE_BLAKE2 + bench_blake2(); +#endif + + printf("\n"); + +#ifndef NO_RSA + bench_rsa(); +#endif + +#ifndef NO_DH + bench_dh(); +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) + bench_rsaKeyGen(); +#endif + +#ifdef HAVE_ECC + bench_eccKeyGen(); + bench_eccKeyAgree(); +#endif + + return 0; +} + + +#ifdef BENCH_EMBEDDED +enum BenchmarkBounds { + numBlocks = 25, /* how many kB to test (en/de)cryption */ + ntimes = 1, + genTimes = 5, /* public key iterations */ + agreeTimes = 5 +}; +static const char blockType[] = "kB"; /* used in printf output */ +#else +enum BenchmarkBounds { + numBlocks = 5, /* how many megs to test (en/de)cryption */ + ntimes = 100, + genTimes = 100, + agreeTimes = 100 +}; +static const char blockType[] = "megs"; /* used in printf output */ +#endif + +static const byte key[] = +{ + 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, + 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, + 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 +}; + +static const byte iv[] = +{ + 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, + 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, + 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 + +}; + + +/* use kB instead of mB for embedded benchmarking */ +#ifdef BENCH_EMBEDDED +static byte plain [1024]; +static byte cipher[1024]; +#else +static byte plain [1024*1024]; +static byte cipher[1024*1024]; +#endif + + +#ifndef NO_AES +void bench_aes(int show) +{ + Aes enc; + double start, total, persec; + int i; + int ret; + +#ifdef HAVE_CAVIUM + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) { + printf("aes init cavium failed\n"); + return; + } +#endif + + ret = AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("AesSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + if (show) + printf("AES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + AesFreeCavium(&enc); +#endif +} +#endif + + +#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) + static byte additional[13]; + static byte tag[16]; +#endif + + +#ifdef HAVE_AESGCM +void bench_aesgcm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesGcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesGcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-GCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_AES_COUNTER +void bench_aesctr(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesSetKeyDirect(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCtrEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CTR %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + + +#ifdef HAVE_AESCCM +void bench_aesccm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesCcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_CAMELLIA +void bench_camellia(void) +{ + Camellia cam; + double start, total, persec; + int i, ret; + + ret = CamelliaSetKey(&cam, key, 16, iv); + if (ret != 0) { + printf("CamelliaSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + CamelliaCbcEncrypt(&cam, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("Camellia %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifndef NO_DES3 +void bench_des(void) +{ + Des3 enc; + double start, total, persec; + int i, ret; + +#ifdef HAVE_CAVIUM + if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("des3 init cavium failed\n"); +#endif + ret = Des3_SetKey(&enc, key, iv, DES_ENCRYPTION); + if (ret != 0) { + printf("Des3_SetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Des3_CbcEncrypt(&enc, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("3DES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Des3_FreeCavium(&enc); +#endif +} +#endif + + +#ifndef NO_RC4 +void bench_arc4(void) +{ + Arc4 enc; + double start, total, persec; + int i; + +#ifdef HAVE_CAVIUM + if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("arc4 init cavium failed\n"); +#endif + + Arc4SetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Arc4Process(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("ARC4 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Arc4FreeCavium(&enc); +#endif +} +#endif + + +#ifdef HAVE_HC128 +void bench_hc128(void) +{ + HC128 enc; + double start, total, persec; + int i; + + Hc128_SetKey(&enc, key, iv); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Hc128_Process(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("HC128 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* HAVE_HC128 */ + + +#ifndef NO_RABBIT +void bench_rabbit(void) +{ + Rabbit enc; + double start, total, persec; + int i; + + RabbitSetKey(&enc, key, iv); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + RabbitProcess(&enc, cipher, plain, sizeof(plain)); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("RABBIT %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_RABBIT */ + + +#ifndef NO_MD5 +void bench_md5(void) +{ + Md5 hash; + byte digest[MD5_DIGEST_SIZE]; + double start, total, persec; + int i; + + InitMd5(&hash); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + Md5Update(&hash, plain, sizeof(plain)); + + Md5Final(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("MD5 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_MD5 */ + + +#ifndef NO_SHA +void bench_sha(void) +{ + Sha hash; + byte digest[SHA_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha(&hash); + if (ret != 0) { + printf("InitSha failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + ShaUpdate(&hash, plain, sizeof(plain)); + + ShaFinal(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif /* NO_SHA */ + + +#ifndef NO_SHA256 +void bench_sha256(void) +{ + Sha256 hash; + byte digest[SHA256_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha256(&hash); + if (ret != 0) { + printf("InitSha256 failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Sha256Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha256Update failed, ret = %d\n", ret); + return; + } + } + + ret = Sha256Final(&hash, digest); + if (ret != 0) { + printf("Sha256Final failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-256 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_SHA512 +void bench_sha512(void) +{ + Sha512 hash; + byte digest[SHA512_DIGEST_SIZE]; + double start, total, persec; + int i, ret; + + ret = InitSha512(&hash); + if (ret != 0) { + printf("InitSha512 failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Sha512Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha512Update failed, ret = %d\n", ret); + return; + } + } + + ret = Sha512Final(&hash, digest); + if (ret != 0) { + printf("Sha512Final failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-512 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_RIPEMD +void bench_ripemd(void) +{ + RipeMd hash; + byte digest[RIPEMD_DIGEST_SIZE]; + double start, total, persec; + int i; + + InitRipeMd(&hash); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + RipeMdUpdate(&hash, plain, sizeof(plain)); + + RipeMdFinal(&hash, digest); + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("RIPEMD %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_BLAKE2 +void bench_blake2(void) +{ + Blake2b b2b; + byte digest[64]; + double start, total, persec; + int i, ret; + + ret = InitBlake2b(&b2b, 64); + if (ret != 0) { + printf("InitBlake2b failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Blake2bUpdate(&b2b, plain, sizeof(plain)); + if (ret != 0) { + printf("Blake2bUpdate failed, ret = %d\n", ret); + return; + } + } + + ret = Blake2bFinal(&b2b, digest, 64); + if (ret != 0) { + printf("Blake2bFinal failed, ret = %d\n", ret); + return; + } + + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("BLAKE2b %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#if !defined(NO_RSA) || !defined(NO_DH) \ + || defined(CYASSL_KEYGEN) || defined(HAVE_ECC) +static RNG rng; +#endif + +#ifndef NO_RSA + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + defined(CYASSL_MDK_SHELL) +static char *certRSAname = "certs/rsa2048.der" ; +static void set_Bench_RSA_File(char * cert) { certRSAname = cert ; } + /* set by shell command */ +#elif defined(CYASSL_MDK_SHELL) + /* nothing */ +#else +static const char *certRSAname = "certs/rsa2048.der" ; +#endif + +void bench_rsa(void) +{ + int i; + int ret; + byte tmp[3072]; + size_t bytes; + word32 idx = 0; + + byte message[] = "Everyone gets Friday off."; + byte enc[512]; /* for up to 4096 bit */ + const int len = (int)strlen((char*)message); + double start, total, each, milliEach; + + RsaKey rsaKey; + int rsaKeySz = 2048; /* used in printf */ + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, rsa_key_der_1024, sizeof_rsa_key_der_1024); + bytes = sizeof_rsa_key_der_1024; + rsaKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, rsa_key_der_2048, sizeof_rsa_key_der_2048); + bytes = sizeof_rsa_key_der_2048; +#else + FILE* file = fopen(certRSAname, "rb"); + + if (!file) { + printf("can't find %s, Please run from CyaSSL home dir\n", certRSAname); + return; + } + + bytes = fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + +#ifdef HAVE_CAVIUM + if (RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0) + printf("RSA init cavium failed\n"); +#endif + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + ret = InitRsaKey(&rsaKey, 0); + if (ret < 0) { + printf("InitRsaKey failed\n"); + return; + } + ret = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes); + + start = current_time(1); + + for (i = 0; i < ntimes; i++) + ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("RSA %d encryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); + + if (ret < 0) { + printf("Rsa Public Encrypt failed\n"); + return; + } + + start = current_time(1); + + for (i = 0; i < ntimes; i++) { + byte out[512]; /* for up to 4096 bit */ + RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey); + } + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("RSA %d decryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); + + FreeRsaKey(&rsaKey); +#ifdef HAVE_CAVIUM + RsaFreeCavium(&rsaKey); +#endif +} +#endif + + +#ifndef NO_DH + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) && \ + defined(CYASSL_MDK_SHELL) +static char *certDHname = "certs/dh2048.der" ; +void set_Bench_DH_File(char * cert) { certDHname = cert ; } + /* set by shell command */ +#elif defined(CYASSL_MDK_SHELL) + /* nothing */ +#else +static const char *certDHname = "certs/dh2048.der" ; +#endif + +void bench_dh(void) +{ + int i, ret; + byte tmp[1024]; + size_t bytes; + word32 idx = 0, pubSz, privSz = 0, pubSz2, privSz2, agreeSz; + + byte pub[256]; /* for 2048 bit */ + byte priv[256]; /* for 2048 bit */ + byte pub2[256]; /* for 2048 bit */ + byte priv2[256]; /* for 2048 bit */ + byte agree[256]; /* for 2048 bit */ + + double start, total, each, milliEach; + DhKey dhKey; + int dhKeySz = 2048; /* used in printf */ + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); + bytes = sizeof_dh_key_der_1024; + dhKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); + bytes = sizeof_dh_key_der_2048; +#else + FILE* file = fopen(certDHname, "rb"); + + if (!file) { + printf("can't find %s, Please run from CyaSSL home dir\n", certDHname); + return; + } + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + bytes = fread(tmp, 1, sizeof(tmp), file); +#endif /* USE_CERT_BUFFERS */ + + + InitDhKey(&dhKey); + bytes = DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes); + if (bytes != 0) { + printf("dhekydecode failed, can't benchmark\n"); + #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); + #endif + return; + } + + start = current_time(1); + + for (i = 0; i < ntimes; i++) + DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("DH %d key generation %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); + + DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2); + start = current_time(1); + + for (i = 0; i < ntimes; i++) + DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2); + + total = current_time(0) - start; + each = total / ntimes; /* per second */ + milliEach = each * 1000; /* milliseconds */ + + printf("DH %d key agreement %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); +#endif + FreeDhKey(&dhKey); +} +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) +void bench_rsaKeyGen(void) +{ + RsaKey genKey; + double start, total, each, milliEach; + int i; + + /* 1024 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + InitRsaKey(&genKey, 0); + MakeRsaKey(&genKey, 1024, 65537, &rng); + FreeRsaKey(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("\n"); + printf("RSA 1024 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); + + /* 2048 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + InitRsaKey(&genKey, 0); + MakeRsaKey(&genKey, 2048, 65537, &rng); + FreeRsaKey(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("RSA 2048 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); +} +#endif /* CYASSL_KEY_GEN */ + +#ifdef HAVE_ECC +void bench_eccKeyGen(void) +{ + ecc_key genKey; + double start, total, each, milliEach; + int i, ret; + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + /* 256 bit */ + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + ecc_make_key(&rng, 32, &genKey); + ecc_free(&genKey); + } + + total = current_time(0) - start; + each = total / genTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("\n"); + printf("ECC 256 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); +} + + +void bench_eccKeyAgree(void) +{ + ecc_key genKey, genKey2; + double start, total, each, milliEach; + int i, ret; + byte shared[1024]; + byte sig[1024]; + byte digest[32]; + word32 x = 0; + + ecc_init(&genKey); + ecc_init(&genKey2); + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + + ret = ecc_make_key(&rng, 32, &genKey); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + ret = ecc_make_key(&rng, 32, &genKey2); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + + /* 256 bit */ + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + x = sizeof(shared); + ret = ecc_shared_secret(&genKey, &genKey2, shared, &x); + if (ret != 0) { + printf("ecc_shared_secret failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DHE key agreement %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + /* make dummy digest */ + for (i = 0; i < (int)sizeof(digest); i++) + digest[i] = (byte)i; + + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + x = sizeof(sig); + ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &genKey); + if (ret != 0) { + printf("ecc_sign_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA sign time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + int verify = 0; + ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &genKey); + if (ret != 0) { + printf("ecc_verify_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA verify time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + ecc_free(&genKey2); + ecc_free(&genKey); +} +#endif /* HAVE_ECC */ + + +#ifdef _WIN32 + + #define WIN32_LEAN_AND_MEAN + #include + + double current_time(int reset) + { + static int init = 0; + static LARGE_INTEGER freq; + + LARGE_INTEGER count; + + (void)reset; + + if (!init) { + QueryPerformanceFrequency(&freq); + init = 1; + } + + QueryPerformanceCounter(&count); + + return (double)count.QuadPart / freq.QuadPart; + } + +#elif defined MICROCHIP_PIC32 + #if defined(CYASSL_MICROCHIP_PIC32MZ) + #define CLOCK 8000000.0 + #else + #include + #define CLOCK 4000000.0 + #endif + + double current_time(int reset) + { + unsigned int ns; + + if (reset) { + WriteCoreTimer(0); + } + + /* get timer in ns */ + ns = ReadCoreTimer(); + + /* return seconds as a double */ + return ( ns / CLOCK * 2.0); + } + +#elif defined CYASSL_MDK_ARM + + extern double current_time(int reset) ; + +#elif defined FREERTOS + + double current_time(int reset) + { + (void) reset; + + portTickType tickCount; + + /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */ + tickCount = xTaskGetTickCount(); + return (double)tickCount / 1000; + } + +#else + + #include + + double current_time(int reset) + { + struct timeval tv; + + (void)reset; + + gettimeofday(&tv, 0); + + return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; + } + +#endif /* _WIN32 */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/cert_data.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/cert_data.c new file mode 100644 index 000000000..d29fbf3b1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/cert_data.c @@ -0,0 +1,28 @@ +/* certs_test.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* Define initial data for cert buffers */ +#include + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c new file mode 100644 index 000000000..4744f9b72 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/client.c @@ -0,0 +1,858 @@ +/* client.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + #define CYASSL_MDK_ARM +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include + +#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER) + /* in case memory tracker wants stats */ + #define CYASSL_TRACK_MEMORY +#endif + +#include +#include +#include "examples/client/client.h" + + +#ifdef CYASSL_CALLBACKS + int handShakeCB(HandShakeInfo*); + int timeoutCB(TimeoutInfo*); + Timeval timeout; +#endif + + +static void NonBlockingSSL_Connect(CYASSL* ssl) +{ +#ifndef CYASSL_CALLBACKS + int ret = CyaSSL_connect(ssl); +#else + int ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout); +#endif + int error = CyaSSL_get_error(ssl, 0); + SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl); + int select_ret; + + while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || + error == SSL_ERROR_WANT_WRITE)) { + int currTimeout = 1; + + if (error == SSL_ERROR_WANT_READ) + printf("... client would read block\n"); + else + printf("... client would write block\n"); + +#ifdef CYASSL_DTLS + currTimeout = CyaSSL_dtls_get_current_timeout(ssl); +#endif + select_ret = tcp_select(sockfd, currTimeout); + + if ((select_ret == TEST_RECV_READY) || + (select_ret == TEST_ERROR_READY)) { + #ifndef CYASSL_CALLBACKS + ret = CyaSSL_connect(ssl); + #else + ret = CyaSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout); + #endif + error = CyaSSL_get_error(ssl, 0); + } + else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) { + error = SSL_ERROR_WANT_READ; + } +#ifdef CYASSL_DTLS + else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) && + CyaSSL_dtls_got_timeout(ssl) >= 0) { + error = SSL_ERROR_WANT_READ; + } +#endif + else { + error = SSL_FATAL_ERROR; + } + } + if (ret != SSL_SUCCESS) + err_sys("SSL_connect failed"); +} + + +static void Usage(void) +{ + printf("client " LIBCYASSL_VERSION_STRING + " NOTE: All files relative to CyaSSL home dir\n"); + printf("-? Help, print this usage\n"); + printf("-h Host to connect to, default %s\n", yasslIP); + printf("-p Port to connect on, not 0, default %d\n", yasslPort); + printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", + CLIENT_DEFAULT_VERSION); + printf("-l Cipher list\n"); + printf("-c Certificate file, default %s\n", cliCert); + printf("-k Key file, default %s\n", cliKey); + printf("-A Certificate Authority file, default %s\n", caCert); + printf("-b Benchmark connections and print stats\n"); + printf("-s Use pre Shared keys\n"); + printf("-t Track CyaSSL memory use\n"); + printf("-d Disable peer checks\n"); + printf("-g Send server HTTP GET\n"); + printf("-u Use UDP DTLS," + " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); + printf("-m Match domain name in cert\n"); + printf("-N Use Non-blocking sockets\n"); + printf("-r Resume session\n"); + printf("-f Fewer packets/group messages\n"); + printf("-x Disable client cert/key loading\n"); +#ifdef SHOW_SIZES + printf("-z Print structure sizes\n"); +#endif +#ifdef HAVE_SNI + printf("-S Use Host Name Indication\n"); +#endif +#ifdef HAVE_MAX_FRAGMENT + printf("-L Use Maximum Fragment Length [1-5]\n"); +#endif +#ifdef HAVE_TRUNCATED_HMAC + printf("-T Use Truncated HMAC\n"); +#endif +#ifdef HAVE_OCSP + printf("-o Perform OCSP lookup on peer certificate\n"); + printf("-O Perform OCSP lookup using as responder\n"); +#endif +#ifdef ATOMIC_USER + printf("-U Atomic User Record Layer Callbacks\n"); +#endif +#ifdef HAVE_PK_CALLBACKS + printf("-P Public Key Callbacks\n"); +#endif +} + + +#ifdef CYASSL_MDK_SHELL + #define exit(code) return(code) +#endif + + +THREAD_RETURN CYASSL_THREAD client_test(void* args) +{ + SOCKET_T sockfd = 0; + + CYASSL_METHOD* method = 0; + CYASSL_CTX* ctx = 0; + CYASSL* ssl = 0; + + CYASSL* sslResume = 0; + CYASSL_SESSION* session = 0; + char resumeMsg[] = "resuming cyassl!"; + int resumeSz = sizeof(resumeMsg); + + char msg[32] = "hello cyassl!"; /* GET may make bigger */ + char reply[80]; + int input; + int msgSz = (int)strlen(msg); + + word16 port = yasslPort; + char* host = (char*)yasslIP; + char* domain = (char*)"www.yassl.com"; + + int ch; + int version = CLIENT_INVALID_VERSION; + int usePsk = 0; + int sendGET = 0; + int benchmark = 0; + int doDTLS = 0; + int matchName = 0; + int doPeerCheck = 1; + int nonBlocking = 0; + int resumeSession = 0; + int trackMemory = 0; + int useClientCert = 1; + int fewerPackets = 0; + int atomicUser = 0; + int pkCallbacks = 0; + char* cipherList = NULL; + char* verifyCert = (char*)caCert; + char* ourCert = (char*)cliCert; + char* ourKey = (char*)cliKey; + +#ifdef HAVE_SNI + char* sniHostName = NULL; +#endif +#ifdef HAVE_MAX_FRAGMENT + byte maxFragment = 0; +#endif +#ifdef HAVE_TRUNCATED_HMAC + byte truncatedHMAC = 0; +#endif + + +#ifdef HAVE_OCSP + int useOcsp = 0; + char* ocspUrl = NULL; +#endif + + int argc = ((func_args*)args)->argc; + char** argv = ((func_args*)args)->argv; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifdef NO_RSA + verifyCert = (char*)eccCert; + ourCert = (char*)cliEccCert; + ourKey = (char*)cliEccKey; +#endif + (void)resumeSz; + (void)session; + (void)sslResume; + (void)trackMemory; + (void)atomicUser; + (void)pkCallbacks; + + StackTrap(); + + while ((ch = mygetopt(argc, argv, + "?gdusmNrtfxUPh:p:v:l:A:c:k:b:zS:L:ToO:")) != -1) { + switch (ch) { + case '?' : + Usage(); + exit(EXIT_SUCCESS); + + case 'g' : + sendGET = 1; + break; + + case 'd' : + doPeerCheck = 0; + break; + + case 'u' : + doDTLS = 1; + break; + + case 's' : + usePsk = 1; + break; + + case 't' : + #ifdef USE_CYASSL_MEMORY + trackMemory = 1; + #endif + break; + + case 'm' : + matchName = 1; + break; + + case 'x' : + useClientCert = 0; + break; + + case 'f' : + fewerPackets = 1; + break; + + case 'U' : + #ifdef ATOMIC_USER + atomicUser = 1; + #endif + break; + + case 'P' : + #ifdef HAVE_PK_CALLBACKS + pkCallbacks = 1; + #endif + break; + + case 'h' : + host = myoptarg; + domain = myoptarg; + break; + + case 'p' : + port = (word16)atoi(myoptarg); + #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API) + if (port == 0) + err_sys("port number cannot be 0"); + #endif + break; + + case 'v' : + version = atoi(myoptarg); + if (version < 0 || version > 3) { + Usage(); + exit(MY_EX_USAGE); + } + break; + + case 'l' : + cipherList = myoptarg; + break; + + case 'A' : + verifyCert = myoptarg; + break; + + case 'c' : + ourCert = myoptarg; + break; + + case 'k' : + ourKey = myoptarg; + break; + + case 'b' : + benchmark = atoi(myoptarg); + if (benchmark < 0 || benchmark > 1000000) { + Usage(); + exit(MY_EX_USAGE); + } + break; + + case 'N' : + nonBlocking = 1; + break; + + case 'r' : + resumeSession = 1; + break; + + case 'z' : + #ifndef CYASSL_LEANPSK + CyaSSL_GetObjectSize(); + #endif + break; + + case 'S' : + #ifdef HAVE_SNI + sniHostName = myoptarg; + #endif + break; + + case 'L' : + #ifdef HAVE_MAX_FRAGMENT + maxFragment = atoi(myoptarg); + if (maxFragment < CYASSL_MFL_2_9 || + maxFragment > CYASSL_MFL_2_13) { + Usage(); + exit(MY_EX_USAGE); + } + #endif + break; + + case 'T' : + #ifdef HAVE_TRUNCATED_HMAC + truncatedHMAC = 1; + #endif + break; + + case 'o' : + #ifdef HAVE_OCSP + useOcsp = 1; + #endif + break; + + case 'O' : + #ifdef HAVE_OCSP + useOcsp = 1; + ocspUrl = myoptarg; + #endif + break; + + default: + Usage(); + exit(MY_EX_USAGE); + } + } + + myoptind = 0; /* reset for test cases */ + + /* sort out DTLS versus TLS versions */ + if (version == CLIENT_INVALID_VERSION) { + if (doDTLS) + version = CLIENT_DTLS_DEFAULT_VERSION; + else + version = CLIENT_DEFAULT_VERSION; + } + else { + if (doDTLS) { + if (version == 3) + version = -2; + else + version = -1; + } + } + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + InitMemoryTracker(); +#endif + + switch (version) { +#ifndef NO_OLD_TLS + case 0: + method = CyaSSLv3_client_method(); + break; + + + #ifndef NO_TLS + case 1: + method = CyaTLSv1_client_method(); + break; + + case 2: + method = CyaTLSv1_1_client_method(); + break; + #endif /* NO_TLS */ + +#endif /* NO_OLD_TLS */ + +#ifndef NO_TLS + case 3: + method = CyaTLSv1_2_client_method(); + break; +#endif + +#ifdef CYASSL_DTLS + case -1: + method = CyaDTLSv1_client_method(); + break; + + case -2: + method = CyaDTLSv1_2_client_method(); + break; +#endif + + default: + err_sys("Bad SSL version"); + break; + } + + if (method == NULL) + err_sys("unable to get method"); + + ctx = CyaSSL_CTX_new(method); + if (ctx == NULL) + err_sys("unable to get ctx"); + + if (cipherList) + if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) + err_sys("client can't set cipher list 1"); + +#ifdef CYASSL_LEANPSK + usePsk = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + usePsk = 1; +#endif + + if (fewerPackets) + CyaSSL_CTX_set_group_messages(ctx); + + if (usePsk) { +#ifndef NO_PSK + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + if (cipherList == NULL) { + const char *defaultCipherList; + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("client can't set cipher list 2"); + } +#endif + useClientCert = 0; + } + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + if (cipherList == NULL) { + /* don't use EDH, can't sniff tmp keys */ + if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) { + err_sys("client can't set cipher list 3"); + } + } +#endif + +#ifdef HAVE_OCSP + if (useOcsp) { + if (ocspUrl != NULL) { + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); + } + else + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); + } +#endif + +#ifdef USER_CA_CB + CyaSSL_CTX_SetCACb(ctx, CaCb); +#endif + +#ifdef VERIFY_CALLBACK + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify); +#endif +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + if (useClientCert){ + if (CyaSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS) + err_sys("can't load client cert file, check file and run from" + " CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load client private key file, check file and run " + "from CyaSSL home dir"); + } + + if (!usePsk) { + if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + } +#endif +#if !defined(NO_CERTS) + if (!usePsk && doPeerCheck == 0) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); +#endif + +#ifdef HAVE_CAVIUM + CyaSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID); +#endif + +#ifdef HAVE_SNI + if (sniHostName) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) + err_sys("UseSNI failed"); +#endif +#ifdef HAVE_MAX_FRAGMENT + if (maxFragment) + if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS) + err_sys("UseMaxFragment failed"); +#endif +#ifdef HAVE_TRUNCATED_HMAC + if (truncatedHMAC) + if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS) + err_sys("UseTruncatedHMAC failed"); +#endif + + if (benchmark) { + /* time passed in number of connects give average */ + int times = benchmark; + int i = 0; + + double start = current_time(), avg; + + for (i = 0; i < times; i++) { + tcp_connect(&sockfd, host, port, doDTLS); + + ssl = CyaSSL_new(ctx); + CyaSSL_set_fd(ssl, sockfd); + if (CyaSSL_connect(ssl) != SSL_SUCCESS) + err_sys("SSL_connect failed"); + + CyaSSL_shutdown(ssl); + CyaSSL_free(ssl); + CloseSocket(sockfd); + } + avg = current_time() - start; + avg /= times; + avg *= 1000; /* milliseconds */ + printf("CyaSSL_connect avg took: %8.3f milliseconds\n", avg); + + CyaSSL_CTX_free(ctx); + ((func_args*)args)->return_code = 0; + + exit(EXIT_SUCCESS); + } + + #if defined(CYASSL_MDK_ARM) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + #endif + + ssl = CyaSSL_new(ctx); + if (ssl == NULL) + err_sys("unable to get SSL object"); + if (doDTLS) { + SOCKADDR_IN_T addr; + build_addr(&addr, host, port, 1); + CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, host, port, 0); + } + CyaSSL_set_fd(ssl, sockfd); +#ifdef HAVE_CRL + if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS) + err_sys("can't enable crl check"); + if (CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS) + err_sys("can't load crl, check crlfile and date validity"); + if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS) + err_sys("can't set crl callback"); +#endif +#ifdef ATOMIC_USER + if (atomicUser) + SetupAtomicUser(ctx, ssl); +#endif +#ifdef HAVE_PK_CALLBACKS + if (pkCallbacks) + SetupPkCallbacks(ctx, ssl); +#endif + if (matchName && doPeerCheck) + CyaSSL_check_domain_name(ssl, domain); +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(ssl, 1); + tcp_set_nonblocking(&sockfd); + NonBlockingSSL_Connect(ssl); + } + else if (CyaSSL_connect(ssl) != SSL_SUCCESS) { + /* see note at top of README */ + int err = CyaSSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("err = %d, %s\n", err, + CyaSSL_ERR_error_string(err, buffer)); + err_sys("SSL_connect failed"); + /* if you're getting an error here */ + } +#else + timeout.tv_sec = 2; + timeout.tv_usec = 0; + NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ +#endif + showPeer(ssl); + + if (sendGET) { + printf("SSL connect ok, sending GET...\n"); + msgSz = 28; + strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz); + msg[msgSz] = '\0'; + } + if (CyaSSL_write(ssl, msg, msgSz) != msgSz) + err_sys("SSL_write failed"); + + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("Server response: %s\n", reply); + + if (sendGET) { /* get html */ + while (1) { + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("%s\n", reply); + } + else + break; + } + } + } + else if (input < 0) { + int readErr = CyaSSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) + err_sys("CyaSSL_read failed"); + } + +#ifndef NO_SESSION_CACHE + if (resumeSession) { + if (doDTLS) { + strncpy(msg, "break", 6); + msgSz = (int)strlen(msg); + /* try to send session close */ + CyaSSL_write(ssl, msg, msgSz); + } + session = CyaSSL_get_session(ssl); + sslResume = CyaSSL_new(ctx); + } +#endif + + if (doDTLS == 0) /* don't send alert after "break" command */ + CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */ +#ifdef ATOMIC_USER + if (atomicUser) + FreeAtomicUser(ssl); +#endif + CyaSSL_free(ssl); + CloseSocket(sockfd); + +#ifndef NO_SESSION_CACHE + if (resumeSession) { + if (doDTLS) { + SOCKADDR_IN_T addr; + #ifdef USE_WINDOWS_API + Sleep(500); + #else + sleep(1); + #endif + build_addr(&addr, host, port, 1); + CyaSSL_dtls_set_peer(sslResume, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, host, port, 0); + } + CyaSSL_set_fd(sslResume, sockfd); + CyaSSL_set_session(sslResume, session); + + showPeer(sslResume); +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(sslResume, 1); + tcp_set_nonblocking(&sockfd); + NonBlockingSSL_Connect(sslResume); + } + else if (CyaSSL_connect(sslResume) != SSL_SUCCESS) + err_sys("SSL resume failed"); +#else + timeout.tv_sec = 2; + timeout.tv_usec = 0; + NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ +#endif + + if (CyaSSL_session_reused(sslResume)) + printf("reused session id\n"); + else + printf("didn't reuse session id!!!\n"); + + if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz) + err_sys("SSL_write failed"); + + if (nonBlocking) { + /* give server a chance to bounce a message back to client */ + #ifdef USE_WINDOWS_API + Sleep(500); + #else + sleep(1); + #endif + } + + input = CyaSSL_read(sslResume, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("Server resume response: %s\n", reply); + } + + /* try to send session break */ + CyaSSL_write(sslResume, msg, msgSz); + + CyaSSL_shutdown(sslResume); + CyaSSL_free(sslResume); + CloseSocket(sockfd); + } +#endif /* NO_SESSION_CACHE */ + + CyaSSL_CTX_free(ctx); + + ((func_args*)args)->return_code = 0; + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + ShowMemoryTracker(); +#endif /* USE_CYASSL_MEMORY */ + + return 0; +} + + +/* so overall tests can pull in test function */ +#ifndef NO_MAIN_DRIVER + + int main(int argc, char** argv) + { + func_args args; + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + + StartTCP(); + + args.argc = argc; + args.argv = argv; + + CyaSSL_Init(); +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP) + CyaSSL_Debugging_ON(); +#endif + if (CurrentDir("client")) + ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); + +#ifdef HAVE_STACK_SIZE + StackSizeCheck(&args, client_test); +#else + client_test(&args); +#endif + CyaSSL_Cleanup(); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + return args.return_code; + } + + int myoptind = 0; + char* myoptarg = NULL; + +#endif /* NO_MAIN_DRIVER */ + + + +#ifdef CYASSL_CALLBACKS + + int handShakeCB(HandShakeInfo* info) + { + (void)info; + return 0; + } + + + int timeoutCB(TimeoutInfo* info) + { + (void)info; + return 0; + } + +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoclient.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoclient.c new file mode 100644 index 000000000..24a02febc --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoclient.c @@ -0,0 +1,282 @@ +/* echoclient.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include + +#include "examples/echoclient/echoclient.h" + +void echoclient_test(void* args) +{ + SOCKET_T sockfd = 0; + + FILE* fin = stdin ; + FILE* fout = stdout; + + int inCreated = 0; + int outCreated = 0; + + char msg[1024]; + char reply[1024+1]; + + SSL_METHOD* method = 0; + SSL_CTX* ctx = 0; + SSL* ssl = 0; + + int doDTLS = 0; + int doPSK = 0; + int sendSz; + int argc = 0; + char** argv = 0; + word16 port = yasslPort; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifndef CYASSL_MDK_SHELL + argc = ((func_args*)args)->argc; + argv = ((func_args*)args)->argv; +#endif + + if (argc >= 2) { + fin = fopen(argv[1], "r"); + inCreated = 1; + } + if (argc >= 3) { + fout = fopen(argv[2], "w"); + outCreated = 1; + } + + if (!fin) err_sys("can't open input file"); + if (!fout) err_sys("can't open output file"); + +#ifdef CYASSL_DTLS + doDTLS = 1; +#endif + +#ifdef CYASSL_LEANPSK + doPSK = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + doPSK = 1; +#endif + +#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_SHELL) + port = ((func_args*)args)->signal->port; +#endif + +#if defined(CYASSL_DTLS) + method = DTLSv1_client_method(); +#elif !defined(NO_TLS) + method = CyaSSLv23_client_method(); +#else + method = SSLv3_client_method(); +#endif + ctx = SSL_CTX_new(method); + +#ifndef NO_FILESYSTEM + #ifndef NO_RSA + if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + #endif + #ifdef HAVE_ECC + if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + #endif +#elif !defined(NO_CERTS) + if (!doPSK) + load_buffer(ctx, caCert, CYASSL_CA); +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + /* don't use EDH, can't sniff tmp keys */ + SSL_CTX_set_cipher_list(ctx, "AES256-SHA"); +#endif + if (doPSK) { +#ifndef NO_PSK + const char *defaultCipherList; + + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("client can't set cipher list 2"); +#endif + } + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + + #if defined(CYASSL_MDK_ARM) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + #endif + + ssl = SSL_new(ctx); + + + if (doDTLS) { + SOCKADDR_IN_T addr; + build_addr(&addr, yasslIP, port, 1); + CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, yasslIP, port, 0); + } + + SSL_set_fd(ssl, sockfd); +#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER) + /* let echoserver bind first, TODO: add Windows signal like pthreads does */ + Sleep(100); +#endif + + if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); + + while (fgets(msg, sizeof(msg), fin) != 0) { + + sendSz = (int)strlen(msg); + + if (SSL_write(ssl, msg, sendSz) != sendSz) + err_sys("SSL_write failed"); + + if (strncmp(msg, "quit", 4) == 0) { + fputs("sending server shutdown command: quit!\n", fout); + break; + } + + if (strncmp(msg, "break", 5) == 0) { + fputs("sending server session close: break!\n", fout); + break; + } + + #ifndef CYASSL_MDK_SHELL + while (sendSz) { + int got; + if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { + reply[got] = 0; + fputs(reply, fout); + fflush(fout) ; + sendSz -= got; + } + else + break; + } + #else + { + int got; + if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { + reply[got] = 0; + fputs(reply, fout); + fflush(fout) ; + sendSz -= got; + } + } + #endif + } + + +#ifdef CYASSL_DTLS + strncpy(msg, "break", 6); + sendSz = (int)strlen(msg); + /* try to tell server done */ + SSL_write(ssl, msg, sendSz); +#else + SSL_shutdown(ssl); +#endif + + SSL_free(ssl); + SSL_CTX_free(ctx); + + fflush(fout); + if (inCreated) fclose(fin); + if (outCreated) fclose(fout); + + CloseSocket(sockfd); + ((func_args*)args)->return_code = 0; +} + + +/* so overall tests can pull in test function */ +#ifndef NO_MAIN_DRIVER + + int main(int argc, char** argv) + { + func_args args; + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + + StartTCP(); + + args.argc = argc; + args.argv = argv; + + CyaSSL_Init(); +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) + CyaSSL_Debugging_ON(); +#endif + + if (CurrentDir("echoclient")) + ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); + echoclient_test(&args); + + CyaSSL_Cleanup(); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + return args.return_code; + } + +#endif /* NO_MAIN_DRIVER */ + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoserver.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoserver.c new file mode 100644 index 000000000..33f6df3df --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/echoserver.c @@ -0,0 +1,368 @@ +/* echoserver.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include +#include + +#ifndef NO_MAIN_DRIVER + #define ECHO_OUT +#endif + +#include "examples/echoserver/echoserver.h" + + +#ifdef SESSION_STATS + CYASSL_API void PrintSessionStats(void); +#endif + +#define SVR_COMMAND_SIZE 256 + +static void SignalReady(void* args, word16 port) +{ +#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) + /* signal ready to tcp_accept */ + func_args* server_args = (func_args*)args; + tcp_ready* ready = server_args->signal; + pthread_mutex_lock(&ready->mutex); + ready->ready = 1; + ready->port = port; + pthread_cond_signal(&ready->cond); + pthread_mutex_unlock(&ready->mutex); +#endif + (void)args; + (void)port; +} + + +THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) +{ + SOCKET_T sockfd = 0; + CYASSL_METHOD* method = 0; + CYASSL_CTX* ctx = 0; + + int doDTLS = 0; + int doPSK = 0; + int outCreated = 0; + int shutDown = 0; + int useAnyAddr = 0; + word16 port = yasslPort; + int argc = ((func_args*)args)->argc; + char** argv = ((func_args*)args)->argv; + +#ifdef ECHO_OUT + FILE* fout = stdout; + if (argc >= 2) { + fout = fopen(argv[1], "w"); + outCreated = 1; + } + if (!fout) err_sys("can't open output file"); +#endif + (void)outCreated; + (void)argc; + (void)argv; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifdef CYASSL_DTLS + doDTLS = 1; +#endif + +#ifdef CYASSL_LEANPSK + doPSK = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + doPSK = 1; +#endif + + #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \ + !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL) + port = 0; + #endif + #if defined(USE_ANY_ADDR) + useAnyAddr = 1; + #endif + tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); + +#if defined(CYASSL_DTLS) + method = CyaDTLSv1_server_method(); +#elif !defined(NO_TLS) + method = CyaSSLv23_server_method(); +#else + method = CyaSSLv3_server_method(); +#endif + ctx = CyaSSL_CTX_new(method); + /* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */ + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + +#ifndef NO_FILESYSTEM + if (doPSK == 0) { + #ifdef HAVE_NTRU + /* ntru */ + if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load ntru cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKey) + != SSL_SUCCESS) + err_sys("can't load ntru key file, " + "Please run from CyaSSL home dir"); + #elif defined(HAVE_ECC) + /* ecc */ + if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server key file, " + "Please run from CyaSSL home dir"); + #elif defined(NO_CERTS) + /* do nothing, just don't load cert files */ + #else + /* normal */ + if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server key file, " + "Please run from CyaSSL home dir"); + #endif + } /* doPSK */ +#elif !defined(NO_CERTS) + if (!doPSK) { + load_buffer(ctx, svrCert, CYASSL_CERT); + load_buffer(ctx, svrKey, CYASSL_KEY); + } +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + /* don't use EDH, can't sniff tmp keys */ + CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA"); +#endif + + if (doPSK) { +#ifndef NO_PSK + const char *defaultCipherList; + + CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); + CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) + err_sys("server can't set cipher list 2"); +#endif + } + + SignalReady(args, port); + + while (!shutDown) { + CYASSL* ssl = 0; + char command[SVR_COMMAND_SIZE+1]; + int echoSz = 0; + int clientfd; + int firstRead = 1; + int gotFirstG = 0; + +#ifndef CYASSL_DTLS + SOCKADDR_IN_T client; + socklen_t client_len = sizeof(client); + clientfd = accept(sockfd, (struct sockaddr*)&client, + (ACCEPT_THIRD_T)&client_len); +#else + clientfd = udp_read_connect(sockfd); +#endif + if (clientfd == -1) err_sys("tcp accept failed"); + + ssl = CyaSSL_new(ctx); + if (ssl == NULL) err_sys("SSL_new failed"); + CyaSSL_set_fd(ssl, clientfd); + #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) + CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); + #elif !defined(NO_CERTS) + SetDH(ssl); /* will repick suites with DHE, higher than PSK */ + #endif + if (CyaSSL_accept(ssl) != SSL_SUCCESS) { + printf("SSL_accept failed\n"); + CyaSSL_free(ssl); + CloseSocket(clientfd); + continue; + } +#if defined(PEER_INFO) + showPeer(ssl); +#endif + + while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) { + + if (firstRead == 1) { + firstRead = 0; /* browser may send 1 byte 'G' to start */ + if (echoSz == 1 && command[0] == 'G') { + gotFirstG = 1; + continue; + } + } + else if (gotFirstG == 1 && strncmp(command, "ET /", 4) == 0) { + strncpy(command, "GET", 4); + /* fall through to normal GET */ + } + + if ( strncmp(command, "quit", 4) == 0) { + printf("client sent quit command: shutting down!\n"); + shutDown = 1; + break; + } + if ( strncmp(command, "break", 5) == 0) { + printf("client sent break command: closing session!\n"); + break; + } +#ifdef SESSION_STATS + if ( strncmp(command, "printstats", 10) == 0) { + PrintSessionStats(); + break; + } +#endif + if ( strncmp(command, "GET", 3) == 0) { + char type[] = "HTTP/1.0 200 ok\r\nContent-type:" + " text/html\r\n\r\n"; + char header[] = "\n
\n";
+                char body[]   = "greetings from CyaSSL\n";
+                char footer[] = "\r\n\r\n";
+            
+                strncpy(command, type, sizeof(type));
+                echoSz = sizeof(type) - 1;
+
+                strncpy(&command[echoSz], header, sizeof(header));
+                echoSz += (int)sizeof(header) - 1;
+                strncpy(&command[echoSz], body, sizeof(body));
+                echoSz += (int)sizeof(body) - 1;
+                strncpy(&command[echoSz], footer, sizeof(footer));
+                echoSz += (int)sizeof(footer);
+
+                if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                    err_sys("SSL_write failed");
+                break;
+            }
+            command[echoSz] = 0;
+
+            #ifdef ECHO_OUT
+                fputs(command, fout);
+            #endif
+
+            if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                err_sys("SSL_write failed");
+        }
+#ifndef CYASSL_DTLS
+        CyaSSL_shutdown(ssl);
+#endif
+        CyaSSL_free(ssl);
+        CloseSocket(clientfd);
+#ifdef CYASSL_DTLS
+        tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
+        SignalReady(args, port);
+#endif
+    }
+
+    CloseSocket(sockfd);
+    CyaSSL_CTX_free(ctx);
+
+#ifdef ECHO_OUT
+    if (outCreated)
+        fclose(fout);
+#endif
+
+    ((func_args*)args)->return_code = 0;
+    return 0;
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("echoserver"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+        echoserver_test(&args);
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+        
+#endif /* NO_MAIN_DRIVER */
+
+
+
+
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c
new file mode 100644
index 000000000..dc7941f72
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/main.c
@@ -0,0 +1,102 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#include "cmsis_os.h"
+#if !defined(NO_FILESYSTEM)
+#include "rl_fs.h" 
+#endif
+#include "rl_net.h" 
+#include 
+#include "cyassl_MDK_ARM.h"
+#include 
+
+/*-----------------------------------------------------------------------------
+ *        Initialize a Flash Memory Card
+ *----------------------------------------------------------------------------*/
+#if !defined(NO_FILESYSTEM)
+static void init_filesystem (void) {
+  int32_t retv;
+
+  retv = finit ("M0:");
+  if (retv == 0) {
+    retv = fmount ("M0:");
+    if (retv == 0) {
+      printf ("Drive M0 ready!\n");
+    }
+    else {
+      printf ("Drive M0 mount failed!\n");
+    }
+  }
+  else {
+    printf ("Drive M0 initialization failed!\n");
+  }
+}
+#endif
+
+/*-----------------------------------------------------------------------------
+ *        TCP/IP tasks
+ *----------------------------------------------------------------------------*/
+void tcp_poll (void const *arg)
+{
+    CYASSL_MSG("TCP polling started.\n") ;
+    while (1) {
+        net_main ();
+        osDelay(1) ;
+    }
+}
+
+extern void shell_main(void * args) ;
+extern void init_time(void) ;
+
+osThreadDef (tcp_poll, osPriorityHigh, 1, 0) ;
+/*-----------------------------------------------------------------------------
+ *       mian entry 
+ *----------------------------------------------------------------------------*/
+int myoptind = 0;
+char* myoptarg = NULL;
+
+int main() 
+{
+    void *arg = NULL ;
+	
+	#if !defined(NO_FILESYSTEM)
+    init_filesystem ();
+	#endif
+	
+    net_initialize() ;
+    
+    osThreadCreate (osThread (tcp_poll), NULL); 
+    osDelay(10000) ;  /* wait for DHCP */
+    #if defined(DEBUG_CYASSL)
+         printf("Turning ON Debug message\n") ;
+         CyaSSL_Debugging_ON() ;
+    #endif
+
+    shell_main(arg) ;   
+
+}
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c
new file mode 100644
index 000000000..440dd1d03
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/server.c
@@ -0,0 +1,604 @@
+/* server.c
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER)
+    /* in case memory tracker wants stats */
+    #define CYASSL_TRACK_MEMORY
+#endif
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+            #include "rl_fs.h" 
+            #include "rl_net.h" 
+        #else
+            #include "rtl.h"
+        #endif
+
+        #include "cyassl_MDK_ARM.h"
+#endif
+#include 
+#include 
+
+#include "examples/server/server.h"
+
+
+#ifdef CYASSL_CALLBACKS
+    int srvHandShakeCB(HandShakeInfo*);
+    int srvTimeoutCB(TimeoutInfo*);
+    Timeval srvTo;
+#endif
+
+static void NonBlockingSSL_Accept(SSL* ssl)
+{
+#ifndef CYASSL_CALLBACKS
+    int ret = SSL_accept(ssl);
+#else
+    int ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo);
+#endif
+    int error = SSL_get_error(ssl, 0);
+    SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl);
+    int select_ret;
+
+    while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ ||
+                                  error == SSL_ERROR_WANT_WRITE)) {
+        int currTimeout = 1;
+
+        if (error == SSL_ERROR_WANT_READ)
+            printf("... server would read block\n");
+        else
+            printf("... server would write block\n");
+
+#ifdef CYASSL_DTLS
+        currTimeout = CyaSSL_dtls_get_current_timeout(ssl);
+#endif
+        select_ret = tcp_select(sockfd, currTimeout);
+
+        if ((select_ret == TEST_RECV_READY) ||
+                                        (select_ret == TEST_ERROR_READY)) {
+            #ifndef CYASSL_CALLBACKS
+                ret = SSL_accept(ssl);
+            #else
+                ret = CyaSSL_accept_ex(ssl,
+                                    srvHandShakeCB, srvTimeoutCB, srvTo);
+            #endif
+            error = SSL_get_error(ssl, 0);
+        }
+        else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#ifdef CYASSL_DTLS
+        else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) &&
+                                            CyaSSL_dtls_got_timeout(ssl) >= 0) {
+            error = SSL_ERROR_WANT_READ;
+        }
+#endif
+        else {
+            error = SSL_FATAL_ERROR;
+        }
+    }
+    if (ret != SSL_SUCCESS)
+        err_sys("SSL_accept failed");
+}
+
+
+static void Usage(void)
+{
+    printf("server "    LIBCYASSL_VERSION_STRING
+           " NOTE: All files relative to CyaSSL home dir\n");
+    printf("-?          Help, print this usage\n");
+    printf("-p     Port to listen on, not 0, default %d\n", yasslPort);
+    printf("-v     SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n",
+                                 SERVER_DEFAULT_VERSION);
+    printf("-l     Cipher list\n");
+    printf("-c    Certificate file,           default %s\n", svrCert);
+    printf("-k    Key file,                   default %s\n", svrKey);
+    printf("-A    Certificate Authority file, default %s\n", cliCert);
+    printf("-d          Disable client cert check\n");
+    printf("-b          Bind to any interface instead of localhost only\n");
+    printf("-s          Use pre Shared keys\n");
+    printf("-t          Track CyaSSL memory use\n");
+    printf("-u          Use UDP DTLS,"
+           " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n");
+    printf("-f          Fewer packets/group messages\n");
+    printf("-N          Use Non-blocking sockets\n");
+    printf("-S     Use Host Name Indication\n");
+#ifdef HAVE_OCSP
+    printf("-o          Perform OCSP lookup on peer certificate\n");
+    printf("-O     Perform OCSP lookup using  as responder\n");
+#endif
+#ifdef HAVE_PK_CALLBACKS 
+    printf("-P          Public Key Callbacks\n");
+#endif
+}
+
+THREAD_RETURN CYASSL_THREAD server_test(void* args)
+{
+    SOCKET_T sockfd   = 0;
+    SOCKET_T clientfd = 0;
+
+    SSL_METHOD* method = 0;
+    SSL_CTX*    ctx    = 0;
+    SSL*        ssl    = 0;
+
+    char   msg[] = "I hear you fa shizzle!";
+    char   input[80];
+    int    idx;
+    int    ch;
+    int    version = SERVER_DEFAULT_VERSION;
+    int    doCliCertCheck = 0; /* = 0 for no Realtime Clock environment */
+    int    useAnyAddr = 0;
+    word16 port = yasslPort;
+    int    usePsk = 0;
+    int    doDTLS = 0;
+    int    useNtruKey   = 0;
+    int    nonBlocking  = 0;
+    int    trackMemory  = 0;
+    int    fewerPackets = 0;
+    int    pkCallbacks  = 0;
+    char*  cipherList = NULL;
+    char*  verifyCert = (char*)cliCert;
+    char*  ourCert    = (char*)svrCert;
+    char*  ourKey     = (char*)svrKey;
+    int    argc = ((func_args*)args)->argc;
+    char** argv = ((func_args*)args)->argv;
+
+#ifdef HAVE_SNI
+    char*  sniHostName = NULL;
+#endif
+
+#ifdef HAVE_OCSP
+    int    useOcsp  = 0;
+    char*  ocspUrl  = NULL;
+#endif
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#ifdef NO_RSA
+    verifyCert = (char*)cliEccCert;
+    ourCert    = (char*)eccCert;
+    ourKey     = (char*)eccKey;
+#endif
+    (void)trackMemory;
+    (void)pkCallbacks;
+
+    while ((ch = mygetopt(argc, argv, "?dbstnNufPp:v:l:A:c:k:S:oO:")) != -1) {
+        switch (ch) {
+            case '?' :
+                Usage();
+                exit(EXIT_SUCCESS);
+
+            case 'd' :
+                doCliCertCheck = 0;
+                break;
+
+            case 'b' :
+                useAnyAddr = 1;
+                break;
+
+            case 's' :
+                usePsk = 1;
+                break;
+
+            case 't' :
+            #ifdef USE_CYASSL_MEMORY
+                trackMemory = 1;
+            #endif
+                break;
+
+            case 'n' :
+                useNtruKey = 1;
+                break;
+
+            case 'u' :
+                doDTLS  = 1;
+                break;
+
+            case 'f' :
+                fewerPackets = 1;
+                break;
+
+            case 'P' :
+            #ifdef HAVE_PK_CALLBACKS 
+                pkCallbacks = 1;
+            #endif
+                break;
+
+            case 'p' :
+                port = (word16)atoi(myoptarg);
+                #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API)
+                    if (port == 0)
+                        err_sys("port number cannot be 0");
+                #endif
+                break;
+
+            case 'v' :
+                version = atoi(myoptarg);
+                if (version < 0 || version > 3) {
+                    Usage();
+                    exit(MY_EX_USAGE);
+                }
+                break;
+
+            case 'l' :
+                cipherList = myoptarg;
+                break;
+
+            case 'A' :
+                verifyCert = myoptarg;
+                break;
+
+            case 'c' :
+                ourCert = myoptarg;
+                break;
+
+            case 'k' :
+                ourKey = myoptarg;
+                break;
+
+            case 'N':
+                nonBlocking = 1;
+                break;
+
+            case 'S' :
+                #ifdef HAVE_SNI
+                    sniHostName = myoptarg;
+                #endif
+                break;
+
+            case 'o' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                #endif
+                break;
+
+            case 'O' :
+                #ifdef HAVE_OCSP
+                    useOcsp = 1;
+                    ocspUrl = myoptarg;
+                #endif
+                break;
+
+            default:
+                Usage();
+                exit(MY_EX_USAGE);
+        }
+    }
+
+    myoptind = 0;      /* reset for test cases */
+
+    /* sort out DTLS versus TLS versions */
+    if (version == CLIENT_INVALID_VERSION) {
+        if (doDTLS)
+            version = CLIENT_DTLS_DEFAULT_VERSION;
+        else
+            version = CLIENT_DEFAULT_VERSION;
+    }
+    else {
+        if (doDTLS) {
+            if (version == 3)
+                version = -2;
+            else
+                version = -1;
+        }
+    }
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        InitMemoryTracker(); 
+#endif
+
+    switch (version) {
+#ifndef NO_OLD_TLS
+        case 0:
+            method = SSLv3_server_method();
+            break;
+
+    #ifndef NO_TLS
+        case 1:
+            method = TLSv1_server_method();
+            break;
+
+
+        case 2:
+            method = TLSv1_1_server_method();
+            break;
+
+        #endif
+#endif
+
+#ifndef NO_TLS
+        case 3:
+            method = TLSv1_2_server_method();
+            break;
+#endif
+                
+#ifdef CYASSL_DTLS
+        case -1:
+            method = DTLSv1_server_method();
+            break;
+
+        case -2:
+            method = DTLSv1_2_server_method();
+            break;
+#endif
+
+        default:
+            err_sys("Bad SSL version");
+    }
+
+    if (method == NULL)
+        err_sys("unable to get method");
+
+    ctx = SSL_CTX_new(method);
+    if (ctx == NULL)
+        err_sys("unable to get ctx");
+
+    if (cipherList)
+        if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS)
+            err_sys("server can't set cipher list 1");
+
+#ifdef CYASSL_LEANPSK
+    usePsk = 1;
+#endif
+
+#if defined(NO_RSA) && !defined(HAVE_ECC)
+    usePsk = 1;
+#endif
+
+    if (fewerPackets)
+        CyaSSL_CTX_set_group_messages(ctx);
+
+#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)
+    SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack);
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (!usePsk) {
+        if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load server cert file, check file and run from"
+                    " CyaSSL home dir");
+    }
+#endif
+
+#ifdef HAVE_NTRU
+    if (useNtruKey) {
+        if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ourKey)
+                                               != SSL_SUCCESS)
+            err_sys("can't load ntru key file, "
+                    "Please run from CyaSSL home dir");
+    }
+#endif
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    if (!useNtruKey && !usePsk) {
+        if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM)
+                                         != SSL_SUCCESS)
+            err_sys("can't load server private key file, check file and run "
+                "from CyaSSL home dir");
+    }
+#endif
+
+    if (usePsk) {
+#ifndef NO_PSK
+        SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb);
+        SSL_CTX_use_psk_identity_hint(ctx, "cyassl server");
+        if (cipherList == NULL) {
+            const char *defaultCipherList;
+            #ifdef HAVE_NULL_CIPHER
+                defaultCipherList = "PSK-NULL-SHA256";
+            #else
+                defaultCipherList = "PSK-AES128-CBC-SHA256";
+            #endif
+            if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS)
+                err_sys("server can't set cipher list 2");
+        }
+#endif
+    }
+
+#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS)
+    /* if not using PSK, verify peer with certs */
+    if (doCliCertCheck && usePsk == 0) {
+        SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER |
+                                SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0);
+        if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS)
+            err_sys("can't load ca file, Please run from CyaSSL home dir");
+    }
+#endif
+
+#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC)
+    /* don't use EDH, can't sniff tmp keys */
+    if (cipherList == NULL) {
+        if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS)
+            err_sys("server can't set cipher list 3");
+    }
+#endif
+
+#ifdef HAVE_SNI
+    if (sniHostName)
+        if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName,
+                                           XSTRLEN(sniHostName)) != SSL_SUCCESS)
+            err_sys("UseSNI failed");
+#endif
+
+    ssl = SSL_new(ctx);
+    if (ssl == NULL)
+        err_sys("unable to get SSL");
+
+#ifdef HAVE_CRL
+    CyaSSL_EnableCRL(ssl, 0);
+    CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR |
+                                                     CYASSL_CRL_START_MON);
+    CyaSSL_SetCRL_Cb(ssl, CRL_CallBack);
+#endif
+#ifdef HAVE_OCSP
+    if (useOcsp) {
+        if (ocspUrl != NULL) {
+            CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl);
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE
+                                                    | CYASSL_OCSP_URL_OVERRIDE);
+        }
+        else
+            CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE);
+    }
+#endif
+#ifdef HAVE_PK_CALLBACKS
+    if (pkCallbacks)
+        SetupPkCallbacks(ctx, ssl);
+#endif
+
+    tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, doDTLS);
+    if (!doDTLS) 
+        CloseSocket(sockfd);
+
+    SSL_set_fd(ssl, clientfd);
+    if (usePsk == 0) {
+        #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA)
+            CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM);
+        #elif !defined(NO_CERTS)
+            SetDH(ssl);  /* repick suites with DHE, higher priority than PSK */
+        #endif
+    }
+
+#ifndef CYASSL_CALLBACKS
+    if (nonBlocking) {
+        CyaSSL_set_using_nonblock(ssl, 1);
+        tcp_set_nonblocking(&clientfd);
+        NonBlockingSSL_Accept(ssl);
+    } else if (SSL_accept(ssl) != SSL_SUCCESS) {
+        int err = SSL_get_error(ssl, 0);
+        char buffer[CYASSL_MAX_ERROR_SZ];
+        printf("error = %d, %s\n", err, ERR_error_string(err, buffer));
+        err_sys("SSL_accept failed");
+    }
+#else
+    NonBlockingSSL_Accept(ssl);
+#endif
+    showPeer(ssl);
+
+    idx = SSL_read(ssl, input, sizeof(input)-1);
+    if (idx > 0) {
+        input[idx] = 0;
+        printf("Client message: %s\n", input);
+
+    }
+    else if (idx < 0) {
+        int readErr = SSL_get_error(ssl, 0);
+        if (readErr != SSL_ERROR_WANT_READ)
+            err_sys("SSL_read failed");
+    }
+
+    if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg))
+        err_sys("SSL_write failed");
+        
+    #if defined(CYASSL_MDK_SHELL) && defined(HAVE_MDK_RTX)
+        os_dly_wait(500) ;
+    #endif
+
+    SSL_shutdown(ssl);
+    SSL_free(ssl);
+    SSL_CTX_free(ctx);
+    
+    CloseSocket(clientfd);
+    ((func_args*)args)->return_code = 0;
+
+#ifdef USE_CYASSL_MEMORY
+    if (trackMemory)
+        ShowMemoryTracker();
+#endif /* USE_CYASSL_MEMORY */
+
+    return 0;
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("server"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+   
+#ifdef HAVE_STACK_SIZE
+        StackSizeCheck(&args, server_test);
+#else 
+        server_test(&args);
+#endif
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+    int myoptind = 0;
+    char* myoptarg = NULL;
+
+#endif /* NO_MAIN_DRIVER */
+
+
+#ifdef CYASSL_CALLBACKS
+
+    int srvHandShakeCB(HandShakeInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+
+    int srvTimeoutCB(TimeoutInfo* info)
+    {
+        (void)info;
+        return 0;
+    }
+
+#endif
+
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c
new file mode 100644
index 000000000..1ada297cf
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/shell.c
@@ -0,0 +1,657 @@
+/*shell.c
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+ /*** tiny Shell for CyaSSL apps ***/
+ 
+ #ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "cyassl/internal.h"
+#undef RNG
+#include 
+
+#if defined(CYASSL_MDK_ARM)
+    #include 
+    #include 
+    #include 
+        #if defined(CYASSL_MDK5)
+            #include "cmsis_os.h"
+        #include "rl_fs.h" 
+    #else
+            #include 
+        #endif
+    #include "cyassl_MDK_ARM.h"
+#endif
+
+#ifdef CYASSL_KEIL_NET
+#include "cyassl/test.h"
+#else
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+#endif
+
+#ifdef NO_ECHOCLIENT
+#define echoclient_test command_not_found
+#endif
+#ifdef NO_ECHOSERVER
+#define echoserver_test command_not_found
+#endif
+#ifdef NO_SIMPLE_CLIENT
+#define client_test command_not_found
+#endif
+#ifdef NO_SIMPLE_SERVER
+#define server_test command_not_found
+#endif
+#ifdef NO_CRYPT_BENCHMARK
+#define benchmark_test command_not_found
+#endif
+#ifdef NO_CRYPT_TEST
+#define ctaocrypt_test command_not_found
+#endif
+
+#ifndef CYASSL_KEIL_NET
+#define ipaddr_comm command_not_found
+#endif
+
+#if !defined(HAVE_KEIL_RTX)
+#define stack_comm command_not_found
+#endif
+
+
+#if !defined(DEBUG_CYASSL)
+#define dbg_comm command_not_found
+#endif
+
+
+void command_not_found(void *argv) {
+        printf("Command not found\n") ;
+}
+
+extern void echoclient_test(void *args) ;
+extern void echoserver_test(void *args) ;
+extern void benchmark_test(void *args) ;
+extern void ctaocrypt_test(void *args) ;
+extern void client_test(void *args) ;
+extern void server_test(void *args) ;
+extern void kill_task(void *args) ;
+extern void ipaddr_comm(void *args) ;
+extern void stack_comm(void *args) ;
+extern void for_command(void *args) ;
+extern void dbg_comm(void *arg) ;
+extern void help_comm(void *arg) ;
+
+#if !defined(NO_CRYPT_TEST)
+
+#ifndef NO_MD5
+extern void md5_test(void *arg) ;
+#endif
+#ifdef CYASSL_MD2
+extern void md2_test(void *arg) ;
+#endif
+#ifndef NO_MD4
+extern void md4_test(void *arg) ;
+#endif
+
+extern void sha_test(void *arg) ;
+
+#ifndef NO_SHA256
+extern void sha256_test(void *arg) ;
+#endif
+#ifdef CYASSL_SHA384
+extern void sha384_test(void *arg) ;
+#endif
+
+#ifdef CYASSL_SHA512
+extern void sha512_test(void *arg) ;
+#endif
+
+#ifdef CYASSL_RIPEMD
+extern void ripemd_test(void *arg) ;
+#endif
+#ifndef NO_HMAC
+    #ifndef NO_MD5
+extern void hmac_md5_test(void *arg) ;
+    #endif
+extern void hmac_sha_test(void *arg) ;
+
+    #ifndef NO_SHA256
+extern void hmac_sha256_test(void *arg) ;
+    #endif
+
+    #ifdef CYASSL_SHA384
+extern void hmac_sha384_test(void *arg) ;
+    #endif
+#endif
+#ifndef NO_RC4
+extern void arc4_test(void *arg) ;
+#endif
+
+#ifndef NO_HC128
+extern void hc128_test(void *arg) ;
+#endif
+
+#ifndef NO_RABBIT
+extern void rabbit_test(void *arg) ;
+#endif
+
+#ifndef NO_DES3
+extern void des_test(void *arg) ;
+extern void des3_test(void *arg) ;
+#endif
+
+#ifndef NO_AES
+extern void aes_test(void *arg) ;
+#ifdef HAVE_AESGCM
+extern void aesgcm_test(void *arg) ;
+#endif
+
+#ifdef HAVE_AESCCM
+extern void aesccm_test(void *arg) ;
+#endif
+#endif
+
+#ifdef HAVE_CAMELLIA
+extern void camellia_test(void *arg) ;
+#endif
+extern void random_test(void *arg) ;
+
+#ifndef NO_RSA
+extern void rsa_test(void *arg) ;
+#endif
+
+#ifndef NO_DH
+extern void dh_test(void *arg) ;
+#endif
+
+#ifndef NO_DSA
+extern void dsa_test(void *arg) ;
+#endif
+    
+#ifndef NO_PWDBASED
+extern void pwdbased_test(void *arg) ;
+#endif
+
+#ifdef OPENSSL_EXTRA
+extern void openssl_test(void *arg) ;
+#endif
+
+#ifdef HAVE_ECC
+extern void ecc_test(void *arg) ;
+#endif
+
+#endif /* NO_CRYPT_TEST */
+
+static struct {
+  const char *command ;
+    void (*func)(void *args) ;
+}   commandTable[] = {
+    "echoclient", echoclient_test,
+    "echoserver", echoserver_test,
+    "benchmark", benchmark_test,
+    "test", ctaocrypt_test,
+    "client", client_test,
+    "server", server_test,
+    "ipaddr", ipaddr_comm,      /* TBD */
+    "stack", stack_comm,        /* On/Off check stack size */
+    "for", for_command,         /* iterate next command X times */
+    "debug", dbg_comm,          /* On/Off debug message  */
+    "help", help_comm,          /* Breif description about the commands */
+
+    /** short name **/
+    "ec", echoclient_test,
+    "es", echoserver_test,
+    "bm", benchmark_test,
+    "te", ctaocrypt_test,
+    "cl", client_test,
+    "sv", server_test,
+    "ip", ipaddr_comm,
+    "st", stack_comm,
+  "dbg", dbg_comm,
+    "?",    help_comm,
+
+/*** test suites ****/
+#if !defined(NO_CRYPT_TEST)
+#ifndef NO_MD5
+  "md5",  md5_test,
+#endif
+#ifdef CYASSL_MD2
+  "md2",  md2_test,
+#endif
+#ifndef NO_MD4
+  "md4",  md4_test,
+#endif
+  "sha",  sha_test,
+#ifndef NO_SHA256
+  "sha256",  sha256_test,
+#endif
+#ifdef CYASSL_SHA384
+  "sha384",  sha384_test,
+#endif
+#ifdef CYASSL_SHA512
+  "sha512",  sha512_test,
+#endif
+#ifdef CYASSL_RIPEMD
+  "ripemd",  ripemd_test,
+#endif
+#ifndef NO_HMAC
+  #ifndef NO_MD5
+  "hmac_md5",  hmac_md5_test,
+    #endif
+  "hmac_sha",  hmac_sha_test,
+    #ifndef NO_SHA256
+  "hmac_sha256",  hmac_sha256_test,
+    #endif
+    #ifdef CYASSL_SHA384
+  "hmac_sha384",  hmac_sha384_test,
+  #endif
+#endif
+#ifndef NO_RC4
+    "arc4",  arc4_test,
+#endif
+#ifndef NO_HC128
+  "hc128",  hc128_test,
+#endif
+#ifndef NO_RABBIT
+  "rabbit",  rabbit_test,
+#endif
+#ifndef NO_DES3
+  "des",  des_test,
+  "des3",  des3_test,
+#endif  
+#ifndef NO_AES  
+  "aes",  aes_test,
+    #ifdef HAVE_AESGCM
+  "aesgcm",  aesgcm_test,
+    #endif
+    #ifdef HAVE_AESCCM
+  "aesccm",  aesccm_test,
+    #endif
+#endif
+
+#ifdef HAVE_CAMELLIA
+  "camellia",  camellia_test,
+#endif
+  "random",  random_test,
+#ifndef NO_RSA
+  "rsa",  rsa_test,
+#endif
+#ifndef NO_DH
+  "dh",  dh_test,
+#endif
+#ifndef NO_DSA
+    "dsa",  dsa_test,
+#endif 
+#ifndef NO_PWDBASED
+  "pwdbased",  pwdbased_test,
+#endif  
+#ifdef OPENSSL_EXTRA
+  "openssl",  openssl_test,
+#endif
+#ifdef HAVE_ECC
+  "ecc",  ecc_test,
+#endif
+
+#endif /* NO_CRYPT_TEST */
+
+    "",  NULL
+} ;
+
+enum jobtype { FORGROUND, BACKGROUND }  ;
+
+#define IF_DELIMITER(ch) ((ch) == ' ' || (ch) == '\n')
+
+static int BackGround = 0 ; /* 1: background job is running */
+
+/*******  Get Command Line *****************************/
+static int getline(char * line, int sz, func_args *args, int*bf_flg) 
+{
+    char * ret ;
+    int i ;
+    
+    #define MAXARGS 10
+    #define MAXARGLEN 30
+    static char *argv[MAXARGS] ;
+    args->argv = argv ;
+    
+    putchar('>') ;
+    fflush(stdout) ;
+    ret = fgets(line, sz, stdin) ;
+    
+    #define SHELL_ERROR_FGETS -102
+    if(ret != line) return(SHELL_ERROR_FGETS) ;
+    
+    if(line[strlen(line)-2] == '&') {
+        (*bf_flg) = BACKGROUND ;
+        line[strlen(line)-2] = '\n' ;
+    } else {
+        (*bf_flg) = FORGROUND ;
+    }
+    args->argc = 0 ;
+    for(i=0; iargv[args->argc] = &(line[i]) ;
+        while(!IF_DELIMITER(line[i])) i++ ;
+        args->argc++ ;
+        if(line[i] == '\n') {
+            line[i]  = '\0' ;
+            break ;
+        } else {
+            line[i]  = '\0' ;
+        }
+    }
+    return i ;
+}
+
+
+/************* Embedded Shell Commands **********************************/
+#define IP_SIZE 16
+
+#ifdef CYASSL_KEIL_NET
+static void ipaddr_comm(void *args) 
+{
+    if(((func_args *)args)->argc == 1) {
+            printf("IP addr: %s, port %d\n", yasslIP, yasslPort) ;
+    } else {
+        if(BackGround != 0) {
+        printf("Cannot change IP addr while background server is running\n") ;
+        } else if(((func_args *)args)->argc == 3 && 
+                  ((func_args *)args)->argv[1][0] == '-'&& 
+                  ((func_args *)args)->argv[1][1] == 'a' ) {
+/*          strcpy(yasslIP, ((func_args *)args)->argv[2]) ; */
+        } else if(((func_args *)args)->argc == 3 && 
+                  ((func_args *)args)->argv[1][0] == '-' && 
+                  ((func_args *)args)->argv[1][1] == 'p' ) {
+/*          yasslPort = atoi(((func_args *)args)->argv[2]) ; */
+        } else printf("Invalid argument\n") ; 
+    }
+}
+
+#endif
+
+
+
+#if defined(HAVE_KEIL_RTX)
+static int stack_ck = 0 ;
+
+void stack_comm(void *args) 
+{
+    if(stack_ck) {
+        printf("Stack Check: Off\n") ;
+        stack_ck = 0 ;
+    } else {
+        printf("Stack Check: On\n") ;
+        stack_ck = 1 ;
+    }
+}
+    
+#define FILL_PATTERN 0xa596695a
+void stack_fill(char * stack, int size)
+{
+    int i ;
+
+    if(stack_ck == 0)return ;
+    for(i=1; iargc == 1) {
+        printf("For %d times\n", for_iteration) ;
+    } else if( args == NULL || ((func_args *)args)->argc == 2) {
+        for_iteration = atoi(((func_args *)args)->argv[1]) ;
+    } else printf("Invalid argument\n") ;
+}
+
+
+#if defined(DEBUG_CYASSL)
+
+static int CyasslDebug = 1 ;
+
+static void dbg_comm(void *args) 
+{
+    if(CyasslDebug == 1) {
+        CyasslDebug = 0 ;
+        printf("Turning OFF Debug message\n") ;
+        CyaSSL_Debugging_OFF() ;
+    } else {
+        CyasslDebug = 1 ;
+        printf("Turning ON Debug message\n") ;
+        CyaSSL_Debugging_ON() ;
+    }
+}
+#endif
+
+static void help_comm(void *args) 
+{
+    static char *commands[] = {
+        "test", 
+        "benchmark",
+        "echoserver&            : simple echo server in background mode",
+        "echoclient             : simple echo client followed by any input string, or \"quit\", \"break\"",
+        "server&                : simple server in background mode",
+        "client                 : simple client",
+        "client -g -v [0123] -h xxx.xxx.xxx.xxx -p 443  : usage example",
+        "server/client -h        :  help for server/client command",
+        "help",
+        ""  
+    } ;
+
+    int i ;
+    printf("Commands:\n") ;
+    for(i=0; commands[i][0] ; i++)
+        printf("    %s\n", commands[i]) ;
+
+}
+
+
+
+#define BG_JOB_STACK_SIZE 8000
+#if (!defined(NO_SIMPLE_SERVER) && !defined(NO_ECHOSERVER)) && \
+                                                   defined(HAVE_KEIL_RTX)
+#if !defined(CYASSL_CMSIS_RTOS)
+static char bg_job_stack[BG_JOB_STACK_SIZE] ;
+#endif
+
+#endif
+
+#define COMMAND_STACK_SIZE 10000
+#if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+static char command_stack[COMMAND_STACK_SIZE] ;
+#endif
+
+
+#ifdef  HAVE_KEIL_RTX
+static   CyaSSL_Mutex command_mutex ;
+#endif
+
+void exit_command(void) {
+	  printf("Command Aborted\n") ;
+    #ifdef CYASSL_CMSIS_RTOS
+        osThreadTerminate(osThreadGetId()) ;
+    #else
+        os_tsk_delete_self() ;
+    #endif
+}
+
+
+/***********    Invoke Forground Command  *********************/
+static void command_invoke(void const *args) 
+{
+    void (*func)(void const * ) ;
+    int i,iteration ;
+    
+    func = (void(*)(void const *))((func_args *)args)->argv[0] ; 
+    #ifdef  HAVE_KEIL_RTX
+    LockMutex((CyaSSL_Mutex *)&command_mutex) ;
+    #endif
+    iteration = for_iteration ;
+    for(i=0; i< iteration; i++) {
+        if(iteration > 1) printf("--- Start for %d ---->\n", i) ;
+        #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+        stack_fill(command_stack, COMMAND_STACK_SIZE) ;
+        #endif
+                
+        func(args) ;        /* invoke command */
+                
+        #if defined(HAVE_KEIL_RTX)&& !defined(CYASSL_CMSIS_RTOS)
+        stack_check(command_stack, COMMAND_STACK_SIZE) ;
+        #endif
+    }
+
+    if(iteration > 1) 
+    for_iteration = 1 ;
+    osDelay(20000) ;
+    #ifdef HAVE_KEIL_RTX
+        UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
+        #ifdef CYASSL_CMSIS_RTOS
+            osThreadTerminate(osThreadGetId()) ;
+        #else
+            os_tsk_delete_self() ;
+        #endif
+    #endif
+}
+
+#if defined(HAVE_KEIL_RTX)
+/*******  Invoke Background Job   *******************************/
+static void bg_job_invoke(void const *args) 
+{
+    void (*func)(void const * ) ;
+    BackGround = 1 ; 
+    #if defined(HAVE_KEIL_RTX)&& !defined(CYASSL_CMSIS_RTOS)
+    stack_fill(bg_job_stack, BG_JOB_STACK_SIZE) ;
+    #endif
+
+    func = (void(*)(void const *))((func_args *)args)->argv[0] ; 
+    func(args) ;        /* invoke command */
+    #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+    stack_check(bg_job_stack, BG_JOB_STACK_SIZE) ;
+    #endif
+    
+    osDelay(20000) ;
+    BackGround = 0 ;
+
+    #ifdef CYASSL_CMSIS_RTOS
+        osThreadTerminate(osThreadGetId()) ;
+    #else   
+        os_tsk_delete_self() ; ;
+    #endif
+}
+#endif
+
+#define LINESIZE 100
+static char line[LINESIZE] ;
+
+#if defined(CYASSL_CMSIS_RTOS)
+    osThreadDef (command_invoke, osPriorityAboveNormal , 1, COMMAND_STACK_SIZE) ;
+    osThreadDef (bg_job_invoke, osPriorityNormal , 1 , BG_JOB_STACK_SIZE) ;
+#endif
+/********* SHEULL MAIN LOOP ***********************************/
+void shell_main(void *arg) {
+    int i ; 
+    func_args args ;
+    int bf_flg ;
+   
+    i = BackGround ; 
+        /* Dummy for avoiding warning: BackGround is defined but not used. */
+    
+ #if defined(HAVE_KEIL_RTX)
+    InitMutex(&command_mutex) ;
+#endif
+    help_comm(NULL) ;
+    
+    printf("Starting Shell\n") ;
+    while(1) {
+        if(getline(line,  LINESIZE, &args, &bf_flg) > 0) {
+        for(i=0; commandTable[i].func != NULL; i++) {
+            if(strcmp(commandTable[i].command, args.argv[0]) == 0) {
+            args.argv[0] = (char *) commandTable[i].func ;
+                if(bf_flg == FORGROUND) {
+                    #if defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+                        UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
+                        os_tsk_create_user_ex( (void(*)(void *))&command_invoke, 7,
+                                 command_stack, COMMAND_STACK_SIZE, &args) ;
+                    #else
+                        #if defined(CYASSL_CMSIS_RTOS)
+                             UnLockMutex((CyaSSL_Mutex *)&command_mutex) ;
+                             osThreadCreate (osThread (command_invoke) , &args);   
+                        #else
+                              command_invoke(&args) ;
+                        #endif
+                    #endif
+                    #ifdef  HAVE_KEIL_RTX
+                    LockMutex((CyaSSL_Mutex *)&command_mutex) ;
+                    #endif
+                } else {
+                    #if (!defined(NO_SIMPLE_SERVER) && \
+                         !defined(NO_ECHOSERVER)) && \
+                         defined(HAVE_KEIL_RTX)
+                    if(BackGround != 0) {
+                        printf("Multiple background servers not supported.\n") ;
+                    } else {
+                        printf("\"%s\" is running with the background mode.\n", 
+                                                     commandTable[i].command) ;
+                        #if  defined(HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS)
+                             os_tsk_create_user_ex( (void(*)(void *))&bg_job_invoke, 
+                                   6, bg_job_stack, BG_JOB_STACK_SIZE, &args) ;
+                        #else
+                                osThreadCreate (osThread (bg_job_invoke),  &args); 
+                                osDelay (500) ;
+                        #endif
+                    }
+                    #else
+                    printf("Invalid Command: no background job\n") ;
+                    #endif
+                }
+                break ;
+            }
+        }
+        if(commandTable[i].func == NULL)
+            printf("Command not found\n") ;
+        }
+    }
+}
+
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
new file mode 100644
index 000000000..e19675bd9
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/test.c
@@ -0,0 +1,4758 @@
+/* test.c
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+
+#ifdef XMALLOC_USER
+    #include   /* we're using malloc / free direct here */
+#endif
+
+#ifndef NO_CRYPT_TEST
+
+#ifdef CYASSL_TEST_CERT
+    #include 
+#else
+    #include 
+#endif
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#include 
+#ifdef HAVE_ECC
+    #include 
+#endif
+#ifdef HAVE_BLAKE2
+    #include 
+#endif
+#ifdef HAVE_LIBZ
+    #include 
+#endif
+#ifdef HAVE_PKCS7
+    #include 
+#endif
+
+#ifdef _MSC_VER
+    /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
+    #pragma warning(disable: 4996)
+#endif
+
+#ifdef OPENSSL_EXTRA
+    #include 
+    #include 
+    #include 
+    #include 
+#endif
+
+
+#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048)
+    /* include test cert and key buffers for use with NO_FILESYSTEM */
+    #if defined(CYASSL_MDK_ARM)
+        #include "cert_data.h"
+                        /* use certs_test.c for initial data, so other
+                                               commands can share the data. */
+    #else
+        #include 
+    #endif
+#endif
+
+#if defined(CYASSL_MDK_ARM)
+        #include 
+        #include 
+    extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ;
+    #define fopen CyaSSL_fopen
+#endif
+
+#ifdef HAVE_NTRU
+    #include "crypto_ntru.h"
+#endif
+#ifdef HAVE_CAVIUM
+    #include "cavium_sysdep.h"
+    #include "cavium_common.h"
+    #include "cavium_ioctl.h"
+#endif
+
+#ifdef FREESCALE_MQX
+    #include 
+    #include 
+    #include 
+#else
+    #include 
+#endif
+
+
+#ifdef THREADX
+    /* since just testing, use THREADX log printf instead */
+    int dc_log_printf(char*, ...);
+        #undef printf
+        #define printf dc_log_printf
+#endif
+
+#include "ctaocrypt/test/test.h"
+
+
+typedef struct testVector {
+    const char*  input;
+    const char*  output;
+    size_t inLen;
+    size_t outLen;
+} testVector;
+
+int  md2_test(void);
+int  md5_test(void);
+int  md4_test(void);
+int  sha_test(void);
+int  sha256_test(void);
+int  sha512_test(void);
+int  sha384_test(void);
+int  hmac_md5_test(void);
+int  hmac_sha_test(void);
+int  hmac_sha256_test(void);
+int  hmac_sha384_test(void);
+int  hmac_sha512_test(void);
+int  hmac_blake2b_test(void);
+int  hkdf_test(void);
+int  arc4_test(void);
+int  hc128_test(void);
+int  rabbit_test(void);
+int  des_test(void);
+int  des3_test(void);
+int  aes_test(void);
+int  aesgcm_test(void);
+int  gmac_test(void);
+int  aesccm_test(void);
+int  camellia_test(void);
+int  rsa_test(void);
+int  dh_test(void);
+int  dsa_test(void);
+int  random_test(void);
+int  pwdbased_test(void);
+int  ripemd_test(void);
+int  openssl_test(void);   /* test mini api */
+int pbkdf1_test(void);
+int pkcs12_test(void);
+int pbkdf2_test(void);
+#ifdef HAVE_ECC
+    int  ecc_test(void);
+    #ifdef HAVE_ECC_ENCRYPT
+        int  ecc_encrypt_test(void);
+    #endif
+#endif
+#ifdef HAVE_BLAKE2
+    int  blake2b_test(void);
+#endif
+#ifdef HAVE_LIBZ
+    int compress_test(void);
+#endif
+#ifdef HAVE_PKCS7
+    int pkcs7enveloped_test(void);
+    int pkcs7signed_test(void);
+#endif
+
+
+
+static void err_sys(const char* msg, int es)
+{
+    printf("%s error = %d\n", msg, es);
+    #if !defined(THREADX) && !defined(CYASSL_MDK_ARM)
+  	if (msg)
+        exit(es);
+    #endif
+    return;
+}
+
+/* func_args from test.h, so don't have to pull in other junk */
+typedef struct func_args {
+    int    argc;
+    char** argv;
+    int    return_code;
+} func_args;
+
+
+
+void ctaocrypt_test(void* args)
+{
+    int ret = 0;
+
+    ((func_args*)args)->return_code = -1; /* error state */
+
+#if !defined(NO_BIG_INT)
+    if (CheckCtcSettings() != 1)
+        err_sys("Build vs runtime math mismatch\n", -1234);
+
+#ifdef USE_FAST_MATH
+    if (CheckFastMathSettings() != 1)
+        err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", -1235);
+#endif /* USE_FAST_MATH */
+#endif /* !NO_BIG_INT */
+
+
+#ifndef NO_MD5
+    if ( (ret = md5_test()) != 0)
+        err_sys("MD5      test failed!\n", ret);
+    else
+        printf( "MD5      test passed!\n");
+#endif
+
+#ifdef CYASSL_MD2
+    if ( (ret = md2_test()) != 0)
+        err_sys("MD2      test failed!\n", ret);
+    else
+        printf( "MD2      test passed!\n");
+#endif
+
+#ifndef NO_MD4
+    if ( (ret = md4_test()) != 0)
+        err_sys("MD4      test failed!\n", ret);
+    else
+        printf( "MD4      test passed!\n");
+#endif
+
+#ifndef NO_SHA
+    if ( (ret = sha_test()) != 0)
+        err_sys("SHA      test failed!\n", ret);
+    else
+        printf( "SHA      test passed!\n");
+#endif
+
+#ifndef NO_SHA256
+    if ( (ret = sha256_test()) != 0)
+        err_sys("SHA-256  test failed!\n", ret);
+    else
+        printf( "SHA-256  test passed!\n");
+#endif
+
+#ifdef CYASSL_SHA384
+    if ( (ret = sha384_test()) != 0)
+        err_sys("SHA-384  test failed!\n", ret);
+    else
+        printf( "SHA-384  test passed!\n");
+#endif
+
+#ifdef CYASSL_SHA512
+    if ( (ret = sha512_test()) != 0)
+        err_sys("SHA-512  test failed!\n", ret);
+    else
+        printf( "SHA-512  test passed!\n");
+#endif
+
+#ifdef CYASSL_RIPEMD
+    if ( (ret = ripemd_test()) != 0)
+        err_sys("RIPEMD   test failed!\n", ret);
+    else
+        printf( "RIPEMD   test passed!\n");
+#endif
+
+#ifdef HAVE_BLAKE2
+    if ( (ret = blake2b_test()) != 0)
+        err_sys("BLAKE2b  test failed!\n", ret);
+    else
+        printf( "BLAKE2b  test passed!\n");
+#endif
+
+#ifndef NO_HMAC
+    #ifndef NO_MD5
+        if ( (ret = hmac_md5_test()) != 0)
+            err_sys("HMAC-MD5 test failed!\n", ret);
+        else
+            printf( "HMAC-MD5 test passed!\n");
+    #endif
+
+    #ifndef NO_SHA
+    if ( (ret = hmac_sha_test()) != 0)
+        err_sys("HMAC-SHA test failed!\n", ret);
+    else
+        printf( "HMAC-SHA test passed!\n");
+    #endif
+
+    #ifndef NO_SHA256
+        if ( (ret = hmac_sha256_test()) != 0)
+            err_sys("HMAC-SHA256 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA256 test passed!\n");
+    #endif
+
+    #ifdef CYASSL_SHA384
+        if ( (ret = hmac_sha384_test()) != 0)
+            err_sys("HMAC-SHA384 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA384 test passed!\n");
+    #endif
+
+    #ifdef CYASSL_SHA512
+        if ( (ret = hmac_sha512_test()) != 0)
+            err_sys("HMAC-SHA512 test failed!\n", ret);
+        else
+            printf( "HMAC-SHA512 test passed!\n");
+    #endif
+
+    #ifdef HAVE_BLAKE2
+        if ( (ret = hmac_blake2b_test()) != 0)
+            err_sys("HMAC-BLAKE2 test failed!\n", ret);
+        else
+            printf( "HMAC-BLAKE2 test passed!\n");
+    #endif
+
+    #ifdef HAVE_HKDF
+        if ( (ret = hkdf_test()) != 0)
+            err_sys("HMAC-KDF    test failed!\n", ret);
+        else
+            printf( "HMAC-KDF    test passed!\n");
+    #endif
+
+#endif
+
+#ifdef HAVE_AESGCM
+    if ( (ret = gmac_test()) != 0)
+        err_sys("GMAC     test passed!\n", ret);
+    else
+        printf( "GMAC     test passed!\n");
+#endif
+
+#ifndef NO_RC4
+    if ( (ret = arc4_test()) != 0)
+        err_sys("ARC4     test failed!\n", ret);
+    else
+        printf( "ARC4     test passed!\n");
+#endif
+
+#ifndef NO_HC128
+    if ( (ret = hc128_test()) != 0)
+        err_sys("HC-128   test failed!\n", ret);
+    else
+        printf( "HC-128   test passed!\n");
+#endif
+
+#ifndef NO_RABBIT
+    if ( (ret = rabbit_test()) != 0)
+        err_sys("Rabbit   test failed!\n", ret);
+    else
+        printf( "Rabbit   test passed!\n");
+#endif
+
+#ifndef NO_DES3
+    if ( (ret = des_test()) != 0)
+        err_sys("DES      test failed!\n", ret);
+    else
+        printf( "DES      test passed!\n");
+#endif
+
+#ifndef NO_DES3
+    if ( (ret = des3_test()) != 0)
+        err_sys("DES3     test failed!\n", ret);
+    else
+        printf( "DES3     test passed!\n");
+#endif
+
+#ifndef NO_AES
+    if ( (ret = aes_test()) != 0)
+        err_sys("AES      test failed!\n", ret);
+    else
+        printf( "AES      test passed!\n");
+
+#ifdef HAVE_AESGCM
+    if ( (ret = aesgcm_test()) != 0)
+        err_sys("AES-GCM  test failed!\n", ret);
+    else
+        printf( "AES-GCM  test passed!\n");
+#endif
+
+#ifdef HAVE_AESCCM
+    if ( (ret = aesccm_test()) != 0)
+        err_sys("AES-CCM  test failed!\n", ret);
+    else
+        printf( "AES-CCM  test passed!\n");
+#endif
+#endif
+
+#ifdef HAVE_CAMELLIA
+    if ( (ret = camellia_test()) != 0)
+        err_sys("CAMELLIA test failed!\n", ret);
+    else
+        printf( "CAMELLIA test passed!\n");
+#endif
+
+    if ( (ret = random_test()) != 0)
+        err_sys("RANDOM   test failed!\n", ret);
+    else
+        printf( "RANDOM   test passed!\n");
+
+#ifndef NO_RSA
+    if ( (ret = rsa_test()) != 0)
+        err_sys("RSA      test failed!\n", ret);
+    else
+        printf( "RSA      test passed!\n");
+#endif
+
+#ifndef NO_DH
+    if ( (ret = dh_test()) != 0)
+        err_sys("DH       test failed!\n", ret);
+    else
+        printf( "DH       test passed!\n");
+#endif
+
+#ifndef NO_DSA
+    if ( (ret = dsa_test()) != 0)
+        err_sys("DSA      test failed!\n", ret);
+    else
+        printf( "DSA      test passed!\n");
+#endif
+
+#ifndef NO_PWDBASED
+    if ( (ret = pwdbased_test()) != 0)
+        err_sys("PWDBASED test failed!\n", ret);
+    else
+        printf( "PWDBASED test passed!\n");
+#endif
+
+#ifdef OPENSSL_EXTRA
+    if ( (ret = openssl_test()) != 0)
+        err_sys("OPENSSL  test failed!\n", ret);
+    else
+        printf( "OPENSSL  test passed!\n");
+#endif
+
+#ifdef HAVE_ECC
+    if ( (ret = ecc_test()) != 0)
+        err_sys("ECC      test failed!\n", ret);
+    else
+        printf( "ECC      test passed!\n");
+    #ifdef HAVE_ECC_ENCRYPT
+        if ( (ret = ecc_encrypt_test()) != 0)
+            err_sys("ECC Enc  test failed!\n", ret);
+        else
+            printf( "ECC Enc  test passed!\n");
+    #endif
+#endif
+
+#ifdef HAVE_LIBZ
+    if ( (ret = compress_test()) != 0)
+        err_sys("COMPRESS test failed!\n", ret);
+    else
+        printf( "COMPRESS test passed!\n");
+#endif
+
+#ifdef HAVE_PKCS7
+    if ( (ret = pkcs7enveloped_test()) != 0)
+        err_sys("PKCS7enveloped test failed!\n", ret);
+    else
+        printf( "PKCS7enveloped test passed!\n");
+
+    if ( (ret = pkcs7signed_test()) != 0)
+        err_sys("PKCS7signed    test failed!\n", ret);
+    else
+        printf( "PKCS7signed    test passed!\n");
+#endif
+
+    ((func_args*)args)->return_code = ret;
+}
+
+
+#ifndef NO_MAIN_DRIVER
+
+#ifdef HAVE_CAVIUM
+
+static int OpenNitroxDevice(int dma_mode,int dev_id)
+{
+   Csp1CoreAssignment core_assign;
+   Uint32             device;
+
+   if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
+      return -1;
+   if (Csp1GetDevType(&device))
+      return -1;
+   if (device != NPX_DEVICE) {
+      if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
+                (Uint32 *)&core_assign)!= 0)
+         return -1;
+   }
+   CspShutdown(CAVIUM_DEV_ID);
+
+   return CspInitialize(dma_mode, dev_id);
+}
+
+#endif /* HAVE_CAVIUM */
+
+    /* so overall tests can pull in test function */
+
+    int main(int argc, char** argv)
+    {
+
+        func_args args;
+
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed", -1236);
+#endif /* HAVE_CAVIUM */
+
+        args.argc = argc;
+        args.argv = argv;
+
+        ctaocrypt_test(&args);
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+
+        return args.return_code;
+    }
+
+#endif /* NO_MAIN_DRIVER */
+
+
+#ifdef CYASSL_MD2
+int md2_test()
+{
+    Md2  md2;
+    byte hash[MD2_DIGEST_SIZE];
+
+    testVector a, b, c, d, e, f, g;
+    testVector test_md2[7];
+    int times = sizeof(test_md2) / sizeof(testVector), i;
+
+    a.input  = "";
+    a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69"
+               "\x27\x73";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD2_DIGEST_SIZE;
+
+    b.input  = "a";
+    b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0"
+               "\xb5\xd1";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD2_DIGEST_SIZE;
+
+    c.input  = "abc";
+    c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde"
+               "\xd6\xbb";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD2_DIGEST_SIZE;
+
+    d.input  = "message digest";
+    d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe"
+               "\x06\xb0";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD2_DIGEST_SIZE;
+
+    e.input  = "abcdefghijklmnopqrstuvwxyz";
+    e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47"
+               "\x94\x0b";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD2_DIGEST_SIZE;
+
+    f.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03"
+               "\x38\xcd";
+    f.inLen  = strlen(f.input);
+    f.outLen = MD2_DIGEST_SIZE;
+
+    g.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3"
+               "\xef\xd8";
+    g.inLen  = strlen(g.input);
+    g.outLen = MD2_DIGEST_SIZE;
+
+    test_md2[0] = a;
+    test_md2[1] = b;
+    test_md2[2] = c;
+    test_md2[3] = d;
+    test_md2[4] = e;
+    test_md2[5] = f;
+    test_md2[6] = g;
+
+    InitMd2(&md2);
+
+    for (i = 0; i < times; ++i) {
+        Md2Update(&md2, (byte*)test_md2[i].input, (word32)test_md2[i].inLen);
+        Md2Final(&md2, hash);
+
+        if (memcmp(hash, test_md2[i].output, MD2_DIGEST_SIZE) != 0)
+            return -155 - i;
+    }
+
+    return 0;
+}
+#endif
+
+#ifndef NO_MD5
+int md5_test(void)
+{
+    Md5  md5;
+    byte hash[MD5_DIGEST_SIZE];
+
+    testVector a, b, c, d, e;
+    testVector test_md5[5];
+    int times = sizeof(test_md5) / sizeof(testVector), i;
+
+    a.input  = "abc";
+    a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f"
+               "\x72";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    b.input  = "message digest";
+    b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61"
+               "\xd0";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD5_DIGEST_SIZE;
+
+    c.input  = "abcdefghijklmnopqrstuvwxyz";
+    c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1"
+               "\x3b";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    d.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d"
+               "\x9f";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD5_DIGEST_SIZE;
+
+    e.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
+               "\x7a";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD5_DIGEST_SIZE;
+
+    test_md5[0] = a;
+    test_md5[1] = b;
+    test_md5[2] = c;
+    test_md5[3] = d;
+    test_md5[4] = e;
+
+    InitMd5(&md5);
+
+    for (i = 0; i < times; ++i) {
+        Md5Update(&md5, (byte*)test_md5[i].input, (word32)test_md5[i].inLen);
+        Md5Final(&md5, hash);
+
+        if (memcmp(hash, test_md5[i].output, MD5_DIGEST_SIZE) != 0)
+            return -5 - i;
+    }
+
+    return 0;
+}
+#endif /* NO_MD5 */
+
+
+#ifndef NO_MD4
+
+int md4_test(void)
+{
+    Md4  md4;
+    byte hash[MD4_DIGEST_SIZE];
+
+    testVector a, b, c, d, e, f, g;
+    testVector test_md4[7];
+    int times = sizeof(test_md4) / sizeof(testVector), i;
+
+    a.input  = "";
+    a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89"
+               "\xc0";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD4_DIGEST_SIZE;
+
+    b.input  = "a";
+    b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb"
+               "\x24";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD4_DIGEST_SIZE;
+
+    c.input  = "abc";
+    c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72"
+               "\x9d";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD4_DIGEST_SIZE;
+
+    d.input  = "message digest";
+    d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01"
+               "\x4b";
+    d.inLen  = strlen(d.input);
+    d.outLen = MD4_DIGEST_SIZE;
+
+    e.input  = "abcdefghijklmnopqrstuvwxyz";
+    e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d"
+               "\xa9";
+    e.inLen  = strlen(e.input);
+    e.outLen = MD4_DIGEST_SIZE;
+
+    f.input  = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345"
+               "6789";
+    f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0"
+               "\xe4";
+    f.inLen  = strlen(f.input);
+    f.outLen = MD4_DIGEST_SIZE;
+
+    g.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05"
+               "\x36";
+    g.inLen  = strlen(g.input);
+    g.outLen = MD4_DIGEST_SIZE;
+
+    test_md4[0] = a;
+    test_md4[1] = b;
+    test_md4[2] = c;
+    test_md4[3] = d;
+    test_md4[4] = e;
+    test_md4[5] = f;
+    test_md4[6] = g;
+
+    InitMd4(&md4);
+
+    for (i = 0; i < times; ++i) {
+        Md4Update(&md4, (byte*)test_md4[i].input, (word32)test_md4[i].inLen);
+        Md4Final(&md4, hash);
+
+        if (memcmp(hash, test_md4[i].output, MD4_DIGEST_SIZE) != 0)
+            return -205 - i;
+    }
+
+    return 0;
+}
+
+#endif /* NO_MD4 */
+
+#ifndef NO_SHA
+
+int sha_test(void)
+{
+    Sha  sha;
+    byte hash[SHA_DIGEST_SIZE];
+
+    testVector a, b, c, d;
+    testVector test_sha[4];
+    int ret;
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2"
+               "\x6C\x9C\xD0\xD8\x9D";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA_DIGEST_SIZE;
+
+    b.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29"
+               "\xE5\xE5\x46\x70\xF1";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    c.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaa";
+    c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44"
+               "\x2A\x25\xEC\x64\x4D";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA_DIGEST_SIZE;
+
+    d.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaa";
+    d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
+               "\x53\x99\x5E\x26\xA0";
+    d.inLen  = strlen(d.input);
+    d.outLen = SHA_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+    test_sha[2] = c;
+    test_sha[3] = d;
+
+    ret = InitSha(&sha);
+    if (ret != 0)
+        return -4001;
+
+    for (i = 0; i < times; ++i) {
+        ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen);
+        ShaFinal(&sha, hash);
+
+        if (memcmp(hash, test_sha[i].output, SHA_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+
+#endif /* NO_SHA */
+
+#ifdef CYASSL_RIPEMD
+int ripemd_test(void)
+{
+    RipeMd  ripemd;
+    byte hash[RIPEMD_DIGEST_SIZE];
+
+    testVector a, b, c, d;
+    testVector test_ripemd[4];
+    int times = sizeof(test_ripemd) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6"
+               "\xb0\x87\xf1\x5a\x0b\xfc";
+    a.inLen  = strlen(a.input);
+    a.outLen = RIPEMD_DIGEST_SIZE;
+
+    b.input  = "message digest";
+    b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8"
+               "\x5f\xfa\x21\x59\x5f\x36";
+    b.inLen  = strlen(b.input);
+    b.outLen = RIPEMD_DIGEST_SIZE;
+
+    c.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc"
+               "\xf4\x9a\xda\x62\xeb\x2b";
+    c.inLen  = strlen(c.input);
+    c.outLen = RIPEMD_DIGEST_SIZE;
+
+    d.input  = "12345678901234567890123456789012345678901234567890123456"
+               "789012345678901234567890";
+    d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab"
+               "\x82\xbf\x63\x32\x6b\xfb";
+    d.inLen  = strlen(d.input);
+    d.outLen = RIPEMD_DIGEST_SIZE;
+
+    test_ripemd[0] = a;
+    test_ripemd[1] = b;
+    test_ripemd[2] = c;
+    test_ripemd[3] = d;
+
+    InitRipeMd(&ripemd);
+
+    for (i = 0; i < times; ++i) {
+        RipeMdUpdate(&ripemd, (byte*)test_ripemd[i].input,
+                     (word32)test_ripemd[i].inLen);
+        RipeMdFinal(&ripemd, hash);
+
+        if (memcmp(hash, test_ripemd[i].output, RIPEMD_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif /* CYASSL_RIPEMD */
+
+
+#ifdef HAVE_BLAKE2
+
+
+#define BLAKE2_TESTS 3
+
+static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] =
+{
+  {
+    0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03,
+    0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72,
+    0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61,
+    0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19,
+    0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53,
+    0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B,
+    0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55,
+    0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE
+  },
+  {
+    0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95,
+    0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7,
+    0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44,
+    0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C,
+    0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB,
+    0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4,
+    0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48,
+    0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B
+  },
+  {
+    0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9,
+    0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72,
+    0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF,
+    0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15,
+    0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB,
+    0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04,
+    0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1,
+    0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5
+  }
+};
+
+
+
+int blake2b_test(void)
+{
+    Blake2b b2b;
+    byte    digest[64];
+    byte    input[64];
+    int     i, ret;
+
+    for (i = 0; i < (int)sizeof(input); i++)
+        input[i] = (byte)i;
+
+    for (i = 0; i < BLAKE2_TESTS; i++) {
+        ret = InitBlake2b(&b2b, 64);
+        if (ret != 0)
+            return -4002;
+
+        ret = Blake2bUpdate(&b2b, input, i);
+        if (ret != 0)
+            return -4003;
+
+        ret = Blake2bFinal(&b2b, digest, 64);
+        if (ret != 0)
+            return -4004;
+
+        if (memcmp(digest, blake2b_vec[i], 64) != 0) {
+            return -300 - i;
+        }
+    }
+
+    return 0;
+}
+#endif /* HAVE_BLAKE2 */
+
+
+#ifndef NO_SHA256
+int sha256_test(void)
+{
+    Sha256 sha;
+    byte   hash[SHA256_DIGEST_SIZE];
+
+    testVector a, b;
+    testVector test_sha[2];
+    int ret;
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xBA\x78\x16\xBF\x8F\x01\xCF\xEA\x41\x41\x40\xDE\x5D\xAE\x22"
+               "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00"
+               "\x15\xAD";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA256_DIGEST_SIZE;
+
+    b.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+               "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+               "\x06\xC1";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA256_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = InitSha256(&sha);
+    if (ret != 0)
+        return -4005;
+
+    for (i = 0; i < times; ++i) {
+        ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4006;
+        ret = Sha256Final(&sha, hash);
+        if (ret != 0)
+            return -4007;
+
+        if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifdef CYASSL_SHA512
+int sha512_test(void)
+{
+    Sha512 sha;
+    byte   hash[SHA512_DIGEST_SIZE];
+    int    ret;
+
+    testVector a, b;
+    testVector test_sha[2];
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41"
+               "\x31\x12\xe6\xfa\x4e\x89\xa9\x7e\xa2\x0a\x9e\xee\xe6\x4b\x55"
+               "\xd3\x9a\x21\x92\x99\x2a\x27\x4f\xc1\xa8\x36\xba\x3c\x23\xa3"
+               "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f"
+               "\xa5\x4c\xa4\x9f";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA512_DIGEST_SIZE;
+
+    b.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    b.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
+               "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
+               "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
+               "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
+               "\x87\x4b\xe9\x09";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA512_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = InitSha512(&sha);
+    if (ret != 0)
+        return -4009;
+
+    for (i = 0; i < times; ++i) {
+        ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4010;
+
+        ret = Sha512Final(&sha, hash);
+        if (ret != 0)
+            return -4011;
+
+        if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifdef CYASSL_SHA384
+int sha384_test(void)
+{
+    Sha384 sha;
+    byte   hash[SHA384_DIGEST_SIZE];
+    int    ret;
+
+    testVector a, b;
+    testVector test_sha[2];
+    int times = sizeof(test_sha) / sizeof(struct testVector), i;
+
+    a.input  = "abc";
+    a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50"
+               "\x07\x27\x2c\x32\xab\x0e\xde\xd1\x63\x1a\x8b\x60\x5a\x43\xff"
+               "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34"
+               "\xc8\x25\xa7";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA384_DIGEST_SIZE;
+
+    b.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    b.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
+               "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
+               "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
+               "\x74\x60\x39";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA384_DIGEST_SIZE;
+
+    test_sha[0] = a;
+    test_sha[1] = b;
+
+    ret = InitSha384(&sha);
+    if (ret != 0)
+        return -4012;
+
+    for (i = 0; i < times; ++i) {
+        ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen);
+        if (ret != 0)
+            return -4013;
+
+        ret = Sha384Final(&sha, hash);
+        if (ret != 0)
+            return -4014;
+
+        if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0)
+            return -10 - i;
+    }
+
+    return 0;
+}
+#endif /* CYASSL_SHA384 */
+
+
+#if !defined(NO_HMAC) && !defined(NO_MD5)
+int hmac_md5_test(void)
+{
+    Hmac hmac;
+    byte hash[MD5_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc"
+               "\x9d";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
+               "\x38";
+    b.inLen  = strlen(b.input);
+    b.outLen = MD5_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3"
+               "\xf6";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#ifdef HAVE_CAVIUM
+        if (i == 1)
+            continue; /* driver can't handle keys <= bytes */
+        if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20009;
+#endif
+        ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4015;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4016;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4017;
+
+        if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif /* NO_HMAC && NO_MD5 */
+
+#if !defined(NO_HMAC) && !defined(NO_SHA)
+int hmac_sha_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c"
+               "\x8e\xf1\x46\xbe\x00";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf"
+               "\x9c\x25\x9a\x7c\x79";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b"
+               "\x4f\x63\xf1\x75\xd3";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#ifdef HAVE_CAVIUM
+        if (i == 1)
+            continue; /* driver can't handle keys <= bytes */
+        if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20010;
+#endif
+        ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4018;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4019;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4020;
+
+        if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && !defined(NO_SHA256)
+int hmac_sha256_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA256_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1"
+               "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32"
+               "\xcf\xf7";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA256_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75"
+               "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec"
+               "\x38\x43";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA256_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81"
+               "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5"
+               "\x65\xfe";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA256_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#ifdef HAVE_CAVIUM
+        if (i == 1)
+            continue; /* driver can't handle keys <= bytes */
+        if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20011;
+#endif
+        ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4021;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4022;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4023;
+
+        if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(HAVE_BLAKE2)
+int hmac_blake2b_test(void)
+{
+    Hmac hmac;
+    byte hash[BLAKE2B_256];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51"
+               "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75"
+               "\xac\xfd";
+    a.inLen  = strlen(a.input);
+    a.outLen = BLAKE2B_256;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67"
+               "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c"
+               "\xda\x2b";
+    b.inLen  = strlen(b.input);
+    b.outLen = BLAKE2B_256;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7"
+               "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3"
+               "\x0f\x87";
+    c.inLen  = strlen(c.input);
+    c.outLen = BLAKE2B_256;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+#ifdef HAVE_CAVIUM
+        if (i == 1)
+            continue; /* driver can't handle keys <= bytes */
+        if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0)
+            return -20011;
+#endif
+        ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i],
+                         (word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4024;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4025;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4026;
+
+        if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0)
+            return -20 - i;
+#ifdef HAVE_CAVIUM
+        HmacFreeCavium(&hmac);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(CYASSL_SHA384)
+int hmac_sha384_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA384_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90"
+               "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb"
+               "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2"
+               "\xfa\x9c\xb6";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA384_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b"
+               "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22"
+               "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa"
+               "\xb2\x16\x49";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA384_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8"
+               "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66"
+               "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01"
+               "\xa3\x4f\x27";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA384_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+        ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4027;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4028;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4029;
+
+        if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#if !defined(NO_HMAC) && defined(CYASSL_SHA512)
+int hmac_sha512_test(void)
+{
+    Hmac hmac;
+    byte hash[SHA512_DIGEST_SIZE];
+
+    const char* keys[]=
+    {
+        "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b"
+                                                                "\x0b\x0b\x0b",
+        "Jefe",
+        "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA"
+                                                                "\xAA\xAA\xAA"
+    };
+
+    testVector a, b, c;
+    testVector test_hmac[3];
+
+    int ret;
+    int times = sizeof(test_hmac) / sizeof(testVector), i;
+
+    a.input  = "Hi There";
+    a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c"
+               "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1"
+               "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae"
+               "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20"
+               "\x3a\x12\x68\x54";
+    a.inLen  = strlen(a.input);
+    a.outLen = SHA512_DIGEST_SIZE;
+
+    b.input  = "what do ya want for nothing?";
+    b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0"
+               "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25"
+               "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8"
+               "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a"
+               "\x38\xbc\xe7\x37";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA512_DIGEST_SIZE;
+
+    c.input  = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD"
+               "\xDD\xDD\xDD\xDD\xDD\xDD";
+    c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b"
+               "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27"
+               "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e"
+               "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59"
+               "\xe1\x32\x92\xfb";
+    c.inLen  = strlen(c.input);
+    c.outLen = SHA512_DIGEST_SIZE;
+
+    test_hmac[0] = a;
+    test_hmac[1] = b;
+    test_hmac[2] = c;
+
+    for (i = 0; i < times; ++i) {
+        ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i]));
+        if (ret != 0)
+            return -4030;
+        ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input,
+                   (word32)test_hmac[i].inLen);
+        if (ret != 0)
+            return -4031;
+        ret = HmacFinal(&hmac, hash);
+        if (ret != 0)
+            return -4032;
+
+        if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0)
+            return -20 - i;
+    }
+
+    return 0;
+}
+#endif
+
+
+#ifndef NO_RC4
+int arc4_test(void)
+{
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x01\x23\x45\x67\x89\xab\xcd\xef",
+        "\x01\x23\x45\x67\x89\xab\xcd\xef",
+        "\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\xef\x01\x23\x45"
+    };
+
+    testVector a, b, c, d;
+    testVector test_arc4[4];
+
+    int times = sizeof(test_arc4) / sizeof(testVector), i;
+
+    a.input  = "\x01\x23\x45\x67\x89\xab\xcd\xef";
+    a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    d.input  = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
+    d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61";
+    d.inLen  = 10;
+    d.outLen = 10;
+
+    test_arc4[0] = a;
+    test_arc4[1] = b;
+    test_arc4[2] = c;
+    test_arc4[3] = d;
+
+    for (i = 0; i < times; ++i) {
+        Arc4 enc;
+        Arc4 dec;
+        int  keylen = 8;  /* strlen with key 0x00 not good */
+        if (i == 3)
+            keylen = 4;
+
+#ifdef HAVE_CAVIUM
+        if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0)
+            return -20001;
+        if (Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0)
+            return -20002;
+#endif
+
+        Arc4SetKey(&enc, (byte*)keys[i], keylen);
+        Arc4SetKey(&dec, (byte*)keys[i], keylen);
+
+        Arc4Process(&enc, cipher, (byte*)test_arc4[i].input,
+                    (word32)test_arc4[i].outLen);
+        Arc4Process(&dec, plain,  cipher, (word32)test_arc4[i].outLen);
+
+        if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen))
+            return -20 - i;
+
+        if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen))
+            return -20 - 5 - i;
+
+#ifdef HAVE_CAVIUM
+        Arc4FreeCavium(&enc);
+        Arc4FreeCavium(&dec);
+#endif
+    }
+
+    return 0;
+}
+#endif
+
+
+int hc128_test(void)
+{
+#ifdef HAVE_HC128
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD",
+        "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC"
+    };
+
+    const char* ivs[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16",
+        "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31"
+    };
+
+
+    testVector a, b, c, d;
+    testVector test_hc128[4];
+
+    int times = sizeof(test_hc128) / sizeof(testVector), i;
+
+    a.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    d.input  = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00";
+    d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29";
+    d.inLen  = 15;
+    d.outLen = 15;
+
+    test_hc128[0] = a;
+    test_hc128[1] = b;
+    test_hc128[2] = c;
+    test_hc128[3] = d;
+
+    for (i = 0; i < times; ++i) {
+        HC128 enc;
+        HC128 dec;
+
+        /* align keys/ivs in plain/cipher buffers */
+        memcpy(plain,  keys[i], 16);
+        memcpy(cipher, ivs[i],  16);
+
+        Hc128_SetKey(&enc, plain, cipher);
+        Hc128_SetKey(&dec, plain, cipher);
+
+        /* align input */
+        memcpy(plain, test_hc128[i].input, test_hc128[i].outLen);
+        Hc128_Process(&enc, cipher, plain,  (word32)test_hc128[i].outLen);
+        Hc128_Process(&dec, plain,  cipher, (word32)test_hc128[i].outLen);
+
+        if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen))
+            return -120 - i;
+
+        if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen))
+            return -120 - 5 - i;
+    }
+
+#endif /* HAVE_HC128 */
+    return 0;
+}
+
+
+#ifndef NO_RABBIT
+int rabbit_test(void)
+{
+    byte cipher[16];
+    byte plain[16];
+
+    const char* keys[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91"
+    };
+
+    const char* ivs[] =
+    {
+        "\x00\x00\x00\x00\x00\x00\x00\x00",
+        "\x59\x7E\x26\xC1\x75\xF5\x73\xC3",
+        0
+    };
+
+    testVector a, b, c;
+    testVector test_rabbit[3];
+
+    int times = sizeof(test_rabbit) / sizeof(testVector), i;
+
+    a.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C";
+    a.inLen  = 8;
+    a.outLen = 8;
+
+    b.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0";
+    b.inLen  = 8;
+    b.outLen = 8;
+
+    c.input  = "\x00\x00\x00\x00\x00\x00\x00\x00";
+    c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77";
+    c.inLen  = 8;
+    c.outLen = 8;
+
+    test_rabbit[0] = a;
+    test_rabbit[1] = b;
+    test_rabbit[2] = c;
+
+    for (i = 0; i < times; ++i) {
+        Rabbit enc;
+        Rabbit dec;
+        byte*  iv;
+
+        /* align keys/ivs in plain/cipher buffers */
+        memcpy(plain,  keys[i], 16);
+        if (ivs[i]) {
+            memcpy(cipher, ivs[i],   8);
+            iv = cipher;
+        } else
+            iv = NULL;
+        RabbitSetKey(&enc, plain, iv);
+        RabbitSetKey(&dec, plain, iv);
+
+        /* align input */
+        memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen);
+        RabbitProcess(&enc, cipher, plain,  (word32)test_rabbit[i].outLen);
+        RabbitProcess(&dec, plain,  cipher, (word32)test_rabbit[i].outLen);
+
+        if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen))
+            return -130 - i;
+
+        if (memcmp(cipher, test_rabbit[i].output, test_rabbit[i].outLen))
+            return -130 - 5 - i;
+    }
+
+    return 0;
+}
+#endif /* NO_RABBIT */
+
+
+#ifndef NO_DES3
+int des_test(void)
+{
+    const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    Des enc;
+    Des dec;
+
+    const byte key[] =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
+    };
+
+    const byte iv[] =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
+    };
+
+    const byte verify[] =
+    {
+        0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
+        0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
+        0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
+    };
+
+    int ret;
+
+    ret = Des_SetKey(&enc, key, iv, DES_ENCRYPTION);
+    if (ret != 0)
+        return -31;
+
+    Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
+    ret = Des_SetKey(&dec, key, iv, DES_DECRYPTION);
+    if (ret != 0)
+        return -32;
+    Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
+
+    if (memcmp(plain, vector, sizeof(plain)))
+        return -33;
+
+    if (memcmp(cipher, verify, sizeof(cipher)))
+        return -34;
+
+    return 0;
+}
+#endif /* NO_DES3 */
+
+
+#ifndef NO_DES3
+int des3_test(void)
+{
+    const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */
+        0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    Des3 enc;
+    Des3 dec;
+
+    const byte key3[] =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+        0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10,
+        0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
+    };
+    const byte iv3[] =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef,
+        0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01,
+        0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81
+
+    };
+
+    const byte verify3[] =
+    {
+        0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e,
+        0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98,
+        0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0
+    };
+
+    int ret;
+
+
+#ifdef HAVE_CAVIUM
+    if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0)
+        return -20005;
+    if (Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0)
+        return -20006;
+#endif
+    ret = Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION);
+    if (ret != 0)
+        return -31;
+    ret = Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION);
+    if (ret != 0)
+        return -32;
+    ret = Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector));
+    if (ret != 0)
+        return -33;
+    ret = Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher));
+    if (ret != 0)
+        return -34;
+
+    if (memcmp(plain, vector, sizeof(plain)))
+        return -35;
+
+    if (memcmp(cipher, verify3, sizeof(cipher)))
+        return -36;
+
+#ifdef HAVE_CAVIUM
+    Des3_FreeCavium(&enc);
+    Des3_FreeCavium(&dec);
+#endif
+    return 0;
+}
+#endif /* NO_DES */
+
+
+#ifndef NO_AES
+int aes_test(void)
+{
+    Aes enc;
+    Aes dec;
+
+    const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    const byte verify[] =
+    {
+        0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
+        0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
+    };
+
+    byte key[] = "0123456789abcdef   ";  /* align */
+    byte iv[]  = "1234567890abcdef   ";  /* align */
+
+    byte cipher[AES_BLOCK_SIZE * 4];
+    byte plain [AES_BLOCK_SIZE * 4];
+    int  ret;
+
+#ifdef HAVE_CAVIUM
+        if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0)
+            return -20003;
+        if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0)
+            return -20004;
+#endif
+    ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION);
+    if (ret != 0)
+        return -1001;
+    ret = AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION);
+    if (ret != 0)
+        return -1002;
+
+    ret = AesCbcEncrypt(&enc, cipher, msg,   AES_BLOCK_SIZE);
+    if (ret != 0)
+        return -1005;
+    ret = AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE);
+    if (ret != 0)
+        return -1006;
+
+    if (memcmp(plain, msg, AES_BLOCK_SIZE))
+        return -60;
+
+    if (memcmp(cipher, verify, AES_BLOCK_SIZE))
+        return -61;
+
+#ifdef HAVE_CAVIUM
+        AesFreeCavium(&enc);
+        AesFreeCavium(&dec);
+#endif
+#ifdef CYASSL_AES_COUNTER
+    {
+        const byte ctrKey[] =
+        {
+            0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6,
+            0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c
+        };
+
+        const byte ctrIv[] =
+        {
+            0xf0,0xf1,0xf2,0xf3,0xf4,0xf5,0xf6,0xf7,
+            0xf8,0xf9,0xfa,0xfb,0xfc,0xfd,0xfe,0xff
+        };
+
+
+        const byte ctrPlain[] =
+        {
+            0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a,
+            0xae,0x2d,0x8a,0x57,0x1e,0x03,0xac,0x9c,
+            0x9e,0xb7,0x6f,0xac,0x45,0xaf,0x8e,0x51,
+            0x30,0xc8,0x1c,0x46,0xa3,0x5c,0xe4,0x11,
+            0xe5,0xfb,0xc1,0x19,0x1a,0x0a,0x52,0xef,
+            0xf6,0x9f,0x24,0x45,0xdf,0x4f,0x9b,0x17,
+            0xad,0x2b,0x41,0x7b,0xe6,0x6c,0x37,0x10
+        };
+
+        const byte ctrCipher[] =
+        {
+            0x87,0x4d,0x61,0x91,0xb6,0x20,0xe3,0x26,
+            0x1b,0xef,0x68,0x64,0x99,0x0d,0xb6,0xce,
+            0x98,0x06,0xf6,0x6b,0x79,0x70,0xfd,0xff,
+            0x86,0x17,0x18,0x7b,0xb9,0xff,0xfd,0xff,
+            0x5a,0xe4,0xdf,0x3e,0xdb,0xd5,0xd3,0x5e,
+            0x5b,0x4f,0x09,0x02,0x0d,0xb0,0x3e,0xab,
+            0x1e,0x03,0x1d,0xda,0x2f,0xbe,0x03,0xd1,
+            0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee
+        };
+
+        const byte oddCipher[] =
+        {
+            0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0,
+            0xc2
+        };
+
+        AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+        /* Ctr only uses encrypt, even on key setup */
+        AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+
+        AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4);
+        AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4);
+
+        if (memcmp(plain, ctrPlain, AES_BLOCK_SIZE*4))
+            return -66;
+
+        if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4))
+            return -67;
+
+        /* let's try with just 9 bytes, non block size test */
+        AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+        /* Ctr only uses encrypt, even on key setup */
+        AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION);
+
+        AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
+        AesCtrEncrypt(&dec, plain, cipher, 9);
+
+        if (memcmp(plain, ctrPlain, 9))
+            return -68;
+
+        if (memcmp(cipher, ctrCipher, 9))
+            return -69;
+
+        /* and an additional 9 bytes to reuse tmp left buffer */
+        AesCtrEncrypt(&enc, cipher, ctrPlain, 9);
+        AesCtrEncrypt(&dec, plain, cipher, 9);
+
+        if (memcmp(plain, ctrPlain, 9))
+            return -70;
+
+        if (memcmp(cipher, oddCipher, 9))
+            return -71;
+    }
+#endif /* CYASSL_AES_COUNTER */
+
+#if defined(CYASSL_AESNI) && defined(CYASSL_AES_DIRECT)
+    {
+        const byte niPlain[] =
+        {
+            0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96,
+            0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a
+        };
+
+        const byte niCipher[] =
+        {
+            0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c,
+            0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8
+        };
+
+        const byte niKey[] =
+        {
+            0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe,
+            0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81,
+            0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7,
+            0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4
+        };
+
+        XMEMSET(cipher, 0, AES_BLOCK_SIZE);
+        ret = AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION);
+        if (ret != 0)
+            return -1003;
+        AesEncryptDirect(&enc, cipher, niPlain);
+        if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0)
+            return -20006;
+
+        XMEMSET(plain, 0, AES_BLOCK_SIZE);
+        ret = AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION);
+        if (ret != 0)
+            return -1004;
+        AesDecryptDirect(&dec, plain, niCipher);
+        if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0)
+            return -20007;
+    }
+#endif /* CYASSL_AESNI && CYASSL_AES_DIRECT */
+
+    return 0;
+}
+
+#ifdef HAVE_AESGCM
+int aesgcm_test(void)
+{
+    Aes enc;
+
+    /*
+     * This is Test Case 16 from the document Galois/
+     * Counter Mode of Operation (GCM) by McGrew and
+     * Viega.
+     */
+    const byte k[] =
+    {
+        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08,
+        0xfe, 0xff, 0xe9, 0x92, 0x86, 0x65, 0x73, 0x1c,
+        0x6d, 0x6a, 0x8f, 0x94, 0x67, 0x30, 0x83, 0x08
+    };
+
+    const byte iv[] =
+    {
+        0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad,
+        0xde, 0xca, 0xf8, 0x88
+    };
+
+    const byte p[] =
+    {
+        0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5,
+        0xa5, 0x59, 0x09, 0xc5, 0xaf, 0xf5, 0x26, 0x9a,
+        0x86, 0xa7, 0xa9, 0x53, 0x15, 0x34, 0xf7, 0xda,
+        0x2e, 0x4c, 0x30, 0x3d, 0x8a, 0x31, 0x8a, 0x72,
+        0x1c, 0x3c, 0x0c, 0x95, 0x95, 0x68, 0x09, 0x53,
+        0x2f, 0xcf, 0x0e, 0x24, 0x49, 0xa6, 0xb5, 0x25,
+        0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57,
+        0xba, 0x63, 0x7b, 0x39
+    };
+
+    const byte a[] =
+    {
+        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+        0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef,
+        0xab, 0xad, 0xda, 0xd2
+    };
+
+    const byte c[] =
+    {
+        0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07,
+        0xf4, 0x7f, 0x37, 0xa3, 0x2a, 0x84, 0x42, 0x7d,
+        0x64, 0x3a, 0x8c, 0xdc, 0xbf, 0xe5, 0xc0, 0xc9,
+        0x75, 0x98, 0xa2, 0xbd, 0x25, 0x55, 0xd1, 0xaa,
+        0x8c, 0xb0, 0x8e, 0x48, 0x59, 0x0d, 0xbb, 0x3d,
+        0xa7, 0xb0, 0x8b, 0x10, 0x56, 0x82, 0x88, 0x38,
+        0xc5, 0xf6, 0x1e, 0x63, 0x93, 0xba, 0x7a, 0x0a,
+        0xbc, 0xc9, 0xf6, 0x62
+    };
+
+    const byte t[] =
+    {
+        0x76, 0xfc, 0x6e, 0xce, 0x0f, 0x4e, 0x17, 0x68,
+        0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b
+    };
+
+    byte t2[sizeof(t)];
+    byte p2[sizeof(c)];
+    byte c2[sizeof(p)];
+
+    int result;
+
+    memset(t2, 0, sizeof(t2));
+    memset(c2, 0, sizeof(c2));
+    memset(p2, 0, sizeof(p2));
+
+    AesGcmSetKey(&enc, k, sizeof(k));
+    /* AES-GCM encrypt and decrypt both use AES encrypt internally */
+    AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (memcmp(c, c2, sizeof(c2)))
+        return -68;
+    if (memcmp(t, t2, sizeof(t2)))
+        return -69;
+
+    result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result != 0)
+        return -70;
+    if (memcmp(p, p2, sizeof(p2)))
+        return -71;
+
+    return 0;
+}
+
+int gmac_test(void)
+{
+    Gmac gmac;
+
+    const byte k1[] =
+    {
+        0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01,
+        0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8
+    };
+    const byte iv1[] =
+    {
+        0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94,
+        0xe2, 0x8c, 0x8f, 0x16
+    };
+    const byte a1[] =
+    {
+       0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9,
+       0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77
+    };
+    const byte t1[] =
+    {
+        0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43,
+        0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b
+    };
+
+    const byte k2[] =
+    {
+        0x40, 0xf7, 0xec, 0xb2, 0x52, 0x6d, 0xaa, 0xd4,
+        0x74, 0x25, 0x1d, 0xf4, 0x88, 0x9e, 0xf6, 0x5b
+    };
+    const byte iv2[] =
+    {
+        0xee, 0x9c, 0x6e, 0x06, 0x15, 0x45, 0x45, 0x03,
+        0x1a, 0x60, 0x24, 0xa7
+    };
+    const byte a2[] =
+    {
+        0x94, 0x81, 0x2c, 0x87, 0x07, 0x4e, 0x15, 0x18,
+        0x34, 0xb8, 0x35, 0xaf, 0x1c, 0xa5, 0x7e, 0x56
+    };
+    const byte t2[] =
+    {
+        0xc6, 0x81, 0x79, 0x8e, 0x3d, 0xda, 0xb0, 0x9f,
+        0x8d, 0x83, 0xb0, 0xbb, 0x14, 0xb6, 0x91
+    };
+
+    const byte k3[] =
+    {
+        0xb8, 0xe4, 0x9a, 0x5e, 0x37, 0xf9, 0x98, 0x2b,
+        0xb9, 0x6d, 0xd0, 0xc9, 0xb6, 0xab, 0x26, 0xac
+    };
+    const byte iv3[] =
+    {
+        0xe4, 0x4a, 0x42, 0x18, 0x8c, 0xae, 0x94, 0x92,
+        0x6a, 0x9c, 0x26, 0xb0
+    };
+    const byte a3[] =
+    {
+        0x9d, 0xb9, 0x61, 0x68, 0xa6, 0x76, 0x7a, 0x31,
+        0xf8, 0x29, 0xe4, 0x72, 0x61, 0x68, 0x3f, 0x8a
+    };
+    const byte t3[] =
+    {
+        0x23, 0xe2, 0x9f, 0x66, 0xe4, 0xc6, 0x52, 0x48
+    };
+
+    byte tag[16];
+
+    memset(tag, 0, sizeof(tag));
+    GmacSetKey(&gmac, k1, sizeof(k1));
+    GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1));
+    if (memcmp(t1, tag, sizeof(t1)) != 0)
+        return -126;
+
+    memset(tag, 0, sizeof(tag));
+    GmacSetKey(&gmac, k2, sizeof(k2));
+    GmacUpdate(&gmac, iv2, sizeof(iv2), a2, sizeof(a2), tag, sizeof(t2));
+    if (memcmp(t2, tag, sizeof(t2)) != 0)
+        return -127;
+
+    memset(tag, 0, sizeof(tag));
+    GmacSetKey(&gmac, k3, sizeof(k3));
+    GmacUpdate(&gmac, iv3, sizeof(iv3), a3, sizeof(a3), tag, sizeof(t3));
+    if (memcmp(t3, tag, sizeof(t3)) != 0)
+        return -128;
+
+    return 0;
+}
+#endif /* HAVE_AESGCM */
+
+#ifdef HAVE_AESCCM
+int aesccm_test(void)
+{
+    Aes enc;
+
+    /* key */
+    const byte k[] =
+    {
+        0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7,
+        0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf
+    };
+
+    /* nonce */
+    const byte iv[] =
+    {
+        0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0,
+        0xa1, 0xa2, 0xa3, 0xa4, 0xa5
+    };
+
+    /* plaintext */
+    const byte p[] =
+    {
+        0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f,
+        0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17,
+        0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e
+    };
+
+    const byte a[] =
+    {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07
+    };
+
+    const byte c[] =
+    {
+        0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2,
+        0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80,
+        0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84
+    };
+
+    const byte t[] =
+    {
+        0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0
+    };
+
+    byte t2[sizeof(t)];
+    byte p2[sizeof(p)];
+    byte c2[sizeof(c)];
+
+    int result;
+
+    memset(t2, 0, sizeof(t2));
+    memset(c2, 0, sizeof(c2));
+    memset(p2, 0, sizeof(p2));
+
+    AesCcmSetKey(&enc, k, sizeof(k));
+    /* AES-CCM encrypt and decrypt both use AES encrypt internally */
+    AesCcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (memcmp(c, c2, sizeof(c2)))
+        return -107;
+    if (memcmp(t, t2, sizeof(t2)))
+        return -108;
+
+    result = AesCcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result != 0)
+        return -109;
+    if (memcmp(p, p2, sizeof(p2)))
+        return -110;
+
+    /* Test the authentication failure */
+    t2[0]++; /* Corrupt the authentication tag. */
+    result = AesCcmDecrypt(&enc, p2, c, sizeof(p2), iv, sizeof(iv),
+                                                 t2, sizeof(t2), a, sizeof(a));
+    if (result == 0)
+        return -111;
+
+    /* Clear c2 to compare against p2. p2 should be set to zero in case of
+     * authentication fail. */
+    memset(c2, 0, sizeof(c2));
+    if (memcmp(p2, c2, sizeof(p2)))
+        return -112;
+
+    return 0;
+}
+#endif /* HAVE_AESCCM */
+
+
+#endif /* NO_AES */
+
+
+#ifdef HAVE_CAMELLIA
+
+enum {
+    CAM_ECB_ENC, CAM_ECB_DEC, CAM_CBC_ENC, CAM_CBC_DEC
+};
+
+typedef struct {
+    int type;
+    const byte* plaintext;
+    const byte* iv;
+    const byte* ciphertext;
+    const byte* key;
+    word32 keySz;
+    int errorCode;
+} test_vector_t;
+
+int camellia_test(void)
+{
+    /* Camellia ECB Test Plaintext */
+    static const byte pte[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+
+    /* Camellia ECB Test Initialization Vector */
+    static const byte ive[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0};
+
+    /* Test 1: Camellia ECB 128-bit key */
+    static const byte k1[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10
+    };
+    static const byte c1[] =
+    {
+        0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73,
+        0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43
+    };
+
+    /* Test 2: Camellia ECB 192-bit key */
+    static const byte k2[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+        0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77
+    };
+    static const byte c2[] =
+    {
+        0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8,
+        0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9
+    };
+
+    /* Test 3: Camellia ECB 256-bit key */
+    static const byte k3[] =
+    {
+        0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef,
+        0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10,
+        0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77,
+        0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff
+    };
+    static const byte c3[] =
+    {
+        0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c,
+        0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09
+    };
+
+    /* Camellia CBC Test Plaintext */
+    static const byte ptc[] =
+    {
+        0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96,
+        0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A
+    };
+
+    /* Camellia CBC Test Initialization Vector */
+    static const byte ivc[] =
+    {
+        0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+        0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F
+    };
+
+    /* Test 4: Camellia-CBC 128-bit key */
+    static const byte k4[] =
+    {
+        0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6,
+        0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C
+    };
+    static const byte c4[] =
+    {
+        0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0,
+        0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB
+    };
+
+    /* Test 5: Camellia-CBC 192-bit key */
+    static const byte k5[] =
+    {
+        0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52,
+        0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5,
+        0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B
+    };
+    static const byte c5[] =
+    {
+        0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2,
+        0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93
+    };
+
+    /* Test 6: CBC 256-bit key */
+    static const byte k6[] =
+    {
+        0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE,
+        0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81,
+        0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7,
+        0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4
+    };
+    static const byte c6[] =
+    {
+        0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A,
+        0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA
+    };
+
+    byte out[CAMELLIA_BLOCK_SIZE];
+    Camellia cam;
+    int i, testsSz;
+    const test_vector_t testVectors[] =
+    {
+        {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114},
+        {CAM_ECB_ENC, pte, ive, c2, k2, sizeof(k2), -115},
+        {CAM_ECB_ENC, pte, ive, c3, k3, sizeof(k3), -116},
+        {CAM_ECB_DEC, pte, ive, c1, k1, sizeof(k1), -117},
+        {CAM_ECB_DEC, pte, ive, c2, k2, sizeof(k2), -118},
+        {CAM_ECB_DEC, pte, ive, c3, k3, sizeof(k3), -119},
+        {CAM_CBC_ENC, ptc, ivc, c4, k4, sizeof(k4), -120},
+        {CAM_CBC_ENC, ptc, ivc, c5, k5, sizeof(k5), -121},
+        {CAM_CBC_ENC, ptc, ivc, c6, k6, sizeof(k6), -122},
+        {CAM_CBC_DEC, ptc, ivc, c4, k4, sizeof(k4), -123},
+        {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124},
+        {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125}
+    };
+
+    testsSz = sizeof(testVectors)/sizeof(test_vector_t);
+    for (i = 0; i < testsSz; i++) {
+        if (CamelliaSetKey(&cam, testVectors[i].key, testVectors[i].keySz,
+                                                        testVectors[i].iv) != 0)
+            return testVectors[i].errorCode;
+
+        switch (testVectors[i].type) {
+            case CAM_ECB_ENC:
+                CamelliaEncryptDirect(&cam, out, testVectors[i].plaintext);
+                if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_ECB_DEC:
+                CamelliaDecryptDirect(&cam, out, testVectors[i].ciphertext);
+                if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_CBC_ENC:
+                CamelliaCbcEncrypt(&cam, out, testVectors[i].plaintext,
+                                                           CAMELLIA_BLOCK_SIZE);
+                if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            case CAM_CBC_DEC:
+                CamelliaCbcDecrypt(&cam, out, testVectors[i].ciphertext,
+                                                           CAMELLIA_BLOCK_SIZE);
+                if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE))
+                    return testVectors[i].errorCode;
+                break;
+            default:
+                break;
+        }
+    }
+
+    /* Setting the IV and checking it was actually set. */
+    CamelliaSetIV(&cam, ivc);
+    if (XMEMCMP(cam.reg, ivc, CAMELLIA_BLOCK_SIZE))
+        return -1;
+
+    /* Setting the IV to NULL should be same as all zeros IV */
+    if (CamelliaSetIV(&cam, NULL) != 0 ||
+                                    XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE))
+        return -1;
+
+    /* First parameter should never be null */
+    if (CamelliaSetIV(NULL, NULL) == 0)
+        return -1;
+
+    /* First parameter should never be null, check it fails */
+    if (CamelliaSetKey(NULL, k1, sizeof(k1), NULL) == 0)
+        return -1;
+
+    /* Key should have a size of 16, 24, or 32 */
+    if (CamelliaSetKey(&cam, k1, 0, NULL) == 0)
+        return -1;
+
+    return 0;
+}
+#endif /* HAVE_CAMELLIA */
+
+
+int random_test(void)
+{
+    RNG  rng;
+    byte block[32];
+    int ret;
+
+#ifdef HAVE_CAVIUM
+    ret = InitRngCavium(&rng, CAVIUM_DEV_ID);
+    if (ret != 0) return -2007;
+#endif
+    ret = InitRng(&rng);
+    if (ret != 0) return -39;
+
+    ret = RNG_GenerateBlock(&rng, block, sizeof(block));
+    if (ret != 0) return -40;
+
+    return 0;
+}
+
+
+#ifdef HAVE_NTRU
+
+byte GetEntropy(ENTROPY_CMD cmd, byte* out);
+
+byte GetEntropy(ENTROPY_CMD cmd, byte* out)
+{
+    static RNG rng;
+
+    if (cmd == INIT)
+        return (InitRng(&rng) == 0) ? 1 : 0;
+
+    if (out == NULL)
+        return 0;
+
+    if (cmd == GET_BYTE_OF_ENTROPY)
+        return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0;
+
+    if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) {
+        *out = 1;
+        return 1;
+    }
+
+    return 0;
+}
+
+#endif /* HAVE_NTRU */
+
+#ifndef NO_RSA
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* clientKey  = "a:\\certs\\client-key.der";
+        static const char* clientCert = "a:\\certs\\client-cert.der";
+        #ifdef CYASSL_CERT_GEN
+            static const char* caKeyFile  = "a:\\certs\\ca-key.der";
+            static const char* caCertFile = "a:\\certs\\ca-cert.pem";
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "a:\\certs\\ecc-key.der";
+                static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem";
+            #endif
+        #endif
+    #elif defined(CYASSL_MKD_SHELL)
+        static char* clientKey = "certs/client-key.der";
+        static char* clientCert = "certs/client-cert.der";
+        void set_clientKey(char *key) {  clientKey = key ; }
+        void set_clientCert(char *cert) {  clientCert = cert ; }
+        #ifdef CYASSL_CERT_GEN
+            static char* caKeyFile  = "certs/ca-key.der";
+            static char* caCertFile = "certs/ca-cert.pem";
+            void set_caKeyFile (char * key)  { caKeyFile   = key ; }
+            void set_caCertFile(char * cert) { caCertFile = cert ; }
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "certs/ecc-key.der";
+                static const char* eccCaCertFile = "certs/server-ecc.pem";
+                void set_eccCaKeyFile (char * key)  { eccCaKeyFile  = key ; }
+                void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; }
+            #endif
+        #endif
+    #else
+        static const char* clientKey  = "./certs/client-key.der";
+        static const char* clientCert = "./certs/client-cert.der";
+        #ifdef CYASSL_CERT_GEN
+            static const char* caKeyFile  = "./certs/ca-key.der";
+            static const char* caCertFile = "./certs/ca-cert.pem";
+            #ifdef HAVE_ECC
+                static const char* eccCaKeyFile  = "./certs/ecc-key.der";
+                static const char* eccCaCertFile = "./certs/server-ecc.pem";
+            #endif
+        #endif
+    #endif
+#endif
+
+
+
+#define FOURK_BUF 4096
+
+int rsa_test(void)
+{
+    byte*   tmp;
+    size_t bytes;
+    RsaKey key;
+    RNG    rng;
+    word32 idx = 0;
+    int    ret;
+    byte   in[] = "Everyone gets Friday off.";
+    word32 inLen = (word32)strlen((char*)in);
+    byte   out[256];
+    byte   plain[256];
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    FILE*  file, * file2;
+#endif
+#ifdef CYASSL_TEST_CERT
+    DecodedCert cert;
+#endif
+
+    tmp = (byte*)malloc(FOURK_BUF);
+    if (tmp == NULL)
+        return -40;
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024);
+    bytes = sizeof_client_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048);
+    bytes = sizeof_client_key_der_2048;
+#else
+    file = fopen(clientKey, "rb");
+
+    if (!file)
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from CyaSSL home dir", -40);
+
+    bytes = fread(tmp, 1, FOURK_BUF, file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+#ifdef HAVE_CAVIUM
+    RsaInitCavium(&key, CAVIUM_DEV_ID);
+#endif
+    ret = InitRsaKey(&key, 0);
+    if (ret != 0) return -39;
+    ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes);
+    if (ret != 0) return -41;
+
+    ret = InitRng(&rng);
+    if (ret != 0) return -42;
+
+    ret = RsaPublicEncrypt(in, inLen, out, sizeof(out), &key, &rng);
+    if (ret < 0) return -43;
+
+    ret = RsaPrivateDecrypt(out, ret, plain, sizeof(plain), &key);
+    if (ret < 0) return -44;
+
+    if (memcmp(plain, in, inLen)) return -45;
+
+    ret = RsaSSL_Sign(in, inLen, out, sizeof(out), &key, &rng);
+    if (ret < 0) return -46;
+
+    memset(plain, 0, sizeof(plain));
+    ret = RsaSSL_Verify(out, ret, plain, sizeof(plain), &key);
+    if (ret < 0) return -47;
+
+    if (memcmp(plain, in, ret)) return -48;
+
+#if defined(CYASSL_MDK_ARM)
+    #define sizeof(s) strlen((char *)(s))
+#endif
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, client_cert_der_1024, sizeof_client_cert_der_1024);
+    bytes = sizeof_client_cert_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, client_cert_der_2048, sizeof_client_cert_der_2048);
+    bytes = sizeof_client_cert_der_2048;
+#else
+    file2 = fopen(clientCert, "rb");
+    if (!file2)
+        return -49;
+
+    bytes = fread(tmp, 1, FOURK_BUF, file2);
+    fclose(file2);
+#endif
+
+#ifdef sizeof
+		#undef sizeof
+#endif
+
+#ifdef CYASSL_TEST_CERT
+    InitDecodedCert(&cert, tmp, (word32)bytes, 0);
+
+    ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0);
+    if (ret != 0) return -491;
+
+    FreeDecodedCert(&cert);
+#else
+    (void)bytes;
+#endif
+
+
+#ifdef CYASSL_KEY_GEN
+    {
+        byte*  der;
+        byte*  pem;
+        int    derSz = 0;
+        int    pemSz = 0;
+        RsaKey derIn;
+        RsaKey genKey;
+        FILE* keyFile;
+        FILE* pemFile;
+
+        ret = InitRsaKey(&genKey, 0);
+        if (ret != 0)
+            return -300;
+        ret = MakeRsaKey(&genKey, 1024, 65537, &rng);
+        if (ret != 0)
+            return -301;
+
+        der = (byte*)malloc(FOURK_BUF);
+        if (der == NULL) {
+            FreeRsaKey(&genKey);
+            return -307;
+        }
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(der);
+            FreeRsaKey(&genKey);
+            return -308;
+        }
+
+        derSz = RsaKeyToDer(&genKey, der, FOURK_BUF);
+        if (derSz < 0) {
+            free(der);
+            free(pem);
+            return -302;
+        }
+
+        keyFile = fopen("./key.der", "wb");
+        if (!keyFile) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -303;
+        }
+        ret = (int)fwrite(der, 1, derSz, keyFile);
+        fclose(keyFile);
+        if (ret != derSz) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -313;
+        }
+
+        pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE);
+        if (pemSz < 0) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -304;
+        }
+
+        pemFile = fopen("./key.pem", "wb");
+        if (!pemFile) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -305;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -314;
+        }
+
+        ret = InitRsaKey(&derIn, 0);
+        if (ret != 0) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&genKey);
+            return -3060;
+        }
+        idx = 0;
+        ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz);
+        if (ret != 0) {
+            free(der);
+            free(pem);
+            FreeRsaKey(&derIn);
+            FreeRsaKey(&genKey);
+            return -306;
+        }
+
+        FreeRsaKey(&derIn);
+        FreeRsaKey(&genKey);
+        free(pem);
+        free(der);
+    }
+#endif /* CYASSL_KEY_GEN */
+
+
+#ifdef CYASSL_CERT_GEN
+    /* self signed */
+    {
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -309;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -310;
+        }
+
+        InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+        myCert.isCA    = 1;
+        myCert.sigType = CTC_SHA256wRSA;
+
+        certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            return -401;
+        }
+
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -402;
+        }
+        FreeDecodedCert(&decode);
+#endif
+        derFile = fopen("./cert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            return -403;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            return -414;
+        }
+
+        pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            return -404;
+        }
+
+        pemFile = fopen("./cert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            return -405;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            return -406;
+        }
+        free(pem);
+        free(derCert);
+    }
+    /* CA style */
+    {
+        RsaKey      caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+        size_t      bytes3;
+        word32      idx3 = 0;
+			  FILE* file3 ;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -312;
+        }
+
+        file3 = fopen(caKeyFile, "rb");
+
+        if (!file3) {
+            free(derCert);
+            free(pem);
+            return -412;
+        }
+
+        bytes3 = fread(tmp, 1, FOURK_BUF, file3);
+        fclose(file3);
+
+        ret = InitRsaKey(&caKey, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -411;
+        }
+        ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -413;
+        }
+
+        InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+
+        ret = SetIssuer(&myCert, caCertFile);
+        if (ret < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -405;
+        }
+
+        certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -407;
+        }
+
+        certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          &caKey, NULL, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -408;
+        }
+
+
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -409;
+        }
+        FreeDecodedCert(&decode);
+#endif
+
+        derFile = fopen("./othercert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -410;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -416;
+        }
+
+        pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -411;
+        }
+
+        pemFile = fopen("./othercert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -412;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -415;
+        }
+        fclose(pemFile);
+        free(pem);
+        free(derCert);
+        FreeRsaKey(&caKey);
+    }
+#ifdef HAVE_ECC
+    /* ECC CA style */
+    {
+        ecc_key     caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        int         certSz;
+        int         pemSz;
+        size_t      bytes3;
+        word32      idx3 = 0;
+        FILE*       file3;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
+
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -5311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -5312;
+        }
+
+        file3 = fopen(eccCaKeyFile, "rb");
+
+        if (!file3) {
+            free(derCert);
+            free(pem);
+            return -5412;
+        }
+
+        bytes3 = fread(tmp, 1, FOURK_BUF, file3);
+        fclose(file3);
+
+        ecc_init(&caKey);
+        ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -5413;
+        }
+
+        InitCert(&myCert);
+        myCert.sigType = CTC_SHA256wECDSA;
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE);
+
+        ret = SetIssuer(&myCert, eccCaCertFile);
+        if (ret < 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5405;
+        }
+
+        certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng);
+        if (certSz < 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5407;
+        }
+
+        certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          NULL, &caKey, &rng);
+        if (certSz < 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5408;
+        }
+
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5409;
+        }
+        FreeDecodedCert(&decode);
+#endif
+
+        derFile = fopen("./certecc.der", "wb");
+        if (!derFile) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5410;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5414;
+        }
+
+        pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5411;
+        }
+
+        pemFile = fopen("./certecc.pem", "wb");
+        if (!pemFile) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5412;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        if (ret != pemSz) {
+            free(pem);
+            free(derCert);
+            ecc_free(&caKey);
+            return -5415;
+        }
+        fclose(pemFile);
+        free(pem);
+        free(derCert);
+        ecc_free(&caKey);
+    }
+#endif /* HAVE_ECC */
+#ifdef HAVE_NTRU
+    {
+        RsaKey      caKey;
+        Cert        myCert;
+        byte*       derCert;
+        byte*       pem;
+        FILE*       derFile;
+        FILE*       pemFile;
+        FILE*       caFile;
+        FILE*       ntruPrivFile;
+        int         certSz;
+        int         pemSz;
+        word32      idx3;
+#ifdef CYASSL_TEST_CERT
+        DecodedCert decode;
+#endif
+        derCert = (byte*)malloc(FOURK_BUF);
+        if (derCert == NULL)
+            return -311;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(derCert);
+            return -312;
+        }
+
+        byte   public_key[557];          /* sized for EES401EP2 */
+        word16 public_key_len;           /* no. of octets in public key */
+        byte   private_key[607];         /* sized for EES401EP2 */
+        word16 private_key_len;          /* no. of octets in private key */
+        DRBG_HANDLE drbg;
+        static uint8_t const pers_str[] = {
+                'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't'
+        };
+        word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str),
+                                            GetEntropy, &drbg);
+        if (rc != DRBG_OK) {
+            free(derCert);
+            free(pem);
+            return -450;
+        }
+
+        rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
+                                        NULL, &private_key_len, NULL);
+        if (rc != NTRU_OK) {
+            free(derCert);
+            free(pem);
+            return -451;
+        }
+
+        rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len,
+                                     public_key, &private_key_len, private_key);
+        crypto_drbg_uninstantiate(drbg);
+
+        if (rc != NTRU_OK) {
+            free(derCert);
+            free(pem);
+            return -452;
+        }
+
+        caFile = fopen(caKeyFile, "rb");
+
+        if (!caFile) {
+            free(derCert);
+            free(pem);
+            return -453;
+        }
+
+        bytes = fread(tmp, 1, FOURK_BUF, caFile);
+        fclose(caFile);
+
+        ret = InitRsaKey(&caKey, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -459;
+        }
+        ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -454;
+        }
+
+        InitCert(&myCert);
+
+        strncpy(myCert.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(myCert.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(myCert.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+
+        ret = SetIssuer(&myCert, caCertFile);
+        if (ret < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -455;
+        }
+
+        certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key,
+                              public_key_len, &rng);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            FreeRsaKey(&caKey);
+            return -456;
+        }
+
+        certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF,
+                          &caKey, NULL, &rng);
+        FreeRsaKey(&caKey);
+        if (certSz < 0) {
+            free(derCert);
+            free(pem);
+            return -457;
+        }
+
+
+#ifdef CYASSL_TEST_CERT
+        InitDecodedCert(&decode, derCert, certSz, 0);
+        ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0);
+        if (ret != 0) {
+            free(derCert);
+            free(pem);
+            return -458;
+        }
+        FreeDecodedCert(&decode);
+#endif
+        derFile = fopen("./ntru-cert.der", "wb");
+        if (!derFile) {
+            free(derCert);
+            free(pem);
+            return -459;
+        }
+        ret = (int)fwrite(derCert, 1, certSz, derFile);
+        fclose(derFile);
+        if (ret != certSz) {
+            free(derCert);
+            free(pem);
+            return -473;
+        }
+
+        pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE);
+        if (pemSz < 0) {
+            free(derCert);
+            free(pem);
+            return -460;
+        }
+
+        pemFile = fopen("./ntru-cert.pem", "wb");
+        if (!pemFile) {
+            free(derCert);
+            free(pem);
+            return -461;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, pemFile);
+        fclose(pemFile);
+        if (ret != pemSz) {
+            free(derCert);
+            free(pem);
+            return -474;
+        }
+
+        ntruPrivFile = fopen("./ntru-key.raw", "wb");
+        if (!ntruPrivFile) {
+            free(derCert);
+            free(pem);
+            return -462;
+        }
+        ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile);
+        fclose(ntruPrivFile);
+        if (ret != private_key_len) {
+            free(pem);
+            free(derCert);
+            return -475;
+        }
+        free(pem);
+        free(derCert);
+    }
+#endif /* HAVE_NTRU */
+#ifdef CYASSL_CERT_REQ
+    {
+        Cert        req;
+        byte*       der;
+        byte*       pem;
+        int         derSz;
+        int         pemSz;
+        FILE*       reqFile;
+
+        der = (byte*)malloc(FOURK_BUF);
+        if (der == NULL)
+            return -463;
+        pem = (byte*)malloc(FOURK_BUF);
+        if (pem == NULL) {
+            free(der);
+            return -464;
+        }
+
+        InitCert(&req);
+
+        req.version = 0;
+        req.isCA    = 1;
+        strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE);
+        strncpy(req.subject.country, "US", CTC_NAME_SIZE);
+        strncpy(req.subject.state, "OR", CTC_NAME_SIZE);
+        strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE);
+        strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE);
+        strncpy(req.subject.unit, "Development", CTC_NAME_SIZE);
+        strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE);
+        strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE);
+        req.sigType = CTC_SHA256wRSA;
+
+        derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL);
+        if (derSz < 0) {
+            free(pem);
+            free(der);
+            return -465;
+        }
+
+        derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF,
+                          &key, NULL, &rng);
+        if (derSz < 0) {
+            free(pem);
+            free(der);
+            return -466;
+        }
+
+        pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE);
+        if (pemSz < 0) {
+            free(pem);
+            free(der);
+            return -467;
+        }
+
+        reqFile = fopen("./certreq.der", "wb");
+        if (!reqFile) {
+            free(pem);
+            free(der);
+            return -468;
+        }
+
+        ret = (int)fwrite(der, 1, derSz, reqFile);
+        fclose(reqFile);
+        if (ret != derSz) {
+            free(pem);
+            free(der);
+            return -471;
+        }
+
+        reqFile = fopen("./certreq.pem", "wb");
+        if (!reqFile) {
+            free(pem);
+            free(der);
+            return -469;
+        }
+        ret = (int)fwrite(pem, 1, pemSz, reqFile);
+        fclose(reqFile);
+        if (ret != pemSz) {
+            free(pem);
+            free(der);
+            return -470;
+        }
+
+        free(pem);
+        free(der);
+    }
+#endif /* CYASSL_CERT_REQ */
+#endif /* CYASSL_CERT_GEN */
+
+    FreeRsaKey(&key);
+#ifdef HAVE_CAVIUM
+    RsaFreeCavium(&key);
+#endif
+    free(tmp);
+
+    return 0;
+}
+
+#endif
+
+
+#ifndef NO_DH
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* dhKey = "a:\certs\\dh2048.der";
+    #else
+        static const char* dhKey = "./certs/dh2048.der";
+    #endif
+#endif
+
+int dh_test(void)
+{
+    int    ret;
+    word32 bytes;
+    word32 idx = 0, privSz, pubSz, privSz2, pubSz2, agreeSz, agreeSz2;
+    byte   tmp[1024];
+    byte   priv[256];
+    byte   pub[256];
+    byte   priv2[256];
+    byte   pub2[256];
+    byte   agree[256];
+    byte   agree2[256];
+    DhKey  key;
+    DhKey  key2;
+    RNG    rng;
+
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024);
+    bytes = sizeof_dh_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048);
+    bytes = sizeof_dh_key_der_2048;
+#else
+    FILE*  file = fopen(dhKey, "rb");
+
+    if (!file)
+        return -50;
+
+    bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+    InitDhKey(&key);
+    InitDhKey(&key2);
+    ret = DhKeyDecode(tmp, &idx, &key, bytes);
+    if (ret != 0)
+        return -51;
+
+    idx = 0;
+    ret = DhKeyDecode(tmp, &idx, &key2, bytes);
+    if (ret != 0)
+        return -52;
+
+    ret = InitRng(&rng);
+    if (ret != 0)
+        return -53;
+
+    ret =  DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz);
+    ret += DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2);
+    if (ret != 0)
+        return -54;
+
+    ret =  DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2);
+    ret += DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz);
+    if (ret != 0)
+        return -55;
+
+    if (memcmp(agree, agree2, agreeSz))
+        return -56;
+
+    FreeDhKey(&key);
+    FreeDhKey(&key2);
+
+    return 0;
+}
+
+#endif /* NO_DH */
+
+
+#ifndef NO_DSA
+
+#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048)
+    #ifdef FREESCALE_MQX
+        static const char* dsaKey = "a:\\certs\\dsa2048.der";
+    #else
+        static const char* dsaKey = "./certs/dsa2048.der";
+    #endif
+#endif
+
+int dsa_test(void)
+{
+    int    ret, answer;
+    word32 bytes;
+    word32 idx = 0;
+    byte   tmp[1024];
+    DsaKey key;
+    RNG    rng;
+    Sha    sha;
+    byte   hash[SHA_DIGEST_SIZE];
+    byte   signature[40];
+
+
+#ifdef USE_CERT_BUFFERS_1024
+    XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024);
+    bytes = sizeof_dsa_key_der_1024;
+#elif defined(USE_CERT_BUFFERS_2048)
+    XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048);
+    bytes = sizeof_dsa_key_der_2048;
+#else
+    FILE*  file = fopen(dsaKey, "rb");
+
+    if (!file)
+        return -60;
+
+    bytes = (word32) fread(tmp, 1, sizeof(tmp), file);
+    fclose(file);
+#endif /* USE_CERT_BUFFERS */
+
+    ret = InitSha(&sha);
+    if (ret != 0)
+        return -4002;
+    ShaUpdate(&sha, tmp, bytes);
+    ShaFinal(&sha, hash);
+
+    InitDsaKey(&key);
+    ret = DsaPrivateKeyDecode(tmp, &idx, &key, bytes);
+    if (ret != 0) return -61;
+
+    ret = InitRng(&rng);
+    if (ret != 0) return -62;
+
+    ret = DsaSign(hash, signature, &key, &rng);
+    if (ret != 0) return -63;
+
+    ret = DsaVerify(hash, signature, &key, &answer);
+    if (ret != 0) return -64;
+    if (answer != 1) return -65;
+
+    FreeDsaKey(&key);
+
+    return 0;
+}
+
+#endif /* NO_DSA */
+
+
+#ifdef OPENSSL_EXTRA
+
+int openssl_test(void)
+{
+    EVP_MD_CTX md_ctx;
+    testVector a, b, c, d, e, f;
+    byte       hash[SHA_DIGEST_SIZE*4];  /* max size */
+
+    (void)e;
+    (void)f;
+
+    a.input  = "1234567890123456789012345678901234567890123456789012345678"
+               "9012345678901234567890";
+    a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6"
+               "\x7a";
+    a.inLen  = strlen(a.input);
+    a.outLen = MD5_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_md5());
+
+    EVP_DigestUpdate(&md_ctx, a.input, a.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0)
+        return -71;
+
+    b.input  = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
+               "aaaaaaaaaa";
+    b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7"
+               "\x53\x99\x5E\x26\xA0";
+    b.inLen  = strlen(b.input);
+    b.outLen = SHA_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha1());
+
+    EVP_DigestUpdate(&md_ctx, b.input, b.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0)
+        return -72;
+
+
+    d.input  = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
+    d.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60"
+               "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB"
+               "\x06\xC1";
+    d.inLen  = strlen(d.input);
+    d.outLen = SHA256_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha256());
+
+    EVP_DigestUpdate(&md_ctx, d.input, d.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0)
+        return -78;
+
+#ifdef CYASSL_SHA384
+
+    e.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b"
+               "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0"
+               "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91"
+               "\x74\x60\x39";
+    e.inLen  = strlen(e.input);
+    e.outLen = SHA384_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha384());
+
+    EVP_DigestUpdate(&md_ctx, e.input, e.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, e.output, SHA384_DIGEST_SIZE) != 0)
+        return -79;
+
+#endif /* CYASSL_SHA384 */
+
+
+#ifdef CYASSL_SHA512
+
+    f.input  = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi"
+               "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu";
+    f.output = "\x8e\x95\x9b\x75\xda\xe3\x13\xda\x8c\xf4\xf7\x28\x14\xfc\x14"
+               "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88"
+               "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4"
+               "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b"
+               "\x87\x4b\xe9\x09";
+    f.inLen  = strlen(f.input);
+    f.outLen = SHA512_DIGEST_SIZE;
+
+    EVP_MD_CTX_init(&md_ctx);
+    EVP_DigestInit(&md_ctx, EVP_sha512());
+
+    EVP_DigestUpdate(&md_ctx, f.input, f.inLen);
+    EVP_DigestFinal(&md_ctx, hash, 0);
+
+    if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0)
+        return -80;
+
+#endif /* CYASSL_SHA512 */
+
+
+    if (RAND_bytes(hash, sizeof(hash)) != 1)
+        return -73;
+
+    c.input  = "what do ya want for nothing?";
+    c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7"
+               "\x38";
+    c.inLen  = strlen(c.input);
+    c.outLen = MD5_DIGEST_SIZE;
+
+    HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0);
+
+    if (memcmp(hash, c.output, MD5_DIGEST_SIZE) != 0)
+        return -74;
+
+    { /* des test */
+    const byte vector[] = { /* "now is the time for all " w/o trailing 0 */
+        0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+        0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+        0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+    };
+
+    byte plain[24];
+    byte cipher[24];
+
+    const_DES_cblock key =
+    {
+        0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef
+    };
+
+    DES_cblock iv =
+    {
+        0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef
+    };
+
+    DES_key_schedule sched;
+
+    const byte verify[] =
+    {
+        0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8,
+        0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73,
+        0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b
+    };
+
+    DES_key_sched(&key, &sched);
+
+    DES_cbc_encrypt(vector, cipher, sizeof(vector), &sched, &iv, DES_ENCRYPT);
+    DES_cbc_encrypt(cipher, plain, sizeof(vector), &sched, &iv, DES_DECRYPT);
+
+    if (memcmp(plain, vector, sizeof(vector)) != 0)
+        return -75;
+
+    if (memcmp(cipher, verify, sizeof(verify)) != 0)
+        return -76;
+
+        /* test changing iv */
+    DES_ncbc_encrypt(vector, cipher, 8, &sched, &iv, DES_ENCRYPT);
+    DES_ncbc_encrypt(vector + 8, cipher + 8, 16, &sched, &iv, DES_ENCRYPT);
+
+    if (memcmp(cipher, verify, sizeof(verify)) != 0)
+        return -77;
+
+    }  /* end des test */
+
+    {  /* evp_cipher test */
+        EVP_CIPHER_CTX ctx;
+
+
+        const byte msg[] = { /* "Now is the time for all " w/o trailing 0 */
+            0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74,
+            0x68,0x65,0x20,0x74,0x69,0x6d,0x65,0x20,
+            0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20
+        };
+
+        const byte verify[] =
+        {
+            0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53,
+            0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb
+        };
+
+        byte key[] = "0123456789abcdef   ";  /* align */
+        byte iv[]  = "1234567890abcdef   ";  /* align */
+
+        byte cipher[AES_BLOCK_SIZE * 4];
+        byte plain [AES_BLOCK_SIZE * 4];
+
+        EVP_CIPHER_CTX_init(&ctx);
+        if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 1) == 0)
+            return -81;
+
+        if (EVP_Cipher(&ctx, cipher, (byte*)msg, 16) == 0)
+            return -82;
+
+        if (memcmp(cipher, verify, AES_BLOCK_SIZE))
+            return -83;
+
+        EVP_CIPHER_CTX_init(&ctx);
+        if (EVP_CipherInit(&ctx, EVP_aes_128_cbc(), key, iv, 0) == 0)
+            return -84;
+
+        if (EVP_Cipher(&ctx, plain, cipher, 16) == 0)
+            return -85;
+
+        if (memcmp(plain, msg, AES_BLOCK_SIZE))
+            return -86;
+
+
+    }  /* end evp_cipher test */
+
+    return 0;
+}
+
+#endif /* OPENSSL_EXTRA */
+
+
+#ifndef NO_PWDBASED
+
+int pkcs12_test(void)
+{
+    const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67,
+                            0x00, 0x00 };
+    const byte salt[] =   { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f };
+
+    const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65,
+                             0x00, 0x67, 0x00, 0x00 };
+    const byte salt2[] =   { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 };
+    byte  derived[64];
+
+    const byte verify[] = {
+        0x8A, 0xAA, 0xE6, 0x29, 0x7B, 0x6C, 0xB0, 0x46,
+        0x42, 0xAB, 0x5B, 0x07, 0x78, 0x51, 0x28, 0x4E,
+        0xB7, 0x12, 0x8F, 0x1A, 0x2A, 0x7F, 0xBC, 0xA3
+    };
+
+    const byte verify2[] = {
+        0x48, 0x3D, 0xD6, 0xE9, 0x19, 0xD7, 0xDE, 0x2E,
+        0x8E, 0x64, 0x8B, 0xA8, 0xF8, 0x62, 0xF3, 0xFB,
+        0xFB, 0xDC, 0x2B, 0xCB, 0x2C, 0x02, 0x95, 0x7F
+    };
+
+    int id         =  1;
+    int kLen       = 24;
+    int iterations =  1;
+    int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations,
+                           kLen, SHA, id);
+
+    if (ret < 0)
+        return -103;
+
+    if ( (ret = memcmp(derived, verify, kLen)) != 0)
+        return -104;
+
+    iterations = 1000;
+    ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations,
+                       kLen, SHA, id);
+    if (ret < 0)
+        return -105;
+
+    if ( (ret = memcmp(derived, verify2, 24)) != 0)
+        return -106;
+
+    return 0;
+}
+
+
+int pbkdf2_test(void)
+{
+    char passwd[] = "password";
+    const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
+    int   iterations = 2048;
+    int   kLen = 24;
+    byte  derived[64];
+
+    const byte verify[] = {
+        0xBF, 0xDE, 0x6B, 0xE9, 0x4D, 0xF7, 0xE1, 0x1D, 0xD4, 0x09, 0xBC, 0xE2,
+        0x0A, 0x02, 0x55, 0xEC, 0x32, 0x7C, 0xB9, 0x36, 0xFF, 0xE9, 0x36, 0x43
+
+    };
+
+    int ret = PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8,
+                                                         iterations, kLen, SHA);
+    if (ret != 0)
+        return ret;
+
+    if (memcmp(derived, verify, sizeof(verify)) != 0)
+        return -102;
+
+    return 0;
+}
+
+
+int pbkdf1_test(void)
+{
+    char passwd[] = "password";
+    const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 };
+    int   iterations = 1000;
+    int   kLen = 16;
+    byte  derived[16];
+
+    const byte verify[] = {
+        0xDC, 0x19, 0x84, 0x7E, 0x05, 0xC6, 0x4D, 0x2F, 0xAF, 0x10, 0xEB, 0xFB,
+        0x4A, 0x3D, 0x2A, 0x20
+    };
+
+    PBKDF1(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations,
+           kLen, SHA);
+
+    if (memcmp(derived, verify, sizeof(verify)) != 0)
+        return -101;
+
+    return 0;
+}
+
+
+int pwdbased_test(void)
+{
+   int ret =  pbkdf1_test();
+   ret += pbkdf2_test();
+
+   return ret + pkcs12_test();
+}
+
+#endif /* NO_PWDBASED */
+
+#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256))
+
+int hkdf_test(void)
+{
+    int ret;
+    int L = 42;
+    byte okm1[42];
+    byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                      0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b,
+                      0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b };
+    byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07,
+                      0x08, 0x09, 0x0a, 0x0b, 0x0c };
+    byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7,
+                      0xf8, 0xf9 };
+    byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61,
+                      0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06,
+                      0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06,
+                      0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0,
+                      0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3,
+                      0x49, 0x18 };
+    byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69,
+                      0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81,
+                      0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15,
+                      0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2,
+                      0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3,
+                      0xf8, 0x96 };
+    byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f,
+                      0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31,
+                      0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e,
+                      0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d,
+                      0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a,
+                      0x96, 0xc8 };
+    byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a,
+                      0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a,
+                      0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c,
+                      0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf,
+                      0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18,
+                      0x58, 0x65 };
+
+    (void)res1;
+    (void)res2;
+    (void)res3;
+    (void)res4;
+
+#ifndef NO_SHA
+    ret = HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
+    if (ret != 0)
+        return -2001;
+
+    if (memcmp(okm1, res1, L) != 0)
+        return -2002;
+
+    ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L);
+    if (ret != 0)
+        return -2003;
+
+    if (memcmp(okm1, res2, L) != 0)
+        return -2004;
+#endif /* NO_SHA */
+
+#ifndef NO_SHA256
+    ret = HKDF(SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L);
+    if (ret != 0)
+        return -2005;
+
+    if (memcmp(okm1, res3, L) != 0)
+        return -2006;
+
+    ret = HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L);
+    if (ret != 0)
+        return -2007;
+
+    if (memcmp(okm1, res4, L) != 0)
+        return -2007;
+#endif /* NO_SHA256 */
+
+    return 0;
+}
+
+#endif /* HAVE_HKDF */
+
+
+#ifdef HAVE_ECC
+
+int ecc_test(void)
+{
+    RNG     rng;
+    byte    sharedA[1024];
+    byte    sharedB[1024];
+    byte    sig[1024];
+    byte    digest[20];
+    byte    exportBuf[1024];
+    word32  x, y;
+    int     i, verify, ret;
+    ecc_key userA, userB, pubKey;
+
+    ret = InitRng(&rng);
+    if (ret != 0)
+        return -1001;
+
+    ecc_init(&userA);
+    ecc_init(&userB);
+    ecc_init(&pubKey);
+
+    ret = ecc_make_key(&rng, 32, &userA);
+
+    if (ret != 0)
+        return -1014;
+
+    ret = ecc_make_key(&rng, 32, &userB);
+
+    if (ret != 0)
+        return -1002;
+
+    x = sizeof(sharedA);
+    ret = ecc_shared_secret(&userA, &userB, sharedA, &x);
+
+    if (ret != 0)
+        return -1015;
+
+    y = sizeof(sharedB);
+    ret = ecc_shared_secret(&userB, &userA, sharedB, &y);
+
+    if (ret != 0)
+        return -1003;
+
+    if (y != x)
+        return -1004;
+
+    if (memcmp(sharedA, sharedB, x))
+        return -1005;
+
+    x = sizeof(exportBuf);
+    ret = ecc_export_x963(&userA, exportBuf, &x);
+    if (ret != 0)
+        return -1006;
+
+    ret = ecc_import_x963(exportBuf, x, &pubKey);
+
+    if (ret != 0)
+        return -1007;
+
+    y = sizeof(sharedB);
+    ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y);
+
+    if (ret != 0)
+        return -1008;
+
+    if (memcmp(sharedA, sharedB, y))
+        return -1010;
+
+    /* test DSA sign hash */
+    for (i = 0; i < (int)sizeof(digest); i++)
+        digest[i] = (byte)i;
+
+    x = sizeof(sig);
+    ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA);
+
+    if (ret != 0)
+        return -1016;
+
+    verify = 0;
+    ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA);
+
+    if (ret != 0)
+        return -1011;
+
+    if (verify != 1)
+        return -1012;
+
+    x = sizeof(exportBuf);
+    ret = ecc_export_private_only(&userA, exportBuf, &x);
+    if (ret != 0)
+        return -1013;
+
+    ecc_free(&pubKey);
+    ecc_free(&userB);
+    ecc_free(&userA);
+
+    return 0;
+}
+
+#ifdef HAVE_ECC_ENCRYPT
+
+int ecc_encrypt_test(void)
+{
+    RNG     rng;
+    int     ret;
+    ecc_key userA, userB;
+    byte    msg[48];
+    byte    plain[48];
+    byte    out[80];
+    word32  outSz   = sizeof(out);
+    word32  plainSz = sizeof(plain);
+    int     i;
+
+    ret = InitRng(&rng);
+    if (ret != 0)
+        return -3001;
+
+    ecc_init(&userA);
+    ecc_init(&userB);
+
+    ret  = ecc_make_key(&rng, 32, &userA);
+    ret += ecc_make_key(&rng, 32, &userB);
+
+    if (ret != 0)
+        return -3002;
+
+    for (i = 0; i < 48; i++)
+        msg[i] = i;
+
+    /* encrypt msg to B */
+    ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL);
+    if (ret != 0)
+        return -3003;
+
+    /* decrypt msg from A */
+    ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL);
+    if (ret != 0)
+        return -3004;
+
+    if (memcmp(plain, msg, sizeof(msg)) != 0)
+        return -3005;
+
+
+    {  /* let's verify message exchange works, A is client, B is server */
+        ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng);
+        ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng);
+
+        byte cliSalt[EXCHANGE_SALT_SZ];
+        byte srvSalt[EXCHANGE_SALT_SZ];
+        const byte* tmpSalt;
+
+        if (cliCtx == NULL || srvCtx == NULL)
+            return -3006;
+
+        /* get salt to send to peer */
+        tmpSalt = ecc_ctx_get_own_salt(cliCtx);
+        if (tmpSalt == NULL)
+            return -3007;
+        memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ);
+
+        tmpSalt = ecc_ctx_get_own_salt(srvCtx);
+        if (tmpSalt == NULL)
+            return -3007;
+        memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ);
+
+        /* in actual use, we'd get the peer's salt over the transport */
+        ret  = ecc_ctx_set_peer_salt(cliCtx, srvSalt);
+        ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt);
+
+        if (ret != 0)
+            return -3008;
+
+        /* get encrypted msg (request) to send to B */
+        outSz  = sizeof(out);
+        ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx);
+        if (ret != 0)
+            return -3009;
+
+        /* B decrypts msg (request) from A */
+        plainSz = sizeof(plain);
+        ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx);
+        if (ret != 0)
+            return -3010;
+
+        if (memcmp(plain, msg, sizeof(msg)) != 0)
+            return -3011;
+
+        {
+            /* msg2 (response) from B to A */
+            byte    msg2[48];
+            byte    plain2[48];
+            byte    out2[80];
+            word32  outSz2   = sizeof(out2);
+            word32  plainSz2 = sizeof(plain2);
+
+            for (i = 0; i < 48; i++)
+                msg2[i] = i+48;
+
+            /* get encrypted msg (response) to send to B */
+            ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2,
+                              &outSz2, srvCtx);
+            if (ret != 0)
+                return -3012;
+
+            /* A decrypts msg (response) from B */
+            ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2,
+                             cliCtx);
+            if (ret != 0)
+                return -3013;
+
+            if (memcmp(plain2, msg2, sizeof(msg2)) != 0)
+                return -3014;
+        }
+
+        /* cleanup */
+        ecc_ctx_free(srvCtx);
+        ecc_ctx_free(cliCtx);
+    }
+
+    /* cleanup */
+    ecc_free(&userB);
+    ecc_free(&userA);
+
+    return 0;
+}
+
+#endif /* HAVE_ECC_ENCRYPT */
+#endif /* HAVE_ECC */
+
+#ifdef HAVE_LIBZ
+
+const byte sample_text[] =
+    "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n"
+    "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n"
+    "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n"
+    "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n"
+    "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n"
+    "small batch meggings kogi dolore food truck bespoke gastropub.\n"
+    "\n"
+    "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n"
+    "four loko you probably haven't heard of them high life. Messenger bag\n"
+    "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n"
+    "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n"
+    "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n"
+    "food truck next level, tousled irony non semiotics PBR ethical anim cred\n"
+    "readymade. Mumblecore brunch lomo odd future, portland organic terry\n"
+    "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n"
+    "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n"
+    "four loko whatever street art yr farm-to-table.\n"
+    "\n"
+    "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n"
+    "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n"
+    "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n"
+    "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n"
+    "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n"
+    "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n"
+    "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n"
+    "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n"
+    "locavore.\n"
+    "\n"
+    "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n"
+    "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n"
+    "cillum pickled velit, YOLO officia you probably haven't heard of them\n"
+    "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n"
+    "small batch american apparel. Put a bird on it cosby sweater before they\n"
+    "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n"
+    "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n"
+    "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n"
+    "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n"
+    "neutra PBR selvage.\n"
+    "\n"
+    "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n"
+    "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n"
+    "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n"
+    "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n"
+    "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n"
+    "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n"
+    "incididunt flannel sustainable helvetica pork belly pug banksy you\n"
+    "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n"
+    "mollit magna, sriracha sartorial helvetica.\n"
+    "\n"
+    "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n"
+    "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n"
+    "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n"
+    "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n"
+    "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n"
+    "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n"
+    "Veniam sunt food truck leggings, sint vinyl fap.\n"
+    "\n"
+    "Hella dolore pork belly, truffaut carles you probably haven't heard of\n"
+    "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n"
+    "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n"
+    "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n"
+    "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n"
+    "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n"
+    "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n"
+    "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n"
+    "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n"
+    "\n"
+    "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n"
+    "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n"
+    "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n"
+    "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n"
+    "tousled beard mollit mustache leggings portland next level. Nihil esse\n"
+    "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n"
+    "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n"
+    "bag dolor terry richardson sapiente.\n";
+
+
+int compress_test(void)
+{
+    int ret = 0;
+    word32 dSz = sizeof(sample_text);
+    word32 cSz = (dSz + (word32)(dSz * 0.001) + 12);
+    byte *c = NULL;
+    byte *d = NULL;
+
+    c = calloc(cSz, sizeof(byte));
+    d = calloc(dSz, sizeof(byte));
+
+    if (c == NULL || d == NULL)
+        ret = -300;
+
+    if (ret == 0 && (ret = Compress(c, cSz, sample_text, dSz, 0)) < 0)
+        ret = -301;
+
+    if (ret > 0) {
+        cSz = (word32)ret;
+        ret = 0;
+    }
+
+    if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz)
+        ret = -302;
+
+    if (ret == 0 && memcmp(d, sample_text, dSz))
+        ret = -303;
+
+    if (c) free(c);
+    if (d) free(d);
+
+    return ret;
+}
+
+#endif /* HAVE_LIBZ */
+
+#ifdef HAVE_PKCS7
+
+int pkcs7enveloped_test(void)
+{
+    int ret = 0;
+
+    int cipher = DES3b;
+    int envelopedSz, decodedSz;
+    PKCS7 pkcs7;
+    byte* cert;
+    byte* privKey;
+    byte  enveloped[2048];
+    byte  decoded[2048];
+
+    size_t certSz;
+    size_t privKeySz;
+    FILE*  certFile;
+    FILE*  keyFile;
+    FILE*  pkcs7File;
+    const char* pkcs7OutFile = "pkcs7envelopedData.der";
+
+    const byte data[] = { /* Hello World */
+        0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f,
+        0x72,0x6c,0x64
+    };
+
+    /* read client cert and key in DER format */
+    cert = (byte*)malloc(FOURK_BUF);
+    if (cert == NULL)
+        return -201;
+
+    privKey = (byte*)malloc(FOURK_BUF);
+    if (privKey == NULL) {
+        free(cert);
+        return -202;
+    }
+
+    certFile = fopen(clientCert, "rb");
+    if (!certFile) {
+        free(cert);
+        free(privKey);
+        err_sys("can't open ./certs/client-cert.der, "
+                "Please run from CyaSSL home dir", -42);
+    }
+
+    certSz = fread(cert, 1, FOURK_BUF, certFile);
+    fclose(certFile);
+
+    keyFile = fopen(clientKey, "rb");
+    if (!keyFile) {
+        free(cert);
+        free(privKey);
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from CyaSSL home dir", -43);
+    }
+
+    privKeySz = fread(privKey, 1, FOURK_BUF, keyFile);
+    fclose(keyFile);
+
+    PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz);
+    pkcs7.content     = (byte*)data;
+    pkcs7.contentSz   = (word32)sizeof(data);
+    pkcs7.contentOID  = DATA;
+    pkcs7.encryptOID  = cipher;
+    pkcs7.privateKey  = privKey;
+    pkcs7.privateKeySz = (word32)privKeySz;
+
+    /* encode envelopedData */
+    envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped,
+                                            sizeof(enveloped));
+    if (envelopedSz <= 0) {
+        free(cert);
+        free(privKey);
+        return -203;
+    }
+
+    /* decode envelopedData */
+    decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz,
+                                          decoded, sizeof(decoded));
+    if (decodedSz <= 0) {
+        free(cert);
+        free(privKey);
+        return -204;
+    }
+
+    /* test decode result */
+    if (memcmp(decoded, data, sizeof(data)) != 0) {
+        free(cert);
+        free(privKey);
+        return -205;
+    }
+
+    /* output pkcs7 envelopedData for external testing */
+    pkcs7File = fopen(pkcs7OutFile, "wb");
+    if (!pkcs7File) {
+        free(cert);
+        free(privKey);
+        return -206;
+    }
+
+    ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File);
+    fclose(pkcs7File);
+
+    free(cert);
+    free(privKey);
+    PKCS7_Free(&pkcs7);
+
+    if (ret > 0)
+        return 0;
+
+    return ret;
+}
+
+int pkcs7signed_test(void)
+{
+    int ret = 0;
+
+    FILE* file;
+    byte* certDer;
+    byte* keyDer;
+    byte* out;
+    char data[] = "Hello World";
+    word32 dataSz, outSz, certDerSz, keyDerSz;
+    PKCS7 msg;
+    RNG rng;
+
+    byte transIdOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x07 };
+    byte messageTypeOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x02 };
+    byte senderNonceOid[] =
+               { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01,
+                 0x09, 0x05 };
+    byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1];
+    byte messageType[] = { 0x13, 2, '1', '9' };
+    byte senderNonce[PKCS7_NONCE_SZ + 2];
+
+    PKCS7Attrib attribs[] =
+    {
+        { transIdOid, sizeof(transIdOid),
+                     transId, sizeof(transId) - 1 }, /* take off the null */
+        { messageTypeOid, sizeof(messageTypeOid),
+                     messageType, sizeof(messageType) },
+        { senderNonceOid, sizeof(senderNonceOid),
+                     senderNonce, sizeof(senderNonce) }
+    };
+
+    dataSz = (word32) strlen(data);
+    outSz = FOURK_BUF;
+
+    certDer = (byte*)malloc(FOURK_BUF);
+    if (certDer == NULL)
+        return -207;
+    keyDer = (byte*)malloc(FOURK_BUF);
+    if (keyDer == NULL) {
+        free(certDer);
+        return -208;
+    }
+    out = (byte*)malloc(FOURK_BUF);
+    if (out == NULL) {
+        free(certDer);
+        free(keyDer);
+        return -209;
+    }
+
+    /* read in DER cert of recipient, into cert of size certSz */
+    file = fopen(clientCert, "rb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        err_sys("can't open ./certs/client-cert.der, "
+                "Please run from CyaSSL home dir", -44);
+    }
+    certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file);
+    fclose(file);
+
+    file = fopen(clientKey, "rb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        err_sys("can't open ./certs/client-key.der, "
+                "Please run from CyaSSL home dir", -45);
+    }
+    keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file);
+    fclose(file);
+
+    ret = InitRng(&rng);
+    if (ret != 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        return -210;
+    }
+
+    senderNonce[0] = 0x04;
+    senderNonce[1] = PKCS7_NONCE_SZ;
+
+    ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ);
+    if (ret != 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        return -211;
+    }
+
+    PKCS7_InitWithCert(&msg, certDer, certDerSz);
+    msg.privateKey = keyDer;
+    msg.privateKeySz = keyDerSz;
+    msg.content = (byte*)data;
+    msg.contentSz = dataSz;
+    msg.hashOID = SHAh;
+    msg.encryptOID = RSAk;
+    msg.signedAttribs = attribs;
+    msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib);
+    msg.rng = &rng;
+    {
+        Sha sha;
+        byte digest[SHA_DIGEST_SIZE];
+        int i,j;
+
+        transId[0] = 0x13;
+        transId[1] = SHA_DIGEST_SIZE * 2;
+
+        ret = InitSha(&sha);
+        if (ret != 0) {
+            free(certDer);
+            free(keyDer);
+            free(out);
+            return -4003;
+        }
+        ShaUpdate(&sha, msg.publicKey, msg.publicKeySz);
+        ShaFinal(&sha, digest);
+
+        for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) {
+            snprintf((char*)&transId[j], 3, "%02x", digest[i]);
+        }
+    }
+    ret = PKCS7_EncodeSignedData(&msg, out, outSz);
+    if (ret < 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -212;
+    }
+    else
+        outSz = ret;
+
+    /* write PKCS#7 to output file for more testing */
+    file = fopen("./pkcs7signedData.der", "wb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -213;
+    }
+    ret = (int)fwrite(out, 1, outSz, file);
+    fclose(file);
+    if (ret != (int)outSz) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -218;
+    }
+
+    PKCS7_Free(&msg);
+    PKCS7_InitWithCert(&msg, NULL, 0);
+
+    ret = PKCS7_VerifySignedData(&msg, out, outSz);
+    if (ret < 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -214;
+    }
+
+    if (msg.singleCert == NULL || msg.singleCertSz == 0) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -215;
+    }
+
+    file = fopen("./pkcs7cert.der", "wb");
+    if (!file) {
+        free(certDer);
+        free(keyDer);
+        free(out);
+        PKCS7_Free(&msg);
+        return -216;
+    }
+    ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file);
+    fclose(file);
+
+    free(certDer);
+    free(keyDer);
+    free(out);
+    PKCS7_Free(&msg);
+
+    if (ret > 0)
+        return 0;
+
+    return ret;
+}
+
+#endif /* HAVE_PKCS7 */
+
+#endif /* NO_CRYPT_TEST */
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c
new file mode 100644
index 000000000..46712b34c
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-CortexM3-4.c
@@ -0,0 +1,41 @@
+/* time-STM32F2.c
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+
+#include        
+#define DWT                 ((DWT_Type       *)     (0xE0001000UL)     ) 
+typedef struct
+{
+  uint32_t CTRL;                    /*!< Offset: 0x000 (R/W)  Control Register                          */
+  uint32_t CYCCNT;                  /*!< Offset: 0x004 (R/W)  Cycle Count Register                      */
+} DWT_Type;
+
+extern uint32_t SystemCoreClock ;
+
+double current_time(int reset) 
+{
+      if(reset) DWT->CYCCNT = 0 ;
+      return ((double)DWT->CYCCNT/SystemCoreClock) ;
+}
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c
new file mode 100644
index 000000000..2525eba38
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/CyaSSL-Full/time-dummy.c
@@ -0,0 +1,34 @@
+/* time-dummy.c.c
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "time.h"
+
+struct tm *Cyassl_MDK_gmtime(const time_t *c) 
+{ 
+    static struct tm date ; 
+    return(&date) ;
+}
+
+time_t time(time_t * t) { return 0 ; }
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/Abstract.txt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/Abstract.txt
new file mode 100644
index 000000000..42ac37cf9
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/Abstract.txt
@@ -0,0 +1,22 @@
+This program is echo client with CyaSSL/wolfCrypt library.
+
+In order to run this program, 
+Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory.
+Set config-EchoClient.h configuration file for the Callee IP or Port number.
+
+For further configuration, refer config-Crypt.h and config-CyaSSL.h.
+
+When testing this client, it is recommended to test against one of the standard 
+CyaSSL example applications running on a desktop machine.  The standard CyaSSL 
+example applications are located in the CyaSSL root directory under the 
+/examples directory.
+
+For the hardware crypt on config-Crypt.h, download 
+STSW-STM32062: STM32F2xx standard peripherals library at 
+http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to 
+ {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib
+
+
+Support
+-------
+Please send questions or comments to support@wolfssl.com
\ No newline at end of file
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
new file mode 100644
index 000000000..d00990d89
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvoptx
@@ -0,0 +1,1465 @@
+
+
+
+  1.0
+
+  
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + EchoClient + 0x4 + ARM-ADS + + 120000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + DLGUARM + + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + + + + + + 1 + 8 + ((func_args*)args)->signal->port + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 16 + 99 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 24 + 0 + 149 + 166 + 0 + .\echoclient.c + echoclient.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 3 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 0 + 0 + + + 2 + 4 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 5 + 5 + 0 + 0 + 33 + 0 + 3 + 17 + 0 + .\RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 0 + 0 + + + + + Dcumentation + 1 + 0 + 0 + 0 + + 3 + 6 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + Devices + 1 + 0 + 0 + 0 + + 4 + 7 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + + + ::CMSIS + 1 + 0 + 0 + 1 + + 5 + 8 + 1 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 5 + 9 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 1 + 0 + 0 + 1 + + 6 + 10 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 6 + 11 + 2 + 0 + 0 + 0 + 0 + 163 + 169 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 6 + 12 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 6 + 13 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 6 + 14 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 7 + 15 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + PHY_ST802RT1.c + 1 + 0 + + + 7 + 16 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + EMAC_STM32F2xx.c + 1 + 0 + + + 7 + 17 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 8 + 18 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 8 + 19 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 8 + 20 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::Network + 1 + 0 + 0 + 1 + + 9 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config.c + Net_Config.c + 1 + 0 + + + 9 + 22 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_BSD.h + Net_Config_BSD.h + 1 + 0 + + + 9 + 23 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_DNS_Client.h + Net_Config_DNS_Client.h + 1 + 0 + + + 9 + 24 + 5 + 0 + 0 + 33 + 0 + 3 + 17 + 0 + RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 1 + 0 + + + 9 + 25 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_TCP.h + Net_Config_TCP.h + 1 + 0 + + + 9 + 26 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_UDP.h + Net_Config_UDP.h + 1 + 0 + + + 9 + 27 + 1 + 1 + 0 + 0 + 0 + 102 + 125 + 0 + RTE\Network\Net_Debug.c + Net_Debug.c + 1 + 0 + + + 9 + 28 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + Net_Dbg_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 0 + 0 + 0 + 1 + + 10 + 29 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 10 + 30 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 1 + 0 + + + 10 + 31 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 10 + 32 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 10 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 10 + 34 + 1 + 0 + 0 + 13 + 0 + 1441 + 1569 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 10 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 10 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 10 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 10 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 10 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 10 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 10 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 10 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 10 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 10 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 10 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 10 + 46 + 1 + 0 + 0 + 0 + 0 + 66 + 89 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 10 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 10 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 10 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 10 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 10 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 10 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 10 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 10 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + 10 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 10 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 10 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 10 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 10 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 10 + 60 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 10 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 10 + 62 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 10 + 63 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 10 + 64 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + crl.c + 1 + 0 + + + 10 + 65 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + internal.c + 1 + 0 + + + 10 + 66 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + io.c + 1 + 0 + + + 10 + 67 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + keys.c + 1 + 0 + + + 10 + 68 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + ocsp.c + 1 + 0 + + + 10 + 69 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + sniffer.c + 1 + 0 + + + 10 + 70 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + ssl.c + 1 + 0 + + + 10 + 71 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + tls.c + 1 + 0 + + + 10 + 72 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 10 + 73 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx new file mode 100644 index 000000000..67ac6f0b2 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/EchoClient.uvprojx @@ -0,0 +1,1122 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + EchoClient + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + EchoClient + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_EchoClient + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + main.c + 1 + .\main.c + + + echoclient.c + 1 + .\echoclient.c + + + + + Configuration + + + config-CyaSSL.h + 5 + .\RTE\wolfSSL\config-CyaSSL.h + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + Net_Config_ETH_0.h + 5 + .\RTE\Network\Net_Config_ETH_0.h + + + + + Dcumentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + Devices + + + time-dummy.c + 1 + .\time-dummy.c + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + PHY_ST802RT1.c + 1 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + + + EMAC_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::Network + + + Net_Config.c + 1 + RTE\Network\Net_Config.c + + + Net_Config_BSD.h + 5 + RTE\Network\Net_Config_BSD.h + + + Net_Config_DNS_Client.h + 5 + RTE\Network\Net_Config_DNS_Client.h + + + Net_Config_ETH_0.h + 5 + RTE\Network\Net_Config_ETH_0.h + + + Net_Config_TCP.h + 5 + RTE\Network\Net_Config_TCP.h + + + Net_Config_UDP.h + 5 + RTE\Network\Net_Config_UDP.h + + + Net_Debug.c + 1 + RTE\Network\Net_Debug.c + + + Net_Dbg_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + config-CyaSSL.h + 5 + RTE\wolfSSL\config-CyaSSL.h + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + + + crl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + + + internal.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + + + io.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + + + keys.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + + + ocsp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + + + sniffer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + + + ssl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + + + tls.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + + + RTE\Network\Net_Debug.c + + + + + + + + RTE\Other\config-Crypt.h + + + + + + RTE\Other\config-CyaSSL.h + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config-CyaSSL.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/settings.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/settings.h new file mode 100644 index 000000000..22dea06d0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/RTE/wolfSSL/settings.h @@ -0,0 +1,627 @@ +/* settings.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#ifdef MICROCHIP_PIC32 + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #include "system/system_services.h" + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 +#endif /* MBED */ + +#ifdef CYASSL_TYTO + #include "rand.h" + #define FREERTOS + #define NO_FILESYSTEM + #define CYASSL_USER_IO + #define NO_DEV_RANDOM + #define HAVE_ECC + #define HAVE_ECC_ENCRYPT + #define ECC_SHAMIR + #define HAVE_HKDF + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FP_MAX_BITS 512 + #define NO_OLD_TLS + #define NO_MD4 + #define NO_RABBIT + #define NO_HC128 + #define NO_RSA + #define NO_DSA + #define NO_PWDBASED + #define NO_PSK +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/config-EchoClient.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/config-EchoClient.h new file mode 100644 index 000000000..82f5d4782 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/config-EchoClient.h @@ -0,0 +1,34 @@ +/* config-RTX-TCP-FS.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + + +// <<< Use Configuration Wizard in Context Menu >>> +// Build Target: Simple Client +// Callee IP Address +// Default: "192.168.1.100" +#define CYASSL_CALLEE_IP "192.168.11.3" +// Callee Port Number +// Default: "11111" +#define CYASSL_CALLEE_PORT 443 + +// +// <<< end of configuration section >>> diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/echoclient.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/echoclient.c new file mode 100644 index 000000000..24a02febc --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/echoclient.c @@ -0,0 +1,282 @@ +/* echoclient.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include + +#include "examples/echoclient/echoclient.h" + +void echoclient_test(void* args) +{ + SOCKET_T sockfd = 0; + + FILE* fin = stdin ; + FILE* fout = stdout; + + int inCreated = 0; + int outCreated = 0; + + char msg[1024]; + char reply[1024+1]; + + SSL_METHOD* method = 0; + SSL_CTX* ctx = 0; + SSL* ssl = 0; + + int doDTLS = 0; + int doPSK = 0; + int sendSz; + int argc = 0; + char** argv = 0; + word16 port = yasslPort; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifndef CYASSL_MDK_SHELL + argc = ((func_args*)args)->argc; + argv = ((func_args*)args)->argv; +#endif + + if (argc >= 2) { + fin = fopen(argv[1], "r"); + inCreated = 1; + } + if (argc >= 3) { + fout = fopen(argv[2], "w"); + outCreated = 1; + } + + if (!fin) err_sys("can't open input file"); + if (!fout) err_sys("can't open output file"); + +#ifdef CYASSL_DTLS + doDTLS = 1; +#endif + +#ifdef CYASSL_LEANPSK + doPSK = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + doPSK = 1; +#endif + +#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_SHELL) + port = ((func_args*)args)->signal->port; +#endif + +#if defined(CYASSL_DTLS) + method = DTLSv1_client_method(); +#elif !defined(NO_TLS) + method = CyaSSLv23_client_method(); +#else + method = SSLv3_client_method(); +#endif + ctx = SSL_CTX_new(method); + +#ifndef NO_FILESYSTEM + #ifndef NO_RSA + if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + #endif + #ifdef HAVE_ECC + if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + #endif +#elif !defined(NO_CERTS) + if (!doPSK) + load_buffer(ctx, caCert, CYASSL_CA); +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + /* don't use EDH, can't sniff tmp keys */ + SSL_CTX_set_cipher_list(ctx, "AES256-SHA"); +#endif + if (doPSK) { +#ifndef NO_PSK + const char *defaultCipherList; + + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("client can't set cipher list 2"); +#endif + } + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + + #if defined(CYASSL_MDK_ARM) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + #endif + + ssl = SSL_new(ctx); + + + if (doDTLS) { + SOCKADDR_IN_T addr; + build_addr(&addr, yasslIP, port, 1); + CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, yasslIP, port, 0); + } + + SSL_set_fd(ssl, sockfd); +#if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER) + /* let echoserver bind first, TODO: add Windows signal like pthreads does */ + Sleep(100); +#endif + + if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); + + while (fgets(msg, sizeof(msg), fin) != 0) { + + sendSz = (int)strlen(msg); + + if (SSL_write(ssl, msg, sendSz) != sendSz) + err_sys("SSL_write failed"); + + if (strncmp(msg, "quit", 4) == 0) { + fputs("sending server shutdown command: quit!\n", fout); + break; + } + + if (strncmp(msg, "break", 5) == 0) { + fputs("sending server session close: break!\n", fout); + break; + } + + #ifndef CYASSL_MDK_SHELL + while (sendSz) { + int got; + if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { + reply[got] = 0; + fputs(reply, fout); + fflush(fout) ; + sendSz -= got; + } + else + break; + } + #else + { + int got; + if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { + reply[got] = 0; + fputs(reply, fout); + fflush(fout) ; + sendSz -= got; + } + } + #endif + } + + +#ifdef CYASSL_DTLS + strncpy(msg, "break", 6); + sendSz = (int)strlen(msg); + /* try to tell server done */ + SSL_write(ssl, msg, sendSz); +#else + SSL_shutdown(ssl); +#endif + + SSL_free(ssl); + SSL_CTX_free(ctx); + + fflush(fout); + if (inCreated) fclose(fin); + if (outCreated) fclose(fout); + + CloseSocket(sockfd); + ((func_args*)args)->return_code = 0; +} + + +/* so overall tests can pull in test function */ +#ifndef NO_MAIN_DRIVER + + int main(int argc, char** argv) + { + func_args args; + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + + StartTCP(); + + args.argc = argc; + args.argv = argv; + + CyaSSL_Init(); +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) + CyaSSL_Debugging_ON(); +#endif + + if (CurrentDir("echoclient")) + ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); + echoclient_test(&args); + + CyaSSL_Cleanup(); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + return args.return_code; + } + +#endif /* NO_MAIN_DRIVER */ + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/main.c new file mode 100644 index 000000000..a2db99f5e --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/main.c @@ -0,0 +1,100 @@ +/* main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include "cmsis_os.h" +#include "rl_fs.h" +#include "rl_net.h" +#include +#include "cyassl_MDK_ARM.h" +#include + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +static void init_filesystem (void) { + int32_t retv; + + retv = finit ("M0:"); + if (retv == 0) { + retv = fmount ("M0:"); + if (retv == 0) { + printf ("Drive M0 ready!\n"); + } + else { + printf ("Drive M0 mount failed!\n"); + } + } + else { + printf ("Drive M0 initialization failed!\n"); + } +} + +/*----------------------------------------------------------------------------- + * TCP/IP tasks + *----------------------------------------------------------------------------*/ +void tcp_poll (void const *arg) +{ + CYASSL_MSG("TCP polling started.\n") ; + while (1) { + net_main (); + osDelay(1) ; + } +} + +typedef struct func_args { + int argc; + char** argv; +} func_args; + +extern void echoclient_test(func_args * args) ; +extern void init_time(void) ; + + osThreadDef (tcp_poll, osPriorityHigh , 1, 0) ; +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ +int myoptind = 0; +char* myoptarg = NULL; + +#include "config-EchoClient.h" + +int main() +{ + void *args = NULL ; + init_filesystem (); + net_initialize() ; + osThreadCreate (osThread (tcp_poll), NULL); + osDelay(30000) ; /* wait for DHCP */ + #if defined(DEBUG_CYASSL) + printf("Turning ON Debug message\n") ; + CyaSSL_Debugging_ON() ; + #endif + + echoclient_test(args) ; + +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/time-dummy.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/time-dummy.c new file mode 100644 index 000000000..2525eba38 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoClient/time-dummy.c @@ -0,0 +1,34 @@ +/* time-dummy.c.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + static struct tm date ; + return(&date) ; +} + +time_t time(time_t * t) { return 0 ; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/Abstract.txt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/Abstract.txt new file mode 100644 index 000000000..491c61020 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/Abstract.txt @@ -0,0 +1,24 @@ +This program is echo server with CyaSSL/wolfCrypt library. + +In order to run this program, +Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory. +Set the server IP address in Net_Config_ETH_0.h +The server default port is 11111, defined in test.h. + +For further configuration, refer config-Crypt.h and config-CyaSSL.h. + +When testing this server, it is recommended to test against one of the standard +CyaSSL example applications running on a desktop machine. The standard CyaSSL +example applications are located in the CyaSSL root directory under the +/examples directory. + +For the hardware crypt on config-Crypt.h, download +STSW-STM32062: STM32F2xx standard peripherals library at +http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to + {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib + + +Support +------- +Please send questions or comments to support@wolfssl.com + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx new file mode 100644 index 000000000..3f4dfdad1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvoptx @@ -0,0 +1,1465 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + EchoServer + 0x4 + ARM-ADS + + 120000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + DLGUARM + + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + + + + + + 1 + 8 + 0x20000408 + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 11 + 0 + 64 + 83 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 17 + 0 + 0 + 0 + 0 + .\echoserver.c + echoserver.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 3 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 0 + 0 + + + 2 + 4 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 5 + 5 + 0 + 0 + 33 + 0 + 1 + 17 + 0 + .\RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 0 + 0 + + + + + Documentation + 1 + 0 + 0 + 0 + + 3 + 6 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + Devices + 1 + 0 + 0 + 0 + + 4 + 7 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + + + ::CMSIS + 1 + 0 + 0 + 1 + + 5 + 8 + 1 + 0 + 0 + 0 + 0 + 1 + 1 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 5 + 9 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 0 + 0 + 0 + 1 + + 6 + 10 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 6 + 11 + 2 + 0 + 0 + 0 + 0 + 162 + 169 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 6 + 12 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 6 + 13 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 6 + 14 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 7 + 15 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + PHY_ST802RT1.c + 1 + 0 + + + 7 + 16 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + EMAC_STM32F2xx.c + 1 + 0 + + + 7 + 17 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 8 + 18 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 8 + 19 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 8 + 20 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::Network + 0 + 0 + 0 + 1 + + 9 + 21 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config.c + Net_Config.c + 1 + 0 + + + 9 + 22 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_BSD.h + Net_Config_BSD.h + 1 + 0 + + + 9 + 23 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_DNS_Client.h + Net_Config_DNS_Client.h + 1 + 0 + + + 9 + 24 + 5 + 0 + 0 + 33 + 0 + 1 + 17 + 0 + RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 1 + 0 + + + 9 + 25 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_TCP.h + Net_Config_TCP.h + 1 + 0 + + + 9 + 26 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_UDP.h + Net_Config_UDP.h + 1 + 0 + + + 9 + 27 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Debug.c + Net_Debug.c + 1 + 0 + + + 9 + 28 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + Net_Dbg_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 1 + 0 + 0 + 1 + + 10 + 29 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 10 + 30 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 1 + 0 + + + 10 + 31 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 10 + 32 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 10 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 10 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 10 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 10 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 10 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 10 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 10 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 10 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 10 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 10 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 10 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 10 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 10 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 10 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 10 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 10 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 10 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 10 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 10 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 10 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 10 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 10 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + 10 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 10 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 10 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 10 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 10 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 10 + 60 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 10 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 10 + 62 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 10 + 63 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 10 + 64 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + crl.c + 1 + 0 + + + 10 + 65 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + internal.c + 1 + 0 + + + 10 + 66 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + io.c + 1 + 0 + + + 10 + 67 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + keys.c + 1 + 0 + + + 10 + 68 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + ocsp.c + 1 + 0 + + + 10 + 69 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + sniffer.c + 1 + 0 + + + 10 + 70 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + ssl.c + 1 + 0 + + + 10 + 71 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + tls.c + 1 + 0 + + + 10 + 72 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 10 + 73 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx new file mode 100644 index 000000000..76471d0ae --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/EchoServer.uvprojx @@ -0,0 +1,1122 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + EchoServer + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + EchoServer + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_SimpleClient + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + main.c + 1 + .\main.c + + + echoserver.c + 1 + .\echoserver.c + + + + + Configuration + + + config-CyaSSL.h + 5 + .\RTE\wolfSSL\config-CyaSSL.h + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + Net_Config_ETH_0.h + 5 + .\RTE\Network\Net_Config_ETH_0.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + Devices + + + time-dummy.c + 1 + .\time-dummy.c + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + PHY_ST802RT1.c + 1 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + + + EMAC_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::Network + + + Net_Config.c + 1 + RTE\Network\Net_Config.c + + + Net_Config_BSD.h + 5 + RTE\Network\Net_Config_BSD.h + + + Net_Config_DNS_Client.h + 5 + RTE\Network\Net_Config_DNS_Client.h + + + Net_Config_ETH_0.h + 5 + RTE\Network\Net_Config_ETH_0.h + + + Net_Config_TCP.h + 5 + RTE\Network\Net_Config_TCP.h + + + Net_Config_UDP.h + 5 + RTE\Network\Net_Config_UDP.h + + + Net_Debug.c + 1 + RTE\Network\Net_Debug.c + + + Net_Dbg_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + config-CyaSSL.h + 5 + RTE\wolfSSL\config-CyaSSL.h + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + + + crl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + + + internal.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + + + io.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + + + keys.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + + + ocsp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + + + sniffer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + + + ssl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + + + tls.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + + + RTE\Network\Net_Debug.c + + + + + + + + RTE\Other\config-Crypt.h + + + + + + RTE\Other\config-CyaSSL.h + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config-CyaSSL.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/settings.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/settings.h new file mode 100644 index 000000000..22dea06d0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/RTE/wolfSSL/settings.h @@ -0,0 +1,627 @@ +/* settings.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#ifdef MICROCHIP_PIC32 + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #include "system/system_services.h" + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 +#endif /* MBED */ + +#ifdef CYASSL_TYTO + #include "rand.h" + #define FREERTOS + #define NO_FILESYSTEM + #define CYASSL_USER_IO + #define NO_DEV_RANDOM + #define HAVE_ECC + #define HAVE_ECC_ENCRYPT + #define ECC_SHAMIR + #define HAVE_HKDF + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FP_MAX_BITS 512 + #define NO_OLD_TLS + #define NO_MD4 + #define NO_RABBIT + #define NO_HC128 + #define NO_RSA + #define NO_DSA + #define NO_PWDBASED + #define NO_PSK +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/echoserver.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/echoserver.c new file mode 100644 index 000000000..33f6df3df --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/echoserver.c @@ -0,0 +1,368 @@ +/* echoserver.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include +#include + +#ifndef NO_MAIN_DRIVER + #define ECHO_OUT +#endif + +#include "examples/echoserver/echoserver.h" + + +#ifdef SESSION_STATS + CYASSL_API void PrintSessionStats(void); +#endif + +#define SVR_COMMAND_SIZE 256 + +static void SignalReady(void* args, word16 port) +{ +#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) + /* signal ready to tcp_accept */ + func_args* server_args = (func_args*)args; + tcp_ready* ready = server_args->signal; + pthread_mutex_lock(&ready->mutex); + ready->ready = 1; + ready->port = port; + pthread_cond_signal(&ready->cond); + pthread_mutex_unlock(&ready->mutex); +#endif + (void)args; + (void)port; +} + + +THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) +{ + SOCKET_T sockfd = 0; + CYASSL_METHOD* method = 0; + CYASSL_CTX* ctx = 0; + + int doDTLS = 0; + int doPSK = 0; + int outCreated = 0; + int shutDown = 0; + int useAnyAddr = 0; + word16 port = yasslPort; + int argc = ((func_args*)args)->argc; + char** argv = ((func_args*)args)->argv; + +#ifdef ECHO_OUT + FILE* fout = stdout; + if (argc >= 2) { + fout = fopen(argv[1], "w"); + outCreated = 1; + } + if (!fout) err_sys("can't open output file"); +#endif + (void)outCreated; + (void)argc; + (void)argv; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifdef CYASSL_DTLS + doDTLS = 1; +#endif + +#ifdef CYASSL_LEANPSK + doPSK = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + doPSK = 1; +#endif + + #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \ + !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL) + port = 0; + #endif + #if defined(USE_ANY_ADDR) + useAnyAddr = 1; + #endif + tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); + +#if defined(CYASSL_DTLS) + method = CyaDTLSv1_server_method(); +#elif !defined(NO_TLS) + method = CyaSSLv23_server_method(); +#else + method = CyaSSLv3_server_method(); +#endif + ctx = CyaSSL_CTX_new(method); + /* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */ + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + +#ifndef NO_FILESYSTEM + if (doPSK == 0) { + #ifdef HAVE_NTRU + /* ntru */ + if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load ntru cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ntruKey) + != SSL_SUCCESS) + err_sys("can't load ntru key file, " + "Please run from CyaSSL home dir"); + #elif defined(HAVE_ECC) + /* ecc */ + if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, eccKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server key file, " + "Please run from CyaSSL home dir"); + #elif defined(NO_CERTS) + /* do nothing, just don't load cert files */ + #else + /* normal */ + if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server cert file, " + "Please run from CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server key file, " + "Please run from CyaSSL home dir"); + #endif + } /* doPSK */ +#elif !defined(NO_CERTS) + if (!doPSK) { + load_buffer(ctx, svrCert, CYASSL_CERT); + load_buffer(ctx, svrKey, CYASSL_KEY); + } +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + /* don't use EDH, can't sniff tmp keys */ + CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA"); +#endif + + if (doPSK) { +#ifndef NO_PSK + const char *defaultCipherList; + + CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); + CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) + err_sys("server can't set cipher list 2"); +#endif + } + + SignalReady(args, port); + + while (!shutDown) { + CYASSL* ssl = 0; + char command[SVR_COMMAND_SIZE+1]; + int echoSz = 0; + int clientfd; + int firstRead = 1; + int gotFirstG = 0; + +#ifndef CYASSL_DTLS + SOCKADDR_IN_T client; + socklen_t client_len = sizeof(client); + clientfd = accept(sockfd, (struct sockaddr*)&client, + (ACCEPT_THIRD_T)&client_len); +#else + clientfd = udp_read_connect(sockfd); +#endif + if (clientfd == -1) err_sys("tcp accept failed"); + + ssl = CyaSSL_new(ctx); + if (ssl == NULL) err_sys("SSL_new failed"); + CyaSSL_set_fd(ssl, clientfd); + #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) + CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); + #elif !defined(NO_CERTS) + SetDH(ssl); /* will repick suites with DHE, higher than PSK */ + #endif + if (CyaSSL_accept(ssl) != SSL_SUCCESS) { + printf("SSL_accept failed\n"); + CyaSSL_free(ssl); + CloseSocket(clientfd); + continue; + } +#if defined(PEER_INFO) + showPeer(ssl); +#endif + + while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) { + + if (firstRead == 1) { + firstRead = 0; /* browser may send 1 byte 'G' to start */ + if (echoSz == 1 && command[0] == 'G') { + gotFirstG = 1; + continue; + } + } + else if (gotFirstG == 1 && strncmp(command, "ET /", 4) == 0) { + strncpy(command, "GET", 4); + /* fall through to normal GET */ + } + + if ( strncmp(command, "quit", 4) == 0) { + printf("client sent quit command: shutting down!\n"); + shutDown = 1; + break; + } + if ( strncmp(command, "break", 5) == 0) { + printf("client sent break command: closing session!\n"); + break; + } +#ifdef SESSION_STATS + if ( strncmp(command, "printstats", 10) == 0) { + PrintSessionStats(); + break; + } +#endif + if ( strncmp(command, "GET", 3) == 0) { + char type[] = "HTTP/1.0 200 ok\r\nContent-type:" + " text/html\r\n\r\n"; + char header[] = "\n
\n";
+                char body[]   = "greetings from CyaSSL\n";
+                char footer[] = "\r\n\r\n";
+            
+                strncpy(command, type, sizeof(type));
+                echoSz = sizeof(type) - 1;
+
+                strncpy(&command[echoSz], header, sizeof(header));
+                echoSz += (int)sizeof(header) - 1;
+                strncpy(&command[echoSz], body, sizeof(body));
+                echoSz += (int)sizeof(body) - 1;
+                strncpy(&command[echoSz], footer, sizeof(footer));
+                echoSz += (int)sizeof(footer);
+
+                if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                    err_sys("SSL_write failed");
+                break;
+            }
+            command[echoSz] = 0;
+
+            #ifdef ECHO_OUT
+                fputs(command, fout);
+            #endif
+
+            if (CyaSSL_write(ssl, command, echoSz) != echoSz)
+                err_sys("SSL_write failed");
+        }
+#ifndef CYASSL_DTLS
+        CyaSSL_shutdown(ssl);
+#endif
+        CyaSSL_free(ssl);
+        CloseSocket(clientfd);
+#ifdef CYASSL_DTLS
+        tcp_listen(&sockfd, &port, useAnyAddr, doDTLS);
+        SignalReady(args, port);
+#endif
+    }
+
+    CloseSocket(sockfd);
+    CyaSSL_CTX_free(ctx);
+
+#ifdef ECHO_OUT
+    if (outCreated)
+        fclose(fout);
+#endif
+
+    ((func_args*)args)->return_code = 0;
+    return 0;
+}
+
+
+/* so overall tests can pull in test function */
+#ifndef NO_MAIN_DRIVER
+
+    int main(int argc, char** argv)
+    {
+        func_args args;
+
+#ifdef HAVE_CAVIUM
+        int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID);
+        if (ret != 0)
+            err_sys("Cavium OpenNitroxDevice failed");
+#endif /* HAVE_CAVIUM */
+
+        StartTCP();
+
+        args.argc = argc;
+        args.argv = argv;
+
+        CyaSSL_Init();
+#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL)
+        CyaSSL_Debugging_ON();
+#endif
+        if (CurrentDir("echoserver"))
+            ChangeDirBack(2);
+        else if (CurrentDir("Debug") || CurrentDir("Release"))
+            ChangeDirBack(3);
+        echoserver_test(&args);
+        CyaSSL_Cleanup();
+
+#ifdef HAVE_CAVIUM
+        CspShutdown(CAVIUM_DEV_ID);
+#endif
+        return args.return_code;
+    }
+
+        
+#endif /* NO_MAIN_DRIVER */
+
+
+
+
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/main.c
new file mode 100644
index 000000000..810fdbb2b
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/main.c
@@ -0,0 +1,98 @@
+/* main.c
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include 
+#include 
+
+#include "cmsis_os.h"
+#include "rl_fs.h" 
+#include "rl_net.h" 
+#include 
+#include "cyassl_MDK_ARM.h"
+#include 
+
+/*-----------------------------------------------------------------------------
+ *        Initialize a Flash Memory Card
+ *----------------------------------------------------------------------------*/
+static void init_filesystem (void) {
+    int32_t retv;
+
+    retv = finit ("M0:");
+    if (retv == 0) {
+        retv = fmount ("M0:");
+        if (retv == 0) {
+            printf ("Drive M0 ready!\n");
+        }
+        else {
+          printf ("Drive M0 mount failed!\n");
+        }
+    } else {
+        printf ("Drive M0 initialization failed!\n");
+    }
+}
+
+/*-----------------------------------------------------------------------------
+ *        TCP/IP tasks
+ *----------------------------------------------------------------------------*/
+void tcp_poll (void const *arg)
+{
+    CYASSL_MSG("TCP polling started.\n") ;
+    while (1) {
+        net_main ();
+        osDelay(1) ;
+    }
+}
+
+typedef struct func_args {
+    int    argc;
+    char** argv;
+} func_args;
+
+extern void echoserver_test(func_args * args) ;
+extern void init_time(void) ;
+
+    osThreadDef (tcp_poll, osPriorityHigh, 1, 0) ;
+/*-----------------------------------------------------------------------------
+ *       mian entry 
+ *----------------------------------------------------------------------------*/
+int myoptind = 0;
+char* myoptarg = NULL;
+
+int main() 
+{
+    void *args = NULL ;
+    init_filesystem ();
+    net_initialize() ;
+    osThreadCreate (osThread (tcp_poll), NULL); 
+    osDelay(10000) ;  /* wait for DHCP */
+    #if defined(DEBUG_CYASSL)
+        printf("Turning ON Debug message\n") ;
+        CyaSSL_Debugging_ON() ;
+    #endif
+
+        printf("echoserver: Started\n") ;
+    echoserver_test(args) ;
+    printf("echoserver: Terminated\n") ;
+}
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/time-dummy.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/time-dummy.c
new file mode 100644
index 000000000..2525eba38
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/EchoServer/time-dummy.c
@@ -0,0 +1,34 @@
+/* time-dummy.c.c
+ *
+ * Copyright (C) 2006-2014 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+ 
+#ifdef HAVE_CONFIG_H
+    #include 
+#endif
+
+#include "time.h"
+
+struct tm *Cyassl_MDK_gmtime(const time_t *c) 
+{ 
+    static struct tm date ; 
+    return(&date) ;
+}
+
+time_t time(time_t * t) { return 0 ; }
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/Abstract.txt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/Abstract.txt
new file mode 100644
index 000000000..1a9a172c9
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/Abstract.txt
@@ -0,0 +1,23 @@
+This program is a simple client example with CyaSSL/wolfCrypt library.
+
+In order to run this program,
+Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory.
+Set config-SimpleClient.h configuration file for the Callee IP or Port number.
+
+For further configuration, refer config-Crypt.h and config-CyaSSL.h.
+config-SimpleClient.h is to configure repote callee IP and port.
+
+When testing this client, it is recommended to test against one of the standard 
+CyaSSL example applications running on a desktop machine.  The standard CyaSSL 
+example applications are located in the CyaSSL root directory under the 
+/examples directory.
+
+For the hardware crypt on config-Crypt.h, download 
+STSW-STM32062: STM32F2xx standard peripherals library at 
+http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to 
+ {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib
+
+
+Support
+-------
+Please send questions or comments to support@wolfssl.com
\ No newline at end of file
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/settings.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/settings.h
new file mode 100644
index 000000000..33d41cfdb
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/RTE/wolfSSL/settings.h
@@ -0,0 +1,667 @@
+/* settings.h
+ *
+ * Copyright (C) 2006-2013 wolfSSL Inc.
+ *
+ * This file is part of CyaSSL.
+ *
+ * CyaSSL is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * CyaSSL is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA
+ */
+
+/* Place OS specific preprocessor flags, defines, includes here, will be
+   included into every file because types.h includes it */
+
+
+#ifndef CTAO_CRYPT_SETTINGS_H
+#define CTAO_CRYPT_SETTINGS_H
+
+#ifdef __cplusplus
+    extern "C" {
+#endif
+
+/* Uncomment next line if using IPHONE */
+/* #define IPHONE */
+
+/* Uncomment next line if using ThreadX */
+/* #define THREADX */
+
+/* Uncomment next line if using Micrium ucOS */
+/* #define MICRIUM */
+
+/* Uncomment next line if using Mbed */
+/* #define MBED */
+
+/* Uncomment next line if using Microchip PIC32 ethernet starter kit */
+/* #define MICROCHIP_PIC32 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 5 */
+/* #define MICROCHIP_TCPIP_V5 */
+
+/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */
+/* #define MICROCHIP_TCPIP */
+
+/* Uncomment next line if using PIC32MZ Crypto Engine */
+/* #define CYASSL_MICROCHIP_PIC32MZ */
+        
+/* Uncomment next line if using FreeRTOS */
+/* #define FREERTOS */
+
+/* Uncomment next line if using FreeRTOS Windows Simulator */
+/* #define FREERTOS_WINSIM */
+
+/* Uncomment next line if using RTIP */
+/* #define EBSNET */
+
+/* Uncomment next line if using lwip */
+/* #define CYASSL_LWIP */
+
+/* Uncomment next line if building CyaSSL for a game console */
+/* #define CYASSL_GAME_BUILD */
+
+/* Uncomment next line if building CyaSSL for LSR */
+/* #define CYASSL_LSR */
+
+/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */
+/* #define FREESCALE_MQX */
+
+/* Uncomment next line if using STM32F2 */
+/* #define CYASSL_STM32F2 */
+
+/* Uncomment next line if using Comverge settings */
+/* #define COMVERGE */
+
+/* Uncomment next line if using QL SEP settings */
+/* #define CYASSL_QL */
+
+/* Uncomment next line if using LwIP native TCP socket settings */
+/* #define HAVE_LWIP_NATIVE */
+
+/* Uncomment next line if building for EROAD */
+/* #define CYASSL_EROAD */
+
+#include 
+
+#ifdef IPHONE
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+
+#ifdef CYASSL_USER_SETTINGS
+    #include 
+#endif
+
+
+#ifdef COMVERGE
+    #define THREADX
+    #define HAVE_NETX
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_RSA
+    #define NO_SESSION_CACHE
+    #define HAVE_ECC 
+#endif
+
+
+#ifdef THREADX 
+    #define SIZEOF_LONG_LONG 8
+#endif
+
+#ifdef HAVE_NETX
+    #include "nx_api.h"
+#endif
+
+#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */
+    #define CYASSL_LWIP
+    #define NO_WRITEV
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_FILESYSTEM
+#endif 
+
+#ifdef MICROCHIP_PIC32
+    /* #define CYASSL_MICROCHIP_PIC32MZ */
+    #define SIZEOF_LONG_LONG 8
+    #define SINGLE_THREADED
+    #define CYASSL_USER_IO
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_FILESYSTEM
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef CYASSL_MICROCHIP_PIC32MZ
+    #define CYASSL_PIC32MZ_CE
+    #define CYASSL_PIC32MZ_CRYPT
+    #define HAVE_AES_ENGINE
+    #define CYASSL_PIC32MZ_RNG
+    /* #define CYASSL_PIC32MZ_HASH */
+    #define CYASSL_AES_COUNTER
+    #define HAVE_AESGCM
+    #define NO_BIG_INT
+
+#endif
+
+#ifdef MICROCHIP_TCPIP_V5
+    /* include timer functions */
+    #include "TCPIP Stack/TCPIP.h"
+#endif
+
+#ifdef MICROCHIP_TCPIP
+    /* include timer, NTP functions */
+    #ifdef MICROCHIP_MPLAB_HARMONY
+        #include "tcpip/tcpip.h"
+    #else
+        #include "system/system_services.h"
+        #include "tcpip/sntp.h"
+    #endif
+#endif
+
+#ifdef MBED
+    #define CYASSL_USER_IO
+    #define NO_FILESYSTEM
+    #define NO_CERT
+    #define USE_CERT_BUFFERS_1024
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define HAVE_ECC
+    #define NO_SESSION_CACHE
+    #define CYASSL_CMSIS_RTOS
+#endif
+
+
+#ifdef CYASSL_EROAD
+    #define FREESCALE_MQX
+    #define FREESCALE_MMCAU
+    #define SINGLE_THREADED
+    #define NO_STDIO_FILESYSTEM
+    #define CYASSL_LEANPSK
+    #define HAVE_NULL_CIPHER
+    #define NO_OLD_TLS
+    #define NO_ASN
+    #define NO_BIG_INT
+    #define NO_RSA
+    #define NO_DSA
+    #define NO_DH
+    #define NO_CERTS
+    #define NO_PWDBASED
+    #define NO_DES3
+    #define NO_MD4
+    #define NO_RC4
+    #define NO_MD5
+    #define NO_SESSION_CACHE
+    #define NO_MAIN_DRIVER
+#endif
+
+#ifdef FREERTOS_WINSIM
+    #define FREERTOS
+    #define USE_WINDOWS_API
+#endif
+
+
+/* Micrium will use Visual Studio for compilation but not the Win32 API */
+#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \
+        && !defined(EBSNET) && !defined(CYASSL_EROAD)
+    #define USE_WINDOWS_API
+#endif
+
+
+#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER)
+    #include 
+    #define XMALLOC(s, h, type)  malloc((s))
+    #define XFREE(p, h, type)    free((p)) 
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL)
+    #undef  XMALLOC
+    #define XMALLOC     yaXMALLOC
+    #undef  XFREE
+    #define XFREE       yaXFREE
+    #undef  XREALLOC
+    #define XREALLOC    yaXREALLOC
+#endif
+
+
+#ifdef FREERTOS
+    #ifndef NO_WRITEV
+        #define NO_WRITEV
+    #endif
+    #ifndef NO_SHA512
+        #define NO_SHA512
+    #endif
+    #ifndef NO_DH
+        #define NO_DH
+    #endif
+    #ifndef NO_DSA
+        #define NO_DSA
+    #endif
+    #ifndef NO_HC128
+        #define NO_HC128
+    #endif
+
+    #ifndef SINGLE_THREADED
+        #include "FreeRTOS.h"
+        #include "semphr.h"
+    #endif
+#endif
+
+#ifdef EBSNET
+    #include "rtip.h"
+
+    /* #define DEBUG_CYASSL */
+    #define NO_CYASSL_DIR  /* tbd */
+
+    #if (POLLOS)
+        #define SINGLE_THREADED
+    #endif
+
+    #if (RTPLATFORM)
+        #if (!RTP_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #else
+        #if (!KS_LITTLE_ENDIAN)
+            #define BIG_ENDIAN_ORDER
+        #endif
+    #endif
+
+    #if (WINMSP3)
+        #undef SIZEOF_LONG
+        #define SIZEOF_LONG_LONG 8
+    #else
+        #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG
+    #endif
+
+    #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC))
+    #define XFREE(p, h, type) (rtp_free(p))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+
+#endif /* EBSNET */
+
+#ifdef CYASSL_GAME_BUILD
+    #define SIZEOF_LONG_LONG 8
+    #if defined(__PPU) || defined(__XENON)
+        #define BIG_ENDIAN_ORDER
+    #endif
+#endif
+
+#ifdef CYASSL_LSR
+    #define HAVE_WEBSERVER
+    #define SIZEOF_LONG_LONG 8
+    #define CYASSL_LOW_MEMORY
+    #define NO_WRITEV
+    #define NO_SHA512
+    #define NO_DH
+    #define NO_DSA
+    #define NO_HC128
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #ifndef NO_FILESYSTEM
+        #define LSR_FS
+        #include "inc/hw_types.h"
+        #include "fs.h"
+    #endif
+    #define CYASSL_LWIP
+    #include   /* for tcp errno */
+    #define CYASSL_SAFERTOS
+    #if defined(__IAR_SYSTEMS_ICC__)
+        /* enum uses enum */
+        #pragma diag_suppress=Pa089
+    #endif
+#endif
+
+#ifdef CYASSL_SAFERTOS
+    #ifndef SINGLE_THREADED
+        #include "SafeRTOS/semphr.h"
+    #endif
+
+    #include "SafeRTOS/heap.h"
+    #define XMALLOC(s, h, type)  pvPortMalloc((s))
+    #define XFREE(p, h, type)    vPortFree((p)) 
+    #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n))
+#endif
+
+#ifdef CYASSL_LOW_MEMORY
+    #undef  RSA_LOW_MEM
+    #define RSA_LOW_MEM
+    #undef  CYASSL_SMALL_STACK
+    #define CYASSL_SMALL_STACK
+    #undef  TFM_TIMING_RESISTANT
+    #define TFM_TIMING_RESISTANT
+#endif
+
+#ifdef FREESCALE_MQX
+    #define SIZEOF_LONG_LONG 8
+    #define NO_WRITEV
+    #define NO_DEV_RANDOM
+    #define NO_RABBIT
+    #define NO_CYASSL_DIR
+    #define USE_FAST_MATH
+    #define TFM_TIMING_RESISTANT
+    #define FREESCALE_K70_RNGA
+    /* #define FREESCALE_K53_RNGB */
+    #include "mqx.h"
+    #ifndef NO_FILESYSTEM
+        #include "mfs.h"
+        #include "fio.h"
+    #endif
+    #ifndef SINGLE_THREADED
+        #include "mutex.h"
+    #endif
+
+    #define XMALLOC(s, h, t)    (void *)_mem_alloc_system((s))
+    #define XFREE(p, h, t)      {void* xp = (p); if ((xp)) _mem_free((xp));}
+    /* Note: MQX has no realloc, using fastmath above */
+#endif
+
+#ifdef CYASSL_STM32F2
+    #define SIZEOF_LONG_LONG 8
+    #define NO_DEV_RANDOM
+    #define NO_CYASSL_DIR
+    #define NO_RABBIT
+    #define STM32F2_RNG
+    #define STM32F2_CRYPTO
+    #define KEIL_INTRINSICS
+#endif
+
+#ifdef MICRIUM
+
+    #include "stdlib.h"
+    #include "net_cfg.h"
+    #include "ssl_cfg.h"
+    #include "net_secure_os.h"
+
+    #define CYASSL_TYPES
+
+    typedef CPU_INT08U byte;
+    typedef CPU_INT16U word16;
+    typedef CPU_INT32U word32;
+
+    #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32)
+        #define SIZEOF_LONG        4
+        #undef  SIZEOF_LONG_LONG
+    #else
+        #undef  SIZEOF_LONG
+        #define SIZEOF_LONG_LONG   8
+    #endif
+
+    #define STRING_USER
+
+    #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr)))
+    #define XSTRNCPY(pstr_dest, pstr_src, len_max) \
+                    ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \
+                     (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max)))
+    #define XSTRNCMP(pstr_1, pstr_2, len_max) \
+                    ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \
+                     (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max)))  
+    #define XSTRSTR(pstr, pstr_srch) \
+                    ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \
+                     (CPU_CHAR *)(pstr_srch)))
+    #define XMEMSET(pmem, data_val, size) \
+                    ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \
+                    (CPU_SIZE_T)(size)))
+    #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \
+                     (void *)(psrc), (CPU_SIZE_T)(size)))
+    #define XMEMCMP(pmem_1, pmem_2, size) \
+                   (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \
+                     (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES)
+    #define XMEMMOVE XMEMCPY
+
+#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED)
+    #define MICRIUM_MALLOC    
+    #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \
+                                 (CPU_SIZE_T)(s), (void *)0))
+    #define XFREE(p, h, type)   (NetSecure_BlkFree((CPU_INT08U)(type), \
+                                 (p), (void *)0))
+    #define XREALLOC(p, n, h, t) realloc((p), (n))
+#endif
+
+    #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED)
+        #undef  NO_FILESYSTEM
+    #else
+        #define NO_FILESYSTEM
+    #endif
+
+    #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG)
+        #define DEBUG_CYASSL
+    #else
+        #undef  DEBUG_CYASSL
+    #endif
+
+    #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED)
+        #define OPENSSL_EXTRA
+    #else
+        #undef  OPENSSL_EXTRA
+    #endif
+
+    #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED)
+        #undef  SINGLE_THREADED
+    #else
+        #define SINGLE_THREADED
+    #endif
+
+    #if (SSL_CFG_DH_EN == DEF_ENABLED)
+        #undef  NO_DH
+    #else
+        #define NO_DH
+    #endif
+
+    #if (SSL_CFG_DSA_EN == DEF_ENABLED)
+        #undef  NO_DSA
+    #else
+        #define NO_DSA
+    #endif
+
+    #if (SSL_CFG_PSK_EN == DEF_ENABLED)
+        #undef  NO_PSK
+    #else
+        #define NO_PSK
+    #endif
+
+    #if (SSL_CFG_3DES_EN == DEF_ENABLED)
+        #undef  NO_DES
+    #else
+        #define NO_DES
+    #endif
+
+    #if (SSL_CFG_AES_EN == DEF_ENABLED)
+        #undef  NO_AES
+    #else
+        #define NO_AES
+    #endif
+
+    #if (SSL_CFG_RC4_EN == DEF_ENABLED)
+        #undef  NO_RC4
+    #else
+        #define NO_RC4
+    #endif
+
+    #if (SSL_CFG_RABBIT_EN == DEF_ENABLED)
+        #undef  NO_RABBIT
+    #else
+        #define NO_RABBIT
+    #endif
+
+    #if (SSL_CFG_HC128_EN == DEF_ENABLED)
+        #undef  NO_HC128
+    #else
+        #define NO_HC128
+    #endif
+
+    #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG)
+        #define BIG_ENDIAN_ORDER
+    #else
+        #undef  BIG_ENDIAN_ORDER
+        #define LITTLE_ENDIAN_ORDER
+    #endif
+
+    #if (SSL_CFG_MD4_EN == DEF_ENABLED)
+        #undef  NO_MD4
+    #else
+        #define NO_MD4
+    #endif
+
+    #if (SSL_CFG_WRITEV_EN == DEF_ENABLED)
+        #undef  NO_WRITEV
+    #else
+        #define NO_WRITEV
+    #endif
+
+    #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED)
+        #define NO_DEV_RANDOM   
+    #else
+        #undef  NO_DEV_RANDOM
+    #endif
+
+    #if (SSL_CFG_USER_IO_EN == DEF_ENABLED)
+        #define CYASSL_USER_IO   
+    #else
+        #undef  CYASSL_USER_IO
+    #endif
+
+    #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED)
+        #undef  LARGE_STATIC_BUFFERS
+        #undef  STATIC_CHUNKS_ONLY
+    #else
+        #define LARGE_STATIC_BUFFERS
+        #define STATIC_CHUNKS_ONLY
+    #endif
+
+    #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED)
+        #define  CYASSL_DER_LOAD
+    #else
+        #undef   CYASSL_DER_LOAD
+    #endif
+
+    #if (SSL_CFG_DTLS_EN == DEF_ENABLED)
+        #define  CYASSL_DTLS
+    #else
+        #undef   CYASSL_DTLS
+    #endif
+
+    #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED)
+         #define CYASSL_CALLBACKS
+    #else
+         #undef  CYASSL_CALLBACKS
+    #endif
+
+    #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED)
+         #define USE_FAST_MATH
+    #else
+         #undef  USE_FAST_MATH
+    #endif
+
+    #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED)
+         #define TFM_TIMING_RESISTANT
+    #else
+         #undef  TFM_TIMING_RESISTANT
+    #endif
+
+#endif /* MICRIUM */
+
+
+#ifdef CYASSL_QL
+    #ifndef CYASSL_SEP
+        #define CYASSL_SEP
+    #endif
+    #ifndef OPENSSL_EXTRA
+        #define OPENSSL_EXTRA
+    #endif
+    #ifndef SESSION_CERTS
+        #define SESSION_CERTS
+    #endif
+    #ifndef HAVE_AESCCM
+        #define HAVE_AESCCM
+    #endif
+    #ifndef ATOMIC_USER
+        #define ATOMIC_USER
+    #endif
+    #ifndef CYASSL_DER_LOAD
+        #define CYASSL_DER_LOAD
+    #endif
+    #ifndef KEEP_PEER_CERT
+        #define KEEP_PEER_CERT
+    #endif
+    #ifndef HAVE_ECC
+        #define HAVE_ECC
+    #endif
+    #ifndef SESSION_INDEX
+        #define SESSION_INDEX
+    #endif
+#endif /* CYASSL_QL */
+
+
+#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \
+    !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY)
+    #define USE_CYASSL_MEMORY
+#endif
+
+
+#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS)
+    #undef  KEEP_PEER_CERT
+    #define KEEP_PEER_CERT
+#endif
+
+
+/* stream ciphers except arc4 need 32bit alignment, intel ok without */
+#ifndef XSTREAM_ALIGNMENT
+    #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__)
+        #define NO_XSTREAM_ALIGNMENT
+    #else
+        #define XSTREAM_ALIGNMENT
+    #endif
+#endif
+
+
+/* if using hardware crypto and have alignment requirements, specify the
+   requirement here.  The record header of SSL/TLS will prvent easy alignment.
+   This hint tries to help as much as possible.  */
+#ifndef CYASSL_GENERAL_ALIGNMENT
+    #ifdef CYASSL_AESNI
+        #define CYASSL_GENERAL_ALIGNMENT 16
+    #elif defined(XSTREAM_ALIGNMENT)
+        #define CYASSL_GENERAL_ALIGNMENT  4
+    #else 
+        #define CYASSL_GENERAL_ALIGNMENT  0 
+    #endif
+#endif
+
+#ifdef HAVE_CRL
+    /* not widely supported yet */
+    #undef NO_SKID
+    #define NO_SKID
+#endif
+
+/* Place any other flags or defines here */
+
+
+#ifdef __cplusplus
+    }   /* extern "C" */
+#endif
+
+
+#endif /* CTAO_CRYPT_SETTINGS_H */
+
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
new file mode 100644
index 000000000..2ac3a7211
--- /dev/null
+++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/SimpleClient.uvoptx
@@ -0,0 +1,1497 @@
+
+
+
+  1.0
+
+  
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + SimpleClient + 0x4 + ARM-ADS + + 120000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + DLGUARM + + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + + + + + + 1 + 8 + 0x20000408 + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + Source + 1 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 43 + 0 + 18 + 73 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 3 + 0 + 0 + 0 + 0 + .\client.c + client.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 3 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\config-SimpleClient.h + config-SimpleClient.h + 0 + 0 + + + 2 + 4 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 0 + 0 + + + 2 + 5 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 6 + 5 + 0 + 0 + 33 + 0 + 0 + 0 + 0 + .\RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 0 + 0 + + + + + Documentation + 1 + 0 + 0 + 0 + + 3 + 7 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + Devices + 1 + 0 + 0 + 0 + + 4 + 8 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + 4 + 9 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-CortexM3-4.c + time-CortexM3-4.c + 0 + 0 + + + + + ::CMSIS + 1 + 0 + 0 + 1 + + 5 + 10 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 5 + 11 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 0 + 0 + 0 + 1 + + 6 + 12 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 6 + 13 + 2 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 6 + 14 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 6 + 15 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 6 + 16 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 7 + 17 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + PHY_ST802RT1.c + 1 + 0 + + + 7 + 18 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + EMAC_STM32F2xx.c + 1 + 0 + + + 7 + 19 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 8 + 20 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 8 + 21 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 8 + 22 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::Network + 0 + 0 + 0 + 1 + + 9 + 23 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config.c + Net_Config.c + 1 + 0 + + + 9 + 24 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_BSD.h + Net_Config_BSD.h + 1 + 0 + + + 9 + 25 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_DNS_Client.h + Net_Config_DNS_Client.h + 1 + 0 + + + 9 + 26 + 5 + 0 + 0 + 33 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 1 + 0 + + + 9 + 27 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_TCP.h + Net_Config_TCP.h + 1 + 0 + + + 9 + 28 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_UDP.h + Net_Config_UDP.h + 1 + 0 + + + 9 + 29 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Debug.c + Net_Debug.c + 1 + 0 + + + 9 + 30 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + Net_Dbg_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 1 + 0 + 0 + 1 + + 10 + 31 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 10 + 32 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 1 + 0 + + + 10 + 33 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 10 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + 10 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 10 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 10 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 10 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 10 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 10 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 10 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 10 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 10 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 10 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 10 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 10 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 10 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 10 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 10 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 10 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 10 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 10 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 10 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 10 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 10 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 10 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 10 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 10 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + 10 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 10 + 60 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 10 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 10 + 62 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 10 + 63 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 10 + 64 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 10 + 65 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 10 + 66 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 10 + 67 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 10 + 68 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + crl.c + 1 + 0 + + + 10 + 69 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + internal.c + 1 + 0 + + + 10 + 70 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + io.c + 1 + 0 + + + 10 + 71 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + keys.c + 1 + 0 + + + 10 + 72 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + ocsp.c + 1 + 0 + + + 10 + 73 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + sniffer.c + 1 + 0 + + + 10 + 74 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + ssl.c + 1 + 0 + + + 10 + 75 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + tls.c + 1 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/client.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/client.c new file mode 100644 index 000000000..113bed9f6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/client.c @@ -0,0 +1,854 @@ +/* client.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include + +#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER) + /* in case memory tracker wants stats */ + #define CYASSL_TRACK_MEMORY +#endif + +#include + +#include + +#include "examples/client/client.h" + + +#ifdef CYASSL_CALLBACKS + int handShakeCB(HandShakeInfo*); + int timeoutCB(TimeoutInfo*); + Timeval timeout; +#endif + + +static void NonBlockingSSL_Connect(CYASSL* ssl) +{ +#ifndef CYASSL_CALLBACKS + int ret = CyaSSL_connect(ssl); +#else + int ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout); +#endif + int error = CyaSSL_get_error(ssl, 0); + SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl); + int select_ret; + + while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || + error == SSL_ERROR_WANT_WRITE)) { + int currTimeout = 1; + + if (error == SSL_ERROR_WANT_READ) + printf("... client would read block\n"); + else + printf("... client would write block\n"); + +#ifdef CYASSL_DTLS + currTimeout = CyaSSL_dtls_get_current_timeout(ssl); +#endif + select_ret = tcp_select(sockfd, currTimeout); + + if ((select_ret == TEST_RECV_READY) || + (select_ret == TEST_ERROR_READY)) { + #ifndef CYASSL_CALLBACKS + ret = CyaSSL_connect(ssl); + #else + ret = CyaSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout); + #endif + error = CyaSSL_get_error(ssl, 0); + } + else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) { + error = SSL_ERROR_WANT_READ; + } +#ifdef CYASSL_DTLS + else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) && + CyaSSL_dtls_got_timeout(ssl) >= 0) { + error = SSL_ERROR_WANT_READ; + } +#endif + else { + error = SSL_FATAL_ERROR; + } + } + if (ret != SSL_SUCCESS) + err_sys("SSL_connect failed"); +} + + +static void Usage(void) +{ + printf("client " LIBCYASSL_VERSION_STRING + " NOTE: All files relative to CyaSSL home dir\n"); + printf("-? Help, print this usage\n"); + printf("-h Host to connect to, default %s\n", yasslIP); + printf("-p Port to connect on, not 0, default %d\n", yasslPort); + printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", + CLIENT_DEFAULT_VERSION); + printf("-l Cipher list\n"); + printf("-c Certificate file, default %s\n", cliCert); + printf("-k Key file, default %s\n", cliKey); + printf("-A Certificate Authority file, default %s\n", caCert); + printf("-b Benchmark connections and print stats\n"); + printf("-s Use pre Shared keys\n"); + printf("-t Track CyaSSL memory use\n"); + printf("-d Disable peer checks\n"); + printf("-g Send server HTTP GET\n"); + printf("-u Use UDP DTLS," + " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); + printf("-m Match domain name in cert\n"); + printf("-N Use Non-blocking sockets\n"); + printf("-r Resume session\n"); + printf("-f Fewer packets/group messages\n"); + printf("-x Disable client cert/key loading\n"); +#ifdef SHOW_SIZES + printf("-z Print structure sizes\n"); +#endif +#ifdef HAVE_SNI + printf("-S Use Host Name Indication\n"); +#endif +#ifdef HAVE_MAX_FRAGMENT + printf("-L Use Maximum Fragment Length [1-5]\n"); +#endif +#ifdef HAVE_TRUNCATED_HMAC + printf("-T Use Truncated HMAC\n"); +#endif +#ifdef HAVE_OCSP + printf("-o Perform OCSP lookup on peer certificate\n"); + printf("-O Perform OCSP lookup using as responder\n"); +#endif +#ifdef ATOMIC_USER + printf("-U Atomic User Record Layer Callbacks\n"); +#endif +#ifdef HAVE_PK_CALLBACKS + printf("-P Public Key Callbacks\n"); +#endif +} + +THREAD_RETURN CYASSL_THREAD client_test(void* args) +{ + SOCKET_T sockfd = 0; + + CYASSL_METHOD* method = 0; + CYASSL_CTX* ctx = 0; + CYASSL* ssl = 0; + + CYASSL* sslResume = 0; + CYASSL_SESSION* session = 0; + char resumeMsg[] = "resuming cyassl!"; + int resumeSz = sizeof(resumeMsg); + + char msg[32] = "hello cyassl!"; /* GET may make bigger */ + char reply[80]; + int input; + int msgSz = (int)strlen(msg); + + word16 port = yasslPort; + char* host = (char*)yasslIP; + char* domain = (char*)"www.yassl.com"; + + int ch; + int version = CLIENT_INVALID_VERSION; + int usePsk = 0; + int sendGET = 0; + int benchmark = 0; + int doDTLS = 0; + int matchName = 0; + int doPeerCheck = 1; + int nonBlocking = 0; + int resumeSession = 0; + int trackMemory = 0; + int useClientCert = 1; + int fewerPackets = 0; + int atomicUser = 0; + int pkCallbacks = 0; + char* cipherList = NULL; + char* verifyCert = (char*)caCert; + char* ourCert = (char*)cliCert; + char* ourKey = (char*)cliKey; + +#ifdef HAVE_SNI + char* sniHostName = NULL; +#endif +#ifdef HAVE_MAX_FRAGMENT + byte maxFragment = 0; +#endif +#ifdef HAVE_TRUNCATED_HMAC + byte truncatedHMAC = 0; +#endif + + +#ifdef HAVE_OCSP + int useOcsp = 0; + char* ocspUrl = NULL; +#endif + + int argc = ((func_args*)args)->argc; + char** argv = ((func_args*)args)->argv; + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifdef NO_RSA + verifyCert = (char*)eccCert; + ourCert = (char*)cliEccCert; + ourKey = (char*)cliEccKey; +#endif + (void)resumeSz; + (void)session; + (void)sslResume; + (void)trackMemory; + (void)atomicUser; + (void)pkCallbacks; + + StackTrap(); + + while ((ch = mygetopt(argc, argv, + "?gdusmNrtfxUPh:p:v:l:A:c:k:b:zS:L:ToO:")) != -1) { + switch (ch) { + case '?' : + Usage(); + exit(EXIT_SUCCESS); + + case 'g' : + sendGET = 1; + break; + + case 'd' : + doPeerCheck = 0; + break; + + case 'u' : + doDTLS = 1; + break; + + case 's' : + usePsk = 1; + break; + + case 't' : + #ifdef USE_CYASSL_MEMORY + trackMemory = 1; + #endif + break; + + case 'm' : + matchName = 1; + break; + + case 'x' : + useClientCert = 0; + break; + + case 'f' : + fewerPackets = 1; + break; + + case 'U' : + #ifdef ATOMIC_USER + atomicUser = 1; + #endif + break; + + case 'P' : + #ifdef HAVE_PK_CALLBACKS + pkCallbacks = 1; + #endif + break; + + case 'h' : + host = myoptarg; + domain = myoptarg; + break; + + case 'p' : + port = (word16)atoi(myoptarg); + #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API) + if (port == 0) + err_sys("port number cannot be 0"); + #endif + break; + + case 'v' : + version = atoi(myoptarg); + if (version < 0 || version > 3) { + Usage(); + exit(MY_EX_USAGE); + } + break; + + case 'l' : + cipherList = myoptarg; + break; + + case 'A' : + verifyCert = myoptarg; + break; + + case 'c' : + ourCert = myoptarg; + break; + + case 'k' : + ourKey = myoptarg; + break; + + case 'b' : + benchmark = atoi(myoptarg); + if (benchmark < 0 || benchmark > 1000000) { + Usage(); + exit(MY_EX_USAGE); + } + break; + + case 'N' : + nonBlocking = 1; + break; + + case 'r' : + resumeSession = 1; + break; + + case 'z' : + #ifndef CYASSL_LEANPSK + CyaSSL_GetObjectSize(); + #endif + break; + + case 'S' : + #ifdef HAVE_SNI + sniHostName = myoptarg; + #endif + break; + + case 'L' : + #ifdef HAVE_MAX_FRAGMENT + maxFragment = atoi(myoptarg); + if (maxFragment < CYASSL_MFL_2_9 || + maxFragment > CYASSL_MFL_2_13) { + Usage(); + exit(MY_EX_USAGE); + } + #endif + break; + + case 'T' : + #ifdef HAVE_TRUNCATED_HMAC + truncatedHMAC = 1; + #endif + break; + + case 'o' : + #ifdef HAVE_OCSP + useOcsp = 1; + #endif + break; + + case 'O' : + #ifdef HAVE_OCSP + useOcsp = 1; + ocspUrl = myoptarg; + #endif + break; + + default: + Usage(); + exit(MY_EX_USAGE); + } + } + + myoptind = 0; /* reset for test cases */ + + /* sort out DTLS versus TLS versions */ + if (version == CLIENT_INVALID_VERSION) { + if (doDTLS) + version = CLIENT_DTLS_DEFAULT_VERSION; + else + version = CLIENT_DEFAULT_VERSION; + } + else { + if (doDTLS) { + if (version == 3) + version = -2; + else + version = -1; + } + } + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + InitMemoryTracker(); +#endif + + switch (version) { +#ifndef NO_OLD_TLS + case 0: + method = CyaSSLv3_client_method(); + break; + + + #ifndef NO_TLS + case 1: + method = CyaTLSv1_client_method(); + break; + + case 2: + method = CyaTLSv1_1_client_method(); + break; + #endif /* NO_TLS */ + +#endif /* NO_OLD_TLS */ + +#ifndef NO_TLS + case 3: + method = CyaTLSv1_2_client_method(); + break; +#endif + +#ifdef CYASSL_DTLS + case -1: + method = CyaDTLSv1_client_method(); + break; + + case -2: + method = CyaDTLSv1_2_client_method(); + break; +#endif + + default: + err_sys("Bad SSL version"); + break; + } + + if (method == NULL) + err_sys("unable to get method"); + + ctx = CyaSSL_CTX_new(method); + if (ctx == NULL) + err_sys("unable to get ctx"); + + if (cipherList) + if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) + err_sys("client can't set cipher list 1"); + +#ifdef CYASSL_LEANPSK + usePsk = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + usePsk = 1; +#endif + + if (fewerPackets) + CyaSSL_CTX_set_group_messages(ctx); + + if (usePsk) { +#ifndef NO_PSK + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + if (cipherList == NULL) { + const char *defaultCipherList; + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("client can't set cipher list 2"); + } +#endif + useClientCert = 0; + } + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + if (cipherList == NULL) { + /* don't use EDH, can't sniff tmp keys */ + if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) { + err_sys("client can't set cipher list 3"); + } + } +#endif + +#ifdef HAVE_OCSP + if (useOcsp) { + if (ocspUrl != NULL) { + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); + } + else + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); + } +#endif + +#ifdef USER_CA_CB + CyaSSL_CTX_SetCACb(ctx, CaCb); +#endif + +#ifdef VERIFY_CALLBACK + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify); +#endif +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + if (useClientCert){ + if (CyaSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS) + err_sys("can't load client cert file, check file and run from" + " CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load client private key file, check file and run " + "from CyaSSL home dir"); + } + + if (!usePsk) { + if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + } +#endif +#if !defined(NO_CERTS) + if (!usePsk && doPeerCheck == 0) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); +#endif + +#ifdef HAVE_CAVIUM + CyaSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID); +#endif + +#ifdef HAVE_SNI + if (sniHostName) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) + err_sys("UseSNI failed"); +#endif +#ifdef HAVE_MAX_FRAGMENT + if (maxFragment) + if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS) + err_sys("UseMaxFragment failed"); +#endif +#ifdef HAVE_TRUNCATED_HMAC + if (truncatedHMAC) + if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS) + err_sys("UseTruncatedHMAC failed"); +#endif + + if (benchmark) { + /* time passed in number of connects give average */ + int times = benchmark; + int i = 0; + + double start = current_time(), avg; + + for (i = 0; i < times; i++) { + tcp_connect(&sockfd, host, port, doDTLS); + + ssl = CyaSSL_new(ctx); + CyaSSL_set_fd(ssl, sockfd); + if (CyaSSL_connect(ssl) != SSL_SUCCESS) + err_sys("SSL_connect failed"); + + CyaSSL_shutdown(ssl); + CyaSSL_free(ssl); + CloseSocket(sockfd); + } + avg = current_time() - start; + avg /= times; + avg *= 1000; /* milliseconds */ + printf("CyaSSL_connect avg took: %8.3f milliseconds\n", avg); + + CyaSSL_CTX_free(ctx); + ((func_args*)args)->return_code = 0; + + exit(EXIT_SUCCESS); + } + + #if defined(CYASSL_MDK_ARM) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + #endif + + ssl = CyaSSL_new(ctx); + if (ssl == NULL) + err_sys("unable to get SSL object"); + if (doDTLS) { + SOCKADDR_IN_T addr; + build_addr(&addr, host, port, 1); + CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, host, port, 0); + } + CyaSSL_set_fd(ssl, sockfd); +#ifdef HAVE_CRL + if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS) + err_sys("can't enable crl check"); + if (CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, 0) != SSL_SUCCESS) + err_sys("can't load crl, check crlfile and date validity"); + if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS) + err_sys("can't set crl callback"); +#endif +#ifdef ATOMIC_USER + if (atomicUser) + SetupAtomicUser(ctx, ssl); +#endif +#ifdef HAVE_PK_CALLBACKS + if (pkCallbacks) + SetupPkCallbacks(ctx, ssl); +#endif + if (matchName && doPeerCheck) + CyaSSL_check_domain_name(ssl, domain); +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(ssl, 1); + tcp_set_nonblocking(&sockfd); + NonBlockingSSL_Connect(ssl); + } + else if (CyaSSL_connect(ssl) != SSL_SUCCESS) { + /* see note at top of README */ + int err = CyaSSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("err = %d, %s\n", err, + CyaSSL_ERR_error_string(err, buffer)); + err_sys("SSL_connect failed"); + /* if you're getting an error here */ + } +#else + timeout.tv_sec = 2; + timeout.tv_usec = 0; + NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ +#endif + showPeer(ssl); + + if (sendGET) { + printf("SSL connect ok, sending GET...\n"); + msgSz = 28; + strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz); + msg[msgSz] = '\0'; + } + if (CyaSSL_write(ssl, msg, msgSz) != msgSz) + err_sys("SSL_write failed"); + + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("Server response: %s\n", reply); + + if (sendGET) { /* get html */ + while (1) { + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("%s\n", reply); + } + else + break; + } + } + } + else if (input < 0) { + int readErr = CyaSSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) + err_sys("CyaSSL_read failed"); + } + +#ifndef NO_SESSION_CACHE + if (resumeSession) { + if (doDTLS) { + strncpy(msg, "break", 6); + msgSz = (int)strlen(msg); + /* try to send session close */ + CyaSSL_write(ssl, msg, msgSz); + } + session = CyaSSL_get_session(ssl); + sslResume = CyaSSL_new(ctx); + } +#endif + + if (doDTLS == 0) /* don't send alert after "break" command */ + CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */ +#ifdef ATOMIC_USER + if (atomicUser) + FreeAtomicUser(ssl); +#endif + CyaSSL_free(ssl); + CloseSocket(sockfd); + +#ifndef NO_SESSION_CACHE + if (resumeSession) { + if (doDTLS) { + SOCKADDR_IN_T addr; + #ifdef USE_WINDOWS_API + Sleep(500); + #else + sleep(1); + #endif + build_addr(&addr, host, port, 1); + CyaSSL_dtls_set_peer(sslResume, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, host, port, 0); + } + CyaSSL_set_fd(sslResume, sockfd); + CyaSSL_set_session(sslResume, session); + + showPeer(sslResume); +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(sslResume, 1); + tcp_set_nonblocking(&sockfd); + NonBlockingSSL_Connect(sslResume); + } + else if (CyaSSL_connect(sslResume) != SSL_SUCCESS) + err_sys("SSL resume failed"); +#else + timeout.tv_sec = 2; + timeout.tv_usec = 0; + NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ +#endif + + if (CyaSSL_session_reused(sslResume)) + printf("reused session id\n"); + else + printf("didn't reuse session id!!!\n"); + + if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz) + err_sys("SSL_write failed"); + + if (nonBlocking) { + /* give server a chance to bounce a message back to client */ + #ifdef USE_WINDOWS_API + Sleep(500); + #else + sleep(1); + #endif + } + + input = CyaSSL_read(sslResume, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("Server resume response: %s\n", reply); + } + + /* try to send session break */ + CyaSSL_write(sslResume, msg, msgSz); + + CyaSSL_shutdown(sslResume); + CyaSSL_free(sslResume); + CloseSocket(sockfd); + } +#endif /* NO_SESSION_CACHE */ + + CyaSSL_CTX_free(ctx); + + ((func_args*)args)->return_code = 0; + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + ShowMemoryTracker(); +#endif /* USE_CYASSL_MEMORY */ + + return 0; +} + + +/* so overall tests can pull in test function */ +#ifndef NO_MAIN_DRIVER + + int main(int argc, char** argv) + { + func_args args; + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + + StartTCP(); + + args.argc = argc; + args.argv = argv; + + CyaSSL_Init(); +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP) + CyaSSL_Debugging_ON(); +#endif + if (CurrentDir("client")) + ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); + +#ifdef HAVE_STACK_SIZE + StackSizeCheck(&args, client_test); +#else + client_test(&args); +#endif + CyaSSL_Cleanup(); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + return args.return_code; + } + + int myoptind = 0; + char* myoptarg = NULL; + +#endif /* NO_MAIN_DRIVER */ + + + +#ifdef CYASSL_CALLBACKS + + int handShakeCB(HandShakeInfo* info) + { + (void)info; + return 0; + } + + + int timeoutCB(TimeoutInfo* info) + { + (void)info; + return 0; + } + +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h new file mode 100644 index 000000000..83582ca71 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/config-SimpleClient.h @@ -0,0 +1,70 @@ +/* config-RTX-TCP-FS.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + +/**** CyaSSL for KEIL-RL Configuration ****/ + +#define __CORTEX_M3__ +#define CYASSL_MDK_ARM +#define NO_WRITEV +#define NO_CYASSL_DIR +#define NO_MAIN_DRIVER + + +#define CYASSL_DER_LOAD +#define HAVE_NULL_CIPHER + +#define HAVE_KEIL_RTX +#define CYASSL_CMSIS_RTOS +#define CYASSL_KEIL_TCP_NET + + +// <<< Use Configuration Wizard in Context Menu >>> +// Build Target: Simple Client +// Callee IP Address +// Default: "192.168.1.100" +#define CYASSL_CALLEE_IP "192.168.11.3" +// Callee Port Number +// Default: "443" +#define CYASSL_CALLEE_PORT "443" +// HTTP GET Option <0=> HTTP Get <1=> SSL/TLS Message +#define MDK_CONF_HTTP_GET 0 +#if MDK_CONF_HTTP_GET == 0 + #define CYASSL_HTTP_GET "-g" + #define CYASSL_HTTP_GET_COUNT 1 +#elif MDK_CONF_HTTP_GET == 1 + #define CYASSL_HTTP_GET "" + #define CYASSL_HTTP_GET_COUNT 0 +#endif +// SSL/TLS Version <0=> SSL3 <1=> TLS 1.0 <2=> TLS 1.1 <3=> TLS 1.2 +#define MDK_CONF_SSL_VERSION 3 +#if MDK_CONF_SSL_VERSION == 0 + #define CYASSL_SSL_VER "0" +#elif MDK_CONF_SSL_VERSION == 1 + #define CYASSL_SSL_VER "1" +#elif MDK_CONF_SSL_VERSION == 2 + #define CYASSL_SSL_VER "2" +#elif MDK_CONF_SSL_VERSION == 3 + #define CYASSL_SSL_VER "3" +#endif + +// +// <<< end of configuration section >>> diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/main.c new file mode 100644 index 000000000..90447bae8 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/main.c @@ -0,0 +1,113 @@ +/* main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include "cmsis_os.h" +#include "rl_fs.h" +#include "rl_net.h" +#include +#include "cyassl_MDK_ARM.h" +#include + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +static void init_filesystem (void) { + int32_t retv; + + retv = finit ("M0:"); + if (retv == 0) { + retv = fmount ("M0:"); + if (retv == 0) { + printf ("Drive M0 ready!\n"); + } + else { + printf ("Drive M0 mount failed!\n"); + } + } else { + printf ("Drive M0 initialization failed!\n"); + } +} + +/*----------------------------------------------------------------------------- + * TCP/IP tasks + *----------------------------------------------------------------------------*/ +void tcp_poll (void const *arg) +{ + CYASSL_MSG("TCP polling started.\n") ; + while (1) { + net_main (); + osDelay(100) ; + } +} + +typedef struct func_args { + int argc; + char** argv; +} func_args; + +extern void client_test(func_args * args) ; + + osThreadDef (tcp_poll, osPriorityHigh , 1, 0) ; +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ +int myoptind = 0; +char* myoptarg = NULL; + +#include "config-SimpleClient.h" + +int main() +{ + static char *argv[] = + { "client", "-h", CYASSL_CALLEE_IP, "-p", CYASSL_CALLEE_PORT, + "-v", CYASSL_SSL_VER, CYASSL_HTTP_GET } ; + static func_args args = + { 7 + CYASSL_HTTP_GET_COUNT, argv } ; + + init_filesystem (); + net_initialize() ; + osThreadCreate (osThread (tcp_poll), NULL); + osDelay(50000) ; /* wait for DHCP */ + #if defined(DEBUG_CYASSL) + printf("Turning ON Debug message\n") ; + CyaSSL_Debugging_ON() ; + #endif + + if(args.argc == 7) + printf("Simple SSL/TLS, ") ; + else + printf("HTTP GET, ") ; + + printf("Callee IP: %s, Port: %s, Version:%s\n", argv[2], argv[4], argv[6]) ; + + while(1) { + client_test(&args) ; + printf("Enter any key to iterate.\n") ; + getchar() ; + } +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/simpleClient.uvprojx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/simpleClient.uvprojx new file mode 100644 index 000000000..4cc8e2149 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/simpleClient.uvprojx @@ -0,0 +1,1132 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + SimpleClient + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + SimpleClient + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_SimpleClient + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + main.c + 1 + .\main.c + + + client.c + 1 + .\client.c + + + + + Configuration + + + config-SimpleClient.h + 5 + .\config-SimpleClient.h + + + config-CyaSSL.h + 5 + .\RTE\wolfSSL\config-CyaSSL.h + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + Net_Config_ETH_0.h + 5 + .\RTE\Network\Net_Config_ETH_0.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + Devices + + + time-dummy.c + 1 + .\time-dummy.c + + + time-CortexM3-4.c + 1 + .\time-CortexM3-4.c + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + PHY_ST802RT1.c + 1 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + + + EMAC_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::Network + + + Net_Config.c + 1 + RTE\Network\Net_Config.c + + + Net_Config_BSD.h + 5 + RTE\Network\Net_Config_BSD.h + + + Net_Config_DNS_Client.h + 5 + RTE\Network\Net_Config_DNS_Client.h + + + Net_Config_ETH_0.h + 5 + RTE\Network\Net_Config_ETH_0.h + + + Net_Config_TCP.h + 5 + RTE\Network\Net_Config_TCP.h + + + Net_Config_UDP.h + 5 + RTE\Network\Net_Config_UDP.h + + + Net_Debug.c + 1 + RTE\Network\Net_Debug.c + + + Net_Dbg_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + config-CyaSSL.h + 5 + RTE\wolfSSL\config-CyaSSL.h + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + + + crl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + + + internal.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + + + io.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + + + keys.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + + + ocsp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + + + sniffer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + + + ssl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + + + tls.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + + + RTE\Network\Net_Debug.c + + + + + + + + RTE\Other\config-Crypt.h + + + + + + RTE\Other\config-CyaSSL.h + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config-CyaSSL.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-CortexM3-4.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-CortexM3-4.c new file mode 100644 index 000000000..46712b34c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-CortexM3-4.c @@ -0,0 +1,41 @@ +/* time-STM32F2.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + + +#include +#define DWT ((DWT_Type *) (0xE0001000UL) ) +typedef struct +{ + uint32_t CTRL; /*!< Offset: 0x000 (R/W) Control Register */ + uint32_t CYCCNT; /*!< Offset: 0x004 (R/W) Cycle Count Register */ +} DWT_Type; + +extern uint32_t SystemCoreClock ; + +double current_time(int reset) +{ + if(reset) DWT->CYCCNT = 0 ; + return ((double)DWT->CYCCNT/SystemCoreClock) ; +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-STM32F2xx.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-STM32F2xx.c new file mode 100644 index 000000000..3a26db7dc --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-STM32F2xx.c @@ -0,0 +1,82 @@ +/* time-STM32F2.c + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +#define PERIPH_BASE ((uint32_t)0x40000000) +/*----------------------------------------------------------------------------- + * initialize RTC + *----------------------------------------------------------------------------*/ +#include "stm32f2xx.h" + +#define assert_param(a) + +#if 0 +#define RTC_RSF_MASK ((uint32_t)0xFFFFFF5F) +#define SYNCHRO_TIMEOUT ((uint32_t) 0x00008000) +#define Bcd2ToByte(v) \ + ((((uint8_t)(v & (uint8_t)0xF0) >> (uint8_t)0x4) * 10) + (v & (uint8_t)0x0F)) +#define RTC_TR_RESERVED_MASK ((uint32_t)0x007F7F7F) +#define RTC_TR_MNT ((uint32_t)0x00007000) +#define RTC_TR_MNU ((uint32_t)0x00000F00) + +#define PWR_OFFSET (PWR_BASE - PERIPH_BASE) +#define CR_OFFSET (PWR_OFFSET + 0x00) +#define DBP_BitNumber 0x08 +#define CR_DBP_BB (PERIPH_BB_BASE + (CR_OFFSET * 32) + (DBP_BitNumber * 4)) +#define RTC_INIT_MASK ((uint32_t)0xFFFFFFFF) +#define INITMODE_TIMEOUT ((uint32_t) 0x00010000) +#endif + +/*----------------------------------------------------------------------------- + * initialize TIM + *----------------------------------------------------------------------------*/ +#define RCC_APB1Periph_TIM2 ((uint32_t)0x00000001) + +void init_time(void) +{ + uint16_t tmpcr1 = 0; + + ((uint32_t *)RCC)[0x10] |= RCC_APB1Periph_TIM2 ; + + tmpcr1 = TIM2->CR1 ; + tmpcr1 &= (uint16_t) (~(((uint16_t)0x0010) | ((uint16_t)0x0060) )); + /* CR1 &= ~(TIM_CR1_DIR | TIM_CR1_CMS) */ + tmpcr1 |= (uint16_t)0x0000 ; /* CR1 |= TIM_CounterMode_Up */ + TIM2->CR1= tmpcr1 ; + + TIM2->ARR = 0xffffffff ; /* ARR= TIM_Period */ + TIM2->PSC = 60 ; /* PSC = TIM_Prescaler */ + TIM2->EGR = ((uint16_t)0x0001) ; /* EGR = TIM_PSCReloadMode_Immediate */ + + *(uint16_t *)(PERIPH_BASE+0x0) |=((uint16_t)0x0001) ; + /* TIM_Cmd(TIM2, ENABLE) ; */ +} + +double current_time() +{ + return ((double)TIM2->CNT/1000000.0) ; +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-dummy.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-dummy.c new file mode 100644 index 000000000..2525eba38 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleClient/time-dummy.c @@ -0,0 +1,34 @@ +/* time-dummy.c.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + static struct tm date ; + return(&date) ; +} + +time_t time(time_t * t) { return 0 ; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/Abstract.txt b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/Abstract.txt new file mode 100644 index 000000000..89a9fd422 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/Abstract.txt @@ -0,0 +1,24 @@ +This program is a simple server example with CyaSSL/wolfCrypt library. + +In order to run this program, +Copy {PACK}\wolfSSL\CyaSSL\{version}\cyassl\certs folder and files to the SD memory. +Set the server IP address in Net_Config_ETH_0.h +The default server listning port is 11111, defined in test.h + +For further configuration, refer config-Crypt.h and config-CyaSSL.h. +config-SimpleServer.h is for configuring the server port number. + +When testing this server, it is recommended to test against one of the standard +CyaSSL example applications running on a desktop machine. The standard CyaSSL +example applications are located in the CyaSSL root directory under the +/examples directory. + +For the hardware crypt on config-Crypt.h, download +STSW-STM32062: STM32F2xx standard peripherals library at +http://www.st.com/. Copy Libraries\STM32F2xx_StdPeriph_Driver\{inc,src} to + {PACK}\cyassl\IDE\MDK5-ARM\STM32F2xx_StdPeriph_Lib + + +Support +------- +Please send questions or comments to support@wolfssl.com \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/settings.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/settings.h new file mode 100644 index 000000000..22dea06d0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/RTE/wolfSSL/settings.h @@ -0,0 +1,627 @@ +/* settings.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +/* Place OS specific preprocessor flags, defines, includes here, will be + included into every file because types.h includes it */ + + +#ifndef CTAO_CRYPT_SETTINGS_H +#define CTAO_CRYPT_SETTINGS_H + +#ifdef __cplusplus + extern "C" { +#endif + +/* Uncomment next line if using IPHONE */ +/* #define IPHONE */ + +/* Uncomment next line if using ThreadX */ +/* #define THREADX */ + +/* Uncomment next line if using Micrium ucOS */ +/* #define MICRIUM */ + +/* Uncomment next line if using Mbed */ +/* #define MBED */ + +/* Uncomment next line if using Microchip PIC32 ethernet starter kit */ +/* #define MICROCHIP_PIC32 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using FreeRTOS */ +/* #define FREERTOS */ + +/* Uncomment next line if using FreeRTOS Windows Simulator */ +/* #define FREERTOS_WINSIM */ + +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + +/* Uncomment next line if using lwip */ +/* #define CYASSL_LWIP */ + +/* Uncomment next line if building CyaSSL for a game console */ +/* #define CYASSL_GAME_BUILD */ + +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + + +#include + +#ifdef IPHONE + #define SIZEOF_LONG_LONG 8 +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + +#ifdef THREADX + #define SIZEOF_LONG_LONG 8 +#endif + +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#ifdef MICROCHIP_PIC32 + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #include "system/system_services.h" + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "tcpip/sntp.h" + #endif +#endif + +#ifdef MBED + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 +#endif /* MBED */ + +#ifdef CYASSL_TYTO + #include "rand.h" + #define FREERTOS + #define NO_FILESYSTEM + #define CYASSL_USER_IO + #define NO_DEV_RANDOM + #define HAVE_ECC + #define HAVE_ECC_ENCRYPT + #define ECC_SHAMIR + #define HAVE_HKDF + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FP_MAX_BITS 512 + #define NO_OLD_TLS + #define NO_MD4 + #define NO_RABBIT + #define NO_HC128 + #define NO_RSA + #define NO_DSA + #define NO_PWDBASED + #define NO_PSK +#endif + +#ifdef FREERTOS_WINSIM + #define FREERTOS + #define USE_WINDOWS_API +#endif + + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + +#ifdef FREERTOS + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif + + #ifndef SINGLE_THREADED + #include "FreeRTOS.h" + #include "semphr.h" + #endif +#endif + +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + +#ifdef CYASSL_GAME_BUILD + #define SIZEOF_LONG_LONG 8 + #if defined(__PPU) || defined(__XENON) + #define BIG_ENDIAN_ORDER + #endif +#endif + +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + +#ifdef MICRIUM + + #include "stdlib.h" + #include "net_cfg.h" + #include "ssl_cfg.h" + #include "net_secure_os.h" + + #define CYASSL_TYPES + + typedef CPU_INT08U byte; + typedef CPU_INT16U word16; + typedef CPU_INT32U word32; + + #if (NET_SECURE_MGR_CFG_WORD_SIZE == CPU_WORD_SIZE_32) + #define SIZEOF_LONG 4 + #undef SIZEOF_LONG_LONG + #else + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #endif + + #define STRING_USER + + #define XSTRLEN(pstr) ((CPU_SIZE_T)Str_Len((CPU_CHAR *)(pstr))) + #define XSTRNCPY(pstr_dest, pstr_src, len_max) \ + ((CPU_CHAR *)Str_Copy_N((CPU_CHAR *)(pstr_dest), \ + (CPU_CHAR *)(pstr_src), (CPU_SIZE_T)(len_max))) + #define XSTRNCMP(pstr_1, pstr_2, len_max) \ + ((CPU_INT16S)Str_Cmp_N((CPU_CHAR *)(pstr_1), \ + (CPU_CHAR *)(pstr_2), (CPU_SIZE_T)(len_max))) + #define XSTRSTR(pstr, pstr_srch) \ + ((CPU_CHAR *)Str_Str((CPU_CHAR *)(pstr), \ + (CPU_CHAR *)(pstr_srch))) + #define XMEMSET(pmem, data_val, size) \ + ((void)Mem_Set((void *)(pmem), (CPU_INT08U) (data_val), \ + (CPU_SIZE_T)(size))) + #define XMEMCPY(pdest, psrc, size) ((void)Mem_Copy((void *)(pdest), \ + (void *)(psrc), (CPU_SIZE_T)(size))) + #define XMEMCMP(pmem_1, pmem_2, size) \ + (((CPU_BOOLEAN)Mem_Cmp((void *)(pmem_1), (void *)(pmem_2), \ + (CPU_SIZE_T)(size))) ? DEF_NO : DEF_YES) + #define XMEMMOVE XMEMCPY + +#if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + #define MICRIUM_MALLOC + #define XMALLOC(s, h, type) ((void *)NetSecure_BlkGet((CPU_INT08U)(type), \ + (CPU_SIZE_T)(s), (void *)0)) + #define XFREE(p, h, type) (NetSecure_BlkFree((CPU_INT08U)(type), \ + (p), (void *)0)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + + #if (NET_SECURE_MGR_CFG_FS_EN == DEF_ENABLED) + #undef NO_FILESYSTEM + #else + #define NO_FILESYSTEM + #endif + + #if (SSL_CFG_TRACE_LEVEL == CYASSL_TRACE_LEVEL_DBG) + #define DEBUG_CYASSL + #else + #undef DEBUG_CYASSL + #endif + + #if (SSL_CFG_OPENSSL_EN == DEF_ENABLED) + #define OPENSSL_EXTRA + #else + #undef OPENSSL_EXTRA + #endif + + #if (SSL_CFG_MULTI_THREAD_EN == DEF_ENABLED) + #undef SINGLE_THREADED + #else + #define SINGLE_THREADED + #endif + + #if (SSL_CFG_DH_EN == DEF_ENABLED) + #undef NO_DH + #else + #define NO_DH + #endif + + #if (SSL_CFG_DSA_EN == DEF_ENABLED) + #undef NO_DSA + #else + #define NO_DSA + #endif + + #if (SSL_CFG_PSK_EN == DEF_ENABLED) + #undef NO_PSK + #else + #define NO_PSK + #endif + + #if (SSL_CFG_3DES_EN == DEF_ENABLED) + #undef NO_DES + #else + #define NO_DES + #endif + + #if (SSL_CFG_AES_EN == DEF_ENABLED) + #undef NO_AES + #else + #define NO_AES + #endif + + #if (SSL_CFG_RC4_EN == DEF_ENABLED) + #undef NO_RC4 + #else + #define NO_RC4 + #endif + + #if (SSL_CFG_RABBIT_EN == DEF_ENABLED) + #undef NO_RABBIT + #else + #define NO_RABBIT + #endif + + #if (SSL_CFG_HC128_EN == DEF_ENABLED) + #undef NO_HC128 + #else + #define NO_HC128 + #endif + + #if (CPU_CFG_ENDIAN_TYPE == CPU_ENDIAN_TYPE_BIG) + #define BIG_ENDIAN_ORDER + #else + #undef BIG_ENDIAN_ORDER + #define LITTLE_ENDIAN_ORDER + #endif + + #if (SSL_CFG_MD4_EN == DEF_ENABLED) + #undef NO_MD4 + #else + #define NO_MD4 + #endif + + #if (SSL_CFG_WRITEV_EN == DEF_ENABLED) + #undef NO_WRITEV + #else + #define NO_WRITEV + #endif + + #if (SSL_CFG_USER_RNG_SEED_EN == DEF_ENABLED) + #define NO_DEV_RANDOM + #else + #undef NO_DEV_RANDOM + #endif + + #if (SSL_CFG_USER_IO_EN == DEF_ENABLED) + #define CYASSL_USER_IO + #else + #undef CYASSL_USER_IO + #endif + + #if (SSL_CFG_DYNAMIC_BUFFERS_EN == DEF_ENABLED) + #undef LARGE_STATIC_BUFFERS + #undef STATIC_CHUNKS_ONLY + #else + #define LARGE_STATIC_BUFFERS + #define STATIC_CHUNKS_ONLY + #endif + + #if (SSL_CFG_DER_LOAD_EN == DEF_ENABLED) + #define CYASSL_DER_LOAD + #else + #undef CYASSL_DER_LOAD + #endif + + #if (SSL_CFG_DTLS_EN == DEF_ENABLED) + #define CYASSL_DTLS + #else + #undef CYASSL_DTLS + #endif + + #if (SSL_CFG_CALLBACKS_EN == DEF_ENABLED) + #define CYASSL_CALLBACKS + #else + #undef CYASSL_CALLBACKS + #endif + + #if (SSL_CFG_FAST_MATH_EN == DEF_ENABLED) + #define USE_FAST_MATH + #else + #undef USE_FAST_MATH + #endif + + #if (SSL_CFG_TFM_TIMING_RESISTANT_EN == DEF_ENABLED) + #define TFM_TIMING_RESISTANT + #else + #undef TFM_TIMING_RESISTANT + #endif + +#endif /* MICRIUM */ + + +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) + #define USE_CYASSL_MEMORY +#endif + + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + +/* Place any other flags or defines here */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_SETTINGS_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx new file mode 100644 index 000000000..c667014f0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvoptx @@ -0,0 +1,1481 @@ + + + + 1.0 + +
### uVision Project, (C) Keil Software
+ + + *.c + *.s*; *.src; *.a* + *.obj + *.lib + *.txt; *.h; *.inc + *.plm + *.cpp + + + + 0 + 0 + + + + SimpleServer + 0x4 + ARM-ADS + + 120000000 + + 1 + 1 + 0 + 1 + + + 1 + 65535 + 0 + 0 + 0 + + + 79 + 66 + 8 + .\Object\ + + + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 0 + 0 + 0 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + + + 1 + 0 + 1 + + 255 + + + 0 + Schematics (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200-schematics.pdf + + + 1 + User Manual (MCBSTM32F200) + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\Documents\mcbstm32f200.chm + + + 2 + MCBSTM32F200 Evaluation Board Web Page (MCBSTM32F200) + http://www.keil.com/mcbstm32f200/ + + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + 0 + 0 + 8 + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + 0 + DLGTARM + (1010=-1,-1,-1,-1,0)(1007=-1,-1,-1,-1,0)(1008=-1,-1,-1,-1,0)(1009=-1,-1,-1,-1,0)(1012=-1,-1,-1,-1,0) + + + 0 + ARMDBGFLAGS + + + + 0 + ULP2CM3 + -UP1135060 -O206 -S8 -C0 -P00 -N00("ARM CoreSight SW-DP") -D00(2BA01477) -L00(0) -TO19 -TC120000000 -TP18 -TDX0 -TDD0 -TDS8000 -TDT0 -TDC1F -TIE1 -TIP1 -FO7 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024.flm -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm) + + + 0 + DLGUARM + + + + 0 + UL2CM3 + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + + + + + + 1 + 8 + 0x20000408 + + + + + 2 + 8 + 0x8004dc8 + + + + 0 + + + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + + + + + + + + Source + 0 + 0 + 0 + 0 + + 1 + 1 + 1 + 0 + 0 + 0 + 0 + 37 + 44 + 0 + .\main.c + main.c + 0 + 0 + + + 1 + 2 + 1 + 0 + 0 + 33 + 0 + 0 + 0 + 0 + .\server.c + server.c + 0 + 0 + + + + + Configuration + 1 + 0 + 0 + 0 + + 2 + 3 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 0 + 0 + + + 2 + 4 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 0 + 0 + + + 2 + 5 + 5 + 0 + 0 + 33 + 0 + 0 + 0 + 0 + .\RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 0 + 0 + + + 2 + 6 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\config-SimpleServer.h + config-SimpleServer.h + 0 + 0 + + + + + Documentation + 0 + 0 + 0 + 0 + + 3 + 7 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\Abstract.txt + Abstract.txt + 0 + 0 + + + + + Devices + 1 + 0 + 0 + 0 + + 4 + 8 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + .\time-dummy.c + time-dummy.c + 0 + 0 + + + + + ::CMSIS + 0 + 0 + 0 + 1 + + 5 + 9 + 1 + 0 + 0 + 0 + 0 + 212 + 218 + 0 + RTE\CMSIS\RTX_Conf_CM.c + RTX_Conf_CM.c + 1 + 0 + + + 5 + 10 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + RTX_CM3.lib + 1 + 0 + + + + + ::Device + 0 + 0 + 0 + 1 + + 6 + 11 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\RTE_Device.h + RTE_Device.h + 1 + 0 + + + 6 + 12 + 2 + 0 + 0 + 0 + 0 + 164 + 169 + 0 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + startup_stm32f2xx.s + 1 + 0 + + + 6 + 13 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Device\STM32F207IG\system_stm32f2xx.c + system_stm32f2xx.c + 1 + 0 + + + 6 + 14 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + DMA_STM32F2xx.c + 1 + 0 + + + 6 + 15 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + GPIO_STM32F2xx.c + 1 + 0 + + + + + ::Drivers + 0 + 0 + 0 + 1 + + 7 + 16 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + PHY_ST802RT1.c + 1 + 0 + + + 7 + 17 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + EMAC_STM32F2xx.c + 1 + 0 + + + 7 + 18 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + MCI_STM32F2xx.c + 1 + 0 + + + + + ::File System + 0 + 0 + 0 + 1 + + 8 + 19 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config.c + FS_Config.c + 1 + 0 + + + 8 + 20 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\File_System\FS_Config_MC_0.h + FS_Config_MC_0.h + 1 + 0 + + + 8 + 21 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + FS_LFN_CM3_L.lib + 1 + 0 + + + + + ::Network + 0 + 0 + 0 + 1 + + 9 + 22 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config.c + Net_Config.c + 1 + 0 + + + 9 + 23 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_BSD.h + Net_Config_BSD.h + 1 + 0 + + + 9 + 24 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_DNS_Client.h + Net_Config_DNS_Client.h + 1 + 0 + + + 9 + 25 + 5 + 0 + 0 + 33 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_ETH_0.h + Net_Config_ETH_0.h + 1 + 0 + + + 9 + 26 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_TCP.h + Net_Config_TCP.h + 1 + 0 + + + 9 + 27 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\Network\Net_Config_UDP.h + Net_Config_UDP.h + 1 + 0 + + + 9 + 28 + 1 + 0 + 0 + 33 + 0 + 0 + 0 + 0 + RTE\Network\Net_Debug.c + Net_Debug.c + 1 + 0 + + + 9 + 29 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + Net_Dbg_CM3_L.lib + 1 + 0 + + + + + ::wolfSSL + 0 + 0 + 0 + 1 + + 10 + 30 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-Crypt.h + config-Crypt.h + 1 + 0 + + + 10 + 31 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\config-CyaSSL.h + config-CyaSSL.h + 1 + 0 + + + 10 + 32 + 5 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + RTE\wolfSSL\settings.h + settings.h + 1 + 0 + + + 10 + 33 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + cyassl_MDK_ARM.c + 1 + 0 + + + 10 + 34 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + aes.c + 1 + 0 + + + 10 + 35 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + arc4.c + 1 + 0 + + + 10 + 36 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + asm.c + 1 + 0 + + + 10 + 37 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + asn.c + 1 + 0 + + + 10 + 38 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + blake2b.c + 1 + 0 + + + 10 + 39 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + camellia.c + 1 + 0 + + + 10 + 40 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + coding.c + 1 + 0 + + + 10 + 41 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + compress.c + 1 + 0 + + + 10 + 42 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + des3.c + 1 + 0 + + + 10 + 43 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + dh.c + 1 + 0 + + + 10 + 44 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + dsa.c + 1 + 0 + + + 10 + 45 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + ecc.c + 1 + 0 + + + 10 + 46 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + ecc_fp.c + 1 + 0 + + + 10 + 47 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + error.c + 1 + 0 + + + 10 + 48 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + hc128.c + 1 + 0 + + + 10 + 49 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + hmac.c + 1 + 0 + + + 10 + 50 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + integer.c + 1 + 0 + + + 10 + 51 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + logging.c + 1 + 0 + + + 10 + 52 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + md2.c + 1 + 0 + + + 10 + 53 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + md4.c + 1 + 0 + + + 10 + 54 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + md5.c + 1 + 0 + + + 10 + 55 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + memory.c + 1 + 0 + + + 10 + 56 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + misc.c + 1 + 0 + + + 10 + 57 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + wc_port.c + 1 + 0 + + + 10 + 58 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + pwdbased.c + 1 + 0 + + + 10 + 59 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + rabbit.c + 1 + 0 + + + 10 + 60 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + random.c + 1 + 0 + + + 10 + 61 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + ripemd.c + 1 + 0 + + + 10 + 62 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + rsa.c + 1 + 0 + + + 10 + 63 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + sha.c + 1 + 0 + + + 10 + 64 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + sha256.c + 1 + 0 + + + 10 + 65 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + sha512.c + 1 + 0 + + + 10 + 66 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + tfm.c + 1 + 0 + + + 10 + 67 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + crl.c + 1 + 0 + + + 10 + 68 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + internal.c + 1 + 0 + + + 10 + 69 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + io.c + 1 + 0 + + + 10 + 70 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + keys.c + 1 + 0 + + + 10 + 71 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + ocsp.c + 1 + 0 + + + 10 + 72 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + sniffer.c + 1 + 0 + + + 10 + 73 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + ssl.c + 1 + 0 + + + 10 + 74 + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + tls.c + 1 + 0 + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx new file mode 100644 index 000000000..77f3f876f --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/SimpleServer.uvprojx @@ -0,0 +1,1127 @@ + + + + 2.1 + +
### uVision Project, (C) Keil Software
+ + + + SimpleServer + 0x4 + ARM-ADS + + + STM32F207IG + STMicroelectronics + IRAM(0x20000000,0x20000) IROM(0x08000000,0x100000) CPUTYPE("Cortex-M3") CLOCK(120000000) ELITTLE + + + UL2CM3(-S0 -C0 -P0 -FD20000000 -FC1000 -FN1 -FF0STM32F2xx_1024 -FS08000000 -FL0100000 -FP0($$Device:STM32F207IG$Flash\STM32F2xx_1024.flm)) + 0 + $$Device:STM32F207IG$Device\Include\stm32f2xx.h + + + + + + + + + + $$Device:STM32F207IG$SVD\STM32F20x.svd + 0 + 0 + + + + + + + 0 + 0 + 0 + 0 + 1 + + .\Object\ + SimpleServer + 1 + 0 + 0 + 1 + 1 + .\Object\ + 1 + 0 + 0 + + 0 + 0 + + + 0 + 0 + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + + 0 + 0 + + 0 + + + + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 3 + + + 1 + + + SARMCM3.DLL + -REMAP -MPU + DCM.DLL + -pCM3 + SARMCM3.DLL + -REMAP -MPU + TCM.DLL + -pCM3 + + + + 1 + 0 + 0 + 0 + 16 + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + + + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 1 + 1 + + 0 + 8 + + + + + + + + + + + + + + BIN\ULP2CM3.DLL + + + + + 1 + 0 + 0 + 1 + 1 + 4100 + + 1 + BIN\ULP2CM3.DLL + "" () + + + + + 0 + + + + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 1 + 1 + 0 + 1 + 1 + 0 + 0 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 1 + 0 + 0 + "Cortex-M3" + + 0 + 0 + 0 + 1 + 1 + 0 + 0 + 0 + 0 + 0 + 8 + 0 + 0 + 0 + 3 + 3 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 1 + 0 + 0 + 0 + 0 + 1 + 0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 1 + 0x8000000 + 0x100000 + + + 0 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x0 + 0x0 + + + 1 + 0x8000000 + 0x100000 + + + 1 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x0 + 0x0 + + + 0 + 0x20000000 + 0x20000 + + + 0 + 0x0 + 0x0 + + + + + + 1 + 4 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + HAVE_CONFIG_H MDK_CONF_SimpleServer + + + + + + 1 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + 0 + + + + + + + + + 1 + 0 + 0 + 0 + 1 + 0 + 0x08000000 + 0x20000000 + + + + + + + + + + + + + Source + + + main.c + 1 + .\main.c + + + server.c + 1 + .\server.c + + + + + Configuration + + + config-CyaSSL.h + 5 + .\RTE\wolfSSL\config-CyaSSL.h + + + config-Crypt.h + 5 + .\RTE\wolfSSL\config-Crypt.h + + + Net_Config_ETH_0.h + 5 + .\RTE\Network\Net_Config_ETH_0.h + + + config-SimpleServer.h + 5 + .\config-SimpleServer.h + + + + + Documentation + + + Abstract.txt + 5 + .\Abstract.txt + + + + + Devices + + + time-dummy.c + 1 + .\time-dummy.c + + + + + ::CMSIS + + + RTX_Conf_CM.c + 1 + RTE\CMSIS\RTX_Conf_CM.c + + + RTX_CM3.lib + 4 + C:\Keil5\ARM\PACK\ARM\CMSIS\3.20.4\CMSIS_RTX\Lib\ARM\RTX_CM3.lib + + + + + ::Device + + + RTE_Device.h + 5 + RTE\Device\STM32F207IG\RTE_Device.h + + + startup_stm32f2xx.s + 2 + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + system_stm32f2xx.c + 1 + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + DMA_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\DMA_STM32F2xx.c + + + GPIO_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\GPIO_STM32F2xx.c + + + + + ::Drivers + + + PHY_ST802RT1.c + 1 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Driver\PHY_ST802RT1.c + + + EMAC_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\EMAC_STM32F2xx.c + + + MCI_STM32F2xx.c + 1 + C:\Keil5\ARM\PACK\Keil\STM32F2xx_DFP\1.0.7\RTE_Driver\MCI_STM32F2xx.c + + + + + ::File System + + + FS_Config.c + 1 + RTE\File_System\FS_Config.c + + + FS_Config_MC_0.h + 5 + RTE\File_System\FS_Config_MC_0.h + + + FS_LFN_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\FileSystem\Lib\ARM\FS_LFN_CM3_L.lib + + + + + ::Network + + + Net_Config.c + 1 + RTE\Network\Net_Config.c + + + Net_Config_BSD.h + 5 + RTE\Network\Net_Config_BSD.h + + + Net_Config_DNS_Client.h + 5 + RTE\Network\Net_Config_DNS_Client.h + + + Net_Config_ETH_0.h + 5 + RTE\Network\Net_Config_ETH_0.h + + + Net_Config_TCP.h + 5 + RTE\Network\Net_Config_TCP.h + + + Net_Config_UDP.h + 5 + RTE\Network\Net_Config_UDP.h + + + Net_Debug.c + 1 + RTE\Network\Net_Debug.c + + + Net_Dbg_CM3_L.lib + 4 + C:\Keil5\ARM\PACK\Keil\MDK-Middleware\5.1.4\Network\Lib\ARM\Net_Dbg_CM3_L.lib + + + + + ::wolfSSL + + + config-Crypt.h + 5 + RTE\wolfSSL\config-Crypt.h + + + config-CyaSSL.h + 5 + RTE\wolfSSL\config-CyaSSL.h + + + settings.h + 5 + RTE\wolfSSL\settings.h + + + cyassl_MDK_ARM.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\IDE\MDK5-ARM\Src\cyassl_MDK_ARM.c + + + aes.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\aes.c + + + arc4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\arc4.c + + + asm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asm.c + + + asn.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\asn.c + + + blake2b.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\blake2b.c + + + camellia.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\camellia.c + + + coding.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\coding.c + + + compress.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\compress.c + + + des3.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\des3.c + + + dh.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dh.c + + + dsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\dsa.c + + + ecc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc.c + + + ecc_fp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ecc_fp.c + + + error.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\error.c + + + hc128.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hc128.c + + + hmac.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\hmac.c + + + integer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\integer.c + + + logging.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\logging.c + + + md2.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md2.c + + + md4.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md4.c + + + md5.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\md5.c + + + memory.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\memory.c + + + misc.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\misc.c + + + wc_port.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\wc_port.c + + + pwdbased.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\pwdbased.c + + + rabbit.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rabbit.c + + + random.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\random.c + + + ripemd.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\ripemd.c + + + rsa.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\rsa.c + + + sha.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha.c + + + sha256.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha256.c + + + sha512.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\sha512.c + + + tfm.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\ctaocrypt\src\tfm.c + + + crl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\crl.c + + + internal.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\internal.c + + + io.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\io.c + + + keys.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\keys.c + + + ocsp.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ocsp.c + + + sniffer.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\sniffer.c + + + ssl.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\ssl.c + + + tls.c + 1 + C:\Keil5\ARM\PACK\wolfSSL\CyaSSL\3.0.0\cyassl\src\tls.c + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + RTE\CMSIS\RTX_Conf_CM.c + + + + + + + + RTE\Device\STM32F207IG\RTE_Device.h + + + + + + + + RTE\Device\STM32F207IG\startup_stm32f2xx.s + + + + + + + + RTE\Device\STM32F207IG\system_stm32f2xx.c + + + + + + + + RTE\File_System\FS_Config.c + + + + + + + + RTE\File_System\FS_Config_MC_0.h + + + + + + + + RTE\Network\Net_Config.c + + + + + + + + RTE\Network\Net_Config_BSD.h + + + + + + + + RTE\Network\Net_Config_DNS_Client.h + + + + + + + + RTE\Network\Net_Config_ETH_0.h + + + + + + + + RTE\Network\Net_Config_TCP.h + + + + + + + + RTE\Network\Net_Config_UDP.h + + + + + + + + RTE\Network\Net_Debug.c + + + + + + + + RTE\Other\config-Crypt.h + + + + + + RTE\Other\config-CyaSSL.h + + + + + + RTE\Other\config-RTX-TCP-FS.h + + + + + + RTE\Other\config.h + + + + + + RTE\wolfSSL\config-Crypt.h + + + + + + + + RTE\wolfSSL\config-CyaSSL.h + + + + + + + + RTE\wolfSSL\config.h + + + + + + RTE\wolfSSL\settings.h + + + + + + + + + +
diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/config-SimpleServer.h b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/config-SimpleServer.h new file mode 100644 index 000000000..19685ee09 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/config-SimpleServer.h @@ -0,0 +1,31 @@ +/* config-RTX-TCP-FS.h + * + * Copyright (C) 2006-2013 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + + + +// <<< Use Configuration Wizard in Context Menu >>> +// Build Target: Simple Server +// Listen Port Number +// Default: "11111" +#define CYASSL_LISTEN_PORT "443" + +// +// <<< end of configuration section >>> diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/main.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/main.c new file mode 100644 index 000000000..053ff48bd --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/main.c @@ -0,0 +1,105 @@ +/* main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +#include "cmsis_os.h" +#include "rl_fs.h" +#include "rl_net.h" +#include +#include "cyassl_MDK_ARM.h" +#include + +#include "config-SimpleServer.h" + +/*----------------------------------------------------------------------------- + * Initialize a Flash Memory Card + *----------------------------------------------------------------------------*/ +static void init_filesystem (void) { + int32_t retv; + + retv = finit ("M0:"); + if (retv == 0) { + retv = fmount ("M0:"); + if (retv == 0) { + printf ("Drive M0 ready!\n"); + } + else { + printf ("Drive M0 mount failed!\n"); + } + } else { + printf ("Drive M0 initialization failed!\n"); + } +} + +/*----------------------------------------------------------------------------- + * TCP/IP tasks + *----------------------------------------------------------------------------*/ +void tcp_poll (void const *arg) +{ + CYASSL_MSG("TCP polling started.\n") ; + while (1) { + net_main (); + osDelay(1) ; + } +} + +typedef struct func_args { + int argc; + char** argv; +} func_args; + +extern void server_test(func_args * args) ; +extern void init_time(void) ; + + osThreadDef (tcp_poll, osPriorityHigh , 1, 0) ; +/*----------------------------------------------------------------------------- + * mian entry + *----------------------------------------------------------------------------*/ +int myoptind = 0; +char* myoptarg = NULL; + +int main() +{ + static char *argv[] = { "server", "-p", CYASSL_LISTEN_PORT, "-d"} ; + static func_args args = { 4, argv } ; + + init_filesystem (); + net_initialize() ; + osThreadCreate (osThread (tcp_poll), NULL); + osDelay(10000) ; /* wait for DHCP */ + #if defined(DEBUG_CYASSL) + printf("Turning ON Debug message\n") ; + CyaSSL_Debugging_ON() ; + #endif + + printf("Simple Server: Started\n") ; + while(1) { + server_test(&args) ; + printf("Enter any key to iterate.\n") ; + getchar() ; + } +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/server.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/server.c new file mode 100644 index 000000000..a42581d90 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/server.c @@ -0,0 +1,604 @@ +/* server.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER) + /* in case memory tracker wants stats */ + #define CYASSL_TRACK_MEMORY +#endif + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif +#include +#include + +#include "examples/server/server.h" + + +#ifdef CYASSL_CALLBACKS + int srvHandShakeCB(HandShakeInfo*); + int srvTimeoutCB(TimeoutInfo*); + Timeval srvTo; +#endif + +static void NonBlockingSSL_Accept(SSL* ssl) +{ +#ifndef CYASSL_CALLBACKS + int ret = SSL_accept(ssl); +#else + int ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo); +#endif + int error = SSL_get_error(ssl, 0); + SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl); + int select_ret; + + while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || + error == SSL_ERROR_WANT_WRITE)) { + int currTimeout = 1; + + if (error == SSL_ERROR_WANT_READ) + printf("... server would read block\n"); + else + printf("... server would write block\n"); + +#ifdef CYASSL_DTLS + currTimeout = CyaSSL_dtls_get_current_timeout(ssl); +#endif + select_ret = tcp_select(sockfd, currTimeout); + + if ((select_ret == TEST_RECV_READY) || + (select_ret == TEST_ERROR_READY)) { + #ifndef CYASSL_CALLBACKS + ret = SSL_accept(ssl); + #else + ret = CyaSSL_accept_ex(ssl, + srvHandShakeCB, srvTimeoutCB, srvTo); + #endif + error = SSL_get_error(ssl, 0); + } + else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) { + error = SSL_ERROR_WANT_READ; + } +#ifdef CYASSL_DTLS + else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) && + CyaSSL_dtls_got_timeout(ssl) >= 0) { + error = SSL_ERROR_WANT_READ; + } +#endif + else { + error = SSL_FATAL_ERROR; + } + } + if (ret != SSL_SUCCESS) + err_sys("SSL_accept failed"); +} + + +static void Usage(void) +{ + printf("server " LIBCYASSL_VERSION_STRING + " NOTE: All files relative to CyaSSL home dir\n"); + printf("-? Help, print this usage\n"); + printf("-p Port to listen on, not 0, default %d\n", yasslPort); + printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", + SERVER_DEFAULT_VERSION); + printf("-l Cipher list\n"); + printf("-c Certificate file, default %s\n", svrCert); + printf("-k Key file, default %s\n", svrKey); + printf("-A Certificate Authority file, default %s\n", cliCert); + printf("-d Disable client cert check\n"); + printf("-b Bind to any interface instead of localhost only\n"); + printf("-s Use pre Shared keys\n"); + printf("-t Track CyaSSL memory use\n"); + printf("-u Use UDP DTLS," + " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); + printf("-f Fewer packets/group messages\n"); + printf("-N Use Non-blocking sockets\n"); + printf("-S Use Host Name Indication\n"); +#ifdef HAVE_OCSP + printf("-o Perform OCSP lookup on peer certificate\n"); + printf("-O Perform OCSP lookup using as responder\n"); +#endif +#ifdef HAVE_PK_CALLBACKS + printf("-P Public Key Callbacks\n"); +#endif +} + +THREAD_RETURN CYASSL_THREAD server_test(void* args) +{ + SOCKET_T sockfd = 0; + SOCKET_T clientfd = 0; + + SSL_METHOD* method = 0; + SSL_CTX* ctx = 0; + SSL* ssl = 0; + + char msg[] = "I hear you fa shizzle!"; + char input[80]; + int idx; + int ch; + int version = SERVER_DEFAULT_VERSION; + int doCliCertCheck = 1; + int useAnyAddr = 0; + word16 port = yasslPort; + int usePsk = 0; + int doDTLS = 0; + int useNtruKey = 0; + int nonBlocking = 0; + int trackMemory = 0; + int fewerPackets = 0; + int pkCallbacks = 0; + char* cipherList = NULL; + char* verifyCert = (char*)cliCert; + char* ourCert = (char*)svrCert; + char* ourKey = (char*)svrKey; + int argc = ((func_args*)args)->argc; + char** argv = ((func_args*)args)->argv; + +#ifdef HAVE_SNI + char* sniHostName = NULL; +#endif + +#ifdef HAVE_OCSP + int useOcsp = 0; + char* ocspUrl = NULL; +#endif + + ((func_args*)args)->return_code = -1; /* error state */ + +#ifdef NO_RSA + verifyCert = (char*)cliEccCert; + ourCert = (char*)eccCert; + ourKey = (char*)eccKey; +#endif + (void)trackMemory; + (void)pkCallbacks; + + while ((ch = mygetopt(argc, argv, "?dbstnNufPp:v:l:A:c:k:S:oO:")) != -1) { + switch (ch) { + case '?' : + Usage(); + exit(EXIT_SUCCESS); + + case 'd' : + doCliCertCheck = 0; + break; + + case 'b' : + useAnyAddr = 1; + break; + + case 's' : + usePsk = 1; + break; + + case 't' : + #ifdef USE_CYASSL_MEMORY + trackMemory = 1; + #endif + break; + + case 'n' : + useNtruKey = 1; + break; + + case 'u' : + doDTLS = 1; + break; + + case 'f' : + fewerPackets = 1; + break; + + case 'P' : + #ifdef HAVE_PK_CALLBACKS + pkCallbacks = 1; + #endif + break; + + case 'p' : + port = (word16)atoi(myoptarg); + #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API) + if (port == 0) + err_sys("port number cannot be 0"); + #endif + break; + + case 'v' : + version = atoi(myoptarg); + if (version < 0 || version > 3) { + Usage(); + exit(MY_EX_USAGE); + } + break; + + case 'l' : + cipherList = myoptarg; + break; + + case 'A' : + verifyCert = myoptarg; + break; + + case 'c' : + ourCert = myoptarg; + break; + + case 'k' : + ourKey = myoptarg; + break; + + case 'N': + nonBlocking = 1; + break; + + case 'S' : + #ifdef HAVE_SNI + sniHostName = myoptarg; + #endif + break; + + case 'o' : + #ifdef HAVE_OCSP + useOcsp = 1; + #endif + break; + + case 'O' : + #ifdef HAVE_OCSP + useOcsp = 1; + ocspUrl = myoptarg; + #endif + break; + + default: + Usage(); + exit(MY_EX_USAGE); + } + } + + myoptind = 0; /* reset for test cases */ + + /* sort out DTLS versus TLS versions */ + if (version == CLIENT_INVALID_VERSION) { + if (doDTLS) + version = CLIENT_DTLS_DEFAULT_VERSION; + else + version = CLIENT_DEFAULT_VERSION; + } + else { + if (doDTLS) { + if (version == 3) + version = -2; + else + version = -1; + } + } + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + InitMemoryTracker(); +#endif + + switch (version) { +#ifndef NO_OLD_TLS + case 0: + method = SSLv3_server_method(); + break; + + #ifndef NO_TLS + case 1: + method = TLSv1_server_method(); + break; + + + case 2: + method = TLSv1_1_server_method(); + break; + + #endif +#endif + +#ifndef NO_TLS + case 3: + method = TLSv1_2_server_method(); + break; +#endif + +#ifdef CYASSL_DTLS + case -1: + method = DTLSv1_server_method(); + break; + + case -2: + method = DTLSv1_2_server_method(); + break; +#endif + + default: + err_sys("Bad SSL version"); + } + + if (method == NULL) + err_sys("unable to get method"); + + ctx = SSL_CTX_new(method); + if (ctx == NULL) + err_sys("unable to get ctx"); + + if (cipherList) + if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) + err_sys("server can't set cipher list 1"); + +#ifdef CYASSL_LEANPSK + usePsk = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + usePsk = 1; +#endif + + if (fewerPackets) + CyaSSL_CTX_set_group_messages(ctx); + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + if (!usePsk) { + if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server cert file, check file and run from" + " CyaSSL home dir"); + } +#endif + +#ifdef HAVE_NTRU + if (useNtruKey) { + if (CyaSSL_CTX_use_NTRUPrivateKey_file(ctx, ourKey) + != SSL_SUCCESS) + err_sys("can't load ntru key file, " + "Please run from CyaSSL home dir"); + } +#endif + +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + if (!useNtruKey && !usePsk) { + if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server private key file, check file and run " + "from CyaSSL home dir"); + } +#endif + + if (usePsk) { +#ifndef NO_PSK + SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); + SSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); + if (cipherList == NULL) { + const char *defaultCipherList; + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) + err_sys("server can't set cipher list 2"); + } +#endif + } + +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + /* if not using PSK, verify peer with certs */ + if (doCliCertCheck && usePsk == 0) { + SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | + SSL_VERIFY_FAIL_IF_NO_PEER_CERT,0); + if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + } +#endif + +#if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) + /* don't use EDH, can't sniff tmp keys */ + if (cipherList == NULL) { + if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) + err_sys("server can't set cipher list 3"); + } +#endif + +#ifdef HAVE_SNI + if (sniHostName) + if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, + XSTRLEN(sniHostName)) != SSL_SUCCESS) + err_sys("UseSNI failed"); +#endif + + ssl = SSL_new(ctx); + if (ssl == NULL) + err_sys("unable to get SSL"); + +#ifdef HAVE_CRL + CyaSSL_EnableCRL(ssl, 0); + CyaSSL_LoadCRL(ssl, crlPemDir, SSL_FILETYPE_PEM, CYASSL_CRL_MONITOR | + CYASSL_CRL_START_MON); + CyaSSL_SetCRL_Cb(ssl, CRL_CallBack); +#endif +#ifdef HAVE_OCSP + if (useOcsp) { + if (ocspUrl != NULL) { + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); + } + else + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); + } +#endif +#ifdef HAVE_PK_CALLBACKS + if (pkCallbacks) + SetupPkCallbacks(ctx, ssl); +#endif + + tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, doDTLS); + if (!doDTLS) + CloseSocket(sockfd); + + SSL_set_fd(ssl, clientfd); + if (usePsk == 0) { + #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) + CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); + #elif !defined(NO_CERTS) + SetDH(ssl); /* repick suites with DHE, higher priority than PSK */ + #endif + } + +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(ssl, 1); + tcp_set_nonblocking(&clientfd); + NonBlockingSSL_Accept(ssl); + } else if (SSL_accept(ssl) != SSL_SUCCESS) { + int err = SSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("error = %d, %s\n", err, ERR_error_string(err, buffer)); + err_sys("SSL_accept failed"); + } +#else + NonBlockingSSL_Accept(ssl); +#endif + showPeer(ssl); + + idx = SSL_read(ssl, input, sizeof(input)-1); + if (idx > 0) { + input[idx] = 0; + printf("Client message: %s\n", input); + + } + else if (idx < 0) { + int readErr = SSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) + err_sys("SSL_read failed"); + } + + if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) + err_sys("SSL_write failed"); + + #if defined(CYASSL_MDK_SHELL) && defined(HAVE_MDK_RTX) + os_dly_wait(500) ; + #endif + + SSL_shutdown(ssl); + SSL_free(ssl); + SSL_CTX_free(ctx); + + CloseSocket(clientfd); + ((func_args*)args)->return_code = 0; + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + ShowMemoryTracker(); +#endif /* USE_CYASSL_MEMORY */ + + return 0; +} + + +/* so overall tests can pull in test function */ +#ifndef NO_MAIN_DRIVER + + int main(int argc, char** argv) + { + func_args args; + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + + StartTCP(); + + args.argc = argc; + args.argv = argv; + + CyaSSL_Init(); +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) + CyaSSL_Debugging_ON(); +#endif + if (CurrentDir("server")) + ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); + +#ifdef HAVE_STACK_SIZE + StackSizeCheck(&args, server_test); +#else + server_test(&args); +#endif + CyaSSL_Cleanup(); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + return args.return_code; + } + + int myoptind = 0; + char* myoptarg = NULL; + +#endif /* NO_MAIN_DRIVER */ + + +#ifdef CYASSL_CALLBACKS + + int srvHandShakeCB(HandShakeInfo* info) + { + (void)info; + return 0; + } + + + int srvTimeoutCB(TimeoutInfo* info) + { + (void)info; + return 0; + } + +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/time-dummy.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/time-dummy.c new file mode 100644 index 000000000..2525eba38 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Projects/SimpleServer/time-dummy.c @@ -0,0 +1,34 @@ +/* time-dummy.c.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include "time.h" + +struct tm *Cyassl_MDK_gmtime(const time_t *c) +{ + static struct tm date ; + return(&date) ; +} + +time_t time(time_t * t) { return 0 ; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/cert_data.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/cert_data.c new file mode 100644 index 000000000..d29fbf3b1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/cert_data.c @@ -0,0 +1,28 @@ +/* certs_test.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* Define initial data for cert buffers */ +#include + diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c new file mode 100644 index 000000000..cca8ad619 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/cyassl_MDK_ARM.c @@ -0,0 +1,247 @@ +/* cyassl_KEIL_RL.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/***************************************************************************************/ +/** This file is for defining functions for specific to KEIL-RL. **/ +/***************************************************************************************/ +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#if defined (CYASSL_MDK5) + #include "cmsis_os.h" + #if defined(CYASSL_KEIL_TCP_NET) + #include "rl_net.h" + #endif +#else + #include +#endif + +#include "cyassl_MDK_ARM.h" + +#include +#include + +#if defined (CYASSL_CMSIS_RTOS) + #define os_dly_wait(t) osDelay(10*t) +#endif + + +/** KEIL-RL TCPnet ****/ +/** TCPnet BSD socket does not have following functions. **/ + +#if defined(CYASSL_KEIL_TCP_NET) +char *inet_ntoa(struct in_addr in) +{ + #define NAMESIZE 16 + static char name[NAMESIZE] ; + sprintf(name, "%d.%d.%d.%d", (in.s_addr>>24)&0xff, (in.s_addr>>16)&0xff, (in.s_addr>>8)&0xff, in.s_addr&0xff) ; + return name ; +} + +unsigned long inet_addr(const char *cp) +{ + unsigned int a[4] ; unsigned long ret ; + sscanf(cp, "%d.%d.%d.%d", &a[0], &a[1], &a[2], &a[3]) ; + ret = ((a[3]<<24) + (a[2]<<16) + (a[1]<<8) + a[0]) ; + return(ret) ; +} + + +/*** tcp_connect is actually associated with following syassl_tcp_connect. ***/ +int Cyassl_connect(int sd, const struct sockaddr* sa, int sz) +{ + int ret = 0 ; + #if defined(CYASSL_KEIL_TCP_NET) + + SOCKADDR_IN addr ; + + addr = *(SOCKADDR_IN *)sa ; + + do { + #undef connect /* Go to KEIL TCPnet connect */ + ret = connect(sd, (SOCKADDR *)&addr, sizeof(addr)) ; + os_dly_wait(50); + } while(ret == SCK_EWOULDBLOCK) ; + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Connect return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; +} + + +int Cyassl_accept(int sd, struct sockaddr *addr, int *addrlen) +{ + int ret = 0 ; + + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef accept /* Go to KEIL TCPnet accept */ + ret = accept(sd, addr, addrlen) ; + if(ret != SCK_EWOULDBLOCK) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Accept return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; + +} + +int Cyassl_recv(int sd, void *buf, size_t len, int flags) +{ + int ret = 0; + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef recv /* Go to KEIL TCPnet recv */ + ret = recv(sd, buf, len, flags) ; + if((ret != SCK_EWOULDBLOCK) &&( ret != SCK_ETIMEOUT)) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Recv return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + + #endif /* CYASSL_KEIL_TCP_NET */ + return(ret ) ; +} + +int Cyassl_send(int sd, const void *buf, size_t len, int flags) +{ + int ret = 0 ; + + #if defined(CYASSL_KEIL_TCP_NET) + while(1) { + #undef send /* Go to KEIL TCPnet send */ + ret = send(sd, buf, len, flags) ; + if(ret != SCK_EWOULDBLOCK) break ; + os_dly_wait(1); + } + #ifdef DEBUG_CYASSL + { + char msg[50] ; + sprintf(msg, "BSD Send return code: %d\n", ret) ; + CYASSL_MSG(msg) ; + } + #endif + +#endif /* CYASSL_KEIL_TCP_NET */ + return(ret) ; + +} + +#endif /* CYASSL_KEIL_TCP_NET */ + +#if defined(CYASSL_KEIL_TCP_NET) +void Cyassl_sleep(int t) +{ + #if defined(HAVE_KEIL_RTX) + os_dly_wait(t/1000+1) ; + #endif +} + +int Cyassl_tcp_select(int sd, int timeout) +{ + + return 0 ; + +} +#endif + +extern int strlen(const char *s) ; + +FILE * CyaSSL_fopen(const char *name, const char *openmode) +{ + int i ; FILE * ret ; + #define PATHSIZE 100 + char path[PATHSIZE] ; char *p ; + + if(strlen(name) > PATHSIZE)return(NULL) ; + + for(i = 0; i<= strlen(name); i++) { + if(name[i] == '/')path[i] = '\\' ; + else path[i] = name[i] ; + } + if(path[0] == '.' && path[1] == '\\') p = path + 2 ; + else p = path ; + + ret = fopen (p, openmode) ; + + return(ret) ; +} + +#if defined (CYASSL_MDK5) +#define getkey getchar +#define sendchar putchar +#else +extern int getkey(void) ; +extern int sendchar(int c) ; +#endif + +char * Cyassl_fgets ( char * str, int num, FILE * f ) +{ + int i ; + + for(i = 0 ; i< num ; i++) { + while((str[i] = getkey()) == 0) { + #if defined (HAVE_KEIL_RTX) && !defined(CYASSL_CMSIS_RTOS) + os_tsk_pass (); + #else + osThreadYield (); + #endif + } + if(str[i] == '\n' || str[i] == '\012' || str[i] == '\015') { + sendchar('\n') ; + str[i++] = '\n' ; + str[i] = '\0' ; + break ; + } else if(str[i] == '\010') { /* BS */ + if(i) { /* erace one char */ + sendchar('\010') ; sendchar(' ') ; sendchar('\010') ; + i = (i>0 ? (i-2) : -1 ) ; + continue ; + } + } else if(str[i] == '\033' || str[i] == '\004' ) { /* ESC or ^D */ + str[i] = '\0' ; + return(0) ; + } + sendchar(str[i]) ; + } + return(str) ; +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/ssl-dummy.c b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/ssl-dummy.c new file mode 100644 index 000000000..47f4a6cd6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/IDE/MDK5-ARM/Src/ssl-dummy.c @@ -0,0 +1,52 @@ +/* ssl-dummy.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + +Signer* GetCA(void* vp, byte* hash) +{ + return NULL ; +} + +int CyaSSL_dtls(CYASSL* ssl) +{ + return NULL ; +} + +int CyaSSL_get_using_nonblock(CYASSL* ssl) +{ + return NULL ; +} + +Signer* GetCAByName(void* vp, byte* hash) +{ + return NULL ; +} + +int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) +{ + return NULL ; +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/LICENSE_INFORMATION.txt b/FreeRTOS-Plus/Source/CyaSSL/LICENSE_INFORMATION.txt deleted file mode 100644 index 930f4cb19..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/LICENSE_INFORMATION.txt +++ /dev/null @@ -1,7 +0,0 @@ -Note the CyaSSL license terms are different to the FreeRTOS license terms. - -CyaSSL is dual licensed. The files are provided here under an unmodified open -source GNU GPL license. Commercial licenses are also available. -See http://www.FreeRTOS.org/ssl - - diff --git a/FreeRTOS-Plus/Source/CyaSSL/Makefile.am b/FreeRTOS-Plus/Source/CyaSSL/Makefile.am index 836266530..5918a4dc5 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/Makefile.am +++ b/FreeRTOS-Plus/Source/CyaSSL/Makefile.am @@ -15,31 +15,57 @@ check_PROGRAMS = EXTRA_HEADERS = BUILT_SOURCES= EXTRA_DIST= -doc_DATA= +dist_doc_DATA= -exampledir = $(docdir)/@PACKAGE@/example -example_DATA= -EXTRA_DIST+= $(example_DATA) +#includes additional rules from aminclude.am +@INC_AMINCLUDE@ +DISTCLEANFILES+= aminclude.am -EXTRA_DIST+= $(doc_DATA) +CLEANFILES+= cert.der \ + cert.pem \ + certecc.der \ + certecc.pem \ + certreq.der \ + certreq.pem \ + key.der \ + key.pem \ + ntru-cert.der \ + ntru-cert.pem \ + ntru-key.raw \ + othercert.der \ + othercert.pem \ + pkcs7cert.der \ + pkcs7envelopedData.der \ + pkcs7signedData.der -ACLOCAL_AMFLAGS= -I m4 --install +exampledir = $(docdir)/example +dist_example_DATA= + +ACLOCAL_AMFLAGS= -I m4 EXTRA_DIST+= lib/dummy EXTRA_DIST+= cyassl-ntru.vcproj EXTRA_DIST+= cyassl.vcproj +EXTRA_DIST+= cyassl.vcxproj EXTRA_DIST+= cyassl-iphone.xcodeproj/project.pbxproj +EXTRA_DIST+= cyassl-ios.xcodeproj/project.pbxproj EXTRA_DIST+= cyassl-ntru.sln EXTRA_DIST+= cyassl.sln +EXTRA_DIST+= cyassl64.sln +EXTRA_DIST+= valgrind-error.sh +EXTRA_DIST+= gencertbuf.pl +EXTRA_DIST+= IDE include cyassl/include.am include certs/include.am +include certs/1024/include.am include certs/crl/include.am include doc/include.am include swig/include.am include src/include.am +include support/include.am include ctaocrypt/benchmark/include.am include ctaocrypt/src/include.am include ctaocrypt/test/include.am @@ -50,9 +76,60 @@ include examples/echoserver/include.am include testsuite/include.am include tests/include.am include sslSniffer/sslSnifferTest/include.am +include rpm/include.am +include mqx/ctaocrypt_test/Sources/include.am +include mqx/cyassl/include.am +include mqx/cyassl_client/Sources/include.am +include mqx/util_lib/Sources/include.am +include mplabx/include.am +include mplabx/ctaocrypt_benchmark.X/nbproject/include.am +include mplabx/ctaocrypt_test.X/nbproject/include.am +include mplabx/cyassl.X/nbproject/include.am +include mcapi/include.am +include mcapi/ctaocrypt_mcapi.X/nbproject/include.am +include mcapi/ctaocrypt_test.X/nbproject/include.am +include mcapi/cyassl.X/nbproject/include.am +include mcapi/zlib.X/nbproject/include.am + +if USE_VALGRIND +TESTS_ENVIRONMENT=./valgrind-error.sh +endif +TEST_EXTENSIONS=.test TESTS += $(check_PROGRAMS) test: check +tests/unit.log: testsuite/testsuite.log + +DISTCLEANFILES+= cyassl-config +# fips files shouldn't be left after make distclean +DISTCLEANFILES+= ctaocrypt/src/fips.c +DISTCLEANFILES+= ctaocrypt/src/fips_test.c + +maintainer-clean-local: + -rm Makefile.in + -rm aclocal.m4 + -rm build-aux/compile + -rm build-aux/config.guess + -rm build-aux/config.sub + -rm build-aux/depcomp + -rm build-aux/install-sh + -rm build-aux/ltmain.sh + -rm build-aux/missing + -rm cyassl-config + -rmdir build-aux + -rm configure + -rm config.log + -rm config.status + -rm config.in + -rm m4/libtool.m4 + -rm m4/ltoptions.m4 + -rm m4/ltsugar.m4 + -rm m4/ltversion.m4 + -rm m4/lt~obsolete.m4 + -rm support/cyassl.pc + find . -type f -name '*~' -exec rm -f '{}' \; + -rm -f @PACKAGE@-*.tar.gz + -rm -f @PACKAGE@-*.rpm # !!!! first line of rule has to start with a hard (real) tab, not spaces egs: @@ -65,6 +142,15 @@ ctc: $(MAKE) ctaocrypt/test/testctaocrypt; \ $(MAKE) ctaocrypt/benchmark/benchmark; +install-exec-local: install-generic-config + +install-generic-config: + $(mkinstalldirs) $(DESTDIR)$(bindir) + $(INSTALL_SCRIPT) @GENERIC_CONFIG@ $(DESTDIR)$(bindir) + +uninstall-local: + -rm -f $(DESTDIR)$(bindir)/@GENERIC_CONFIG@ + merge-clean: @find ./ | $(GREP) \.gcda | xargs rm -f @find ./ | $(GREP) \.gcno | xargs rm -f diff --git a/FreeRTOS-Plus/Source/CyaSSL/Makefile.in b/FreeRTOS-Plus/Source/CyaSSL/Makefile.in index f40b3da91..fa6cbfb77 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/Makefile.in +++ b/FreeRTOS-Plus/Source/CyaSSL/Makefile.in @@ -1,8 +1,8 @@ -# Makefile.in generated by automake 1.10 from Makefile.am. +# Makefile.in generated by automake 1.14.1 from Makefile.am. # @configure_input@ -# Copyright (C) 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, -# 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# Copyright (C) 1994-2013 Free Software Foundation, Inc. + # This Makefile.in is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -32,6 +32,10 @@ # All paths should be given relative to the root # +# vim:ft=automake +# All paths should be given relative to the root +# + # vim:ft=automake # included from Top Level Makefile.am # All paths should be given relative to the root @@ -43,6 +47,10 @@ # included from Top Level Makefile.am # All paths should be given relative to the root +# vim:ft=automake +# All paths should be given relative to the root +# + # vim:ft=automake # All paths should be given relative to the root @@ -79,13 +87,113 @@ # included from Top Level Makefile.am # All paths should be given relative to the root +# vim:ft=automake + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + +# vim:ft=automake +# All paths should be given relative to the root +# + VPATH = @srcdir@ +am__is_gnu_make = test -n '$(MAKEFILE_LIST)' && test -n '$(MAKELEVEL)' +am__make_running_with_option = \ + case $${target_option-} in \ + ?) ;; \ + *) echo "am__make_running_with_option: internal error: invalid" \ + "target option '$${target_option-}' specified" >&2; \ + exit 1;; \ + esac; \ + has_opt=no; \ + sane_makeflags=$$MAKEFLAGS; \ + if $(am__is_gnu_make); then \ + sane_makeflags=$$MFLAGS; \ + else \ + case $$MAKEFLAGS in \ + *\\[\ \ ]*) \ + bs=\\; \ + sane_makeflags=`printf '%s\n' "$$MAKEFLAGS" \ + | sed "s/$$bs$$bs[$$bs $$bs ]*//g"`;; \ + esac; \ + fi; \ + skip_next=no; \ + strip_trailopt () \ + { \ + flg=`printf '%s\n' "$$flg" | sed "s/$$1.*$$//"`; \ + }; \ + for flg in $$sane_makeflags; do \ + test $$skip_next = yes && { skip_next=no; continue; }; \ + case $$flg in \ + *=*|--*) continue;; \ + -*I) strip_trailopt 'I'; skip_next=yes;; \ + -*I?*) strip_trailopt 'I';; \ + -*O) strip_trailopt 'O'; skip_next=yes;; \ + -*O?*) strip_trailopt 'O';; \ + -*l) strip_trailopt 'l'; skip_next=yes;; \ + -*l?*) strip_trailopt 'l';; \ + -[dEDm]) skip_next=yes;; \ + -[JT]) skip_next=yes;; \ + esac; \ + case $$flg in \ + *$$target_option*) has_opt=yes; break;; \ + esac; \ + done; \ + test $$has_opt = yes +am__make_dryrun = (target_option=n; $(am__make_running_with_option)) +am__make_keepgoing = (target_option=k; $(am__make_running_with_option)) pkgdatadir = $(datadir)/@PACKAGE@ -pkglibdir = $(libdir)/@PACKAGE@ pkgincludedir = $(includedir)/@PACKAGE@ +pkglibdir = $(libdir)/@PACKAGE@ +pkglibexecdir = $(libexecdir)/@PACKAGE@ am__cd = CDPATH="$${ZSH_VERSION+.}$(PATH_SEPARATOR)" && cd install_sh_DATA = $(install_sh) -c -m 644 install_sh_PROGRAM = $(install_sh) -c @@ -100,145 +208,289 @@ PRE_UNINSTALL = : POST_UNINSTALL = : build_triplet = @build@ host_triplet = @host@ -target_triplet = @target@ bin_PROGRAMS = noinst_PROGRAMS = ctaocrypt/benchmark/benchmark$(EXEEXT) \ - ctaocrypt/test/testctaocrypt$(EXEEXT) \ - examples/client/client$(EXEEXT) \ - examples/server/server$(EXEEXT) \ - examples/echoclient/echoclient$(EXEEXT) \ - examples/echoserver/echoserver$(EXEEXT) \ - testsuite/testsuite$(EXEEXT) tests/unit$(EXEEXT) \ - sslSniffer/sslSnifferTest/snifftest$(EXEEXT) -check_PROGRAMS = testsuite/testsuite$(EXEEXT) tests/unit$(EXEEXT) -DIST_COMMON = README $(am__configure_deps) $(include_HEADERS) \ - $(nobase_include_HEADERS) $(noinst_HEADERS) \ - $(srcdir)/Makefile.am $(srcdir)/Makefile.in \ - $(srcdir)/certs/crl/include.am $(srcdir)/certs/include.am \ - $(srcdir)/config.in $(srcdir)/ctaocrypt/benchmark/include.am \ + ctaocrypt/test/testctaocrypt$(EXEEXT) $(am__EXEEXT_3) \ + $(am__EXEEXT_4) $(am__EXEEXT_2) +check_PROGRAMS = $(am__EXEEXT_1) $(am__EXEEXT_2) +DIST_COMMON = $(srcdir)/cyassl/include.am \ + $(srcdir)/cyassl/ctaocrypt/include.am \ + $(srcdir)/cyassl/openssl/include.am $(srcdir)/certs/include.am \ + $(srcdir)/certs/1024/include.am $(srcdir)/certs/crl/include.am \ + $(srcdir)/doc/include.am $(srcdir)/swig/include.am \ + $(srcdir)/src/include.am $(srcdir)/support/include.am \ + $(srcdir)/ctaocrypt/benchmark/include.am \ $(srcdir)/ctaocrypt/src/include.am \ $(srcdir)/ctaocrypt/test/include.am \ - $(srcdir)/cyassl/ctaocrypt/include.am \ - $(srcdir)/cyassl/include.am \ - $(srcdir)/cyassl/openssl/include.am $(srcdir)/doc/include.am \ $(srcdir)/examples/client/include.am \ + $(srcdir)/examples/server/include.am \ $(srcdir)/examples/echoclient/include.am \ $(srcdir)/examples/echoserver/include.am \ - $(srcdir)/examples/server/include.am $(srcdir)/src/include.am \ + $(srcdir)/testsuite/include.am $(srcdir)/tests/include.am \ $(srcdir)/sslSniffer/sslSnifferTest/include.am \ - $(srcdir)/stamp-h.in $(srcdir)/swig/include.am \ - $(srcdir)/tests/include.am $(srcdir)/testsuite/include.am \ - $(top_srcdir)/configure $(top_srcdir)/cyassl/version.h.in \ - $(top_srcdir)/support/libcyassl.pc.in AUTHORS COPYING \ - ChangeLog NEWS config/compile config/config.guess \ - config/config.sub config/depcomp config/install-sh \ - config/ltmain.sh config/missing -@BUILD_AESNI_TRUE@am__append_1 = ctaocrypt/src/aes_asm.s -@BUILD_MD2_TRUE@am__append_2 = ctaocrypt/src/md2.c -@BUILD_RIPEMD_TRUE@am__append_3 = ctaocrypt/src/ripemd.c -@BUILD_SHA512_TRUE@am__append_4 = ctaocrypt/src/sha512.c -@BUILD_SNIFFER_TRUE@am__append_5 = src/sniffer.c -@BUILD_HC128_TRUE@am__append_6 = ctaocrypt/src/hc128.c -@BUILD_NOINLINE_TRUE@am__append_7 = ctaocrypt/src/misc.c -@BUILD_FASTMATH_TRUE@am__append_8 = ctaocrypt/src/tfm.c -@BUILD_FASTMATH_FALSE@am__append_9 = ctaocrypt/src/integer.c -@BUILD_ECC_TRUE@am__append_10 = ctaocrypt/src/ecc.c -@BUILD_OCSP_TRUE@am__append_11 = src/ocsp.c -@BUILD_CRL_TRUE@am__append_12 = src/crl.c -@BUILD_CRL_MONITOR_TRUE@am__append_13 = $(PTHREAD_CFLAGS) -@BUILD_CRL_MONITOR_TRUE@am__append_14 = $(PTHREAD_LIBS) + $(srcdir)/rpm/include.am \ + $(srcdir)/mqx/ctaocrypt_test/Sources/include.am \ + $(srcdir)/mqx/cyassl/include.am \ + $(srcdir)/mqx/cyassl_client/Sources/include.am \ + $(srcdir)/mqx/util_lib/Sources/include.am \ + $(srcdir)/mplabx/include.am \ + $(srcdir)/mplabx/ctaocrypt_benchmark.X/nbproject/include.am \ + $(srcdir)/mplabx/ctaocrypt_test.X/nbproject/include.am \ + $(srcdir)/mplabx/cyassl.X/nbproject/include.am \ + $(srcdir)/mcapi/include.am \ + $(srcdir)/mcapi/ctaocrypt_mcapi.X/nbproject/include.am \ + $(srcdir)/mcapi/ctaocrypt_test.X/nbproject/include.am \ + $(srcdir)/mcapi/cyassl.X/nbproject/include.am \ + $(srcdir)/mcapi/zlib.X/nbproject/include.am \ + $(srcdir)/Makefile.in $(srcdir)/Makefile.am \ + $(top_srcdir)/configure $(am__configure_deps) \ + $(srcdir)/config.in $(srcdir)/stamp-h.in \ + $(top_srcdir)/cyassl/version.h.in \ + $(top_srcdir)/cyassl/options.h.in \ + $(top_srcdir)/support/cyassl.pc.in $(top_srcdir)/rpm/spec.in \ + $(top_srcdir)/build-aux/depcomp $(dist_doc_DATA) \ + $(dist_example_DATA) $(include_HEADERS) \ + $(nobase_include_HEADERS) $(am__noinst_HEADERS_DIST) \ + $(top_srcdir)/build-aux/test-driver AUTHORS COPYING ChangeLog \ + NEWS README build-aux/compile build-aux/config.guess \ + build-aux/config.sub build-aux/depcomp build-aux/install-sh \ + build-aux/missing build-aux/ltmain.sh \ + $(top_srcdir)/build-aux/compile \ + $(top_srcdir)/build-aux/config.guess \ + $(top_srcdir)/build-aux/config.sub \ + $(top_srcdir)/build-aux/install-sh \ + $(top_srcdir)/build-aux/ltmain.sh \ + $(top_srcdir)/build-aux/missing +@BUILD_FIPS_TRUE@am__append_1 = ctaocrypt/src/wolfcrypt_first.c +@BUILD_MEMORY_TRUE@am__append_2 = ctaocrypt/src/memory.c +@BUILD_RSA_TRUE@am__append_3 = ctaocrypt/src/rsa.c +@BUILD_DH_TRUE@am__append_4 = ctaocrypt/src/dh.c +@BUILD_ASN_TRUE@am__append_5 = ctaocrypt/src/asn.c +@BUILD_FIPS_TRUE@am__append_6 = ctaocrypt/src/fips.c \ +@BUILD_FIPS_TRUE@ ctaocrypt/src/fips_test.c +@BUILD_CODING_TRUE@am__append_7 = ctaocrypt/src/coding.c +@BUILD_AES_TRUE@am__append_8 = ctaocrypt/src/aes.c +@BUILD_DES3_TRUE@am__append_9 = ctaocrypt/src/des3.c +@BUILD_SHA_TRUE@am__append_10 = ctaocrypt/src/sha.c +@BUILD_RC4_TRUE@am__append_11 = ctaocrypt/src/arc4.c +@BUILD_MD4_TRUE@am__append_12 = ctaocrypt/src/md4.c +@BUILD_MD5_TRUE@am__append_13 = ctaocrypt/src/md5.c +@BUILD_PWDBASED_TRUE@am__append_14 = ctaocrypt/src/pwdbased.c +@BUILD_DSA_TRUE@am__append_15 = ctaocrypt/src/dsa.c +@BUILD_AESNI_TRUE@am__append_16 = ctaocrypt/src/aes_asm.s +@BUILD_CAMELLIA_TRUE@am__append_17 = ctaocrypt/src/camellia.c +@BUILD_MD2_TRUE@am__append_18 = ctaocrypt/src/md2.c +@BUILD_RIPEMD_TRUE@am__append_19 = ctaocrypt/src/ripemd.c +@BUILD_SHA512_TRUE@am__append_20 = ctaocrypt/src/sha512.c +@BUILD_BLAKE2_TRUE@am__append_21 = ctaocrypt/src/blake2b.c +@BUILD_SNIFFER_TRUE@am__append_22 = src/sniffer.c +@BUILD_HC128_TRUE@am__append_23 = ctaocrypt/src/hc128.c +@BUILD_RABBIT_TRUE@am__append_24 = ctaocrypt/src/rabbit.c +@BUILD_INLINE_FALSE@am__append_25 = ctaocrypt/src/misc.c +@BUILD_FASTMATH_TRUE@am__append_26 = ctaocrypt/src/tfm.c +@BUILD_SLOWMATH_TRUE@am__append_27 = ctaocrypt/src/integer.c +@BUILD_ECC_TRUE@am__append_28 = ctaocrypt/src/ecc.c +@BUILD_OCSP_TRUE@am__append_29 = src/ocsp.c +@BUILD_CRL_TRUE@am__append_30 = src/crl.c +@BUILD_LIBZ_TRUE@am__append_31 = ctaocrypt/src/compress.c +@BUILD_PKCS7_TRUE@am__append_32 = ctaocrypt/src/pkcs7.c +@BUILD_FIPS_TRUE@am__append_33 = ctaocrypt/src/wolfcrypt_last.c +@BUILD_EXAMPLES_TRUE@am__append_34 = examples/client/client \ +@BUILD_EXAMPLES_TRUE@ examples/server/server \ +@BUILD_EXAMPLES_TRUE@ examples/echoclient/echoclient \ +@BUILD_EXAMPLES_TRUE@ examples/echoserver/echoserver \ +@BUILD_EXAMPLES_TRUE@ testsuite/testsuite.test tests/unit.test +@BUILD_EXAMPLES_TRUE@am__append_35 = examples/client/client.h \ +@BUILD_EXAMPLES_TRUE@ examples/server/server.h \ +@BUILD_EXAMPLES_TRUE@ examples/echoclient/echoclient.h \ +@BUILD_EXAMPLES_TRUE@ examples/echoserver/echoserver.h +@BUILD_EXAMPLES_TRUE@am__append_36 = testsuite/testsuite.test \ +@BUILD_EXAMPLES_TRUE@ tests/unit.test +@BUILD_SNIFFTEST_TRUE@am__append_37 = sslSniffer/sslSnifferTest/snifftest +@BUILD_MCAPI_TRUE@am__append_38 = mcapi/test +@BUILD_MCAPI_TRUE@am__append_39 = mcapi/test subdir = . ACLOCAL_M4 = $(top_srcdir)/aclocal.m4 -am__aclocal_m4_deps = $(top_srcdir)/m4/ax_pthread.m4 \ +am__aclocal_m4_deps = $(top_srcdir)/m4/ax_add_am_macro.m4 \ + $(top_srcdir)/m4/ax_am_jobserver.m4 \ + $(top_srcdir)/m4/ax_am_macros.m4 \ + $(top_srcdir)/m4/ax_append_compile_flags.m4 \ + $(top_srcdir)/m4/ax_append_flag.m4 \ + $(top_srcdir)/m4/ax_append_to_file.m4 \ + $(top_srcdir)/m4/ax_check_compile_flag.m4 \ + $(top_srcdir)/m4/ax_check_link_flag.m4 \ + $(top_srcdir)/m4/ax_count_cpus.m4 \ + $(top_srcdir)/m4/ax_create_generic_config.m4 \ + $(top_srcdir)/m4/ax_debug.m4 \ + $(top_srcdir)/m4/ax_file_escapes.m4 \ + $(top_srcdir)/m4/ax_harden_compiler_flags.m4 \ + $(top_srcdir)/m4/ax_print_to_file.m4 \ + $(top_srcdir)/m4/ax_pthread.m4 $(top_srcdir)/m4/ax_tls.m4 \ + $(top_srcdir)/m4/ax_vcs_checkout.m4 \ $(top_srcdir)/m4/hexversion.m4 \ $(top_srcdir)/m4/lib_socket_nsl.m4 $(top_srcdir)/m4/libtool.m4 \ $(top_srcdir)/m4/ltoptions.m4 $(top_srcdir)/m4/ltsugar.m4 \ $(top_srcdir)/m4/ltversion.m4 $(top_srcdir)/m4/lt~obsolete.m4 \ - $(top_srcdir)/m4/visibility.m4 $(top_srcdir)/configure.ac + $(top_srcdir)/m4/visibility.m4 \ + $(top_srcdir)/m4/wolfssl_darwin_clang.m4 \ + $(top_srcdir)/configure.ac am__configure_deps = $(am__aclocal_m4_deps) $(CONFIGURE_DEPENDENCIES) \ $(ACLOCAL_M4) am__CONFIG_DISTCLEAN_FILES = config.status config.cache config.log \ configure.lineno config.status.lineno mkinstalldirs = $(install_sh) -d CONFIG_HEADER = config.h -CONFIG_CLEAN_FILES = stamp-h cyassl/version.h support/libcyassl.pc +CONFIG_CLEAN_FILES = stamp-h cyassl/version.h cyassl/options.h \ + support/cyassl.pc rpm/spec +CONFIG_CLEAN_VPATH_FILES = am__vpath_adj_setup = srcdirstrip=`echo "$(srcdir)" | sed 's|.|.|g'`; am__vpath_adj = case $$p in \ $(srcdir)/*) f=`echo "$$p" | sed "s|^$$srcdirstrip/||"`;; \ *) f=$$p;; \ esac; -am__strip_dir = `echo $$p | sed -e 's|^.*/||'`; +am__strip_dir = f=`echo $$p | sed -e 's|^.*/||'`; +am__install_max = 40 +am__nobase_strip_setup = \ + srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*|]/\\\\&/g'` +am__nobase_strip = \ + for p in $$list; do echo "$$p"; done | sed -e "s|$$srcdirstrip/||" +am__nobase_list = $(am__nobase_strip_setup); \ + for p in $$list; do echo "$$p $$p"; done | \ + sed "s| $$srcdirstrip/| |;"' / .*\//!s/ .*/ ./; s,\( .*\)/[^/]*$$,\1,' | \ + $(AWK) 'BEGIN { files["."] = "" } { files[$$2] = files[$$2] " " $$1; \ + if (++n[$$2] == $(am__install_max)) \ + { print $$2, files[$$2]; n[$$2] = 0; files[$$2] = "" } } \ + END { for (dir in files) print dir, files[dir] }' +am__base_list = \ + sed '$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;$$!N;s/\n/ /g' | \ + sed '$$!N;$$!N;$$!N;$$!N;s/\n/ /g' +am__uninstall_files_from_dir = { \ + test -z "$$files" \ + || { test ! -d "$$dir" && test ! -f "$$dir" && test ! -r "$$dir"; } \ + || { echo " ( cd '$$dir' && rm -f" $$files ")"; \ + $(am__cd) "$$dir" && rm -f $$files; }; \ + } am__installdirs = "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" \ "$(DESTDIR)$(docdir)" "$(DESTDIR)$(exampledir)" \ - "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)" -libLTLIBRARIES_INSTALL = $(INSTALL) + "$(DESTDIR)$(pkgconfigdir)" "$(DESTDIR)$(includedir)" \ + "$(DESTDIR)$(includedir)" LTLIBRARIES = $(lib_LTLIBRARIES) $(noinst_LTLIBRARIES) am__DEPENDENCIES_1 = -@BUILD_CRL_MONITOR_TRUE@am__DEPENDENCIES_2 = $(am__DEPENDENCIES_1) -src_libcyassl_la_DEPENDENCIES = $(am__DEPENDENCIES_1) \ - $(am__DEPENDENCIES_2) -am__src_libcyassl_la_SOURCES_DIST = src/internal.c src/io.c src/keys.c \ - src/ssl.c src/tls.c ctaocrypt/src/asn.c ctaocrypt/src/coding.c \ - ctaocrypt/src/des3.c ctaocrypt/src/hmac.c ctaocrypt/src/md5.c \ - ctaocrypt/src/md4.c ctaocrypt/src/random.c ctaocrypt/src/rsa.c \ - ctaocrypt/src/sha.c ctaocrypt/src/aes.c ctaocrypt/src/sha256.c \ - ctaocrypt/src/dh.c ctaocrypt/src/dsa.c ctaocrypt/src/arc4.c \ - ctaocrypt/src/rabbit.c ctaocrypt/src/pwdbased.c \ - ctaocrypt/src/logging.c ctaocrypt/src/memory.c \ - ctaocrypt/src/aes_asm.s ctaocrypt/src/md2.c \ - ctaocrypt/src/ripemd.c ctaocrypt/src/sha512.c src/sniffer.c \ - ctaocrypt/src/hc128.c ctaocrypt/src/misc.c ctaocrypt/src/tfm.c \ +src_libcyassl_la_DEPENDENCIES = $(am__DEPENDENCIES_1) +am__src_libcyassl_la_SOURCES_DIST = ctaocrypt/src/wolfcrypt_first.c \ + src/internal.c src/io.c src/keys.c src/ssl.c src/tls.c \ + ctaocrypt/src/hmac.c ctaocrypt/src/random.c \ + ctaocrypt/src/sha256.c ctaocrypt/src/logging.c \ + ctaocrypt/src/wc_port.c ctaocrypt/src/error.c \ + ctaocrypt/src/memory.c ctaocrypt/src/rsa.c ctaocrypt/src/dh.c \ + ctaocrypt/src/asn.c ctaocrypt/src/fips.c \ + ctaocrypt/src/fips_test.c ctaocrypt/src/coding.c \ + ctaocrypt/src/aes.c ctaocrypt/src/des3.c ctaocrypt/src/sha.c \ + ctaocrypt/src/arc4.c ctaocrypt/src/md4.c ctaocrypt/src/md5.c \ + ctaocrypt/src/pwdbased.c ctaocrypt/src/dsa.c \ + ctaocrypt/src/aes_asm.s ctaocrypt/src/camellia.c \ + ctaocrypt/src/md2.c ctaocrypt/src/ripemd.c \ + ctaocrypt/src/sha512.c ctaocrypt/src/blake2b.c src/sniffer.c \ + ctaocrypt/src/hc128.c ctaocrypt/src/rabbit.c \ + ctaocrypt/src/misc.c ctaocrypt/src/tfm.c \ ctaocrypt/src/integer.c ctaocrypt/src/ecc.c src/ocsp.c \ - src/crl.c + src/crl.c ctaocrypt/src/compress.c ctaocrypt/src/pkcs7.c \ + ctaocrypt/src/wolfcrypt_last.c am__dirstamp = $(am__leading_dot)dirstamp -@BUILD_AESNI_TRUE@am__objects_1 = ctaocrypt/src/aes_asm.lo -@BUILD_MD2_TRUE@am__objects_2 = ctaocrypt/src/src_libcyassl_la-md2.lo -@BUILD_RIPEMD_TRUE@am__objects_3 = \ +@BUILD_FIPS_TRUE@am__objects_1 = ctaocrypt/src/src_libcyassl_la-wolfcrypt_first.lo +@BUILD_MEMORY_TRUE@am__objects_2 = \ +@BUILD_MEMORY_TRUE@ ctaocrypt/src/src_libcyassl_la-memory.lo +@BUILD_RSA_TRUE@am__objects_3 = ctaocrypt/src/src_libcyassl_la-rsa.lo +@BUILD_DH_TRUE@am__objects_4 = ctaocrypt/src/src_libcyassl_la-dh.lo +@BUILD_ASN_TRUE@am__objects_5 = ctaocrypt/src/src_libcyassl_la-asn.lo +@BUILD_FIPS_TRUE@am__objects_6 = \ +@BUILD_FIPS_TRUE@ ctaocrypt/src/src_libcyassl_la-fips.lo \ +@BUILD_FIPS_TRUE@ ctaocrypt/src/src_libcyassl_la-fips_test.lo +@BUILD_CODING_TRUE@am__objects_7 = \ +@BUILD_CODING_TRUE@ ctaocrypt/src/src_libcyassl_la-coding.lo +@BUILD_AES_TRUE@am__objects_8 = ctaocrypt/src/src_libcyassl_la-aes.lo +@BUILD_DES3_TRUE@am__objects_9 = \ +@BUILD_DES3_TRUE@ ctaocrypt/src/src_libcyassl_la-des3.lo +@BUILD_SHA_TRUE@am__objects_10 = \ +@BUILD_SHA_TRUE@ ctaocrypt/src/src_libcyassl_la-sha.lo +@BUILD_RC4_TRUE@am__objects_11 = \ +@BUILD_RC4_TRUE@ ctaocrypt/src/src_libcyassl_la-arc4.lo +@BUILD_MD4_TRUE@am__objects_12 = \ +@BUILD_MD4_TRUE@ ctaocrypt/src/src_libcyassl_la-md4.lo +@BUILD_MD5_TRUE@am__objects_13 = \ +@BUILD_MD5_TRUE@ ctaocrypt/src/src_libcyassl_la-md5.lo +@BUILD_PWDBASED_TRUE@am__objects_14 = ctaocrypt/src/src_libcyassl_la-pwdbased.lo +@BUILD_DSA_TRUE@am__objects_15 = \ +@BUILD_DSA_TRUE@ ctaocrypt/src/src_libcyassl_la-dsa.lo +@BUILD_AESNI_TRUE@am__objects_16 = ctaocrypt/src/aes_asm.lo +@BUILD_CAMELLIA_TRUE@am__objects_17 = ctaocrypt/src/src_libcyassl_la-camellia.lo +@BUILD_MD2_TRUE@am__objects_18 = \ +@BUILD_MD2_TRUE@ ctaocrypt/src/src_libcyassl_la-md2.lo +@BUILD_RIPEMD_TRUE@am__objects_19 = \ @BUILD_RIPEMD_TRUE@ ctaocrypt/src/src_libcyassl_la-ripemd.lo -@BUILD_SHA512_TRUE@am__objects_4 = \ +@BUILD_SHA512_TRUE@am__objects_20 = \ @BUILD_SHA512_TRUE@ ctaocrypt/src/src_libcyassl_la-sha512.lo -@BUILD_SNIFFER_TRUE@am__objects_5 = src/src_libcyassl_la-sniffer.lo -@BUILD_HC128_TRUE@am__objects_6 = \ +@BUILD_BLAKE2_TRUE@am__objects_21 = \ +@BUILD_BLAKE2_TRUE@ ctaocrypt/src/src_libcyassl_la-blake2b.lo +@BUILD_SNIFFER_TRUE@am__objects_22 = src/src_libcyassl_la-sniffer.lo +@BUILD_HC128_TRUE@am__objects_23 = \ @BUILD_HC128_TRUE@ ctaocrypt/src/src_libcyassl_la-hc128.lo -@BUILD_NOINLINE_TRUE@am__objects_7 = \ -@BUILD_NOINLINE_TRUE@ ctaocrypt/src/src_libcyassl_la-misc.lo -@BUILD_FASTMATH_TRUE@am__objects_8 = \ +@BUILD_RABBIT_TRUE@am__objects_24 = \ +@BUILD_RABBIT_TRUE@ ctaocrypt/src/src_libcyassl_la-rabbit.lo +@BUILD_INLINE_FALSE@am__objects_25 = \ +@BUILD_INLINE_FALSE@ ctaocrypt/src/src_libcyassl_la-misc.lo +@BUILD_FASTMATH_TRUE@am__objects_26 = \ @BUILD_FASTMATH_TRUE@ ctaocrypt/src/src_libcyassl_la-tfm.lo -@BUILD_FASTMATH_FALSE@am__objects_9 = ctaocrypt/src/src_libcyassl_la-integer.lo -@BUILD_ECC_TRUE@am__objects_10 = \ +@BUILD_SLOWMATH_TRUE@am__objects_27 = ctaocrypt/src/src_libcyassl_la-integer.lo +@BUILD_ECC_TRUE@am__objects_28 = \ @BUILD_ECC_TRUE@ ctaocrypt/src/src_libcyassl_la-ecc.lo -@BUILD_OCSP_TRUE@am__objects_11 = src/src_libcyassl_la-ocsp.lo -@BUILD_CRL_TRUE@am__objects_12 = src/src_libcyassl_la-crl.lo -am_src_libcyassl_la_OBJECTS = src/src_libcyassl_la-internal.lo \ - src/src_libcyassl_la-io.lo src/src_libcyassl_la-keys.lo \ - src/src_libcyassl_la-ssl.lo src/src_libcyassl_la-tls.lo \ - ctaocrypt/src/src_libcyassl_la-asn.lo \ - ctaocrypt/src/src_libcyassl_la-coding.lo \ - ctaocrypt/src/src_libcyassl_la-des3.lo \ +@BUILD_OCSP_TRUE@am__objects_29 = src/src_libcyassl_la-ocsp.lo +@BUILD_CRL_TRUE@am__objects_30 = src/src_libcyassl_la-crl.lo +@BUILD_LIBZ_TRUE@am__objects_31 = \ +@BUILD_LIBZ_TRUE@ ctaocrypt/src/src_libcyassl_la-compress.lo +@BUILD_PKCS7_TRUE@am__objects_32 = \ +@BUILD_PKCS7_TRUE@ ctaocrypt/src/src_libcyassl_la-pkcs7.lo +@BUILD_FIPS_TRUE@am__objects_33 = ctaocrypt/src/src_libcyassl_la-wolfcrypt_last.lo +am_src_libcyassl_la_OBJECTS = $(am__objects_1) \ + src/src_libcyassl_la-internal.lo src/src_libcyassl_la-io.lo \ + src/src_libcyassl_la-keys.lo src/src_libcyassl_la-ssl.lo \ + src/src_libcyassl_la-tls.lo \ ctaocrypt/src/src_libcyassl_la-hmac.lo \ - ctaocrypt/src/src_libcyassl_la-md5.lo \ - ctaocrypt/src/src_libcyassl_la-md4.lo \ ctaocrypt/src/src_libcyassl_la-random.lo \ - ctaocrypt/src/src_libcyassl_la-rsa.lo \ - ctaocrypt/src/src_libcyassl_la-sha.lo \ - ctaocrypt/src/src_libcyassl_la-aes.lo \ ctaocrypt/src/src_libcyassl_la-sha256.lo \ - ctaocrypt/src/src_libcyassl_la-dh.lo \ - ctaocrypt/src/src_libcyassl_la-dsa.lo \ - ctaocrypt/src/src_libcyassl_la-arc4.lo \ - ctaocrypt/src/src_libcyassl_la-rabbit.lo \ - ctaocrypt/src/src_libcyassl_la-pwdbased.lo \ ctaocrypt/src/src_libcyassl_la-logging.lo \ - ctaocrypt/src/src_libcyassl_la-memory.lo $(am__objects_1) \ - $(am__objects_2) $(am__objects_3) $(am__objects_4) \ - $(am__objects_5) $(am__objects_6) $(am__objects_7) \ - $(am__objects_8) $(am__objects_9) $(am__objects_10) \ - $(am__objects_11) $(am__objects_12) + ctaocrypt/src/src_libcyassl_la-wc_port.lo \ + ctaocrypt/src/src_libcyassl_la-error.lo $(am__objects_2) \ + $(am__objects_3) $(am__objects_4) $(am__objects_5) \ + $(am__objects_6) $(am__objects_7) $(am__objects_8) \ + $(am__objects_9) $(am__objects_10) $(am__objects_11) \ + $(am__objects_12) $(am__objects_13) $(am__objects_14) \ + $(am__objects_15) $(am__objects_16) $(am__objects_17) \ + $(am__objects_18) $(am__objects_19) $(am__objects_20) \ + $(am__objects_21) $(am__objects_22) $(am__objects_23) \ + $(am__objects_24) $(am__objects_25) $(am__objects_26) \ + $(am__objects_27) $(am__objects_28) $(am__objects_29) \ + $(am__objects_30) $(am__objects_31) $(am__objects_32) \ + $(am__objects_33) src_libcyassl_la_OBJECTS = $(am_src_libcyassl_la_OBJECTS) -src_libcyassl_la_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(src_libcyassl_la_CFLAGS) \ - $(CFLAGS) $(src_libcyassl_la_LDFLAGS) $(LDFLAGS) -o $@ -binPROGRAMS_INSTALL = $(INSTALL_PROGRAM) +AM_V_lt = $(am__v_lt_@AM_V@) +am__v_lt_ = $(am__v_lt_@AM_DEFAULT_V@) +am__v_lt_0 = --silent +am__v_lt_1 = +src_libcyassl_la_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(src_libcyassl_la_CFLAGS) $(CFLAGS) \ + $(src_libcyassl_la_LDFLAGS) $(LDFLAGS) -o $@ +@BUILD_EXAMPLES_TRUE@am__EXEEXT_1 = testsuite/testsuite.test$(EXEEXT) \ +@BUILD_EXAMPLES_TRUE@ tests/unit.test$(EXEEXT) +@BUILD_MCAPI_TRUE@am__EXEEXT_2 = mcapi/test$(EXEEXT) +@BUILD_EXAMPLES_TRUE@am__EXEEXT_3 = examples/client/client$(EXEEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/server/server$(EXEEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/echoclient/echoclient$(EXEEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/echoserver/echoserver$(EXEEXT) \ +@BUILD_EXAMPLES_TRUE@ testsuite/testsuite.test$(EXEEXT) \ +@BUILD_EXAMPLES_TRUE@ tests/unit.test$(EXEEXT) +@BUILD_SNIFFTEST_TRUE@am__EXEEXT_4 = sslSniffer/sslSnifferTest/snifftest$(EXEEXT) PROGRAMS = $(bin_PROGRAMS) $(noinst_PROGRAMS) am_ctaocrypt_benchmark_benchmark_OBJECTS = \ ctaocrypt/benchmark/benchmark.$(OBJEXT) @@ -248,103 +500,362 @@ am_ctaocrypt_test_testctaocrypt_OBJECTS = \ ctaocrypt/test/test.$(OBJEXT) ctaocrypt_test_testctaocrypt_OBJECTS = \ $(am_ctaocrypt_test_testctaocrypt_OBJECTS) -am_examples_client_client_OBJECTS = examples/client/client.$(OBJEXT) +am__examples_client_client_SOURCES_DIST = examples/client/client.c +@BUILD_EXAMPLES_TRUE@am_examples_client_client_OBJECTS = \ +@BUILD_EXAMPLES_TRUE@ examples/client/client.$(OBJEXT) examples_client_client_OBJECTS = $(am_examples_client_client_OBJECTS) -am_examples_echoclient_echoclient_OBJECTS = \ - examples/echoclient/echoclient.$(OBJEXT) +am__examples_echoclient_echoclient_SOURCES_DIST = \ + examples/echoclient/echoclient.c +@BUILD_EXAMPLES_TRUE@am_examples_echoclient_echoclient_OBJECTS = \ +@BUILD_EXAMPLES_TRUE@ examples/echoclient/echoclient.$(OBJEXT) examples_echoclient_echoclient_OBJECTS = \ $(am_examples_echoclient_echoclient_OBJECTS) -am_examples_echoserver_echoserver_OBJECTS = \ - examples/echoserver/echoserver.$(OBJEXT) +am__examples_echoserver_echoserver_SOURCES_DIST = \ + examples/echoserver/echoserver.c +@BUILD_EXAMPLES_TRUE@am_examples_echoserver_echoserver_OBJECTS = \ +@BUILD_EXAMPLES_TRUE@ examples/echoserver/echoserver.$(OBJEXT) examples_echoserver_echoserver_OBJECTS = \ $(am_examples_echoserver_echoserver_OBJECTS) -am_examples_server_server_OBJECTS = examples/server/server.$(OBJEXT) +am__examples_server_server_SOURCES_DIST = examples/server/server.c +@BUILD_EXAMPLES_TRUE@am_examples_server_server_OBJECTS = \ +@BUILD_EXAMPLES_TRUE@ examples/server/server.$(OBJEXT) examples_server_server_OBJECTS = $(am_examples_server_server_OBJECTS) -am_sslSniffer_sslSnifferTest_snifftest_OBJECTS = \ - sslSniffer/sslSnifferTest/snifftest.$(OBJEXT) +am__mcapi_test_SOURCES_DIST = mcapi/crypto.c mcapi/mcapi_test.c +@BUILD_MCAPI_TRUE@am_mcapi_test_OBJECTS = mcapi/crypto.$(OBJEXT) \ +@BUILD_MCAPI_TRUE@ mcapi/mcapi_test.$(OBJEXT) +mcapi_test_OBJECTS = $(am_mcapi_test_OBJECTS) +am__sslSniffer_sslSnifferTest_snifftest_SOURCES_DIST = \ + sslSniffer/sslSnifferTest/snifftest.c +@BUILD_SNIFFTEST_TRUE@am_sslSniffer_sslSnifferTest_snifftest_OBJECTS = sslSniffer/sslSnifferTest/snifftest.$(OBJEXT) sslSniffer_sslSnifferTest_snifftest_OBJECTS = \ $(am_sslSniffer_sslSnifferTest_snifftest_OBJECTS) -am_tests_unit_OBJECTS = tests/tests_unit-unit.$(OBJEXT) \ - tests/tests_unit-api.$(OBJEXT) \ - tests/tests_unit-suites.$(OBJEXT) \ - tests/tests_unit-hash.$(OBJEXT) \ - examples/client/tests_unit-client.$(OBJEXT) \ - examples/server/tests_unit-server.$(OBJEXT) -tests_unit_OBJECTS = $(am_tests_unit_OBJECTS) -tests_unit_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) $(tests_unit_CFLAGS) \ - $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) -o $@ -am_testsuite_testsuite_OBJECTS = \ - ctaocrypt/test/testsuite_testsuite-test.$(OBJEXT) \ - examples/client/testsuite_testsuite-client.$(OBJEXT) \ - examples/echoclient/testsuite_testsuite-echoclient.$(OBJEXT) \ - examples/echoserver/testsuite_testsuite-echoserver.$(OBJEXT) \ - examples/server/testsuite_testsuite-server.$(OBJEXT) \ - testsuite/testsuite_testsuite-testsuite.$(OBJEXT) -testsuite_testsuite_OBJECTS = $(am_testsuite_testsuite_OBJECTS) -testsuite_testsuite_LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) \ - $(LIBTOOLFLAGS) --mode=link $(CCLD) \ - $(testsuite_testsuite_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ +am__tests_unit_test_SOURCES_DIST = tests/unit.c tests/api.c \ + tests/suites.c tests/hash.c examples/client/client.c \ + examples/server/server.c +@BUILD_EXAMPLES_TRUE@am_tests_unit_test_OBJECTS = \ +@BUILD_EXAMPLES_TRUE@ tests/tests_unit_test-unit.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ tests/tests_unit_test-api.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ tests/tests_unit_test-suites.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ tests/tests_unit_test-hash.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/client/tests_unit_test-client.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/server/tests_unit_test-server.$(OBJEXT) +tests_unit_test_OBJECTS = $(am_tests_unit_test_OBJECTS) +tests_unit_test_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(tests_unit_test_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) $(LDFLAGS) \ + -o $@ +am__testsuite_testsuite_test_SOURCES_DIST = ctaocrypt/test/test.c \ + examples/client/client.c examples/echoclient/echoclient.c \ + examples/echoserver/echoserver.c examples/server/server.c \ + testsuite/testsuite.c +@BUILD_EXAMPLES_TRUE@am_testsuite_testsuite_test_OBJECTS = ctaocrypt/test/testsuite_testsuite_test-test.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/client/testsuite_testsuite_test-client.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/echoclient/testsuite_testsuite_test-echoclient.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/echoserver/testsuite_testsuite_test-echoserver.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ examples/server/testsuite_testsuite_test-server.$(OBJEXT) \ +@BUILD_EXAMPLES_TRUE@ testsuite/testsuite_testsuite_test-testsuite.$(OBJEXT) +testsuite_testsuite_test_OBJECTS = \ + $(am_testsuite_testsuite_test_OBJECTS) +testsuite_testsuite_test_LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC \ + $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=link $(CCLD) \ + $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ $(LDFLAGS) -o $@ +AM_V_P = $(am__v_P_@AM_V@) +am__v_P_ = $(am__v_P_@AM_DEFAULT_V@) +am__v_P_0 = false +am__v_P_1 = : +AM_V_GEN = $(am__v_GEN_@AM_V@) +am__v_GEN_ = $(am__v_GEN_@AM_DEFAULT_V@) +am__v_GEN_0 = @echo " GEN " $@; +am__v_GEN_1 = +AM_V_at = $(am__v_at_@AM_V@) +am__v_at_ = $(am__v_at_@AM_DEFAULT_V@) +am__v_at_0 = @ +am__v_at_1 = DEFAULT_INCLUDES = -I.@am__isrc@ -depcomp = $(SHELL) $(top_srcdir)/config/depcomp +depcomp = $(SHELL) $(top_srcdir)/build-aux/depcomp am__depfiles_maybe = depfiles +am__mv = mv -f COMPILE = $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) \ $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) -LTCOMPILE = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) \ - $(AM_CPPFLAGS) $(CPPFLAGS) $(AM_CFLAGS) $(CFLAGS) +LTCOMPILE = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) \ + $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) \ + $(AM_CFLAGS) $(CFLAGS) +AM_V_CC = $(am__v_CC_@AM_V@) +am__v_CC_ = $(am__v_CC_@AM_DEFAULT_V@) +am__v_CC_0 = @echo " CC " $@; +am__v_CC_1 = CCLD = $(CC) -LINK = $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) $(AM_LDFLAGS) \ - $(LDFLAGS) -o $@ +LINK = $(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=link $(CCLD) $(AM_CFLAGS) $(CFLAGS) \ + $(AM_LDFLAGS) $(LDFLAGS) -o $@ +AM_V_CCLD = $(am__v_CCLD_@AM_V@) +am__v_CCLD_ = $(am__v_CCLD_@AM_DEFAULT_V@) +am__v_CCLD_0 = @echo " CCLD " $@; +am__v_CCLD_1 = CCASCOMPILE = $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS) -LTCCASCOMPILE = $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) \ - --mode=compile $(CCAS) $(AM_CCASFLAGS) $(CCASFLAGS) +LTCCASCOMPILE = $(LIBTOOL) $(AM_V_lt) $(AM_LIBTOOLFLAGS) \ + $(LIBTOOLFLAGS) --mode=compile $(CCAS) $(AM_CCASFLAGS) \ + $(CCASFLAGS) +AM_V_CCAS = $(am__v_CCAS_@AM_V@) +am__v_CCAS_ = $(am__v_CCAS_@AM_DEFAULT_V@) +am__v_CCAS_0 = @echo " CCAS " $@; +am__v_CCAS_1 = SOURCES = $(src_libcyassl_la_SOURCES) \ $(ctaocrypt_benchmark_benchmark_SOURCES) \ $(ctaocrypt_test_testctaocrypt_SOURCES) \ $(examples_client_client_SOURCES) \ $(examples_echoclient_echoclient_SOURCES) \ $(examples_echoserver_echoserver_SOURCES) \ - $(examples_server_server_SOURCES) \ + $(examples_server_server_SOURCES) $(mcapi_test_SOURCES) \ $(sslSniffer_sslSnifferTest_snifftest_SOURCES) \ - $(tests_unit_SOURCES) $(testsuite_testsuite_SOURCES) + $(tests_unit_test_SOURCES) $(testsuite_testsuite_test_SOURCES) DIST_SOURCES = $(am__src_libcyassl_la_SOURCES_DIST) \ $(ctaocrypt_benchmark_benchmark_SOURCES) \ $(ctaocrypt_test_testctaocrypt_SOURCES) \ - $(examples_client_client_SOURCES) \ - $(examples_echoclient_echoclient_SOURCES) \ - $(examples_echoserver_echoserver_SOURCES) \ - $(examples_server_server_SOURCES) \ - $(sslSniffer_sslSnifferTest_snifftest_SOURCES) \ - $(tests_unit_SOURCES) $(testsuite_testsuite_SOURCES) -docDATA_INSTALL = $(INSTALL_DATA) -exampleDATA_INSTALL = $(INSTALL_DATA) -DATA = $(doc_DATA) $(example_DATA) -includeHEADERS_INSTALL = $(INSTALL_HEADER) -nobase_includeHEADERS_INSTALL = $(install_sh_DATA) + $(am__examples_client_client_SOURCES_DIST) \ + $(am__examples_echoclient_echoclient_SOURCES_DIST) \ + $(am__examples_echoserver_echoserver_SOURCES_DIST) \ + $(am__examples_server_server_SOURCES_DIST) \ + $(am__mcapi_test_SOURCES_DIST) \ + $(am__sslSniffer_sslSnifferTest_snifftest_SOURCES_DIST) \ + $(am__tests_unit_test_SOURCES_DIST) \ + $(am__testsuite_testsuite_test_SOURCES_DIST) +am__can_run_installinfo = \ + case $$AM_UPDATE_INFO_DIR in \ + n|no|NO) false;; \ + *) (install-info --version) >/dev/null 2>&1;; \ + esac +DATA = $(dist_doc_DATA) $(dist_example_DATA) $(pkgconfig_DATA) +am__noinst_HEADERS_DIST = cyassl/internal.h ctaocrypt/test/test.h \ + examples/client/client.h examples/server/server.h \ + examples/echoclient/echoclient.h \ + examples/echoserver/echoserver.h mcapi/crypto.h HEADERS = $(include_HEADERS) $(nobase_include_HEADERS) \ $(noinst_HEADERS) +am__tagged_files = $(HEADERS) $(SOURCES) $(TAGS_FILES) \ + $(LISP)config.in +# Read a list of newline-separated strings from the standard input, +# and print each of them once, without duplicates. Input order is +# *not* preserved. +am__uniquify_input = $(AWK) '\ + BEGIN { nonempty = 0; } \ + { items[$$0] = 1; nonempty = 1; } \ + END { if (nonempty) { for (i in items) print i; }; } \ +' +# Make sure the list of sources is unique. This is necessary because, +# e.g., the same source file might be shared among _SOURCES variables +# for different programs/libraries. +am__define_uniq_tagged_files = \ + list='$(am__tagged_files)'; \ + unique=`for i in $$list; do \ + if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ + done | $(am__uniquify_input)` ETAGS = etags CTAGS = ctags +CSCOPE = cscope +AM_RECURSIVE_TARGETS = cscope check recheck +am__tty_colors_dummy = \ + mgn= red= grn= lgn= blu= brg= std=; \ + am__color_tests=no +am__tty_colors = { \ + $(am__tty_colors_dummy); \ + if test "X$(AM_COLOR_TESTS)" = Xno; then \ + am__color_tests=no; \ + elif test "X$(AM_COLOR_TESTS)" = Xalways; then \ + am__color_tests=yes; \ + elif test "X$$TERM" != Xdumb && { test -t 1; } 2>/dev/null; then \ + am__color_tests=yes; \ + fi; \ + if test $$am__color_tests = yes; then \ + red=''; \ + grn=''; \ + lgn=''; \ + blu=''; \ + mgn=''; \ + brg=''; \ + std=''; \ + fi; \ +} +am__recheck_rx = ^[ ]*:recheck:[ ]* +am__global_test_result_rx = ^[ ]*:global-test-result:[ ]* +am__copy_in_global_log_rx = ^[ ]*:copy-in-global-log:[ ]* +# A command that, given a newline-separated list of test names on the +# standard input, print the name of the tests that are to be re-run +# upon "make recheck". +am__list_recheck_tests = $(AWK) '{ \ + recheck = 1; \ + while ((rc = (getline line < ($$0 ".trs"))) != 0) \ + { \ + if (rc < 0) \ + { \ + if ((getline line2 < ($$0 ".log")) < 0) \ + recheck = 0; \ + break; \ + } \ + else if (line ~ /$(am__recheck_rx)[nN][Oo]/) \ + { \ + recheck = 0; \ + break; \ + } \ + else if (line ~ /$(am__recheck_rx)[yY][eE][sS]/) \ + { \ + break; \ + } \ + }; \ + if (recheck) \ + print $$0; \ + close ($$0 ".trs"); \ + close ($$0 ".log"); \ +}' +# A command that, given a newline-separated list of test names on the +# standard input, create the global log from their .trs and .log files. +am__create_global_log = $(AWK) ' \ +function fatal(msg) \ +{ \ + print "fatal: making $@: " msg | "cat >&2"; \ + exit 1; \ +} \ +function rst_section(header) \ +{ \ + print header; \ + len = length(header); \ + for (i = 1; i <= len; i = i + 1) \ + printf "="; \ + printf "\n\n"; \ +} \ +{ \ + copy_in_global_log = 1; \ + global_test_result = "RUN"; \ + while ((rc = (getline line < ($$0 ".trs"))) != 0) \ + { \ + if (rc < 0) \ + fatal("failed to read from " $$0 ".trs"); \ + if (line ~ /$(am__global_test_result_rx)/) \ + { \ + sub("$(am__global_test_result_rx)", "", line); \ + sub("[ ]*$$", "", line); \ + global_test_result = line; \ + } \ + else if (line ~ /$(am__copy_in_global_log_rx)[nN][oO]/) \ + copy_in_global_log = 0; \ + }; \ + if (copy_in_global_log) \ + { \ + rst_section(global_test_result ": " $$0); \ + while ((rc = (getline line < ($$0 ".log"))) != 0) \ + { \ + if (rc < 0) \ + fatal("failed to read from " $$0 ".log"); \ + print line; \ + }; \ + printf "\n"; \ + }; \ + close ($$0 ".trs"); \ + close ($$0 ".log"); \ +}' +# Restructured Text title. +am__rst_title = { sed 's/.*/ & /;h;s/./=/g;p;x;s/ *$$//;p;g' && echo; } +# Solaris 10 'make', and several other traditional 'make' implementations, +# pass "-e" to $(SHELL), and POSIX 2008 even requires this. Work around it +# by disabling -e (using the XSI extension "set +e") if it's set. +am__sh_e_setup = case $$- in *e*) set +e;; esac +# Default flags passed to test drivers. +am__common_driver_flags = \ + --color-tests "$$am__color_tests" \ + --enable-hard-errors "$$am__enable_hard_errors" \ + --expect-failure "$$am__expect_failure" +# To be inserted before the command running the test. Creates the +# directory for the log if needed. Stores in $dir the directory +# containing $f, in $tst the test, in $log the log. Executes the +# developer- defined test setup AM_TESTS_ENVIRONMENT (if any), and +# passes TESTS_ENVIRONMENT. Set up options for the wrapper that +# will run the test scripts (or their associated LOG_COMPILER, if +# thy have one). +am__check_pre = \ +$(am__sh_e_setup); \ +$(am__vpath_adj_setup) $(am__vpath_adj) \ +$(am__tty_colors); \ +srcdir=$(srcdir); export srcdir; \ +case "$@" in \ + */*) am__odir=`echo "./$@" | sed 's|/[^/]*$$||'`;; \ + *) am__odir=.;; \ +esac; \ +test "x$$am__odir" = x"." || test -d "$$am__odir" \ + || $(MKDIR_P) "$$am__odir" || exit $$?; \ +if test -f "./$$f"; then dir=./; \ +elif test -f "$$f"; then dir=; \ +else dir="$(srcdir)/"; fi; \ +tst=$$dir$$f; log='$@'; \ +if test -n '$(DISABLE_HARD_ERRORS)'; then \ + am__enable_hard_errors=no; \ +else \ + am__enable_hard_errors=yes; \ +fi; \ +case " $(XFAIL_TESTS) " in \ + *[\ \ ]$$f[\ \ ]* | *[\ \ ]$$dir$$f[\ \ ]*) \ + am__expect_failure=yes;; \ + *) \ + am__expect_failure=no;; \ +esac; \ +$(AM_TESTS_ENVIRONMENT) $(TESTS_ENVIRONMENT) +# A shell command to get the names of the tests scripts with any registered +# extension removed (i.e., equivalently, the names of the test logs, with +# the '.log' extension removed). The result is saved in the shell variable +# '$bases'. This honors runtime overriding of TESTS and TEST_LOGS. Sadly, +# we cannot use something simpler, involving e.g., "$(TEST_LOGS:.log=)", +# since that might cause problem with VPATH rewrites for suffix-less tests. +# See also 'test-harness-vpath-rewrite.sh' and 'test-trs-basic.sh'. +am__set_TESTS_bases = \ + bases='$(TEST_LOGS)'; \ + bases=`for i in $$bases; do echo $$i; done | sed 's/\.log$$//'`; \ + bases=`echo $$bases` +RECHECK_LOGS = $(TEST_LOGS) +TEST_SUITE_LOG = test-suite.log +LOG_DRIVER = $(SHELL) $(top_srcdir)/build-aux/test-driver +LOG_COMPILE = $(LOG_COMPILER) $(AM_LOG_FLAGS) $(LOG_FLAGS) +am__set_b = \ + case '$@' in \ + */*) \ + case '$*' in \ + */*) b='$*';; \ + *) b=`echo '$@' | sed 's/\.log$$//'`; \ + esac;; \ + *) \ + b='$*';; \ + esac +am__test_logs1 = $(TESTS:=.log) +am__test_logs2 = $(am__test_logs1:@EXEEXT@.log=.log) +TEST_LOGS = $(am__test_logs2:.test.log=.log) +TEST_LOG_DRIVER = $(SHELL) $(top_srcdir)/build-aux/test-driver +TEST_LOG_COMPILE = $(TEST_LOG_COMPILER) $(AM_TEST_LOG_FLAGS) \ + $(TEST_LOG_FLAGS) DISTFILES = $(DIST_COMMON) $(DIST_SOURCES) $(TEXINFOS) $(EXTRA_DIST) distdir = $(PACKAGE)-$(VERSION) top_distdir = $(distdir) am__remove_distdir = \ - { test ! -d $(distdir) \ - || { find $(distdir) -type d ! -perm -200 -exec chmod u+w {} ';' \ - && rm -fr $(distdir); }; } + if test -d "$(distdir)"; then \ + find "$(distdir)" -type d ! -perm -200 -exec chmod u+w {} ';' \ + && rm -rf "$(distdir)" \ + || { sleep 5 && rm -rf "$(distdir)"; }; \ + else :; fi +am__post_remove_distdir = $(am__remove_distdir) DIST_ARCHIVES = $(distdir).tar.gz GZIP_ENV = --best +DIST_TARGETS = dist-gzip distuninstallcheck_listfiles = find . -type f -print +am__distuninstallcheck_listfiles = $(distuninstallcheck_listfiles) \ + | sed 's|^\./|$(prefix)/|' | grep -v '$(infodir)/dir$$' distcleancheck_listfiles = find . -type f -print ACLOCAL = @ACLOCAL@ +AMINCLUDE = @AMINCLUDE@ AMTAR = @AMTAR@ AM_CFLAGS = @AM_CFLAGS@ +AM_CPPFLAGS = @AM_CPPFLAGS@ +AM_DEFAULT_VERBOSITY = @AM_DEFAULT_VERBOSITY@ AM_LDFLAGS = @AM_LDFLAGS@ AR = @AR@ -AS = @AS@ AUTOCONF = @AUTOCONF@ AUTOHEADER = @AUTOHEADER@ AUTOMAKE = @AUTOMAKE@ @@ -375,9 +886,13 @@ ECHO_T = @ECHO_T@ EGREP = @EGREP@ EXEEXT = @EXEEXT@ FGREP = @FGREP@ +GENERIC_CONFIG = @GENERIC_CONFIG@ GREP = @GREP@ +HAVE_OPENSSL_CMD = @HAVE_OPENSSL_CMD@ +HAVE_VALGRIND = @HAVE_VALGRIND@ HAVE_VISIBILITY = @HAVE_VISIBILITY@ HEX_VERSION = @HEX_VERSION@ +INC_AMINCLUDE = @INC_AMINCLUDE@ INSTALL = @INSTALL@ INSTALL_DATA = @INSTALL_DATA@ INSTALL_PROGRAM = @INSTALL_PROGRAM@ @@ -393,6 +908,8 @@ LIPO = @LIPO@ LN_S = @LN_S@ LTLIBOBJS = @LTLIBOBJS@ MAKEINFO = @MAKEINFO@ +MANIFEST_TOOL = @MANIFEST_TOOL@ +MCHECK = @MCHECK@ MKDIR_P = @MKDIR_P@ NM = @NM@ NMEDIT = @NMEDIT@ @@ -405,6 +922,7 @@ PACKAGE_BUGREPORT = @PACKAGE_BUGREPORT@ PACKAGE_NAME = @PACKAGE_NAME@ PACKAGE_STRING = @PACKAGE_STRING@ PACKAGE_TARNAME = @PACKAGE_TARNAME@ +PACKAGE_URL = @PACKAGE_URL@ PACKAGE_VERSION = @PACKAGE_VERSION@ PATH_SEPARATOR = @PATH_SEPARATOR@ PTHREAD_CC = @PTHREAD_CC@ @@ -420,6 +938,7 @@ abs_builddir = @abs_builddir@ abs_srcdir = @abs_srcdir@ abs_top_builddir = @abs_top_builddir@ abs_top_srcdir = @abs_top_srcdir@ +ac_ct_AR = @ac_ct_AR@ ac_ct_CC = @ac_ct_CC@ ac_ct_CXX = @ac_ct_CXX@ ac_ct_DUMPBIN = @ac_ct_DUMPBIN@ @@ -465,38 +984,51 @@ sbindir = @sbindir@ sharedstatedir = @sharedstatedir@ srcdir = @srcdir@ sysconfdir = @sysconfdir@ -target = @target@ target_alias = @target_alias@ -target_cpu = @target_cpu@ -target_os = @target_os@ -target_vendor = @target_vendor@ +top_build_prefix = @top_build_prefix@ top_builddir = @top_builddir@ top_srcdir = @top_srcdir@ # includes append to these: SUFFIXES = TESTS = $(check_PROGRAMS) -CLEANFILES = -DISTCLEANFILES = -noinst_HEADERS = +CLEANFILES = cert.der cert.pem certecc.der certecc.pem certreq.der \ + certreq.pem key.der key.pem ntru-cert.der ntru-cert.pem \ + ntru-key.raw othercert.der othercert.pem pkcs7cert.der \ + pkcs7envelopedData.der pkcs7signedData.der +# fips files shouldn't be left after make distclean +DISTCLEANFILES = aminclude.am ctaocrypt/benchmark/.libs/benchmark \ + ctaocrypt/test/.libs/testctaocrypt \ + examples/client/.libs/client examples/server/.libs/server \ + examples/echoclient/.libs/echoclient \ + examples/echoserver/.libs/echoserver \ + testsuite/.libs/testsuite.test tests/.libs/unit.test \ + sslSniffer/sslSnifferTest/.libs/snifftest cyassl-config \ + ctaocrypt/src/fips.c ctaocrypt/src/fips_test.c +noinst_HEADERS = cyassl/internal.h ctaocrypt/test/test.h \ + $(am__append_35) mcapi/crypto.h lib_LTLIBRARIES = src/libcyassl.la man_MANS = noinst_LTLIBRARIES = include_HEADERS = nobase_include_HEADERS = cyassl/ctaocrypt/aes.h \ cyassl/ctaocrypt/arc4.h cyassl/ctaocrypt/asn.h \ - cyassl/ctaocrypt/asn_public.h cyassl/ctaocrypt/coding.h \ + cyassl/ctaocrypt/asn_public.h cyassl/ctaocrypt/camellia.h \ + cyassl/ctaocrypt/coding.h cyassl/ctaocrypt/compress.h \ cyassl/ctaocrypt/des3.h cyassl/ctaocrypt/dh.h \ cyassl/ctaocrypt/dsa.h cyassl/ctaocrypt/ecc.h \ - cyassl/ctaocrypt/error.h cyassl/ctaocrypt/hc128.h \ - cyassl/ctaocrypt/hmac.h cyassl/ctaocrypt/integer.h \ - cyassl/ctaocrypt/md2.h cyassl/ctaocrypt/md4.h \ - cyassl/ctaocrypt/md5.h cyassl/ctaocrypt/misc.h \ - cyassl/ctaocrypt/pwdbased.h cyassl/ctaocrypt/rabbit.h \ - cyassl/ctaocrypt/random.h cyassl/ctaocrypt/ripemd.h \ - cyassl/ctaocrypt/rsa.h cyassl/ctaocrypt/settings.h \ - cyassl/ctaocrypt/sha256.h cyassl/ctaocrypt/sha512.h \ - cyassl/ctaocrypt/sha.h cyassl/ctaocrypt/tfm.h \ + cyassl/ctaocrypt/error-crypt.h cyassl/ctaocrypt/fips_test.h \ + cyassl/ctaocrypt/hc128.h cyassl/ctaocrypt/hmac.h \ + cyassl/ctaocrypt/integer.h cyassl/ctaocrypt/md2.h \ + cyassl/ctaocrypt/md4.h cyassl/ctaocrypt/md5.h \ + cyassl/ctaocrypt/misc.h cyassl/ctaocrypt/pkcs7.h \ + cyassl/ctaocrypt/wc_port.h cyassl/ctaocrypt/pwdbased.h \ + cyassl/ctaocrypt/rabbit.h cyassl/ctaocrypt/random.h \ + cyassl/ctaocrypt/ripemd.h cyassl/ctaocrypt/rsa.h \ + cyassl/ctaocrypt/settings.h cyassl/ctaocrypt/sha256.h \ + cyassl/ctaocrypt/sha512.h cyassl/ctaocrypt/sha.h \ + cyassl/ctaocrypt/blake2.h cyassl/ctaocrypt/blake2-int.h \ + cyassl/ctaocrypt/blake2-impl.h cyassl/ctaocrypt/tfm.h \ cyassl/ctaocrypt/types.h cyassl/ctaocrypt/visibility.h \ cyassl/ctaocrypt/logging.h cyassl/ctaocrypt/memory.h \ cyassl/ctaocrypt/mpi_class.h cyassl/ctaocrypt/mpi_superclass.h \ @@ -514,35 +1046,44 @@ nobase_include_HEADERS = cyassl/ctaocrypt/aes.h \ cyassl/openssl/rand.h cyassl/openssl/rsa.h \ cyassl/openssl/sha.h cyassl/openssl/ssl.h \ cyassl/openssl/stack.h cyassl/openssl/ui.h \ - cyassl/openssl/x509.h cyassl/openssl/x509v3.h cyassl/error.h \ - cyassl/internal.h cyassl/ssl.h cyassl/sniffer_error.h \ - cyassl/sniffer.h cyassl/callbacks.h cyassl/test.h \ - cyassl/version.h cyassl/ocsp.h cyassl/crl.h + cyassl/openssl/x509.h cyassl/openssl/x509v3.h \ + cyassl/error-ssl.h cyassl/ssl.h cyassl/sniffer_error.h \ + cyassl/sniffer.h cyassl/callbacks.h cyassl/certs_test.h \ + cyassl/test.h cyassl/version.h cyassl/options.h cyassl/ocsp.h \ + cyassl/crl.h EXTRA_HEADERS = BUILT_SOURCES = -EXTRA_DIST = $(example_DATA) $(doc_DATA) lib/dummy cyassl-ntru.vcproj \ - cyassl.vcproj cyassl-iphone.xcodeproj/project.pbxproj \ - cyassl-ntru.sln cyassl.sln cyassl/sniffer_error.rc \ - certs/ca-cert.pem certs/ca-key.pem certs/client-cert.pem \ - certs/client-keyEnc.pem certs/client-key.pem certs/ecc-key.pem \ - certs/ecc-keyPkcs8.pem certs/ecc-client-key.pem \ - certs/client-ecc-cert.pem certs/ntru-cert.pem certs/dh2048.pem \ - certs/server-cert.pem certs/server-ecc.pem \ - certs/server-ecc-rsa.pem certs/server-keyEnc.pem \ - certs/server-key.pem certs/server-keyPkcs8Enc12.pem \ - certs/server-keyPkcs8Enc2.pem certs/server-keyPkcs8Enc.pem \ - certs/server-keyPkcs8.pem certs/ca-key.der \ - certs/client-cert.der certs/client-key.der certs/dh2048.der \ - certs/rsa2048.der certs/dsa2048.der certs/ecc-key.der \ - certs/ntru-key.raw certs/crl/crl.pem certs/crl/cliCrl.pem \ +EXTRA_DIST = lib/dummy cyassl-ntru.vcproj cyassl.vcproj cyassl.vcxproj \ + cyassl-iphone.xcodeproj/project.pbxproj \ + cyassl-ios.xcodeproj/project.pbxproj cyassl-ntru.sln \ + cyassl.sln cyassl64.sln valgrind-error.sh gencertbuf.pl IDE \ + cyassl/sniffer_error.rc certs/ca-cert.pem certs/ca-key.pem \ + certs/client-cert.pem certs/client-keyEnc.pem \ + certs/client-key.pem certs/ecc-key.pem certs/ecc-keyPkcs8.pem \ + certs/ecc-client-key.pem certs/client-ecc-cert.pem \ + certs/ntru-cert.pem certs/dh2048.pem certs/server-cert.pem \ + certs/server-ecc.pem certs/server-ecc-rsa.pem \ + certs/server-keyEnc.pem certs/server-key.pem \ + certs/server-keyPkcs8Enc12.pem certs/server-keyPkcs8Enc2.pem \ + certs/server-keyPkcs8Enc.pem certs/server-keyPkcs8.pem \ + certs/ca-key.der certs/ca-cert.der certs/client-cert.der \ + certs/client-key.der certs/dh2048.der certs/rsa2048.der \ + certs/dsa2048.der certs/ecc-key.der certs/server-key.der \ + certs/server-cert.der certs/ntru-key.raw \ + certs/1024/client-cert.pem certs/1024/client-key.pem \ + certs/1024/dh1024.pem certs/1024/dsa1024.pem \ + certs/1024/client-cert.der certs/1024/client-key.der \ + certs/1024/dh1024.der certs/1024/dsa1024.der \ + certs/1024/rsa1024.der certs/crl/crl.pem certs/crl/cliCrl.pem \ certs/crl/eccSrvCRL.pem certs/crl/eccCliCRL.pem \ certs/crl/crl.revoked swig/PythonBuild.sh swig/README \ swig/cyassl.i swig/cyassl_adds.c swig/python_cyassl.vcproj \ - swig/rsasign.py swig/runme.py \ + swig/rsasign.py swig/runme.py support/cyassl.pc \ ctaocrypt/benchmark/benchmark.sln \ ctaocrypt/benchmark/benchmark.vcproj ctaocrypt/src/misc.c \ - ctaocrypt/src/asm.c ctaocrypt/src/ecc_fp.c \ - ctaocrypt/src/fp_mont_small.i ctaocrypt/src/fp_mul_comba_12.i \ + ctaocrypt/src/asm.c ctaocrypt/src/aes_asm.asm \ + ctaocrypt/src/ecc_fp.c ctaocrypt/src/fp_mont_small.i \ + ctaocrypt/src/fp_mul_comba_12.i \ ctaocrypt/src/fp_mul_comba_17.i \ ctaocrypt/src/fp_mul_comba_20.i \ ctaocrypt/src/fp_mul_comba_24.i \ @@ -566,109 +1107,155 @@ EXTRA_DIST = $(example_DATA) $(doc_DATA) lib/dummy cyassl-ntru.vcproj \ ctaocrypt/src/fp_sqr_comba_small_set.i ctaocrypt/test/test.sln \ ctaocrypt/test/test.vcproj examples/client/client.sln \ examples/client/client-ntru.vcproj \ - examples/client/client.vcproj examples/server/server.sln \ - examples/server/server-ntru.vcproj \ - examples/server/server.vcproj \ + examples/client/client.vcproj examples/client/client.vcxproj \ + examples/server/server.sln examples/server/server-ntru.vcproj \ + examples/server/server.vcproj examples/server/server.vcxproj \ examples/echoclient/echoclient.sln \ examples/echoclient/echoclient-ntru.vcproj \ examples/echoclient/echoclient.vcproj \ + examples/echoclient/echoclient.vcxproj \ examples/echoserver/echoserver.sln \ examples/echoserver/echoserver-ntru.vcproj \ - examples/echoserver/echoserver.vcproj testsuite/testsuite.sln \ + examples/echoserver/echoserver.vcproj \ + examples/echoserver/echoserver.vcxproj testsuite/testsuite.sln \ testsuite/testsuite-ntru.vcproj testsuite/testsuite.vcproj \ - input quit tests/unit.h tests/test.conf \ - tests/test-openssl.conf tests/test-hc128.conf \ - tests/test-psk.conf tests/test-ntru.conf tests/test-ecc.conf \ - tests/test-aesgcm.conf tests/test-aesgcm-ecc.conf \ - tests/test-aesgcm-openssl.conf tests/test-dtls.conf \ - sslSniffer/sslSniffer.vcproj \ - sslSniffer/sslSnifferTest/sslSniffTest.vcproj -doc_DATA = certs/taoCert.txt doc/README.txt -exampledir = $(docdir)/@PACKAGE@/example -example_DATA = examples/client/client.c examples/server/server.c \ + testsuite/testsuite.vcxproj input quit tests/unit.h \ + tests/test.conf tests/test-dtls.conf \ + sslSniffer/sslSniffer.vcproj sslSniffer/sslSniffer.vcxproj \ + sslSniffer/sslSnifferTest/sslSniffTest.vcproj \ + mqx/ctaocrypt_test/.cproject mqx/ctaocrypt_test/.project \ + mqx/ctaocrypt_test/ReferencedRSESystems.xml \ + mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch \ + mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch \ + mqx/ctaocrypt_test/Sources/main.c \ + mqx/ctaocrypt_test/Sources/main.h mqx/README \ + mqx/cyassl/.cproject mqx/cyassl/.project \ + mqx/cyassl_client/.cproject mqx/cyassl_client/.project \ + mqx/cyassl_client/ReferencedRSESystems.xml \ + mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch \ + mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch \ + mqx/cyassl_client/Sources/main.c \ + mqx/cyassl_client/Sources/main.h mqx/util_lib/.cproject \ + mqx/util_lib/.project mqx/util_lib/Sources/util.c \ + mqx/util_lib/Sources/util.h mplabx/PIC32MZ-serial.h \ + mplabx/README mplabx/benchmark_main.c mplabx/test_main.c \ + mplabx/ctaocrypt_benchmark.X/Makefile \ + mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml \ + mplabx/ctaocrypt_benchmark.X/nbproject/project.xml \ + mplabx/ctaocrypt_test.X/Makefile \ + mplabx/ctaocrypt_test.X/nbproject/configurations.xml \ + mplabx/ctaocrypt_test.X/nbproject/project.xml \ + mplabx/cyassl.X/Makefile \ + mplabx/cyassl.X/nbproject/configurations.xml \ + mplabx/cyassl.X/nbproject/project.xml mcapi/README \ + mcapi/PIC32MZ-serial.h mcapi/ctaocrypt_mcapi.X/Makefile \ + mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml \ + mcapi/ctaocrypt_mcapi.X/nbproject/project.xml \ + mcapi/ctaocrypt_test.X/Makefile \ + mcapi/ctaocrypt_test.X/nbproject/configurations.xml \ + mcapi/ctaocrypt_test.X/nbproject/project.xml \ + mcapi/cyassl.X/Makefile \ + mcapi/cyassl.X/nbproject/configurations.xml \ + mcapi/cyassl.X/nbproject/project.xml mcapi/zlib.X/Makefile \ + mcapi/zlib.X/nbproject/configurations.xml \ + mcapi/zlib.X/nbproject/project.xml +dist_doc_DATA = certs/taoCert.txt doc/README.txt +exampledir = $(docdir)/example +dist_example_DATA = examples/client/client.c examples/server/server.c \ examples/echoclient/echoclient.c \ examples/echoserver/echoserver.c -ACLOCAL_AMFLAGS = -I m4 --install -src_libcyassl_la_SOURCES = src/internal.c src/io.c src/keys.c \ - src/ssl.c src/tls.c ctaocrypt/src/asn.c ctaocrypt/src/coding.c \ - ctaocrypt/src/des3.c ctaocrypt/src/hmac.c ctaocrypt/src/md5.c \ - ctaocrypt/src/md4.c ctaocrypt/src/random.c ctaocrypt/src/rsa.c \ - ctaocrypt/src/sha.c ctaocrypt/src/aes.c ctaocrypt/src/sha256.c \ - ctaocrypt/src/dh.c ctaocrypt/src/dsa.c ctaocrypt/src/arc4.c \ - ctaocrypt/src/rabbit.c ctaocrypt/src/pwdbased.c \ - ctaocrypt/src/logging.c ctaocrypt/src/memory.c $(am__append_1) \ - $(am__append_2) $(am__append_3) $(am__append_4) \ - $(am__append_5) $(am__append_6) $(am__append_7) \ - $(am__append_8) $(am__append_9) $(am__append_10) \ - $(am__append_11) $(am__append_12) +ACLOCAL_AMFLAGS = -I m4 +src_libcyassl_la_SOURCES = $(am__append_1) src/internal.c src/io.c \ + src/keys.c src/ssl.c src/tls.c ctaocrypt/src/hmac.c \ + ctaocrypt/src/random.c ctaocrypt/src/sha256.c \ + ctaocrypt/src/logging.c ctaocrypt/src/wc_port.c \ + ctaocrypt/src/error.c $(am__append_2) $(am__append_3) \ + $(am__append_4) $(am__append_5) $(am__append_6) \ + $(am__append_7) $(am__append_8) $(am__append_9) \ + $(am__append_10) $(am__append_11) $(am__append_12) \ + $(am__append_13) $(am__append_14) $(am__append_15) \ + $(am__append_16) $(am__append_17) $(am__append_18) \ + $(am__append_19) $(am__append_20) $(am__append_21) \ + $(am__append_22) $(am__append_23) $(am__append_24) \ + $(am__append_25) $(am__append_26) $(am__append_27) \ + $(am__append_28) $(am__append_29) $(am__append_30) \ + $(am__append_31) $(am__append_32) $(am__append_33) src_libcyassl_la_LDFLAGS = ${AM_LDFLAGS} -no-undefined -version-info ${CYASSL_LIBRARY_VERSION} -src_libcyassl_la_LIBADD = $(LIBM) $(am__append_14) -src_libcyassl_la_CFLAGS = -DBUILDING_CYASSL $(AM_CFLAGS) \ - $(am__append_13) +src_libcyassl_la_LIBADD = $(LIBM) +src_libcyassl_la_CFLAGS = -DBUILDING_CYASSL $(AM_CFLAGS) src_libcyassl_la_CPPFLAGS = -DBUILDING_CYASSL $(AM_CPPFLAGS) +pkgconfigdir = $(libdir)/pkgconfig +pkgconfig_DATA = support/cyassl.pc ctaocrypt_benchmark_benchmark_SOURCES = ctaocrypt/benchmark/benchmark.c ctaocrypt_benchmark_benchmark_LDADD = src/libcyassl.la ctaocrypt_benchmark_benchmark_DEPENDENCIES = src/libcyassl.la ctaocrypt_test_testctaocrypt_SOURCES = ctaocrypt/test/test.c ctaocrypt_test_testctaocrypt_LDADD = src/libcyassl.la ctaocrypt_test_testctaocrypt_DEPENDENCIES = src/libcyassl.la -examples_client_client_SOURCES = examples/client/client.c -examples_client_client_LDADD = src/libcyassl.la -examples_client_client_DEPENDENCIES = src/libcyassl.la -examples_server_server_SOURCES = examples/server/server.c -examples_server_server_LDADD = src/libcyassl.la -examples_server_server_DEPENDENCIES = src/libcyassl.la -examples_echoclient_echoclient_SOURCES = examples/echoclient/echoclient.c -examples_echoclient_echoclient_LDADD = src/libcyassl.la -examples_echoclient_echoclient_DEPENDENCIES = src/libcyassl.la -examples_echoserver_echoserver_SOURCES = examples/echoserver/echoserver.c -examples_echoserver_echoserver_LDADD = src/libcyassl.la -examples_echoserver_echoserver_DEPENDENCIES = src/libcyassl.la -testsuite_testsuite_SOURCES = \ - ctaocrypt/test/test.c \ - examples/client/client.c \ - examples/echoclient/echoclient.c \ - examples/echoserver/echoserver.c \ - examples/server/server.c \ - testsuite/testsuite.c - -testsuite_testsuite_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) $(PTHREAD_CFLAGS) -testsuite_testsuite_LDADD = src/libcyassl.la $(PTHREAD_LIBS) -testsuite_testsuite_DEPENDENCIES = src/libcyassl.la -tests_unit_SOURCES = \ - tests/unit.c \ - tests/api.c \ - tests/suites.c \ - tests/hash.c \ - examples/client/client.c \ - examples/server/server.c - -tests_unit_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) $(PTHREAD_CFLAGS) -tests_unit_LDADD = src/libcyassl.la $(PTHREAD_LIBS) -tests_unit_DEPENDENCIES = src/libcyassl.la -sslSniffer_sslSnifferTest_snifftest_SOURCES = sslSniffer/sslSnifferTest/snifftest.c -@BUILD_SNIFFER_TRUE@sslSniffer_sslSnifferTest_snifftest_LDADD = src/libcyassl.la -lpcap -@BUILD_SNIFFER_TRUE@sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@examples_client_client_SOURCES = examples/client/client.c +@BUILD_EXAMPLES_TRUE@examples_client_client_LDADD = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@examples_client_client_DEPENDENCIES = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@examples_server_server_SOURCES = examples/server/server.c +@BUILD_EXAMPLES_TRUE@examples_server_server_LDADD = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@examples_server_server_DEPENDENCIES = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@examples_echoclient_echoclient_SOURCES = examples/echoclient/echoclient.c +@BUILD_EXAMPLES_TRUE@examples_echoclient_echoclient_LDADD = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@examples_echoclient_echoclient_DEPENDENCIES = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@examples_echoserver_echoserver_SOURCES = examples/echoserver/echoserver.c +@BUILD_EXAMPLES_TRUE@examples_echoserver_echoserver_LDADD = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@examples_echoserver_echoserver_DEPENDENCIES = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@testsuite_testsuite_test_SOURCES = \ +@BUILD_EXAMPLES_TRUE@ ctaocrypt/test/test.c \ +@BUILD_EXAMPLES_TRUE@ examples/client/client.c \ +@BUILD_EXAMPLES_TRUE@ examples/echoclient/echoclient.c \ +@BUILD_EXAMPLES_TRUE@ examples/echoserver/echoserver.c \ +@BUILD_EXAMPLES_TRUE@ examples/server/server.c \ +@BUILD_EXAMPLES_TRUE@ testsuite/testsuite.c + +@BUILD_EXAMPLES_TRUE@testsuite_testsuite_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) +@BUILD_EXAMPLES_TRUE@testsuite_testsuite_test_LDADD = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@testsuite_testsuite_test_DEPENDENCIES = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@tests_unit_test_SOURCES = \ +@BUILD_EXAMPLES_TRUE@ tests/unit.c \ +@BUILD_EXAMPLES_TRUE@ tests/api.c \ +@BUILD_EXAMPLES_TRUE@ tests/suites.c \ +@BUILD_EXAMPLES_TRUE@ tests/hash.c \ +@BUILD_EXAMPLES_TRUE@ examples/client/client.c \ +@BUILD_EXAMPLES_TRUE@ examples/server/server.c + +@BUILD_EXAMPLES_TRUE@tests_unit_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) +@BUILD_EXAMPLES_TRUE@tests_unit_test_LDADD = src/libcyassl.la +@BUILD_EXAMPLES_TRUE@tests_unit_test_DEPENDENCIES = src/libcyassl.la +@BUILD_SNIFFTEST_TRUE@sslSniffer_sslSnifferTest_snifftest_SOURCES = sslSniffer/sslSnifferTest/snifftest.c +@BUILD_SNIFFTEST_TRUE@sslSniffer_sslSnifferTest_snifftest_LDADD = src/libcyassl.la -lpcap +@BUILD_SNIFFTEST_TRUE@sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES = src/libcyassl.la +@BUILD_MCAPI_TRUE@mcapi_test_SOURCES = mcapi/crypto.c \ +@BUILD_MCAPI_TRUE@ mcapi/mcapi_test.c + +@BUILD_MCAPI_TRUE@mcapi_test_LDADD = src/libcyassl.la +@BUILD_MCAPI_TRUE@mcapi_test_DEPENDENCIES = src/libcyassl.la +@USE_VALGRIND_TRUE@TESTS_ENVIRONMENT = ./valgrind-error.sh +TEST_EXTENSIONS = .test all: $(BUILT_SOURCES) config.h $(MAKE) $(AM_MAKEFLAGS) all-am .SUFFIXES: -.SUFFIXES: .c .lo .o .obj .s -am--refresh: +.SUFFIXES: .c .lo .log .o .obj .s .test .test$(EXEEXT) .trs +am--refresh: Makefile @: -$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(srcdir)/cyassl/include.am $(srcdir)/cyassl/ctaocrypt/include.am $(srcdir)/cyassl/openssl/include.am $(srcdir)/certs/include.am $(srcdir)/certs/crl/include.am $(srcdir)/doc/include.am $(srcdir)/swig/include.am $(srcdir)/src/include.am $(srcdir)/ctaocrypt/benchmark/include.am $(srcdir)/ctaocrypt/src/include.am $(srcdir)/ctaocrypt/test/include.am $(srcdir)/examples/client/include.am $(srcdir)/examples/server/include.am $(srcdir)/examples/echoclient/include.am $(srcdir)/examples/echoserver/include.am $(srcdir)/testsuite/include.am $(srcdir)/tests/include.am $(srcdir)/sslSniffer/sslSnifferTest/include.am $(am__configure_deps) +$(srcdir)/Makefile.in: $(srcdir)/Makefile.am $(srcdir)/cyassl/include.am $(srcdir)/cyassl/ctaocrypt/include.am $(srcdir)/cyassl/openssl/include.am $(srcdir)/certs/include.am $(srcdir)/certs/1024/include.am $(srcdir)/certs/crl/include.am $(srcdir)/doc/include.am $(srcdir)/swig/include.am $(srcdir)/src/include.am $(srcdir)/support/include.am $(srcdir)/ctaocrypt/benchmark/include.am $(srcdir)/ctaocrypt/src/include.am $(srcdir)/ctaocrypt/test/include.am $(srcdir)/examples/client/include.am $(srcdir)/examples/server/include.am $(srcdir)/examples/echoclient/include.am $(srcdir)/examples/echoserver/include.am $(srcdir)/testsuite/include.am $(srcdir)/tests/include.am $(srcdir)/sslSniffer/sslSnifferTest/include.am $(srcdir)/rpm/include.am $(srcdir)/mqx/ctaocrypt_test/Sources/include.am $(srcdir)/mqx/cyassl/include.am $(srcdir)/mqx/cyassl_client/Sources/include.am $(srcdir)/mqx/util_lib/Sources/include.am $(srcdir)/mplabx/include.am $(srcdir)/mplabx/ctaocrypt_benchmark.X/nbproject/include.am $(srcdir)/mplabx/ctaocrypt_test.X/nbproject/include.am $(srcdir)/mplabx/cyassl.X/nbproject/include.am $(srcdir)/mcapi/include.am $(srcdir)/mcapi/ctaocrypt_mcapi.X/nbproject/include.am $(srcdir)/mcapi/ctaocrypt_test.X/nbproject/include.am $(srcdir)/mcapi/cyassl.X/nbproject/include.am $(srcdir)/mcapi/zlib.X/nbproject/include.am $(am__configure_deps) @for dep in $?; do \ case '$(am__configure_deps)' in \ *$$dep*) \ - echo ' cd $(srcdir) && $(AUTOMAKE) --foreign '; \ - cd $(srcdir) && $(AUTOMAKE) --foreign \ + echo ' cd $(srcdir) && $(AUTOMAKE) --foreign'; \ + $(am__cd) $(srcdir) && $(AUTOMAKE) --foreign \ && exit 0; \ exit 1;; \ esac; \ done; \ - echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ - cd $(top_srcdir) && \ - $(AUTOMAKE) --foreign Makefile + echo ' cd $(top_srcdir) && $(AUTOMAKE) --foreign Makefile'; \ + $(am__cd) $(top_srcdir) && \ + $(AUTOMAKE) --foreign Makefile .PRECIOUS: Makefile Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status @case '$?' in \ @@ -679,26 +1266,26 @@ Makefile: $(srcdir)/Makefile.in $(top_builddir)/config.status echo ' cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe)'; \ cd $(top_builddir) && $(SHELL) ./config.status $@ $(am__depfiles_maybe);; \ esac; +$(srcdir)/cyassl/include.am $(srcdir)/cyassl/ctaocrypt/include.am $(srcdir)/cyassl/openssl/include.am $(srcdir)/certs/include.am $(srcdir)/certs/1024/include.am $(srcdir)/certs/crl/include.am $(srcdir)/doc/include.am $(srcdir)/swig/include.am $(srcdir)/src/include.am $(srcdir)/support/include.am $(srcdir)/ctaocrypt/benchmark/include.am $(srcdir)/ctaocrypt/src/include.am $(srcdir)/ctaocrypt/test/include.am $(srcdir)/examples/client/include.am $(srcdir)/examples/server/include.am $(srcdir)/examples/echoclient/include.am $(srcdir)/examples/echoserver/include.am $(srcdir)/testsuite/include.am $(srcdir)/tests/include.am $(srcdir)/sslSniffer/sslSnifferTest/include.am $(srcdir)/rpm/include.am $(srcdir)/mqx/ctaocrypt_test/Sources/include.am $(srcdir)/mqx/cyassl/include.am $(srcdir)/mqx/cyassl_client/Sources/include.am $(srcdir)/mqx/util_lib/Sources/include.am $(srcdir)/mplabx/include.am $(srcdir)/mplabx/ctaocrypt_benchmark.X/nbproject/include.am $(srcdir)/mplabx/ctaocrypt_test.X/nbproject/include.am $(srcdir)/mplabx/cyassl.X/nbproject/include.am $(srcdir)/mcapi/include.am $(srcdir)/mcapi/ctaocrypt_mcapi.X/nbproject/include.am $(srcdir)/mcapi/ctaocrypt_test.X/nbproject/include.am $(srcdir)/mcapi/cyassl.X/nbproject/include.am $(srcdir)/mcapi/zlib.X/nbproject/include.am: $(top_builddir)/config.status: $(top_srcdir)/configure $(CONFIG_STATUS_DEPENDENCIES) $(SHELL) ./config.status --recheck $(top_srcdir)/configure: $(am__configure_deps) - cd $(srcdir) && $(AUTOCONF) + $(am__cd) $(srcdir) && $(AUTOCONF) $(ACLOCAL_M4): $(am__aclocal_m4_deps) - cd $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) + $(am__cd) $(srcdir) && $(ACLOCAL) $(ACLOCAL_AMFLAGS) +$(am__aclocal_m4_deps): config.h: stamp-h1 - @if test ! -f $@; then \ - rm -f stamp-h1; \ - $(MAKE) $(AM_MAKEFLAGS) stamp-h1; \ - else :; fi + @test -f $@ || rm -f stamp-h1 + @test -f $@ || $(MAKE) $(AM_MAKEFLAGS) stamp-h1 stamp-h1: $(srcdir)/config.in $(top_builddir)/config.status @rm -f stamp-h1 cd $(top_builddir) && $(SHELL) ./config.status config.h $(srcdir)/config.in: $(am__configure_deps) - cd $(top_srcdir) && $(AUTOHEADER) + ($(am__cd) $(top_srcdir) && $(AUTOHEADER)) rm -f stamp-h1 touch $@ @@ -708,44 +1295,67 @@ stamp-h: $(top_builddir)/config.status $(srcdir)/stamp-h.in cd $(top_builddir) && $(SHELL) ./config.status $@ cyassl/version.h: $(top_builddir)/config.status $(top_srcdir)/cyassl/version.h.in cd $(top_builddir) && $(SHELL) ./config.status $@ -support/libcyassl.pc: $(top_builddir)/config.status $(top_srcdir)/support/libcyassl.pc.in +cyassl/options.h: $(top_builddir)/config.status $(top_srcdir)/cyassl/options.h.in + cd $(top_builddir) && $(SHELL) ./config.status $@ +support/cyassl.pc: $(top_builddir)/config.status $(top_srcdir)/support/cyassl.pc.in cd $(top_builddir) && $(SHELL) ./config.status $@ +rpm/spec: $(top_builddir)/config.status $(top_srcdir)/rpm/spec.in + cd $(top_builddir) && $(SHELL) ./config.status $@ + install-libLTLIBRARIES: $(lib_LTLIBRARIES) @$(NORMAL_INSTALL) - test -z "$(libdir)" || $(MKDIR_P) "$(DESTDIR)$(libdir)" - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + list2=; for p in $$list; do \ if test -f $$p; then \ - f=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) '$$p' '$(DESTDIR)$(libdir)/$$f'"; \ - $(LIBTOOL) --mode=install $(libLTLIBRARIES_INSTALL) $(INSTALL_STRIP_FLAG) "$$p" "$(DESTDIR)$(libdir)/$$f"; \ + list2="$$list2 $$p"; \ else :; fi; \ - done + done; \ + test -z "$$list2" || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(libdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(libdir)" || exit 1; \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 '$(DESTDIR)$(libdir)'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL) $(INSTALL_STRIP_FLAG) $$list2 "$(DESTDIR)$(libdir)"; \ + } uninstall-libLTLIBRARIES: @$(NORMAL_UNINSTALL) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - p=$(am__strip_dir) \ - echo " $(LIBTOOL) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$p'"; \ - $(LIBTOOL) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$p"; \ + @list='$(lib_LTLIBRARIES)'; test -n "$(libdir)" || list=; \ + for p in $$list; do \ + $(am__strip_dir) \ + echo " $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f '$(DESTDIR)$(libdir)/$$f'"; \ + $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=uninstall rm -f "$(DESTDIR)$(libdir)/$$f"; \ done clean-libLTLIBRARIES: -test -z "$(lib_LTLIBRARIES)" || rm -f $(lib_LTLIBRARIES) - @list='$(lib_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done + @list='$(lib_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } clean-noinstLTLIBRARIES: -test -z "$(noinst_LTLIBRARIES)" || rm -f $(noinst_LTLIBRARIES) - @list='$(noinst_LTLIBRARIES)'; for p in $$list; do \ - dir="`echo $$p | sed -e 's|/[^/]*$$||'`"; \ - test "$$dir" != "$$p" || dir=.; \ - echo "rm -f \"$${dir}/so_locations\""; \ - rm -f "$${dir}/so_locations"; \ - done + @list='$(noinst_LTLIBRARIES)'; \ + locs=`for p in $$list; do echo $$p; done | \ + sed 's|^[^/]*$$|.|; s|/[^/]*$$||; s|$$|/so_locations|' | \ + sort -u`; \ + test -z "$$locs" || { \ + echo rm -f $${locs}; \ + rm -f $${locs}; \ + } +ctaocrypt/src/$(am__dirstamp): + @$(MKDIR_P) ctaocrypt/src + @: > ctaocrypt/src/$(am__dirstamp) +ctaocrypt/src/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) ctaocrypt/src/$(DEPDIR) + @: > ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-wolfcrypt_first.lo: \ + ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) src/$(am__dirstamp): @$(MKDIR_P) src @: > src/$(am__dirstamp) @@ -762,57 +1372,62 @@ src/src_libcyassl_la-ssl.lo: src/$(am__dirstamp) \ src/$(DEPDIR)/$(am__dirstamp) src/src_libcyassl_la-tls.lo: src/$(am__dirstamp) \ src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/$(am__dirstamp): - @$(MKDIR_P) ctaocrypt/src - @: > ctaocrypt/src/$(am__dirstamp) -ctaocrypt/src/$(DEPDIR)/$(am__dirstamp): - @$(MKDIR_P) ctaocrypt/src/$(DEPDIR) - @: > ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-asn.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-hmac.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-coding.lo: \ +ctaocrypt/src/src_libcyassl_la-random.lo: \ ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-des3.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-sha256.lo: \ + ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-hmac.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-logging.lo: \ + ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-md5.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-wc_port.lo: \ + ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-md4.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-error.lo: \ + ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-random.lo: \ +ctaocrypt/src/src_libcyassl_la-memory.lo: \ ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) ctaocrypt/src/src_libcyassl_la-rsa.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-sha.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-dh.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-aes.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-asn.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-sha256.lo: \ +ctaocrypt/src/src_libcyassl_la-fips.lo: ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-fips_test.lo: \ ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-dh.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-coding.lo: \ + ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-dsa.lo: ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-aes.lo: ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-des3.lo: ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-sha.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) ctaocrypt/src/src_libcyassl_la-arc4.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-rabbit.lo: \ - ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-md4.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-pwdbased.lo: \ - ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-md5.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-logging.lo: \ +ctaocrypt/src/src_libcyassl_la-pwdbased.lo: \ ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/src/src_libcyassl_la-memory.lo: \ - ctaocrypt/src/$(am__dirstamp) \ +ctaocrypt/src/src_libcyassl_la-dsa.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) ctaocrypt/src/aes_asm.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-camellia.lo: \ + ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) ctaocrypt/src/src_libcyassl_la-md2.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) ctaocrypt/src/src_libcyassl_la-ripemd.lo: \ @@ -821,11 +1436,17 @@ ctaocrypt/src/src_libcyassl_la-ripemd.lo: \ ctaocrypt/src/src_libcyassl_la-sha512.lo: \ ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-blake2b.lo: \ + ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) src/src_libcyassl_la-sniffer.lo: src/$(am__dirstamp) \ src/$(DEPDIR)/$(am__dirstamp) ctaocrypt/src/src_libcyassl_la-hc128.lo: \ ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-rabbit.lo: \ + ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) ctaocrypt/src/src_libcyassl_la-misc.lo: ctaocrypt/src/$(am__dirstamp) \ ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) ctaocrypt/src/src_libcyassl_la-tfm.lo: ctaocrypt/src/$(am__dirstamp) \ @@ -839,50 +1460,85 @@ src/src_libcyassl_la-ocsp.lo: src/$(am__dirstamp) \ src/$(DEPDIR)/$(am__dirstamp) src/src_libcyassl_la-crl.lo: src/$(am__dirstamp) \ src/$(DEPDIR)/$(am__dirstamp) -src/libcyassl.la: $(src_libcyassl_la_OBJECTS) $(src_libcyassl_la_DEPENDENCIES) src/$(am__dirstamp) - $(src_libcyassl_la_LINK) -rpath $(libdir) $(src_libcyassl_la_OBJECTS) $(src_libcyassl_la_LIBADD) $(LIBS) +ctaocrypt/src/src_libcyassl_la-compress.lo: \ + ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-pkcs7.lo: \ + ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) +ctaocrypt/src/src_libcyassl_la-wolfcrypt_last.lo: \ + ctaocrypt/src/$(am__dirstamp) \ + ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) + +src/libcyassl.la: $(src_libcyassl_la_OBJECTS) $(src_libcyassl_la_DEPENDENCIES) $(EXTRA_src_libcyassl_la_DEPENDENCIES) src/$(am__dirstamp) + $(AM_V_CCLD)$(src_libcyassl_la_LINK) -rpath $(libdir) $(src_libcyassl_la_OBJECTS) $(src_libcyassl_la_LIBADD) $(LIBS) install-binPROGRAMS: $(bin_PROGRAMS) @$(NORMAL_INSTALL) - test -z "$(bindir)" || $(MKDIR_P) "$(DESTDIR)$(bindir)" - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - p1=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - if test -f $$p \ - || test -f $$p1 \ - ; then \ - f=`echo "$$p1" | sed 's,^.*/,,;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) '$$p' '$(DESTDIR)$(bindir)/$$f'"; \ - $(INSTALL_PROGRAM_ENV) $(LIBTOOL) --mode=install $(binPROGRAMS_INSTALL) "$$p" "$(DESTDIR)$(bindir)/$$f" || exit 1; \ - else :; fi; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(bindir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(bindir)" || exit 1; \ + fi; \ + for p in $$list; do echo "$$p $$p"; done | \ + sed 's/$(EXEEXT)$$//' | \ + while read p p1; do if test -f $$p \ + || test -f $$p1 \ + ; then echo "$$p"; echo "$$p"; else :; fi; \ + done | \ + sed -e 'p;s,.*/,,;n;h' \ + -e 's|.*|.|' \ + -e 'p;x;s,.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/' | \ + sed 'N;N;N;s,\n, ,g' | \ + $(AWK) 'BEGIN { files["."] = ""; dirs["."] = 1 } \ + { d=$$3; if (dirs[d] != 1) { print "d", d; dirs[d] = 1 } \ + if ($$2 == $$4) files[d] = files[d] " " $$1; \ + else { print "f", $$3 "/" $$4, $$1; } } \ + END { for (d in files) print "f", d, files[d] }' | \ + while read type dir files; do \ + if test "$$dir" = .; then dir=; else dir=/$$dir; fi; \ + test -z "$$files" || { \ + echo " $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files '$(DESTDIR)$(bindir)$$dir'"; \ + $(INSTALL_PROGRAM_ENV) $(LIBTOOL) $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=install $(INSTALL_PROGRAM) $$files "$(DESTDIR)$(bindir)$$dir" || exit $$?; \ + } \ + ; done uninstall-binPROGRAMS: @$(NORMAL_UNINSTALL) - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo "$$p" | sed 's,^.*/,,;s/$(EXEEXT)$$//;$(transform);s/$$/$(EXEEXT)/'`; \ - echo " rm -f '$(DESTDIR)$(bindir)/$$f'"; \ - rm -f "$(DESTDIR)$(bindir)/$$f"; \ - done + @list='$(bin_PROGRAMS)'; test -n "$(bindir)" || list=; \ + files=`for p in $$list; do echo "$$p"; done | \ + sed -e 'h;s,^.*/,,;s/$(EXEEXT)$$//;$(transform)' \ + -e 's/$$/$(EXEEXT)/' \ + `; \ + test -n "$$list" || exit 0; \ + echo " ( cd '$(DESTDIR)$(bindir)' && rm -f" $$files ")"; \ + cd "$(DESTDIR)$(bindir)" && rm -f $$files clean-binPROGRAMS: - @list='$(bin_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(bin_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-checkPROGRAMS: - @list='$(check_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(check_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list clean-noinstPROGRAMS: - @list='$(noinst_PROGRAMS)'; for p in $$list; do \ - f=`echo $$p|sed 's/$(EXEEXT)$$//'`; \ - echo " rm -f $$p $$f"; \ - rm -f $$p $$f ; \ - done + @list='$(noinst_PROGRAMS)'; test -n "$$list" || exit 0; \ + echo " rm -f" $$list; \ + rm -f $$list || exit $$?; \ + test -n "$(EXEEXT)" || exit 0; \ + list=`for p in $$list; do echo "$$p"; done | sed 's/$(EXEEXT)$$//'`; \ + echo " rm -f" $$list; \ + rm -f $$list ctaocrypt/benchmark/$(am__dirstamp): @$(MKDIR_P) ctaocrypt/benchmark @: > ctaocrypt/benchmark/$(am__dirstamp) @@ -892,9 +1548,10 @@ ctaocrypt/benchmark/$(DEPDIR)/$(am__dirstamp): ctaocrypt/benchmark/benchmark.$(OBJEXT): \ ctaocrypt/benchmark/$(am__dirstamp) \ ctaocrypt/benchmark/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/benchmark/benchmark$(EXEEXT): $(ctaocrypt_benchmark_benchmark_OBJECTS) $(ctaocrypt_benchmark_benchmark_DEPENDENCIES) ctaocrypt/benchmark/$(am__dirstamp) + +ctaocrypt/benchmark/benchmark$(EXEEXT): $(ctaocrypt_benchmark_benchmark_OBJECTS) $(ctaocrypt_benchmark_benchmark_DEPENDENCIES) $(EXTRA_ctaocrypt_benchmark_benchmark_DEPENDENCIES) ctaocrypt/benchmark/$(am__dirstamp) @rm -f ctaocrypt/benchmark/benchmark$(EXEEXT) - $(LINK) $(ctaocrypt_benchmark_benchmark_OBJECTS) $(ctaocrypt_benchmark_benchmark_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(ctaocrypt_benchmark_benchmark_OBJECTS) $(ctaocrypt_benchmark_benchmark_LDADD) $(LIBS) ctaocrypt/test/$(am__dirstamp): @$(MKDIR_P) ctaocrypt/test @: > ctaocrypt/test/$(am__dirstamp) @@ -903,9 +1560,10 @@ ctaocrypt/test/$(DEPDIR)/$(am__dirstamp): @: > ctaocrypt/test/$(DEPDIR)/$(am__dirstamp) ctaocrypt/test/test.$(OBJEXT): ctaocrypt/test/$(am__dirstamp) \ ctaocrypt/test/$(DEPDIR)/$(am__dirstamp) -ctaocrypt/test/testctaocrypt$(EXEEXT): $(ctaocrypt_test_testctaocrypt_OBJECTS) $(ctaocrypt_test_testctaocrypt_DEPENDENCIES) ctaocrypt/test/$(am__dirstamp) + +ctaocrypt/test/testctaocrypt$(EXEEXT): $(ctaocrypt_test_testctaocrypt_OBJECTS) $(ctaocrypt_test_testctaocrypt_DEPENDENCIES) $(EXTRA_ctaocrypt_test_testctaocrypt_DEPENDENCIES) ctaocrypt/test/$(am__dirstamp) @rm -f ctaocrypt/test/testctaocrypt$(EXEEXT) - $(LINK) $(ctaocrypt_test_testctaocrypt_OBJECTS) $(ctaocrypt_test_testctaocrypt_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(ctaocrypt_test_testctaocrypt_OBJECTS) $(ctaocrypt_test_testctaocrypt_LDADD) $(LIBS) examples/client/$(am__dirstamp): @$(MKDIR_P) examples/client @: > examples/client/$(am__dirstamp) @@ -914,9 +1572,10 @@ examples/client/$(DEPDIR)/$(am__dirstamp): @: > examples/client/$(DEPDIR)/$(am__dirstamp) examples/client/client.$(OBJEXT): examples/client/$(am__dirstamp) \ examples/client/$(DEPDIR)/$(am__dirstamp) -examples/client/client$(EXEEXT): $(examples_client_client_OBJECTS) $(examples_client_client_DEPENDENCIES) examples/client/$(am__dirstamp) + +examples/client/client$(EXEEXT): $(examples_client_client_OBJECTS) $(examples_client_client_DEPENDENCIES) $(EXTRA_examples_client_client_DEPENDENCIES) examples/client/$(am__dirstamp) @rm -f examples/client/client$(EXEEXT) - $(LINK) $(examples_client_client_OBJECTS) $(examples_client_client_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(examples_client_client_OBJECTS) $(examples_client_client_LDADD) $(LIBS) examples/echoclient/$(am__dirstamp): @$(MKDIR_P) examples/echoclient @: > examples/echoclient/$(am__dirstamp) @@ -926,9 +1585,10 @@ examples/echoclient/$(DEPDIR)/$(am__dirstamp): examples/echoclient/echoclient.$(OBJEXT): \ examples/echoclient/$(am__dirstamp) \ examples/echoclient/$(DEPDIR)/$(am__dirstamp) -examples/echoclient/echoclient$(EXEEXT): $(examples_echoclient_echoclient_OBJECTS) $(examples_echoclient_echoclient_DEPENDENCIES) examples/echoclient/$(am__dirstamp) + +examples/echoclient/echoclient$(EXEEXT): $(examples_echoclient_echoclient_OBJECTS) $(examples_echoclient_echoclient_DEPENDENCIES) $(EXTRA_examples_echoclient_echoclient_DEPENDENCIES) examples/echoclient/$(am__dirstamp) @rm -f examples/echoclient/echoclient$(EXEEXT) - $(LINK) $(examples_echoclient_echoclient_OBJECTS) $(examples_echoclient_echoclient_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(examples_echoclient_echoclient_OBJECTS) $(examples_echoclient_echoclient_LDADD) $(LIBS) examples/echoserver/$(am__dirstamp): @$(MKDIR_P) examples/echoserver @: > examples/echoserver/$(am__dirstamp) @@ -938,9 +1598,10 @@ examples/echoserver/$(DEPDIR)/$(am__dirstamp): examples/echoserver/echoserver.$(OBJEXT): \ examples/echoserver/$(am__dirstamp) \ examples/echoserver/$(DEPDIR)/$(am__dirstamp) -examples/echoserver/echoserver$(EXEEXT): $(examples_echoserver_echoserver_OBJECTS) $(examples_echoserver_echoserver_DEPENDENCIES) examples/echoserver/$(am__dirstamp) + +examples/echoserver/echoserver$(EXEEXT): $(examples_echoserver_echoserver_OBJECTS) $(examples_echoserver_echoserver_DEPENDENCIES) $(EXTRA_examples_echoserver_echoserver_DEPENDENCIES) examples/echoserver/$(am__dirstamp) @rm -f examples/echoserver/echoserver$(EXEEXT) - $(LINK) $(examples_echoserver_echoserver_OBJECTS) $(examples_echoserver_echoserver_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(examples_echoserver_echoserver_OBJECTS) $(examples_echoserver_echoserver_LDADD) $(LIBS) examples/server/$(am__dirstamp): @$(MKDIR_P) examples/server @: > examples/server/$(am__dirstamp) @@ -949,9 +1610,24 @@ examples/server/$(DEPDIR)/$(am__dirstamp): @: > examples/server/$(DEPDIR)/$(am__dirstamp) examples/server/server.$(OBJEXT): examples/server/$(am__dirstamp) \ examples/server/$(DEPDIR)/$(am__dirstamp) -examples/server/server$(EXEEXT): $(examples_server_server_OBJECTS) $(examples_server_server_DEPENDENCIES) examples/server/$(am__dirstamp) + +examples/server/server$(EXEEXT): $(examples_server_server_OBJECTS) $(examples_server_server_DEPENDENCIES) $(EXTRA_examples_server_server_DEPENDENCIES) examples/server/$(am__dirstamp) @rm -f examples/server/server$(EXEEXT) - $(LINK) $(examples_server_server_OBJECTS) $(examples_server_server_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(examples_server_server_OBJECTS) $(examples_server_server_LDADD) $(LIBS) +mcapi/$(am__dirstamp): + @$(MKDIR_P) mcapi + @: > mcapi/$(am__dirstamp) +mcapi/$(DEPDIR)/$(am__dirstamp): + @$(MKDIR_P) mcapi/$(DEPDIR) + @: > mcapi/$(DEPDIR)/$(am__dirstamp) +mcapi/crypto.$(OBJEXT): mcapi/$(am__dirstamp) \ + mcapi/$(DEPDIR)/$(am__dirstamp) +mcapi/mcapi_test.$(OBJEXT): mcapi/$(am__dirstamp) \ + mcapi/$(DEPDIR)/$(am__dirstamp) + +mcapi/test$(EXEEXT): $(mcapi_test_OBJECTS) $(mcapi_test_DEPENDENCIES) $(EXTRA_mcapi_test_DEPENDENCIES) mcapi/$(am__dirstamp) + @rm -f mcapi/test$(EXEEXT) + $(AM_V_CCLD)$(LINK) $(mcapi_test_OBJECTS) $(mcapi_test_LDADD) $(LIBS) sslSniffer/sslSnifferTest/$(am__dirstamp): @$(MKDIR_P) sslSniffer/sslSnifferTest @: > sslSniffer/sslSnifferTest/$(am__dirstamp) @@ -961,45 +1637,47 @@ sslSniffer/sslSnifferTest/$(DEPDIR)/$(am__dirstamp): sslSniffer/sslSnifferTest/snifftest.$(OBJEXT): \ sslSniffer/sslSnifferTest/$(am__dirstamp) \ sslSniffer/sslSnifferTest/$(DEPDIR)/$(am__dirstamp) -sslSniffer/sslSnifferTest/snifftest$(EXEEXT): $(sslSniffer_sslSnifferTest_snifftest_OBJECTS) $(sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES) sslSniffer/sslSnifferTest/$(am__dirstamp) + +sslSniffer/sslSnifferTest/snifftest$(EXEEXT): $(sslSniffer_sslSnifferTest_snifftest_OBJECTS) $(sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES) $(EXTRA_sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES) sslSniffer/sslSnifferTest/$(am__dirstamp) @rm -f sslSniffer/sslSnifferTest/snifftest$(EXEEXT) - $(LINK) $(sslSniffer_sslSnifferTest_snifftest_OBJECTS) $(sslSniffer_sslSnifferTest_snifftest_LDADD) $(LIBS) + $(AM_V_CCLD)$(LINK) $(sslSniffer_sslSnifferTest_snifftest_OBJECTS) $(sslSniffer_sslSnifferTest_snifftest_LDADD) $(LIBS) tests/$(am__dirstamp): @$(MKDIR_P) tests @: > tests/$(am__dirstamp) tests/$(DEPDIR)/$(am__dirstamp): @$(MKDIR_P) tests/$(DEPDIR) @: > tests/$(DEPDIR)/$(am__dirstamp) -tests/tests_unit-unit.$(OBJEXT): tests/$(am__dirstamp) \ +tests/tests_unit_test-unit.$(OBJEXT): tests/$(am__dirstamp) \ tests/$(DEPDIR)/$(am__dirstamp) -tests/tests_unit-api.$(OBJEXT): tests/$(am__dirstamp) \ +tests/tests_unit_test-api.$(OBJEXT): tests/$(am__dirstamp) \ tests/$(DEPDIR)/$(am__dirstamp) -tests/tests_unit-suites.$(OBJEXT): tests/$(am__dirstamp) \ +tests/tests_unit_test-suites.$(OBJEXT): tests/$(am__dirstamp) \ tests/$(DEPDIR)/$(am__dirstamp) -tests/tests_unit-hash.$(OBJEXT): tests/$(am__dirstamp) \ +tests/tests_unit_test-hash.$(OBJEXT): tests/$(am__dirstamp) \ tests/$(DEPDIR)/$(am__dirstamp) -examples/client/tests_unit-client.$(OBJEXT): \ +examples/client/tests_unit_test-client.$(OBJEXT): \ examples/client/$(am__dirstamp) \ examples/client/$(DEPDIR)/$(am__dirstamp) -examples/server/tests_unit-server.$(OBJEXT): \ +examples/server/tests_unit_test-server.$(OBJEXT): \ examples/server/$(am__dirstamp) \ examples/server/$(DEPDIR)/$(am__dirstamp) -tests/unit$(EXEEXT): $(tests_unit_OBJECTS) $(tests_unit_DEPENDENCIES) tests/$(am__dirstamp) - @rm -f tests/unit$(EXEEXT) - $(tests_unit_LINK) $(tests_unit_OBJECTS) $(tests_unit_LDADD) $(LIBS) -ctaocrypt/test/testsuite_testsuite-test.$(OBJEXT): \ + +tests/unit.test$(EXEEXT): $(tests_unit_test_OBJECTS) $(tests_unit_test_DEPENDENCIES) $(EXTRA_tests_unit_test_DEPENDENCIES) tests/$(am__dirstamp) + @rm -f tests/unit.test$(EXEEXT) + $(AM_V_CCLD)$(tests_unit_test_LINK) $(tests_unit_test_OBJECTS) $(tests_unit_test_LDADD) $(LIBS) +ctaocrypt/test/testsuite_testsuite_test-test.$(OBJEXT): \ ctaocrypt/test/$(am__dirstamp) \ ctaocrypt/test/$(DEPDIR)/$(am__dirstamp) -examples/client/testsuite_testsuite-client.$(OBJEXT): \ +examples/client/testsuite_testsuite_test-client.$(OBJEXT): \ examples/client/$(am__dirstamp) \ examples/client/$(DEPDIR)/$(am__dirstamp) -examples/echoclient/testsuite_testsuite-echoclient.$(OBJEXT): \ +examples/echoclient/testsuite_testsuite_test-echoclient.$(OBJEXT): \ examples/echoclient/$(am__dirstamp) \ examples/echoclient/$(DEPDIR)/$(am__dirstamp) -examples/echoserver/testsuite_testsuite-echoserver.$(OBJEXT): \ +examples/echoserver/testsuite_testsuite_test-echoserver.$(OBJEXT): \ examples/echoserver/$(am__dirstamp) \ examples/echoserver/$(DEPDIR)/$(am__dirstamp) -examples/server/testsuite_testsuite-server.$(OBJEXT): \ +examples/server/testsuite_testsuite_test-server.$(OBJEXT): \ examples/server/$(am__dirstamp) \ examples/server/$(DEPDIR)/$(am__dirstamp) testsuite/$(am__dirstamp): @@ -1008,103 +1686,29 @@ testsuite/$(am__dirstamp): testsuite/$(DEPDIR)/$(am__dirstamp): @$(MKDIR_P) testsuite/$(DEPDIR) @: > testsuite/$(DEPDIR)/$(am__dirstamp) -testsuite/testsuite_testsuite-testsuite.$(OBJEXT): \ +testsuite/testsuite_testsuite_test-testsuite.$(OBJEXT): \ testsuite/$(am__dirstamp) testsuite/$(DEPDIR)/$(am__dirstamp) -testsuite/testsuite$(EXEEXT): $(testsuite_testsuite_OBJECTS) $(testsuite_testsuite_DEPENDENCIES) testsuite/$(am__dirstamp) - @rm -f testsuite/testsuite$(EXEEXT) - $(testsuite_testsuite_LINK) $(testsuite_testsuite_OBJECTS) $(testsuite_testsuite_LDADD) $(LIBS) + +testsuite/testsuite.test$(EXEEXT): $(testsuite_testsuite_test_OBJECTS) $(testsuite_testsuite_test_DEPENDENCIES) $(EXTRA_testsuite_testsuite_test_DEPENDENCIES) testsuite/$(am__dirstamp) + @rm -f testsuite/testsuite.test$(EXEEXT) + $(AM_V_CCLD)$(testsuite_testsuite_test_LINK) $(testsuite_testsuite_test_OBJECTS) $(testsuite_testsuite_test_LDADD) $(LIBS) mostlyclean-compile: -rm -f *.$(OBJEXT) - -rm -f ctaocrypt/benchmark/benchmark.$(OBJEXT) - -rm -f ctaocrypt/src/aes_asm.$(OBJEXT) - -rm -f ctaocrypt/src/aes_asm.lo - -rm -f ctaocrypt/src/src_libcyassl_la-aes.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-aes.lo - -rm -f ctaocrypt/src/src_libcyassl_la-arc4.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-arc4.lo - -rm -f ctaocrypt/src/src_libcyassl_la-asn.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-asn.lo - -rm -f ctaocrypt/src/src_libcyassl_la-coding.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-coding.lo - -rm -f ctaocrypt/src/src_libcyassl_la-des3.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-des3.lo - -rm -f ctaocrypt/src/src_libcyassl_la-dh.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-dh.lo - -rm -f ctaocrypt/src/src_libcyassl_la-dsa.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-dsa.lo - -rm -f ctaocrypt/src/src_libcyassl_la-ecc.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-ecc.lo - -rm -f ctaocrypt/src/src_libcyassl_la-hc128.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-hc128.lo - -rm -f ctaocrypt/src/src_libcyassl_la-hmac.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-hmac.lo - -rm -f ctaocrypt/src/src_libcyassl_la-integer.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-integer.lo - -rm -f ctaocrypt/src/src_libcyassl_la-logging.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-logging.lo - -rm -f ctaocrypt/src/src_libcyassl_la-md2.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-md2.lo - -rm -f ctaocrypt/src/src_libcyassl_la-md4.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-md4.lo - -rm -f ctaocrypt/src/src_libcyassl_la-md5.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-md5.lo - -rm -f ctaocrypt/src/src_libcyassl_la-memory.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-memory.lo - -rm -f ctaocrypt/src/src_libcyassl_la-misc.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-misc.lo - -rm -f ctaocrypt/src/src_libcyassl_la-pwdbased.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-pwdbased.lo - -rm -f ctaocrypt/src/src_libcyassl_la-rabbit.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-rabbit.lo - -rm -f ctaocrypt/src/src_libcyassl_la-random.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-random.lo - -rm -f ctaocrypt/src/src_libcyassl_la-ripemd.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-ripemd.lo - -rm -f ctaocrypt/src/src_libcyassl_la-rsa.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-rsa.lo - -rm -f ctaocrypt/src/src_libcyassl_la-sha.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-sha.lo - -rm -f ctaocrypt/src/src_libcyassl_la-sha256.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-sha256.lo - -rm -f ctaocrypt/src/src_libcyassl_la-sha512.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-sha512.lo - -rm -f ctaocrypt/src/src_libcyassl_la-tfm.$(OBJEXT) - -rm -f ctaocrypt/src/src_libcyassl_la-tfm.lo - -rm -f ctaocrypt/test/test.$(OBJEXT) - -rm -f ctaocrypt/test/testsuite_testsuite-test.$(OBJEXT) - -rm -f examples/client/client.$(OBJEXT) - -rm -f examples/client/tests_unit-client.$(OBJEXT) - -rm -f examples/client/testsuite_testsuite-client.$(OBJEXT) - -rm -f examples/echoclient/echoclient.$(OBJEXT) - -rm -f examples/echoclient/testsuite_testsuite-echoclient.$(OBJEXT) - -rm -f examples/echoserver/echoserver.$(OBJEXT) - -rm -f examples/echoserver/testsuite_testsuite-echoserver.$(OBJEXT) - -rm -f examples/server/server.$(OBJEXT) - -rm -f examples/server/tests_unit-server.$(OBJEXT) - -rm -f examples/server/testsuite_testsuite-server.$(OBJEXT) - -rm -f src/src_libcyassl_la-crl.$(OBJEXT) - -rm -f src/src_libcyassl_la-crl.lo - -rm -f src/src_libcyassl_la-internal.$(OBJEXT) - -rm -f src/src_libcyassl_la-internal.lo - -rm -f src/src_libcyassl_la-io.$(OBJEXT) - -rm -f src/src_libcyassl_la-io.lo - -rm -f src/src_libcyassl_la-keys.$(OBJEXT) - -rm -f src/src_libcyassl_la-keys.lo - -rm -f src/src_libcyassl_la-ocsp.$(OBJEXT) - -rm -f src/src_libcyassl_la-ocsp.lo - -rm -f src/src_libcyassl_la-sniffer.$(OBJEXT) - -rm -f src/src_libcyassl_la-sniffer.lo - -rm -f src/src_libcyassl_la-ssl.$(OBJEXT) - -rm -f src/src_libcyassl_la-ssl.lo - -rm -f src/src_libcyassl_la-tls.$(OBJEXT) - -rm -f src/src_libcyassl_la-tls.lo - -rm -f sslSniffer/sslSnifferTest/snifftest.$(OBJEXT) - -rm -f tests/tests_unit-api.$(OBJEXT) - -rm -f tests/tests_unit-hash.$(OBJEXT) - -rm -f tests/tests_unit-suites.$(OBJEXT) - -rm -f tests/tests_unit-unit.$(OBJEXT) - -rm -f testsuite/testsuite_testsuite-testsuite.$(OBJEXT) + -rm -f ctaocrypt/benchmark/*.$(OBJEXT) + -rm -f ctaocrypt/src/*.$(OBJEXT) + -rm -f ctaocrypt/src/*.lo + -rm -f ctaocrypt/test/*.$(OBJEXT) + -rm -f examples/client/*.$(OBJEXT) + -rm -f examples/echoclient/*.$(OBJEXT) + -rm -f examples/echoserver/*.$(OBJEXT) + -rm -f examples/server/*.$(OBJEXT) + -rm -f mcapi/*.$(OBJEXT) + -rm -f src/*.$(OBJEXT) + -rm -f src/*.lo + -rm -f sslSniffer/sslSnifferTest/*.$(OBJEXT) + -rm -f tests/*.$(OBJEXT) + -rm -f testsuite/*.$(OBJEXT) distclean-compile: -rm -f *.tab.c @@ -1113,11 +1717,17 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-aes.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-arc4.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-asn.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-blake2b.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-camellia.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-coding.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-compress.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-des3.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dh.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dsa.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ecc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-error.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-fips.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-fips_test.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hc128.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hmac.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-integer.Plo@am__quote@ @@ -1127,6 +1737,7 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md5.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-memory.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-misc.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pkcs7.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pwdbased.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rabbit.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-random.Plo@am__quote@ @@ -1136,18 +1747,23 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha256.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha512.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-tfm.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wc_port.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wolfcrypt_first.Plo@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wolfcrypt_last.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/test/$(DEPDIR)/test.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/test/$(DEPDIR)/testsuite_testsuite-test.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@ctaocrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@examples/client/$(DEPDIR)/client.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@examples/client/$(DEPDIR)/tests_unit-client.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@examples/client/$(DEPDIR)/testsuite_testsuite-client.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@examples/client/$(DEPDIR)/tests_unit_test-client.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@examples/echoclient/$(DEPDIR)/echoclient.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@examples/echoclient/$(DEPDIR)/testsuite_testsuite-echoclient.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@examples/echoserver/$(DEPDIR)/echoserver.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@examples/echoserver/$(DEPDIR)/testsuite_testsuite-echoserver.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@examples/server/$(DEPDIR)/server.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@examples/server/$(DEPDIR)/tests_unit-server.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@examples/server/$(DEPDIR)/testsuite_testsuite-server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@examples/server/$(DEPDIR)/tests_unit_test-server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mcapi/$(DEPDIR)/crypto.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@mcapi/$(DEPDIR)/mcapi_test.Po@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libcyassl_la-crl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libcyassl_la-internal.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libcyassl_la-io.Plo@am__quote@ @@ -1157,656 +1773,875 @@ distclean-compile: @AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libcyassl_la-ssl.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@src/$(DEPDIR)/src_libcyassl_la-tls.Plo@am__quote@ @AMDEP_TRUE@@am__include@ @am__quote@sslSniffer/sslSnifferTest/$(DEPDIR)/snifftest.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit-api.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit-hash.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit-suites.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit-unit.Po@am__quote@ -@AMDEP_TRUE@@am__include@ @am__quote@testsuite/$(DEPDIR)/testsuite_testsuite-testsuite.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit_test-api.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit_test-hash.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit_test-suites.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@tests/$(DEPDIR)/tests_unit_test-unit.Po@am__quote@ +@AMDEP_TRUE@@am__include@ @am__quote@testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Po@am__quote@ .c.o: -@am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.o$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ -@am__fastdepCC_TRUE@ mv -f $$depbase.Tpo $$depbase.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c -o $@ $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ $< .c.obj: -@am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.obj$$||'`;\ @am__fastdepCC_TRUE@ $(COMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ `$(CYGPATH_W) '$<'` &&\ -@am__fastdepCC_TRUE@ mv -f $$depbase.Tpo $$depbase.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(COMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .c.lo: -@am__fastdepCC_TRUE@ depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ +@am__fastdepCC_TRUE@ $(AM_V_CC)depbase=`echo $@ | sed 's|[^/]*$$|$(DEPDIR)/&|;s|\.lo$$||'`;\ @am__fastdepCC_TRUE@ $(LTCOMPILE) -MT $@ -MD -MP -MF $$depbase.Tpo -c -o $@ $< &&\ -@am__fastdepCC_TRUE@ mv -f $$depbase.Tpo $$depbase.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(am__mv) $$depbase.Tpo $$depbase.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='$<' object='$@' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LTCOMPILE) -c -o $@ $< + +ctaocrypt/src/src_libcyassl_la-wolfcrypt_first.lo: ctaocrypt/src/wolfcrypt_first.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-wolfcrypt_first.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wolfcrypt_first.Tpo -c -o ctaocrypt/src/src_libcyassl_la-wolfcrypt_first.lo `test -f 'ctaocrypt/src/wolfcrypt_first.c' || echo '$(srcdir)/'`ctaocrypt/src/wolfcrypt_first.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wolfcrypt_first.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wolfcrypt_first.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/wolfcrypt_first.c' object='ctaocrypt/src/src_libcyassl_la-wolfcrypt_first.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LTCOMPILE) -c -o $@ $< +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-wolfcrypt_first.lo `test -f 'ctaocrypt/src/wolfcrypt_first.c' || echo '$(srcdir)/'`ctaocrypt/src/wolfcrypt_first.c src/src_libcyassl_la-internal.lo: src/internal.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-internal.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-internal.Tpo -c -o src/src_libcyassl_la-internal.lo `test -f 'src/internal.c' || echo '$(srcdir)/'`src/internal.c -@am__fastdepCC_TRUE@ mv -f src/$(DEPDIR)/src_libcyassl_la-internal.Tpo src/$(DEPDIR)/src_libcyassl_la-internal.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='src/internal.c' object='src/src_libcyassl_la-internal.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-internal.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-internal.Tpo -c -o src/src_libcyassl_la-internal.lo `test -f 'src/internal.c' || echo '$(srcdir)/'`src/internal.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libcyassl_la-internal.Tpo src/$(DEPDIR)/src_libcyassl_la-internal.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='src/internal.c' object='src/src_libcyassl_la-internal.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-internal.lo `test -f 'src/internal.c' || echo '$(srcdir)/'`src/internal.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-internal.lo `test -f 'src/internal.c' || echo '$(srcdir)/'`src/internal.c src/src_libcyassl_la-io.lo: src/io.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-io.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-io.Tpo -c -o src/src_libcyassl_la-io.lo `test -f 'src/io.c' || echo '$(srcdir)/'`src/io.c -@am__fastdepCC_TRUE@ mv -f src/$(DEPDIR)/src_libcyassl_la-io.Tpo src/$(DEPDIR)/src_libcyassl_la-io.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='src/io.c' object='src/src_libcyassl_la-io.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-io.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-io.Tpo -c -o src/src_libcyassl_la-io.lo `test -f 'src/io.c' || echo '$(srcdir)/'`src/io.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libcyassl_la-io.Tpo src/$(DEPDIR)/src_libcyassl_la-io.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='src/io.c' object='src/src_libcyassl_la-io.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-io.lo `test -f 'src/io.c' || echo '$(srcdir)/'`src/io.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-io.lo `test -f 'src/io.c' || echo '$(srcdir)/'`src/io.c src/src_libcyassl_la-keys.lo: src/keys.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-keys.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-keys.Tpo -c -o src/src_libcyassl_la-keys.lo `test -f 'src/keys.c' || echo '$(srcdir)/'`src/keys.c -@am__fastdepCC_TRUE@ mv -f src/$(DEPDIR)/src_libcyassl_la-keys.Tpo src/$(DEPDIR)/src_libcyassl_la-keys.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='src/keys.c' object='src/src_libcyassl_la-keys.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-keys.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-keys.Tpo -c -o src/src_libcyassl_la-keys.lo `test -f 'src/keys.c' || echo '$(srcdir)/'`src/keys.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libcyassl_la-keys.Tpo src/$(DEPDIR)/src_libcyassl_la-keys.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='src/keys.c' object='src/src_libcyassl_la-keys.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-keys.lo `test -f 'src/keys.c' || echo '$(srcdir)/'`src/keys.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-keys.lo `test -f 'src/keys.c' || echo '$(srcdir)/'`src/keys.c src/src_libcyassl_la-ssl.lo: src/ssl.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-ssl.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-ssl.Tpo -c -o src/src_libcyassl_la-ssl.lo `test -f 'src/ssl.c' || echo '$(srcdir)/'`src/ssl.c -@am__fastdepCC_TRUE@ mv -f src/$(DEPDIR)/src_libcyassl_la-ssl.Tpo src/$(DEPDIR)/src_libcyassl_la-ssl.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='src/ssl.c' object='src/src_libcyassl_la-ssl.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-ssl.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-ssl.Tpo -c -o src/src_libcyassl_la-ssl.lo `test -f 'src/ssl.c' || echo '$(srcdir)/'`src/ssl.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libcyassl_la-ssl.Tpo src/$(DEPDIR)/src_libcyassl_la-ssl.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='src/ssl.c' object='src/src_libcyassl_la-ssl.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-ssl.lo `test -f 'src/ssl.c' || echo '$(srcdir)/'`src/ssl.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-ssl.lo `test -f 'src/ssl.c' || echo '$(srcdir)/'`src/ssl.c src/src_libcyassl_la-tls.lo: src/tls.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-tls.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-tls.Tpo -c -o src/src_libcyassl_la-tls.lo `test -f 'src/tls.c' || echo '$(srcdir)/'`src/tls.c -@am__fastdepCC_TRUE@ mv -f src/$(DEPDIR)/src_libcyassl_la-tls.Tpo src/$(DEPDIR)/src_libcyassl_la-tls.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='src/tls.c' object='src/src_libcyassl_la-tls.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-tls.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-tls.Tpo -c -o src/src_libcyassl_la-tls.lo `test -f 'src/tls.c' || echo '$(srcdir)/'`src/tls.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libcyassl_la-tls.Tpo src/$(DEPDIR)/src_libcyassl_la-tls.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='src/tls.c' object='src/src_libcyassl_la-tls.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-tls.lo `test -f 'src/tls.c' || echo '$(srcdir)/'`src/tls.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-tls.lo `test -f 'src/tls.c' || echo '$(srcdir)/'`src/tls.c -ctaocrypt/src/src_libcyassl_la-asn.lo: ctaocrypt/src/asn.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-asn.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-asn.Tpo -c -o ctaocrypt/src/src_libcyassl_la-asn.lo `test -f 'ctaocrypt/src/asn.c' || echo '$(srcdir)/'`ctaocrypt/src/asn.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-asn.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-asn.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/asn.c' object='ctaocrypt/src/src_libcyassl_la-asn.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-hmac.lo: ctaocrypt/src/hmac.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-hmac.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hmac.Tpo -c -o ctaocrypt/src/src_libcyassl_la-hmac.lo `test -f 'ctaocrypt/src/hmac.c' || echo '$(srcdir)/'`ctaocrypt/src/hmac.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hmac.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hmac.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/hmac.c' object='ctaocrypt/src/src_libcyassl_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-asn.lo `test -f 'ctaocrypt/src/asn.c' || echo '$(srcdir)/'`ctaocrypt/src/asn.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-hmac.lo `test -f 'ctaocrypt/src/hmac.c' || echo '$(srcdir)/'`ctaocrypt/src/hmac.c -ctaocrypt/src/src_libcyassl_la-coding.lo: ctaocrypt/src/coding.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-coding.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-coding.Tpo -c -o ctaocrypt/src/src_libcyassl_la-coding.lo `test -f 'ctaocrypt/src/coding.c' || echo '$(srcdir)/'`ctaocrypt/src/coding.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-coding.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-coding.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/coding.c' object='ctaocrypt/src/src_libcyassl_la-coding.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-random.lo: ctaocrypt/src/random.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-random.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-random.Tpo -c -o ctaocrypt/src/src_libcyassl_la-random.lo `test -f 'ctaocrypt/src/random.c' || echo '$(srcdir)/'`ctaocrypt/src/random.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-random.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-random.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/random.c' object='ctaocrypt/src/src_libcyassl_la-random.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-coding.lo `test -f 'ctaocrypt/src/coding.c' || echo '$(srcdir)/'`ctaocrypt/src/coding.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-random.lo `test -f 'ctaocrypt/src/random.c' || echo '$(srcdir)/'`ctaocrypt/src/random.c -ctaocrypt/src/src_libcyassl_la-des3.lo: ctaocrypt/src/des3.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-des3.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-des3.Tpo -c -o ctaocrypt/src/src_libcyassl_la-des3.lo `test -f 'ctaocrypt/src/des3.c' || echo '$(srcdir)/'`ctaocrypt/src/des3.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-des3.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-des3.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/des3.c' object='ctaocrypt/src/src_libcyassl_la-des3.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-sha256.lo: ctaocrypt/src/sha256.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-sha256.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha256.Tpo -c -o ctaocrypt/src/src_libcyassl_la-sha256.lo `test -f 'ctaocrypt/src/sha256.c' || echo '$(srcdir)/'`ctaocrypt/src/sha256.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha256.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha256.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/sha256.c' object='ctaocrypt/src/src_libcyassl_la-sha256.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-des3.lo `test -f 'ctaocrypt/src/des3.c' || echo '$(srcdir)/'`ctaocrypt/src/des3.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-sha256.lo `test -f 'ctaocrypt/src/sha256.c' || echo '$(srcdir)/'`ctaocrypt/src/sha256.c -ctaocrypt/src/src_libcyassl_la-hmac.lo: ctaocrypt/src/hmac.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-hmac.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hmac.Tpo -c -o ctaocrypt/src/src_libcyassl_la-hmac.lo `test -f 'ctaocrypt/src/hmac.c' || echo '$(srcdir)/'`ctaocrypt/src/hmac.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hmac.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hmac.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/hmac.c' object='ctaocrypt/src/src_libcyassl_la-hmac.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-logging.lo: ctaocrypt/src/logging.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-logging.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-logging.Tpo -c -o ctaocrypt/src/src_libcyassl_la-logging.lo `test -f 'ctaocrypt/src/logging.c' || echo '$(srcdir)/'`ctaocrypt/src/logging.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-logging.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-logging.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/logging.c' object='ctaocrypt/src/src_libcyassl_la-logging.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-hmac.lo `test -f 'ctaocrypt/src/hmac.c' || echo '$(srcdir)/'`ctaocrypt/src/hmac.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-logging.lo `test -f 'ctaocrypt/src/logging.c' || echo '$(srcdir)/'`ctaocrypt/src/logging.c -ctaocrypt/src/src_libcyassl_la-md5.lo: ctaocrypt/src/md5.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-md5.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md5.Tpo -c -o ctaocrypt/src/src_libcyassl_la-md5.lo `test -f 'ctaocrypt/src/md5.c' || echo '$(srcdir)/'`ctaocrypt/src/md5.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md5.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md5.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/md5.c' object='ctaocrypt/src/src_libcyassl_la-md5.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-wc_port.lo: ctaocrypt/src/wc_port.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-wc_port.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wc_port.Tpo -c -o ctaocrypt/src/src_libcyassl_la-wc_port.lo `test -f 'ctaocrypt/src/wc_port.c' || echo '$(srcdir)/'`ctaocrypt/src/wc_port.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wc_port.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wc_port.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/wc_port.c' object='ctaocrypt/src/src_libcyassl_la-wc_port.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-md5.lo `test -f 'ctaocrypt/src/md5.c' || echo '$(srcdir)/'`ctaocrypt/src/md5.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-wc_port.lo `test -f 'ctaocrypt/src/wc_port.c' || echo '$(srcdir)/'`ctaocrypt/src/wc_port.c -ctaocrypt/src/src_libcyassl_la-md4.lo: ctaocrypt/src/md4.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-md4.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md4.Tpo -c -o ctaocrypt/src/src_libcyassl_la-md4.lo `test -f 'ctaocrypt/src/md4.c' || echo '$(srcdir)/'`ctaocrypt/src/md4.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md4.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md4.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/md4.c' object='ctaocrypt/src/src_libcyassl_la-md4.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-error.lo: ctaocrypt/src/error.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-error.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-error.Tpo -c -o ctaocrypt/src/src_libcyassl_la-error.lo `test -f 'ctaocrypt/src/error.c' || echo '$(srcdir)/'`ctaocrypt/src/error.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-error.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-error.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/error.c' object='ctaocrypt/src/src_libcyassl_la-error.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-md4.lo `test -f 'ctaocrypt/src/md4.c' || echo '$(srcdir)/'`ctaocrypt/src/md4.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-error.lo `test -f 'ctaocrypt/src/error.c' || echo '$(srcdir)/'`ctaocrypt/src/error.c -ctaocrypt/src/src_libcyassl_la-random.lo: ctaocrypt/src/random.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-random.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-random.Tpo -c -o ctaocrypt/src/src_libcyassl_la-random.lo `test -f 'ctaocrypt/src/random.c' || echo '$(srcdir)/'`ctaocrypt/src/random.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-random.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-random.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/random.c' object='ctaocrypt/src/src_libcyassl_la-random.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-memory.lo: ctaocrypt/src/memory.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-memory.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-memory.Tpo -c -o ctaocrypt/src/src_libcyassl_la-memory.lo `test -f 'ctaocrypt/src/memory.c' || echo '$(srcdir)/'`ctaocrypt/src/memory.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-memory.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-memory.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/memory.c' object='ctaocrypt/src/src_libcyassl_la-memory.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-random.lo `test -f 'ctaocrypt/src/random.c' || echo '$(srcdir)/'`ctaocrypt/src/random.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-memory.lo `test -f 'ctaocrypt/src/memory.c' || echo '$(srcdir)/'`ctaocrypt/src/memory.c ctaocrypt/src/src_libcyassl_la-rsa.lo: ctaocrypt/src/rsa.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-rsa.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rsa.Tpo -c -o ctaocrypt/src/src_libcyassl_la-rsa.lo `test -f 'ctaocrypt/src/rsa.c' || echo '$(srcdir)/'`ctaocrypt/src/rsa.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rsa.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rsa.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/rsa.c' object='ctaocrypt/src/src_libcyassl_la-rsa.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-rsa.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rsa.Tpo -c -o ctaocrypt/src/src_libcyassl_la-rsa.lo `test -f 'ctaocrypt/src/rsa.c' || echo '$(srcdir)/'`ctaocrypt/src/rsa.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rsa.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rsa.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/rsa.c' object='ctaocrypt/src/src_libcyassl_la-rsa.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-rsa.lo `test -f 'ctaocrypt/src/rsa.c' || echo '$(srcdir)/'`ctaocrypt/src/rsa.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-rsa.lo `test -f 'ctaocrypt/src/rsa.c' || echo '$(srcdir)/'`ctaocrypt/src/rsa.c -ctaocrypt/src/src_libcyassl_la-sha.lo: ctaocrypt/src/sha.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-sha.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha.Tpo -c -o ctaocrypt/src/src_libcyassl_la-sha.lo `test -f 'ctaocrypt/src/sha.c' || echo '$(srcdir)/'`ctaocrypt/src/sha.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/sha.c' object='ctaocrypt/src/src_libcyassl_la-sha.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-dh.lo: ctaocrypt/src/dh.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-dh.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dh.Tpo -c -o ctaocrypt/src/src_libcyassl_la-dh.lo `test -f 'ctaocrypt/src/dh.c' || echo '$(srcdir)/'`ctaocrypt/src/dh.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dh.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dh.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/dh.c' object='ctaocrypt/src/src_libcyassl_la-dh.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-sha.lo `test -f 'ctaocrypt/src/sha.c' || echo '$(srcdir)/'`ctaocrypt/src/sha.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-dh.lo `test -f 'ctaocrypt/src/dh.c' || echo '$(srcdir)/'`ctaocrypt/src/dh.c -ctaocrypt/src/src_libcyassl_la-aes.lo: ctaocrypt/src/aes.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-aes.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-aes.Tpo -c -o ctaocrypt/src/src_libcyassl_la-aes.lo `test -f 'ctaocrypt/src/aes.c' || echo '$(srcdir)/'`ctaocrypt/src/aes.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-aes.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-aes.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/aes.c' object='ctaocrypt/src/src_libcyassl_la-aes.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-asn.lo: ctaocrypt/src/asn.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-asn.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-asn.Tpo -c -o ctaocrypt/src/src_libcyassl_la-asn.lo `test -f 'ctaocrypt/src/asn.c' || echo '$(srcdir)/'`ctaocrypt/src/asn.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-asn.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-asn.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/asn.c' object='ctaocrypt/src/src_libcyassl_la-asn.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-aes.lo `test -f 'ctaocrypt/src/aes.c' || echo '$(srcdir)/'`ctaocrypt/src/aes.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-asn.lo `test -f 'ctaocrypt/src/asn.c' || echo '$(srcdir)/'`ctaocrypt/src/asn.c -ctaocrypt/src/src_libcyassl_la-sha256.lo: ctaocrypt/src/sha256.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-sha256.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha256.Tpo -c -o ctaocrypt/src/src_libcyassl_la-sha256.lo `test -f 'ctaocrypt/src/sha256.c' || echo '$(srcdir)/'`ctaocrypt/src/sha256.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha256.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha256.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/sha256.c' object='ctaocrypt/src/src_libcyassl_la-sha256.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-fips.lo: ctaocrypt/src/fips.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-fips.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-fips.Tpo -c -o ctaocrypt/src/src_libcyassl_la-fips.lo `test -f 'ctaocrypt/src/fips.c' || echo '$(srcdir)/'`ctaocrypt/src/fips.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-fips.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-fips.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/fips.c' object='ctaocrypt/src/src_libcyassl_la-fips.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-sha256.lo `test -f 'ctaocrypt/src/sha256.c' || echo '$(srcdir)/'`ctaocrypt/src/sha256.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-fips.lo `test -f 'ctaocrypt/src/fips.c' || echo '$(srcdir)/'`ctaocrypt/src/fips.c -ctaocrypt/src/src_libcyassl_la-dh.lo: ctaocrypt/src/dh.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-dh.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dh.Tpo -c -o ctaocrypt/src/src_libcyassl_la-dh.lo `test -f 'ctaocrypt/src/dh.c' || echo '$(srcdir)/'`ctaocrypt/src/dh.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dh.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dh.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/dh.c' object='ctaocrypt/src/src_libcyassl_la-dh.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-fips_test.lo: ctaocrypt/src/fips_test.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-fips_test.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-fips_test.Tpo -c -o ctaocrypt/src/src_libcyassl_la-fips_test.lo `test -f 'ctaocrypt/src/fips_test.c' || echo '$(srcdir)/'`ctaocrypt/src/fips_test.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-fips_test.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-fips_test.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/fips_test.c' object='ctaocrypt/src/src_libcyassl_la-fips_test.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-dh.lo `test -f 'ctaocrypt/src/dh.c' || echo '$(srcdir)/'`ctaocrypt/src/dh.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-fips_test.lo `test -f 'ctaocrypt/src/fips_test.c' || echo '$(srcdir)/'`ctaocrypt/src/fips_test.c -ctaocrypt/src/src_libcyassl_la-dsa.lo: ctaocrypt/src/dsa.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-dsa.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dsa.Tpo -c -o ctaocrypt/src/src_libcyassl_la-dsa.lo `test -f 'ctaocrypt/src/dsa.c' || echo '$(srcdir)/'`ctaocrypt/src/dsa.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dsa.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dsa.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/dsa.c' object='ctaocrypt/src/src_libcyassl_la-dsa.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-coding.lo: ctaocrypt/src/coding.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-coding.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-coding.Tpo -c -o ctaocrypt/src/src_libcyassl_la-coding.lo `test -f 'ctaocrypt/src/coding.c' || echo '$(srcdir)/'`ctaocrypt/src/coding.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-coding.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-coding.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/coding.c' object='ctaocrypt/src/src_libcyassl_la-coding.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-dsa.lo `test -f 'ctaocrypt/src/dsa.c' || echo '$(srcdir)/'`ctaocrypt/src/dsa.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-coding.lo `test -f 'ctaocrypt/src/coding.c' || echo '$(srcdir)/'`ctaocrypt/src/coding.c + +ctaocrypt/src/src_libcyassl_la-aes.lo: ctaocrypt/src/aes.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-aes.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-aes.Tpo -c -o ctaocrypt/src/src_libcyassl_la-aes.lo `test -f 'ctaocrypt/src/aes.c' || echo '$(srcdir)/'`ctaocrypt/src/aes.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-aes.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-aes.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/aes.c' object='ctaocrypt/src/src_libcyassl_la-aes.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-aes.lo `test -f 'ctaocrypt/src/aes.c' || echo '$(srcdir)/'`ctaocrypt/src/aes.c + +ctaocrypt/src/src_libcyassl_la-des3.lo: ctaocrypt/src/des3.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-des3.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-des3.Tpo -c -o ctaocrypt/src/src_libcyassl_la-des3.lo `test -f 'ctaocrypt/src/des3.c' || echo '$(srcdir)/'`ctaocrypt/src/des3.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-des3.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-des3.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/des3.c' object='ctaocrypt/src/src_libcyassl_la-des3.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-des3.lo `test -f 'ctaocrypt/src/des3.c' || echo '$(srcdir)/'`ctaocrypt/src/des3.c + +ctaocrypt/src/src_libcyassl_la-sha.lo: ctaocrypt/src/sha.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-sha.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha.Tpo -c -o ctaocrypt/src/src_libcyassl_la-sha.lo `test -f 'ctaocrypt/src/sha.c' || echo '$(srcdir)/'`ctaocrypt/src/sha.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/sha.c' object='ctaocrypt/src/src_libcyassl_la-sha.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-sha.lo `test -f 'ctaocrypt/src/sha.c' || echo '$(srcdir)/'`ctaocrypt/src/sha.c ctaocrypt/src/src_libcyassl_la-arc4.lo: ctaocrypt/src/arc4.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-arc4.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-arc4.Tpo -c -o ctaocrypt/src/src_libcyassl_la-arc4.lo `test -f 'ctaocrypt/src/arc4.c' || echo '$(srcdir)/'`ctaocrypt/src/arc4.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-arc4.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-arc4.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/arc4.c' object='ctaocrypt/src/src_libcyassl_la-arc4.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-arc4.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-arc4.Tpo -c -o ctaocrypt/src/src_libcyassl_la-arc4.lo `test -f 'ctaocrypt/src/arc4.c' || echo '$(srcdir)/'`ctaocrypt/src/arc4.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-arc4.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-arc4.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/arc4.c' object='ctaocrypt/src/src_libcyassl_la-arc4.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-arc4.lo `test -f 'ctaocrypt/src/arc4.c' || echo '$(srcdir)/'`ctaocrypt/src/arc4.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-arc4.lo `test -f 'ctaocrypt/src/arc4.c' || echo '$(srcdir)/'`ctaocrypt/src/arc4.c -ctaocrypt/src/src_libcyassl_la-rabbit.lo: ctaocrypt/src/rabbit.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-rabbit.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rabbit.Tpo -c -o ctaocrypt/src/src_libcyassl_la-rabbit.lo `test -f 'ctaocrypt/src/rabbit.c' || echo '$(srcdir)/'`ctaocrypt/src/rabbit.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rabbit.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rabbit.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/rabbit.c' object='ctaocrypt/src/src_libcyassl_la-rabbit.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-md4.lo: ctaocrypt/src/md4.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-md4.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md4.Tpo -c -o ctaocrypt/src/src_libcyassl_la-md4.lo `test -f 'ctaocrypt/src/md4.c' || echo '$(srcdir)/'`ctaocrypt/src/md4.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md4.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md4.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/md4.c' object='ctaocrypt/src/src_libcyassl_la-md4.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-md4.lo `test -f 'ctaocrypt/src/md4.c' || echo '$(srcdir)/'`ctaocrypt/src/md4.c + +ctaocrypt/src/src_libcyassl_la-md5.lo: ctaocrypt/src/md5.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-md5.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md5.Tpo -c -o ctaocrypt/src/src_libcyassl_la-md5.lo `test -f 'ctaocrypt/src/md5.c' || echo '$(srcdir)/'`ctaocrypt/src/md5.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md5.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md5.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/md5.c' object='ctaocrypt/src/src_libcyassl_la-md5.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-rabbit.lo `test -f 'ctaocrypt/src/rabbit.c' || echo '$(srcdir)/'`ctaocrypt/src/rabbit.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-md5.lo `test -f 'ctaocrypt/src/md5.c' || echo '$(srcdir)/'`ctaocrypt/src/md5.c ctaocrypt/src/src_libcyassl_la-pwdbased.lo: ctaocrypt/src/pwdbased.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-pwdbased.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pwdbased.Tpo -c -o ctaocrypt/src/src_libcyassl_la-pwdbased.lo `test -f 'ctaocrypt/src/pwdbased.c' || echo '$(srcdir)/'`ctaocrypt/src/pwdbased.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pwdbased.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pwdbased.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/pwdbased.c' object='ctaocrypt/src/src_libcyassl_la-pwdbased.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-pwdbased.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pwdbased.Tpo -c -o ctaocrypt/src/src_libcyassl_la-pwdbased.lo `test -f 'ctaocrypt/src/pwdbased.c' || echo '$(srcdir)/'`ctaocrypt/src/pwdbased.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pwdbased.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pwdbased.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/pwdbased.c' object='ctaocrypt/src/src_libcyassl_la-pwdbased.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-pwdbased.lo `test -f 'ctaocrypt/src/pwdbased.c' || echo '$(srcdir)/'`ctaocrypt/src/pwdbased.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-pwdbased.lo `test -f 'ctaocrypt/src/pwdbased.c' || echo '$(srcdir)/'`ctaocrypt/src/pwdbased.c -ctaocrypt/src/src_libcyassl_la-logging.lo: ctaocrypt/src/logging.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-logging.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-logging.Tpo -c -o ctaocrypt/src/src_libcyassl_la-logging.lo `test -f 'ctaocrypt/src/logging.c' || echo '$(srcdir)/'`ctaocrypt/src/logging.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-logging.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-logging.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/logging.c' object='ctaocrypt/src/src_libcyassl_la-logging.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-dsa.lo: ctaocrypt/src/dsa.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-dsa.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dsa.Tpo -c -o ctaocrypt/src/src_libcyassl_la-dsa.lo `test -f 'ctaocrypt/src/dsa.c' || echo '$(srcdir)/'`ctaocrypt/src/dsa.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dsa.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-dsa.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/dsa.c' object='ctaocrypt/src/src_libcyassl_la-dsa.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-logging.lo `test -f 'ctaocrypt/src/logging.c' || echo '$(srcdir)/'`ctaocrypt/src/logging.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-dsa.lo `test -f 'ctaocrypt/src/dsa.c' || echo '$(srcdir)/'`ctaocrypt/src/dsa.c -ctaocrypt/src/src_libcyassl_la-memory.lo: ctaocrypt/src/memory.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-memory.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-memory.Tpo -c -o ctaocrypt/src/src_libcyassl_la-memory.lo `test -f 'ctaocrypt/src/memory.c' || echo '$(srcdir)/'`ctaocrypt/src/memory.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-memory.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-memory.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/memory.c' object='ctaocrypt/src/src_libcyassl_la-memory.lo' libtool=yes @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-camellia.lo: ctaocrypt/src/camellia.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-camellia.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-camellia.Tpo -c -o ctaocrypt/src/src_libcyassl_la-camellia.lo `test -f 'ctaocrypt/src/camellia.c' || echo '$(srcdir)/'`ctaocrypt/src/camellia.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-camellia.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-camellia.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/camellia.c' object='ctaocrypt/src/src_libcyassl_la-camellia.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-memory.lo `test -f 'ctaocrypt/src/memory.c' || echo '$(srcdir)/'`ctaocrypt/src/memory.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-camellia.lo `test -f 'ctaocrypt/src/camellia.c' || echo '$(srcdir)/'`ctaocrypt/src/camellia.c ctaocrypt/src/src_libcyassl_la-md2.lo: ctaocrypt/src/md2.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-md2.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md2.Tpo -c -o ctaocrypt/src/src_libcyassl_la-md2.lo `test -f 'ctaocrypt/src/md2.c' || echo '$(srcdir)/'`ctaocrypt/src/md2.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md2.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md2.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/md2.c' object='ctaocrypt/src/src_libcyassl_la-md2.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-md2.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md2.Tpo -c -o ctaocrypt/src/src_libcyassl_la-md2.lo `test -f 'ctaocrypt/src/md2.c' || echo '$(srcdir)/'`ctaocrypt/src/md2.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md2.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-md2.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/md2.c' object='ctaocrypt/src/src_libcyassl_la-md2.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-md2.lo `test -f 'ctaocrypt/src/md2.c' || echo '$(srcdir)/'`ctaocrypt/src/md2.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-md2.lo `test -f 'ctaocrypt/src/md2.c' || echo '$(srcdir)/'`ctaocrypt/src/md2.c ctaocrypt/src/src_libcyassl_la-ripemd.lo: ctaocrypt/src/ripemd.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-ripemd.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ripemd.Tpo -c -o ctaocrypt/src/src_libcyassl_la-ripemd.lo `test -f 'ctaocrypt/src/ripemd.c' || echo '$(srcdir)/'`ctaocrypt/src/ripemd.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ripemd.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ripemd.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/ripemd.c' object='ctaocrypt/src/src_libcyassl_la-ripemd.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-ripemd.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ripemd.Tpo -c -o ctaocrypt/src/src_libcyassl_la-ripemd.lo `test -f 'ctaocrypt/src/ripemd.c' || echo '$(srcdir)/'`ctaocrypt/src/ripemd.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ripemd.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ripemd.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/ripemd.c' object='ctaocrypt/src/src_libcyassl_la-ripemd.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-ripemd.lo `test -f 'ctaocrypt/src/ripemd.c' || echo '$(srcdir)/'`ctaocrypt/src/ripemd.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-ripemd.lo `test -f 'ctaocrypt/src/ripemd.c' || echo '$(srcdir)/'`ctaocrypt/src/ripemd.c ctaocrypt/src/src_libcyassl_la-sha512.lo: ctaocrypt/src/sha512.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-sha512.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha512.Tpo -c -o ctaocrypt/src/src_libcyassl_la-sha512.lo `test -f 'ctaocrypt/src/sha512.c' || echo '$(srcdir)/'`ctaocrypt/src/sha512.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha512.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha512.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/sha512.c' object='ctaocrypt/src/src_libcyassl_la-sha512.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-sha512.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha512.Tpo -c -o ctaocrypt/src/src_libcyassl_la-sha512.lo `test -f 'ctaocrypt/src/sha512.c' || echo '$(srcdir)/'`ctaocrypt/src/sha512.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha512.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-sha512.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/sha512.c' object='ctaocrypt/src/src_libcyassl_la-sha512.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-sha512.lo `test -f 'ctaocrypt/src/sha512.c' || echo '$(srcdir)/'`ctaocrypt/src/sha512.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-sha512.lo `test -f 'ctaocrypt/src/sha512.c' || echo '$(srcdir)/'`ctaocrypt/src/sha512.c + +ctaocrypt/src/src_libcyassl_la-blake2b.lo: ctaocrypt/src/blake2b.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-blake2b.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-blake2b.Tpo -c -o ctaocrypt/src/src_libcyassl_la-blake2b.lo `test -f 'ctaocrypt/src/blake2b.c' || echo '$(srcdir)/'`ctaocrypt/src/blake2b.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-blake2b.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-blake2b.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/blake2b.c' object='ctaocrypt/src/src_libcyassl_la-blake2b.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-blake2b.lo `test -f 'ctaocrypt/src/blake2b.c' || echo '$(srcdir)/'`ctaocrypt/src/blake2b.c src/src_libcyassl_la-sniffer.lo: src/sniffer.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-sniffer.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-sniffer.Tpo -c -o src/src_libcyassl_la-sniffer.lo `test -f 'src/sniffer.c' || echo '$(srcdir)/'`src/sniffer.c -@am__fastdepCC_TRUE@ mv -f src/$(DEPDIR)/src_libcyassl_la-sniffer.Tpo src/$(DEPDIR)/src_libcyassl_la-sniffer.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='src/sniffer.c' object='src/src_libcyassl_la-sniffer.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-sniffer.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-sniffer.Tpo -c -o src/src_libcyassl_la-sniffer.lo `test -f 'src/sniffer.c' || echo '$(srcdir)/'`src/sniffer.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libcyassl_la-sniffer.Tpo src/$(DEPDIR)/src_libcyassl_la-sniffer.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='src/sniffer.c' object='src/src_libcyassl_la-sniffer.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-sniffer.lo `test -f 'src/sniffer.c' || echo '$(srcdir)/'`src/sniffer.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-sniffer.lo `test -f 'src/sniffer.c' || echo '$(srcdir)/'`src/sniffer.c ctaocrypt/src/src_libcyassl_la-hc128.lo: ctaocrypt/src/hc128.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-hc128.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hc128.Tpo -c -o ctaocrypt/src/src_libcyassl_la-hc128.lo `test -f 'ctaocrypt/src/hc128.c' || echo '$(srcdir)/'`ctaocrypt/src/hc128.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hc128.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hc128.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/hc128.c' object='ctaocrypt/src/src_libcyassl_la-hc128.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-hc128.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hc128.Tpo -c -o ctaocrypt/src/src_libcyassl_la-hc128.lo `test -f 'ctaocrypt/src/hc128.c' || echo '$(srcdir)/'`ctaocrypt/src/hc128.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hc128.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-hc128.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/hc128.c' object='ctaocrypt/src/src_libcyassl_la-hc128.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-hc128.lo `test -f 'ctaocrypt/src/hc128.c' || echo '$(srcdir)/'`ctaocrypt/src/hc128.c + +ctaocrypt/src/src_libcyassl_la-rabbit.lo: ctaocrypt/src/rabbit.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-rabbit.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rabbit.Tpo -c -o ctaocrypt/src/src_libcyassl_la-rabbit.lo `test -f 'ctaocrypt/src/rabbit.c' || echo '$(srcdir)/'`ctaocrypt/src/rabbit.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rabbit.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-rabbit.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/rabbit.c' object='ctaocrypt/src/src_libcyassl_la-rabbit.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-hc128.lo `test -f 'ctaocrypt/src/hc128.c' || echo '$(srcdir)/'`ctaocrypt/src/hc128.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-rabbit.lo `test -f 'ctaocrypt/src/rabbit.c' || echo '$(srcdir)/'`ctaocrypt/src/rabbit.c ctaocrypt/src/src_libcyassl_la-misc.lo: ctaocrypt/src/misc.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-misc.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-misc.Tpo -c -o ctaocrypt/src/src_libcyassl_la-misc.lo `test -f 'ctaocrypt/src/misc.c' || echo '$(srcdir)/'`ctaocrypt/src/misc.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-misc.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-misc.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/misc.c' object='ctaocrypt/src/src_libcyassl_la-misc.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-misc.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-misc.Tpo -c -o ctaocrypt/src/src_libcyassl_la-misc.lo `test -f 'ctaocrypt/src/misc.c' || echo '$(srcdir)/'`ctaocrypt/src/misc.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-misc.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-misc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/misc.c' object='ctaocrypt/src/src_libcyassl_la-misc.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-misc.lo `test -f 'ctaocrypt/src/misc.c' || echo '$(srcdir)/'`ctaocrypt/src/misc.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-misc.lo `test -f 'ctaocrypt/src/misc.c' || echo '$(srcdir)/'`ctaocrypt/src/misc.c ctaocrypt/src/src_libcyassl_la-tfm.lo: ctaocrypt/src/tfm.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-tfm.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-tfm.Tpo -c -o ctaocrypt/src/src_libcyassl_la-tfm.lo `test -f 'ctaocrypt/src/tfm.c' || echo '$(srcdir)/'`ctaocrypt/src/tfm.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-tfm.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-tfm.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/tfm.c' object='ctaocrypt/src/src_libcyassl_la-tfm.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-tfm.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-tfm.Tpo -c -o ctaocrypt/src/src_libcyassl_la-tfm.lo `test -f 'ctaocrypt/src/tfm.c' || echo '$(srcdir)/'`ctaocrypt/src/tfm.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-tfm.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-tfm.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/tfm.c' object='ctaocrypt/src/src_libcyassl_la-tfm.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-tfm.lo `test -f 'ctaocrypt/src/tfm.c' || echo '$(srcdir)/'`ctaocrypt/src/tfm.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-tfm.lo `test -f 'ctaocrypt/src/tfm.c' || echo '$(srcdir)/'`ctaocrypt/src/tfm.c ctaocrypt/src/src_libcyassl_la-integer.lo: ctaocrypt/src/integer.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-integer.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-integer.Tpo -c -o ctaocrypt/src/src_libcyassl_la-integer.lo `test -f 'ctaocrypt/src/integer.c' || echo '$(srcdir)/'`ctaocrypt/src/integer.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-integer.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-integer.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/integer.c' object='ctaocrypt/src/src_libcyassl_la-integer.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-integer.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-integer.Tpo -c -o ctaocrypt/src/src_libcyassl_la-integer.lo `test -f 'ctaocrypt/src/integer.c' || echo '$(srcdir)/'`ctaocrypt/src/integer.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-integer.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-integer.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/integer.c' object='ctaocrypt/src/src_libcyassl_la-integer.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-integer.lo `test -f 'ctaocrypt/src/integer.c' || echo '$(srcdir)/'`ctaocrypt/src/integer.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-integer.lo `test -f 'ctaocrypt/src/integer.c' || echo '$(srcdir)/'`ctaocrypt/src/integer.c ctaocrypt/src/src_libcyassl_la-ecc.lo: ctaocrypt/src/ecc.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-ecc.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ecc.Tpo -c -o ctaocrypt/src/src_libcyassl_la-ecc.lo `test -f 'ctaocrypt/src/ecc.c' || echo '$(srcdir)/'`ctaocrypt/src/ecc.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ecc.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ecc.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/src/ecc.c' object='ctaocrypt/src/src_libcyassl_la-ecc.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-ecc.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ecc.Tpo -c -o ctaocrypt/src/src_libcyassl_la-ecc.lo `test -f 'ctaocrypt/src/ecc.c' || echo '$(srcdir)/'`ctaocrypt/src/ecc.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ecc.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-ecc.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/ecc.c' object='ctaocrypt/src/src_libcyassl_la-ecc.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-ecc.lo `test -f 'ctaocrypt/src/ecc.c' || echo '$(srcdir)/'`ctaocrypt/src/ecc.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-ecc.lo `test -f 'ctaocrypt/src/ecc.c' || echo '$(srcdir)/'`ctaocrypt/src/ecc.c src/src_libcyassl_la-ocsp.lo: src/ocsp.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-ocsp.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-ocsp.Tpo -c -o src/src_libcyassl_la-ocsp.lo `test -f 'src/ocsp.c' || echo '$(srcdir)/'`src/ocsp.c -@am__fastdepCC_TRUE@ mv -f src/$(DEPDIR)/src_libcyassl_la-ocsp.Tpo src/$(DEPDIR)/src_libcyassl_la-ocsp.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='src/ocsp.c' object='src/src_libcyassl_la-ocsp.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-ocsp.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-ocsp.Tpo -c -o src/src_libcyassl_la-ocsp.lo `test -f 'src/ocsp.c' || echo '$(srcdir)/'`src/ocsp.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libcyassl_la-ocsp.Tpo src/$(DEPDIR)/src_libcyassl_la-ocsp.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='src/ocsp.c' object='src/src_libcyassl_la-ocsp.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-ocsp.lo `test -f 'src/ocsp.c' || echo '$(srcdir)/'`src/ocsp.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-ocsp.lo `test -f 'src/ocsp.c' || echo '$(srcdir)/'`src/ocsp.c src/src_libcyassl_la-crl.lo: src/crl.c -@am__fastdepCC_TRUE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-crl.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-crl.Tpo -c -o src/src_libcyassl_la-crl.lo `test -f 'src/crl.c' || echo '$(srcdir)/'`src/crl.c -@am__fastdepCC_TRUE@ mv -f src/$(DEPDIR)/src_libcyassl_la-crl.Tpo src/$(DEPDIR)/src_libcyassl_la-crl.Plo -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='src/crl.c' object='src/src_libcyassl_la-crl.lo' libtool=yes @AMDEPBACKSLASH@ +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT src/src_libcyassl_la-crl.lo -MD -MP -MF src/$(DEPDIR)/src_libcyassl_la-crl.Tpo -c -o src/src_libcyassl_la-crl.lo `test -f 'src/crl.c' || echo '$(srcdir)/'`src/crl.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) src/$(DEPDIR)/src_libcyassl_la-crl.Tpo src/$(DEPDIR)/src_libcyassl_la-crl.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='src/crl.c' object='src/src_libcyassl_la-crl.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-crl.lo `test -f 'src/crl.c' || echo '$(srcdir)/'`src/crl.c + +ctaocrypt/src/src_libcyassl_la-compress.lo: ctaocrypt/src/compress.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-compress.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-compress.Tpo -c -o ctaocrypt/src/src_libcyassl_la-compress.lo `test -f 'ctaocrypt/src/compress.c' || echo '$(srcdir)/'`ctaocrypt/src/compress.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-compress.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-compress.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/compress.c' object='ctaocrypt/src/src_libcyassl_la-compress.lo' libtool=yes @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-compress.lo `test -f 'ctaocrypt/src/compress.c' || echo '$(srcdir)/'`ctaocrypt/src/compress.c + +ctaocrypt/src/src_libcyassl_la-pkcs7.lo: ctaocrypt/src/pkcs7.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-pkcs7.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pkcs7.Tpo -c -o ctaocrypt/src/src_libcyassl_la-pkcs7.lo `test -f 'ctaocrypt/src/pkcs7.c' || echo '$(srcdir)/'`ctaocrypt/src/pkcs7.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pkcs7.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-pkcs7.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/pkcs7.c' object='ctaocrypt/src/src_libcyassl_la-pkcs7.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(LIBTOOL) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o src/src_libcyassl_la-crl.lo `test -f 'src/crl.c' || echo '$(srcdir)/'`src/crl.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-pkcs7.lo `test -f 'ctaocrypt/src/pkcs7.c' || echo '$(srcdir)/'`ctaocrypt/src/pkcs7.c -tests/tests_unit-unit.o: tests/unit.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT tests/tests_unit-unit.o -MD -MP -MF tests/$(DEPDIR)/tests_unit-unit.Tpo -c -o tests/tests_unit-unit.o `test -f 'tests/unit.c' || echo '$(srcdir)/'`tests/unit.c -@am__fastdepCC_TRUE@ mv -f tests/$(DEPDIR)/tests_unit-unit.Tpo tests/$(DEPDIR)/tests_unit-unit.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/unit.c' object='tests/tests_unit-unit.o' libtool=no @AMDEPBACKSLASH@ +ctaocrypt/src/src_libcyassl_la-wolfcrypt_last.lo: ctaocrypt/src/wolfcrypt_last.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -MT ctaocrypt/src/src_libcyassl_la-wolfcrypt_last.lo -MD -MP -MF ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wolfcrypt_last.Tpo -c -o ctaocrypt/src/src_libcyassl_la-wolfcrypt_last.lo `test -f 'ctaocrypt/src/wolfcrypt_last.c' || echo '$(srcdir)/'`ctaocrypt/src/wolfcrypt_last.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wolfcrypt_last.Tpo ctaocrypt/src/$(DEPDIR)/src_libcyassl_la-wolfcrypt_last.Plo +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/src/wolfcrypt_last.c' object='ctaocrypt/src/src_libcyassl_la-wolfcrypt_last.lo' libtool=yes @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o tests/tests_unit-unit.o `test -f 'tests/unit.c' || echo '$(srcdir)/'`tests/unit.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(LIBTOOL) $(AM_V_lt) --tag=CC $(AM_LIBTOOLFLAGS) $(LIBTOOLFLAGS) --mode=compile $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(src_libcyassl_la_CPPFLAGS) $(CPPFLAGS) $(src_libcyassl_la_CFLAGS) $(CFLAGS) -c -o ctaocrypt/src/src_libcyassl_la-wolfcrypt_last.lo `test -f 'ctaocrypt/src/wolfcrypt_last.c' || echo '$(srcdir)/'`ctaocrypt/src/wolfcrypt_last.c -tests/tests_unit-unit.obj: tests/unit.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT tests/tests_unit-unit.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit-unit.Tpo -c -o tests/tests_unit-unit.obj `if test -f 'tests/unit.c'; then $(CYGPATH_W) 'tests/unit.c'; else $(CYGPATH_W) '$(srcdir)/tests/unit.c'; fi` -@am__fastdepCC_TRUE@ mv -f tests/$(DEPDIR)/tests_unit-unit.Tpo tests/$(DEPDIR)/tests_unit-unit.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/unit.c' object='tests/tests_unit-unit.obj' libtool=no @AMDEPBACKSLASH@ +tests/tests_unit_test-unit.o: tests/unit.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-unit.o -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-unit.Tpo -c -o tests/tests_unit_test-unit.o `test -f 'tests/unit.c' || echo '$(srcdir)/'`tests/unit.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-unit.Tpo tests/$(DEPDIR)/tests_unit_test-unit.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests/unit.c' object='tests/tests_unit_test-unit.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o tests/tests_unit-unit.obj `if test -f 'tests/unit.c'; then $(CYGPATH_W) 'tests/unit.c'; else $(CYGPATH_W) '$(srcdir)/tests/unit.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-unit.o `test -f 'tests/unit.c' || echo '$(srcdir)/'`tests/unit.c -tests/tests_unit-api.o: tests/api.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT tests/tests_unit-api.o -MD -MP -MF tests/$(DEPDIR)/tests_unit-api.Tpo -c -o tests/tests_unit-api.o `test -f 'tests/api.c' || echo '$(srcdir)/'`tests/api.c -@am__fastdepCC_TRUE@ mv -f tests/$(DEPDIR)/tests_unit-api.Tpo tests/$(DEPDIR)/tests_unit-api.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/api.c' object='tests/tests_unit-api.o' libtool=no @AMDEPBACKSLASH@ +tests/tests_unit_test-unit.obj: tests/unit.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-unit.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-unit.Tpo -c -o tests/tests_unit_test-unit.obj `if test -f 'tests/unit.c'; then $(CYGPATH_W) 'tests/unit.c'; else $(CYGPATH_W) '$(srcdir)/tests/unit.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-unit.Tpo tests/$(DEPDIR)/tests_unit_test-unit.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests/unit.c' object='tests/tests_unit_test-unit.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o tests/tests_unit-api.o `test -f 'tests/api.c' || echo '$(srcdir)/'`tests/api.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-unit.obj `if test -f 'tests/unit.c'; then $(CYGPATH_W) 'tests/unit.c'; else $(CYGPATH_W) '$(srcdir)/tests/unit.c'; fi` -tests/tests_unit-api.obj: tests/api.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT tests/tests_unit-api.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit-api.Tpo -c -o tests/tests_unit-api.obj `if test -f 'tests/api.c'; then $(CYGPATH_W) 'tests/api.c'; else $(CYGPATH_W) '$(srcdir)/tests/api.c'; fi` -@am__fastdepCC_TRUE@ mv -f tests/$(DEPDIR)/tests_unit-api.Tpo tests/$(DEPDIR)/tests_unit-api.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/api.c' object='tests/tests_unit-api.obj' libtool=no @AMDEPBACKSLASH@ +tests/tests_unit_test-api.o: tests/api.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-api.o -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-api.Tpo -c -o tests/tests_unit_test-api.o `test -f 'tests/api.c' || echo '$(srcdir)/'`tests/api.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-api.Tpo tests/$(DEPDIR)/tests_unit_test-api.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests/api.c' object='tests/tests_unit_test-api.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o tests/tests_unit-api.obj `if test -f 'tests/api.c'; then $(CYGPATH_W) 'tests/api.c'; else $(CYGPATH_W) '$(srcdir)/tests/api.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-api.o `test -f 'tests/api.c' || echo '$(srcdir)/'`tests/api.c -tests/tests_unit-suites.o: tests/suites.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT tests/tests_unit-suites.o -MD -MP -MF tests/$(DEPDIR)/tests_unit-suites.Tpo -c -o tests/tests_unit-suites.o `test -f 'tests/suites.c' || echo '$(srcdir)/'`tests/suites.c -@am__fastdepCC_TRUE@ mv -f tests/$(DEPDIR)/tests_unit-suites.Tpo tests/$(DEPDIR)/tests_unit-suites.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/suites.c' object='tests/tests_unit-suites.o' libtool=no @AMDEPBACKSLASH@ +tests/tests_unit_test-api.obj: tests/api.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-api.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-api.Tpo -c -o tests/tests_unit_test-api.obj `if test -f 'tests/api.c'; then $(CYGPATH_W) 'tests/api.c'; else $(CYGPATH_W) '$(srcdir)/tests/api.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-api.Tpo tests/$(DEPDIR)/tests_unit_test-api.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests/api.c' object='tests/tests_unit_test-api.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o tests/tests_unit-suites.o `test -f 'tests/suites.c' || echo '$(srcdir)/'`tests/suites.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-api.obj `if test -f 'tests/api.c'; then $(CYGPATH_W) 'tests/api.c'; else $(CYGPATH_W) '$(srcdir)/tests/api.c'; fi` -tests/tests_unit-suites.obj: tests/suites.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT tests/tests_unit-suites.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit-suites.Tpo -c -o tests/tests_unit-suites.obj `if test -f 'tests/suites.c'; then $(CYGPATH_W) 'tests/suites.c'; else $(CYGPATH_W) '$(srcdir)/tests/suites.c'; fi` -@am__fastdepCC_TRUE@ mv -f tests/$(DEPDIR)/tests_unit-suites.Tpo tests/$(DEPDIR)/tests_unit-suites.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/suites.c' object='tests/tests_unit-suites.obj' libtool=no @AMDEPBACKSLASH@ +tests/tests_unit_test-suites.o: tests/suites.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-suites.o -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-suites.Tpo -c -o tests/tests_unit_test-suites.o `test -f 'tests/suites.c' || echo '$(srcdir)/'`tests/suites.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-suites.Tpo tests/$(DEPDIR)/tests_unit_test-suites.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests/suites.c' object='tests/tests_unit_test-suites.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o tests/tests_unit-suites.obj `if test -f 'tests/suites.c'; then $(CYGPATH_W) 'tests/suites.c'; else $(CYGPATH_W) '$(srcdir)/tests/suites.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-suites.o `test -f 'tests/suites.c' || echo '$(srcdir)/'`tests/suites.c -tests/tests_unit-hash.o: tests/hash.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT tests/tests_unit-hash.o -MD -MP -MF tests/$(DEPDIR)/tests_unit-hash.Tpo -c -o tests/tests_unit-hash.o `test -f 'tests/hash.c' || echo '$(srcdir)/'`tests/hash.c -@am__fastdepCC_TRUE@ mv -f tests/$(DEPDIR)/tests_unit-hash.Tpo tests/$(DEPDIR)/tests_unit-hash.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/hash.c' object='tests/tests_unit-hash.o' libtool=no @AMDEPBACKSLASH@ +tests/tests_unit_test-suites.obj: tests/suites.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-suites.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-suites.Tpo -c -o tests/tests_unit_test-suites.obj `if test -f 'tests/suites.c'; then $(CYGPATH_W) 'tests/suites.c'; else $(CYGPATH_W) '$(srcdir)/tests/suites.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-suites.Tpo tests/$(DEPDIR)/tests_unit_test-suites.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests/suites.c' object='tests/tests_unit_test-suites.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o tests/tests_unit-hash.o `test -f 'tests/hash.c' || echo '$(srcdir)/'`tests/hash.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-suites.obj `if test -f 'tests/suites.c'; then $(CYGPATH_W) 'tests/suites.c'; else $(CYGPATH_W) '$(srcdir)/tests/suites.c'; fi` -tests/tests_unit-hash.obj: tests/hash.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT tests/tests_unit-hash.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit-hash.Tpo -c -o tests/tests_unit-hash.obj `if test -f 'tests/hash.c'; then $(CYGPATH_W) 'tests/hash.c'; else $(CYGPATH_W) '$(srcdir)/tests/hash.c'; fi` -@am__fastdepCC_TRUE@ mv -f tests/$(DEPDIR)/tests_unit-hash.Tpo tests/$(DEPDIR)/tests_unit-hash.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='tests/hash.c' object='tests/tests_unit-hash.obj' libtool=no @AMDEPBACKSLASH@ +tests/tests_unit_test-hash.o: tests/hash.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-hash.o -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-hash.Tpo -c -o tests/tests_unit_test-hash.o `test -f 'tests/hash.c' || echo '$(srcdir)/'`tests/hash.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-hash.Tpo tests/$(DEPDIR)/tests_unit_test-hash.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests/hash.c' object='tests/tests_unit_test-hash.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o tests/tests_unit-hash.obj `if test -f 'tests/hash.c'; then $(CYGPATH_W) 'tests/hash.c'; else $(CYGPATH_W) '$(srcdir)/tests/hash.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-hash.o `test -f 'tests/hash.c' || echo '$(srcdir)/'`tests/hash.c -examples/client/tests_unit-client.o: examples/client/client.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT examples/client/tests_unit-client.o -MD -MP -MF examples/client/$(DEPDIR)/tests_unit-client.Tpo -c -o examples/client/tests_unit-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c -@am__fastdepCC_TRUE@ mv -f examples/client/$(DEPDIR)/tests_unit-client.Tpo examples/client/$(DEPDIR)/tests_unit-client.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/client/client.c' object='examples/client/tests_unit-client.o' libtool=no @AMDEPBACKSLASH@ +tests/tests_unit_test-hash.obj: tests/hash.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT tests/tests_unit_test-hash.obj -MD -MP -MF tests/$(DEPDIR)/tests_unit_test-hash.Tpo -c -o tests/tests_unit_test-hash.obj `if test -f 'tests/hash.c'; then $(CYGPATH_W) 'tests/hash.c'; else $(CYGPATH_W) '$(srcdir)/tests/hash.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) tests/$(DEPDIR)/tests_unit_test-hash.Tpo tests/$(DEPDIR)/tests_unit_test-hash.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='tests/hash.c' object='tests/tests_unit_test-hash.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o examples/client/tests_unit-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o tests/tests_unit_test-hash.obj `if test -f 'tests/hash.c'; then $(CYGPATH_W) 'tests/hash.c'; else $(CYGPATH_W) '$(srcdir)/tests/hash.c'; fi` -examples/client/tests_unit-client.obj: examples/client/client.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT examples/client/tests_unit-client.obj -MD -MP -MF examples/client/$(DEPDIR)/tests_unit-client.Tpo -c -o examples/client/tests_unit-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi` -@am__fastdepCC_TRUE@ mv -f examples/client/$(DEPDIR)/tests_unit-client.Tpo examples/client/$(DEPDIR)/tests_unit-client.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/client/client.c' object='examples/client/tests_unit-client.obj' libtool=no @AMDEPBACKSLASH@ +examples/client/tests_unit_test-client.o: examples/client/client.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT examples/client/tests_unit_test-client.o -MD -MP -MF examples/client/$(DEPDIR)/tests_unit_test-client.Tpo -c -o examples/client/tests_unit_test-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/client/$(DEPDIR)/tests_unit_test-client.Tpo examples/client/$(DEPDIR)/tests_unit_test-client.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/client/client.c' object='examples/client/tests_unit_test-client.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o examples/client/tests_unit-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o examples/client/tests_unit_test-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c -examples/server/tests_unit-server.o: examples/server/server.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT examples/server/tests_unit-server.o -MD -MP -MF examples/server/$(DEPDIR)/tests_unit-server.Tpo -c -o examples/server/tests_unit-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c -@am__fastdepCC_TRUE@ mv -f examples/server/$(DEPDIR)/tests_unit-server.Tpo examples/server/$(DEPDIR)/tests_unit-server.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/server/server.c' object='examples/server/tests_unit-server.o' libtool=no @AMDEPBACKSLASH@ +examples/client/tests_unit_test-client.obj: examples/client/client.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT examples/client/tests_unit_test-client.obj -MD -MP -MF examples/client/$(DEPDIR)/tests_unit_test-client.Tpo -c -o examples/client/tests_unit_test-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/client/$(DEPDIR)/tests_unit_test-client.Tpo examples/client/$(DEPDIR)/tests_unit_test-client.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/client/client.c' object='examples/client/tests_unit_test-client.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o examples/server/tests_unit-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o examples/client/tests_unit_test-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi` -examples/server/tests_unit-server.obj: examples/server/server.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -MT examples/server/tests_unit-server.obj -MD -MP -MF examples/server/$(DEPDIR)/tests_unit-server.Tpo -c -o examples/server/tests_unit-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi` -@am__fastdepCC_TRUE@ mv -f examples/server/$(DEPDIR)/tests_unit-server.Tpo examples/server/$(DEPDIR)/tests_unit-server.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/server/server.c' object='examples/server/tests_unit-server.obj' libtool=no @AMDEPBACKSLASH@ +examples/server/tests_unit_test-server.o: examples/server/server.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT examples/server/tests_unit_test-server.o -MD -MP -MF examples/server/$(DEPDIR)/tests_unit_test-server.Tpo -c -o examples/server/tests_unit_test-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/server/$(DEPDIR)/tests_unit_test-server.Tpo examples/server/$(DEPDIR)/tests_unit_test-server.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/server/server.c' object='examples/server/tests_unit_test-server.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_CFLAGS) $(CFLAGS) -c -o examples/server/tests_unit-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o examples/server/tests_unit_test-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c -ctaocrypt/test/testsuite_testsuite-test.o: ctaocrypt/test/test.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT ctaocrypt/test/testsuite_testsuite-test.o -MD -MP -MF ctaocrypt/test/$(DEPDIR)/testsuite_testsuite-test.Tpo -c -o ctaocrypt/test/testsuite_testsuite-test.o `test -f 'ctaocrypt/test/test.c' || echo '$(srcdir)/'`ctaocrypt/test/test.c -@am__fastdepCC_TRUE@ mv -f ctaocrypt/test/$(DEPDIR)/testsuite_testsuite-test.Tpo ctaocrypt/test/$(DEPDIR)/testsuite_testsuite-test.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/test/test.c' object='ctaocrypt/test/testsuite_testsuite-test.o' libtool=no @AMDEPBACKSLASH@ +examples/server/tests_unit_test-server.obj: examples/server/server.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -MT examples/server/tests_unit_test-server.obj -MD -MP -MF examples/server/$(DEPDIR)/tests_unit_test-server.Tpo -c -o examples/server/tests_unit_test-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/server/$(DEPDIR)/tests_unit_test-server.Tpo examples/server/$(DEPDIR)/tests_unit_test-server.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/server/server.c' object='examples/server/tests_unit_test-server.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o ctaocrypt/test/testsuite_testsuite-test.o `test -f 'ctaocrypt/test/test.c' || echo '$(srcdir)/'`ctaocrypt/test/test.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(tests_unit_test_CFLAGS) $(CFLAGS) -c -o examples/server/tests_unit_test-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi` -ctaocrypt/test/testsuite_testsuite-test.obj: ctaocrypt/test/test.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT ctaocrypt/test/testsuite_testsuite-test.obj -MD -MP -MF ctaocrypt/test/$(DEPDIR)/testsuite_testsuite-test.Tpo -c -o ctaocrypt/test/testsuite_testsuite-test.obj `if test -f 'ctaocrypt/test/test.c'; then $(CYGPATH_W) 'ctaocrypt/test/test.c'; else $(CYGPATH_W) '$(srcdir)/ctaocrypt/test/test.c'; fi` -@am__fastdepCC_TRUE@ mv -f ctaocrypt/test/$(DEPDIR)/testsuite_testsuite-test.Tpo ctaocrypt/test/$(DEPDIR)/testsuite_testsuite-test.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='ctaocrypt/test/test.c' object='ctaocrypt/test/testsuite_testsuite-test.obj' libtool=no @AMDEPBACKSLASH@ +ctaocrypt/test/testsuite_testsuite_test-test.o: ctaocrypt/test/test.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT ctaocrypt/test/testsuite_testsuite_test-test.o -MD -MP -MF ctaocrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Tpo -c -o ctaocrypt/test/testsuite_testsuite_test-test.o `test -f 'ctaocrypt/test/test.c' || echo '$(srcdir)/'`ctaocrypt/test/test.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Tpo ctaocrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/test/test.c' object='ctaocrypt/test/testsuite_testsuite_test-test.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o ctaocrypt/test/testsuite_testsuite-test.obj `if test -f 'ctaocrypt/test/test.c'; then $(CYGPATH_W) 'ctaocrypt/test/test.c'; else $(CYGPATH_W) '$(srcdir)/ctaocrypt/test/test.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o ctaocrypt/test/testsuite_testsuite_test-test.o `test -f 'ctaocrypt/test/test.c' || echo '$(srcdir)/'`ctaocrypt/test/test.c -examples/client/testsuite_testsuite-client.o: examples/client/client.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT examples/client/testsuite_testsuite-client.o -MD -MP -MF examples/client/$(DEPDIR)/testsuite_testsuite-client.Tpo -c -o examples/client/testsuite_testsuite-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c -@am__fastdepCC_TRUE@ mv -f examples/client/$(DEPDIR)/testsuite_testsuite-client.Tpo examples/client/$(DEPDIR)/testsuite_testsuite-client.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/client/client.c' object='examples/client/testsuite_testsuite-client.o' libtool=no @AMDEPBACKSLASH@ +ctaocrypt/test/testsuite_testsuite_test-test.obj: ctaocrypt/test/test.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT ctaocrypt/test/testsuite_testsuite_test-test.obj -MD -MP -MF ctaocrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Tpo -c -o ctaocrypt/test/testsuite_testsuite_test-test.obj `if test -f 'ctaocrypt/test/test.c'; then $(CYGPATH_W) 'ctaocrypt/test/test.c'; else $(CYGPATH_W) '$(srcdir)/ctaocrypt/test/test.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) ctaocrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Tpo ctaocrypt/test/$(DEPDIR)/testsuite_testsuite_test-test.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='ctaocrypt/test/test.c' object='ctaocrypt/test/testsuite_testsuite_test-test.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o examples/client/testsuite_testsuite-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o ctaocrypt/test/testsuite_testsuite_test-test.obj `if test -f 'ctaocrypt/test/test.c'; then $(CYGPATH_W) 'ctaocrypt/test/test.c'; else $(CYGPATH_W) '$(srcdir)/ctaocrypt/test/test.c'; fi` -examples/client/testsuite_testsuite-client.obj: examples/client/client.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT examples/client/testsuite_testsuite-client.obj -MD -MP -MF examples/client/$(DEPDIR)/testsuite_testsuite-client.Tpo -c -o examples/client/testsuite_testsuite-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi` -@am__fastdepCC_TRUE@ mv -f examples/client/$(DEPDIR)/testsuite_testsuite-client.Tpo examples/client/$(DEPDIR)/testsuite_testsuite-client.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/client/client.c' object='examples/client/testsuite_testsuite-client.obj' libtool=no @AMDEPBACKSLASH@ +examples/client/testsuite_testsuite_test-client.o: examples/client/client.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/client/testsuite_testsuite_test-client.o -MD -MP -MF examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Tpo -c -o examples/client/testsuite_testsuite_test-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Tpo examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/client/client.c' object='examples/client/testsuite_testsuite_test-client.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o examples/client/testsuite_testsuite-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/client/testsuite_testsuite_test-client.o `test -f 'examples/client/client.c' || echo '$(srcdir)/'`examples/client/client.c -examples/echoclient/testsuite_testsuite-echoclient.o: examples/echoclient/echoclient.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT examples/echoclient/testsuite_testsuite-echoclient.o -MD -MP -MF examples/echoclient/$(DEPDIR)/testsuite_testsuite-echoclient.Tpo -c -o examples/echoclient/testsuite_testsuite-echoclient.o `test -f 'examples/echoclient/echoclient.c' || echo '$(srcdir)/'`examples/echoclient/echoclient.c -@am__fastdepCC_TRUE@ mv -f examples/echoclient/$(DEPDIR)/testsuite_testsuite-echoclient.Tpo examples/echoclient/$(DEPDIR)/testsuite_testsuite-echoclient.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/echoclient/echoclient.c' object='examples/echoclient/testsuite_testsuite-echoclient.o' libtool=no @AMDEPBACKSLASH@ +examples/client/testsuite_testsuite_test-client.obj: examples/client/client.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/client/testsuite_testsuite_test-client.obj -MD -MP -MF examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Tpo -c -o examples/client/testsuite_testsuite_test-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Tpo examples/client/$(DEPDIR)/testsuite_testsuite_test-client.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/client/client.c' object='examples/client/testsuite_testsuite_test-client.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o examples/echoclient/testsuite_testsuite-echoclient.o `test -f 'examples/echoclient/echoclient.c' || echo '$(srcdir)/'`examples/echoclient/echoclient.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/client/testsuite_testsuite_test-client.obj `if test -f 'examples/client/client.c'; then $(CYGPATH_W) 'examples/client/client.c'; else $(CYGPATH_W) '$(srcdir)/examples/client/client.c'; fi` -examples/echoclient/testsuite_testsuite-echoclient.obj: examples/echoclient/echoclient.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT examples/echoclient/testsuite_testsuite-echoclient.obj -MD -MP -MF examples/echoclient/$(DEPDIR)/testsuite_testsuite-echoclient.Tpo -c -o examples/echoclient/testsuite_testsuite-echoclient.obj `if test -f 'examples/echoclient/echoclient.c'; then $(CYGPATH_W) 'examples/echoclient/echoclient.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoclient/echoclient.c'; fi` -@am__fastdepCC_TRUE@ mv -f examples/echoclient/$(DEPDIR)/testsuite_testsuite-echoclient.Tpo examples/echoclient/$(DEPDIR)/testsuite_testsuite-echoclient.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/echoclient/echoclient.c' object='examples/echoclient/testsuite_testsuite-echoclient.obj' libtool=no @AMDEPBACKSLASH@ +examples/echoclient/testsuite_testsuite_test-echoclient.o: examples/echoclient/echoclient.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/echoclient/testsuite_testsuite_test-echoclient.o -MD -MP -MF examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Tpo -c -o examples/echoclient/testsuite_testsuite_test-echoclient.o `test -f 'examples/echoclient/echoclient.c' || echo '$(srcdir)/'`examples/echoclient/echoclient.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Tpo examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/echoclient/echoclient.c' object='examples/echoclient/testsuite_testsuite_test-echoclient.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o examples/echoclient/testsuite_testsuite-echoclient.obj `if test -f 'examples/echoclient/echoclient.c'; then $(CYGPATH_W) 'examples/echoclient/echoclient.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoclient/echoclient.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/echoclient/testsuite_testsuite_test-echoclient.o `test -f 'examples/echoclient/echoclient.c' || echo '$(srcdir)/'`examples/echoclient/echoclient.c -examples/echoserver/testsuite_testsuite-echoserver.o: examples/echoserver/echoserver.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT examples/echoserver/testsuite_testsuite-echoserver.o -MD -MP -MF examples/echoserver/$(DEPDIR)/testsuite_testsuite-echoserver.Tpo -c -o examples/echoserver/testsuite_testsuite-echoserver.o `test -f 'examples/echoserver/echoserver.c' || echo '$(srcdir)/'`examples/echoserver/echoserver.c -@am__fastdepCC_TRUE@ mv -f examples/echoserver/$(DEPDIR)/testsuite_testsuite-echoserver.Tpo examples/echoserver/$(DEPDIR)/testsuite_testsuite-echoserver.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/echoserver/echoserver.c' object='examples/echoserver/testsuite_testsuite-echoserver.o' libtool=no @AMDEPBACKSLASH@ +examples/echoclient/testsuite_testsuite_test-echoclient.obj: examples/echoclient/echoclient.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/echoclient/testsuite_testsuite_test-echoclient.obj -MD -MP -MF examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Tpo -c -o examples/echoclient/testsuite_testsuite_test-echoclient.obj `if test -f 'examples/echoclient/echoclient.c'; then $(CYGPATH_W) 'examples/echoclient/echoclient.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoclient/echoclient.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Tpo examples/echoclient/$(DEPDIR)/testsuite_testsuite_test-echoclient.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/echoclient/echoclient.c' object='examples/echoclient/testsuite_testsuite_test-echoclient.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o examples/echoserver/testsuite_testsuite-echoserver.o `test -f 'examples/echoserver/echoserver.c' || echo '$(srcdir)/'`examples/echoserver/echoserver.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/echoclient/testsuite_testsuite_test-echoclient.obj `if test -f 'examples/echoclient/echoclient.c'; then $(CYGPATH_W) 'examples/echoclient/echoclient.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoclient/echoclient.c'; fi` -examples/echoserver/testsuite_testsuite-echoserver.obj: examples/echoserver/echoserver.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT examples/echoserver/testsuite_testsuite-echoserver.obj -MD -MP -MF examples/echoserver/$(DEPDIR)/testsuite_testsuite-echoserver.Tpo -c -o examples/echoserver/testsuite_testsuite-echoserver.obj `if test -f 'examples/echoserver/echoserver.c'; then $(CYGPATH_W) 'examples/echoserver/echoserver.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoserver/echoserver.c'; fi` -@am__fastdepCC_TRUE@ mv -f examples/echoserver/$(DEPDIR)/testsuite_testsuite-echoserver.Tpo examples/echoserver/$(DEPDIR)/testsuite_testsuite-echoserver.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/echoserver/echoserver.c' object='examples/echoserver/testsuite_testsuite-echoserver.obj' libtool=no @AMDEPBACKSLASH@ +examples/echoserver/testsuite_testsuite_test-echoserver.o: examples/echoserver/echoserver.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/echoserver/testsuite_testsuite_test-echoserver.o -MD -MP -MF examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Tpo -c -o examples/echoserver/testsuite_testsuite_test-echoserver.o `test -f 'examples/echoserver/echoserver.c' || echo '$(srcdir)/'`examples/echoserver/echoserver.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Tpo examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/echoserver/echoserver.c' object='examples/echoserver/testsuite_testsuite_test-echoserver.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o examples/echoserver/testsuite_testsuite-echoserver.obj `if test -f 'examples/echoserver/echoserver.c'; then $(CYGPATH_W) 'examples/echoserver/echoserver.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoserver/echoserver.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/echoserver/testsuite_testsuite_test-echoserver.o `test -f 'examples/echoserver/echoserver.c' || echo '$(srcdir)/'`examples/echoserver/echoserver.c -examples/server/testsuite_testsuite-server.o: examples/server/server.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT examples/server/testsuite_testsuite-server.o -MD -MP -MF examples/server/$(DEPDIR)/testsuite_testsuite-server.Tpo -c -o examples/server/testsuite_testsuite-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c -@am__fastdepCC_TRUE@ mv -f examples/server/$(DEPDIR)/testsuite_testsuite-server.Tpo examples/server/$(DEPDIR)/testsuite_testsuite-server.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/server/server.c' object='examples/server/testsuite_testsuite-server.o' libtool=no @AMDEPBACKSLASH@ +examples/echoserver/testsuite_testsuite_test-echoserver.obj: examples/echoserver/echoserver.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/echoserver/testsuite_testsuite_test-echoserver.obj -MD -MP -MF examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Tpo -c -o examples/echoserver/testsuite_testsuite_test-echoserver.obj `if test -f 'examples/echoserver/echoserver.c'; then $(CYGPATH_W) 'examples/echoserver/echoserver.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoserver/echoserver.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Tpo examples/echoserver/$(DEPDIR)/testsuite_testsuite_test-echoserver.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/echoserver/echoserver.c' object='examples/echoserver/testsuite_testsuite_test-echoserver.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o examples/server/testsuite_testsuite-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/echoserver/testsuite_testsuite_test-echoserver.obj `if test -f 'examples/echoserver/echoserver.c'; then $(CYGPATH_W) 'examples/echoserver/echoserver.c'; else $(CYGPATH_W) '$(srcdir)/examples/echoserver/echoserver.c'; fi` -examples/server/testsuite_testsuite-server.obj: examples/server/server.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT examples/server/testsuite_testsuite-server.obj -MD -MP -MF examples/server/$(DEPDIR)/testsuite_testsuite-server.Tpo -c -o examples/server/testsuite_testsuite-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi` -@am__fastdepCC_TRUE@ mv -f examples/server/$(DEPDIR)/testsuite_testsuite-server.Tpo examples/server/$(DEPDIR)/testsuite_testsuite-server.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='examples/server/server.c' object='examples/server/testsuite_testsuite-server.obj' libtool=no @AMDEPBACKSLASH@ +examples/server/testsuite_testsuite_test-server.o: examples/server/server.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/server/testsuite_testsuite_test-server.o -MD -MP -MF examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Tpo -c -o examples/server/testsuite_testsuite_test-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Tpo examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/server/server.c' object='examples/server/testsuite_testsuite_test-server.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o examples/server/testsuite_testsuite-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/server/testsuite_testsuite_test-server.o `test -f 'examples/server/server.c' || echo '$(srcdir)/'`examples/server/server.c -testsuite/testsuite_testsuite-testsuite.o: testsuite/testsuite.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT testsuite/testsuite_testsuite-testsuite.o -MD -MP -MF testsuite/$(DEPDIR)/testsuite_testsuite-testsuite.Tpo -c -o testsuite/testsuite_testsuite-testsuite.o `test -f 'testsuite/testsuite.c' || echo '$(srcdir)/'`testsuite/testsuite.c -@am__fastdepCC_TRUE@ mv -f testsuite/$(DEPDIR)/testsuite_testsuite-testsuite.Tpo testsuite/$(DEPDIR)/testsuite_testsuite-testsuite.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='testsuite/testsuite.c' object='testsuite/testsuite_testsuite-testsuite.o' libtool=no @AMDEPBACKSLASH@ +examples/server/testsuite_testsuite_test-server.obj: examples/server/server.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT examples/server/testsuite_testsuite_test-server.obj -MD -MP -MF examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Tpo -c -o examples/server/testsuite_testsuite_test-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Tpo examples/server/$(DEPDIR)/testsuite_testsuite_test-server.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='examples/server/server.c' object='examples/server/testsuite_testsuite_test-server.obj' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o testsuite/testsuite_testsuite-testsuite.o `test -f 'testsuite/testsuite.c' || echo '$(srcdir)/'`testsuite/testsuite.c +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o examples/server/testsuite_testsuite_test-server.obj `if test -f 'examples/server/server.c'; then $(CYGPATH_W) 'examples/server/server.c'; else $(CYGPATH_W) '$(srcdir)/examples/server/server.c'; fi` -testsuite/testsuite_testsuite-testsuite.obj: testsuite/testsuite.c -@am__fastdepCC_TRUE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -MT testsuite/testsuite_testsuite-testsuite.obj -MD -MP -MF testsuite/$(DEPDIR)/testsuite_testsuite-testsuite.Tpo -c -o testsuite/testsuite_testsuite-testsuite.obj `if test -f 'testsuite/testsuite.c'; then $(CYGPATH_W) 'testsuite/testsuite.c'; else $(CYGPATH_W) '$(srcdir)/testsuite/testsuite.c'; fi` -@am__fastdepCC_TRUE@ mv -f testsuite/$(DEPDIR)/testsuite_testsuite-testsuite.Tpo testsuite/$(DEPDIR)/testsuite_testsuite-testsuite.Po -@AMDEP_TRUE@@am__fastdepCC_FALSE@ source='testsuite/testsuite.c' object='testsuite/testsuite_testsuite-testsuite.obj' libtool=no @AMDEPBACKSLASH@ +testsuite/testsuite_testsuite_test-testsuite.o: testsuite/testsuite.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT testsuite/testsuite_testsuite_test-testsuite.o -MD -MP -MF testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Tpo -c -o testsuite/testsuite_testsuite_test-testsuite.o `test -f 'testsuite/testsuite.c' || echo '$(srcdir)/'`testsuite/testsuite.c +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Tpo testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='testsuite/testsuite.c' object='testsuite/testsuite_testsuite_test-testsuite.o' libtool=no @AMDEPBACKSLASH@ @AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ -@am__fastdepCC_FALSE@ $(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_CFLAGS) $(CFLAGS) -c -o testsuite/testsuite_testsuite-testsuite.obj `if test -f 'testsuite/testsuite.c'; then $(CYGPATH_W) 'testsuite/testsuite.c'; else $(CYGPATH_W) '$(srcdir)/testsuite/testsuite.c'; fi` +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o testsuite/testsuite_testsuite_test-testsuite.o `test -f 'testsuite/testsuite.c' || echo '$(srcdir)/'`testsuite/testsuite.c + +testsuite/testsuite_testsuite_test-testsuite.obj: testsuite/testsuite.c +@am__fastdepCC_TRUE@ $(AM_V_CC)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -MT testsuite/testsuite_testsuite_test-testsuite.obj -MD -MP -MF testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Tpo -c -o testsuite/testsuite_testsuite_test-testsuite.obj `if test -f 'testsuite/testsuite.c'; then $(CYGPATH_W) 'testsuite/testsuite.c'; else $(CYGPATH_W) '$(srcdir)/testsuite/testsuite.c'; fi` +@am__fastdepCC_TRUE@ $(AM_V_at)$(am__mv) testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Tpo testsuite/$(DEPDIR)/testsuite_testsuite_test-testsuite.Po +@AMDEP_TRUE@@am__fastdepCC_FALSE@ $(AM_V_CC)source='testsuite/testsuite.c' object='testsuite/testsuite_testsuite_test-testsuite.obj' libtool=no @AMDEPBACKSLASH@ +@AMDEP_TRUE@@am__fastdepCC_FALSE@ DEPDIR=$(DEPDIR) $(CCDEPMODE) $(depcomp) @AMDEPBACKSLASH@ +@am__fastdepCC_FALSE@ $(AM_V_CC@am__nodep@)$(CC) $(DEFS) $(DEFAULT_INCLUDES) $(INCLUDES) $(AM_CPPFLAGS) $(CPPFLAGS) $(testsuite_testsuite_test_CFLAGS) $(CFLAGS) -c -o testsuite/testsuite_testsuite_test-testsuite.obj `if test -f 'testsuite/testsuite.c'; then $(CYGPATH_W) 'testsuite/testsuite.c'; else $(CYGPATH_W) '$(srcdir)/testsuite/testsuite.c'; fi` .s.o: - $(CCASCOMPILE) -c -o $@ $< + $(AM_V_CCAS)$(CCASCOMPILE) -c -o $@ $< .s.obj: - $(CCASCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'` + $(AM_V_CCAS)$(CCASCOMPILE) -c -o $@ `$(CYGPATH_W) '$<'` .s.lo: - $(LTCCASCOMPILE) -c -o $@ $< + $(AM_V_CCAS)$(LTCCASCOMPILE) -c -o $@ $< mostlyclean-libtool: -rm -f *.lo clean-libtool: -rm -rf .libs _libs + -rm -rf ctaocrypt/benchmark/.libs ctaocrypt/benchmark/_libs -rm -rf ctaocrypt/src/.libs ctaocrypt/src/_libs + -rm -rf ctaocrypt/test/.libs ctaocrypt/test/_libs + -rm -rf examples/client/.libs examples/client/_libs + -rm -rf examples/echoclient/.libs examples/echoclient/_libs + -rm -rf examples/echoserver/.libs examples/echoserver/_libs + -rm -rf examples/server/.libs examples/server/_libs + -rm -rf mcapi/.libs mcapi/_libs -rm -rf src/.libs src/_libs + -rm -rf sslSniffer/sslSnifferTest/.libs sslSniffer/sslSnifferTest/_libs + -rm -rf tests/.libs tests/_libs + -rm -rf testsuite/.libs testsuite/_libs distclean-libtool: - -rm -f libtool -install-docDATA: $(doc_DATA) + -rm -f libtool config.lt +install-dist_docDATA: $(dist_doc_DATA) @$(NORMAL_INSTALL) - test -z "$(docdir)" || $(MKDIR_P) "$(DESTDIR)$(docdir)" - @list='$(doc_DATA)'; for p in $$list; do \ + @list='$(dist_doc_DATA)'; test -n "$(docdir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(docdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(docdir)" || exit 1; \ + fi; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(docDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(docdir)/$$f'"; \ - $(docDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(docdir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(docdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(docdir)" || exit $$?; \ done -uninstall-docDATA: +uninstall-dist_docDATA: @$(NORMAL_UNINSTALL) - @list='$(doc_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(docdir)/$$f'"; \ - rm -f "$(DESTDIR)$(docdir)/$$f"; \ - done -install-exampleDATA: $(example_DATA) + @list='$(dist_doc_DATA)'; test -n "$(docdir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + dir='$(DESTDIR)$(docdir)'; $(am__uninstall_files_from_dir) +install-dist_exampleDATA: $(dist_example_DATA) @$(NORMAL_INSTALL) - test -z "$(exampledir)" || $(MKDIR_P) "$(DESTDIR)$(exampledir)" - @list='$(example_DATA)'; for p in $$list; do \ + @list='$(dist_example_DATA)'; test -n "$(exampledir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(exampledir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(exampledir)" || exit 1; \ + fi; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(exampleDATA_INSTALL) '$$d$$p' '$(DESTDIR)$(exampledir)/$$f'"; \ - $(exampleDATA_INSTALL) "$$d$$p" "$(DESTDIR)$(exampledir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(exampledir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(exampledir)" || exit $$?; \ done -uninstall-exampleDATA: +uninstall-dist_exampleDATA: @$(NORMAL_UNINSTALL) - @list='$(example_DATA)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(exampledir)/$$f'"; \ - rm -f "$(DESTDIR)$(exampledir)/$$f"; \ + @list='$(dist_example_DATA)'; test -n "$(exampledir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + dir='$(DESTDIR)$(exampledir)'; $(am__uninstall_files_from_dir) +install-pkgconfigDATA: $(pkgconfig_DATA) + @$(NORMAL_INSTALL) + @list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(pkgconfigdir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(pkgconfigdir)" || exit 1; \ + fi; \ + for p in $$list; do \ + if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_DATA) $$files '$(DESTDIR)$(pkgconfigdir)'"; \ + $(INSTALL_DATA) $$files "$(DESTDIR)$(pkgconfigdir)" || exit $$?; \ done + +uninstall-pkgconfigDATA: + @$(NORMAL_UNINSTALL) + @list='$(pkgconfig_DATA)'; test -n "$(pkgconfigdir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + dir='$(DESTDIR)$(pkgconfigdir)'; $(am__uninstall_files_from_dir) install-includeHEADERS: $(include_HEADERS) @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @list='$(include_HEADERS)'; for p in $$list; do \ + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(includedir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(includedir)" || exit 1; \ + fi; \ + for p in $$list; do \ if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - f=$(am__strip_dir) \ - echo " $(includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + echo "$$d$$p"; \ + done | $(am__base_list) | \ + while read files; do \ + echo " $(INSTALL_HEADER) $$files '$(DESTDIR)$(includedir)'"; \ + $(INSTALL_HEADER) $$files "$(DESTDIR)$(includedir)" || exit $$?; \ done uninstall-includeHEADERS: @$(NORMAL_UNINSTALL) - @list='$(include_HEADERS)'; for p in $$list; do \ - f=$(am__strip_dir) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(include_HEADERS)'; test -n "$(includedir)" || list=; \ + files=`for p in $$list; do echo $$p; done | sed -e 's|^.*/||'`; \ + dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir) install-nobase_includeHEADERS: $(nobase_include_HEADERS) @$(NORMAL_INSTALL) - test -z "$(includedir)" || $(MKDIR_P) "$(DESTDIR)$(includedir)" - @$(am__vpath_adj_setup) \ - list='$(nobase_include_HEADERS)'; for p in $$list; do \ - if test -f "$$p"; then d=; else d="$(srcdir)/"; fi; \ - $(am__vpath_adj) \ - echo " $(nobase_includeHEADERS_INSTALL) '$$d$$p' '$(DESTDIR)$(includedir)/$$f'"; \ - $(nobase_includeHEADERS_INSTALL) "$$d$$p" "$(DESTDIR)$(includedir)/$$f"; \ + @list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \ + if test -n "$$list"; then \ + echo " $(MKDIR_P) '$(DESTDIR)$(includedir)'"; \ + $(MKDIR_P) "$(DESTDIR)$(includedir)" || exit 1; \ + fi; \ + $(am__nobase_list) | while read dir files; do \ + xfiles=; for file in $$files; do \ + if test -f "$$file"; then xfiles="$$xfiles $$file"; \ + else xfiles="$$xfiles $(srcdir)/$$file"; fi; done; \ + test -z "$$xfiles" || { \ + test "x$$dir" = x. || { \ + echo " $(MKDIR_P) '$(DESTDIR)$(includedir)/$$dir'"; \ + $(MKDIR_P) "$(DESTDIR)$(includedir)/$$dir"; }; \ + echo " $(INSTALL_HEADER) $$xfiles '$(DESTDIR)$(includedir)/$$dir'"; \ + $(INSTALL_HEADER) $$xfiles "$(DESTDIR)$(includedir)/$$dir" || exit $$?; }; \ done uninstall-nobase_includeHEADERS: @$(NORMAL_UNINSTALL) - @$(am__vpath_adj_setup) \ - list='$(nobase_include_HEADERS)'; for p in $$list; do \ - $(am__vpath_adj) \ - echo " rm -f '$(DESTDIR)$(includedir)/$$f'"; \ - rm -f "$(DESTDIR)$(includedir)/$$f"; \ - done + @list='$(nobase_include_HEADERS)'; test -n "$(includedir)" || list=; \ + $(am__nobase_strip_setup); files=`$(am__nobase_strip)`; \ + dir='$(DESTDIR)$(includedir)'; $(am__uninstall_files_from_dir) -ID: $(HEADERS) $(SOURCES) $(LISP) $(TAGS_FILES) - list='$(SOURCES) $(HEADERS) $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - mkid -fID $$unique -tags: TAGS - -TAGS: $(HEADERS) $(SOURCES) config.in $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ +ID: $(am__tagged_files) + $(am__define_uniq_tagged_files); mkid -fID $$unique +tags: tags-am +TAGS: tags + +tags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + set x; \ here=`pwd`; \ - list='$(SOURCES) $(HEADERS) config.in $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - if test -z "$(ETAGS_ARGS)$$tags$$unique"; then :; else \ + $(am__define_uniq_tagged_files); \ + shift; \ + if test -z "$(ETAGS_ARGS)$$*$$unique"; then :; else \ test -n "$$unique" || unique=$$empty_fix; \ - $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ - $$tags $$unique; \ + if test $$# -gt 0; then \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + "$$@" $$unique; \ + else \ + $(ETAGS) $(ETAGSFLAGS) $(AM_ETAGSFLAGS) $(ETAGS_ARGS) \ + $$unique; \ + fi; \ fi -ctags: CTAGS -CTAGS: $(HEADERS) $(SOURCES) config.in $(TAGS_DEPENDENCIES) \ - $(TAGS_FILES) $(LISP) - tags=; \ - here=`pwd`; \ - list='$(SOURCES) $(HEADERS) config.in $(LISP) $(TAGS_FILES)'; \ - unique=`for i in $$list; do \ - if test -f "$$i"; then echo $$i; else echo $(srcdir)/$$i; fi; \ - done | \ - $(AWK) ' { files[$$0] = 1; } \ - END { for (i in files) print i; }'`; \ - test -z "$(CTAGS_ARGS)$$tags$$unique" \ +ctags: ctags-am + +CTAGS: ctags +ctags-am: $(TAGS_DEPENDENCIES) $(am__tagged_files) + $(am__define_uniq_tagged_files); \ + test -z "$(CTAGS_ARGS)$$unique" \ || $(CTAGS) $(CTAGSFLAGS) $(AM_CTAGSFLAGS) $(CTAGS_ARGS) \ - $$tags $$unique + $$unique GTAGS: here=`$(am__cd) $(top_builddir) && pwd` \ - && cd $(top_srcdir) \ - && gtags -i $(GTAGS_ARGS) $$here + && $(am__cd) $(top_srcdir) \ + && gtags -i $(GTAGS_ARGS) "$$here" +cscope: cscope.files + test ! -s cscope.files \ + || $(CSCOPE) -b -q $(AM_CSCOPEFLAGS) $(CSCOPEFLAGS) -i cscope.files $(CSCOPE_ARGS) +clean-cscope: + -rm -f cscope.files +cscope.files: clean-cscope cscopelist +cscopelist: cscopelist-am + +cscopelist-am: $(am__tagged_files) + list='$(am__tagged_files)'; \ + case "$(srcdir)" in \ + [\\/]* | ?:[\\/]*) sdir="$(srcdir)" ;; \ + *) sdir=$(subdir)/$(srcdir) ;; \ + esac; \ + for i in $$list; do \ + if test -f "$$i"; then \ + echo "$(subdir)/$$i"; \ + else \ + echo "$$sdir/$$i"; \ + fi; \ + done >> $(top_builddir)/cscope.files distclean-tags: -rm -f TAGS ID GTAGS GRTAGS GSYMS GPATH tags + -rm -f cscope.out cscope.in.out cscope.po.out cscope.files + +# Recover from deleted '.trs' file; this should ensure that +# "rm -f foo.log; make foo.trs" re-run 'foo.test', and re-create +# both 'foo.log' and 'foo.trs'. Break the recipe in two subshells +# to avoid problems with "make -n". +.log.trs: + rm -f $< $@ + $(MAKE) $(AM_MAKEFLAGS) $< + +# Leading 'am--fnord' is there to ensure the list of targets does not +# expand to empty, as could happen e.g. with make check TESTS=''. +am--fnord $(TEST_LOGS) $(TEST_LOGS:.log=.trs): $(am__force_recheck) +am--force-recheck: + @: -check-TESTS: $(TESTS) - @failed=0; all=0; xfail=0; xpass=0; skip=0; ws='[ ]'; \ - srcdir=$(srcdir); export srcdir; \ - list=' $(TESTS) '; \ - if test -n "$$list"; then \ - for tst in $$list; do \ - if test -f ./$$tst; then dir=./; \ - elif test -f $$tst; then dir=; \ - else dir="$(srcdir)/"; fi; \ - if $(TESTS_ENVIRONMENT) $${dir}$$tst; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xpass=`expr $$xpass + 1`; \ - failed=`expr $$failed + 1`; \ - echo "XPASS: $$tst"; \ - ;; \ - *) \ - echo "PASS: $$tst"; \ - ;; \ - esac; \ - elif test $$? -ne 77; then \ - all=`expr $$all + 1`; \ - case " $(XFAIL_TESTS) " in \ - *$$ws$$tst$$ws*) \ - xfail=`expr $$xfail + 1`; \ - echo "XFAIL: $$tst"; \ - ;; \ - *) \ - failed=`expr $$failed + 1`; \ - echo "FAIL: $$tst"; \ - ;; \ - esac; \ - else \ - skip=`expr $$skip + 1`; \ - echo "SKIP: $$tst"; \ - fi; \ +$(TEST_SUITE_LOG): $(TEST_LOGS) + @$(am__set_TESTS_bases); \ + am__f_ok () { test -f "$$1" && test -r "$$1"; }; \ + redo_bases=`for i in $$bases; do \ + am__f_ok $$i.trs && am__f_ok $$i.log || echo $$i; \ + done`; \ + if test -n "$$redo_bases"; then \ + redo_logs=`for i in $$redo_bases; do echo $$i.log; done`; \ + redo_results=`for i in $$redo_bases; do echo $$i.trs; done`; \ + if $(am__make_dryrun); then :; else \ + rm -f $$redo_logs && rm -f $$redo_results || exit 1; \ + fi; \ + fi; \ + if test -n "$$am__remaking_logs"; then \ + echo "fatal: making $(TEST_SUITE_LOG): possible infinite" \ + "recursion detected" >&2; \ + else \ + am__remaking_logs=yes $(MAKE) $(AM_MAKEFLAGS) $$redo_logs; \ + fi; \ + if $(am__make_dryrun); then :; else \ + st=0; \ + errmsg="fatal: making $(TEST_SUITE_LOG): failed to create"; \ + for i in $$redo_bases; do \ + test -f $$i.trs && test -r $$i.trs \ + || { echo "$$errmsg $$i.trs" >&2; st=1; }; \ + test -f $$i.log && test -r $$i.log \ + || { echo "$$errmsg $$i.log" >&2; st=1; }; \ done; \ - if test "$$failed" -eq 0; then \ - if test "$$xfail" -eq 0; then \ - banner="All $$all tests passed"; \ + test $$st -eq 0 || exit 1; \ + fi + @$(am__sh_e_setup); $(am__tty_colors); $(am__set_TESTS_bases); \ + ws='[ ]'; \ + results=`for b in $$bases; do echo $$b.trs; done`; \ + test -n "$$results" || results=/dev/null; \ + all=` grep "^$$ws*:test-result:" $$results | wc -l`; \ + pass=` grep "^$$ws*:test-result:$$ws*PASS" $$results | wc -l`; \ + fail=` grep "^$$ws*:test-result:$$ws*FAIL" $$results | wc -l`; \ + skip=` grep "^$$ws*:test-result:$$ws*SKIP" $$results | wc -l`; \ + xfail=`grep "^$$ws*:test-result:$$ws*XFAIL" $$results | wc -l`; \ + xpass=`grep "^$$ws*:test-result:$$ws*XPASS" $$results | wc -l`; \ + error=`grep "^$$ws*:test-result:$$ws*ERROR" $$results | wc -l`; \ + if test `expr $$fail + $$xpass + $$error` -eq 0; then \ + success=true; \ + else \ + success=false; \ + fi; \ + br='==================='; br=$$br$$br$$br$$br; \ + result_count () \ + { \ + if test x"$$1" = x"--maybe-color"; then \ + maybe_colorize=yes; \ + elif test x"$$1" = x"--no-color"; then \ + maybe_colorize=no; \ else \ - banner="All $$all tests behaved as expected ($$xfail expected failures)"; \ + echo "$@: invalid 'result_count' usage" >&2; exit 4; \ fi; \ - else \ - if test "$$xpass" -eq 0; then \ - banner="$$failed of $$all tests failed"; \ + shift; \ + desc=$$1 count=$$2; \ + if test $$maybe_colorize = yes && test $$count -gt 0; then \ + color_start=$$3 color_end=$$std; \ else \ - banner="$$failed of $$all tests did not behave as expected ($$xpass unexpected passes)"; \ + color_start= color_end=; \ fi; \ - fi; \ - dashes="$$banner"; \ - skipped=""; \ - if test "$$skip" -ne 0; then \ - skipped="($$skip tests were not run)"; \ - test `echo "$$skipped" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$skipped"; \ - fi; \ - report=""; \ - if test "$$failed" -ne 0 && test -n "$(PACKAGE_BUGREPORT)"; then \ - report="Please report to $(PACKAGE_BUGREPORT)"; \ - test `echo "$$report" | wc -c` -le `echo "$$banner" | wc -c` || \ - dashes="$$report"; \ - fi; \ - dashes=`echo "$$dashes" | sed s/./=/g`; \ - echo "$$dashes"; \ - echo "$$banner"; \ - test -z "$$skipped" || echo "$$skipped"; \ - test -z "$$report" || echo "$$report"; \ - echo "$$dashes"; \ - test "$$failed" -eq 0; \ - else :; fi + echo "$${color_start}# $$desc $$count$${color_end}"; \ + }; \ + create_testsuite_report () \ + { \ + result_count $$1 "TOTAL:" $$all "$$brg"; \ + result_count $$1 "PASS: " $$pass "$$grn"; \ + result_count $$1 "SKIP: " $$skip "$$blu"; \ + result_count $$1 "XFAIL:" $$xfail "$$lgn"; \ + result_count $$1 "FAIL: " $$fail "$$red"; \ + result_count $$1 "XPASS:" $$xpass "$$red"; \ + result_count $$1 "ERROR:" $$error "$$mgn"; \ + }; \ + { \ + echo "$(PACKAGE_STRING): $(subdir)/$(TEST_SUITE_LOG)" | \ + $(am__rst_title); \ + create_testsuite_report --no-color; \ + echo; \ + echo ".. contents:: :depth: 2"; \ + echo; \ + for b in $$bases; do echo $$b; done \ + | $(am__create_global_log); \ + } >$(TEST_SUITE_LOG).tmp || exit 1; \ + mv $(TEST_SUITE_LOG).tmp $(TEST_SUITE_LOG); \ + if $$success; then \ + col="$$grn"; \ + else \ + col="$$red"; \ + test x"$$VERBOSE" = x || cat $(TEST_SUITE_LOG); \ + fi; \ + echo "$${col}$$br$${std}"; \ + echo "$${col}Testsuite summary for $(PACKAGE_STRING)$${std}"; \ + echo "$${col}$$br$${std}"; \ + create_testsuite_report --maybe-color; \ + echo "$$col$$br$$std"; \ + if $$success; then :; else \ + echo "$${col}See $(subdir)/$(TEST_SUITE_LOG)$${std}"; \ + if test -n "$(PACKAGE_BUGREPORT)"; then \ + echo "$${col}Please report to $(PACKAGE_BUGREPORT)$${std}"; \ + fi; \ + echo "$$col$$br$$std"; \ + fi; \ + $$success || exit 1 + +check-TESTS: + @list='$(RECHECK_LOGS)'; test -z "$$list" || rm -f $$list + @list='$(RECHECK_LOGS:.log=.trs)'; test -z "$$list" || rm -f $$list + @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) + @set +e; $(am__set_TESTS_bases); \ + log_list=`for i in $$bases; do echo $$i.log; done`; \ + trs_list=`for i in $$bases; do echo $$i.trs; done`; \ + log_list=`echo $$log_list`; trs_list=`echo $$trs_list`; \ + $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) TEST_LOGS="$$log_list"; \ + exit $$?; +recheck: all $(check_PROGRAMS) + @test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) + @set +e; $(am__set_TESTS_bases); \ + bases=`for i in $$bases; do echo $$i; done \ + | $(am__list_recheck_tests)` || exit 1; \ + log_list=`for i in $$bases; do echo $$i.log; done`; \ + log_list=`echo $$log_list`; \ + $(MAKE) $(AM_MAKEFLAGS) $(TEST_SUITE_LOG) \ + am__force_recheck=am--force-recheck \ + TEST_LOGS="$$log_list"; \ + exit $$? +mcapi/test.log: mcapi/test$(EXEEXT) + @p='mcapi/test$(EXEEXT)'; \ + b='mcapi/test'; \ + $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +.test.log: + @p='$<'; \ + $(am__set_b); \ + $(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \ + --log-file $$b.log --trs-file $$b.trs \ + $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \ + "$$tst" $(AM_TESTS_FD_REDIRECT) +@am__EXEEXT_TRUE@.test$(EXEEXT).log: +@am__EXEEXT_TRUE@ @p='$<'; \ +@am__EXEEXT_TRUE@ $(am__set_b); \ +@am__EXEEXT_TRUE@ $(am__check_pre) $(TEST_LOG_DRIVER) --test-name "$$f" \ +@am__EXEEXT_TRUE@ --log-file $$b.log --trs-file $$b.trs \ +@am__EXEEXT_TRUE@ $(am__common_driver_flags) $(AM_TEST_LOG_DRIVER_FLAGS) $(TEST_LOG_DRIVER_FLAGS) -- $(TEST_LOG_COMPILE) \ +@am__EXEEXT_TRUE@ "$$tst" $(AM_TESTS_FD_REDIRECT) distdir: $(DISTFILES) $(am__remove_distdir) - test -d $(distdir) || mkdir $(distdir) + test -d "$(distdir)" || mkdir "$(distdir)" @srcdirstrip=`echo "$(srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ topsrcdirstrip=`echo "$(top_srcdir)" | sed 's/[].[^$$\\*]/\\\\&/g'`; \ list='$(DISTFILES)'; \ @@ -1822,45 +2657,65 @@ distdir: $(DISTFILES) if test -f $$file || test -d $$file; then d=.; else d=$(srcdir); fi; \ if test -d $$d/$$file; then \ dir=`echo "/$$file" | sed -e 's,/[^/]*$$,,'`; \ + if test -d "$(distdir)/$$file"; then \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ + fi; \ if test -d $(srcdir)/$$file && test $$d != $(srcdir); then \ - cp -pR $(srcdir)/$$file $(distdir)$$dir || exit 1; \ + cp -fpR $(srcdir)/$$file "$(distdir)$$dir" || exit 1; \ + find "$(distdir)/$$file" -type d ! -perm -700 -exec chmod u+rwx {} \;; \ fi; \ - cp -pR $$d/$$file $(distdir)$$dir || exit 1; \ + cp -fpR $$d/$$file "$(distdir)$$dir" || exit 1; \ else \ - test -f $(distdir)/$$file \ - || cp -p $$d/$$file $(distdir)/$$file \ + test -f "$(distdir)/$$file" \ + || cp -p $$d/$$file "$(distdir)/$$file" \ || exit 1; \ fi; \ done - -find $(distdir) -type d ! -perm -755 -exec chmod u+rwx,go+rx {} \; -o \ + -test -n "$(am__skip_mode_fix)" \ + || find "$(distdir)" -type d ! -perm -755 \ + -exec chmod u+rwx,go+rx {} \; -o \ ! -type d ! -perm -444 -links 1 -exec chmod a+r {} \; -o \ ! -type d ! -perm -400 -exec chmod a+r {} \; -o \ ! -type d ! -perm -444 -exec $(install_sh) -c -m a+r {} {} \; \ - || chmod -R a+r $(distdir) + || chmod -R a+r "$(distdir)" dist-gzip: distdir tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz - $(am__remove_distdir) + $(am__post_remove_distdir) dist-bzip2: distdir - tardir=$(distdir) && $(am__tar) | bzip2 -9 -c >$(distdir).tar.bz2 - $(am__remove_distdir) + tardir=$(distdir) && $(am__tar) | BZIP2=$${BZIP2--9} bzip2 -c >$(distdir).tar.bz2 + $(am__post_remove_distdir) + +dist-lzip: distdir + tardir=$(distdir) && $(am__tar) | lzip -c $${LZIP_OPT--9} >$(distdir).tar.lz + $(am__post_remove_distdir) + +dist-xz: distdir + tardir=$(distdir) && $(am__tar) | XZ_OPT=$${XZ_OPT--e} xz -c >$(distdir).tar.xz + $(am__post_remove_distdir) dist-tarZ: distdir + @echo WARNING: "Support for shar distribution archives is" \ + "deprecated." >&2 + @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 tardir=$(distdir) && $(am__tar) | compress -c >$(distdir).tar.Z - $(am__remove_distdir) + $(am__post_remove_distdir) dist-shar: distdir + @echo WARNING: "Support for distribution archives compressed with" \ + "legacy program 'compress' is deprecated." >&2 + @echo WARNING: "It will be removed altogether in Automake 2.0" >&2 shar $(distdir) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).shar.gz - $(am__remove_distdir) + $(am__post_remove_distdir) dist-zip: distdir -rm -f $(distdir).zip zip -rq $(distdir).zip $(distdir) - $(am__remove_distdir) + $(am__post_remove_distdir) -dist dist-all: distdir - tardir=$(distdir) && $(am__tar) | GZIP=$(GZIP_ENV) gzip -c >$(distdir).tar.gz - $(am__remove_distdir) +dist dist-all: + $(MAKE) $(AM_MAKEFLAGS) $(DIST_TARGETS) am__post_remove_distdir='@:' + $(am__post_remove_distdir) # This target untars the dist file and tries a VPATH configuration. Then # it guarantees that the distribution is self-contained by making another @@ -1868,25 +2723,33 @@ dist dist-all: distdir distcheck: dist case '$(DIST_ARCHIVES)' in \ *.tar.gz*) \ - GZIP=$(GZIP_ENV) gunzip -c $(distdir).tar.gz | $(am__untar) ;;\ + GZIP=$(GZIP_ENV) gzip -dc $(distdir).tar.gz | $(am__untar) ;;\ *.tar.bz2*) \ - bunzip2 -c $(distdir).tar.bz2 | $(am__untar) ;;\ + bzip2 -dc $(distdir).tar.bz2 | $(am__untar) ;;\ + *.tar.lz*) \ + lzip -dc $(distdir).tar.lz | $(am__untar) ;;\ + *.tar.xz*) \ + xz -dc $(distdir).tar.xz | $(am__untar) ;;\ *.tar.Z*) \ uncompress -c $(distdir).tar.Z | $(am__untar) ;;\ *.shar.gz*) \ - GZIP=$(GZIP_ENV) gunzip -c $(distdir).shar.gz | unshar ;;\ + GZIP=$(GZIP_ENV) gzip -dc $(distdir).shar.gz | unshar ;;\ *.zip*) \ unzip $(distdir).zip ;;\ esac - chmod -R a-w $(distdir); chmod a+w $(distdir) - mkdir $(distdir)/_build - mkdir $(distdir)/_inst + chmod -R a-w $(distdir) + chmod u+w $(distdir) + mkdir $(distdir)/_build $(distdir)/_inst chmod a-w $(distdir) + test -d $(distdir)/_build || exit 0; \ dc_install_base=`$(am__cd) $(distdir)/_inst && pwd | sed -e 's,^[^:\\/]:[\\/],/,'` \ && dc_destdir="$${TMPDIR-/tmp}/am-dc-$$$$/" \ - && cd $(distdir)/_build \ - && ../configure --srcdir=.. --prefix="$$dc_install_base" \ + && am__cwd=`pwd` \ + && $(am__cd) $(distdir)/_build \ + && ../configure \ + $(AM_DISTCHECK_CONFIGURE_FLAGS) \ $(DISTCHECK_CONFIGURE_FLAGS) \ + --srcdir=.. --prefix="$$dc_install_base" \ && $(MAKE) $(AM_MAKEFLAGS) \ && $(MAKE) $(AM_MAKEFLAGS) dvi \ && $(MAKE) $(AM_MAKEFLAGS) check \ @@ -1906,14 +2769,24 @@ distcheck: dist && rm -rf "$$dc_destdir" \ && $(MAKE) $(AM_MAKEFLAGS) dist \ && rm -rf $(DIST_ARCHIVES) \ - && $(MAKE) $(AM_MAKEFLAGS) distcleancheck - $(am__remove_distdir) + && $(MAKE) $(AM_MAKEFLAGS) distcleancheck \ + && cd "$$am__cwd" \ + || exit 1 + $(am__post_remove_distdir) @(echo "$(distdir) archives ready for distribution: "; \ list='$(DIST_ARCHIVES)'; for i in $$list; do echo $$i; done) | \ sed -e 1h -e 1s/./=/g -e 1p -e 1x -e '$$p' -e '$$x' distuninstallcheck: - @cd $(distuninstallcheck_dir) \ - && test `$(distuninstallcheck_listfiles) | wc -l` -le 1 \ + @test -n '$(distuninstallcheck_dir)' || { \ + echo 'ERROR: trying to run $@ with an empty' \ + '$$(distuninstallcheck_dir)' >&2; \ + exit 1; \ + }; \ + $(am__cd) '$(distuninstallcheck_dir)' || { \ + echo 'ERROR: cannot chdir into $(distuninstallcheck_dir)' >&2; \ + exit 1; \ + }; \ + test `$(am__distuninstallcheck_listfiles) | wc -l` -eq 0 \ || { echo "ERROR: files left after uninstall:" ; \ if test -n "$(DESTDIR)"; then \ echo " (check DESTDIR support)"; \ @@ -1939,7 +2812,7 @@ all-am: Makefile $(LTLIBRARIES) $(PROGRAMS) $(DATA) $(HEADERS) \ install-binPROGRAMS: install-libLTLIBRARIES installdirs: - for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(docdir)" "$(DESTDIR)$(exampledir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \ + for dir in "$(DESTDIR)$(libdir)" "$(DESTDIR)$(bindir)" "$(DESTDIR)$(docdir)" "$(DESTDIR)$(exampledir)" "$(DESTDIR)$(pkgconfigdir)" "$(DESTDIR)$(includedir)" "$(DESTDIR)$(includedir)"; do \ test -z "$$dir" || $(MKDIR_P) "$$dir"; \ done install: $(BUILT_SOURCES) @@ -1953,17 +2826,26 @@ install-am: all-am installcheck: installcheck-am install-strip: - $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ - install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ - `test -z '$(STRIP)' || \ - echo "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'"` install + if test -z '$(STRIP)'; then \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + install; \ + else \ + $(MAKE) $(AM_MAKEFLAGS) INSTALL_PROGRAM="$(INSTALL_STRIP_PROGRAM)" \ + install_sh_PROGRAM="$(INSTALL_STRIP_PROGRAM)" INSTALL_STRIP_FLAG=-s \ + "INSTALL_PROGRAM_ENV=STRIPPROG='$(STRIP)'" install; \ + fi mostlyclean-generic: + -test -z "$(TEST_LOGS)" || rm -f $(TEST_LOGS) + -test -z "$(TEST_LOGS:.log=.trs)" || rm -f $(TEST_LOGS:.log=.trs) + -test -z "$(TEST_SUITE_LOG)" || rm -f $(TEST_SUITE_LOG) clean-generic: -test -z "$(CLEANFILES)" || rm -f $(CLEANFILES) distclean-generic: -test -z "$(CONFIG_CLEAN_FILES)" || rm -f $(CONFIG_CLEAN_FILES) + -test . = "$(srcdir)" || test -z "$(CONFIG_CLEAN_VPATH_FILES)" || rm -f $(CONFIG_CLEAN_VPATH_FILES) -rm -f ctaocrypt/benchmark/$(DEPDIR)/$(am__dirstamp) -rm -f ctaocrypt/benchmark/$(am__dirstamp) -rm -f ctaocrypt/src/$(DEPDIR)/$(am__dirstamp) @@ -1978,6 +2860,8 @@ distclean-generic: -rm -f examples/echoserver/$(am__dirstamp) -rm -f examples/server/$(DEPDIR)/$(am__dirstamp) -rm -f examples/server/$(am__dirstamp) + -rm -f mcapi/$(DEPDIR)/$(am__dirstamp) + -rm -f mcapi/$(am__dirstamp) -rm -f src/$(DEPDIR)/$(am__dirstamp) -rm -f src/$(am__dirstamp) -rm -f sslSniffer/sslSnifferTest/$(DEPDIR)/$(am__dirstamp) @@ -2000,7 +2884,7 @@ clean-am: clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ distclean: distclean-am -rm -f $(am__CONFIG_DISTCLEAN_FILES) - -rm -rf ctaocrypt/benchmark/$(DEPDIR) ctaocrypt/src/$(DEPDIR) ctaocrypt/test/$(DEPDIR) examples/client/$(DEPDIR) examples/echoclient/$(DEPDIR) examples/echoserver/$(DEPDIR) examples/server/$(DEPDIR) src/$(DEPDIR) sslSniffer/sslSnifferTest/$(DEPDIR) tests/$(DEPDIR) testsuite/$(DEPDIR) + -rm -rf ctaocrypt/benchmark/$(DEPDIR) ctaocrypt/src/$(DEPDIR) ctaocrypt/test/$(DEPDIR) examples/client/$(DEPDIR) examples/echoclient/$(DEPDIR) examples/echoserver/$(DEPDIR) examples/server/$(DEPDIR) mcapi/$(DEPDIR) src/$(DEPDIR) sslSniffer/sslSnifferTest/$(DEPDIR) tests/$(DEPDIR) testsuite/$(DEPDIR) -rm -f Makefile distclean-am: clean-am distclean-compile distclean-generic \ distclean-hdr distclean-libtool distclean-tags @@ -2011,35 +2895,50 @@ dvi-am: html: html-am +html-am: + info: info-am info-am: -install-data-am: install-docDATA install-exampleDATA \ - install-includeHEADERS install-nobase_includeHEADERS +install-data-am: install-dist_docDATA install-dist_exampleDATA \ + install-includeHEADERS install-nobase_includeHEADERS \ + install-pkgconfigDATA install-dvi: install-dvi-am -install-exec-am: install-binPROGRAMS install-libLTLIBRARIES +install-dvi-am: + +install-exec-am: install-binPROGRAMS install-exec-local \ + install-libLTLIBRARIES install-html: install-html-am +install-html-am: + install-info: install-info-am +install-info-am: + install-man: install-pdf: install-pdf-am +install-pdf-am: + install-ps: install-ps-am +install-ps-am: + installcheck-am: maintainer-clean: maintainer-clean-am -rm -f $(am__CONFIG_DISTCLEAN_FILES) -rm -rf $(top_srcdir)/autom4te.cache - -rm -rf ctaocrypt/benchmark/$(DEPDIR) ctaocrypt/src/$(DEPDIR) ctaocrypt/test/$(DEPDIR) examples/client/$(DEPDIR) examples/echoclient/$(DEPDIR) examples/echoserver/$(DEPDIR) examples/server/$(DEPDIR) src/$(DEPDIR) sslSniffer/sslSnifferTest/$(DEPDIR) tests/$(DEPDIR) testsuite/$(DEPDIR) + -rm -rf ctaocrypt/benchmark/$(DEPDIR) ctaocrypt/src/$(DEPDIR) ctaocrypt/test/$(DEPDIR) examples/client/$(DEPDIR) examples/echoclient/$(DEPDIR) examples/echoserver/$(DEPDIR) examples/server/$(DEPDIR) mcapi/$(DEPDIR) src/$(DEPDIR) sslSniffer/sslSnifferTest/$(DEPDIR) tests/$(DEPDIR) testsuite/$(DEPDIR) -rm -f Makefile -maintainer-clean-am: distclean-am maintainer-clean-generic +maintainer-clean-am: distclean-am maintainer-clean-generic \ + maintainer-clean-local mostlyclean: mostlyclean-am @@ -2054,36 +2953,105 @@ ps: ps-am ps-am: -uninstall-am: uninstall-binPROGRAMS uninstall-docDATA \ - uninstall-exampleDATA uninstall-includeHEADERS \ - uninstall-libLTLIBRARIES uninstall-nobase_includeHEADERS - -.MAKE: install-am install-strip - -.PHONY: CTAGS GTAGS all all-am am--refresh check check-TESTS check-am \ - clean clean-binPROGRAMS clean-checkPROGRAMS clean-generic \ - clean-libLTLIBRARIES clean-libtool clean-noinstLTLIBRARIES \ - clean-noinstPROGRAMS ctags dist dist-all dist-bzip2 dist-gzip \ - dist-shar dist-tarZ dist-zip distcheck distclean \ - distclean-compile distclean-generic distclean-hdr \ - distclean-libtool distclean-tags distcleancheck distdir \ - distuninstallcheck dvi dvi-am html html-am info info-am \ - install install-am install-binPROGRAMS install-data \ - install-data-am install-docDATA install-dvi install-dvi-am \ - install-exampleDATA install-exec install-exec-am install-html \ - install-html-am install-includeHEADERS install-info \ - install-info-am install-libLTLIBRARIES install-man \ +uninstall-am: uninstall-binPROGRAMS uninstall-dist_docDATA \ + uninstall-dist_exampleDATA uninstall-includeHEADERS \ + uninstall-libLTLIBRARIES uninstall-local \ + uninstall-nobase_includeHEADERS uninstall-pkgconfigDATA + +.MAKE: all check check-am install install-am install-strip + +.PHONY: CTAGS GTAGS TAGS all all-am am--refresh check check-TESTS \ + check-am clean clean-binPROGRAMS clean-checkPROGRAMS \ + clean-cscope clean-generic clean-libLTLIBRARIES clean-libtool \ + clean-noinstLTLIBRARIES clean-noinstPROGRAMS cscope \ + cscopelist-am ctags ctags-am dist dist-all dist-bzip2 \ + dist-gzip dist-lzip dist-shar dist-tarZ dist-xz dist-zip \ + distcheck distclean distclean-compile distclean-generic \ + distclean-hdr distclean-libtool distclean-tags distcleancheck \ + distdir distuninstallcheck dvi dvi-am html html-am info \ + info-am install install-am install-binPROGRAMS install-data \ + install-data-am install-dist_docDATA install-dist_exampleDATA \ + install-dvi install-dvi-am install-exec install-exec-am \ + install-exec-local install-html install-html-am \ + install-includeHEADERS install-info install-info-am \ + install-libLTLIBRARIES install-man \ install-nobase_includeHEADERS install-pdf install-pdf-am \ - install-ps install-ps-am install-strip installcheck \ - installcheck-am installdirs maintainer-clean \ - maintainer-clean-generic mostlyclean mostlyclean-compile \ - mostlyclean-generic mostlyclean-libtool pdf pdf-am ps ps-am \ - tags uninstall uninstall-am uninstall-binPROGRAMS \ - uninstall-docDATA uninstall-exampleDATA \ - uninstall-includeHEADERS uninstall-libLTLIBRARIES \ - uninstall-nobase_includeHEADERS - + install-pkgconfigDATA install-ps install-ps-am install-strip \ + installcheck installcheck-am installdirs maintainer-clean \ + maintainer-clean-generic maintainer-clean-local mostlyclean \ + mostlyclean-compile mostlyclean-generic mostlyclean-libtool \ + pdf pdf-am ps ps-am recheck tags tags-am uninstall \ + uninstall-am uninstall-binPROGRAMS uninstall-dist_docDATA \ + uninstall-dist_exampleDATA uninstall-includeHEADERS \ + uninstall-libLTLIBRARIES uninstall-local \ + uninstall-nobase_includeHEADERS uninstall-pkgconfigDATA + + +#includes additional rules from aminclude.am +@INC_AMINCLUDE@ + +rpm-build: rpm/spec dist + @rm -f *.rpm + @rm -f ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm + @rm -f ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm + @mkdir -p ~/rpmbuild/BUILD/ + @mkdir -p ~/rpmbuild/RPMS/i386/ + @mkdir -p ~/rpmbuild/RPMS/i686/ + @mkdir -p ~/rpmbuild/RPMS/noarch/ + @mkdir -p ~/rpmbuild/RPMS/x86_64/ + @mkdir -p ~/rpmbuild/SOURCES/ + @mkdir -p ~/rpmbuild/SPECS/ + @mkdir -p ~/rpmbuild/SRPMS/ + @cp $(PACKAGE)-$(VERSION).tar.gz ~/rpmbuild/SOURCES/ + @rpmbuild -ba --clean rpm/spec + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm . + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-devel-$(VERSION)*.rpm . + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-debuginfo-$(VERSION)*.rpm . + @cp ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm . + +rpm-sign: rpm-build + @rpm --addsign *.rpm + @rpm --checksig *.rpm + +clean-rpm: + @rm -f *.tar.gz + @rm -f *.src.rpm + @rm -f *.rpm + +rpm: rpm-build + +release: rpm-sign + +auto-rpmbuild: + @auto-br-rpmbuild -ba rpm/spec test: check +tests/unit.log: testsuite/testsuite.log + +maintainer-clean-local: + -rm Makefile.in + -rm aclocal.m4 + -rm build-aux/compile + -rm build-aux/config.guess + -rm build-aux/config.sub + -rm build-aux/depcomp + -rm build-aux/install-sh + -rm build-aux/ltmain.sh + -rm build-aux/missing + -rm cyassl-config + -rmdir build-aux + -rm configure + -rm config.log + -rm config.status + -rm config.in + -rm m4/libtool.m4 + -rm m4/ltoptions.m4 + -rm m4/ltsugar.m4 + -rm m4/ltversion.m4 + -rm m4/lt~obsolete.m4 + -rm support/cyassl.pc + find . -type f -name '*~' -exec rm -f '{}' \; + -rm -f @PACKAGE@-*.tar.gz + -rm -f @PACKAGE@-*.rpm # !!!! first line of rule has to start with a hard (real) tab, not spaces egs: @@ -2096,6 +3064,15 @@ ctc: $(MAKE) ctaocrypt/test/testctaocrypt; \ $(MAKE) ctaocrypt/benchmark/benchmark; +install-exec-local: install-generic-config + +install-generic-config: + $(mkinstalldirs) $(DESTDIR)$(bindir) + $(INSTALL_SCRIPT) @GENERIC_CONFIG@ $(DESTDIR)$(bindir) + +uninstall-local: + -rm -f $(DESTDIR)$(bindir)/@GENERIC_CONFIG@ + merge-clean: @find ./ | $(GREP) \.gcda | xargs rm -f @find ./ | $(GREP) \.gcno | xargs rm -f @@ -2107,6 +3084,7 @@ merge-clean: @find ./ | $(GREP) \.OTHER | xargs rm -f @find ./ | $(GREP) \.BASE | xargs rm -f @find ./ | $(GREP) \~$$ | xargs rm -f + # Tell versions [3.59,3.63) of GNU make to not export all variables. # Otherwise a system limit (for SysV at least) may be exceeded. .NOEXPORT: diff --git a/FreeRTOS-Plus/Source/CyaSSL/README b/FreeRTOS-Plus/Source/CyaSSL/README index a88a90ab9..e2da67459 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/README +++ b/FreeRTOS-Plus/Source/CyaSSL/README @@ -12,7 +12,7 @@ harder. Now to run testsuite just do: or -make test (when using autoconf) +make check (when using autoconf) On *nix or Windows the examples and testsuite will check to see if the current directory is the source directory and if so, attempt to change to the CyaSSL @@ -23,18 +23,339 @@ beginning of the note and specify the full path. Note 2) CyaSSL takes a different approach to certificate verification than OpenSSL does. The default policy for the client is to verify the server, this means that if -you don't load CAs to verify the server you'll get a connect error, unable to -verify (-155). It you want to mimic OpenSSL behavior of having SSL_connect -succeed even if verifying the server fails and reducing security you can do -this by calling: +you don't load CAs to verify the server you'll get a connect error, no signer +error to confirm failure (-188). If you want to mimic OpenSSL behavior of +having SSL_connect succeed even if verifying the server fails and reducing +security you can do this by calling: SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); before calling SSL_new(); Though it's not recommended. -*** end Note *** +*** end Notes *** -CyaSSL Release 2.3.0 (8/10/2012) + +CyaSSL Release 3.1.0 (07/14/2014) + +Release 3.1.0 CyaSSL has bug fixes and new features including: + +- Fix for older versions of icc without 128-bit type +- Intel ASM syntax for AES-NI +- Updated NTRU support, keygen benchmark +- FIPS check for minimum required HMAC key length +- Small stack (--enable-smallstack) improvements for PKCS#7, ASN +- TLS extension support for DTLS +- Default I/O callbacks external to user +- Updated example client with bad clock test +- Ability to set optional ECC context info +- Ability to enable/disable DH separate from opensslextra +- Additional test key/cert buffers for CA and server +- Updated example certificates + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + +************ CyaSSL Release 3.0.2 (05/30/2014) + +Release 3.0.2 CyaSSL has bug fixes and new features including: + +- Added the following cipher suites: + * TLS_PSK_WITH_AES_128_GCM_SHA256 + * TLS_PSK_WITH_AES_256_GCM_SHA384 + * TLS_PSK_WITH_AES_256_CBC_SHA384 + * TLS_PSK_WITH_NULL_SHA384 + * TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + * TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + * TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + * TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + * TLS_DHE_PSK_WITH_NULL_SHA256 + * TLS_DHE_PSK_WITH_NULL_SHA384 + * TLS_DHE_PSK_WITH_AES_128_CCM + * TLS_DHE_PSK_WITH_AES_256_CCM +- Added AES-NI support for Microsoft Visual Studio builds. +- Changed small stack build to be disabled by default. +- Updated the Hash DRBG and provided a configure option to enable. + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + +************ CyaSSL Release 3.0.0 (04/29/2014) + +Release 3.0.0 CyaSSL has bug fixes and new features including: + +- FIPS release candidate +- X.509 improvements that address items reported by Suman Jana with security + researchers at UT Austin and UC Davis +- Small stack size improvements, --enable-smallstack. Offloads large local + variables to the heap. (Note this is not complete.) +- Updated AES-CCM-8 cipher suites to use approved suite numbers. + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + +************ CyaSSL Release 2.9.4 (04/09/2014) + +Release 2.9.4 CyaSSL has bug fixes and new features including: + +- Security fixes that address items reported by Ivan Fratric of the Google + Security Team +- X.509 Unknown critical extensions treated as errors, report by Suman Jana with + security researchers at UT Austin and UC Davis +- Sniffer fixes for corrupted packet length and Jumbo frames +- ARM thumb mode assembly fixes +- Xcode 5.1 support including new clang +- PIC32 MZ hardware support +- CyaSSL Object has enough room to read the Record Header now w/o allocs +- FIPS wrappers for AES, 3DES, SHA1, SHA256, SHA384, HMAC, and RSA. +- A sample I/O pool is demonstrated with --enable-iopool to overtake memory + handling and reduce memory fragmentation on I/O large sizes + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + +************ CyaSSL Release 2.9.0 (02/07/2014) + +Release 2.9.0 CyaSSL has bug fixes and new features including: +- Freescale Kinetis RNGB support +- Freescale Kinetis mmCAU support +- TLS Hello extensions + - ECC + - Secure Renegotiation (null) + - Truncated HMAC +- SCEP support + - PKCS #7 Enveloped data and signed data + - PKCS #10 Certificate Signing Request generation +- DTLS sliding window +- OCSP Improvements + - API change to integrate into Certificate Manager + - IPv4/IPv6 agnostic + - example client/server support for OCSP + - OCSP nonces are optional +- GMAC hashing +- Windows build additions +- Windows CYGWIN build fixes +- Updated test certificates +- Microchip MPLAB Harmony support +- Update autoconf scripts +- Additional X.509 inspection functions +- ECC encrypt/decrypt primitives +- ECC Certificate generation + +The Freescale Kinetis K53 RNGB documentation can be found in Chapter 33 of the +K53 Sub-Family Reference Manual: +http://cache.freescale.com/files/32bit/doc/ref_manual/K53P144M100SF2RM.pdf + +Freescale Kinetis K60 mmCAU (AES, DES, 3DES, MD5, SHA, SHA256) documentation +can be found in the "ColdFire/ColdFire+ CAU and Kinetis mmCAU Software Library +User Guide": +http://cache.freescale.com/files/32bit/doc/user_guide/CAUAPIUG.pdf + + +*****************CyaSSL Release 2.8.0 (8/30/2013) + +Release 2.8.0 CyaSSL has bug fixes and new features including: +- AES-GCM and AES-CCM use AES-NI +- NetX default IO callback handlers +- IPv6 fixes for DTLS Hello Cookies +- The ability to unload Certs/Keys after the handshake, CyaSSL_UnloadCertsKeys() +- SEP certificate extensions +- Callback getters for easier resource freeing +- External CYASSL_MAX_ERROR_SZ for correct error buffer sizing +- MacEncrypt and DecryptVerify Callbacks for User Atomic Record Layer Processing +- Public Key Callbacks for ECC and RSA +- Client now sends blank cert upon request if doesn't have one with TLS <= 1.2 + + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + +*****************CyaSSL Release 2.7.0 (6/17/2013) + +Release 2.7.0 CyaSSL has bug fixes and new features including: +- SNI support for client and server +- KEIL MDK-ARM projects +- Wildcard check to domain name match, and Subject altnames are checked too +- Better error messages for certificate verification errors +- Ability to discard session during handshake verify +- More consistent error returns across all APIs +- Ability to unload CAs at the CTX or CertManager level +- Authority subject id support for Certificate matching +- Persistent session cache functionality +- Persistent CA cache functionality +- Client session table lookups to push serverID table to library level +- Camellia support to sniffer +- User controllable settings for DTLS timeout values +- Sniffer fixes for caching long lived sessions +- DTLS reliability enhancements for the handshake +- Better ThreadX support + +When compiling with Mingw, libtool may give the following warning due to +path conversion errors: + +libtool: link: Could not determine host file name corresponding to ** +libtool: link: Continuing, but uninstalled executables may not work. + +If so, examples and testsuite will have problems when run, showing an +error while loading shared libraries. To resolve, please run "make install". + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + +************** CyaSSL Release 2.6.0 (04/15/2013) + +Release 2.6.0 CyaSSL has bug fixes and new features including: +- DTLS 1.2 support including AEAD ciphers +- SHA-3 finalist Blake2 support, it's fast and uses little resources +- SHA-384 cipher suites including ECC ones +- HMAC now supports SHA-512 +- Track memory use for example client/server with -t option +- Better IPv6 examples with --enable-ipv6, before if ipv6 examples/tests were + turned on, localhost only was used. Now link-local (with scope ids) and ipv6 + hosts can be used as well. +- Xcode v4.6 project for iOS v6.1 update +- settings.h is now checked in all *.c files for true one file setting detection +- Better alignment at SSL layer for hardware crypto alignment needs + * Note, SSL itself isn't friendly to alignment with 5 byte TLS headers and + 13 bytes DTLS headers, but every effort is now made to align with the + CYASSL_GENERAL_ALIGNMENT flag which sets desired alignment requirement +- NO_64BIT flag to turn off 64bit data type accumulators in public key code + * Note, some systems are faster with 32bit accumulators +- --enable-stacksize for example client/server stack use + * Note, modern desktop Operating Systems may add bytes to each stack frame +- Updated compression/decompression with direct crypto access +- All ./configure options are now lowercase only for consistency +- ./configure builds default to fastmath option + * Note, if on ia32 and building in shared mode this may produce a problem + with a missing register being available because of PIC, there are at least + 5 solutions to this: + 1) --disable-fastmath , don't use fastmath + 2) --disable-shared, don't build a shared library + 3) C_EXTRA_FLAGS=-DTFM_NO_ASM , turn off assembly use + 4) use clang, it just seems to work + 5) play around with no PIC options to force all registers being open +- Many new ./configure switches for option enable/disable for example + * rsa + * dh + * dsa + * md5 + * sha + * arc4 + * null (allow NULL ciphers) + * oldtls (only use TLS 1.2) + * asn (no certs or public keys allowed) +- ./configure generates cyassl/options.h which allows a header the user can + include in their app to make sure the same options are set at the app and + CyaSSL level. +- autoconf no longer needs serial-tests which lowers version requirements of + automake to 1.11 and autoconf to 2.63 + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + + +************** CyaSSL Release 2.5.0 (02/04/2013) + +Release 2.5.0 CyaSSL has bug fixes and new features including: +- Fix for TLS CBC padding timing attack identified by Nadhem Alfardan and + Kenny Paterson: http://www.isg.rhul.ac.uk/tls/ +- Microchip PIC32 (MIPS16, MIPS32) support +- Microchip MPLAB X example projects for PIC32 Ethernet Starter Kit +- Updated CTaoCrypt benchmark app for embedded systems +- 1024-bit test certs/keys and cert/key buffers +- AES-CCM-8 crypto and cipher suites +- Camellia crypto and cipher suites +- Bumped minimum autoconf version to 2.65, automake version to 1.12 +- Addition of OCSP callbacks +- STM32F2 support with hardware crypto and RNG +- Cavium NITROX support + +CTaoCrypt now has support for the Microchip PIC32 and has been tested with +the Microchip PIC32 Ethernet Starter Kit, the XC32 compiler and +MPLAB X IDE in both MIPS16 and MIPS32 instruction set modes. See the README +located under the /mplabx directory for more details. + +To add Cavium NITROX support do: + +./configure --with-cavium=/home/user/cavium/software + +pointing to your licensed cavium/software directory. Since Cavium doesn't +build a library we pull in the cavium_common.o file which gives a libtool +warning about the portability of this. Also, if you're using the github source +tree you'll need to remove the -Wredundant-decls warning from the generated +Makefile because the cavium headers don't conform to this warning. Currently +CyaSSL supports Cavium RNG, AES, 3DES, RC4, HMAC, and RSA directly at the crypto +layer. Support at the SSL level is partial and currently just does AES, 3DES, +and RC4. RSA and HMAC are slower until the Cavium calls can be utilized in non +blocking mode. The example client turns on cavium support as does the crypto +test and benchmark. Please see the HAVE_CAVIUM define. + +CyaSSL is able to use the STM32F2 hardware-based cryptography and random number +generator through the STM32F2 Standard Peripheral Library. For necessary +defines, see the CYASSL_STM32F2 define in settings.h. Documentation for the +STM32F2 Standard Peripheral Library can be found in the following document: +http://www.st.com/internet/com/TECHNICAL_RESOURCES/TECHNICAL_LITERATURE/USER_MANUAL/DM00023896.pdf + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + + +*************** CyaSSL Release 2.4.6 (12/20/2012) + +Release 2.4.6 CyaSSL has bug fixes and a few new features including: +- ECC into main version +- Lean PSK build (reduced code size, RAM usage, and stack usage) +- FreeBSD CRL monitor support +- CyaSSL_peek() +- CyaSSL_send() and CyaSSL_recv() for I/O flag setting +- CodeWarrior Support +- MQX Support +- Freescale Kinetis support including Hardware RNG +- autoconf builds use jobserver +- cyassl-config +- Sniffer memory reductions + +Thanks to Brian Aker for the improved autoconf system, make rpm, cyassl-config, +warning system, and general good ideas for improving CyaSSL! + +The Freescale Kinetis K70 RNGA documentation can be found in Chapter 37 of the +K70 Sub-Family Reference Manual: +http://cache.freescale.com/files/microcontrollers/doc/ref_manual/K70P256M150SF3RM.pdf + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + +*************** CyaSSL Release 2.4.0 (10/10/2012) + +Release 2.4.0 CyaSSL has bug fixes and a few new features including: +- DTLS reliability +- Reduced memory usage after handshake +- Updated build process + +The CyaSSL manual is available at: +http://www.yassl.com/documentation/CyaSSL-Manual.pdf. For build instructions +and comments about the new features please check the manual. + + + +*************** CyaSSL Release 2.3.0 (8/10/2012) Release 2.3.0 CyaSSL has bug fixes and a few new features including: - AES-GCM crypto and cipher suites @@ -134,7 +455,7 @@ Release 2.0.0rc3 for CyaSSL has bug fixes and a few new features including: - CyaSSL headers now in - CTaocrypt headers now in - OpenSSL compatibility headers now in -- examples and tests all run from home diretory so can use certs in ./certs +- examples and tests all run from home directory so can use certs in ./certs (see note 1) So previous applications that used the OpenSSL compatibility header @@ -156,7 +477,7 @@ Release 2.0.0rc2 for CyaSSL has bug fixes and a few new features including: - Wshadow warnings removed - asn public header - CTaoCrypt public headers now all have ctc_ prefix (the manual is still being - updated to relfect this change) + updated to reflect this change) - and more. This is the 2nd and perhaps final release candidate for version 2. @@ -479,8 +800,8 @@ Release Candidate 2 for CyaSSL 1.0.0 adds bug fixes and adds two new stream ciphers along with their respective cipher suites. CyaSSL adds support for HC-128 and RABBIT stream ciphers. The new suites are: -TLS_RSA_WITH_HC_128_CBC_SHA -TLS_RSA_WITH_RABBIT_CBC_SHA +TLS_RSA_WITH_HC_128_SHA +TLS_RSA_WITH_RABBIT_SHA And the corresponding cipher names are diff --git a/FreeRTOS-Plus/Source/CyaSSL/aclocal.m4 b/FreeRTOS-Plus/Source/CyaSSL/aclocal.m4 index ee7bb048f..64fd2c65b 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/aclocal.m4 +++ b/FreeRTOS-Plus/Source/CyaSSL/aclocal.m4 @@ -1,7 +1,7 @@ -# generated automatically by aclocal 1.10 -*- Autoconf -*- +# generated automatically by aclocal 1.14.1 -*- Autoconf -*- + +# Copyright (C) 1996-2013 Free Software Foundation, Inc. -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006 Free Software Foundation, Inc. # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. @@ -11,12 +11,16 @@ # even the implied warranty of MERCHANTABILITY or FITNESS FOR A # PARTICULAR PURPOSE. -m4_if(m4_PACKAGE_VERSION, [2.61],, -[m4_fatal([this file was generated for autoconf 2.61. -You have another version of autoconf. If you want to use that, -you should regenerate the build system entirely.], [63])]) +m4_ifndef([AC_CONFIG_MACRO_DIRS], [m4_defun([_AM_CONFIG_MACRO_DIRS], [])m4_defun([AC_CONFIG_MACRO_DIRS], [_AM_CONFIG_MACRO_DIRS($@)])]) +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +m4_if(m4_defn([AC_AUTOCONF_VERSION]), [2.69],, +[m4_warning([this file was generated for autoconf 2.69. +You have another version of autoconf. It may work, but is not guaranteed to. +If you have problems, you may need to regenerate the build system entirely. +To do so, use the procedure documented by the package, typically 'autoreconf'.])]) -# Copyright (C) 2002, 2003, 2005, 2006 Free Software Foundation, Inc. +# Copyright (C) 2002-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -28,10 +32,10 @@ you should regenerate the build system entirely.], [63])]) # generated from the m4 files accompanying Automake X.Y. # (This private macro should not be called outside this file.) AC_DEFUN([AM_AUTOMAKE_VERSION], -[am__api_version='1.10' +[am__api_version='1.14' dnl Some users find AM_AUTOMAKE_VERSION and mistake it for a way to dnl require some minimum version. Point them to the right macro. -m4_if([$1], [1.10], [], +m4_if([$1], [1.14.1], [], [AC_FATAL([Do not call $0, use AM_INIT_AUTOMAKE([$1]).])])dnl ]) @@ -45,21 +49,21 @@ m4_define([_AM_AUTOCONF_VERSION], []) # AM_SET_CURRENT_AUTOMAKE_VERSION # ------------------------------- # Call AM_AUTOMAKE_VERSION and AM_AUTOMAKE_VERSION so they can be traced. -# This function is AC_REQUIREd by AC_INIT_AUTOMAKE. +# This function is AC_REQUIREd by AM_INIT_AUTOMAKE. AC_DEFUN([AM_SET_CURRENT_AUTOMAKE_VERSION], -[AM_AUTOMAKE_VERSION([1.10])dnl -_AM_AUTOCONF_VERSION(m4_PACKAGE_VERSION)]) +[AM_AUTOMAKE_VERSION([1.14.1])dnl +m4_ifndef([AC_AUTOCONF_VERSION], + [m4_copy([m4_PACKAGE_VERSION], [AC_AUTOCONF_VERSION])])dnl +_AM_AUTOCONF_VERSION(m4_defn([AC_AUTOCONF_VERSION]))]) # Figure out how to run the assembler. -*- Autoconf -*- -# Copyright (C) 2001, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 5 - # AM_PROG_AS # ---------- AC_DEFUN([AM_PROG_AS], @@ -74,15 +78,15 @@ _AM_IF_OPTION([no-dependencies],, [_AM_DEPENDENCIES([CCAS])])dnl # AM_AUX_DIR_EXPAND -*- Autoconf -*- -# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. # For projects using AC_CONFIG_AUX_DIR([foo]), Autoconf sets -# $ac_aux_dir to `$srcdir/foo'. In other projects, it is set to -# `$srcdir', `$srcdir/..', or `$srcdir/../..'. +# $ac_aux_dir to '$srcdir/foo'. In other projects, it is set to +# '$srcdir', '$srcdir/..', or '$srcdir/../..'. # # Of course, Automake must honor this variable whenever it calls a # tool from the auxiliary directory. The problem is that $srcdir (and @@ -101,7 +105,7 @@ _AM_IF_OPTION([no-dependencies],, [_AM_DEPENDENCIES([CCAS])])dnl # # The reason of the latter failure is that $top_srcdir and $ac_aux_dir # are both prefixed by $srcdir. In an in-source build this is usually -# harmless because $srcdir is `.', but things will broke when you +# harmless because $srcdir is '.', but things will broke when you # start a VPATH build or use an absolute $srcdir. # # So we could use something similar to $top_srcdir/$ac_aux_dir/missing, @@ -127,26 +131,24 @@ am_aux_dir=`cd $ac_aux_dir && pwd` # AM_CONDITIONAL -*- Autoconf -*- -# Copyright (C) 1997, 2000, 2001, 2003, 2004, 2005, 2006 -# Free Software Foundation, Inc. +# Copyright (C) 1997-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 8 - # AM_CONDITIONAL(NAME, SHELL-CONDITION) # ------------------------------------- # Define a conditional. AC_DEFUN([AM_CONDITIONAL], -[AC_PREREQ(2.52)dnl - ifelse([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], - [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl +[AC_PREREQ([2.52])dnl + m4_if([$1], [TRUE], [AC_FATAL([$0: invalid condition: $1])], + [$1], [FALSE], [AC_FATAL([$0: invalid condition: $1])])dnl AC_SUBST([$1_TRUE])dnl AC_SUBST([$1_FALSE])dnl _AM_SUBST_NOTMAKE([$1_TRUE])dnl _AM_SUBST_NOTMAKE([$1_FALSE])dnl +m4_define([_AM_COND_VALUE_$1], [$2])dnl if $2; then $1_TRUE= $1_FALSE='#' @@ -160,16 +162,14 @@ AC_CONFIG_COMMANDS_PRE( Usually this means the macro was only invoked conditionally.]]) fi])]) -# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006 -# Free Software Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 9 -# There are a few dirty hacks below to avoid letting `AC_PROG_CC' be +# There are a few dirty hacks below to avoid letting 'AC_PROG_CC' be # written in clear, in which case automake, when reading aclocal.m4, # will think it sees a *use*, and therefore will trigger all it's # C support machinery. Also note that it means that autoscan, seeing @@ -179,7 +179,7 @@ fi])]) # _AM_DEPENDENCIES(NAME) # ---------------------- # See how the compiler implements dependency checking. -# NAME is "CC", "CXX", "GCJ", or "OBJC". +# NAME is "CC", "CXX", "OBJC", "OBJCXX", "UPC", or "GJC". # We try a few techniques and use that to set a single cache variable. # # We don't AC_REQUIRE the corresponding AC_PROG_CC since the latter was @@ -192,12 +192,13 @@ AC_REQUIRE([AM_OUTPUT_DEPENDENCY_COMMANDS])dnl AC_REQUIRE([AM_MAKE_INCLUDE])dnl AC_REQUIRE([AM_DEP_TRACK])dnl -ifelse([$1], CC, [depcc="$CC" am_compiler_list=], - [$1], CXX, [depcc="$CXX" am_compiler_list=], - [$1], OBJC, [depcc="$OBJC" am_compiler_list='gcc3 gcc'], - [$1], UPC, [depcc="$UPC" am_compiler_list=], - [$1], GCJ, [depcc="$GCJ" am_compiler_list='gcc3 gcc'], - [depcc="$$1" am_compiler_list=]) +m4_if([$1], [CC], [depcc="$CC" am_compiler_list=], + [$1], [CXX], [depcc="$CXX" am_compiler_list=], + [$1], [OBJC], [depcc="$OBJC" am_compiler_list='gcc3 gcc'], + [$1], [OBJCXX], [depcc="$OBJCXX" am_compiler_list='gcc3 gcc'], + [$1], [UPC], [depcc="$UPC" am_compiler_list=], + [$1], [GCJ], [depcc="$GCJ" am_compiler_list='gcc3 gcc'], + [depcc="$$1" am_compiler_list=]) AC_CACHE_CHECK([dependency style of $depcc], [am_cv_$1_dependencies_compiler_type], @@ -205,8 +206,9 @@ AC_CACHE_CHECK([dependency style of $depcc], # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named `D' -- because `-MD' means `put the output - # in D'. + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". + rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. @@ -224,6 +226,16 @@ AC_CACHE_CHECK([dependency style of $depcc], if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n ['s/^#*\([a-zA-Z0-9]*\))$/\1/p'] < ./depcomp` fi + am__universal=false + m4_case([$1], [CC], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac], + [CXX], + [case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac]) + for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and @@ -235,35 +247,49 @@ AC_CACHE_CHECK([dependency style of $depcc], : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with - # Solaris 8's {/usr,}/bin/sh. - touch sub/conftst$i.h + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + # We check with '-c' and '-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; nosideeffect) - # after this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; + msvc7 | msvc7msys | msvisualcpp | msvcmsys) + # This compiler won't grok '-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; none) break ;; esac - # We check with `-c' and `-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle `-M -o', and we need to detect this. if depmode=$depmode \ - source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ + source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message @@ -296,7 +322,7 @@ AM_CONDITIONAL([am__fastdep$1], [ # AM_SET_DEPDIR # ------------- # Choose a directory name for dependency files. -# This macro is AC_REQUIREd in _AM_DEPENDENCIES +# This macro is AC_REQUIREd in _AM_DEPENDENCIES. AC_DEFUN([AM_SET_DEPDIR], [AC_REQUIRE([AM_SET_LEADING_DOT])dnl AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl @@ -306,71 +332,85 @@ AC_SUBST([DEPDIR], ["${am__leading_dot}deps"])dnl # AM_DEP_TRACK # ------------ AC_DEFUN([AM_DEP_TRACK], -[AC_ARG_ENABLE(dependency-tracking, -[ --disable-dependency-tracking speeds up one-time build - --enable-dependency-tracking do not reject slow dependency extractors]) +[AC_ARG_ENABLE([dependency-tracking], [dnl +AS_HELP_STRING( + [--enable-dependency-tracking], + [do not reject slow dependency extractors]) +AS_HELP_STRING( + [--disable-dependency-tracking], + [speeds up one-time build])]) if test "x$enable_dependency_tracking" != xno; then am_depcomp="$ac_aux_dir/depcomp" AMDEPBACKSLASH='\' + am__nodep='_no' fi AM_CONDITIONAL([AMDEP], [test "x$enable_dependency_tracking" != xno]) AC_SUBST([AMDEPBACKSLASH])dnl _AM_SUBST_NOTMAKE([AMDEPBACKSLASH])dnl +AC_SUBST([am__nodep])dnl +_AM_SUBST_NOTMAKE([am__nodep])dnl ]) # Generate code to set up dependency tracking. -*- Autoconf -*- -# Copyright (C) 1999, 2000, 2001, 2002, 2003, 2004, 2005 -# Free Software Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -#serial 3 # _AM_OUTPUT_DEPENDENCY_COMMANDS # ------------------------------ AC_DEFUN([_AM_OUTPUT_DEPENDENCY_COMMANDS], -[for mf in $CONFIG_FILES; do - # Strip MF so we end up with the name of the file. - mf=`echo "$mf" | sed -e 's/:.*$//'` - # Check whether this is an Automake generated Makefile or not. - # We used to match only the files named `Makefile.in', but - # some people rename them; so instead we look at the file content. - # Grep'ing the first line is not enough: some people post-process - # each Makefile.in and add a new line on top of each file to say so. - # Grep'ing the whole file is not good either: AIX grep has a line - # limit of 2048, but all sed's we know have understand at least 4000. - if sed 10q "$mf" | grep '^#.*generated by automake' > /dev/null 2>&1; then - dirpart=`AS_DIRNAME("$mf")` - else - continue - fi - # Extract the definition of DEPDIR, am__include, and am__quote - # from the Makefile without running `make'. - DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` - test -z "$DEPDIR" && continue - am__include=`sed -n 's/^am__include = //p' < "$mf"` - test -z "am__include" && continue - am__quote=`sed -n 's/^am__quote = //p' < "$mf"` - # When using ansi2knr, U may be empty or an underscore; expand it - U=`sed -n 's/^U = //p' < "$mf"` - # Find all dependency output files, they are included files with - # $(DEPDIR) in their names. We invoke sed twice because it is the - # simplest approach to changing $(DEPDIR) to its actual value in the - # expansion. - for file in `sed -n " - s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ - sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do - # Make sure the directory exists. - test -f "$dirpart/$file" && continue - fdir=`AS_DIRNAME(["$file"])` - AS_MKDIR_P([$dirpart/$fdir]) - # echo "creating $dirpart/$file" - echo '# dummy' > "$dirpart/$file" +[{ + # Older Autoconf quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named 'Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`AS_DIRNAME("$mf")` + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running 'make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "$am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`AS_DIRNAME(["$file"])` + AS_MKDIR_P([$dirpart/$fdir]) + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" + done done -done +} ])# _AM_OUTPUT_DEPENDENCY_COMMANDS @@ -379,7 +419,7 @@ done # This macro should only be invoked once -- use via AC_REQUIRE. # # This code is only required when automatic dependency tracking -# is enabled. FIXME. This creates each `.P' file that we will +# is enabled. FIXME. This creates each '.P' file that we will # need in order to bootstrap the dependency handling code. AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], [AC_CONFIG_COMMANDS([depfiles], @@ -389,18 +429,21 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], # Do all the work for Automake. -*- Autoconf -*- -# Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, -# 2005, 2006 Free Software Foundation, Inc. +# Copyright (C) 1996-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 12 - # This macro actually does too much. Some checks are only needed if # your package does certain things. But this isn't really a big deal. +dnl Redefine AC_PROG_CC to automatically invoke _AM_PROG_CC_C_O. +m4_define([AC_PROG_CC], +m4_defn([AC_PROG_CC]) +[_AM_PROG_CC_C_O +]) + # AM_INIT_AUTOMAKE(PACKAGE, VERSION, [NO-DEFINE]) # AM_INIT_AUTOMAKE([OPTIONS]) # ----------------------------------------------- @@ -413,7 +456,7 @@ AC_DEFUN([AM_OUTPUT_DEPENDENCY_COMMANDS], # arguments mandatory, and then we can depend on a new Autoconf # release and drop the old call support. AC_DEFUN([AM_INIT_AUTOMAKE], -[AC_PREREQ([2.60])dnl +[AC_PREREQ([2.65])dnl dnl Autoconf wants to disallow AM_ names. We explicitly allow dnl the ones we care about. m4_pattern_allow([^AM_[A-Z]+FLAGS$])dnl @@ -442,55 +485,121 @@ AC_SUBST([CYGPATH_W]) # Define the identity of the package. dnl Distinguish between old-style and new-style calls. m4_ifval([$2], -[m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl +[AC_DIAGNOSE([obsolete], + [$0: two- and three-arguments forms are deprecated.]) +m4_ifval([$3], [_AM_SET_OPTION([no-define])])dnl AC_SUBST([PACKAGE], [$1])dnl AC_SUBST([VERSION], [$2])], [_AM_SET_OPTIONS([$1])dnl dnl Diagnose old-style AC_INIT with new-style AM_AUTOMAKE_INIT. -m4_if(m4_ifdef([AC_PACKAGE_NAME], 1)m4_ifdef([AC_PACKAGE_VERSION], 1), 11,, +m4_if( + m4_ifdef([AC_PACKAGE_NAME], [ok]):m4_ifdef([AC_PACKAGE_VERSION], [ok]), + [ok:ok],, [m4_fatal([AC_INIT should be called with package and version arguments])])dnl AC_SUBST([PACKAGE], ['AC_PACKAGE_TARNAME'])dnl AC_SUBST([VERSION], ['AC_PACKAGE_VERSION'])])dnl _AM_IF_OPTION([no-define],, -[AC_DEFINE_UNQUOTED(PACKAGE, "$PACKAGE", [Name of package]) - AC_DEFINE_UNQUOTED(VERSION, "$VERSION", [Version number of package])])dnl +[AC_DEFINE_UNQUOTED([PACKAGE], ["$PACKAGE"], [Name of package]) + AC_DEFINE_UNQUOTED([VERSION], ["$VERSION"], [Version number of package])])dnl # Some tools Automake needs. AC_REQUIRE([AM_SANITY_CHECK])dnl AC_REQUIRE([AC_ARG_PROGRAM])dnl -AM_MISSING_PROG(ACLOCAL, aclocal-${am__api_version}) -AM_MISSING_PROG(AUTOCONF, autoconf) -AM_MISSING_PROG(AUTOMAKE, automake-${am__api_version}) -AM_MISSING_PROG(AUTOHEADER, autoheader) -AM_MISSING_PROG(MAKEINFO, makeinfo) -AM_PROG_INSTALL_SH -AM_PROG_INSTALL_STRIP -AC_REQUIRE([AM_PROG_MKDIR_P])dnl +AM_MISSING_PROG([ACLOCAL], [aclocal-${am__api_version}]) +AM_MISSING_PROG([AUTOCONF], [autoconf]) +AM_MISSING_PROG([AUTOMAKE], [automake-${am__api_version}]) +AM_MISSING_PROG([AUTOHEADER], [autoheader]) +AM_MISSING_PROG([MAKEINFO], [makeinfo]) +AC_REQUIRE([AM_PROG_INSTALL_SH])dnl +AC_REQUIRE([AM_PROG_INSTALL_STRIP])dnl +AC_REQUIRE([AC_PROG_MKDIR_P])dnl +# For better backward compatibility. To be removed once Automake 1.9.x +# dies out for good. For more background, see: +# +# +AC_SUBST([mkdir_p], ['$(MKDIR_P)']) # We need awk for the "check" target. The system "awk" is bad on # some platforms. AC_REQUIRE([AC_PROG_AWK])dnl AC_REQUIRE([AC_PROG_MAKE_SET])dnl AC_REQUIRE([AM_SET_LEADING_DOT])dnl _AM_IF_OPTION([tar-ustar], [_AM_PROG_TAR([ustar])], - [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], - [_AM_PROG_TAR([v7])])]) + [_AM_IF_OPTION([tar-pax], [_AM_PROG_TAR([pax])], + [_AM_PROG_TAR([v7])])]) _AM_IF_OPTION([no-dependencies],, [AC_PROVIDE_IFELSE([AC_PROG_CC], - [_AM_DEPENDENCIES(CC)], - [define([AC_PROG_CC], - defn([AC_PROG_CC])[_AM_DEPENDENCIES(CC)])])dnl + [_AM_DEPENDENCIES([CC])], + [m4_define([AC_PROG_CC], + m4_defn([AC_PROG_CC])[_AM_DEPENDENCIES([CC])])])dnl AC_PROVIDE_IFELSE([AC_PROG_CXX], - [_AM_DEPENDENCIES(CXX)], - [define([AC_PROG_CXX], - defn([AC_PROG_CXX])[_AM_DEPENDENCIES(CXX)])])dnl + [_AM_DEPENDENCIES([CXX])], + [m4_define([AC_PROG_CXX], + m4_defn([AC_PROG_CXX])[_AM_DEPENDENCIES([CXX])])])dnl AC_PROVIDE_IFELSE([AC_PROG_OBJC], - [_AM_DEPENDENCIES(OBJC)], - [define([AC_PROG_OBJC], - defn([AC_PROG_OBJC])[_AM_DEPENDENCIES(OBJC)])])dnl -]) + [_AM_DEPENDENCIES([OBJC])], + [m4_define([AC_PROG_OBJC], + m4_defn([AC_PROG_OBJC])[_AM_DEPENDENCIES([OBJC])])])dnl +AC_PROVIDE_IFELSE([AC_PROG_OBJCXX], + [_AM_DEPENDENCIES([OBJCXX])], + [m4_define([AC_PROG_OBJCXX], + m4_defn([AC_PROG_OBJCXX])[_AM_DEPENDENCIES([OBJCXX])])])dnl ]) +AC_REQUIRE([AM_SILENT_RULES])dnl +dnl The testsuite driver may need to know about EXEEXT, so add the +dnl 'am__EXEEXT' conditional if _AM_COMPILER_EXEEXT was seen. This +dnl macro is hooked onto _AC_COMPILER_EXEEXT early, see below. +AC_CONFIG_COMMANDS_PRE(dnl +[m4_provide_if([_AM_COMPILER_EXEEXT], + [AM_CONDITIONAL([am__EXEEXT], [test -n "$EXEEXT"])])])dnl + +# POSIX will say in a future version that running "rm -f" with no argument +# is OK; and we want to be able to make that assumption in our Makefile +# recipes. So use an aggressive probe to check that the usage we want is +# actually supported "in the wild" to an acceptable degree. +# See automake bug#10828. +# To make any issue more visible, cause the running configure to be aborted +# by default if the 'rm' program in use doesn't match our expectations; the +# user can still override this though. +if rm -f && rm -fr && rm -rf; then : OK; else + cat >&2 <<'END' +Oops! + +Your 'rm' program seems unable to run without file operands specified +on the command line, even when the '-f' option is present. This is contrary +to the behaviour of most rm programs out there, and not conforming with +the upcoming POSIX standard: + +Please tell bug-automake@gnu.org about your system, including the value +of your $PATH and any error possibly output before this message. This +can help us improve future automake versions. +END + if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then + echo 'Configuration will proceed anyway, since you have set the' >&2 + echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 + echo >&2 + else + cat >&2 <<'END' +Aborting the configuration process, to ensure you take notice of the issue. + +You can download and install GNU coreutils to get an 'rm' implementation +that behaves properly: . + +If you want to complete the configuration process using your problematic +'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM +to "yes", and re-run configure. + +END + AC_MSG_ERROR([Your 'rm' program is bad, sorry.]) + fi +fi]) + +dnl Hook into '_AC_COMPILER_EXEEXT' early to learn its expansion. Do not +dnl add the conditional right here, as _AC_COMPILER_EXEEXT may be further +dnl mangled by Autoconf and run in a shell conditional statement. +m4_define([_AC_COMPILER_EXEEXT], +m4_defn([_AC_COMPILER_EXEEXT])[m4_provide([_AM_COMPILER_EXEEXT])]) # When config.status generates a header, we must update the stamp-h file. # This file resides in the same directory as the config header @@ -501,18 +610,19 @@ AC_PROVIDE_IFELSE([AC_PROG_OBJC], # our stamp files there. AC_DEFUN([_AC_AM_CONFIG_HEADER_HOOK], [# Compute $1's index in $config_headers. +_am_arg=$1 _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in - $1 | $1:* ) + $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done -echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count]) +echo "timestamp for $_am_arg" >`AS_DIRNAME(["$_am_arg"])`/stamp-h[]$_am_stamp_count]) -# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -523,17 +633,22 @@ echo "timestamp for $1" >`AS_DIRNAME([$1])`/stamp-h[]$_am_stamp_count]) # Define $install_sh. AC_DEFUN([AM_PROG_INSTALL_SH], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"} -AC_SUBST(install_sh)]) +if test x"${install_sh}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi +AC_SUBST([install_sh])]) -# Copyright (C) 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2003-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 2 - # Check whether the underlying file-system supports filenames # with a leading dot. For instance MS-DOS doesn't. AC_DEFUN([AM_SET_LEADING_DOT], @@ -549,14 +664,12 @@ AC_SUBST([am__leading_dot])]) # Check to see how 'make' treats includes. -*- Autoconf -*- -# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 3 - # AM_MAKE_INCLUDE() # ----------------- # Check to see how make treats includes. @@ -564,7 +677,7 @@ AC_DEFUN([AM_MAKE_INCLUDE], [am_make=${MAKE-make} cat > confinc << 'END' am__doit: - @echo done + @echo this is the am__doit target .PHONY: am__doit END # If we don't find an include directive, just comment out the code. @@ -574,24 +687,24 @@ am__quote= _am_result=none # First try GNU make style include. echo "include confinc" > confmf -# We grep out `Entering directory' and `Leaving directory' -# messages which can occur if `w' ends up in MAKEFLAGS. -# In particular we don't look at `^make:' because GNU make might -# be invoked under some other name (usually "gmake"), in which -# case it prints its new name instead of `make'. -if test "`$am_make -s -f confmf 2> /dev/null | grep -v 'ing directory'`" = "done"; then - am__include=include - am__quote= - _am_result=GNU -fi +# Ignore all kinds of additional output from 'make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac # Now try BSD make style include. if test "$am__include" = "#"; then echo '.include "confinc"' > confmf - if test "`$am_make -s -f confmf 2> /dev/null`" = "done"; then - am__include=.include - am__quote="\"" - _am_result=BSD - fi + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac fi AC_SUBST([am__include]) AC_SUBST([am__quote]) @@ -599,51 +712,14 @@ AC_MSG_RESULT([$_am_result]) rm -f confinc confmf ]) -# Copyright (C) 1999, 2000, 2001, 2003, 2004, 2005 -# Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# serial 5 - -# AM_PROG_CC_C_O -# -------------- -# Like AC_PROG_CC_C_O, but changed for automake. -AC_DEFUN([AM_PROG_CC_C_O], -[AC_REQUIRE([AC_PROG_CC_C_O])dnl -AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl -AC_REQUIRE_AUX_FILE([compile])dnl -# FIXME: we rely on the cache variable name because -# there is no other way. -set dummy $CC -ac_cc=`echo $[2] | sed ['s/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/']` -if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then - # Losing compiler, so override with the script. - # FIXME: It is wrong to rewrite CC. - # But if we don't then we get into trouble of one sort or another. - # A longer-term fix would be to have automake use am__CC in this case, - # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" - CC="$am_aux_dir/compile $CC" -fi -dnl Make sure AC_PROG_CC is never called again, or it will override our -dnl setting of CC. -m4_define([AC_PROG_CC], - [m4_fatal([AC_PROG_CC cannot be called after AM_PROG_CC_C_O])]) -]) - # Fake the existence of programs that GNU maintainers use. -*- Autoconf -*- -# Copyright (C) 1997, 1999, 2000, 2001, 2003, 2004, 2005 -# Free Software Foundation, Inc. +# Copyright (C) 1997-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 5 - # AM_MISSING_PROG(NAME, PROGRAM) # ------------------------------ AC_DEFUN([AM_MISSING_PROG], @@ -651,76 +727,54 @@ AC_DEFUN([AM_MISSING_PROG], $1=${$1-"${am_missing_run}$2"} AC_SUBST($1)]) - # AM_MISSING_HAS_RUN # ------------------ -# Define MISSING if not defined so far and test if it supports --run. -# If it does, set am_missing_run to use it, otherwise, to nothing. +# Define MISSING if not defined so far and test if it is modern enough. +# If it is, set am_missing_run to use it, otherwise, to nothing. AC_DEFUN([AM_MISSING_HAS_RUN], [AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl AC_REQUIRE_AUX_FILE([missing])dnl -test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing" +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac +fi # Use eval to expand $SHELL -if eval "$MISSING --run true"; then - am_missing_run="$MISSING --run " +if eval "$MISSING --is-lightweight"; then + am_missing_run="$MISSING " else am_missing_run= - AC_MSG_WARN([`missing' script is too old or missing]) + AC_MSG_WARN(['missing' script is too old or missing]) fi ]) -# Copyright (C) 2003, 2004, 2005, 2006 Free Software Foundation, Inc. -# -# This file is free software; the Free Software Foundation -# gives unlimited permission to copy and/or distribute it, -# with or without modifications, as long as this notice is preserved. - -# AM_PROG_MKDIR_P -# --------------- -# Check for `mkdir -p'. -AC_DEFUN([AM_PROG_MKDIR_P], -[AC_PREREQ([2.60])dnl -AC_REQUIRE([AC_PROG_MKDIR_P])dnl -dnl Automake 1.8 to 1.9.6 used to define mkdir_p. We now use MKDIR_P, -dnl while keeping a definition of mkdir_p for backward compatibility. -dnl @MKDIR_P@ is magic: AC_OUTPUT adjusts its value for each Makefile. -dnl However we cannot define mkdir_p as $(MKDIR_P) for the sake of -dnl Makefile.ins that do not define MKDIR_P, so we do our own -dnl adjustment using top_builddir (which is defined more often than -dnl MKDIR_P). -AC_SUBST([mkdir_p], ["$MKDIR_P"])dnl -case $mkdir_p in - [[\\/$]]* | ?:[[\\/]]*) ;; - */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; -esac -]) - # Helper functions for option handling. -*- Autoconf -*- -# Copyright (C) 2001, 2002, 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 3 - # _AM_MANGLE_OPTION(NAME) # ----------------------- AC_DEFUN([_AM_MANGLE_OPTION], [[_AM_OPTION_]m4_bpatsubst($1, [[^a-zA-Z0-9_]], [_])]) # _AM_SET_OPTION(NAME) -# ------------------------------ +# -------------------- # Set option NAME. Presently that only means defining a flag for this option. AC_DEFUN([_AM_SET_OPTION], -[m4_define(_AM_MANGLE_OPTION([$1]), 1)]) +[m4_define(_AM_MANGLE_OPTION([$1]), [1])]) # _AM_SET_OPTIONS(OPTIONS) -# ---------------------------------- +# ------------------------ # OPTIONS is a space-separated list of Automake options. AC_DEFUN([_AM_SET_OPTIONS], -[AC_FOREACH([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) +[m4_foreach_w([_AM_Option], [$1], [_AM_SET_OPTION(_AM_Option)])]) # _AM_IF_OPTION(OPTION, IF-SET, [IF-NOT-SET]) # ------------------------------------------- @@ -728,7 +782,54 @@ AC_DEFUN([_AM_SET_OPTIONS], AC_DEFUN([_AM_IF_OPTION], [m4_ifset(_AM_MANGLE_OPTION([$1]), [$2], [$3])]) -# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# _AM_PROG_CC_C_O +# --------------- +# Like AC_PROG_CC_C_O, but changed for automake. We rewrite AC_PROG_CC +# to automatically call this. +AC_DEFUN([_AM_PROG_CC_C_O], +[AC_REQUIRE([AM_AUX_DIR_EXPAND])dnl +AC_REQUIRE_AUX_FILE([compile])dnl +AC_LANG_PUSH([C])dnl +AC_CACHE_CHECK( + [whether $CC understands -c and -o together], + [am_cv_prog_cc_c_o], + [AC_LANG_CONFTEST([AC_LANG_PROGRAM([])]) + # Make sure it works both with $CC and with simple cc. + # Following AC_PROG_CC_C_O, we do the test twice because some + # compilers refuse to overwrite an existing .o file with -o, + # though they will create one. + am_cv_prog_cc_c_o=yes + for am_i in 1 2; do + if AM_RUN_LOG([$CC -c conftest.$ac_ext -o conftest2.$ac_objext]) \ + && test -f conftest2.$ac_objext; then + : OK + else + am_cv_prog_cc_c_o=no + break + fi + done + rm -f core conftest* + unset am_i]) +if test "$am_cv_prog_cc_c_o" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi +AC_LANG_POP([C])]) + +# For backward compatibility. +AC_DEFUN_ONCE([AM_PROG_CC_C_O], [AC_REQUIRE([AC_PROG_CC])]) + +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -747,45 +848,60 @@ AC_DEFUN([AM_RUN_LOG], # Check to make sure that the build environment is sane. -*- Autoconf -*- -# Copyright (C) 1996, 1997, 2000, 2001, 2003, 2005 -# Free Software Foundation, Inc. +# Copyright (C) 1996-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 4 - # AM_SANITY_CHECK # --------------- AC_DEFUN([AM_SANITY_CHECK], [AC_MSG_CHECKING([whether build environment is sane]) -# Just in case -sleep 1 -echo timestamp > conftest.file -# Do `set' in a subshell so we don't clobber the current shell's +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[[\\\"\#\$\&\'\`$am_lf]]*) + AC_MSG_ERROR([unsafe absolute working directory name]);; +esac +case $srcdir in + *[[\\\"\#\$\&\'\`$am_lf\ \ ]]*) + AC_MSG_ERROR([unsafe srcdir value: '$srcdir']);; +esac + +# Do 'set' in a subshell so we don't clobber the current shell's # arguments. Must try -L first in case configure is actually a # symlink; some systems play weird games with the mod time of symlinks # (eg FreeBSD returns the mod time of the symlink's containing # directory). if ( - set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null` - if test "$[*]" = "X"; then - # -L didn't work. - set X `ls -t $srcdir/configure conftest.file` - fi - rm -f conftest.file - if test "$[*]" != "X $srcdir/configure conftest.file" \ - && test "$[*]" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken -alias in your environment]) - fi - + am_has_slept=no + for am_try in 1 2; do + echo "timestamp, slept: $am_has_slept" > conftest.file + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$[*]" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + if test "$[*]" != "X $srcdir/configure conftest.file" \ + && test "$[*]" != "X conftest.file $srcdir/configure"; then + + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + AC_MSG_ERROR([ls -t appears to fail. Make sure there is not a broken + alias in your environment]) + fi + if test "$[2]" = conftest.file || test $am_try -eq 2; then + break + fi + # Just in case. + sleep 1 + am_has_slept=yes + done test "$[2]" = conftest.file ) then @@ -795,9 +911,85 @@ else AC_MSG_ERROR([newly created file is older than distributed files! Check your system clock]) fi -AC_MSG_RESULT(yes)]) +AC_MSG_RESULT([yes]) +# If we didn't sleep, we still need to ensure time stamps of config.status and +# generated files are strictly newer. +am_sleep_pid= +if grep 'slept: no' conftest.file >/dev/null 2>&1; then + ( sleep 1 ) & + am_sleep_pid=$! +fi +AC_CONFIG_COMMANDS_PRE( + [AC_MSG_CHECKING([that generated files are newer than configure]) + if test -n "$am_sleep_pid"; then + # Hide warnings about reused PIDs. + wait $am_sleep_pid 2>/dev/null + fi + AC_MSG_RESULT([done])]) +rm -f conftest.file +]) + +# Copyright (C) 2009-2013 Free Software Foundation, Inc. +# +# This file is free software; the Free Software Foundation +# gives unlimited permission to copy and/or distribute it, +# with or without modifications, as long as this notice is preserved. + +# AM_SILENT_RULES([DEFAULT]) +# -------------------------- +# Enable less verbose build rules; with the default set to DEFAULT +# ("yes" being less verbose, "no" or empty being verbose). +AC_DEFUN([AM_SILENT_RULES], +[AC_ARG_ENABLE([silent-rules], [dnl +AS_HELP_STRING( + [--enable-silent-rules], + [less verbose build output (undo: "make V=1")]) +AS_HELP_STRING( + [--disable-silent-rules], + [verbose build output (undo: "make V=0")])dnl +]) +case $enable_silent_rules in @%:@ ((( + yes) AM_DEFAULT_VERBOSITY=0;; + no) AM_DEFAULT_VERBOSITY=1;; + *) AM_DEFAULT_VERBOSITY=m4_if([$1], [yes], [0], [1]);; +esac +dnl +dnl A few 'make' implementations (e.g., NonStop OS and NextStep) +dnl do not support nested variable expansions. +dnl See automake bug#9928 and bug#10237. +am_make=${MAKE-make} +AC_CACHE_CHECK([whether $am_make supports nested variables], + [am_cv_make_support_nested_variables], + [if AS_ECHO([['TRUE=$(BAR$(V)) +BAR0=false +BAR1=true +V=1 +am__doit: + @$(TRUE) +.PHONY: am__doit']]) | $am_make -f - >/dev/null 2>&1; then + am_cv_make_support_nested_variables=yes +else + am_cv_make_support_nested_variables=no +fi]) +if test $am_cv_make_support_nested_variables = yes; then + dnl Using '$V' instead of '$(V)' breaks IRIX make. + AM_V='$(V)' + AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' +else + AM_V=$AM_DEFAULT_VERBOSITY + AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY +fi +AC_SUBST([AM_V])dnl +AM_SUBST_NOTMAKE([AM_V])dnl +AC_SUBST([AM_DEFAULT_V])dnl +AM_SUBST_NOTMAKE([AM_DEFAULT_V])dnl +AC_SUBST([AM_DEFAULT_VERBOSITY])dnl +AM_BACKSLASH='\' +AC_SUBST([AM_BACKSLASH])dnl +_AM_SUBST_NOTMAKE([AM_BACKSLASH])dnl +]) -# Copyright (C) 2001, 2003, 2005 Free Software Foundation, Inc. +# Copyright (C) 2001-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -805,27 +997,27 @@ AC_MSG_RESULT(yes)]) # AM_PROG_INSTALL_STRIP # --------------------- -# One issue with vendor `install' (even GNU) is that you can't +# One issue with vendor 'install' (even GNU) is that you can't # specify the program used to strip binaries. This is especially # annoying in cross-compiling environments, where the build's strip # is unlikely to handle the host's binaries. # Fortunately install-sh will honor a STRIPPROG variable, so we -# always use install-sh in `make install-strip', and initialize +# always use install-sh in "make install-strip", and initialize # STRIPPROG with the value of the STRIP variable (set by the user). AC_DEFUN([AM_PROG_INSTALL_STRIP], [AC_REQUIRE([AM_PROG_INSTALL_SH])dnl -# Installed binaries are usually stripped using `strip' when the user -# run `make install-strip'. However `strip' might not be the right +# Installed binaries are usually stripped using 'strip' when the user +# run "make install-strip". However 'strip' might not be the right # tool to use in cross-compilation environments, therefore Automake -# will honor the `STRIP' environment variable to overrule this program. -dnl Don't test for $cross_compiling = yes, because it might be `maybe'. +# will honor the 'STRIP' environment variable to overrule this program. +dnl Don't test for $cross_compiling = yes, because it might be 'maybe'. if test "$cross_compiling" != no; then AC_CHECK_TOOL([STRIP], [strip], :) fi INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" AC_SUBST([INSTALL_STRIP_PROGRAM])]) -# Copyright (C) 2006 Free Software Foundation, Inc. +# Copyright (C) 2006-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, @@ -833,24 +1025,27 @@ AC_SUBST([INSTALL_STRIP_PROGRAM])]) # _AM_SUBST_NOTMAKE(VARIABLE) # --------------------------- -# Prevent Automake from outputing VARIABLE = @VARIABLE@ in Makefile.in. +# Prevent Automake from outputting VARIABLE = @VARIABLE@ in Makefile.in. # This macro is traced by Automake. AC_DEFUN([_AM_SUBST_NOTMAKE]) +# AM_SUBST_NOTMAKE(VARIABLE) +# -------------------------- +# Public sister of _AM_SUBST_NOTMAKE. +AC_DEFUN([AM_SUBST_NOTMAKE], [_AM_SUBST_NOTMAKE($@)]) + # Check how to create a tarball. -*- Autoconf -*- -# Copyright (C) 2004, 2005 Free Software Foundation, Inc. +# Copyright (C) 2004-2013 Free Software Foundation, Inc. # # This file is free software; the Free Software Foundation # gives unlimited permission to copy and/or distribute it, # with or without modifications, as long as this notice is preserved. -# serial 2 - # _AM_PROG_TAR(FORMAT) # -------------------- # Check how to create a tarball in format FORMAT. -# FORMAT should be one of `v7', `ustar', or `pax'. +# FORMAT should be one of 'v7', 'ustar', or 'pax'. # # Substitute a variable $(am__tar) that is a command # writing to stdout a FORMAT-tarball containing the directory @@ -860,80 +1055,135 @@ AC_DEFUN([_AM_SUBST_NOTMAKE]) # Substitute a variable $(am__untar) that extract such # a tarball read from stdin. # $(am__untar) < result.tar +# AC_DEFUN([_AM_PROG_TAR], -[# Always define AMTAR for backward compatibility. -AM_MISSING_PROG([AMTAR], [tar]) -m4_if([$1], [v7], - [am__tar='${AMTAR} chof - "$$tardir"'; am__untar='${AMTAR} xf -'], - [m4_case([$1], [ustar],, [pax],, - [m4_fatal([Unknown tar format])]) -AC_MSG_CHECKING([how to create a $1 tar archive]) -# Loop over all known methods to create a tar archive until one works. +[# Always define AMTAR for backward compatibility. Yes, it's still used +# in the wild :-( We should find a proper way to deprecate it ... +AC_SUBST([AMTAR], ['$${TAR-tar}']) + +# We'll loop over all known methods to create a tar archive until one works. _am_tools='gnutar m4_if([$1], [ustar], [plaintar]) pax cpio none' -_am_tools=${am_cv_prog_tar_$1-$_am_tools} -# Do not fold the above two line into one, because Tru64 sh and -# Solaris sh will not grok spaces in the rhs of `-'. -for _am_tool in $_am_tools -do - case $_am_tool in - gnutar) - for _am_tar in tar gnutar gtar; - do - AM_RUN_LOG([$_am_tar --version]) && break - done - am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' - am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' - am__untar="$_am_tar -xf -" - ;; - plaintar) - # Must skip GNU tar: if it does not support --format= it doesn't create - # ustar tarball either. - (tar --version) >/dev/null 2>&1 && continue - am__tar='tar chf - "$$tardir"' - am__tar_='tar chf - "$tardir"' - am__untar='tar xf -' - ;; - pax) - am__tar='pax -L -x $1 -w "$$tardir"' - am__tar_='pax -L -x $1 -w "$tardir"' - am__untar='pax -r' - ;; - cpio) - am__tar='find "$$tardir" -print | cpio -o -H $1 -L' - am__tar_='find "$tardir" -print | cpio -o -H $1 -L' - am__untar='cpio -i -H $1 -d' - ;; - none) - am__tar=false - am__tar_=false - am__untar=false - ;; - esac - # If the value was cached, stop now. We just wanted to have am__tar - # and am__untar set. - test -n "${am_cv_prog_tar_$1}" && break +m4_if([$1], [v7], + [am__tar='$${TAR-tar} chof - "$$tardir"' am__untar='$${TAR-tar} xf -'], + + [m4_case([$1], + [ustar], + [# The POSIX 1988 'ustar' format is defined with fixed-size fields. + # There is notably a 21 bits limit for the UID and the GID. In fact, + # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343 + # and bug#13588). + am_max_uid=2097151 # 2^21 - 1 + am_max_gid=$am_max_uid + # The $UID and $GID variables are not portable, so we need to resort + # to the POSIX-mandated id(1) utility. Errors in the 'id' calls + # below are definitely unexpected, so allow the users to see them + # (that is, avoid stderr redirection). + am_uid=`id -u || echo unknown` + am_gid=`id -g || echo unknown` + AC_MSG_CHECKING([whether UID '$am_uid' is supported by ustar format]) + if test $am_uid -le $am_max_uid; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + _am_tools=none + fi + AC_MSG_CHECKING([whether GID '$am_gid' is supported by ustar format]) + if test $am_gid -le $am_max_gid; then + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([no]) + _am_tools=none + fi], + + [pax], + [], + + [m4_fatal([Unknown tar format])]) + + AC_MSG_CHECKING([how to create a $1 tar archive]) + + # Go ahead even if we have the value already cached. We do so because we + # need to set the values for the 'am__tar' and 'am__untar' variables. + _am_tools=${am_cv_prog_tar_$1-$_am_tools} + + for _am_tool in $_am_tools; do + case $_am_tool in + gnutar) + for _am_tar in tar gnutar gtar; do + AM_RUN_LOG([$_am_tar --version]) && break + done + am__tar="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$$tardir"' + am__tar_="$_am_tar --format=m4_if([$1], [pax], [posix], [$1]) -chf - "'"$tardir"' + am__untar="$_am_tar -xf -" + ;; + plaintar) + # Must skip GNU tar: if it does not support --format= it doesn't create + # ustar tarball either. + (tar --version) >/dev/null 2>&1 && continue + am__tar='tar chf - "$$tardir"' + am__tar_='tar chf - "$tardir"' + am__untar='tar xf -' + ;; + pax) + am__tar='pax -L -x $1 -w "$$tardir"' + am__tar_='pax -L -x $1 -w "$tardir"' + am__untar='pax -r' + ;; + cpio) + am__tar='find "$$tardir" -print | cpio -o -H $1 -L' + am__tar_='find "$tardir" -print | cpio -o -H $1 -L' + am__untar='cpio -i -H $1 -d' + ;; + none) + am__tar=false + am__tar_=false + am__untar=false + ;; + esac - # tar/untar a dummy directory, and stop if the command works - rm -rf conftest.dir - mkdir conftest.dir - echo GrepMe > conftest.dir/file - AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) + # If the value was cached, stop now. We just wanted to have am__tar + # and am__untar set. + test -n "${am_cv_prog_tar_$1}" && break + + # tar/untar a dummy directory, and stop if the command works. + rm -rf conftest.dir + mkdir conftest.dir + echo GrepMe > conftest.dir/file + AM_RUN_LOG([tardir=conftest.dir && eval $am__tar_ >conftest.tar]) + rm -rf conftest.dir + if test -s conftest.tar; then + AM_RUN_LOG([$am__untar /dev/null 2>&1 && break + fi + done rm -rf conftest.dir - if test -s conftest.tar; then - AM_RUN_LOG([$am__untar /dev/null 2>&1 && break - fi -done -rm -rf conftest.dir -AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) -AC_MSG_RESULT([$am_cv_prog_tar_$1])]) + AC_CACHE_VAL([am_cv_prog_tar_$1], [am_cv_prog_tar_$1=$_am_tool]) + AC_MSG_RESULT([$am_cv_prog_tar_$1])]) + AC_SUBST([am__tar]) AC_SUBST([am__untar]) ]) # _AM_PROG_TAR +m4_include([m4/ax_add_am_macro.m4]) +m4_include([m4/ax_am_jobserver.m4]) +m4_include([m4/ax_am_macros.m4]) +m4_include([m4/ax_append_compile_flags.m4]) +m4_include([m4/ax_append_flag.m4]) +m4_include([m4/ax_append_to_file.m4]) +m4_include([m4/ax_check_compile_flag.m4]) +m4_include([m4/ax_check_link_flag.m4]) +m4_include([m4/ax_count_cpus.m4]) +m4_include([m4/ax_create_generic_config.m4]) +m4_include([m4/ax_debug.m4]) +m4_include([m4/ax_file_escapes.m4]) +m4_include([m4/ax_harden_compiler_flags.m4]) +m4_include([m4/ax_print_to_file.m4]) m4_include([m4/ax_pthread.m4]) +m4_include([m4/ax_tls.m4]) +m4_include([m4/ax_vcs_checkout.m4]) m4_include([m4/hexversion.m4]) m4_include([m4/lib_socket_nsl.m4]) m4_include([m4/libtool.m4]) @@ -942,3 +1192,4 @@ m4_include([m4/ltsugar.m4]) m4_include([m4/ltversion.m4]) m4_include([m4/lt~obsolete.m4]) m4_include([m4/visibility.m4]) +m4_include([m4/wolfssl_darwin_clang.m4]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/build-aux/compile b/FreeRTOS-Plus/Source/CyaSSL/build-aux/compile new file mode 100644 index 000000000..531136b06 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/build-aux/compile @@ -0,0 +1,347 @@ +#! /bin/sh +# Wrapper for compilers which do not understand '-c -o'. + +scriptversion=2012-10-14.11; # UTC + +# Copyright (C) 1999-2013 Free Software Foundation, Inc. +# Written by Tom Tromey . +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +nl=' +' + +# We need space, tab and new line, in precisely that order. Quoting is +# there to prevent tools from complaining about whitespace usage. +IFS=" "" $nl" + +file_conv= + +# func_file_conv build_file lazy +# Convert a $build file to $host form and store it in $file +# Currently only supports Windows hosts. If the determined conversion +# type is listed in (the comma separated) LAZY, no conversion will +# take place. +func_file_conv () +{ + file=$1 + case $file in + / | /[!/]*) # absolute file, and not a UNC file + if test -z "$file_conv"; then + # lazily determine how to convert abs files + case `uname -s` in + MINGW*) + file_conv=mingw + ;; + CYGWIN*) + file_conv=cygwin + ;; + *) + file_conv=wine + ;; + esac + fi + case $file_conv/,$2, in + *,$file_conv,*) + ;; + mingw/*) + file=`cmd //C echo "$file " | sed -e 's/"\(.*\) " *$/\1/'` + ;; + cygwin/*) + file=`cygpath -m "$file" || echo "$file"` + ;; + wine/*) + file=`winepath -w "$file" || echo "$file"` + ;; + esac + ;; + esac +} + +# func_cl_dashL linkdir +# Make cl look for libraries in LINKDIR +func_cl_dashL () +{ + func_file_conv "$1" + if test -z "$lib_path"; then + lib_path=$file + else + lib_path="$lib_path;$file" + fi + linker_opts="$linker_opts -LIBPATH:$file" +} + +# func_cl_dashl library +# Do a library search-path lookup for cl +func_cl_dashl () +{ + lib=$1 + found=no + save_IFS=$IFS + IFS=';' + for dir in $lib_path $LIB + do + IFS=$save_IFS + if $shared && test -f "$dir/$lib.dll.lib"; then + found=yes + lib=$dir/$lib.dll.lib + break + fi + if test -f "$dir/$lib.lib"; then + found=yes + lib=$dir/$lib.lib + break + fi + if test -f "$dir/lib$lib.a"; then + found=yes + lib=$dir/lib$lib.a + break + fi + done + IFS=$save_IFS + + if test "$found" != yes; then + lib=$lib.lib + fi +} + +# func_cl_wrapper cl arg... +# Adjust compile command to suit cl +func_cl_wrapper () +{ + # Assume a capable shell + lib_path= + shared=: + linker_opts= + for arg + do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + eat=1 + case $2 in + *.o | *.[oO][bB][jJ]) + func_file_conv "$2" + set x "$@" -Fo"$file" + shift + ;; + *) + func_file_conv "$2" + set x "$@" -Fe"$file" + shift + ;; + esac + ;; + -I) + eat=1 + func_file_conv "$2" mingw + set x "$@" -I"$file" + shift + ;; + -I*) + func_file_conv "${1#-I}" mingw + set x "$@" -I"$file" + shift + ;; + -l) + eat=1 + func_cl_dashl "$2" + set x "$@" "$lib" + shift + ;; + -l*) + func_cl_dashl "${1#-l}" + set x "$@" "$lib" + shift + ;; + -L) + eat=1 + func_cl_dashL "$2" + ;; + -L*) + func_cl_dashL "${1#-L}" + ;; + -static) + shared=false + ;; + -Wl,*) + arg=${1#-Wl,} + save_ifs="$IFS"; IFS=',' + for flag in $arg; do + IFS="$save_ifs" + linker_opts="$linker_opts $flag" + done + IFS="$save_ifs" + ;; + -Xlinker) + eat=1 + linker_opts="$linker_opts $2" + ;; + -*) + set x "$@" "$1" + shift + ;; + *.cc | *.CC | *.cxx | *.CXX | *.[cC]++) + func_file_conv "$1" + set x "$@" -Tp"$file" + shift + ;; + *.c | *.cpp | *.CPP | *.lib | *.LIB | *.Lib | *.OBJ | *.obj | *.[oO]) + func_file_conv "$1" mingw + set x "$@" "$file" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift + done + if test -n "$linker_opts"; then + linker_opts="-link$linker_opts" + fi + exec "$@" $linker_opts + exit 1 +} + +eat= + +case $1 in + '') + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: compile [--help] [--version] PROGRAM [ARGS] + +Wrapper for compilers which do not understand '-c -o'. +Remove '-o dest.o' from ARGS, run PROGRAM with the remaining +arguments, and rename the output as expected. + +If you are trying to build a whole package this is not the +right script to run: please start by reading the file 'INSTALL'. + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "compile $scriptversion" + exit $? + ;; + cl | *[/\\]cl | cl.exe | *[/\\]cl.exe ) + func_cl_wrapper "$@" # Doesn't return... + ;; +esac + +ofile= +cfile= + +for arg +do + if test -n "$eat"; then + eat= + else + case $1 in + -o) + # configure might choose to run compile as 'compile cc -o foo foo.c'. + # So we strip '-o arg' only if arg is an object. + eat=1 + case $2 in + *.o | *.obj) + ofile=$2 + ;; + *) + set x "$@" -o "$2" + shift + ;; + esac + ;; + *.c) + cfile=$1 + set x "$@" "$1" + shift + ;; + *) + set x "$@" "$1" + shift + ;; + esac + fi + shift +done + +if test -z "$ofile" || test -z "$cfile"; then + # If no '-o' option was seen then we might have been invoked from a + # pattern rule where we don't need one. That is ok -- this is a + # normal compilation that the losing compiler can handle. If no + # '.c' file was seen then we are probably linking. That is also + # ok. + exec "$@" +fi + +# Name of file we expect compiler to create. +cofile=`echo "$cfile" | sed 's|^.*[\\/]||; s|^[a-zA-Z]:||; s/\.c$/.o/'` + +# Create the lock directory. +# Note: use '[/\\:.-]' here to ensure that we don't use the same name +# that we are using for the .o file. Also, base the name on the expected +# object file name, since that is what matters with a parallel build. +lockdir=`echo "$cofile" | sed -e 's|[/\\:.-]|_|g'`.d +while true; do + if mkdir "$lockdir" >/dev/null 2>&1; then + break + fi + sleep 1 +done +# FIXME: race condition here if user kills between mkdir and trap. +trap "rmdir '$lockdir'; exit 1" 1 2 15 + +# Run the compile. +"$@" +ret=$? + +if test -f "$cofile"; then + test "$cofile" = "$ofile" || mv "$cofile" "$ofile" +elif test -f "${cofile}bj"; then + test "${cofile}bj" = "$ofile" || mv "${cofile}bj" "$ofile" +fi + +rmdir "$lockdir" +exit $ret + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/FreeRTOS-Plus/Source/CyaSSL/config/config.guess b/FreeRTOS-Plus/Source/CyaSSL/build-aux/config.guess similarity index 76% rename from FreeRTOS-Plus/Source/CyaSSL/config/config.guess rename to FreeRTOS-Plus/Source/CyaSSL/build-aux/config.guess index 396482d6c..9afd67620 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/config/config.guess +++ b/FreeRTOS-Plus/Source/CyaSSL/build-aux/config.guess @@ -1,14 +1,12 @@ #! /bin/sh # Attempt to guess a canonical system name. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, -# Inc. +# Copyright 1992-2013 Free Software Foundation, Inc. -timestamp='2006-07-02' +timestamp='2013-11-29' # This file is free software; you can redistribute it and/or modify it # under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, but @@ -17,26 +15,22 @@ timestamp='2006-07-02' # General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. +# along with this program; if not, see . # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - - -# Originally written by Per Bothner . -# Please send patches to . Submit a context -# diff and a properly formatted ChangeLog entry. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). +# +# Originally written by Per Bothner. # -# This script attempts to guess a canonical system name similar to -# config.sub. If it succeeds, it prints the system name on stdout, and -# exits with 0. Otherwise, it exits with 1. +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD # -# The plan is that this can be called by configure scripts if you -# don't specify an explicit build system type. +# Please send patches with a ChangeLog entry to config-patches@gnu.org. + me=`echo "$0" | sed -e 's,.*/,,'` @@ -56,8 +50,7 @@ version="\ GNU config.guess ($timestamp) Originally written by Per Bothner. -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 -Free Software Foundation, Inc. +Copyright 1992-2013 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -139,12 +132,33 @@ UNAME_RELEASE=`(uname -r) 2>/dev/null` || UNAME_RELEASE=unknown UNAME_SYSTEM=`(uname -s) 2>/dev/null` || UNAME_SYSTEM=unknown UNAME_VERSION=`(uname -v) 2>/dev/null` || UNAME_VERSION=unknown +case "${UNAME_SYSTEM}" in +Linux|GNU|GNU/*) + # If the system lacks a compiler, then just pick glibc. + # We could probably try harder. + LIBC=gnu + + eval $set_cc_for_build + cat <<-EOF > $dummy.c + #include + #if defined(__UCLIBC__) + LIBC=uclibc + #elif defined(__dietlibc__) + LIBC=dietlibc + #else + LIBC=gnu + #endif + EOF + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^LIBC'` + ;; +esac + # Note: order is significant - the case branches are not exclusive. case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in *:NetBSD:*:*) # NetBSD (nbsd) targets should (where applicable) match one or - # more of the tupples: *-*-netbsdelf*, *-*-netbsdaout*, + # more of the tuples: *-*-netbsdelf*, *-*-netbsdaout*, # *-*-netbsdecoff* and *-*-netbsd*. For targets that recently # switched to ELF, *-*-netbsd* would select the old # object file format. This provides both forward @@ -161,6 +175,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in arm*) machine=arm-unknown ;; sh3el) machine=shl-unknown ;; sh3eb) machine=sh-unknown ;; + sh5el) machine=sh5le-unknown ;; *) machine=${UNAME_MACHINE_ARCH}-unknown ;; esac # The Operating System including object format, if it has switched @@ -169,7 +184,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in arm*|i386|m68k|ns32k|sh3*|sparc|vax) eval $set_cc_for_build if echo __ELF__ | $CC_FOR_BUILD -E - 2>/dev/null \ - | grep __ELF__ >/dev/null + | grep -q __ELF__ then # Once all utilities can be ECOFF (netbsdecoff) or a.out (netbsdaout). # Return netbsd for either. FIX? @@ -179,7 +194,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in fi ;; *) - os=netbsd + os=netbsd ;; esac # The OS release @@ -200,6 +215,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # CPU_TYPE-MANUFACTURER-OPERATING_SYSTEM is used. echo "${machine}-${os}${release}" exit ;; + *:Bitrig:*:*) + UNAME_MACHINE_ARCH=`arch | sed 's/Bitrig.//'` + echo ${UNAME_MACHINE_ARCH}-unknown-bitrig${UNAME_RELEASE} + exit ;; *:OpenBSD:*:*) UNAME_MACHINE_ARCH=`arch | sed 's/OpenBSD.//'` echo ${UNAME_MACHINE_ARCH}-unknown-openbsd${UNAME_RELEASE} @@ -222,7 +241,7 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $3}'` ;; *5.*) - UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` + UNAME_RELEASE=`/usr/sbin/sizer -v | awk '{print $4}'` ;; esac # According to Compaq, /usr/sbin/psrinfo has been available on @@ -268,7 +287,10 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # A Xn.n version is an unreleased experimental baselevel. # 1.2 uses "1.2" for uname -r. echo ${UNAME_MACHINE}-dec-osf`echo ${UNAME_RELEASE} | sed -e 's/^[PVTX]//' | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - exit ;; + # Reset EXIT trap before exiting to avoid spurious non-zero exit code. + exitcode=$? + trap '' 0 + exit $exitcode ;; Alpha\ *:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # Should we change UNAME_MACHINE based on the output of uname instead @@ -294,12 +316,12 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in echo s390-ibm-zvmoe exit ;; *:OS400:*:*) - echo powerpc-ibm-os400 + echo powerpc-ibm-os400 exit ;; arm:RISC*:1.[012]*:*|arm:riscix:1.[012]*:*) echo arm-acorn-riscix${UNAME_RELEASE} exit ;; - arm:riscos:*:*|arm:RISCOS:*:*) + arm*:riscos:*:*|arm*:RISCOS:*:*) echo arm-unknown-riscos exit ;; SR2?01:HI-UX/MPP:*:* | SR8000:HI-UX/MPP:*:*) @@ -323,14 +345,33 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in case `/usr/bin/uname -p` in sparc) echo sparc-icl-nx7; exit ;; esac ;; + s390x:SunOS:*:*) + echo ${UNAME_MACHINE}-ibm-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + exit ;; sun4H:SunOS:5.*:*) echo sparc-hal-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:5.*:* | tadpole*:SunOS:5.*:*) echo sparc-sun-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; - i86pc:SunOS:5.*:*) - echo i386-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` + i86pc:AuroraUX:5.*:* | i86xen:AuroraUX:5.*:*) + echo i386-pc-auroraux${UNAME_RELEASE} + exit ;; + i86pc:SunOS:5.*:* | i86xen:SunOS:5.*:*) + eval $set_cc_for_build + SUN_ARCH="i386" + # If there is a compiler, see if it is configured for 64-bit objects. + # Note that the Sun cc does not turn __LP64__ into 1 like gcc does. + # This test works for both compilers. + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __amd64'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + SUN_ARCH="x86_64" + fi + fi + echo ${SUN_ARCH}-pc-solaris2`echo ${UNAME_RELEASE}|sed -e 's/[^.]*//'` exit ;; sun4*:SunOS:6*:*) # According to config.sub, this is the proper way to canonicalize @@ -374,23 +415,23 @@ case "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" in # MiNT. But MiNT is downward compatible to TOS, so this should # be no problem. atarist[e]:*MiNT:*:* | atarist[e]:*mint:*:* | atarist[e]:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} + echo m68k-atari-mint${UNAME_RELEASE} exit ;; atari*:*MiNT:*:* | atari*:*mint:*:* | atarist[e]:*TOS:*:*) echo m68k-atari-mint${UNAME_RELEASE} - exit ;; + exit ;; *falcon*:*MiNT:*:* | *falcon*:*mint:*:* | *falcon*:*TOS:*:*) - echo m68k-atari-mint${UNAME_RELEASE} + echo m68k-atari-mint${UNAME_RELEASE} exit ;; milan*:*MiNT:*:* | milan*:*mint:*:* | *milan*:*TOS:*:*) - echo m68k-milan-mint${UNAME_RELEASE} - exit ;; + echo m68k-milan-mint${UNAME_RELEASE} + exit ;; hades*:*MiNT:*:* | hades*:*mint:*:* | *hades*:*TOS:*:*) - echo m68k-hades-mint${UNAME_RELEASE} - exit ;; + echo m68k-hades-mint${UNAME_RELEASE} + exit ;; *:*MiNT:*:* | *:*mint:*:* | *:*TOS:*:*) - echo m68k-unknown-mint${UNAME_RELEASE} - exit ;; + echo m68k-unknown-mint${UNAME_RELEASE} + exit ;; m68k:machten:*:*) echo m68k-apple-machten${UNAME_RELEASE} exit ;; @@ -460,8 +501,8 @@ EOF echo m88k-motorola-sysv3 exit ;; AViiON:dgux:*:*) - # DG/UX returns AViiON for all architectures - UNAME_PROCESSOR=`/usr/bin/uname -p` + # DG/UX returns AViiON for all architectures + UNAME_PROCESSOR=`/usr/bin/uname -p` if [ $UNAME_PROCESSOR = mc88100 ] || [ $UNAME_PROCESSOR = mc88110 ] then if [ ${TARGET_BINARY_INTERFACE}x = m88kdguxelfx ] || \ @@ -474,7 +515,7 @@ EOF else echo i586-dg-dgux${UNAME_RELEASE} fi - exit ;; + exit ;; M88*:DolphinOS:*:*) # DolphinOS (SVR3) echo m88k-dolphin-sysv3 exit ;; @@ -531,7 +572,7 @@ EOF echo rs6000-ibm-aix3.2 fi exit ;; - *:AIX:*:[45]) + *:AIX:*:[4567]) IBM_CPU_ID=`/usr/sbin/lsdev -C -c processor -S available | sed 1q | awk '{ print $1 }'` if /usr/sbin/lsattr -El ${IBM_CPU_ID} | grep ' POWER' >/dev/null 2>&1; then IBM_ARCH=rs6000 @@ -574,52 +615,52 @@ EOF 9000/[678][0-9][0-9]) if [ -x /usr/bin/getconf ]; then sc_cpu_version=`/usr/bin/getconf SC_CPU_VERSION 2>/dev/null` - sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` - case "${sc_cpu_version}" in - 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 - 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 - 532) # CPU_PA_RISC2_0 - case "${sc_kernel_bits}" in - 32) HP_ARCH="hppa2.0n" ;; - 64) HP_ARCH="hppa2.0w" ;; + sc_kernel_bits=`/usr/bin/getconf SC_KERNEL_BITS 2>/dev/null` + case "${sc_cpu_version}" in + 523) HP_ARCH="hppa1.0" ;; # CPU_PA_RISC1_0 + 528) HP_ARCH="hppa1.1" ;; # CPU_PA_RISC1_1 + 532) # CPU_PA_RISC2_0 + case "${sc_kernel_bits}" in + 32) HP_ARCH="hppa2.0n" ;; + 64) HP_ARCH="hppa2.0w" ;; '') HP_ARCH="hppa2.0" ;; # HP-UX 10.20 - esac ;; - esac + esac ;; + esac fi if [ "${HP_ARCH}" = "" ]; then eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c + sed 's/^ //' << EOF >$dummy.c - #define _HPUX_SOURCE - #include - #include + #define _HPUX_SOURCE + #include + #include - int main () - { - #if defined(_SC_KERNEL_BITS) - long bits = sysconf(_SC_KERNEL_BITS); - #endif - long cpu = sysconf (_SC_CPU_VERSION); + int main () + { + #if defined(_SC_KERNEL_BITS) + long bits = sysconf(_SC_KERNEL_BITS); + #endif + long cpu = sysconf (_SC_CPU_VERSION); - switch (cpu) - { - case CPU_PA_RISC1_0: puts ("hppa1.0"); break; - case CPU_PA_RISC1_1: puts ("hppa1.1"); break; - case CPU_PA_RISC2_0: - #if defined(_SC_KERNEL_BITS) - switch (bits) - { - case 64: puts ("hppa2.0w"); break; - case 32: puts ("hppa2.0n"); break; - default: puts ("hppa2.0"); break; - } break; - #else /* !defined(_SC_KERNEL_BITS) */ - puts ("hppa2.0"); break; - #endif - default: puts ("hppa1.0"); break; - } - exit (0); - } + switch (cpu) + { + case CPU_PA_RISC1_0: puts ("hppa1.0"); break; + case CPU_PA_RISC1_1: puts ("hppa1.1"); break; + case CPU_PA_RISC2_0: + #if defined(_SC_KERNEL_BITS) + switch (bits) + { + case 64: puts ("hppa2.0w"); break; + case 32: puts ("hppa2.0n"); break; + default: puts ("hppa2.0"); break; + } break; + #else /* !defined(_SC_KERNEL_BITS) */ + puts ("hppa2.0"); break; + #endif + default: puts ("hppa1.0"); break; + } + exit (0); + } EOF (CCOPTS= $CC_FOR_BUILD -o $dummy $dummy.c 2>/dev/null) && HP_ARCH=`$dummy` test -z "$HP_ARCH" && HP_ARCH=hppa @@ -639,7 +680,7 @@ EOF # => hppa64-hp-hpux11.23 if echo __LP64__ | (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | - grep __LP64__ >/dev/null + grep -q __LP64__ then HP_ARCH="hppa2.0w" else @@ -710,22 +751,22 @@ EOF exit ;; C1*:ConvexOS:*:* | convex:ConvexOS:C1*:*) echo c1-convex-bsd - exit ;; + exit ;; C2*:ConvexOS:*:* | convex:ConvexOS:C2*:*) if getsysinfo -f scalar_acc then echo c32-convex-bsd else echo c2-convex-bsd fi - exit ;; + exit ;; C34*:ConvexOS:*:* | convex:ConvexOS:C34*:*) echo c34-convex-bsd - exit ;; + exit ;; C38*:ConvexOS:*:* | convex:ConvexOS:C38*:*) echo c38-convex-bsd - exit ;; + exit ;; C4*:ConvexOS:*:* | convex:ConvexOS:C4*:*) echo c4-convex-bsd - exit ;; + exit ;; CRAY*Y-MP:*:*:*) echo ymp-cray-unicos${UNAME_RELEASE} | sed -e 's/\.[^.]*$/.X/' exit ;; @@ -749,14 +790,14 @@ EOF exit ;; F30[01]:UNIX_System_V:*:* | F700:UNIX_System_V:*:*) FUJITSU_PROC=`uname -m | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz'` - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` - echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" - exit ;; + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | sed -e 's/ /_/'` + echo "${FUJITSU_PROC}-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + exit ;; 5000:UNIX_System_V:4.*:*) - FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` - FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` - echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" + FUJITSU_SYS=`uname -p | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/\///'` + FUJITSU_REL=`echo ${UNAME_RELEASE} | tr 'ABCDEFGHIJKLMNOPQRSTUVWXYZ' 'abcdefghijklmnopqrstuvwxyz' | sed -e 's/ /_/'` + echo "sparc-fujitsu-${FUJITSU_SYS}${FUJITSU_REL}" exit ;; i*86:BSD/386:*:* | i*86:BSD/OS:*:* | *:Ascend\ Embedded/OS:*:*) echo ${UNAME_MACHINE}-pc-bsdi${UNAME_RELEASE} @@ -768,37 +809,51 @@ EOF echo ${UNAME_MACHINE}-unknown-bsdi${UNAME_RELEASE} exit ;; *:FreeBSD:*:*) - case ${UNAME_MACHINE} in - pc98) - echo i386-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + UNAME_PROCESSOR=`/usr/bin/uname -p` + case ${UNAME_PROCESSOR} in amd64) echo x86_64-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; *) - echo ${UNAME_MACHINE}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; + echo ${UNAME_PROCESSOR}-unknown-freebsd`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` ;; esac exit ;; i*:CYGWIN*:*) echo ${UNAME_MACHINE}-pc-cygwin exit ;; - i*:MINGW*:*) + *:MINGW64*:*) + echo ${UNAME_MACHINE}-pc-mingw64 + exit ;; + *:MINGW*:*) echo ${UNAME_MACHINE}-pc-mingw32 exit ;; + i*:MSYS*:*) + echo ${UNAME_MACHINE}-pc-msys + exit ;; i*:windows32*:*) - # uname -m includes "-pc" on this system. - echo ${UNAME_MACHINE}-mingw32 + # uname -m includes "-pc" on this system. + echo ${UNAME_MACHINE}-mingw32 exit ;; i*:PW*:*) echo ${UNAME_MACHINE}-pc-pw32 exit ;; - x86:Interix*:[3456]*) - echo i586-pc-interix${UNAME_RELEASE} - exit ;; - EM64T:Interix*:[3456]*) - echo x86_64-unknown-interix${UNAME_RELEASE} - exit ;; + *:Interix*:*) + case ${UNAME_MACHINE} in + x86) + echo i586-pc-interix${UNAME_RELEASE} + exit ;; + authenticamd | genuineintel | EM64T) + echo x86_64-unknown-interix${UNAME_RELEASE} + exit ;; + IA64) + echo ia64-unknown-interix${UNAME_RELEASE} + exit ;; + esac ;; [345]86:Windows_95:* | [345]86:Windows_98:* | [345]86:Windows_NT:*) echo i${UNAME_MACHINE}-pc-mks exit ;; + 8664:Windows_NT:*) + echo x86_64-pc-mks + exit ;; i*:Windows_NT*:* | Pentium*:Windows_NT*:*) # How do we know it's Interix rather than the generic POSIX subsystem? # It also conflicts with pre-2.0 versions of AT&T UWIN. Should we @@ -819,200 +874,157 @@ EOF exit ;; *:GNU:*:*) # the GNU system - echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-gnu`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` + echo `echo ${UNAME_MACHINE}|sed -e 's,[-/].*$,,'`-unknown-${LIBC}`echo ${UNAME_RELEASE}|sed -e 's,/.*$,,'` exit ;; *:GNU/*:*:*) # other systems with GNU libc and userland - echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-gnu + echo ${UNAME_MACHINE}-unknown-`echo ${UNAME_SYSTEM} | sed 's,^[^/]*/,,' | tr '[A-Z]' '[a-z]'``echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'`-${LIBC} exit ;; i*86:Minix:*:*) echo ${UNAME_MACHINE}-pc-minix exit ;; + aarch64:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + aarch64_be:Linux:*:*) + UNAME_MACHINE=aarch64_be + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + alpha:Linux:*:*) + case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in + EV5) UNAME_MACHINE=alphaev5 ;; + EV56) UNAME_MACHINE=alphaev56 ;; + PCA56) UNAME_MACHINE=alphapca56 ;; + PCA57) UNAME_MACHINE=alphapca56 ;; + EV6) UNAME_MACHINE=alphaev6 ;; + EV67) UNAME_MACHINE=alphaev67 ;; + EV68*) UNAME_MACHINE=alphaev68 ;; + esac + objdump --private-headers /bin/sh | grep -q ld.so.1 + if test "$?" = 0 ; then LIBC="gnulibc1" ; fi + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + arc:Linux:*:* | arceb:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; arm*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + eval $set_cc_for_build + if echo __ARM_EABI__ | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_EABI__ + then + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + else + if echo __ARM_PCS_VFP | $CC_FOR_BUILD -E - 2>/dev/null \ + | grep -q __ARM_PCS_VFP + then + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabi + else + echo ${UNAME_MACHINE}-unknown-linux-${LIBC}eabihf + fi + fi exit ;; avr32*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; cris:Linux:*:*) - echo cris-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; crisv32:Linux:*:*) - echo crisv32-axis-linux-gnu + echo ${UNAME_MACHINE}-axis-linux-${LIBC} exit ;; frv:Linux:*:*) - echo frv-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + hexagon:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + i*86:Linux:*:*) + echo ${UNAME_MACHINE}-pc-linux-${LIBC} exit ;; ia64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m32r*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; m68*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; - mips:Linux:*:*) - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #undef CPU - #undef mips - #undef mipsel - #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mipsel - #else - #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips - #else - CPU= - #endif - #endif -EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^CPU/{ - s: ::g - p - }'`" - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } - ;; - mips64:Linux:*:*) + mips:Linux:*:* | mips64:Linux:*:*) eval $set_cc_for_build sed 's/^ //' << EOF >$dummy.c #undef CPU - #undef mips64 - #undef mips64el + #undef ${UNAME_MACHINE} + #undef ${UNAME_MACHINE}el #if defined(__MIPSEL__) || defined(__MIPSEL) || defined(_MIPSEL) || defined(MIPSEL) - CPU=mips64el + CPU=${UNAME_MACHINE}el #else #if defined(__MIPSEB__) || defined(__MIPSEB) || defined(_MIPSEB) || defined(MIPSEB) - CPU=mips64 + CPU=${UNAME_MACHINE} #else CPU= #endif #endif EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^CPU/{ - s: ::g - p - }'`" - test x"${CPU}" != x && { echo "${CPU}-unknown-linux-gnu"; exit; } + eval `$CC_FOR_BUILD -E $dummy.c 2>/dev/null | grep '^CPU'` + test x"${CPU}" != x && { echo "${CPU}-unknown-linux-${LIBC}"; exit; } ;; - or32:Linux:*:*) - echo or32-unknown-linux-gnu + or1k:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; - ppc:Linux:*:*) - echo powerpc-unknown-linux-gnu + or32:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; - ppc64:Linux:*:*) - echo powerpc64-unknown-linux-gnu + padre:Linux:*:*) + echo sparc-unknown-linux-${LIBC} exit ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' < /proc/cpuinfo` in - EV5) UNAME_MACHINE=alphaev5 ;; - EV56) UNAME_MACHINE=alphaev56 ;; - PCA56) UNAME_MACHINE=alphapca56 ;; - PCA57) UNAME_MACHINE=alphapca56 ;; - EV6) UNAME_MACHINE=alphaev6 ;; - EV67) UNAME_MACHINE=alphaev67 ;; - EV68*) UNAME_MACHINE=alphaev68 ;; - esac - objdump --private-headers /bin/sh | grep ld.so.1 >/dev/null - if test "$?" = 0 ; then LIBC="libc1" ; else LIBC="" ; fi - echo ${UNAME_MACHINE}-unknown-linux-gnu${LIBC} + parisc64:Linux:*:* | hppa64:Linux:*:*) + echo hppa64-unknown-linux-${LIBC} exit ;; parisc:Linux:*:* | hppa:Linux:*:*) # Look for CPU level case `grep '^cpu[^a-z]*:' /proc/cpuinfo 2>/dev/null | cut -d' ' -f2` in - PA7*) echo hppa1.1-unknown-linux-gnu ;; - PA8*) echo hppa2.0-unknown-linux-gnu ;; - *) echo hppa-unknown-linux-gnu ;; + PA7*) echo hppa1.1-unknown-linux-${LIBC} ;; + PA8*) echo hppa2.0-unknown-linux-${LIBC} ;; + *) echo hppa-unknown-linux-${LIBC} ;; esac exit ;; - parisc64:Linux:*:* | hppa64:Linux:*:*) - echo hppa64-unknown-linux-gnu + ppc64:Linux:*:*) + echo powerpc64-unknown-linux-${LIBC} + exit ;; + ppc:Linux:*:*) + echo powerpc-unknown-linux-${LIBC} + exit ;; + ppc64le:Linux:*:*) + echo powerpc64le-unknown-linux-${LIBC} + exit ;; + ppcle:Linux:*:*) + echo powerpcle-unknown-linux-${LIBC} exit ;; s390:Linux:*:* | s390x:Linux:*:*) - echo ${UNAME_MACHINE}-ibm-linux + echo ${UNAME_MACHINE}-ibm-linux-${LIBC} exit ;; sh64*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sh*:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; sparc:Linux:*:* | sparc64:Linux:*:*) - echo ${UNAME_MACHINE}-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + tile*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; vax:Linux:*:*) - echo ${UNAME_MACHINE}-dec-linux-gnu + echo ${UNAME_MACHINE}-dec-linux-${LIBC} exit ;; x86_64:Linux:*:*) - echo x86_64-unknown-linux-gnu + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} + exit ;; + xtensa*:Linux:*:*) + echo ${UNAME_MACHINE}-unknown-linux-${LIBC} exit ;; - i*86:Linux:*:*) - # The BFD linker knows what the default object file format is, so - # first see if it will tell us. cd to the root directory to prevent - # problems with other programs or directories called `ld' in the path. - # Set LC_ALL=C to ensure ld outputs messages in English. - ld_supported_targets=`cd /; LC_ALL=C ld --help 2>&1 \ - | sed -ne '/supported targets:/!d - s/[ ][ ]*/ /g - s/.*supported targets: *// - s/ .*// - p'` - case "$ld_supported_targets" in - elf32-i386) - TENTATIVE="${UNAME_MACHINE}-pc-linux-gnu" - ;; - a.out-i386-linux) - echo "${UNAME_MACHINE}-pc-linux-gnuaout" - exit ;; - coff-i386) - echo "${UNAME_MACHINE}-pc-linux-gnucoff" - exit ;; - "") - # Either a pre-BFD a.out linker (linux-gnuoldld) or - # one that does not give us useful --help. - echo "${UNAME_MACHINE}-pc-linux-gnuoldld" - exit ;; - esac - # Determine whether the default compiler is a.out or elf - eval $set_cc_for_build - sed 's/^ //' << EOF >$dummy.c - #include - #ifdef __ELF__ - # ifdef __GLIBC__ - # if __GLIBC__ >= 2 - LIBC=gnu - # else - LIBC=gnulibc1 - # endif - # else - LIBC=gnulibc1 - # endif - #else - #if defined(__INTEL_COMPILER) || defined(__PGI) || defined(__SUNPRO_C) || defined(__SUNPRO_CC) - LIBC=gnu - #else - LIBC=gnuaout - #endif - #endif - #ifdef __dietlibc__ - LIBC=dietlibc - #endif -EOF - eval "`$CC_FOR_BUILD -E $dummy.c 2>/dev/null | sed -n ' - /^LIBC/{ - s: ::g - p - }'`" - test x"${LIBC}" != x && { - echo "${UNAME_MACHINE}-pc-linux-${LIBC}" - exit - } - test x"${TENTATIVE}" != x && { echo "${TENTATIVE}"; exit; } - ;; i*86:DYNIX/ptx:4*:*) # ptx 4.0 does uname -s correctly, with DYNIX/ptx in there. # earlier versions are messed up and put the nodename in both @@ -1020,11 +1032,11 @@ EOF echo i386-sequent-sysv4 exit ;; i*86:UNIX_SV:4.2MP:2.*) - # Unixware is an offshoot of SVR4, but it has its own version - # number series starting with 2... - # I am not positive that other SVR4 systems won't match this, + # Unixware is an offshoot of SVR4, but it has its own version + # number series starting with 2... + # I am not positive that other SVR4 systems won't match this, # I just have to hope. -- rms. - # Use sysv4.2uw... so that sysv4* matches it. + # Use sysv4.2uw... so that sysv4* matches it. echo ${UNAME_MACHINE}-pc-sysv4.2uw${UNAME_VERSION} exit ;; i*86:OS/2:*:*) @@ -1041,7 +1053,7 @@ EOF i*86:syllable:*:*) echo ${UNAME_MACHINE}-pc-syllable exit ;; - i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.0*:*) + i*86:LynxOS:2.*:* | i*86:LynxOS:3.[01]*:* | i*86:LynxOS:4.[02]*:*) echo i386-unknown-lynxos${UNAME_RELEASE} exit ;; i*86:*DOS:*:*) @@ -1056,7 +1068,7 @@ EOF fi exit ;; i*86:*:5:[678]*) - # UnixWare 7.x, OpenUNIX and OpenServer 6. + # UnixWare 7.x, OpenUNIX and OpenServer 6. case `/bin/uname -X | grep "^Machine"` in *486*) UNAME_MACHINE=i486 ;; *Pentium) UNAME_MACHINE=i586 ;; @@ -1084,10 +1096,13 @@ EOF exit ;; pc:*:*:*) # Left here for compatibility: - # uname -m prints for DJGPP always 'pc', but it prints nothing about - # the processor, so we play safe by assuming i386. - echo i386-pc-msdosdjgpp - exit ;; + # uname -m prints for DJGPP always 'pc', but it prints nothing about + # the processor, so we play safe by assuming i586. + # Note: whatever this is, it MUST be the same as what config.sub + # prints for the "djgpp" host, or else GDB configury will decide that + # this is a cross-build. + echo i586-pc-msdosdjgpp + exit ;; Intel:Mach:3*:*) echo i386-pc-mach3 exit ;; @@ -1122,8 +1137,18 @@ EOF /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; 3[34]??:*:4.0:* | 3[34]??,*:*:4.0:*) - /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ - && { echo i486-ncr-sysv4; exit; } ;; + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4; exit; } ;; + NCR*:*:4.2:* | MPRAS*:*:4.2:*) + OS_REL='.3' + test -r /etc/.relid \ + && OS_REL=.`sed -n 's/[^ ]* [^ ]* \([0-9][0-9]\).*/\1/p' < /etc/.relid` + /bin/uname -p 2>/dev/null | grep 86 >/dev/null \ + && { echo i486-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep entium >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } + /bin/uname -p 2>/dev/null | /bin/grep pteron >/dev/null \ + && { echo i586-ncr-sysv4.3${OS_REL}; exit; } ;; m68*:LynxOS:2.*:* | m68*:LynxOS:3.0*:*) echo m68k-unknown-lynxos${UNAME_RELEASE} exit ;; @@ -1136,7 +1161,7 @@ EOF rs6000:LynxOS:2.*:*) echo rs6000-unknown-lynxos${UNAME_RELEASE} exit ;; - PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.0*:*) + PowerPC:LynxOS:2.*:* | PowerPC:LynxOS:3.[01]*:* | PowerPC:LynxOS:4.[02]*:*) echo powerpc-unknown-lynxos${UNAME_RELEASE} exit ;; SM[BE]S:UNIX_SV:*:*) @@ -1156,10 +1181,10 @@ EOF echo ns32k-sni-sysv fi exit ;; - PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort - # says - echo i586-unisys-sysv4 - exit ;; + PENTIUM:*:4.0*:*) # Unisys `ClearPath HMP IX 4000' SVR4/MP effort + # says + echo i586-unisys-sysv4 + exit ;; *:UNIX_System_V:4*:FTX*) # From Gerald Hewes . # How about differentiating between stratus architectures? -djm @@ -1185,11 +1210,11 @@ EOF exit ;; R[34]000:*System_V*:*:* | R4000:UNIX_SYSV:*:* | R*000:UNIX_SV:*:*) if [ -d /usr/nec ]; then - echo mips-nec-sysv${UNAME_RELEASE} + echo mips-nec-sysv${UNAME_RELEASE} else - echo mips-unknown-sysv${UNAME_RELEASE} + echo mips-unknown-sysv${UNAME_RELEASE} fi - exit ;; + exit ;; BeBox:BeOS:*:*) # BeOS running on hardware made by Be, PPC only. echo powerpc-be-beos exit ;; @@ -1199,6 +1224,12 @@ EOF BePC:BeOS:*:*) # BeOS running on Intel PC compatible. echo i586-pc-beos exit ;; + BePC:Haiku:*:*) # Haiku running on Intel PC compatible. + echo i586-pc-haiku + exit ;; + x86_64:Haiku:*:*) + echo x86_64-unknown-haiku + exit ;; SX-4:SUPER-UX:*:*) echo sx4-nec-superux${UNAME_RELEASE} exit ;; @@ -1208,6 +1239,15 @@ EOF SX-6:SUPER-UX:*:*) echo sx6-nec-superux${UNAME_RELEASE} exit ;; + SX-7:SUPER-UX:*:*) + echo sx7-nec-superux${UNAME_RELEASE} + exit ;; + SX-8:SUPER-UX:*:*) + echo sx8-nec-superux${UNAME_RELEASE} + exit ;; + SX-8R:SUPER-UX:*:*) + echo sx8r-nec-superux${UNAME_RELEASE} + exit ;; Power*:Rhapsody:*:*) echo powerpc-apple-rhapsody${UNAME_RELEASE} exit ;; @@ -1216,9 +1256,31 @@ EOF exit ;; *:Darwin:*:*) UNAME_PROCESSOR=`uname -p` || UNAME_PROCESSOR=unknown - case $UNAME_PROCESSOR in - unknown) UNAME_PROCESSOR=powerpc ;; - esac + eval $set_cc_for_build + if test "$UNAME_PROCESSOR" = unknown ; then + UNAME_PROCESSOR=powerpc + fi + if test `echo "$UNAME_RELEASE" | sed -e 's/\..*//'` -le 10 ; then + if [ "$CC_FOR_BUILD" != 'no_compiler_found' ]; then + if (echo '#ifdef __LP64__'; echo IS_64BIT_ARCH; echo '#endif') | \ + (CCOPTS= $CC_FOR_BUILD -E - 2>/dev/null) | \ + grep IS_64BIT_ARCH >/dev/null + then + case $UNAME_PROCESSOR in + i386) UNAME_PROCESSOR=x86_64 ;; + powerpc) UNAME_PROCESSOR=powerpc64 ;; + esac + fi + fi + elif test "$UNAME_PROCESSOR" = i386 ; then + # Avoid executing cc on OS X 10.9, as it ships with a stub + # that puts up a graphical alert prompting to install + # developer tools. Any system running Mac OS X 10.7 or + # later (Darwin 11 and later) is required to have a 64-bit + # processor. This is not true of the ARM version of Darwin + # that Apple uses in portable devices. + UNAME_PROCESSOR=x86_64 + fi echo ${UNAME_PROCESSOR}-apple-darwin${UNAME_RELEASE} exit ;; *:procnto*:*:* | *:QNX:[0123456789]*:*) @@ -1232,7 +1294,10 @@ EOF *:QNX:*:4*) echo i386-pc-qnx exit ;; - NSE-?:NONSTOP_KERNEL:*:*) + NEO-?:NONSTOP_KERNEL:*:*) + echo neo-tandem-nsk${UNAME_RELEASE} + exit ;; + NSE-*:NONSTOP_KERNEL:*:*) echo nse-tandem-nsk${UNAME_RELEASE} exit ;; NSR-?:NONSTOP_KERNEL:*:*) @@ -1277,13 +1342,13 @@ EOF echo pdp10-unknown-its exit ;; SEI:*:*:SEIUX) - echo mips-sei-seiux${UNAME_RELEASE} + echo mips-sei-seiux${UNAME_RELEASE} exit ;; *:DragonFly:*:*) echo ${UNAME_MACHINE}-unknown-dragonfly`echo ${UNAME_RELEASE}|sed -e 's/[-(].*//'` exit ;; *:*VMS:*:*) - UNAME_MACHINE=`(uname -p) 2>/dev/null` + UNAME_MACHINE=`(uname -p) 2>/dev/null` case "${UNAME_MACHINE}" in A*) echo alpha-dec-vms ; exit ;; I*) echo ia64-dec-vms ; exit ;; @@ -1298,11 +1363,14 @@ EOF i*86:rdos:*:*) echo ${UNAME_MACHINE}-pc-rdos exit ;; + i*86:AROS:*:*) + echo ${UNAME_MACHINE}-pc-aros + exit ;; + x86_64:VMkernel:*:*) + echo ${UNAME_MACHINE}-unknown-esx + exit ;; esac -#echo '(No uname command or uname output not recognized.)' 1>&2 -#echo "${UNAME_MACHINE}:${UNAME_SYSTEM}:${UNAME_RELEASE}:${UNAME_VERSION}" 1>&2 - eval $set_cc_for_build cat >$dummy.c < printf ("m68k-sony-newsos%s\n", #ifdef NEWSOS4 - "4" + "4" #else - "" + "" #endif - ); exit (0); + ); exit (0); #endif #endif @@ -1458,9 +1526,9 @@ This script, last modified $timestamp, has failed to recognize the operating system you are using. It is advised that you download the most up to date version of the config scripts from - http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.guess + http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD and - http://savannah.gnu.org/cgi-bin/viewcvs/*checkout*/config/config/config.sub + http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD If the version you run ($0) is already up to date, please send the following data and any information you think might be diff --git a/FreeRTOS-Plus/Source/CyaSSL/config/config.sub b/FreeRTOS-Plus/Source/CyaSSL/build-aux/config.sub similarity index 81% rename from FreeRTOS-Plus/Source/CyaSSL/config/config.sub rename to FreeRTOS-Plus/Source/CyaSSL/build-aux/config.sub index fab0aa355..61cb4bc22 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/config/config.sub +++ b/FreeRTOS-Plus/Source/CyaSSL/build-aux/config.sub @@ -1,44 +1,40 @@ #! /bin/sh # Configuration validation subroutine script. -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, -# 2000, 2001, 2002, 2003, 2004, 2005, 2006 Free Software Foundation, -# Inc. +# Copyright 1992-2013 Free Software Foundation, Inc. -timestamp='2006-09-20' +timestamp='2013-10-01' -# This file is (in principle) common to ALL GNU software. -# The presence of a machine in this file suggests that SOME GNU software -# can handle that machine. It does not imply ALL GNU software can. -# -# This file is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2 of the License, or +# This file is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 3 of the License, or # (at your option) any later version. # -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +# General Public License for more details. # # You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street - Fifth Floor, Boston, MA -# 02110-1301, USA. +# along with this program; if not, see . # # As a special exception to the GNU General Public License, if you # distribute this file as part of a program that contains a # configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. +# the same distribution terms that you use for the rest of that +# program. This Exception is an additional permission under section 7 +# of the GNU General Public License, version 3 ("GPLv3"). -# Please send patches to . Submit a context -# diff and a properly formatted ChangeLog entry. +# Please send patches with a ChangeLog entry to config-patches@gnu.org. # # Configuration subroutine to validate and canonicalize a configuration type. # Supply the specified configuration type as an argument. # If it is invalid, we print an error message on stderr and exit with code 1. # Otherwise, we print the canonical config type on stdout and succeed. +# You can get the latest version of this script from: +# http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD + # This file is supposed to be the same for all GNU packages # and recognize all the CPU types, system types and aliases # that are meaningful with *any* GNU software. @@ -72,8 +68,7 @@ Report bugs and patches to ." version="\ GNU config.sub ($timestamp) -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005 -Free Software Foundation, Inc. +Copyright 1992-2013 Free Software Foundation, Inc. This is free software; see the source for copying conditions. There is NO warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE." @@ -120,12 +115,18 @@ esac # Here we must recognize all the valid KERNEL-OS combinations. maybe_os=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\2/'` case $maybe_os in - nto-qnx* | linux-gnu* | linux-dietlibc | linux-newlib* | linux-uclibc* | \ - uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | knetbsd*-gnu* | netbsd*-gnu* | \ + nto-qnx* | linux-gnu* | linux-android* | linux-dietlibc | linux-newlib* | \ + linux-musl* | linux-uclibc* | uclinux-uclibc* | uclinux-gnu* | kfreebsd*-gnu* | \ + knetbsd*-gnu* | netbsd*-gnu* | \ + kopensolaris*-gnu* | \ storm-chaos* | os2-emx* | rtmk-nova*) os=-$maybe_os basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'` ;; + android-linux) + os=-linux-android + basic_machine=`echo $1 | sed 's/^\(.*\)-\([^-]*-[^-]*\)$/\1/'`-unknown + ;; *) basic_machine=`echo $1 | sed 's/-[^-]*$//'` if [ $basic_machine != $1 ] @@ -148,10 +149,13 @@ case $os in -convergent* | -ncr* | -news | -32* | -3600* | -3100* | -hitachi* |\ -c[123]* | -convex* | -sun | -crds | -omron* | -dg | -ultra | -tti* | \ -harris | -dolphin | -highlevel | -gould | -cbm | -ns | -masscomp | \ - -apple | -axis | -knuth | -cray) + -apple | -axis | -knuth | -cray | -microblaze*) os= basic_machine=$1 ;; + -bluegene*) + os=-cnk + ;; -sim | -cisco | -oki | -wec | -winbond) os= basic_machine=$1 @@ -166,10 +170,10 @@ case $os in os=-chorusos basic_machine=$1 ;; - -chorusrdb) - os=-chorusrdb + -chorusrdb) + os=-chorusrdb basic_machine=$1 - ;; + ;; -hiux*) os=-hiuxwe2 ;; @@ -214,6 +218,12 @@ case $os in -isc*) basic_machine=`echo $1 | sed -e 's/86-.*/86-pc/'` ;; + -lynx*178) + os=-lynxos178 + ;; + -lynx*5) + os=-lynxos5 + ;; -lynx*) os=-lynxos ;; @@ -238,24 +248,35 @@ case $basic_machine in # Some are omitted here because they have special meanings below. 1750a | 580 \ | a29k \ + | aarch64 | aarch64_be \ | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] | alphapca5[67] \ | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] | alpha64pca5[67] \ | am33_2.0 \ - | arc | arm | arm[bl]e | arme[lb] | armv[2345] | armv[345][lb] | avr | avr32 \ + | arc | arceb \ + | arm | arm[bl]e | arme[lb] | armv[2-8] | armv[3-8][lb] | armv7[arm] \ + | avr | avr32 \ + | be32 | be64 \ | bfin \ - | c4x | clipper \ + | c4x | c8051 | clipper \ | d10v | d30v | dlx | dsp16xx \ - | fr30 | frv \ + | epiphany \ + | fido | fr30 | frv \ | h8300 | h8500 | hppa | hppa1.[01] | hppa2.0 | hppa2.0[nw] | hppa64 \ + | hexagon \ | i370 | i860 | i960 | ia64 \ | ip2k | iq2000 \ + | k1om \ + | le32 | le64 \ + | lm32 \ | m32c | m32r | m32rle | m68000 | m68k | m88k \ - | maxq | mb | microblaze | mcore \ + | maxq | mb | microblaze | microblazeel | mcore | mep | metag \ | mips | mipsbe | mipseb | mipsel | mipsle \ | mips16 \ | mips64 | mips64el \ - | mips64vr | mips64vrel \ + | mips64octeon | mips64octeonel \ | mips64orion | mips64orionel \ + | mips64r5900 | mips64r5900el \ + | mips64vr | mips64vrel \ | mips64vr4100 | mips64vr4100el \ | mips64vr4300 | mips64vr4300el \ | mips64vr5000 | mips64vr5000el \ @@ -266,31 +287,45 @@ case $basic_machine in | mipsisa64r2 | mipsisa64r2el \ | mipsisa64sb1 | mipsisa64sb1el \ | mipsisa64sr71k | mipsisa64sr71kel \ + | mipsr5900 | mipsr5900el \ | mipstx39 | mipstx39el \ | mn10200 | mn10300 \ + | moxie \ | mt \ | msp430 \ - | nios | nios2 \ + | nds32 | nds32le | nds32be \ + | nios | nios2 | nios2eb | nios2el \ | ns16k | ns32k \ - | or32 \ + | open8 \ + | or1k | or32 \ | pdp10 | pdp11 | pj | pjl \ - | powerpc | powerpc64 | powerpc64le | powerpcle | ppcbe \ + | powerpc | powerpc64 | powerpc64le | powerpcle \ | pyramid \ + | rl78 | rx \ | score \ - | sh | sh[1234] | sh[24]a | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ + | sh | sh[1234] | sh[24]a | sh[24]aeb | sh[23]e | sh[34]eb | sheb | shbe | shle | sh[1234]le | sh3ele \ | sh64 | sh64le \ | sparc | sparc64 | sparc64b | sparc64v | sparc86x | sparclet | sparclite \ | sparcv8 | sparcv9 | sparcv9b | sparcv9v \ - | spu | strongarm \ - | tahoe | thumb | tic4x | tic80 | tron \ - | v850 | v850e \ + | spu \ + | tahoe | tic4x | tic54x | tic55x | tic6x | tic80 | tron \ + | ubicom32 \ + | v850 | v850e | v850e1 | v850e2 | v850es | v850e2v3 \ | we32k \ - | x86 | xc16x | xscale | xscalee[bl] | xstormy16 | xtensa \ - | z8k) + | x86 | xc16x | xstormy16 | xtensa \ + | z8k | z80) basic_machine=$basic_machine-unknown ;; - m6811 | m68hc11 | m6812 | m68hc12) - # Motorola 68HC11/12. + c54x) + basic_machine=tic54x-unknown + ;; + c55x) + basic_machine=tic55x-unknown + ;; + c6x) + basic_machine=tic6x-unknown + ;; + m6811 | m68hc11 | m6812 | m68hc12 | m68hcs12x | nvptx | picochip) basic_machine=$basic_machine-unknown os=-none ;; @@ -300,6 +335,21 @@ case $basic_machine in basic_machine=mt-unknown ;; + strongarm | thumb | xscale) + basic_machine=arm-unknown + ;; + xgate) + basic_machine=$basic_machine-unknown + os=-none + ;; + xscaleeb) + basic_machine=armeb-unknown + ;; + + xscaleel) + basic_machine=armel-unknown + ;; + # We use `pc' rather than `unknown' # because (1) that's what they normally are, and # (2) the word "unknown" tends to confuse beginning users. @@ -314,29 +364,38 @@ case $basic_machine in # Recognize the basic CPU types with company name. 580-* \ | a29k-* \ + | aarch64-* | aarch64_be-* \ | alpha-* | alphaev[4-8]-* | alphaev56-* | alphaev6[78]-* \ | alpha64-* | alpha64ev[4-8]-* | alpha64ev56-* | alpha64ev6[78]-* \ - | alphapca5[67]-* | alpha64pca5[67]-* | arc-* \ + | alphapca5[67]-* | alpha64pca5[67]-* | arc-* | arceb-* \ | arm-* | armbe-* | armle-* | armeb-* | armv*-* \ | avr-* | avr32-* \ + | be32-* | be64-* \ | bfin-* | bs2000-* \ - | c[123]* | c30-* | [cjt]90-* | c4x-* | c54x-* | c55x-* | c6x-* \ - | clipper-* | craynv-* | cydra-* \ + | c[123]* | c30-* | [cjt]90-* | c4x-* \ + | c8051-* | clipper-* | craynv-* | cydra-* \ | d10v-* | d30v-* | dlx-* \ | elxsi-* \ - | f30[01]-* | f700-* | fr30-* | frv-* | fx80-* \ + | f30[01]-* | f700-* | fido-* | fr30-* | frv-* | fx80-* \ | h8300-* | h8500-* \ | hppa-* | hppa1.[01]-* | hppa2.0-* | hppa2.0[nw]-* | hppa64-* \ + | hexagon-* \ | i*86-* | i860-* | i960-* | ia64-* \ | ip2k-* | iq2000-* \ + | k1om-* \ + | le32-* | le64-* \ + | lm32-* \ | m32c-* | m32r-* | m32rle-* \ | m68000-* | m680[012346]0-* | m68360-* | m683?2-* | m68k-* \ - | m88110-* | m88k-* | maxq-* | mcore-* \ + | m88110-* | m88k-* | maxq-* | mcore-* | metag-* \ + | microblaze-* | microblazeel-* \ | mips-* | mipsbe-* | mipseb-* | mipsel-* | mipsle-* \ | mips16-* \ | mips64-* | mips64el-* \ - | mips64vr-* | mips64vrel-* \ + | mips64octeon-* | mips64octeonel-* \ | mips64orion-* | mips64orionel-* \ + | mips64r5900-* | mips64r5900el-* \ + | mips64vr-* | mips64vrel-* \ | mips64vr4100-* | mips64vr4100el-* \ | mips64vr4300-* | mips64vr4300el-* \ | mips64vr5000-* | mips64vr5000el-* \ @@ -347,31 +406,41 @@ case $basic_machine in | mipsisa64r2-* | mipsisa64r2el-* \ | mipsisa64sb1-* | mipsisa64sb1el-* \ | mipsisa64sr71k-* | mipsisa64sr71kel-* \ + | mipsr5900-* | mipsr5900el-* \ | mipstx39-* | mipstx39el-* \ | mmix-* \ | mt-* \ | msp430-* \ - | nios-* | nios2-* \ + | nds32-* | nds32le-* | nds32be-* \ + | nios-* | nios2-* | nios2eb-* | nios2el-* \ | none-* | np1-* | ns16k-* | ns32k-* \ + | open8-* \ | orion-* \ | pdp10-* | pdp11-* | pj-* | pjl-* | pn-* | power-* \ - | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* | ppcbe-* \ + | powerpc-* | powerpc64-* | powerpc64le-* | powerpcle-* \ | pyramid-* \ - | romp-* | rs6000-* \ - | sh-* | sh[1234]-* | sh[24]a-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ + | rl78-* | romp-* | rs6000-* | rx-* \ + | sh-* | sh[1234]-* | sh[24]a-* | sh[24]aeb-* | sh[23]e-* | sh[34]eb-* | sheb-* | shbe-* \ | shle-* | sh[1234]le-* | sh3ele-* | sh64-* | sh64le-* \ | sparc-* | sparc64-* | sparc64b-* | sparc64v-* | sparc86x-* | sparclet-* \ | sparclite-* \ - | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | strongarm-* | sv1-* | sx?-* \ - | tahoe-* | thumb-* \ + | sparcv8-* | sparcv9-* | sparcv9b-* | sparcv9v-* | sv1-* | sx?-* \ + | tahoe-* \ | tic30-* | tic4x-* | tic54x-* | tic55x-* | tic6x-* | tic80-* \ + | tile*-* \ | tron-* \ - | v850-* | v850e-* | vax-* \ + | ubicom32-* \ + | v850-* | v850e-* | v850e1-* | v850es-* | v850e2-* | v850e2v3-* \ + | vax-* \ | we32k-* \ - | x86-* | x86_64-* | xc16x-* | xps100-* | xscale-* | xscalee[bl]-* \ - | xstormy16-* | xtensa-* \ + | x86-* | x86_64-* | xc16x-* | xps100-* \ + | xstormy16-* | xtensa*-* \ | ymp-* \ - | z8k-*) + | z8k-* | z80-*) + ;; + # Recognize the basic CPU types without company name, with glob match. + xtensa*) + basic_machine=$basic_machine-unknown ;; # Recognize the various machine names and aliases which stand # for a CPU type and a company and sometimes even an OS. @@ -389,7 +458,7 @@ case $basic_machine in basic_machine=a29k-amd os=-udi ;; - abacus) + abacus) basic_machine=abacus-unknown ;; adobe68k) @@ -435,6 +504,10 @@ case $basic_machine in basic_machine=m68k-apollo os=-bsd ;; + aros) + basic_machine=i386-pc + os=-aros + ;; aux) basic_machine=m68k-apple os=-aux @@ -443,10 +516,35 @@ case $basic_machine in basic_machine=ns32k-sequent os=-dynix ;; + blackfin) + basic_machine=bfin-unknown + os=-linux + ;; + blackfin-*) + basic_machine=bfin-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; + bluegene*) + basic_machine=powerpc-ibm + os=-cnk + ;; + c54x-*) + basic_machine=tic54x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + c55x-*) + basic_machine=tic55x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; + c6x-*) + basic_machine=tic6x-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; c90) basic_machine=c90-cray os=-unicos ;; + cegcc) + basic_machine=arm-unknown + os=-cegcc + ;; convex-c1) basic_machine=c1-convex os=-bsd @@ -475,8 +573,8 @@ case $basic_machine in basic_machine=craynv-cray os=-unicosmp ;; - cr16c) - basic_machine=cr16c-unknown + cr16 | cr16-*) + basic_machine=cr16-unknown os=-elf ;; crds | unos) @@ -514,6 +612,10 @@ case $basic_machine in basic_machine=m88k-motorola os=-sysv3 ;; + dicos) + basic_machine=i686-pc + os=-dicos + ;; djgpp) basic_machine=i586-pc os=-msdosdjgpp @@ -629,7 +731,6 @@ case $basic_machine in i370-ibm* | ibm*) basic_machine=i370-ibm ;; -# I'm not sure what "Sysv32" means. Should this be sysv3.2? i*86v32) basic_machine=`echo $1 | sed -e 's/86.*/86-pc/'` os=-sysv32 @@ -668,6 +769,14 @@ case $basic_machine in basic_machine=m68k-isi os=-sysv ;; + m68knommu) + basic_machine=m68k-unknown + os=-linux + ;; + m68knommu-*) + basic_machine=m68k-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; m88k-omron*) basic_machine=m88k-omron ;; @@ -679,10 +788,21 @@ case $basic_machine in basic_machine=ns32k-utek os=-sysv ;; + microblaze*) + basic_machine=microblaze-xilinx + ;; + mingw64) + basic_machine=x86_64-pc + os=-mingw64 + ;; mingw32) - basic_machine=i386-pc + basic_machine=i686-pc os=-mingw32 ;; + mingw32ce) + basic_machine=arm-unknown + os=-mingw32ce + ;; miniframe) basic_machine=m68000-convergent ;; @@ -711,10 +831,18 @@ case $basic_machine in ms1-*) basic_machine=`echo $basic_machine | sed -e 's/ms1-/mt-/'` ;; + msys) + basic_machine=i686-pc + os=-msys + ;; mvs) basic_machine=i370-ibm os=-mvs ;; + nacl) + basic_machine=le32-unknown + os=-nacl + ;; ncr3000) basic_machine=i486-ncr os=-sysv4 @@ -779,6 +907,12 @@ case $basic_machine in np1) basic_machine=np1-gould ;; + neo-tandem) + basic_machine=neo-tandem + ;; + nse-tandem) + basic_machine=nse-tandem + ;; nsr-tandem) basic_machine=nsr-tandem ;; @@ -809,6 +943,14 @@ case $basic_machine in basic_machine=i860-intel os=-osf ;; + parisc) + basic_machine=hppa-unknown + os=-linux + ;; + parisc-*) + basic_machine=hppa-`echo $basic_machine | sed 's/^[^-]*-//'` + os=-linux + ;; pbd) basic_machine=sparc-tti ;; @@ -853,9 +995,10 @@ case $basic_machine in ;; power) basic_machine=power-ibm ;; - ppc) basic_machine=powerpc-unknown + ppc | ppcbe) basic_machine=powerpc-unknown ;; - ppc-*) basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` + ppc-* | ppcbe-*) + basic_machine=powerpc-`echo $basic_machine | sed 's/^[^-]*-//'` ;; ppcle | powerpclittle | ppc-le | powerpc-little) basic_machine=powerpcle-unknown @@ -880,7 +1023,11 @@ case $basic_machine in basic_machine=i586-unknown os=-pw32 ;; - rdos) + rdos | rdos64) + basic_machine=x86_64-pc + os=-rdos + ;; + rdos32) basic_machine=i386-pc os=-rdos ;; @@ -925,6 +1072,9 @@ case $basic_machine in basic_machine=sh-hitachi os=-hms ;; + sh5el) + basic_machine=sh5le-unknown + ;; sh64) basic_machine=sh64-unknown ;; @@ -946,6 +1096,9 @@ case $basic_machine in basic_machine=i860-stratus os=-sysv4 ;; + strongarm-* | thumb-*) + basic_machine=arm-`echo $basic_machine | sed 's/^[^-]*-//'` + ;; sun2) basic_machine=m68000-sun ;; @@ -1002,17 +1155,9 @@ case $basic_machine in basic_machine=t90-cray os=-unicos ;; - tic54x | c54x*) - basic_machine=tic54x-unknown - os=-coff - ;; - tic55x | c55x*) - basic_machine=tic55x-unknown - os=-coff - ;; - tic6x | c6x*) - basic_machine=tic6x-unknown - os=-coff + tile*) + basic_machine=$basic_machine-unknown + os=-linux-gnu ;; tx39) basic_machine=mipstx39-unknown @@ -1081,6 +1226,9 @@ case $basic_machine in xps | xps100) basic_machine=xps100-honeywell ;; + xscale-* | xscalee[bl]-*) + basic_machine=`echo $basic_machine | sed 's/^xscale/arm/'` + ;; ymp) basic_machine=ymp-cray os=-unicos @@ -1089,6 +1237,10 @@ case $basic_machine in basic_machine=z8k-unknown os=-sim ;; + z80-*-coff) + basic_machine=z80-unknown + os=-sim + ;; none) basic_machine=none-none os=-none @@ -1127,7 +1279,7 @@ case $basic_machine in we32k) basic_machine=we32k-att ;; - sh[1234] | sh[24]a | sh[34]eb | sh[1234]le | sh[23]ele) + sh[1234] | sh[24]a | sh[24]aeb | sh[34]eb | sh[1234]le | sh[23]ele) basic_machine=sh-unknown ;; sparc | sparcv8 | sparcv9 | sparcv9b | sparcv9v) @@ -1174,9 +1326,12 @@ esac if [ x"$os" != x"" ] then case $os in - # First match some system type aliases - # that might get confused with valid system types. + # First match some system type aliases + # that might get confused with valid system types. # -solaris* is a basic system type, with this one exception. + -auroraux) + os=-auroraux + ;; -solaris1 | -solaris1.*) os=`echo $os | sed -e 's|solaris1|sunos4|'` ;; @@ -1197,21 +1352,23 @@ case $os in # Each alternative MUST END IN A *, to match a version number. # -sysv* is not here because it comes later, after sysvr4. -gnu* | -bsd* | -mach* | -minix* | -genix* | -ultrix* | -irix* \ - | -*vms* | -sco* | -esix* | -isc* | -aix* | -sunos | -sunos[34]*\ - | -hpux* | -unos* | -osf* | -luna* | -dgux* | -solaris* | -sym* \ + | -*vms* | -sco* | -esix* | -isc* | -aix* | -cnk* | -sunos | -sunos[34]*\ + | -hpux* | -unos* | -osf* | -luna* | -dgux* | -auroraux* | -solaris* \ + | -sym* | -kopensolaris* | -plan9* \ | -amigaos* | -amigados* | -msdos* | -newsos* | -unicos* | -aof* \ - | -aos* \ + | -aos* | -aros* \ | -nindy* | -vxsim* | -vxworks* | -ebmon* | -hms* | -mvs* \ | -clix* | -riscos* | -uniplus* | -iris* | -rtu* | -xenix* \ | -hiux* | -386bsd* | -knetbsd* | -mirbsd* | -netbsd* \ - | -openbsd* | -solidbsd* \ + | -bitrig* | -openbsd* | -solidbsd* \ | -ekkobsd* | -kfreebsd* | -freebsd* | -riscix* | -lynxos* \ | -bosx* | -nextstep* | -cxux* | -aout* | -elf* | -oabi* \ | -ptx* | -coff* | -ecoff* | -winnt* | -domain* | -vsta* \ | -udi* | -eabi* | -lites* | -ieee* | -go32* | -aux* \ - | -chorusos* | -chorusrdb* \ - | -cygwin* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ - | -mingw32* | -linux-gnu* | -linux-newlib* | -linux-uclibc* \ + | -chorusos* | -chorusrdb* | -cegcc* \ + | -cygwin* | -msys* | -pe* | -psos* | -moss* | -proelf* | -rtems* \ + | -mingw32* | -mingw64* | -linux-gnu* | -linux-android* \ + | -linux-newlib* | -linux-musl* | -linux-uclibc* \ | -uxpv* | -beos* | -mpeix* | -udk* \ | -interix* | -uwin* | -mks* | -rhapsody* | -darwin* | -opened* \ | -openstep* | -oskit* | -conix* | -pw32* | -nonstopux* \ @@ -1219,7 +1376,7 @@ case $os in | -os2* | -vos* | -palmos* | -uclinux* | -nucleus* \ | -morphos* | -superux* | -rtmk* | -rtmk-nova* | -windiss* \ | -powermax* | -dnix* | -nx6 | -nx7 | -sei* | -dragonfly* \ - | -skyos* | -haiku* | -rdos* | -toppers*) + | -skyos* | -haiku* | -rdos* | -toppers* | -drops* | -es*) # Remember, each alternative MUST END IN *, to match a version number. ;; -qnx*) @@ -1258,7 +1415,7 @@ case $os in -opened*) os=-openedition ;; - -os400*) + -os400*) os=-os400 ;; -wince*) @@ -1307,7 +1464,7 @@ case $os in -sinix*) os=-sysv4 ;; - -tpf*) + -tpf*) os=-tpf ;; -triton*) @@ -1343,12 +1500,14 @@ case $os in -aros*) os=-aros ;; - -kaos*) - os=-kaos - ;; -zvmoe) os=-zvmoe ;; + -dicos*) + os=-dicos + ;; + -nacl*) + ;; -none) ;; *) @@ -1371,10 +1530,10 @@ else # system, and we'll never get to this point. case $basic_machine in - score-*) + score-*) os=-elf ;; - spu-*) + spu-*) os=-elf ;; *-acorn) @@ -1386,8 +1545,23 @@ case $basic_machine in arm*-semi) os=-aout ;; - c4x-* | tic4x-*) - os=-coff + c4x-* | tic4x-*) + os=-coff + ;; + c8051-*) + os=-elf + ;; + hexagon-*) + os=-elf + ;; + tic54x-*) + os=-coff + ;; + tic55x-*) + os=-coff + ;; + tic6x-*) + os=-coff ;; # This must come before the *-dec entry. pdp10-*) @@ -1407,19 +1581,22 @@ case $basic_machine in ;; m68000-sun) os=-sunos3 - # This also exists in the configure program, but was not the - # default. - # os=-sunos4 ;; m68*-cisco) os=-aout ;; + mep-*) + os=-elf + ;; mips*-cisco) os=-elf ;; mips*-*) os=-elf ;; + or1k-*) + os=-elf + ;; or32-*) os=-coff ;; @@ -1438,7 +1615,7 @@ case $basic_machine in *-ibm) os=-aix ;; - *-knuth) + *-knuth) os=-mmixware ;; *-wec) @@ -1543,7 +1720,7 @@ case $basic_machine in -sunos*) vendor=sun ;; - -aix*) + -cnk*|-aix*) vendor=ibm ;; -beos*) diff --git a/FreeRTOS-Plus/Source/CyaSSL/build-aux/depcomp b/FreeRTOS-Plus/Source/CyaSSL/build-aux/depcomp new file mode 100644 index 000000000..4ebd5b3a2 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/build-aux/depcomp @@ -0,0 +1,791 @@ +#! /bin/sh +# depcomp - compile a program generating dependencies as side-effects + +scriptversion=2013-05-30.07; # UTC + +# Copyright (C) 1999-2013 Free Software Foundation, Inc. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# Originally written by Alexandre Oliva . + +case $1 in + '') + echo "$0: No command. Try '$0 --help' for more information." 1>&2 + exit 1; + ;; + -h | --h*) + cat <<\EOF +Usage: depcomp [--help] [--version] PROGRAM [ARGS] + +Run PROGRAMS ARGS to compile a file, generating dependencies +as side-effects. + +Environment variables: + depmode Dependency tracking mode. + source Source file read by 'PROGRAMS ARGS'. + object Object file output by 'PROGRAMS ARGS'. + DEPDIR directory where to store dependencies. + depfile Dependency file to output. + tmpdepfile Temporary file to use when outputting dependencies. + libtool Whether libtool is used (yes/no). + +Report bugs to . +EOF + exit $? + ;; + -v | --v*) + echo "depcomp $scriptversion" + exit $? + ;; +esac + +# Get the directory component of the given path, and save it in the +# global variables '$dir'. Note that this directory component will +# be either empty or ending with a '/' character. This is deliberate. +set_dir_from () +{ + case $1 in + */*) dir=`echo "$1" | sed -e 's|/[^/]*$|/|'`;; + *) dir=;; + esac +} + +# Get the suffix-stripped basename of the given path, and save it the +# global variable '$base'. +set_base_from () +{ + base=`echo "$1" | sed -e 's|^.*/||' -e 's/\.[^.]*$//'` +} + +# If no dependency file was actually created by the compiler invocation, +# we still have to create a dummy depfile, to avoid errors with the +# Makefile "include basename.Plo" scheme. +make_dummy_depfile () +{ + echo "#dummy" > "$depfile" +} + +# Factor out some common post-processing of the generated depfile. +# Requires the auxiliary global variable '$tmpdepfile' to be set. +aix_post_process_depfile () +{ + # If the compiler actually managed to produce a dependency file, + # post-process it. + if test -f "$tmpdepfile"; then + # Each line is of the form 'foo.o: dependency.h'. + # Do two passes, one to just change these to + # $object: dependency.h + # and one to simply output + # dependency.h: + # which is needed to avoid the deleted-header problem. + { sed -e "s,^.*\.[$lower]*:,$object:," < "$tmpdepfile" + sed -e "s,^.*\.[$lower]*:[$tab ]*,," -e 's,$,:,' < "$tmpdepfile" + } > "$depfile" + rm -f "$tmpdepfile" + else + make_dummy_depfile + fi +} + +# A tabulation character. +tab=' ' +# A newline character. +nl=' +' +# Character ranges might be problematic outside the C locale. +# These definitions help. +upper=ABCDEFGHIJKLMNOPQRSTUVWXYZ +lower=abcdefghijklmnopqrstuvwxyz +digits=0123456789 +alpha=${upper}${lower} + +if test -z "$depmode" || test -z "$source" || test -z "$object"; then + echo "depcomp: Variables source, object and depmode must be set" 1>&2 + exit 1 +fi + +# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. +depfile=${depfile-`echo "$object" | + sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} +tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} + +rm -f "$tmpdepfile" + +# Avoid interferences from the environment. +gccflag= dashmflag= + +# Some modes work just like other modes, but use different flags. We +# parameterize here, but still list the modes in the big case below, +# to make depend.m4 easier to write. Note that we *cannot* use a case +# here, because this file can only contain one case statement. +if test "$depmode" = hp; then + # HP compiler uses -M and no extra arg. + gccflag=-M + depmode=gcc +fi + +if test "$depmode" = dashXmstdout; then + # This is just like dashmstdout with a different argument. + dashmflag=-xM + depmode=dashmstdout +fi + +cygpath_u="cygpath -u -f -" +if test "$depmode" = msvcmsys; then + # This is just like msvisualcpp but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u='sed s,\\\\,/,g' + depmode=msvisualcpp +fi + +if test "$depmode" = msvc7msys; then + # This is just like msvc7 but w/o cygpath translation. + # Just convert the backslash-escaped backslashes to single forward + # slashes to satisfy depend.m4 + cygpath_u='sed s,\\\\,/,g' + depmode=msvc7 +fi + +if test "$depmode" = xlc; then + # IBM C/C++ Compilers xlc/xlC can output gcc-like dependency information. + gccflag=-qmakedep=gcc,-MF + depmode=gcc +fi + +case "$depmode" in +gcc3) +## gcc 3 implements dependency tracking that does exactly what +## we want. Yay! Note: for some reason libtool 1.4 doesn't like +## it if -MD -MP comes after the -MF stuff. Hmm. +## Unfortunately, FreeBSD c89 acceptance of flags depends upon +## the command line argument order; so add the flags where they +## appear in depend2.am. Note that the slowdown incurred here +## affects only configure: in makefiles, %FASTDEP% shortcuts this. + for arg + do + case $arg in + -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; + *) set fnord "$@" "$arg" ;; + esac + shift # fnord + shift # $arg + done + "$@" + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + mv "$tmpdepfile" "$depfile" + ;; + +gcc) +## Note that this doesn't just cater to obsosete pre-3.x GCC compilers. +## but also to in-use compilers like IMB xlc/xlC and the HP C compiler. +## (see the conditional assignment to $gccflag above). +## There are various ways to get dependency output from gcc. Here's +## why we pick this rather obscure method: +## - Don't want to use -MD because we'd like the dependencies to end +## up in a subdir. Having to rename by hand is ugly. +## (We might end up doing this anyway to support other compilers.) +## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like +## -MM, not -M (despite what the docs say). Also, it might not be +## supported by the other compilers which use the 'gcc' depmode. +## - Using -M directly means running the compiler twice (even worse +## than renaming). + if test -z "$gccflag"; then + gccflag=-MD, + fi + "$@" -Wp,"$gccflag$tmpdepfile" + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + echo "$object : \\" > "$depfile" + # The second -e expression handles DOS-style file names with drive + # letters. + sed -e 's/^[^:]*: / /' \ + -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" +## This next piece of magic avoids the "deleted header file" problem. +## The problem is that when a header file which appears in a .P file +## is deleted, the dependency causes make to die (because there is +## typically no way to rebuild the header). We avoid this by adding +## dummy dependencies for each header file. Too bad gcc doesn't do +## this for us directly. +## Some versions of gcc put a space before the ':'. On the theory +## that the space means something, we add a space to the output as +## well. hp depmode also adds that space, but also prefixes the VPATH +## to the object. Take care to not repeat it in the output. +## Some versions of the HPUX 10.20 sed can't process this invocation +## correctly. Breaking it into two sed invocations is a workaround. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^\\$//' -e '/^$/d' -e "s|.*$object$||" -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +hp) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +sgi) + if test "$libtool" = yes; then + "$@" "-Wp,-MDupdate,$tmpdepfile" + else + "$@" -MDupdate "$tmpdepfile" + fi + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + + if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files + echo "$object : \\" > "$depfile" + # Clip off the initial element (the dependent). Don't try to be + # clever and replace this with sed code, as IRIX sed won't handle + # lines with more than a fixed number of characters (4096 in + # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; + # the IRIX cc adds comments like '#:fec' to the end of the + # dependency line. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' \ + | tr "$nl" ' ' >> "$depfile" + echo >> "$depfile" + # The second pass generates a dummy entry for each header file. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ + >> "$depfile" + else + make_dummy_depfile + fi + rm -f "$tmpdepfile" + ;; + +xlc) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +aix) + # The C for AIX Compiler uses -M and outputs the dependencies + # in a .u file. In older versions, this file always lives in the + # current directory. Also, the AIX compiler puts '$object:' at the + # start of each line; $object doesn't have directory information. + # Version 6 uses the directory in both cases. + set_dir_from "$object" + set_base_from "$object" + if test "$libtool" = yes; then + tmpdepfile1=$dir$base.u + tmpdepfile2=$base.u + tmpdepfile3=$dir.libs/$base.u + "$@" -Wc,-M + else + tmpdepfile1=$dir$base.u + tmpdepfile2=$dir$base.u + tmpdepfile3=$dir$base.u + "$@" -M + fi + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + aix_post_process_depfile + ;; + +tcc) + # tcc (Tiny C Compiler) understand '-MD -MF file' since version 0.9.26 + # FIXME: That version still under development at the moment of writing. + # Make that this statement remains true also for stable, released + # versions. + # It will wrap lines (doesn't matter whether long or short) with a + # trailing '\', as in: + # + # foo.o : \ + # foo.c \ + # foo.h \ + # + # It will put a trailing '\' even on the last line, and will use leading + # spaces rather than leading tabs (at least since its commit 0394caf7 + # "Emit spaces for -MD"). + "$@" -MD -MF "$tmpdepfile" + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + # Each non-empty line is of the form 'foo.o : \' or ' dep.h \'. + # We have to change lines of the first kind to '$object: \'. + sed -e "s|.*:|$object :|" < "$tmpdepfile" > "$depfile" + # And for each line of the second kind, we have to emit a 'dep.h:' + # dummy dependency, to avoid the deleted-header problem. + sed -n -e 's|^ *\(.*\) *\\$|\1:|p' < "$tmpdepfile" >> "$depfile" + rm -f "$tmpdepfile" + ;; + +## The order of this option in the case statement is important, since the +## shell code in configure will try each of these formats in the order +## listed in this file. A plain '-MD' option would be understood by many +## compilers, so we must ensure this comes after the gcc and icc options. +pgcc) + # Portland's C compiler understands '-MD'. + # Will always output deps to 'file.d' where file is the root name of the + # source file under compilation, even if file resides in a subdirectory. + # The object file name does not affect the name of the '.d' file. + # pgcc 10.2 will output + # foo.o: sub/foo.c sub/foo.h + # and will wrap long lines using '\' : + # foo.o: sub/foo.c ... \ + # sub/foo.h ... \ + # ... + set_dir_from "$object" + # Use the source, not the object, to determine the base name, since + # that's sadly what pgcc will do too. + set_base_from "$source" + tmpdepfile=$base.d + + # For projects that build the same source file twice into different object + # files, the pgcc approach of using the *source* file root name can cause + # problems in parallel builds. Use a locking strategy to avoid stomping on + # the same $tmpdepfile. + lockdir=$base.d-lock + trap " + echo '$0: caught signal, cleaning up...' >&2 + rmdir '$lockdir' + exit 1 + " 1 2 13 15 + numtries=100 + i=$numtries + while test $i -gt 0; do + # mkdir is a portable test-and-set. + if mkdir "$lockdir" 2>/dev/null; then + # This process acquired the lock. + "$@" -MD + stat=$? + # Release the lock. + rmdir "$lockdir" + break + else + # If the lock is being held by a different process, wait + # until the winning process is done or we timeout. + while test -d "$lockdir" && test $i -gt 0; do + sleep 1 + i=`expr $i - 1` + done + fi + i=`expr $i - 1` + done + trap - 1 2 13 15 + if test $i -le 0; then + echo "$0: failed to acquire lock after $numtries attempts" >&2 + echo "$0: check lockdir '$lockdir'" >&2 + exit 1 + fi + + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + # Each line is of the form `foo.o: dependent.h', + # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. + # Do two passes, one to just change these to + # `$object: dependent.h' and one to simply `dependent.h:'. + sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process this invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" \ + | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +hp2) + # The "hp" stanza above does not work with aCC (C++) and HP's ia64 + # compilers, which have integrated preprocessors. The correct option + # to use with these is +Maked; it writes dependencies to a file named + # 'foo.d', which lands next to the object file, wherever that + # happens to be. + # Much of this is similar to the tru64 case; see comments there. + set_dir_from "$object" + set_base_from "$object" + if test "$libtool" = yes; then + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir.libs/$base.d + "$@" -Wc,+Maked + else + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir$base.d + "$@" +Maked + fi + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" + do + test -f "$tmpdepfile" && break + done + if test -f "$tmpdepfile"; then + sed -e "s,^.*\.[$lower]*:,$object:," "$tmpdepfile" > "$depfile" + # Add 'dependent.h:' lines. + sed -ne '2,${ + s/^ *// + s/ \\*$// + s/$/:/ + p + }' "$tmpdepfile" >> "$depfile" + else + make_dummy_depfile + fi + rm -f "$tmpdepfile" "$tmpdepfile2" + ;; + +tru64) + # The Tru64 compiler uses -MD to generate dependencies as a side + # effect. 'cc -MD -o foo.o ...' puts the dependencies into 'foo.o.d'. + # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put + # dependencies in 'foo.d' instead, so we check for that too. + # Subdirectories are respected. + set_dir_from "$object" + set_base_from "$object" + + if test "$libtool" = yes; then + # Libtool generates 2 separate objects for the 2 libraries. These + # two compilations output dependencies in $dir.libs/$base.o.d and + # in $dir$base.o.d. We have to check for both files, because + # one of the two compilations can be disabled. We should prefer + # $dir$base.o.d over $dir.libs/$base.o.d because the latter is + # automatically cleaned when .libs/ is deleted, while ignoring + # the former would cause a distcleancheck panic. + tmpdepfile1=$dir$base.o.d # libtool 1.5 + tmpdepfile2=$dir.libs/$base.o.d # Likewise. + tmpdepfile3=$dir.libs/$base.d # Compaq CCC V6.2-504 + "$@" -Wc,-MD + else + tmpdepfile1=$dir$base.d + tmpdepfile2=$dir$base.d + tmpdepfile3=$dir$base.d + "$@" -MD + fi + + stat=$? + if test $stat -ne 0; then + rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + exit $stat + fi + + for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" + do + test -f "$tmpdepfile" && break + done + # Same post-processing that is required for AIX mode. + aix_post_process_depfile + ;; + +msvc7) + if test "$libtool" = yes; then + showIncludes=-Wc,-showIncludes + else + showIncludes=-showIncludes + fi + "$@" $showIncludes > "$tmpdepfile" + stat=$? + grep -v '^Note: including file: ' "$tmpdepfile" + if test $stat -ne 0; then + rm -f "$tmpdepfile" + exit $stat + fi + rm -f "$depfile" + echo "$object : \\" > "$depfile" + # The first sed program below extracts the file names and escapes + # backslashes for cygpath. The second sed program outputs the file + # name when reading, but also accumulates all include files in the + # hold buffer in order to output them again at the end. This only + # works with sed implementations that can handle large buffers. + sed < "$tmpdepfile" -n ' +/^Note: including file: *\(.*\)/ { + s//\1/ + s/\\/\\\\/g + p +}' | $cygpath_u | sort -u | sed -n ' +s/ /\\ /g +s/\(.*\)/'"$tab"'\1 \\/p +s/.\(.*\) \\/\1:/ +H +$ { + s/.*/'"$tab"'/ + G + p +}' >> "$depfile" + echo >> "$depfile" # make sure the fragment doesn't end with a backslash + rm -f "$tmpdepfile" + ;; + +msvc7msys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +#nosideeffect) + # This comment above is used by automake to tell side-effect + # dependency tracking mechanisms from slower ones. + +dashmstdout) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout, regardless of -o. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + # Remove '-o $object'. + IFS=" " + for arg + do + case $arg in + -o) + shift + ;; + $object) + shift + ;; + *) + set fnord "$@" "$arg" + shift # fnord + shift # $arg + ;; + esac + done + + test -z "$dashmflag" && dashmflag=-M + # Require at least two characters before searching for ':' + # in the target name. This is to cope with DOS-style filenames: + # a dependency such as 'c:/foo/bar' could be seen as target 'c' otherwise. + "$@" $dashmflag | + sed "s|^[$tab ]*[^:$tab ][^:][^:]*:[$tab ]*|$object: |" > "$tmpdepfile" + rm -f "$depfile" + cat < "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process this sed invocation + # correctly. Breaking it into two sed invocations is a workaround. + tr ' ' "$nl" < "$tmpdepfile" \ + | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +dashXmstdout) + # This case only exists to satisfy depend.m4. It is never actually + # run, as this mode is specially recognized in the preamble. + exit 1 + ;; + +makedepend) + "$@" || exit $? + # Remove any Libtool call + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + # X makedepend + shift + cleared=no eat=no + for arg + do + case $cleared in + no) + set ""; shift + cleared=yes ;; + esac + if test $eat = yes; then + eat=no + continue + fi + case "$arg" in + -D*|-I*) + set fnord "$@" "$arg"; shift ;; + # Strip any option that makedepend may not understand. Remove + # the object too, otherwise makedepend will parse it as a source file. + -arch) + eat=yes ;; + -*|$object) + ;; + *) + set fnord "$@" "$arg"; shift ;; + esac + done + obj_suffix=`echo "$object" | sed 's/^.*\././'` + touch "$tmpdepfile" + ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" + rm -f "$depfile" + # makedepend may prepend the VPATH from the source file name to the object. + # No need to regex-escape $object, excess matching of '.' is harmless. + sed "s|^.*\($object *:\)|\1|" "$tmpdepfile" > "$depfile" + # Some versions of the HPUX 10.20 sed can't process the last invocation + # correctly. Breaking it into two sed invocations is a workaround. + sed '1,2d' "$tmpdepfile" \ + | tr ' ' "$nl" \ + | sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' \ + | sed -e 's/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" "$tmpdepfile".bak + ;; + +cpp) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + # Remove '-o $object'. + IFS=" " + for arg + do + case $arg in + -o) + shift + ;; + $object) + shift + ;; + *) + set fnord "$@" "$arg" + shift # fnord + shift # $arg + ;; + esac + done + + "$@" -E \ + | sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ + | sed '$ s: \\$::' > "$tmpdepfile" + rm -f "$depfile" + echo "$object : \\" > "$depfile" + cat < "$tmpdepfile" >> "$depfile" + sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +msvisualcpp) + # Important note: in order to support this mode, a compiler *must* + # always write the preprocessed file to stdout. + "$@" || exit $? + + # Remove the call to Libtool. + if test "$libtool" = yes; then + while test "X$1" != 'X--mode=compile'; do + shift + done + shift + fi + + IFS=" " + for arg + do + case "$arg" in + -o) + shift + ;; + $object) + shift + ;; + "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") + set fnord "$@" + shift + shift + ;; + *) + set fnord "$@" "$arg" + shift + shift + ;; + esac + done + "$@" -E 2>/dev/null | + sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::\1:p' | $cygpath_u | sort -u > "$tmpdepfile" + rm -f "$depfile" + echo "$object : \\" > "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::'"$tab"'\1 \\:p' >> "$depfile" + echo "$tab" >> "$depfile" + sed < "$tmpdepfile" -n -e 's% %\\ %g' -e '/^\(.*\)$/ s::\1\::p' >> "$depfile" + rm -f "$tmpdepfile" + ;; + +msvcmsys) + # This case exists only to let depend.m4 do its work. It works by + # looking at the text of this script. This case will never be run, + # since it is checked for above. + exit 1 + ;; + +none) + exec "$@" + ;; + +*) + echo "Unknown depmode $depmode" 1>&2 + exit 1 + ;; +esac + +exit 0 + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/FreeRTOS-Plus/Source/CyaSSL/config/install-sh b/FreeRTOS-Plus/Source/CyaSSL/build-aux/install-sh similarity index 69% rename from FreeRTOS-Plus/Source/CyaSSL/config/install-sh rename to FreeRTOS-Plus/Source/CyaSSL/build-aux/install-sh index 4fbbae7b7..377bb8687 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/config/install-sh +++ b/FreeRTOS-Plus/Source/CyaSSL/build-aux/install-sh @@ -1,7 +1,7 @@ #!/bin/sh # install - install a program, script, or datafile -scriptversion=2006-10-14.15 +scriptversion=2011-11-20.07; # UTC # This originates from X11R5 (mit/util/scripts/install.sh), which was # later released in X11R6 (xc/config/util/install.sh) with the @@ -35,7 +35,7 @@ scriptversion=2006-10-14.15 # FSF changes to this file are in the public domain. # # Calling this script install-sh is preferred over install.sh, to prevent -# `make' implicit rules from creating a file called install from it +# 'make' implicit rules from creating a file called install from it # when there is no Makefile. # # This script is compatible with the BSD install script, but was written @@ -48,7 +48,7 @@ IFS=" "" $nl" # set DOITPROG to echo to test this script # Don't use :- since 4.3BSD and earlier shells don't like it. -doit="${DOITPROG-}" +doit=${DOITPROG-} if test -z "$doit"; then doit_exec=exec else @@ -58,34 +58,49 @@ fi # Put in absolute file names if you don't have them in your path; # or use environment vars. -mvprog="${MVPROG-mv}" -cpprog="${CPPROG-cp}" -chmodprog="${CHMODPROG-chmod}" -chownprog="${CHOWNPROG-chown}" -chgrpprog="${CHGRPPROG-chgrp}" -stripprog="${STRIPPROG-strip}" -rmprog="${RMPROG-rm}" -mkdirprog="${MKDIRPROG-mkdir}" +chgrpprog=${CHGRPPROG-chgrp} +chmodprog=${CHMODPROG-chmod} +chownprog=${CHOWNPROG-chown} +cmpprog=${CMPPROG-cmp} +cpprog=${CPPROG-cp} +mkdirprog=${MKDIRPROG-mkdir} +mvprog=${MVPROG-mv} +rmprog=${RMPROG-rm} +stripprog=${STRIPPROG-strip} + +posix_glob='?' +initialize_posix_glob=' + test "$posix_glob" != "?" || { + if (set -f) 2>/dev/null; then + posix_glob= + else + posix_glob=: + fi + } +' -posix_glob= posix_mkdir= # Desired mode of installed file. mode=0755 +chgrpcmd= chmodcmd=$chmodprog chowncmd= -chgrpcmd= -stripcmd= +mvcmd=$mvprog rmcmd="$rmprog -f" -mvcmd="$mvprog" +stripcmd= + src= dst= dir_arg= -dstarg= +dst_arg= + +copy_on_change=false no_target_directory= -usage="Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE +usage="\ +Usage: $0 [OPTION]... [-T] SRCFILE DSTFILE or: $0 [OPTION]... SRCFILES... DIRECTORY or: $0 [OPTION]... -t DIRECTORY SRCFILES... or: $0 [OPTION]... -d DIRECTORIES... @@ -95,65 +110,59 @@ In the 2nd and 3rd, copy all SRCFILES to DIRECTORY. In the 4th, create DIRECTORIES. Options: --c (ignored) --d create directories instead of installing files. --g GROUP $chgrpprog installed files to GROUP. --m MODE $chmodprog installed files to MODE. --o USER $chownprog installed files to USER. --s $stripprog installed files. --t DIRECTORY install into DIRECTORY. --T report an error if DSTFILE is a directory. ---help display this help and exit. ---version display version info and exit. + --help display this help and exit. + --version display version info and exit. + + -c (ignored) + -C install only if different (preserve the last data modification time) + -d create directories instead of installing files. + -g GROUP $chgrpprog installed files to GROUP. + -m MODE $chmodprog installed files to MODE. + -o USER $chownprog installed files to USER. + -s $stripprog installed files. + -t DIRECTORY install into DIRECTORY. + -T report an error if DSTFILE is a directory. Environment variables override the default commands: - CHGRPPROG CHMODPROG CHOWNPROG CPPROG MKDIRPROG MVPROG RMPROG STRIPPROG + CHGRPPROG CHMODPROG CHOWNPROG CMPPROG CPPROG MKDIRPROG MVPROG + RMPROG STRIPPROG " while test $# -ne 0; do case $1 in - -c) shift - continue;; + -c) ;; - -d) dir_arg=true - shift - continue;; + -C) copy_on_change=true;; + + -d) dir_arg=true;; -g) chgrpcmd="$chgrpprog $2" - shift - shift - continue;; + shift;; --help) echo "$usage"; exit $?;; -m) mode=$2 - shift - shift case $mode in *' '* | *' '* | *' '* | *'*'* | *'?'* | *'['*) echo "$0: invalid mode: $mode" >&2 exit 1;; esac - continue;; + shift;; -o) chowncmd="$chownprog $2" - shift - shift - continue;; + shift;; - -s) stripcmd=$stripprog - shift - continue;; + -s) stripcmd=$stripprog;; - -t) dstarg=$2 - shift - shift - continue;; + -t) dst_arg=$2 + # Protect names problematic for 'test' and other utilities. + case $dst_arg in + -* | [=\(\)!]) dst_arg=./$dst_arg;; + esac + shift;; - -T) no_target_directory=true - shift - continue;; + -T) no_target_directory=true;; --version) echo "$0 $scriptversion"; exit $?;; @@ -165,21 +174,26 @@ while test $# -ne 0; do *) break;; esac + shift done -if test $# -ne 0 && test -z "$dir_arg$dstarg"; then +if test $# -ne 0 && test -z "$dir_arg$dst_arg"; then # When -d is used, all remaining arguments are directories to create. # When -t is used, the destination is already specified. # Otherwise, the last argument is the destination. Remove it from $@. for arg do - if test -n "$dstarg"; then + if test -n "$dst_arg"; then # $@ is not empty: it contains at least $arg. - set fnord "$@" "$dstarg" + set fnord "$@" "$dst_arg" shift # fnord fi shift # arg - dstarg=$arg + dst_arg=$arg + # Protect names problematic for 'test' and other utilities. + case $dst_arg in + -* | [=\(\)!]) dst_arg=./$dst_arg;; + esac done fi @@ -188,13 +202,17 @@ if test $# -eq 0; then echo "$0: no input file specified." >&2 exit 1 fi - # It's OK to call `install-sh -d' without argument. + # It's OK to call 'install-sh -d' without argument. # This can happen when creating conditional directories. exit 0 fi if test -z "$dir_arg"; then - trap '(exit $?); exit' 1 2 13 15 + do_exit='(exit $ret); exit $ret' + trap "ret=129; $do_exit" 1 + trap "ret=130; $do_exit" 2 + trap "ret=141; $do_exit" 13 + trap "ret=143; $do_exit" 15 # Set umask so as not to create temps with too-generous modes. # However, 'strip' requires both read and write access to temps. @@ -222,9 +240,9 @@ fi for src do - # Protect names starting with `-'. + # Protect names problematic for 'test' and other utilities. case $src in - -*) src=./$src ;; + -* | [=\(\)!]) src=./$src;; esac if test -n "$dir_arg"; then @@ -242,22 +260,17 @@ do exit 1 fi - if test -z "$dstarg"; then + if test -z "$dst_arg"; then echo "$0: no destination specified." >&2 exit 1 fi - - dst=$dstarg - # Protect names starting with `-'. - case $dst in - -*) dst=./$dst ;; - esac + dst=$dst_arg # If destination is a directory, append the input filename; won't work # if double slashes aren't ignored. if test -d "$dst"; then if test -n "$no_target_directory"; then - echo "$0: $dstarg: Is a directory" >&2 + echo "$0: $dst_arg: Is a directory" >&2 exit 1 fi dstdir=$dst @@ -341,7 +354,7 @@ do if test -z "$dir_arg" || { # Check for POSIX incompatibilities with -m. # HP-UX 11.23 and IRIX 6.5 mkdir -m -p sets group- or - # other-writeable bit of parent directory when it shouldn't. + # other-writable bit of parent directory when it shouldn't. # FreeBSD 6.1 mkdir -m -p sets mode of existing directory. ls_ld_tmpdir=`ls -ld "$tmpdir"` case $ls_ld_tmpdir in @@ -378,33 +391,26 @@ do # directory the slow way, step by step, checking for races as we go. case $dstdir in - /*) prefix=/ ;; - -*) prefix=./ ;; - *) prefix= ;; + /*) prefix='/';; + [-=\(\)!]*) prefix='./';; + *) prefix='';; esac - case $posix_glob in - '') - if (set -f) 2>/dev/null; then - posix_glob=true - else - posix_glob=false - fi ;; - esac + eval "$initialize_posix_glob" oIFS=$IFS IFS=/ - $posix_glob && set -f + $posix_glob set -f set fnord $dstdir shift - $posix_glob && set +f + $posix_glob set +f IFS=$oIFS prefixes= for d do - test -z "$d" && continue + test X"$d" = X && continue prefix=$prefix$d if test -d "$prefix"; then @@ -459,41 +465,54 @@ do # ignore errors from any of these, just make sure not to ignore # errors from the above "$doit $cpprog $src $dsttmp" command. # - { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } \ - && { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } \ - && { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } \ - && { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && - - # Now rename the file to the real destination. - { $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null \ - || { - # The rename failed, perhaps because mv can't rename something else - # to itself, or perhaps because mv is so ancient that it does not - # support -f. - - # Now remove or move aside any old file at destination location. - # We try this two ways since rm can't unlink itself on some - # systems and the destination file might be busy for other - # reasons. In this case, the final cleanup might fail but the new - # file should still install successfully. - { - if test -f "$dst"; then - $doit $rmcmd -f "$dst" 2>/dev/null \ - || { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null \ - && { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; }; }\ - || { - echo "$0: cannot unlink or rename $dst" >&2 - (exit 1); exit 1 - } - else - : - fi - } && - - # Now rename the file to the real destination. - $doit $mvcmd "$dsttmp" "$dst" - } - } || exit 1 + { test -z "$chowncmd" || $doit $chowncmd "$dsttmp"; } && + { test -z "$chgrpcmd" || $doit $chgrpcmd "$dsttmp"; } && + { test -z "$stripcmd" || $doit $stripcmd "$dsttmp"; } && + { test -z "$chmodcmd" || $doit $chmodcmd $mode "$dsttmp"; } && + + # If -C, don't bother to copy if it wouldn't change the file. + if $copy_on_change && + old=`LC_ALL=C ls -dlL "$dst" 2>/dev/null` && + new=`LC_ALL=C ls -dlL "$dsttmp" 2>/dev/null` && + + eval "$initialize_posix_glob" && + $posix_glob set -f && + set X $old && old=:$2:$4:$5:$6 && + set X $new && new=:$2:$4:$5:$6 && + $posix_glob set +f && + + test "$old" = "$new" && + $cmpprog "$dst" "$dsttmp" >/dev/null 2>&1 + then + rm -f "$dsttmp" + else + # Rename the file to the real destination. + $doit $mvcmd -f "$dsttmp" "$dst" 2>/dev/null || + + # The rename failed, perhaps because mv can't rename something else + # to itself, or perhaps because mv is so ancient that it does not + # support -f. + { + # Now remove or move aside any old file at destination location. + # We try this two ways since rm can't unlink itself on some + # systems and the destination file might be busy for other + # reasons. In this case, the final cleanup might fail but the new + # file should still install successfully. + { + test ! -f "$dst" || + $doit $rmcmd -f "$dst" 2>/dev/null || + { $doit $mvcmd -f "$dst" "$rmtmp" 2>/dev/null && + { $doit $rmcmd -f "$rmtmp" 2>/dev/null; :; } + } || + { echo "$0: cannot unlink or rename $dst" >&2 + (exit 1); exit 1 + } + } && + + # Now rename the file to the real destination. + $doit $mvcmd "$dsttmp" "$dst" + } + fi || exit 1 trap '' 0 fi @@ -503,5 +522,6 @@ done # eval: (add-hook 'write-file-hooks 'time-stamp) # time-stamp-start: "scriptversion=" # time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" # End: diff --git a/FreeRTOS-Plus/Source/CyaSSL/config/ltmain.sh b/FreeRTOS-Plus/Source/CyaSSL/build-aux/ltmain.sh similarity index 79% rename from FreeRTOS-Plus/Source/CyaSSL/config/ltmain.sh rename to FreeRTOS-Plus/Source/CyaSSL/build-aux/ltmain.sh index c856b8d4b..9ae038c24 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/config/ltmain.sh +++ b/FreeRTOS-Plus/Source/CyaSSL/build-aux/ltmain.sh @@ -1,10 +1,9 @@ -# Generated from ltmain.m4sh. -# libtool (GNU libtool) 2.2.10 +# libtool (GNU libtool) 2.4.2 # Written by Gordon Matzigkeit , 1996 # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, 2006, -# 2007, 2008, 2009, 2010 Free Software Foundation, Inc. +# 2007, 2008, 2009, 2010, 2011 Free Software Foundation, Inc. # This is free software; see the source for copying conditions. There is NO # warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. @@ -42,6 +41,7 @@ # --quiet, --silent don't print informational messages # --no-quiet, --no-silent # print informational messages (default) +# --no-warn don't display warning messages # --tag=TAG use configuration variables from tag TAG # -v, --verbose print more informational messages than default # --no-verbose don't print the extra informational messages @@ -70,17 +70,19 @@ # compiler: $LTCC # compiler flags: $LTCFLAGS # linker: $LD (gnu? $with_gnu_ld) -# $progname: (GNU libtool) 2.2.10 +# $progname: (GNU libtool) 2.4.2 # automake: $automake_version # autoconf: $autoconf_version # # Report bugs to . +# GNU libtool home page: . +# General help using GNU software: . PROGRAM=libtool PACKAGE=libtool -VERSION=2.2.10 +VERSION=2.4.2 TIMESTAMP="" -package_revision=1.3175 +package_revision=1.3337 # Be Bourne compatible if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then @@ -135,15 +137,10 @@ progpath="$0" : ${CP="cp -f"} test "${ECHO+set}" = set || ECHO=${as_echo-'printf %s\n'} -: ${EGREP="/usr/bin/grep -E"} -: ${FGREP="/usr/bin/grep -F"} -: ${GREP="/usr/bin/grep"} -: ${LN_S="ln -s"} : ${MAKE="make"} : ${MKDIR="mkdir"} : ${MV="mv -f"} : ${RM="rm -f"} -: ${SED="/usr/bin/sed"} : ${SHELL="${CONFIG_SHELL-/bin/sh}"} : ${Xsed="$SED -e 1s/^X//"} @@ -163,6 +160,27 @@ IFS=" $lt_nl" dirname="s,/[^/]*$,," basename="s,^.*/,," +# func_dirname file append nondir_replacement +# Compute the dirname of FILE. If nonempty, add APPEND to the result, +# otherwise set result to NONDIR_REPLACEMENT. +func_dirname () +{ + func_dirname_result=`$ECHO "${1}" | $SED "$dirname"` + if test "X$func_dirname_result" = "X${1}"; then + func_dirname_result="${3}" + else + func_dirname_result="$func_dirname_result${2}" + fi +} # func_dirname may be replaced by extended shell implementation + + +# func_basename file +func_basename () +{ + func_basename_result=`$ECHO "${1}" | $SED "$basename"` +} # func_basename may be replaced by extended shell implementation + + # func_dirname_and_basename file append nondir_replacement # perform func_basename and func_dirname in a single function # call: @@ -177,17 +195,31 @@ basename="s,^.*/,," # those functions but instead duplicate the functionality here. func_dirname_and_basename () { - # Extract subdirectory from the argument. - func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi - func_basename_result=`$ECHO "${1}" | $SED -e "$basename"` -} + # Extract subdirectory from the argument. + func_dirname_result=`$ECHO "${1}" | $SED -e "$dirname"` + if test "X$func_dirname_result" = "X${1}"; then + func_dirname_result="${3}" + else + func_dirname_result="$func_dirname_result${2}" + fi + func_basename_result=`$ECHO "${1}" | $SED -e "$basename"` +} # func_dirname_and_basename may be replaced by extended shell implementation + + +# func_stripname prefix suffix name +# strip PREFIX and SUFFIX off of NAME. +# PREFIX and SUFFIX must not contain globbing or regex special +# characters, hashes, percent signs, but SUFFIX may contain a leading +# dot (in which case that matches only a dot). +# func_strip_suffix prefix name +func_stripname () +{ + case ${2} in + .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; + *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; + esac +} # func_stripname may be replaced by extended shell implementation -# Generated shell functions inserted here. # These SED scripts presuppose an absolute path with a trailing slash. pathcar='s,^/\([^/]*\).*$,\1,' @@ -351,7 +383,7 @@ case $progpath in ;; *) save_IFS="$IFS" - IFS=: + IFS=${PATH_SEPARATOR-:} for progdir in $PATH; do IFS="$save_IFS" test -x "$progdir/$progname" && break @@ -370,6 +402,15 @@ sed_quote_subst='s/\([`"$\\]\)/\\\1/g' # Same as above, but do not quote variable references. double_quote_subst='s/\(["`\\]\)/\\\1/g' +# Sed substitution that turns a string into a regex matching for the +# string literally. +sed_make_literal_regex='s,[].[^$\\*\/],\\&,g' + +# Sed substitution that converts a w32 file name or path +# which contains forward slashes, into one that contains +# (escaped) backslashes. A very naive implementation. +lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' + # Re-`\' parameter expansions in output of double_quote_subst that were # `\'-ed in input to the same. If an odd number of `\' preceded a '$' # in input to double_quote_subst, that '$' was protected from expansion. @@ -398,7 +439,7 @@ opt_warning=: # name if it has been set yet. func_echo () { - $ECHO "$progname${mode+: }$mode: $*" + $ECHO "$progname: ${opt_mode+$opt_mode: }$*" } # func_verbose arg... @@ -424,14 +465,14 @@ func_echo_all () # Echo program name prefixed message to standard error. func_error () { - $ECHO "$progname${mode+: }$mode: "${1+"$@"} 1>&2 + $ECHO "$progname: ${opt_mode+$opt_mode: }"${1+"$@"} 1>&2 } # func_warning arg... # Echo program name prefixed warning message to standard error. func_warning () { - $opt_warning && $ECHO "$progname${mode+: }$mode: warning: "${1+"$@"} 1>&2 + $opt_warning && $ECHO "$progname: ${opt_mode+$opt_mode: }warning: "${1+"$@"} 1>&2 # bash bug again: : @@ -650,11 +691,30 @@ func_show_eval_locale () fi } +# func_tr_sh +# Turn $1 into a string suitable for a shell variable name. +# Result is stored in $func_tr_sh_result. All characters +# not in the set a-zA-Z0-9_ are replaced with '_'. Further, +# if $1 begins with a digit, a '_' is prepended as well. +func_tr_sh () +{ + case $1 in + [0-9]* | *[!a-zA-Z0-9_]*) + func_tr_sh_result=`$ECHO "$1" | $SED 's/^\([0-9]\)/_\1/; s/[^a-zA-Z0-9_]/_/g'` + ;; + * ) + func_tr_sh_result=$1 + ;; + esac +} + # func_version # Echo version message to standard output and exit. func_version () { + $opt_debug + $SED -n '/(C)/!b go :more /\./!{ @@ -676,6 +736,8 @@ func_version () # Echo short help message to standard output and exit. func_usage () { + $opt_debug + $SED -n '/^# Usage:/,/^# *.*--help/ { s/^# // s/^# *$// @@ -692,7 +754,10 @@ func_usage () # unless 'noexit' is passed as argument. func_help () { + $opt_debug + $SED -n '/^# Usage:/,/# Report bugs to/ { + :print s/^# // s/^# *$// s*\$progname*'$progname'* @@ -702,10 +767,14 @@ func_help () s*\$LTCFLAGS*'"$LTCFLAGS"'* s*\$LD*'"$LD"'* s/\$with_gnu_ld/'"$with_gnu_ld"'/ - s/\$automake_version/'"`(automake --version) 2>/dev/null |$SED 1q`"'/ - s/\$autoconf_version/'"`(autoconf --version) 2>/dev/null |$SED 1q`"'/ + s/\$automake_version/'"`(${AUTOMAKE-automake} --version) 2>/dev/null |$SED 1q`"'/ + s/\$autoconf_version/'"`(${AUTOCONF-autoconf} --version) 2>/dev/null |$SED 1q`"'/ p - }' < "$progpath" + d + } + /^# .* home page:/b print + /^# General help using/b print + ' < "$progpath" ret=$? if test -z "$1"; then exit $ret @@ -717,12 +786,39 @@ func_help () # exit_cmd. func_missing_arg () { + $opt_debug + func_error "missing argument for $1." exit_cmd=exit } -exit_cmd=: +# func_split_short_opt shortopt +# Set func_split_short_opt_name and func_split_short_opt_arg shell +# variables after splitting SHORTOPT after the 2nd character. +func_split_short_opt () +{ + my_sed_short_opt='1s/^\(..\).*$/\1/;q' + my_sed_short_rest='1s/^..\(.*\)$/\1/;q' + + func_split_short_opt_name=`$ECHO "$1" | $SED "$my_sed_short_opt"` + func_split_short_opt_arg=`$ECHO "$1" | $SED "$my_sed_short_rest"` +} # func_split_short_opt may be replaced by extended shell implementation + + +# func_split_long_opt longopt +# Set func_split_long_opt_name and func_split_long_opt_arg shell +# variables after splitting LONGOPT at the `=' sign. +func_split_long_opt () +{ + my_sed_long_opt='1s/^\(--[^=]*\)=.*/\1/;q' + my_sed_long_arg='1s/^--[^=]*=//' + + func_split_long_opt_name=`$ECHO "$1" | $SED "$my_sed_long_opt"` + func_split_long_opt_arg=`$ECHO "$1" | $SED "$my_sed_long_arg"` +} # func_split_long_opt may be replaced by extended shell implementation + +exit_cmd=: @@ -732,25 +828,64 @@ magic="%%%MAGIC variable%%%" magic_exe="%%%MAGIC EXE variable%%%" # Global variables. -# $mode is unset nonopt= -execute_dlfiles= preserve_args= lo2o="s/\\.lo\$/.${objext}/" o2lo="s/\\.${objext}\$/.lo/" extracted_archives= extracted_serial=0 -opt_dry_run=false -opt_duplicate_deps=false -opt_silent=false -opt_debug=: - # If this variable is set in any of the actions, the command in it # will be execed at the end. This prevents here-documents from being # left over by shells. exec_cmd= +# func_append var value +# Append VALUE to the end of shell variable VAR. +func_append () +{ + eval "${1}=\$${1}\${2}" +} # func_append may be replaced by extended shell implementation + +# func_append_quoted var value +# Quote VALUE and append to the end of shell variable VAR, separated +# by a space. +func_append_quoted () +{ + func_quote_for_eval "${2}" + eval "${1}=\$${1}\\ \$func_quote_for_eval_result" +} # func_append_quoted may be replaced by extended shell implementation + + +# func_arith arithmetic-term... +func_arith () +{ + func_arith_result=`expr "${@}"` +} # func_arith may be replaced by extended shell implementation + + +# func_len string +# STRING may not start with a hyphen. +func_len () +{ + func_len_result=`expr "${1}" : ".*" 2>/dev/null || echo $max_cmd_len` +} # func_len may be replaced by extended shell implementation + + +# func_lo2o object +func_lo2o () +{ + func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"` +} # func_lo2o may be replaced by extended shell implementation + + +# func_xform libobj-or-source +func_xform () +{ + func_xform_result=`$ECHO "${1}" | $SED 's/\.[^.]*$/.lo/'` +} # func_xform may be replaced by extended shell implementation + + # func_fatal_configuration arg... # Echo program name prefixed message to standard error, followed by # a configuration failure hint, and exit. @@ -840,129 +975,209 @@ func_enable_tag () esac } -# Parse options once, thoroughly. This comes as soon as possible in -# the script to make things like `libtool --version' happen quickly. +# func_check_version_match +# Ensure that we are using m4 macros, and libtool script from the same +# release of libtool. +func_check_version_match () { + if test "$package_revision" != "$macro_revision"; then + if test "$VERSION" != "$macro_version"; then + if test -z "$macro_version"; then + cat >&2 <<_LT_EOF +$progname: Version mismatch error. This is $PACKAGE $VERSION, but the +$progname: definition of this LT_INIT comes from an older release. +$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION +$progname: and run autoconf again. +_LT_EOF + else + cat >&2 <<_LT_EOF +$progname: Version mismatch error. This is $PACKAGE $VERSION, but the +$progname: definition of this LT_INIT comes from $PACKAGE $macro_version. +$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION +$progname: and run autoconf again. +_LT_EOF + fi + else + cat >&2 <<_LT_EOF +$progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision, +$progname: but the definition of this LT_INIT comes from revision $macro_revision. +$progname: You should recreate aclocal.m4 with macros from revision $package_revision +$progname: of $PACKAGE $VERSION and run autoconf again. +_LT_EOF + fi + + exit $EXIT_MISMATCH + fi +} + + +# Shorthand for --mode=foo, only valid as the first argument +case $1 in +clean|clea|cle|cl) + shift; set dummy --mode clean ${1+"$@"}; shift + ;; +compile|compil|compi|comp|com|co|c) + shift; set dummy --mode compile ${1+"$@"}; shift + ;; +execute|execut|execu|exec|exe|ex|e) + shift; set dummy --mode execute ${1+"$@"}; shift + ;; +finish|finis|fini|fin|fi|f) + shift; set dummy --mode finish ${1+"$@"}; shift + ;; +install|instal|insta|inst|ins|in|i) + shift; set dummy --mode install ${1+"$@"}; shift + ;; +link|lin|li|l) + shift; set dummy --mode link ${1+"$@"}; shift + ;; +uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) + shift; set dummy --mode uninstall ${1+"$@"}; shift + ;; +esac + + + +# Option defaults: +opt_debug=: +opt_dry_run=false +opt_config=false +opt_preserve_dup_deps=false +opt_features=false +opt_finish=false +opt_help=false +opt_help_all=false +opt_silent=: +opt_warning=: +opt_verbose=: +opt_silent=false +opt_verbose=false - # Shorthand for --mode=foo, only valid as the first argument - case $1 in - clean|clea|cle|cl) - shift; set dummy --mode clean ${1+"$@"}; shift - ;; - compile|compil|compi|comp|com|co|c) - shift; set dummy --mode compile ${1+"$@"}; shift - ;; - execute|execut|execu|exec|exe|ex|e) - shift; set dummy --mode execute ${1+"$@"}; shift - ;; - finish|finis|fini|fin|fi|f) - shift; set dummy --mode finish ${1+"$@"}; shift - ;; - install|instal|insta|inst|ins|in|i) - shift; set dummy --mode install ${1+"$@"}; shift - ;; - link|lin|li|l) - shift; set dummy --mode link ${1+"$@"}; shift - ;; - uninstall|uninstal|uninsta|uninst|unins|unin|uni|un|u) - shift; set dummy --mode uninstall ${1+"$@"}; shift - ;; - esac - # Parse non-mode specific arguments: - while test "$#" -gt 0; do +# Parse options once, thoroughly. This comes as soon as possible in the +# script to make things like `--version' happen as quickly as we can. +{ + # this just eases exit handling + while test $# -gt 0; do opt="$1" shift - case $opt in - --config) func_config ;; - - --debug) preserve_args="$preserve_args $opt" + --debug|-x) opt_debug='set -x' func_echo "enabling shell trace mode" - opt_debug='set -x' $opt_debug ;; - - -dlopen) test "$#" -eq 0 && func_missing_arg "$opt" && break - execute_dlfiles="$execute_dlfiles $1" - shift + --dry-run|--dryrun|-n) + opt_dry_run=: ;; - - --dry-run | -n) opt_dry_run=: ;; - --features) func_features ;; - --finish) mode="finish" ;; - - --mode) test "$#" -eq 0 && func_missing_arg "$opt" && break - case $1 in - # Valid mode arguments: - clean) ;; - compile) ;; - execute) ;; - finish) ;; - install) ;; - link) ;; - relink) ;; - uninstall) ;; - - # Catch anything else as an error - *) func_error "invalid argument for $opt" - exit_cmd=exit - break - ;; - esac - - mode="$1" + --config) + opt_config=: +func_config + ;; + --dlopen|-dlopen) + optarg="$1" + opt_dlopen="${opt_dlopen+$opt_dlopen +}$optarg" shift ;; - --preserve-dup-deps) - opt_duplicate_deps=: ;; - - --quiet|--silent) preserve_args="$preserve_args $opt" - opt_silent=: - opt_verbose=false + opt_preserve_dup_deps=: ;; - - --no-quiet|--no-silent) - preserve_args="$preserve_args $opt" - opt_silent=false + --features) + opt_features=: +func_features ;; - - --verbose| -v) preserve_args="$preserve_args $opt" + --finish) + opt_finish=: +set dummy --mode finish ${1+"$@"}; shift + ;; + --help) + opt_help=: + ;; + --help-all) + opt_help_all=: +opt_help=': help-all' + ;; + --mode) + test $# = 0 && func_missing_arg $opt && break + optarg="$1" + opt_mode="$optarg" +case $optarg in + # Valid mode arguments: + clean|compile|execute|finish|install|link|relink|uninstall) ;; + + # Catch anything else as an error + *) func_error "invalid argument for $opt" + exit_cmd=exit + break + ;; +esac + shift + ;; + --no-silent|--no-quiet) opt_silent=false - opt_verbose=: +func_append preserve_args " $opt" ;; - - --no-verbose) preserve_args="$preserve_args $opt" + --no-warning|--no-warn) + opt_warning=false +func_append preserve_args " $opt" + ;; + --no-verbose) opt_verbose=false +func_append preserve_args " $opt" ;; - - --tag) test "$#" -eq 0 && func_missing_arg "$opt" && break - preserve_args="$preserve_args $opt $1" - func_enable_tag "$1" # tagname is set here + --silent|--quiet) + opt_silent=: +func_append preserve_args " $opt" + opt_verbose=false + ;; + --verbose|-v) + opt_verbose=: +func_append preserve_args " $opt" +opt_silent=false + ;; + --tag) + test $# = 0 && func_missing_arg $opt && break + optarg="$1" + opt_tag="$optarg" +func_append preserve_args " $opt $optarg" +func_enable_tag "$optarg" shift ;; + -\?|-h) func_usage ;; + --help) func_help ;; + --version) func_version ;; + # Separate optargs to long options: - -dlopen=*|--mode=*|--tag=*) - func_opt_split "$opt" - set dummy "$func_opt_split_opt" "$func_opt_split_arg" ${1+"$@"} + --*=*) + func_split_long_opt "$opt" + set dummy "$func_split_long_opt_name" "$func_split_long_opt_arg" ${1+"$@"} shift ;; - -\?|-h) func_usage ;; - --help) opt_help=: ;; - --help-all) opt_help=': help-all' ;; - --version) func_version ;; - - -*) func_fatal_help "unrecognized option \`$opt'" ;; - - *) nonopt="$opt" - break + # Separate non-argument short options: + -\?*|-h*|-n*|-v*) + func_split_short_opt "$opt" + set dummy "$func_split_short_opt_name" "-$func_split_short_opt_arg" ${1+"$@"} + shift ;; + + --) break ;; + -*) func_fatal_help "unrecognized option \`$opt'" ;; + *) set dummy "$opt" ${1+"$@"}; shift; break ;; esac done + # Validate options: + + # save first non-option argument + if test "$#" -gt 0; then + nonopt="$opt" + shift + fi + + # preserve --debug + test "$opt_debug" = : || func_append preserve_args " --debug" case $host in *cygwin* | *mingw* | *pw32* | *cegcc*) @@ -970,82 +1185,44 @@ func_enable_tag () opt_duplicate_compiler_generated_deps=: ;; *) - opt_duplicate_compiler_generated_deps=$opt_duplicate_deps + opt_duplicate_compiler_generated_deps=$opt_preserve_dup_deps ;; esac - # Having warned about all mis-specified options, bail out if - # anything was wrong. - $exit_cmd $EXIT_FAILURE -} + $opt_help || { + # Sanity checks first: + func_check_version_match -# func_check_version_match -# Ensure that we are using m4 macros, and libtool script from the same -# release of libtool. -func_check_version_match () -{ - if test "$package_revision" != "$macro_revision"; then - if test "$VERSION" != "$macro_version"; then - if test -z "$macro_version"; then - cat >&2 <<_LT_EOF -$progname: Version mismatch error. This is $PACKAGE $VERSION, but the -$progname: definition of this LT_INIT comes from an older release. -$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION -$progname: and run autoconf again. -_LT_EOF - else - cat >&2 <<_LT_EOF -$progname: Version mismatch error. This is $PACKAGE $VERSION, but the -$progname: definition of this LT_INIT comes from $PACKAGE $macro_version. -$progname: You should recreate aclocal.m4 with macros from $PACKAGE $VERSION -$progname: and run autoconf again. -_LT_EOF - fi - else - cat >&2 <<_LT_EOF -$progname: Version mismatch error. This is $PACKAGE $VERSION, revision $package_revision, -$progname: but the definition of this LT_INIT comes from revision $macro_revision. -$progname: You should recreate aclocal.m4 with macros from revision $package_revision -$progname: of $PACKAGE $VERSION and run autoconf again. -_LT_EOF + if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then + func_fatal_configuration "not configured to build any kind of library" fi - exit $EXIT_MISMATCH - fi -} + # Darwin sucks + eval std_shrext=\"$shrext_cmds\" + # Only execute mode is allowed to have -dlopen flags. + if test -n "$opt_dlopen" && test "$opt_mode" != execute; then + func_error "unrecognized option \`-dlopen'" + $ECHO "$help" 1>&2 + exit $EXIT_FAILURE + fi -## ----------- ## -## Main. ## -## ----------- ## - -$opt_help || { - # Sanity checks first: - func_check_version_match - - if test "$build_libtool_libs" != yes && test "$build_old_libs" != yes; then - func_fatal_configuration "not configured to build any kind of library" - fi - - test -z "$mode" && func_fatal_error "error: you must specify a MODE." + # Change the help message to a mode-specific one. + generic_help="$help" + help="Try \`$progname --help --mode=$opt_mode' for more information." + } - # Darwin sucks - eval std_shrext=\"$shrext_cmds\" + # Bail if the options were screwed + $exit_cmd $EXIT_FAILURE +} - # Only execute mode is allowed to have -dlopen flags. - if test -n "$execute_dlfiles" && test "$mode" != execute; then - func_error "unrecognized option \`-dlopen'" - $ECHO "$help" 1>&2 - exit $EXIT_FAILURE - fi - # Change the help message to a mode-specific one. - generic_help="$help" - help="Try \`$progname --help --mode=$mode' for more information." -} +## ----------- ## +## Main. ## +## ----------- ## # func_lalib_p file # True iff FILE is a libtool `.la' library or `.lo' object file. @@ -1110,12 +1287,9 @@ func_ltwrapper_executable_p () # temporary ltwrapper_script. func_ltwrapper_scriptname () { - func_ltwrapper_scriptname_result="" - if func_ltwrapper_executable_p "$1"; then - func_dirname_and_basename "$1" "" "." - func_stripname '' '.exe' "$func_basename_result" - func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper" - fi + func_dirname_and_basename "$1" "" "." + func_stripname '' '.exe' "$func_basename_result" + func_ltwrapper_scriptname_result="$func_dirname_result/$objdir/${func_stripname_result}_ltshwrapper" } # func_ltwrapper_p file @@ -1161,6 +1335,37 @@ func_source () } +# func_resolve_sysroot PATH +# Replace a leading = in PATH with a sysroot. Store the result into +# func_resolve_sysroot_result +func_resolve_sysroot () +{ + func_resolve_sysroot_result=$1 + case $func_resolve_sysroot_result in + =*) + func_stripname '=' '' "$func_resolve_sysroot_result" + func_resolve_sysroot_result=$lt_sysroot$func_stripname_result + ;; + esac +} + +# func_replace_sysroot PATH +# If PATH begins with the sysroot, replace it with = and +# store the result into func_replace_sysroot_result. +func_replace_sysroot () +{ + case "$lt_sysroot:$1" in + ?*:"$lt_sysroot"*) + func_stripname "$lt_sysroot" '' "$1" + func_replace_sysroot_result="=$func_stripname_result" + ;; + *) + # Including no sysroot. + func_replace_sysroot_result=$1 + ;; + esac +} + # func_infer_tag arg # Infer tagged configuration to use if any are available and # if one wasn't chosen via the "--tag" command line option. @@ -1173,8 +1378,7 @@ func_infer_tag () if test -n "$available_tags" && test -z "$tagname"; then CC_quoted= for arg in $CC; do - func_quote_for_eval "$arg" - CC_quoted="$CC_quoted $func_quote_for_eval_result" + func_append_quoted CC_quoted "$arg" done CC_expanded=`func_echo_all $CC` CC_quoted_expanded=`func_echo_all $CC_quoted` @@ -1193,8 +1397,7 @@ func_infer_tag () CC_quoted= for arg in $CC; do # Double-quote args containing other shell metacharacters. - func_quote_for_eval "$arg" - CC_quoted="$CC_quoted $func_quote_for_eval_result" + func_append_quoted CC_quoted "$arg" done CC_expanded=`func_echo_all $CC` CC_quoted_expanded=`func_echo_all $CC_quoted` @@ -1225,43 +1428,523 @@ func_infer_tag () } - -# func_write_libtool_object output_name pic_name nonpic_name -# Create a libtool object file (analogous to a ".la" file), -# but don't create it if we're doing a dry run. -func_write_libtool_object () + +# func_write_libtool_object output_name pic_name nonpic_name +# Create a libtool object file (analogous to a ".la" file), +# but don't create it if we're doing a dry run. +func_write_libtool_object () +{ + write_libobj=${1} + if test "$build_libtool_libs" = yes; then + write_lobj=\'${2}\' + else + write_lobj=none + fi + + if test "$build_old_libs" = yes; then + write_oldobj=\'${3}\' + else + write_oldobj=none + fi + + $opt_dry_run || { + cat >${write_libobj}T </dev/null` + if test "$?" -eq 0 && test -n "${func_convert_core_file_wine_to_w32_tmp}"; then + func_convert_core_file_wine_to_w32_result=`$ECHO "$func_convert_core_file_wine_to_w32_tmp" | + $SED -e "$lt_sed_naive_backslashify"` + else + func_convert_core_file_wine_to_w32_result= + fi + fi +} +# end: func_convert_core_file_wine_to_w32 + + +# func_convert_core_path_wine_to_w32 ARG +# Helper function used by path conversion functions when $build is *nix, and +# $host is mingw, cygwin, or some other w32 environment. Relies on a correctly +# configured wine environment available, with the winepath program in $build's +# $PATH. Assumes ARG has no leading or trailing path separator characters. +# +# ARG is path to be converted from $build format to win32. +# Result is available in $func_convert_core_path_wine_to_w32_result. +# Unconvertible file (directory) names in ARG are skipped; if no directory names +# are convertible, then the result may be empty. +func_convert_core_path_wine_to_w32 () +{ + $opt_debug + # unfortunately, winepath doesn't convert paths, only file names + func_convert_core_path_wine_to_w32_result="" + if test -n "$1"; then + oldIFS=$IFS + IFS=: + for func_convert_core_path_wine_to_w32_f in $1; do + IFS=$oldIFS + func_convert_core_file_wine_to_w32 "$func_convert_core_path_wine_to_w32_f" + if test -n "$func_convert_core_file_wine_to_w32_result" ; then + if test -z "$func_convert_core_path_wine_to_w32_result"; then + func_convert_core_path_wine_to_w32_result="$func_convert_core_file_wine_to_w32_result" + else + func_append func_convert_core_path_wine_to_w32_result ";$func_convert_core_file_wine_to_w32_result" + fi + fi + done + IFS=$oldIFS + fi +} +# end: func_convert_core_path_wine_to_w32 + + +# func_cygpath ARGS... +# Wrapper around calling the cygpath program via LT_CYGPATH. This is used when +# when (1) $build is *nix and Cygwin is hosted via a wine environment; or (2) +# $build is MSYS and $host is Cygwin, or (3) $build is Cygwin. In case (1) or +# (2), returns the Cygwin file name or path in func_cygpath_result (input +# file name or path is assumed to be in w32 format, as previously converted +# from $build's *nix or MSYS format). In case (3), returns the w32 file name +# or path in func_cygpath_result (input file name or path is assumed to be in +# Cygwin format). Returns an empty string on error. +# +# ARGS are passed to cygpath, with the last one being the file name or path to +# be converted. +# +# Specify the absolute *nix (or w32) name to cygpath in the LT_CYGPATH +# environment variable; do not put it in $PATH. +func_cygpath () +{ + $opt_debug + if test -n "$LT_CYGPATH" && test -f "$LT_CYGPATH"; then + func_cygpath_result=`$LT_CYGPATH "$@" 2>/dev/null` + if test "$?" -ne 0; then + # on failure, ensure result is empty + func_cygpath_result= + fi + else + func_cygpath_result= + func_error "LT_CYGPATH is empty or specifies non-existent file: \`$LT_CYGPATH'" + fi +} +#end: func_cygpath + + +# func_convert_core_msys_to_w32 ARG +# Convert file name or path ARG from MSYS format to w32 format. Return +# result in func_convert_core_msys_to_w32_result. +func_convert_core_msys_to_w32 () +{ + $opt_debug + # awkward: cmd appends spaces to result + func_convert_core_msys_to_w32_result=`( cmd //c echo "$1" ) 2>/dev/null | + $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"` +} +#end: func_convert_core_msys_to_w32 + + +# func_convert_file_check ARG1 ARG2 +# Verify that ARG1 (a file name in $build format) was converted to $host +# format in ARG2. Otherwise, emit an error message, but continue (resetting +# func_to_host_file_result to ARG1). +func_convert_file_check () +{ + $opt_debug + if test -z "$2" && test -n "$1" ; then + func_error "Could not determine host file name corresponding to" + func_error " \`$1'" + func_error "Continuing, but uninstalled executables may not work." + # Fallback: + func_to_host_file_result="$1" + fi +} +# end func_convert_file_check + + +# func_convert_path_check FROM_PATHSEP TO_PATHSEP FROM_PATH TO_PATH +# Verify that FROM_PATH (a path in $build format) was converted to $host +# format in TO_PATH. Otherwise, emit an error message, but continue, resetting +# func_to_host_file_result to a simplistic fallback value (see below). +func_convert_path_check () +{ + $opt_debug + if test -z "$4" && test -n "$3"; then + func_error "Could not determine the host path corresponding to" + func_error " \`$3'" + func_error "Continuing, but uninstalled executables may not work." + # Fallback. This is a deliberately simplistic "conversion" and + # should not be "improved". See libtool.info. + if test "x$1" != "x$2"; then + lt_replace_pathsep_chars="s|$1|$2|g" + func_to_host_path_result=`echo "$3" | + $SED -e "$lt_replace_pathsep_chars"` + else + func_to_host_path_result="$3" + fi + fi +} +# end func_convert_path_check + + +# func_convert_path_front_back_pathsep FRONTPAT BACKPAT REPL ORIG +# Modifies func_to_host_path_result by prepending REPL if ORIG matches FRONTPAT +# and appending REPL if ORIG matches BACKPAT. +func_convert_path_front_back_pathsep () +{ + $opt_debug + case $4 in + $1 ) func_to_host_path_result="$3$func_to_host_path_result" + ;; + esac + case $4 in + $2 ) func_append func_to_host_path_result "$3" + ;; + esac +} +# end func_convert_path_front_back_pathsep + + +################################################## +# $build to $host FILE NAME CONVERSION FUNCTIONS # +################################################## +# invoked via `$to_host_file_cmd ARG' +# +# In each case, ARG is the path to be converted from $build to $host format. +# Result will be available in $func_to_host_file_result. + + +# func_to_host_file ARG +# Converts the file name ARG from $build format to $host format. Return result +# in func_to_host_file_result. +func_to_host_file () +{ + $opt_debug + $to_host_file_cmd "$1" +} +# end func_to_host_file + + +# func_to_tool_file ARG LAZY +# converts the file name ARG from $build format to toolchain format. Return +# result in func_to_tool_file_result. If the conversion in use is listed +# in (the comma separated) LAZY, no conversion takes place. +func_to_tool_file () +{ + $opt_debug + case ,$2, in + *,"$to_tool_file_cmd",*) + func_to_tool_file_result=$1 + ;; + *) + $to_tool_file_cmd "$1" + func_to_tool_file_result=$func_to_host_file_result + ;; + esac +} +# end func_to_tool_file + + +# func_convert_file_noop ARG +# Copy ARG to func_to_host_file_result. +func_convert_file_noop () +{ + func_to_host_file_result="$1" +} +# end func_convert_file_noop + + +# func_convert_file_msys_to_w32 ARG +# Convert file name ARG from (mingw) MSYS to (mingw) w32 format; automatic +# conversion to w32 is not available inside the cwrapper. Returns result in +# func_to_host_file_result. +func_convert_file_msys_to_w32 () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + func_convert_core_msys_to_w32 "$1" + func_to_host_file_result="$func_convert_core_msys_to_w32_result" + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_msys_to_w32 + + +# func_convert_file_cygwin_to_w32 ARG +# Convert file name ARG from Cygwin to w32 format. Returns result in +# func_to_host_file_result. +func_convert_file_cygwin_to_w32 () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + # because $build is cygwin, we call "the" cygpath in $PATH; no need to use + # LT_CYGPATH in this case. + func_to_host_file_result=`cygpath -m "$1"` + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_cygwin_to_w32 + + +# func_convert_file_nix_to_w32 ARG +# Convert file name ARG from *nix to w32 format. Requires a wine environment +# and a working winepath. Returns result in func_to_host_file_result. +func_convert_file_nix_to_w32 () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + func_convert_core_file_wine_to_w32 "$1" + func_to_host_file_result="$func_convert_core_file_wine_to_w32_result" + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_nix_to_w32 + + +# func_convert_file_msys_to_cygwin ARG +# Convert file name ARG from MSYS to Cygwin format. Requires LT_CYGPATH set. +# Returns result in func_to_host_file_result. +func_convert_file_msys_to_cygwin () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + func_convert_core_msys_to_w32 "$1" + func_cygpath -u "$func_convert_core_msys_to_w32_result" + func_to_host_file_result="$func_cygpath_result" + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_msys_to_cygwin + + +# func_convert_file_nix_to_cygwin ARG +# Convert file name ARG from *nix to Cygwin format. Requires Cygwin installed +# in a wine environment, working winepath, and LT_CYGPATH set. Returns result +# in func_to_host_file_result. +func_convert_file_nix_to_cygwin () +{ + $opt_debug + func_to_host_file_result="$1" + if test -n "$1"; then + # convert from *nix to w32, then use cygpath to convert from w32 to cygwin. + func_convert_core_file_wine_to_w32 "$1" + func_cygpath -u "$func_convert_core_file_wine_to_w32_result" + func_to_host_file_result="$func_cygpath_result" + fi + func_convert_file_check "$1" "$func_to_host_file_result" +} +# end func_convert_file_nix_to_cygwin + + +############################################# +# $build to $host PATH CONVERSION FUNCTIONS # +############################################# +# invoked via `$to_host_path_cmd ARG' +# +# In each case, ARG is the path to be converted from $build to $host format. +# The result will be available in $func_to_host_path_result. +# +# Path separators are also converted from $build format to $host format. If +# ARG begins or ends with a path separator character, it is preserved (but +# converted to $host format) on output. +# +# All path conversion functions are named using the following convention: +# file name conversion function : func_convert_file_X_to_Y () +# path conversion function : func_convert_path_X_to_Y () +# where, for any given $build/$host combination the 'X_to_Y' value is the +# same. If conversion functions are added for new $build/$host combinations, +# the two new functions must follow this pattern, or func_init_to_host_path_cmd +# will break. + + +# func_init_to_host_path_cmd +# Ensures that function "pointer" variable $to_host_path_cmd is set to the +# appropriate value, based on the value of $to_host_file_cmd. +to_host_path_cmd= +func_init_to_host_path_cmd () +{ + $opt_debug + if test -z "$to_host_path_cmd"; then + func_stripname 'func_convert_file_' '' "$to_host_file_cmd" + to_host_path_cmd="func_convert_path_${func_stripname_result}" + fi +} + + +# func_to_host_path ARG +# Converts the path ARG from $build format to $host format. Return result +# in func_to_host_path_result. +func_to_host_path () +{ + $opt_debug + func_init_to_host_path_cmd + $to_host_path_cmd "$1" +} +# end func_to_host_path + + +# func_convert_path_noop ARG +# Copy ARG to func_to_host_path_result. +func_convert_path_noop () +{ + func_to_host_path_result="$1" +} +# end func_convert_path_noop + + +# func_convert_path_msys_to_w32 ARG +# Convert path ARG from (mingw) MSYS to (mingw) w32 format; automatic +# conversion to w32 is not available inside the cwrapper. Returns result in +# func_to_host_path_result. +func_convert_path_msys_to_w32 () +{ + $opt_debug + func_to_host_path_result="$1" + if test -n "$1"; then + # Remove leading and trailing path separator characters from ARG. MSYS + # behavior is inconsistent here; cygpath turns them into '.;' and ';.'; + # and winepath ignores them completely. + func_stripname : : "$1" + func_to_host_path_tmp1=$func_stripname_result + func_convert_core_msys_to_w32 "$func_to_host_path_tmp1" + func_to_host_path_result="$func_convert_core_msys_to_w32_result" + func_convert_path_check : ";" \ + "$func_to_host_path_tmp1" "$func_to_host_path_result" + func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" + fi +} +# end func_convert_path_msys_to_w32 + + +# func_convert_path_cygwin_to_w32 ARG +# Convert path ARG from Cygwin to w32 format. Returns result in +# func_to_host_file_result. +func_convert_path_cygwin_to_w32 () +{ + $opt_debug + func_to_host_path_result="$1" + if test -n "$1"; then + # See func_convert_path_msys_to_w32: + func_stripname : : "$1" + func_to_host_path_tmp1=$func_stripname_result + func_to_host_path_result=`cygpath -m -p "$func_to_host_path_tmp1"` + func_convert_path_check : ";" \ + "$func_to_host_path_tmp1" "$func_to_host_path_result" + func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" + fi +} +# end func_convert_path_cygwin_to_w32 + + +# func_convert_path_nix_to_w32 ARG +# Convert path ARG from *nix to w32 format. Requires a wine environment and +# a working winepath. Returns result in func_to_host_file_result. +func_convert_path_nix_to_w32 () { - write_libobj=${1} - if test "$build_libtool_libs" = yes; then - write_lobj=\'${2}\' - else - write_lobj=none - fi - - if test "$build_old_libs" = yes; then - write_oldobj=\'${3}\' - else - write_oldobj=none - fi + $opt_debug + func_to_host_path_result="$1" + if test -n "$1"; then + # See func_convert_path_msys_to_w32: + func_stripname : : "$1" + func_to_host_path_tmp1=$func_stripname_result + func_convert_core_path_wine_to_w32 "$func_to_host_path_tmp1" + func_to_host_path_result="$func_convert_core_path_wine_to_w32_result" + func_convert_path_check : ";" \ + "$func_to_host_path_tmp1" "$func_to_host_path_result" + func_convert_path_front_back_pathsep ":*" "*:" ";" "$1" + fi +} +# end func_convert_path_nix_to_w32 - $opt_dry_run || { - cat >${write_libobj}T < "$lockfile" fi $opt_dry_run || $RM $removelist - removelist="$removelist $lockfile" + func_append removelist " $lockfile" trap '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' 1 2 15 - if test -n "$fix_srcfile_path"; then - eval srcfile=\"$fix_srcfile_path\" - fi + func_to_tool_file "$srcfile" func_convert_file_msys_to_w32 + srcfile=$func_to_tool_file_result func_quote_for_eval "$srcfile" qsrcfile=$func_quote_for_eval_result @@ -1515,7 +2195,7 @@ compiler." if test -z "$output_obj"; then # Place PIC objects in $objdir - command="$command -o $lobj" + func_append command " -o $lobj" fi func_show_eval_locale "$command" \ @@ -1562,11 +2242,11 @@ compiler." command="$base_compile $qsrcfile $pic_flag" fi if test "$compiler_c_o" = yes; then - command="$command -o $obj" + func_append command " -o $obj" fi # Suppress compiler output if we already did a PIC compilation. - command="$command$suppress_output" + func_append command "$suppress_output" func_show_eval_locale "$command" \ '$opt_dry_run || $RM $removelist; exit $EXIT_FAILURE' @@ -1611,13 +2291,13 @@ compiler." } $opt_help || { - test "$mode" = compile && func_mode_compile ${1+"$@"} + test "$opt_mode" = compile && func_mode_compile ${1+"$@"} } func_mode_help () { # We need to display help for each of the modes. - case $mode in + case $opt_mode in "") # Generic help is extracted from the usage comments # at the start of this file. @@ -1793,7 +2473,7 @@ Otherwise, only FILE itself is deleted using RM." ;; *) - func_fatal_help "invalid operation mode \`$mode'" + func_fatal_help "invalid operation mode \`$opt_mode'" ;; esac @@ -1808,13 +2488,13 @@ if $opt_help; then else { func_help noexit - for mode in compile link execute install finish uninstall clean; do + for opt_mode in compile link execute install finish uninstall clean; do func_mode_help done } | sed -n '1p; 2,$s/^Usage:/ or: /p' { func_help noexit - for mode in compile link execute install finish uninstall clean; do + for opt_mode in compile link execute install finish uninstall clean; do echo func_mode_help done @@ -1843,13 +2523,16 @@ func_mode_execute () func_fatal_help "you must specify a COMMAND" # Handle -dlopen flags immediately. - for file in $execute_dlfiles; do + for file in $opt_dlopen; do test -f "$file" \ || func_fatal_help "\`$file' is not a file" dir= case $file in *.la) + func_resolve_sysroot "$file" + file=$func_resolve_sysroot_result + # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$file" \ || func_fatal_help "\`$lib' is not a valid libtool archive" @@ -1871,7 +2554,7 @@ func_mode_execute () dir="$func_dirname_result" if test -f "$dir/$objdir/$dlname"; then - dir="$dir/$objdir" + func_append dir "/$objdir" else if test ! -f "$dir/$dlname"; then func_fatal_error "cannot find \`$dlname' in \`$dir' or \`$dir/$objdir'" @@ -1928,8 +2611,7 @@ func_mode_execute () ;; esac # Quote arguments (to preserve shell metacharacters). - func_quote_for_eval "$file" - args="$args $func_quote_for_eval_result" + func_append_quoted args "$file" done if test "X$opt_dry_run" = Xfalse; then @@ -1961,22 +2643,59 @@ func_mode_execute () fi } -test "$mode" = execute && func_mode_execute ${1+"$@"} +test "$opt_mode" = execute && func_mode_execute ${1+"$@"} # func_mode_finish arg... func_mode_finish () { $opt_debug - libdirs="$nonopt" + libs= + libdirs= admincmds= - if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then - for dir - do - libdirs="$libdirs $dir" - done + for opt in "$nonopt" ${1+"$@"} + do + if test -d "$opt"; then + func_append libdirs " $opt" + + elif test -f "$opt"; then + if func_lalib_unsafe_p "$opt"; then + func_append libs " $opt" + else + func_warning "\`$opt' is not a valid libtool archive" + fi + + else + func_fatal_error "invalid argument \`$opt'" + fi + done + + if test -n "$libs"; then + if test -n "$lt_sysroot"; then + sysroot_regex=`$ECHO "$lt_sysroot" | $SED "$sed_make_literal_regex"` + sysroot_cmd="s/\([ ']\)$sysroot_regex/\1/g;" + else + sysroot_cmd= + fi + + # Remove sysroot references + if $opt_dry_run; then + for lib in $libs; do + echo "removing references to $lt_sysroot and \`=' prefixes from $lib" + done + else + tmpdir=`func_mktempdir` + for lib in $libs; do + sed -e "${sysroot_cmd} s/\([ ']-[LR]\)=/\1/g; s/\([ ']\)=/\1/g" $lib \ + > $tmpdir/tmp-la + mv -f $tmpdir/tmp-la $lib + done + ${RM}r "$tmpdir" + fi + fi + if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then for libdir in $libdirs; do if test -n "$finish_cmds"; then # Do each command in the finish commands. @@ -1986,7 +2705,7 @@ func_mode_finish () if test -n "$finish_eval"; then # Do the single finish_eval. eval cmds=\"$finish_eval\" - $opt_dry_run || eval "$cmds" || admincmds="$admincmds + $opt_dry_run || eval "$cmds" || func_append admincmds " $cmds" fi done @@ -1995,53 +2714,55 @@ func_mode_finish () # Exit here if they wanted silent mode. $opt_silent && exit $EXIT_SUCCESS - echo "----------------------------------------------------------------------" - echo "Libraries have been installed in:" - for libdir in $libdirs; do - $ECHO " $libdir" - done - echo - echo "If you ever happen to want to link against installed libraries" - echo "in a given directory, LIBDIR, you must either use libtool, and" - echo "specify the full pathname of the library, or use the \`-LLIBDIR'" - echo "flag during linking and do at least one of the following:" - if test -n "$shlibpath_var"; then - echo " - add LIBDIR to the \`$shlibpath_var' environment variable" - echo " during execution" - fi - if test -n "$runpath_var"; then - echo " - add LIBDIR to the \`$runpath_var' environment variable" - echo " during linking" - fi - if test -n "$hardcode_libdir_flag_spec"; then - libdir=LIBDIR - eval flag=\"$hardcode_libdir_flag_spec\" + if test -n "$finish_cmds$finish_eval" && test -n "$libdirs"; then + echo "----------------------------------------------------------------------" + echo "Libraries have been installed in:" + for libdir in $libdirs; do + $ECHO " $libdir" + done + echo + echo "If you ever happen to want to link against installed libraries" + echo "in a given directory, LIBDIR, you must either use libtool, and" + echo "specify the full pathname of the library, or use the \`-LLIBDIR'" + echo "flag during linking and do at least one of the following:" + if test -n "$shlibpath_var"; then + echo " - add LIBDIR to the \`$shlibpath_var' environment variable" + echo " during execution" + fi + if test -n "$runpath_var"; then + echo " - add LIBDIR to the \`$runpath_var' environment variable" + echo " during linking" + fi + if test -n "$hardcode_libdir_flag_spec"; then + libdir=LIBDIR + eval flag=\"$hardcode_libdir_flag_spec\" - $ECHO " - use the \`$flag' linker flag" - fi - if test -n "$admincmds"; then - $ECHO " - have your system administrator run these commands:$admincmds" - fi - if test -f /etc/ld.so.conf; then - echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'" - fi - echo + $ECHO " - use the \`$flag' linker flag" + fi + if test -n "$admincmds"; then + $ECHO " - have your system administrator run these commands:$admincmds" + fi + if test -f /etc/ld.so.conf; then + echo " - have your system administrator add LIBDIR to \`/etc/ld.so.conf'" + fi + echo - echo "See any operating system documentation about shared libraries for" - case $host in - solaris2.[6789]|solaris2.1[0-9]) - echo "more information, such as the ld(1), crle(1) and ld.so(8) manual" - echo "pages." - ;; - *) - echo "more information, such as the ld(1) and ld.so(8) manual pages." - ;; - esac - echo "----------------------------------------------------------------------" + echo "See any operating system documentation about shared libraries for" + case $host in + solaris2.[6789]|solaris2.1[0-9]) + echo "more information, such as the ld(1), crle(1) and ld.so(8) manual" + echo "pages." + ;; + *) + echo "more information, such as the ld(1) and ld.so(8) manual pages." + ;; + esac + echo "----------------------------------------------------------------------" + fi exit $EXIT_SUCCESS } -test "$mode" = finish && func_mode_finish ${1+"$@"} +test "$opt_mode" = finish && func_mode_finish ${1+"$@"} # func_mode_install arg... @@ -2066,7 +2787,7 @@ func_mode_install () # The real first argument should be the name of the installation program. # Aesthetically quote it. func_quote_for_eval "$arg" - install_prog="$install_prog$func_quote_for_eval_result" + func_append install_prog "$func_quote_for_eval_result" install_shared_prog=$install_prog case " $install_prog " in *[\\\ /]cp\ *) install_cp=: ;; @@ -2086,7 +2807,7 @@ func_mode_install () do arg2= if test -n "$dest"; then - files="$files $dest" + func_append files " $dest" dest=$arg continue fi @@ -2124,11 +2845,11 @@ func_mode_install () # Aesthetically quote the argument. func_quote_for_eval "$arg" - install_prog="$install_prog $func_quote_for_eval_result" + func_append install_prog " $func_quote_for_eval_result" if test -n "$arg2"; then func_quote_for_eval "$arg2" fi - install_shared_prog="$install_shared_prog $func_quote_for_eval_result" + func_append install_shared_prog " $func_quote_for_eval_result" done test -z "$install_prog" && \ @@ -2140,7 +2861,7 @@ func_mode_install () if test -n "$install_override_mode" && $no_mode; then if $install_cp; then :; else func_quote_for_eval "$install_override_mode" - install_shared_prog="$install_shared_prog -m $func_quote_for_eval_result" + func_append install_shared_prog " -m $func_quote_for_eval_result" fi fi @@ -2198,10 +2919,13 @@ func_mode_install () case $file in *.$libext) # Do the static libraries later. - staticlibs="$staticlibs $file" + func_append staticlibs " $file" ;; *.la) + func_resolve_sysroot "$file" + file=$func_resolve_sysroot_result + # Check to see that this really is a libtool archive. func_lalib_unsafe_p "$file" \ || func_fatal_help "\`$file' is not a valid libtool archive" @@ -2215,19 +2939,19 @@ func_mode_install () if test "X$destdir" = "X$libdir"; then case "$current_libdirs " in *" $libdir "*) ;; - *) current_libdirs="$current_libdirs $libdir" ;; + *) func_append current_libdirs " $libdir" ;; esac else # Note the libdir as a future libdir. case "$future_libdirs " in *" $libdir "*) ;; - *) future_libdirs="$future_libdirs $libdir" ;; + *) func_append future_libdirs " $libdir" ;; esac fi func_dirname "$file" "/" "" dir="$func_dirname_result" - dir="$dir$objdir" + func_append dir "$objdir" if test -n "$relink_command"; then # Determine the prefix the user has applied to our future dir. @@ -2304,7 +3028,7 @@ func_mode_install () func_show_eval "$install_prog $instname $destdir/$name" 'exit $?' # Maybe install the static library, too. - test -n "$old_library" && staticlibs="$staticlibs $dir/$old_library" + test -n "$old_library" && func_append staticlibs " $dir/$old_library" ;; *.lo) @@ -2478,11 +3202,13 @@ func_mode_install () # Set up the ranlib parameters. oldlib="$destdir/$name" + func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 + tool_oldlib=$func_to_tool_file_result func_show_eval "$install_prog \$file \$oldlib" 'exit $?' if test -n "$stripme" && test -n "$old_striplib"; then - func_show_eval "$old_striplib $oldlib" 'exit $?' + func_show_eval "$old_striplib $tool_oldlib" 'exit $?' fi # Do each command in the postinstall commands. @@ -2501,7 +3227,7 @@ func_mode_install () fi } -test "$mode" = install && func_mode_install ${1+"$@"} +test "$opt_mode" = install && func_mode_install ${1+"$@"} # func_generate_dlsyms outputname originator pic_p @@ -2548,6 +3274,18 @@ extern \"C\" { #pragma GCC diagnostic ignored \"-Wstrict-prototypes\" #endif +/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ +#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) +/* DATA imports from DLLs on WIN32 con't be const, because runtime + relocations are performed -- see ld's documentation on pseudo-relocs. */ +# define LT_DLSYM_CONST +#elif defined(__osf__) +/* This system does not cope well with relocations in const data. */ +# define LT_DLSYM_CONST +#else +# define LT_DLSYM_CONST const +#endif + /* External symbol declarations for the compiler. */\ " @@ -2559,8 +3297,9 @@ extern \"C\" { # Add our own program objects to the symbol list. progfiles=`$ECHO "$objs$old_deplibs" | $SP2NL | $SED "$lo2o" | $NL2SP` for progfile in $progfiles; do - func_verbose "extracting global C symbols from \`$progfile'" - $opt_dry_run || eval "$NM $progfile | $global_symbol_pipe >> '$nlist'" + func_to_tool_file "$progfile" func_convert_file_msys_to_w32 + func_verbose "extracting global C symbols from \`$func_to_tool_file_result'" + $opt_dry_run || eval "$NM $func_to_tool_file_result | $global_symbol_pipe >> '$nlist'" done if test -n "$exclude_expsyms"; then @@ -2609,10 +3348,52 @@ extern \"C\" { func_verbose "extracting global C symbols from \`$dlprefile'" func_basename "$dlprefile" name="$func_basename_result" - $opt_dry_run || { - eval '$ECHO ": $name " >> "$nlist"' - eval "$NM $dlprefile 2>/dev/null | $global_symbol_pipe >> '$nlist'" - } + case $host in + *cygwin* | *mingw* | *cegcc* ) + # if an import library, we need to obtain dlname + if func_win32_import_lib_p "$dlprefile"; then + func_tr_sh "$dlprefile" + eval "curr_lafile=\$libfile_$func_tr_sh_result" + dlprefile_dlbasename="" + if test -n "$curr_lafile" && func_lalib_p "$curr_lafile"; then + # Use subshell, to avoid clobbering current variable values + dlprefile_dlname=`source "$curr_lafile" && echo "$dlname"` + if test -n "$dlprefile_dlname" ; then + func_basename "$dlprefile_dlname" + dlprefile_dlbasename="$func_basename_result" + else + # no lafile. user explicitly requested -dlpreopen . + $sharedlib_from_linklib_cmd "$dlprefile" + dlprefile_dlbasename=$sharedlib_from_linklib_result + fi + fi + $opt_dry_run || { + if test -n "$dlprefile_dlbasename" ; then + eval '$ECHO ": $dlprefile_dlbasename" >> "$nlist"' + else + func_warning "Could not compute DLL name from $name" + eval '$ECHO ": $name " >> "$nlist"' + fi + func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 + eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe | + $SED -e '/I __imp/d' -e 's/I __nm_/D /;s/_nm__//' >> '$nlist'" + } + else # not an import lib + $opt_dry_run || { + eval '$ECHO ": $name " >> "$nlist"' + func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 + eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'" + } + fi + ;; + *) + $opt_dry_run || { + eval '$ECHO ": $name " >> "$nlist"' + func_to_tool_file "$dlprefile" func_convert_file_msys_to_w32 + eval "$NM \"$func_to_tool_file_result\" 2>/dev/null | $global_symbol_pipe >> '$nlist'" + } + ;; + esac done $opt_dry_run || { @@ -2650,26 +3431,9 @@ typedef struct { const char *name; void *address; } lt_dlsymlist; -" - case $host in - *cygwin* | *mingw* | *cegcc* ) - echo >> "$output_objdir/$my_dlsyms" "\ -/* DATA imports from DLLs on WIN32 con't be const, because - runtime relocations are performed -- see ld's documentation - on pseudo-relocs. */" - lt_dlsym_const= ;; - *osf5*) - echo >> "$output_objdir/$my_dlsyms" "\ -/* This system does not cope well with relocations in const data */" - lt_dlsym_const= ;; - *) - lt_dlsym_const=const ;; - esac - - echo >> "$output_objdir/$my_dlsyms" "\ -extern $lt_dlsym_const lt_dlsymlist +extern LT_DLSYM_CONST lt_dlsymlist lt_${my_prefix}_LTX_preloaded_symbols[]; -$lt_dlsym_const lt_dlsymlist +LT_DLSYM_CONST lt_dlsymlist lt_${my_prefix}_LTX_preloaded_symbols[] = {\ { \"$my_originator\", (void *) 0 }," @@ -2709,7 +3473,7 @@ static const void *lt_preloaded_setup() { # linked before any other PIC object. But we must not use # pic_flag when linking with -static. The problem exists in # FreeBSD 2.2.6 and is fixed in FreeBSD 3.1. - *-*-freebsd2*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) + *-*-freebsd2.*|*-*-freebsd3.0*|*-*-freebsdelf3.0*) pic_flag_for_symtable=" $pic_flag -DFREEBSD_WORKAROUND" ;; *-*-hpux*) pic_flag_for_symtable=" $pic_flag" ;; @@ -2725,7 +3489,7 @@ static const void *lt_preloaded_setup() { for arg in $LTCFLAGS; do case $arg in -pie | -fpie | -fPIE) ;; - *) symtab_cflags="$symtab_cflags $arg" ;; + *) func_append symtab_cflags " $arg" ;; esac done @@ -2788,7 +3552,8 @@ func_win32_libid () # Keep the egrep pattern in sync with the one in _LT_CHECK_MAGIC_METHOD. if eval $OBJDUMP -f $1 | $SED -e '10q' 2>/dev/null | $EGREP 'file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' >/dev/null; then - win32_nmres=`eval $NM -f posix -A $1 | + func_to_tool_file "$1" func_convert_file_msys_to_w32 + win32_nmres=`eval $NM -f posix -A \"$func_to_tool_file_result\" | $SED -n -e ' 1,100{ / I /{ @@ -2817,6 +3582,131 @@ func_win32_libid () $ECHO "$win32_libid_type" } +# func_cygming_dll_for_implib ARG +# +# Platform-specific function to extract the +# name of the DLL associated with the specified +# import library ARG. +# Invoked by eval'ing the libtool variable +# $sharedlib_from_linklib_cmd +# Result is available in the variable +# $sharedlib_from_linklib_result +func_cygming_dll_for_implib () +{ + $opt_debug + sharedlib_from_linklib_result=`$DLLTOOL --identify-strict --identify "$1"` +} + +# func_cygming_dll_for_implib_fallback_core SECTION_NAME LIBNAMEs +# +# The is the core of a fallback implementation of a +# platform-specific function to extract the name of the +# DLL associated with the specified import library LIBNAME. +# +# SECTION_NAME is either .idata$6 or .idata$7, depending +# on the platform and compiler that created the implib. +# +# Echos the name of the DLL associated with the +# specified import library. +func_cygming_dll_for_implib_fallback_core () +{ + $opt_debug + match_literal=`$ECHO "$1" | $SED "$sed_make_literal_regex"` + $OBJDUMP -s --section "$1" "$2" 2>/dev/null | + $SED '/^Contents of section '"$match_literal"':/{ + # Place marker at beginning of archive member dllname section + s/.*/====MARK====/ + p + d + } + # These lines can sometimes be longer than 43 characters, but + # are always uninteresting + /:[ ]*file format pe[i]\{,1\}-/d + /^In archive [^:]*:/d + # Ensure marker is printed + /^====MARK====/p + # Remove all lines with less than 43 characters + /^.\{43\}/!d + # From remaining lines, remove first 43 characters + s/^.\{43\}//' | + $SED -n ' + # Join marker and all lines until next marker into a single line + /^====MARK====/ b para + H + $ b para + b + :para + x + s/\n//g + # Remove the marker + s/^====MARK====// + # Remove trailing dots and whitespace + s/[\. \t]*$// + # Print + /./p' | + # we now have a list, one entry per line, of the stringified + # contents of the appropriate section of all members of the + # archive which possess that section. Heuristic: eliminate + # all those which have a first or second character that is + # a '.' (that is, objdump's representation of an unprintable + # character.) This should work for all archives with less than + # 0x302f exports -- but will fail for DLLs whose name actually + # begins with a literal '.' or a single character followed by + # a '.'. + # + # Of those that remain, print the first one. + $SED -e '/^\./d;/^.\./d;q' +} + +# func_cygming_gnu_implib_p ARG +# This predicate returns with zero status (TRUE) if +# ARG is a GNU/binutils-style import library. Returns +# with nonzero status (FALSE) otherwise. +func_cygming_gnu_implib_p () +{ + $opt_debug + func_to_tool_file "$1" func_convert_file_msys_to_w32 + func_cygming_gnu_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $EGREP ' (_head_[A-Za-z0-9_]+_[ad]l*|[A-Za-z0-9_]+_[ad]l*_iname)$'` + test -n "$func_cygming_gnu_implib_tmp" +} + +# func_cygming_ms_implib_p ARG +# This predicate returns with zero status (TRUE) if +# ARG is an MS-style import library. Returns +# with nonzero status (FALSE) otherwise. +func_cygming_ms_implib_p () +{ + $opt_debug + func_to_tool_file "$1" func_convert_file_msys_to_w32 + func_cygming_ms_implib_tmp=`$NM "$func_to_tool_file_result" | eval "$global_symbol_pipe" | $GREP '_NULL_IMPORT_DESCRIPTOR'` + test -n "$func_cygming_ms_implib_tmp" +} + +# func_cygming_dll_for_implib_fallback ARG +# Platform-specific function to extract the +# name of the DLL associated with the specified +# import library ARG. +# +# This fallback implementation is for use when $DLLTOOL +# does not support the --identify-strict option. +# Invoked by eval'ing the libtool variable +# $sharedlib_from_linklib_cmd +# Result is available in the variable +# $sharedlib_from_linklib_result +func_cygming_dll_for_implib_fallback () +{ + $opt_debug + if func_cygming_gnu_implib_p "$1" ; then + # binutils import library + sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$7' "$1"` + elif func_cygming_ms_implib_p "$1" ; then + # ms-generated import library + sharedlib_from_linklib_result=`func_cygming_dll_for_implib_fallback_core '.idata$6' "$1"` + else + # unknown + sharedlib_from_linklib_result="" + fi +} # func_extract_an_archive dir oldlib @@ -3095,14 +3985,17 @@ func_exec_program_core () # launches target application with the remaining arguments. func_exec_program () { - for lt_wr_arg - do - case \$lt_wr_arg in - --lt-*) ;; - *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; - esac - shift - done + case \" \$* \" in + *\\ --lt-*) + for lt_wr_arg + do + case \$lt_wr_arg in + --lt-*) ;; + *) set x \"\$@\" \"\$lt_wr_arg\"; shift;; + esac + shift + done ;; + esac func_exec_program_core \${1+\"\$@\"} } @@ -3195,6 +4088,18 @@ func_exec_program () if test -f \"\$progdir/\$program\"; then" + # fixup the dll searchpath if we need to. + # + # Fix the DLL searchpath if we need to. Do this before prepending + # to shlibpath, because on Windows, both are PATH and uninstalled + # libraries must come first. + if test -n "$dllsearchpath"; then + $ECHO "\ + # Add the dll search path components to the executable PATH + PATH=$dllsearchpath:\$PATH +" + fi + # Export our shlibpath_var if we have one. if test "$shlibpath_overrides_runpath" = yes && test -n "$shlibpath_var" && test -n "$temp_rpath"; then $ECHO "\ @@ -3209,14 +4114,6 @@ func_exec_program () " fi - # fixup the dll searchpath if we need to. - if test -n "$dllsearchpath"; then - $ECHO "\ - # Add the dll search path components to the executable PATH - PATH=$dllsearchpath:\$PATH -" - fi - $ECHO "\ if test \"\$libtool_execute_magic\" != \"$magic\"; then # Run the actual program with our arguments. @@ -3234,166 +4131,6 @@ fi\ } -# func_to_host_path arg -# -# Convert paths to host format when used with build tools. -# Intended for use with "native" mingw (where libtool itself -# is running under the msys shell), or in the following cross- -# build environments: -# $build $host -# mingw (msys) mingw [e.g. native] -# cygwin mingw -# *nix + wine mingw -# where wine is equipped with the `winepath' executable. -# In the native mingw case, the (msys) shell automatically -# converts paths for any non-msys applications it launches, -# but that facility isn't available from inside the cwrapper. -# Similar accommodations are necessary for $host mingw and -# $build cygwin. Calling this function does no harm for other -# $host/$build combinations not listed above. -# -# ARG is the path (on $build) that should be converted to -# the proper representation for $host. The result is stored -# in $func_to_host_path_result. -func_to_host_path () -{ - func_to_host_path_result="$1" - if test -n "$1"; then - case $host in - *mingw* ) - lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' - case $build in - *mingw* ) # actually, msys - # awkward: cmd appends spaces to result - func_to_host_path_result=`( cmd //c echo "$1" ) 2>/dev/null | - $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"` - ;; - *cygwin* ) - func_to_host_path_result=`cygpath -w "$1" | - $SED -e "$lt_sed_naive_backslashify"` - ;; - * ) - # Unfortunately, winepath does not exit with a non-zero - # error code, so we are forced to check the contents of - # stdout. On the other hand, if the command is not - # found, the shell will set an exit code of 127 and print - # *an error message* to stdout. So we must check for both - # error code of zero AND non-empty stdout, which explains - # the odd construction: - func_to_host_path_tmp1=`winepath -w "$1" 2>/dev/null` - if test "$?" -eq 0 && test -n "${func_to_host_path_tmp1}"; then - func_to_host_path_result=`$ECHO "$func_to_host_path_tmp1" | - $SED -e "$lt_sed_naive_backslashify"` - else - # Allow warning below. - func_to_host_path_result= - fi - ;; - esac - if test -z "$func_to_host_path_result" ; then - func_error "Could not determine host path corresponding to" - func_error " \`$1'" - func_error "Continuing, but uninstalled executables may not work." - # Fallback: - func_to_host_path_result="$1" - fi - ;; - esac - fi -} -# end: func_to_host_path - -# func_to_host_pathlist arg -# -# Convert pathlists to host format when used with build tools. -# See func_to_host_path(), above. This function supports the -# following $build/$host combinations (but does no harm for -# combinations not listed here): -# $build $host -# mingw (msys) mingw [e.g. native] -# cygwin mingw -# *nix + wine mingw -# -# Path separators are also converted from $build format to -# $host format. If ARG begins or ends with a path separator -# character, it is preserved (but converted to $host format) -# on output. -# -# ARG is a pathlist (on $build) that should be converted to -# the proper representation on $host. The result is stored -# in $func_to_host_pathlist_result. -func_to_host_pathlist () -{ - func_to_host_pathlist_result="$1" - if test -n "$1"; then - case $host in - *mingw* ) - lt_sed_naive_backslashify='s|\\\\*|\\|g;s|/|\\|g;s|\\|\\\\|g' - # Remove leading and trailing path separator characters from - # ARG. msys behavior is inconsistent here, cygpath turns them - # into '.;' and ';.', and winepath ignores them completely. - func_stripname : : "$1" - func_to_host_pathlist_tmp1=$func_stripname_result - case $build in - *mingw* ) # Actually, msys. - # Awkward: cmd appends spaces to result. - func_to_host_pathlist_result=` - ( cmd //c echo "$func_to_host_pathlist_tmp1" ) 2>/dev/null | - $SED -e 's/[ ]*$//' -e "$lt_sed_naive_backslashify"` - ;; - *cygwin* ) - func_to_host_pathlist_result=`cygpath -w -p "$func_to_host_pathlist_tmp1" | - $SED -e "$lt_sed_naive_backslashify"` - ;; - * ) - # unfortunately, winepath doesn't convert pathlists - func_to_host_pathlist_result="" - func_to_host_pathlist_oldIFS=$IFS - IFS=: - for func_to_host_pathlist_f in $func_to_host_pathlist_tmp1 ; do - IFS=$func_to_host_pathlist_oldIFS - if test -n "$func_to_host_pathlist_f" ; then - func_to_host_path "$func_to_host_pathlist_f" - if test -n "$func_to_host_path_result" ; then - if test -z "$func_to_host_pathlist_result" ; then - func_to_host_pathlist_result="$func_to_host_path_result" - else - func_append func_to_host_pathlist_result ";$func_to_host_path_result" - fi - fi - fi - done - IFS=$func_to_host_pathlist_oldIFS - ;; - esac - if test -z "$func_to_host_pathlist_result"; then - func_error "Could not determine the host path(s) corresponding to" - func_error " \`$1'" - func_error "Continuing, but uninstalled executables may not work." - # Fallback. This may break if $1 contains DOS-style drive - # specifications. The fix is not to complicate the expression - # below, but for the user to provide a working wine installation - # with winepath so that path translation in the cross-to-mingw - # case works properly. - lt_replace_pathsep_nix_to_dos="s|:|;|g" - func_to_host_pathlist_result=`echo "$func_to_host_pathlist_tmp1" |\ - $SED -e "$lt_replace_pathsep_nix_to_dos"` - fi - # Now, add the leading and trailing path separators back - case "$1" in - :* ) func_to_host_pathlist_result=";$func_to_host_pathlist_result" - ;; - esac - case "$1" in - *: ) func_append func_to_host_pathlist_result ";" - ;; - esac - ;; - esac - fi -} -# end: func_to_host_pathlist - # func_emit_cwrapperexe_src # emit the source code for a wrapper executable on stdout # Must ONLY be called from within func_mode_link because @@ -3563,14 +4300,14 @@ void lt_dump_script (FILE *f); EOF cat </dev/null` + if test "$want_nocaseglob" = yes; then + shopt -s nocaseglob + potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null` + $nocaseglob + else + potential_libs=`ls $i/$libnameglob[.-]* 2>/dev/null` + fi for potent_lib in $potential_libs; do # Follow soft links. if ls -lLd "$potent_lib" 2>/dev/null | @@ -6999,7 +7828,7 @@ EOF if eval $file_magic_cmd \"\$potlib\" 2>/dev/null | $SED -e 10q | $EGREP "$file_magic_regex" > /dev/null; then - newdeplibs="$newdeplibs $a_deplib" + func_append newdeplibs " $a_deplib" a_deplib="" break 2 fi @@ -7024,7 +7853,7 @@ EOF ;; *) # Add a -L argument. - newdeplibs="$newdeplibs $a_deplib" + func_append newdeplibs " $a_deplib" ;; esac done # Gone through all deplibs. @@ -7040,7 +7869,7 @@ EOF if test "X$allow_libtool_libs_with_static_runtimes" = "Xyes" ; then case " $predeps $postdeps " in *" $a_deplib "*) - newdeplibs="$newdeplibs $a_deplib" + func_append newdeplibs " $a_deplib" a_deplib="" ;; esac @@ -7053,7 +7882,7 @@ EOF potlib="$potent_lib" # see symlink-check above in file_magic test if eval "\$ECHO \"$potent_lib\"" 2>/dev/null | $SED 10q | \ $EGREP "$match_pattern_regex" > /dev/null; then - newdeplibs="$newdeplibs $a_deplib" + func_append newdeplibs " $a_deplib" a_deplib="" break 2 fi @@ -7078,7 +7907,7 @@ EOF ;; *) # Add a -L argument. - newdeplibs="$newdeplibs $a_deplib" + func_append newdeplibs " $a_deplib" ;; esac done # Gone through all deplibs. @@ -7182,7 +8011,7 @@ EOF *) case " $deplibs " in *" -L$path/$objdir "*) - new_libs="$new_libs -L$path/$objdir" ;; + func_append new_libs " -L$path/$objdir" ;; esac ;; esac @@ -7192,10 +8021,10 @@ EOF -L*) case " $new_libs " in *" $deplib "*) ;; - *) new_libs="$new_libs $deplib" ;; + *) func_append new_libs " $deplib" ;; esac ;; - *) new_libs="$new_libs $deplib" ;; + *) func_append new_libs " $deplib" ;; esac done deplibs="$new_libs" @@ -7207,15 +8036,22 @@ EOF # Test again, we may have decided not to build it any more if test "$build_libtool_libs" = yes; then + # Remove ${wl} instances when linking with ld. + # FIXME: should test the right _cmds variable. + case $archive_cmds in + *\$LD\ *) wl= ;; + esac if test "$hardcode_into_libs" = yes; then # Hardcode the library paths hardcode_libdirs= dep_rpath= rpath="$finalize_rpath" - test "$mode" != relink && rpath="$compile_rpath$rpath" + test "$opt_mode" != relink && rpath="$compile_rpath$rpath" for libdir in $rpath; do if test -n "$hardcode_libdir_flag_spec"; then if test -n "$hardcode_libdir_separator"; then + func_replace_sysroot "$libdir" + libdir=$func_replace_sysroot_result if test -z "$hardcode_libdirs"; then hardcode_libdirs="$libdir" else @@ -7224,18 +8060,18 @@ EOF *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) ;; *) - hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" + func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" ;; esac fi else eval flag=\"$hardcode_libdir_flag_spec\" - dep_rpath="$dep_rpath $flag" + func_append dep_rpath " $flag" fi elif test -n "$runpath_var"; then case "$perm_rpath " in *" $libdir "*) ;; - *) perm_rpath="$perm_rpath $libdir" ;; + *) func_append perm_rpath " $libdir" ;; esac fi done @@ -7243,17 +8079,13 @@ EOF if test -n "$hardcode_libdir_separator" && test -n "$hardcode_libdirs"; then libdir="$hardcode_libdirs" - if test -n "$hardcode_libdir_flag_spec_ld"; then - eval dep_rpath=\"$hardcode_libdir_flag_spec_ld\" - else - eval dep_rpath=\"$hardcode_libdir_flag_spec\" - fi + eval "dep_rpath=\"$hardcode_libdir_flag_spec\"" fi if test -n "$runpath_var" && test -n "$perm_rpath"; then # We should set the runpath_var. rpath= for dir in $perm_rpath; do - rpath="$rpath$dir:" + func_append rpath "$dir:" done eval "$runpath_var='$rpath\$$runpath_var'; export $runpath_var" fi @@ -7261,7 +8093,7 @@ EOF fi shlibpath="$finalize_shlibpath" - test "$mode" != relink && shlibpath="$compile_shlibpath$shlibpath" + test "$opt_mode" != relink && shlibpath="$compile_shlibpath$shlibpath" if test -n "$shlibpath"; then eval "$shlibpath_var='$shlibpath\$$shlibpath_var'; export $shlibpath_var" fi @@ -7287,7 +8119,7 @@ EOF linknames= for link do - linknames="$linknames $link" + func_append linknames " $link" done # Use standard objects if they are pic @@ -7298,7 +8130,7 @@ EOF if test -n "$export_symbols" && test -n "$include_expsyms"; then $opt_dry_run || cp "$export_symbols" "$output_objdir/$libname.uexp" export_symbols="$output_objdir/$libname.uexp" - delfiles="$delfiles $export_symbols" + func_append delfiles " $export_symbols" fi orig_export_symbols= @@ -7329,13 +8161,45 @@ EOF $opt_dry_run || $RM $export_symbols cmds=$export_symbols_cmds save_ifs="$IFS"; IFS='~' - for cmd in $cmds; do + for cmd1 in $cmds; do IFS="$save_ifs" - eval cmd=\"$cmd\" - func_len " $cmd" - len=$func_len_result - if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then + # Take the normal branch if the nm_file_list_spec branch + # doesn't work or if tool conversion is not needed. + case $nm_file_list_spec~$to_tool_file_cmd in + *~func_convert_file_noop | *~func_convert_file_msys_to_w32 | ~*) + try_normal_branch=yes + eval cmd=\"$cmd1\" + func_len " $cmd" + len=$func_len_result + ;; + *) + try_normal_branch=no + ;; + esac + if test "$try_normal_branch" = yes \ + && { test "$len" -lt "$max_cmd_len" \ + || test "$max_cmd_len" -le -1; } + then + func_show_eval "$cmd" 'exit $?' + skipped_export=false + elif test -n "$nm_file_list_spec"; then + func_basename "$output" + output_la=$func_basename_result + save_libobjs=$libobjs + save_output=$output + output=${output_objdir}/${output_la}.nm + func_to_tool_file "$output" + libobjs=$nm_file_list_spec$func_to_tool_file_result + func_append delfiles " $output" + func_verbose "creating $NM input file list: $output" + for obj in $save_libobjs; do + func_to_tool_file "$obj" + $ECHO "$func_to_tool_file_result" + done > "$output" + eval cmd=\"$cmd1\" func_show_eval "$cmd" 'exit $?' + output=$save_output + libobjs=$save_libobjs skipped_export=false else # The command line is too long to execute in one step. @@ -7369,7 +8233,7 @@ EOF # global variables. join(1) would be nice here, but unfortunately # isn't a blessed tool. $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter - delfiles="$delfiles $export_symbols $output_objdir/$libname.filter" + func_append delfiles " $export_symbols $output_objdir/$libname.filter" export_symbols=$output_objdir/$libname.def $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols fi @@ -7379,7 +8243,7 @@ EOF case " $convenience " in *" $test_deplib "*) ;; *) - tmp_deplibs="$tmp_deplibs $test_deplib" + func_append tmp_deplibs " $test_deplib" ;; esac done @@ -7399,21 +8263,21 @@ EOF test "X$libobjs" = "X " && libobjs= else gentop="$output_objdir/${outputname}x" - generated="$generated $gentop" + func_append generated " $gentop" func_extract_archives $gentop $convenience - libobjs="$libobjs $func_extract_archives_result" + func_append libobjs " $func_extract_archives_result" test "X$libobjs" = "X " && libobjs= fi fi if test "$thread_safe" = yes && test -n "$thread_safe_flag_spec"; then eval flag=\"$thread_safe_flag_spec\" - linker_flags="$linker_flags $flag" + func_append linker_flags " $flag" fi # Make a backup of the uninstalled library when relinking - if test "$mode" = relink; then + if test "$opt_mode" = relink; then $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}U && $MV $realname ${realname}U)' || exit $? fi @@ -7475,10 +8339,13 @@ EOF echo 'INPUT (' > $output for obj in $save_libobjs do - $ECHO "$obj" >> $output + func_to_tool_file "$obj" + $ECHO "$func_to_tool_file_result" >> $output done echo ')' >> $output - delfiles="$delfiles $output" + func_append delfiles " $output" + func_to_tool_file "$output" + output=$func_to_tool_file_result elif test -n "$save_libobjs" && test "X$skipped_export" != "X:" && test "X$file_list_spec" != X; then output=${output_objdir}/${output_la}.lnk func_verbose "creating linker input file list: $output" @@ -7492,10 +8359,12 @@ EOF fi for obj do - $ECHO "$obj" >> $output + func_to_tool_file "$obj" + $ECHO "$func_to_tool_file_result" >> $output done - delfiles="$delfiles $output" - output=$firstobj\"$file_list_spec$output\" + func_append delfiles " $output" + func_to_tool_file "$output" + output=$firstobj\"$file_list_spec$func_to_tool_file_result\" else if test -n "$save_libobjs"; then func_verbose "creating reloadable object files..." @@ -7546,7 +8415,7 @@ EOF if test -n "$last_robj"; then eval concat_cmds=\"\${concat_cmds}~\$RM $last_robj\" fi - delfiles="$delfiles $output" + func_append delfiles " $output" else output= @@ -7580,7 +8449,7 @@ EOF lt_exit=$? # Restore the uninstalled library and exit - if test "$mode" = relink; then + if test "$opt_mode" = relink; then ( cd "$output_objdir" && \ $RM "${realname}T" && \ $MV "${realname}U" "$realname" ) @@ -7613,7 +8482,7 @@ EOF # global variables. join(1) would be nice here, but unfortunately # isn't a blessed tool. $opt_dry_run || $SED -e '/[ ,]DATA/!d;s,\(.*\)\([ \,].*\),s|^\1$|\1\2|,' < $export_symbols > $output_objdir/$libname.filter - delfiles="$delfiles $export_symbols $output_objdir/$libname.filter" + func_append delfiles " $export_symbols $output_objdir/$libname.filter" export_symbols=$output_objdir/$libname.def $opt_dry_run || $SED -f $output_objdir/$libname.filter < $orig_export_symbols > $export_symbols fi @@ -7654,10 +8523,10 @@ EOF # Add any objects from preloaded convenience libraries if test -n "$dlprefiles"; then gentop="$output_objdir/${outputname}x" - generated="$generated $gentop" + func_append generated " $gentop" func_extract_archives $gentop $dlprefiles - libobjs="$libobjs $func_extract_archives_result" + func_append libobjs " $func_extract_archives_result" test "X$libobjs" = "X " && libobjs= fi @@ -7673,7 +8542,7 @@ EOF lt_exit=$? # Restore the uninstalled library and exit - if test "$mode" = relink; then + if test "$opt_mode" = relink; then ( cd "$output_objdir" && \ $RM "${realname}T" && \ $MV "${realname}U" "$realname" ) @@ -7685,7 +8554,7 @@ EOF IFS="$save_ifs" # Restore the uninstalled library and exit - if test "$mode" = relink; then + if test "$opt_mode" = relink; then $opt_dry_run || eval '(cd $output_objdir && $RM ${realname}T && $MV $realname ${realname}T && $MV ${realname}U $realname)' || exit $? if test -n "$convenience"; then @@ -7769,13 +8638,16 @@ EOF reload_conv_objs=$reload_objs\ `$ECHO "$tmp_whole_archive_flags" | $SED 's|,| |g'` else gentop="$output_objdir/${obj}x" - generated="$generated $gentop" + func_append generated " $gentop" func_extract_archives $gentop $convenience reload_conv_objs="$reload_objs $func_extract_archives_result" fi fi + # If we're not building shared, we need to use non_pic_objs + test "$build_libtool_libs" != yes && libobjs="$non_pic_objects" + # Create the old-style object. reload_objs="$objs$old_deplibs "`$ECHO "$libobjs" | $SP2NL | $SED "/\.${libext}$/d; /\.lib$/d; $lo2o" | $NL2SP`" $reload_conv_objs" ### testsuite: skip nested quoting test @@ -7849,8 +8721,8 @@ EOF if test "$tagname" = CXX ; then case ${MACOSX_DEPLOYMENT_TARGET-10.0} in 10.[0123]) - compile_command="$compile_command ${wl}-bind_at_load" - finalize_command="$finalize_command ${wl}-bind_at_load" + func_append compile_command " ${wl}-bind_at_load" + func_append finalize_command " ${wl}-bind_at_load" ;; esac fi @@ -7870,7 +8742,7 @@ EOF *) case " $compile_deplibs " in *" -L$path/$objdir "*) - new_libs="$new_libs -L$path/$objdir" ;; + func_append new_libs " -L$path/$objdir" ;; esac ;; esac @@ -7880,17 +8752,17 @@ EOF -L*) case " $new_libs " in *" $deplib "*) ;; - *) new_libs="$new_libs $deplib" ;; + *) func_append new_libs " $deplib" ;; esac ;; - *) new_libs="$new_libs $deplib" ;; + *) func_append new_libs " $deplib" ;; esac done compile_deplibs="$new_libs" - compile_command="$compile_command $compile_deplibs" - finalize_command="$finalize_command $finalize_deplibs" + func_append compile_command " $compile_deplibs" + func_append finalize_command " $finalize_deplibs" if test -n "$rpath$xrpath"; then # If the user specified any rpath flags, then add them. @@ -7898,7 +8770,7 @@ EOF # This is the magic to use -rpath. case "$finalize_rpath " in *" $libdir "*) ;; - *) finalize_rpath="$finalize_rpath $libdir" ;; + *) func_append finalize_rpath " $libdir" ;; esac done fi @@ -7917,18 +8789,18 @@ EOF *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) ;; *) - hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" + func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" ;; esac fi else eval flag=\"$hardcode_libdir_flag_spec\" - rpath="$rpath $flag" + func_append rpath " $flag" fi elif test -n "$runpath_var"; then case "$perm_rpath " in *" $libdir "*) ;; - *) perm_rpath="$perm_rpath $libdir" ;; + *) func_append perm_rpath " $libdir" ;; esac fi case $host in @@ -7937,12 +8809,12 @@ EOF case :$dllsearchpath: in *":$libdir:"*) ;; ::) dllsearchpath=$libdir;; - *) dllsearchpath="$dllsearchpath:$libdir";; + *) func_append dllsearchpath ":$libdir";; esac case :$dllsearchpath: in *":$testbindir:"*) ;; ::) dllsearchpath=$testbindir;; - *) dllsearchpath="$dllsearchpath:$testbindir";; + *) func_append dllsearchpath ":$testbindir";; esac ;; esac @@ -7968,18 +8840,18 @@ EOF *"$hardcode_libdir_separator$libdir$hardcode_libdir_separator"*) ;; *) - hardcode_libdirs="$hardcode_libdirs$hardcode_libdir_separator$libdir" + func_append hardcode_libdirs "$hardcode_libdir_separator$libdir" ;; esac fi else eval flag=\"$hardcode_libdir_flag_spec\" - rpath="$rpath $flag" + func_append rpath " $flag" fi elif test -n "$runpath_var"; then case "$finalize_perm_rpath " in *" $libdir "*) ;; - *) finalize_perm_rpath="$finalize_perm_rpath $libdir" ;; + *) func_append finalize_perm_rpath " $libdir" ;; esac fi done @@ -8030,6 +8902,12 @@ EOF exit_status=0 func_show_eval "$link_command" 'exit_status=$?' + if test -n "$postlink_cmds"; then + func_to_tool_file "$output" + postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` + func_execute_cmds "$postlink_cmds" 'exit $?' + fi + # Delete the generated files. if test -f "$output_objdir/${outputname}S.${objext}"; then func_show_eval '$RM "$output_objdir/${outputname}S.${objext}"' @@ -8052,7 +8930,7 @@ EOF # We should set the runpath_var. rpath= for dir in $perm_rpath; do - rpath="$rpath$dir:" + func_append rpath "$dir:" done compile_var="$runpath_var=\"$rpath\$$runpath_var\" " fi @@ -8060,7 +8938,7 @@ EOF # We should set the runpath_var. rpath= for dir in $finalize_perm_rpath; do - rpath="$rpath$dir:" + func_append rpath "$dir:" done finalize_var="$runpath_var=\"$rpath\$$runpath_var\" " fi @@ -8075,6 +8953,13 @@ EOF $opt_dry_run || $RM $output # Link the executable and exit func_show_eval "$link_command" 'exit $?' + + if test -n "$postlink_cmds"; then + func_to_tool_file "$output" + postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` + func_execute_cmds "$postlink_cmds" 'exit $?' + fi + exit $EXIT_SUCCESS fi @@ -8108,6 +8993,12 @@ EOF func_show_eval "$link_command" 'exit $?' + if test -n "$postlink_cmds"; then + func_to_tool_file "$output_objdir/$outputname" + postlink_cmds=`func_echo_all "$postlink_cmds" | $SED -e 's%@OUTPUT@%'"$output_objdir/$outputname"'%g' -e 's%@TOOL_OUTPUT@%'"$func_to_tool_file_result"'%g'` + func_execute_cmds "$postlink_cmds" 'exit $?' + fi + # Now create the wrapper script. func_verbose "creating $output" @@ -8205,7 +9096,7 @@ EOF else oldobjs="$old_deplibs $non_pic_objects" if test "$preload" = yes && test -f "$symfileobj"; then - oldobjs="$oldobjs $symfileobj" + func_append oldobjs " $symfileobj" fi fi addlibs="$old_convenience" @@ -8213,10 +9104,10 @@ EOF if test -n "$addlibs"; then gentop="$output_objdir/${outputname}x" - generated="$generated $gentop" + func_append generated " $gentop" func_extract_archives $gentop $addlibs - oldobjs="$oldobjs $func_extract_archives_result" + func_append oldobjs " $func_extract_archives_result" fi # Do each command in the archive commands. @@ -8227,10 +9118,10 @@ EOF # Add any objects from preloaded convenience libraries if test -n "$dlprefiles"; then gentop="$output_objdir/${outputname}x" - generated="$generated $gentop" + func_append generated " $gentop" func_extract_archives $gentop $dlprefiles - oldobjs="$oldobjs $func_extract_archives_result" + func_append oldobjs " $func_extract_archives_result" fi # POSIX demands no paths to be encoded in archives. We have @@ -8248,7 +9139,7 @@ EOF else echo "copying selected object files to avoid basename conflicts..." gentop="$output_objdir/${outputname}x" - generated="$generated $gentop" + func_append generated " $gentop" func_mkdir_p "$gentop" save_oldobjs=$oldobjs oldobjs= @@ -8272,18 +9163,30 @@ EOF esac done func_show_eval "ln $obj $gentop/$newobj || cp $obj $gentop/$newobj" - oldobjs="$oldobjs $gentop/$newobj" + func_append oldobjs " $gentop/$newobj" ;; - *) oldobjs="$oldobjs $obj" ;; + *) func_append oldobjs " $obj" ;; esac done fi + func_to_tool_file "$oldlib" func_convert_file_msys_to_w32 + tool_oldlib=$func_to_tool_file_result eval cmds=\"$old_archive_cmds\" func_len " $cmds" len=$func_len_result if test "$len" -lt "$max_cmd_len" || test "$max_cmd_len" -le -1; then cmds=$old_archive_cmds + elif test -n "$archiver_list_spec"; then + func_verbose "using command file archive linking..." + for obj in $oldobjs + do + func_to_tool_file "$obj" + $ECHO "$func_to_tool_file_result" + done > $output_objdir/$libname.libcmd + func_to_tool_file "$output_objdir/$libname.libcmd" + oldobjs=" $archiver_list_spec$func_to_tool_file_result" + cmds=$old_archive_cmds else # the command line is too long to link in one step, link in parts func_verbose "using piecewise archive linking..." @@ -8377,12 +9280,23 @@ EOF *.la) func_basename "$deplib" name="$func_basename_result" - eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $deplib` + func_resolve_sysroot "$deplib" + eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $func_resolve_sysroot_result` test -z "$libdir" && \ func_fatal_error "\`$deplib' is not a valid libtool archive" - newdependency_libs="$newdependency_libs $libdir/$name" + func_append newdependency_libs " ${lt_sysroot:+=}$libdir/$name" + ;; + -L*) + func_stripname -L '' "$deplib" + func_replace_sysroot "$func_stripname_result" + func_append newdependency_libs " -L$func_replace_sysroot_result" + ;; + -R*) + func_stripname -R '' "$deplib" + func_replace_sysroot "$func_stripname_result" + func_append newdependency_libs " -R$func_replace_sysroot_result" ;; - *) newdependency_libs="$newdependency_libs $deplib" ;; + *) func_append newdependency_libs " $deplib" ;; esac done dependency_libs="$newdependency_libs" @@ -8396,9 +9310,9 @@ EOF eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` test -z "$libdir" && \ func_fatal_error "\`$lib' is not a valid libtool archive" - newdlfiles="$newdlfiles $libdir/$name" + func_append newdlfiles " ${lt_sysroot:+=}$libdir/$name" ;; - *) newdlfiles="$newdlfiles $lib" ;; + *) func_append newdlfiles " $lib" ;; esac done dlfiles="$newdlfiles" @@ -8415,7 +9329,7 @@ EOF eval libdir=`${SED} -n -e 's/^libdir=\(.*\)$/\1/p' $lib` test -z "$libdir" && \ func_fatal_error "\`$lib' is not a valid libtool archive" - newdlprefiles="$newdlprefiles $libdir/$name" + func_append newdlprefiles " ${lt_sysroot:+=}$libdir/$name" ;; esac done @@ -8427,7 +9341,7 @@ EOF [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; *) abs=`pwd`"/$lib" ;; esac - newdlfiles="$newdlfiles $abs" + func_append newdlfiles " $abs" done dlfiles="$newdlfiles" newdlprefiles= @@ -8436,7 +9350,7 @@ EOF [\\/]* | [A-Za-z]:[\\/]*) abs="$lib" ;; *) abs=`pwd`"/$lib" ;; esac - newdlprefiles="$newdlprefiles $abs" + func_append newdlprefiles " $abs" done dlprefiles="$newdlprefiles" fi @@ -8521,7 +9435,7 @@ relink_command=\"$relink_command\"" exit $EXIT_SUCCESS } -{ test "$mode" = link || test "$mode" = relink; } && +{ test "$opt_mode" = link || test "$opt_mode" = relink; } && func_mode_link ${1+"$@"} @@ -8541,9 +9455,9 @@ func_mode_uninstall () for arg do case $arg in - -f) RM="$RM $arg"; rmforce=yes ;; - -*) RM="$RM $arg" ;; - *) files="$files $arg" ;; + -f) func_append RM " $arg"; rmforce=yes ;; + -*) func_append RM " $arg" ;; + *) func_append files " $arg" ;; esac done @@ -8552,24 +9466,23 @@ func_mode_uninstall () rmdirs= - origobjdir="$objdir" for file in $files; do func_dirname "$file" "" "." dir="$func_dirname_result" if test "X$dir" = X.; then - objdir="$origobjdir" + odir="$objdir" else - objdir="$dir/$origobjdir" + odir="$dir/$objdir" fi func_basename "$file" name="$func_basename_result" - test "$mode" = uninstall && objdir="$dir" + test "$opt_mode" = uninstall && odir="$dir" - # Remember objdir for removal later, being careful to avoid duplicates - if test "$mode" = clean; then + # Remember odir for removal later, being careful to avoid duplicates + if test "$opt_mode" = clean; then case " $rmdirs " in - *" $objdir "*) ;; - *) rmdirs="$rmdirs $objdir" ;; + *" $odir "*) ;; + *) func_append rmdirs " $odir" ;; esac fi @@ -8595,18 +9508,17 @@ func_mode_uninstall () # Delete the libtool libraries and symlinks. for n in $library_names; do - rmfiles="$rmfiles $objdir/$n" + func_append rmfiles " $odir/$n" done - test -n "$old_library" && rmfiles="$rmfiles $objdir/$old_library" + test -n "$old_library" && func_append rmfiles " $odir/$old_library" - case "$mode" in + case "$opt_mode" in clean) - case " $library_names " in - # " " in the beginning catches empty $dlname + case " $library_names " in *" $dlname "*) ;; - *) rmfiles="$rmfiles $objdir/$dlname" ;; + *) test -n "$dlname" && func_append rmfiles " $odir/$dlname" ;; esac - test -n "$libdir" && rmfiles="$rmfiles $objdir/$name $objdir/${name}i" + test -n "$libdir" && func_append rmfiles " $odir/$name $odir/${name}i" ;; uninstall) if test -n "$library_names"; then @@ -8634,19 +9546,19 @@ func_mode_uninstall () # Add PIC object to the list of files to remove. if test -n "$pic_object" && test "$pic_object" != none; then - rmfiles="$rmfiles $dir/$pic_object" + func_append rmfiles " $dir/$pic_object" fi # Add non-PIC object to the list of files to remove. if test -n "$non_pic_object" && test "$non_pic_object" != none; then - rmfiles="$rmfiles $dir/$non_pic_object" + func_append rmfiles " $dir/$non_pic_object" fi fi ;; *) - if test "$mode" = clean ; then + if test "$opt_mode" = clean ; then noexename=$name case $file in *.exe) @@ -8656,7 +9568,7 @@ func_mode_uninstall () noexename=$func_stripname_result # $file with .exe has already been added to rmfiles, # add $file without .exe - rmfiles="$rmfiles $file" + func_append rmfiles " $file" ;; esac # Do a test to see if this is a libtool program. @@ -8665,7 +9577,7 @@ func_mode_uninstall () func_ltwrapper_scriptname "$file" relink_command= func_source $func_ltwrapper_scriptname_result - rmfiles="$rmfiles $func_ltwrapper_scriptname_result" + func_append rmfiles " $func_ltwrapper_scriptname_result" else relink_command= func_source $dir/$noexename @@ -8673,12 +9585,12 @@ func_mode_uninstall () # note $name still contains .exe if it was in $file originally # as does the version of $file that was added into $rmfiles - rmfiles="$rmfiles $objdir/$name $objdir/${name}S.${objext}" + func_append rmfiles " $odir/$name $odir/${name}S.${objext}" if test "$fast_install" = yes && test -n "$relink_command"; then - rmfiles="$rmfiles $objdir/lt-$name" + func_append rmfiles " $odir/lt-$name" fi if test "X$noexename" != "X$name" ; then - rmfiles="$rmfiles $objdir/lt-${noexename}.c" + func_append rmfiles " $odir/lt-${noexename}.c" fi fi fi @@ -8686,7 +9598,6 @@ func_mode_uninstall () esac func_show_eval "$RM $rmfiles" 'exit_status=1' done - objdir="$origobjdir" # Try to remove the ${objdir}s in the directories where we deleted files for dir in $rmdirs; do @@ -8698,16 +9609,16 @@ func_mode_uninstall () exit $exit_status } -{ test "$mode" = uninstall || test "$mode" = clean; } && +{ test "$opt_mode" = uninstall || test "$opt_mode" = clean; } && func_mode_uninstall ${1+"$@"} -test -z "$mode" && { +test -z "$opt_mode" && { help="$generic_help" func_fatal_help "you must specify a MODE" } test -z "$exec_cmd" && \ - func_fatal_help "invalid operation mode \`$mode'" + func_fatal_help "invalid operation mode \`$opt_mode'" if test -n "$exec_cmd"; then eval exec "$exec_cmd" diff --git a/FreeRTOS-Plus/Source/CyaSSL/build-aux/missing b/FreeRTOS-Plus/Source/CyaSSL/build-aux/missing new file mode 100644 index 000000000..db98974ff --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/build-aux/missing @@ -0,0 +1,215 @@ +#! /bin/sh +# Common wrapper for a few potentially missing GNU programs. + +scriptversion=2013-10-28.13; # UTC + +# Copyright (C) 1996-2013 Free Software Foundation, Inc. +# Originally written by Fran,cois Pinard , 1996. + +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +if test $# -eq 0; then + echo 1>&2 "Try '$0 --help' for more information" + exit 1 +fi + +case $1 in + + --is-lightweight) + # Used by our autoconf macros to check whether the available missing + # script is modern enough. + exit 0 + ;; + + --run) + # Back-compat with the calling convention used by older automake. + shift + ;; + + -h|--h|--he|--hel|--help) + echo "\ +$0 [OPTION]... PROGRAM [ARGUMENT]... + +Run 'PROGRAM [ARGUMENT]...', returning a proper advice when this fails due +to PROGRAM being missing or too old. + +Options: + -h, --help display this help and exit + -v, --version output version information and exit + +Supported PROGRAM values: + aclocal autoconf autoheader autom4te automake makeinfo + bison yacc flex lex help2man + +Version suffixes to PROGRAM as well as the prefixes 'gnu-', 'gnu', and +'g' are ignored when checking the name. + +Send bug reports to ." + exit $? + ;; + + -v|--v|--ve|--ver|--vers|--versi|--versio|--version) + echo "missing $scriptversion (GNU Automake)" + exit $? + ;; + + -*) + echo 1>&2 "$0: unknown '$1' option" + echo 1>&2 "Try '$0 --help' for more information" + exit 1 + ;; + +esac + +# Run the given program, remember its exit status. +"$@"; st=$? + +# If it succeeded, we are done. +test $st -eq 0 && exit 0 + +# Also exit now if we it failed (or wasn't found), and '--version' was +# passed; such an option is passed most likely to detect whether the +# program is present and works. +case $2 in --version|--help) exit $st;; esac + +# Exit code 63 means version mismatch. This often happens when the user +# tries to use an ancient version of a tool on a file that requires a +# minimum version. +if test $st -eq 63; then + msg="probably too old" +elif test $st -eq 127; then + # Program was missing. + msg="missing on your system" +else + # Program was found and executed, but failed. Give up. + exit $st +fi + +perl_URL=http://www.perl.org/ +flex_URL=http://flex.sourceforge.net/ +gnu_software_URL=http://www.gnu.org/software + +program_details () +{ + case $1 in + aclocal|automake) + echo "The '$1' program is part of the GNU Automake package:" + echo "<$gnu_software_URL/automake>" + echo "It also requires GNU Autoconf, GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/autoconf>" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + autoconf|autom4te|autoheader) + echo "The '$1' program is part of the GNU Autoconf package:" + echo "<$gnu_software_URL/autoconf/>" + echo "It also requires GNU m4 and Perl in order to run:" + echo "<$gnu_software_URL/m4/>" + echo "<$perl_URL>" + ;; + esac +} + +give_advice () +{ + # Normalize program name to check for. + normalized_program=`echo "$1" | sed ' + s/^gnu-//; t + s/^gnu//; t + s/^g//; t'` + + printf '%s\n' "'$1' is $msg." + + configure_deps="'configure.ac' or m4 files included by 'configure.ac'" + case $normalized_program in + autoconf*) + echo "You should only need it if you modified 'configure.ac'," + echo "or m4 files included by it." + program_details 'autoconf' + ;; + autoheader*) + echo "You should only need it if you modified 'acconfig.h' or" + echo "$configure_deps." + program_details 'autoheader' + ;; + automake*) + echo "You should only need it if you modified 'Makefile.am' or" + echo "$configure_deps." + program_details 'automake' + ;; + aclocal*) + echo "You should only need it if you modified 'acinclude.m4' or" + echo "$configure_deps." + program_details 'aclocal' + ;; + autom4te*) + echo "You might have modified some maintainer files that require" + echo "the 'autom4te' program to be rebuilt." + program_details 'autom4te' + ;; + bison*|yacc*) + echo "You should only need it if you modified a '.y' file." + echo "You may want to install the GNU Bison package:" + echo "<$gnu_software_URL/bison/>" + ;; + lex*|flex*) + echo "You should only need it if you modified a '.l' file." + echo "You may want to install the Fast Lexical Analyzer package:" + echo "<$flex_URL>" + ;; + help2man*) + echo "You should only need it if you modified a dependency" \ + "of a man page." + echo "You may want to install the GNU Help2man package:" + echo "<$gnu_software_URL/help2man/>" + ;; + makeinfo*) + echo "You should only need it if you modified a '.texi' file, or" + echo "any other file indirectly affecting the aspect of the manual." + echo "You might want to install the Texinfo package:" + echo "<$gnu_software_URL/texinfo/>" + echo "The spurious makeinfo call might also be the consequence of" + echo "using a buggy 'make' (AIX, DU, IRIX), in which case you might" + echo "want to install GNU make:" + echo "<$gnu_software_URL/make/>" + ;; + *) + echo "You might have modified some files without having the proper" + echo "tools for further handling them. Check the 'README' file, it" + echo "often tells you about the needed prerequisites for installing" + echo "this package. You may also peek at any GNU archive site, in" + echo "case some other package contains this missing '$1' program." + ;; + esac +} + +give_advice "$1" | sed -e '1s/^/WARNING: /' \ + -e '2,$s/^/ /' >&2 + +# Propagate the correct exit status (expected to be 127 for a program +# not found, 63 for a program that failed due to version mismatch). +exit $st + +# Local variables: +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/FreeRTOS-Plus/Source/CyaSSL/build-aux/test-driver b/FreeRTOS-Plus/Source/CyaSSL/build-aux/test-driver new file mode 100644 index 000000000..d30605660 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/build-aux/test-driver @@ -0,0 +1,139 @@ +#! /bin/sh +# test-driver - basic testsuite driver script. + +scriptversion=2013-07-13.22; # UTC + +# Copyright (C) 2011-2013 Free Software Foundation, Inc. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; either version 2, or (at your option) +# any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + +# As a special exception to the GNU General Public License, if you +# distribute this file as part of a program that contains a +# configuration script generated by Autoconf, you may include it under +# the same distribution terms that you use for the rest of that program. + +# This file is maintained in Automake, please report +# bugs to or send patches to +# . + +# Make unconditional expansion of undefined variables an error. This +# helps a lot in preventing typo-related bugs. +set -u + +usage_error () +{ + echo "$0: $*" >&2 + print_usage >&2 + exit 2 +} + +print_usage () +{ + cat <$log_file 2>&1 +estatus=$? +if test $enable_hard_errors = no && test $estatus -eq 99; then + estatus=1 +fi + +case $estatus:$expect_failure in + 0:yes) col=$red res=XPASS recheck=yes gcopy=yes;; + 0:*) col=$grn res=PASS recheck=no gcopy=no;; + 77:*) col=$blu res=SKIP recheck=no gcopy=yes;; + 99:*) col=$mgn res=ERROR recheck=yes gcopy=yes;; + *:yes) col=$lgn res=XFAIL recheck=no gcopy=yes;; + *:*) col=$red res=FAIL recheck=yes gcopy=yes;; +esac + +# Report outcome to console. +echo "${col}${res}${std}: $test_name" + +# Register the test result, and other relevant metadata. +echo ":test-result: $res" > $trs_file +echo ":global-test-result: $res" >> $trs_file +echo ":recheck: $recheck" >> $trs_file +echo ":copy-in-global-log: $gcopy" >> $trs_file + +# Local Variables: +# mode: shell-script +# sh-indentation: 2 +# eval: (add-hook 'write-file-hooks 'time-stamp) +# time-stamp-start: "scriptversion=" +# time-stamp-format: "%:y-%02m-%02d.%02H" +# time-stamp-time-zone: "UTC" +# time-stamp-end: "; # UTC" +# End: diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-cert.der b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-cert.der new file mode 100644 index 0000000000000000000000000000000000000000..6b796b6388254e6f5ff20f1f81425410acda814b GIT binary patch literal 752 zcmXqLVtQlH#1y)KnTe5!iIbt1cg??JGhEdSc-c6$+C196^D;8BvN9Mn_8D>;aI!In zvaks=g$5h)0~G){96W6PMXBled4_@p{2&2#9*%(gqLQ4%yc9z|10IkN7Y}P?VsNmJ zp@@MHh|kT#9Z-~?UX+-do0*qxC}to65@qJ$EiW(Et4u5|&e2QG&oz`akcK;flTnN> zGcPUQ0WNJIC(dhVY+z_;VPt4xWMUZwX}S5Ei-{BB?QTA~dVk8PgDbB~-fBDf z!uLp`S<}DOYwOBYclQb|-IHXs!s3kOB9^o*-@kueb<3BDZ+Bd8rpKM~lNx+VFSD1Z z?eckX@UK_Cw*339b>Ai=Jx!5&t!rKk420{ zq%o8K$NjtKO*F5jmln1jFBQm)d}AOFl2&GsFc53Nt^gF{vcfE^2F#3%|B*cmOhn8; zpBAO@XDw`<%J!^X>aF&zw=EMoml^sde5y|7xij0v=US4ZN{K;%AG-jnP@Kr-yXPa+ zC!b&C->PHE_dj|?_SUIJSI-n@L`xs}(HUp^gUQmUmTigA%gyhT7C6WH|2}8SVZ7e9 jUg&gJ)S=|tc6VPzrwe$_kDey&7rV!AR*n4XFn2Ei&;$A< literal 0 HcmV?d00001 diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-cert.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-cert.pem new file mode 100644 index 000000000..09d603a3d --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-cert.pem @@ -0,0 +1,59 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 10163970144298616102 (0x8d0dacfec6984526) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=Programming, CN=www.yassl.com/emailAddress=info@yassl.com + Validity + Not Before: Jan 18 21:42:49 2013 GMT + Not After : Oct 15 21:42:49 2015 GMT + Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=Programming, CN=www.yassl.com/emailAddress=info@yassl.com + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + Public-Key: (1024 bit) + Modulus: + 00:bc:73:0e:a8:49:f3:74:a2:a9:ef:18:a5:da:55: + 99:21:f9:c8:ec:b3:6d:48:e5:35:35:75:77:37:ec: + d1:61:90:5f:3e:d9:e4:d5:df:94:ca:c1:a9:d7:19: + da:86:c9:e8:4d:c4:61:36:82:fe:ab:ad:7e:77:25: + bb:8d:11:a5:bc:62:3a:a8:38:cc:39:a2:04:66:b4: + f7:f7:f3:aa:da:4d:02:0e:bb:5e:8d:69:48:dc:77: + c9:28:0e:22:e9:6b:a4:26:ba:4c:e8:c1:fd:4a:6f: + 2b:1f:ef:8a:ae:f6:90:62:e5:64:1e:eb:2b:3c:67: + c8:dc:27:00:f6:91:68:65:a9 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Subject Key Identifier: + 81:69:0F:F8:DF:DD:CF:34:29:D5:67:75:71:85:C7:75:10:69:59:EC + X509v3 Authority Key Identifier: + keyid:81:69:0F:F8:DF:DD:CF:34:29:D5:67:75:71:85:C7:75:10:69:59:EC + + X509v3 Basic Constraints: + CA:TRUE + Signature Algorithm: sha1WithRSAEncryption + 72:66:0f:6a:a1:85:95:06:e6:87:1a:ed:2b:da:ed:84:90:89: + a6:31:4d:60:f2:7b:63:0c:dc:9b:44:4c:d6:62:41:24:74:30: + 70:4e:07:10:05:12:5e:14:b3:dd:cf:58:27:93:cf:aa:4f:85: + 2c:35:0e:ff:5b:a8:6b:b5:95:32:d5:cc:73:68:5b:1b:c4:f8: + 89:5e:3d:f8:02:39:32:7d:06:a4:32:e9:b3:ef:62:a0:43:5d: + 4f:fb:ce:3d:08:33:af:3d:7f:12:cb:8a:5a:c2:63:db:3e:dd: + ea:5b:67:10:49:9f:5b:96:1b:4e:5d:bc:4e:9a:7c:1f:ab:56: + 47:4a +-----BEGIN CERTIFICATE----- +MIIC7DCCAlWgAwIBAgIJAI0NrP7GmEUmMA0GCSqGSIb3DQEBBQUAMIGOMQswCQYD +VQQGEwJVUzEPMA0GA1UECAwGT3JlZ29uMREwDwYDVQQHDAhQb3J0bGFuZDEOMAwG +A1UECgwFeWFTU0wxFDASBgNVBAsMC1Byb2dyYW1taW5nMRYwFAYDVQQDDA13d3cu +eWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0xMzAx +MTgyMTQyNDlaFw0xNTEwMTUyMTQyNDlaMIGOMQswCQYDVQQGEwJVUzEPMA0GA1UE +CAwGT3JlZ29uMREwDwYDVQQHDAhQb3J0bGFuZDEOMAwGA1UECgwFeWFTU0wxFDAS +BgNVBAsMC1Byb2dyYW1taW5nMRYwFAYDVQQDDA13d3cueWFzc2wuY29tMR0wGwYJ +KoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAw +gYkCgYEAvHMOqEnzdKKp7xil2lWZIfnI7LNtSOU1NXV3N+zRYZBfPtnk1d+UysGp +1xnahsnoTcRhNoL+q61+dyW7jRGlvGI6qDjMOaIEZrT39/Oq2k0CDrtejWlI3HfJ +KA4i6WukJrpM6MH9Sm8rH++KrvaQYuVkHusrPGfI3CcA9pFoZakCAwEAAaNQME4w +HQYDVR0OBBYEFIFpD/jf3c80KdVndXGFx3UQaVnsMB8GA1UdIwQYMBaAFIFpD/jf +3c80KdVndXGFx3UQaVnsMAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADgYEA +cmYPaqGFlQbmhxrtK9rthJCJpjFNYPJ7Ywzcm0RM1mJBJHQwcE4HEAUSXhSz3c9Y +J5PPqk+FLDUO/1uoa7WVMtXMc2hbG8T4iV49+AI5Mn0GpDLps+9ioENdT/vOPQgz +rz1/EsuKWsJj2z7d6ltnEEmfW5YbTl28Tpp8H6tWR0o= +-----END CERTIFICATE----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-key.der b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-key.der new file mode 100644 index 0000000000000000000000000000000000000000..1c47c253221fdee6708c0f855dfb21ecd6fa63af GIT binary patch literal 608 zcmV-m0-yabf&yFu0RRGlfdIU74yZ}>eQVK##PtF3-_CA*CgrMzM~s5s0yq6B8N_xJOv+D!ruyIzfH zNZfbHC=Md&YosQ+Oz6S=N^dJ4?~1PWkYeRz9_uSSXUNgYIlC8Ase&J93(G3CT?&6|QdSP6zZW?$SfknvB|+ZEm3*E^MyF&HrpUZd8c8gXuc zNE}Pg+m3pMVKUtNRlyc*Cz2#Zi}AQfu}dAS-rC)cFT#=grKxWCI%@I#P#Eu@=flc) z>Q>X!a$A<&P6kdo!`Z%awq*wgOaTHx0QyJNdVG>RRquiDK`-g7 zf*LXD>GwyK8BkM+Ot_bau`J;ql#3>#EI z0zm+seg)p`^tZD6{4h&Z9pf(nN0w;?%?>Usy@O-6t9-X@%3EZo&c247!qBXyiRM6GEOR_*{{WEN)Ad~_=nw4(mM2x}T$Kadi!1%@#x+u7ou9V*2D literal 0 HcmV?d00001 diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-key.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-key.pem new file mode 100644 index 000000000..79e398cc6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/client-key.pem @@ -0,0 +1,15 @@ +-----BEGIN RSA PRIVATE KEY----- +MIICXAIBAAKBgQC8cw6oSfN0oqnvGKXaVZkh+cjss21I5TU1dXc37NFhkF8+2eTV +35TKwanXGdqGyehNxGE2gv6rrX53JbuNEaW8YjqoOMw5ogRmtPf386raTQIOu16N +aUjcd8koDiLpa6Qmukzowf1Kbysf74qu9pBi5WQe6ys8Z8jcJwD2kWhlqQIDAQAB +AoGAE5fq6Dh4JaJcBM4NQHwx5cRwzZuCO1gJhjtmX9wxkPFP1dsV3d7XO5WTMRgx +Dl6j1qIacW6BSBxLz9uOeoZhMtz7VcEWbSeSJEWL8bhIsUsdrN7a3Y4vwpH7palu ++Dpq8f1QGO+f58PKeOpW09NyW5bdTgZOOsPZvnK2ZQcHTAECQQD6R9R6fJI8Ve+B +8EEwLaPPjxzmhycFcA3fmDXW8Ys4LyS10IS2eU9xKZRa8GRqrOdyxu1NWZg+Zzrz +dCz5YRdpAkEAwMGCDQzrxi/ckvmdghox6en3S/KChxzuFmrRHRiCcPPAti/28/cd +8YYjyE7rj1aOj/W/8fcrtcw9xlc5DBtUQQJBAJ1+Bd7t9Ley+/wwS1Ud4y8BR5Zp +Bc0OLiy9g2O2q3y3bcpbZKfOvobfO1PeYdIe66X2N+2sq3jZTOdV+9cRmcECQBiY +GCnmHic5cCForAovoXLBIYaVOMZYkKBXnLrjp7EVyN72G8JhI3bvsJ0cRL4TQzln +F8idyvv1RWSLOIIs8oECQDmJ5ZwZVTC6t0iMSBQO9J9+d5dD4bQZNTEjdZw7RK1p +ElbuAGFkFmbTfHQrFbSi/r8IaxpdP5ASsQWGMSnb2eI= +-----END RSA PRIVATE KEY----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/1024/dh1024.der b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/dh1024.der new file mode 100644 index 0000000000000000000000000000000000000000..f29e6dc0448fdc367f4adc816c98018f6a4cf3fd GIT binary patch literal 138 zcmV;50CoQ`frkQtfdHh^xNdm$+3hWS-L@8nT1y3XklkisxouLX9Is-=X-9iG^81wR zym|j5UhjFkS+e}f2iElIH23H@=hrht9iwD+8ibcrbU=h375;oBDk~-Zp23MTj5#GM sK<3T(sG*8e#z(TC*N^KiU)qZSPH~8Z^0&I;O4@cn&1p!UgM1P9Wifd5 zB`x>2_)N3HGmI|ljic}# z$dC4Z_|Fpcw4o7i4Ak%jt;GBkMaPsCyctWb?~`gz%oNy1i#cY80@Nr9xb6uz^Z=j) zr+KH+Johw1R*uko!q`m@iR~1@ESyXko1WZL37_9B@C+wZI(HN;-U5Mv0O%ilx4=|U zrzkC0eBRVt-PLx4JT@S}!zI@`IN?;t{Xl3MAyg(g6u0_sJ!?013-~3`!*Z z6&4jp%?naQKzop5E07|^7zKb+uY(^{;;^C%T9PE;Vkkei%DIWwptr5A1>wP2K=wu+BQLI06(UI6I*kb>Exya#K$^;T-G}gn}5VDAub0 literal 0 HcmV?d00001 diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/1024/dsa1024.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/dsa1024.pem new file mode 100644 index 000000000..c5bb06759 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/dsa1024.pem @@ -0,0 +1,12 @@ +-----BEGIN DSA PRIVATE KEY----- +MIIBvAIBAAKBgQD3S/m7FZjr3d4eTnGIhfK3uuJK2nZAzWlInoN8EfdlMXj1JS33 +t/hSP77YtsX+GBVbudWShryyF3zYsL6gfPLVc3pYj43lSgCZg0rAnhYJoRA01Rm7 +Y+Pdg3R/EMpzde4xSt2f4AJqne6yS6drKmzHhnfoBBXckrR6KR9Og2OFVQIVANIF +5HP7wZnF3GikjZInPeJSX4mLAoGBAKohAglDbvuiVBSFCvQofMvM2/UeohipId6I +iDOMLuuNo/AdyI/2fvjPEvW0oRFvDNTwBq3E/BRFx5QVvBlLru+Tak/MFNhHizlm +hwLUKAq47gk39ACgBKd5p9I89zRDVo7QfMLYTQ+J7RTBLJxMGZue3FMJn98t8Awn +VDp3FC3eAoGBAOgffLfAVFGnKC1YfN7UXN3VdoQ8NiDAwyXXOjjhVMj9QGgaIVQm +ORS/9qOcXtkr98klugAJy38MSiT9FRYVSM0LUkRAe5BjK5AixRgFgFOvgx9U4rCi +C1qSJOFiKD+3yrmJ1qC3ra4F4cFZQO1KG2ine/vDIIHvS/NpkbDOOrA4AhQlODuh +GXXfm/VyU0854RzsE4SCGA== +-----END DSA PRIVATE KEY----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/1024/include.am b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/include.am new file mode 100644 index 000000000..c96849783 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/include.am @@ -0,0 +1,17 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + certs/1024/client-cert.pem \ + certs/1024/client-key.pem \ + certs/1024/dh1024.pem \ + certs/1024/dsa1024.pem + +EXTRA_DIST += \ + certs/1024/client-cert.der \ + certs/1024/client-key.der \ + certs/1024/dh1024.der \ + certs/1024/dsa1024.der \ + certs/1024/rsa1024.der + diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/1024/rsa1024.der b/FreeRTOS-Plus/Source/CyaSSL/certs/1024/rsa1024.der new file mode 100644 index 0000000000000000000000000000000000000000..173d32bce3b9bc4fdf64d3771cc412d8cb22579e GIT binary patch literal 609 zcmV-n0-pUaf&yIv0RRGlfdIa6aJU2*MDTJQLr_y2lMh>BsxonR!AE>B%0cAfW17614;~o zao*ztaH6+h2^(I=J)mS@flJf!s0RRC4fq)L~ z9mp?w3@t>Ir;*)BRcZvz5KW>ScFh+%RFZI;f^c#&BnLk{Y+t-griLe!twP<0+`wx@ ziSs`iJ`qHOE@@1=N^u&yno>M#-n_DWQSVQWI^0kMPPQ>-sE!6ZQK`X-%fx}oEotnC z{4x{)AL2&{>0R0!3LR1_h_}5+UNl&lYHE#&U$3R?uScbx~ z7C9uv2CzM^0@8^$sF`Bka8iFt;C2K*p3Ts$1XiRC5v`6U^K z!UlpMA#NTn=ls0l(wvgaymUhe12K>wGY@}xdAVMBeok6(agJVcey*Xsfh^n^oQz@u znR#jX4oC_NyvM(z{hQ-^Y5RkWu9?)%{}I{cUm8BY^cp+58)P= zq3GLiT1esf8UK5(wI_?pjb5FausbtIfLVXV=cz|Ob|-~NzfaF!BH%c6E!XVFOAl$e>8Zz$d=mUhw&p7T%YPwna|Gy56$T54F+&t-{Nw6FZw zvo+&%Mtz}z_SXf;U&Hhlt6kcjzcEVuy2VV6f0HBf{~Z?gZwTzum8MVsPpd=sw4c|O>0mdsJTbVI+Xby$y}sV9rfh3C7%j`DI% z?7g-kdPncgJuQ4kr8e(RVe$){xMWeQ SX!H6H(X%x?<2P+)z5xJ)xTPon literal 0 HcmV?d00001 diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/ca-cert.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/ca-cert.pem index 4a9786a50..7e64eb479 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/ca-cert.pem +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/ca-cert.pem @@ -1,18 +1,45 @@ +-----BEGIN CERTIFICATE----- +MIIEqjCCA5KgAwIBAgIJAJpBR82hFGKMMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8G +A1UECgwIU2F3dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3 +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe +Fw0xNDA3MTEwMzIwMDhaFw0xNzA0MDYwMzIwMDhaMIGUMQswCQYDVQQGEwJVUzEQ +MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjERMA8GA1UECgwIU2F3 +dG9vdGgxEzARBgNVBAsMCkNvbnN1bHRpbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAL8Myi0Ush6EQlvNOB9K8k11EPG2NZ/fyn0D +mNOs3gNm7irx2LB9bgdUCxCYIU2AyxIg58xP3kV9yXJ3MurKkLtpUhADL6jzlcXx +i2JWG+9nb6QQQZWtCpvjpcCw0nB2UDBbqOgILHztp6J6jTgpHKzH7fJ8lbCVgn1J +XDjNdyXvvYB1U5Q8PcpjW58VtdMdEy8Z0TzbdjrMuH3J5cLX2kBv2CHccxtCLVOc +/hr8fat6Nj+Y3oR8BWfOahQ4h6nxjLVoy2h/cSAr9aBj9VYvoybSt2+xWhfXOJkI +/pNYb/7DE0kIFgunTWcAUjFnI06Y7VFFHbkE2Qvs2CizS73tNnkCAwEAAaOB/DCB ++TAdBgNVHQ4EFgQUJ45nEXTDJh0/7TNjs6TYHTDl6NUwgckGA1UdIwSBwTCBvoAU +J45nEXTDJh0/7TNjs6TYHTDl6NWhgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD +VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYDVQQKDAhTYXd0b290 +aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAmkFHzaEUYowwDAYD +VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAeXgMbXmIkfw6FZz5J2IW8CEf ++n0/oqgyHvfyEal0FnRe3BjK8AAq1QMGJjDxR4P9Mm787apPfQxjYDEvfAy/mWaH +7ScIhi3EM+iYIxz+o9uaSU78WkLvccM/rdxKqNKjHQmsMwR7hvNtAFmjyNvRPHP2 +DpDWXkngvzZjCHulsI81O1aMETVJBBzQ57pWxQ0KkY3Wt2IZNBJSTNJtfMU9DxiB +VMv2POWE0tZxFewaNAvwoCF0Q8ijsN/ZZ9rirZNI+KCHvXkU4GIK3/cxLjF70TIq +Cv5dFO/ZZFDkg5G8cA3XiI3ZvIQOxRqzv2QCTlGRpKKFFYOv8FubKElfsrMD2A== +-----END CERTIFICATE----- Certificate: Data: Version: 3 (0x2) Serial Number: - e9:d0:a7:5f:79:25:f4:3c - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com + 9a:41:47:cd:a1:14:62:8c + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Validity - Not Before: Oct 24 18:18:15 2011 GMT - Not After : Jul 20 18:18:15 2014 GMT - Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.yassl.com/emailAddress=info@yassl.com + Not Before: Jul 11 03:20:08 2014 GMT + Not After : Apr 6 03:20:08 2017 GMT + Subject: C=US, ST=Montana, L=Bozeman, O=Sawtooth, OU=Consulting, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): + Public-Key: (2048 bit) + Modulus: 00:bf:0c:ca:2d:14:b2:1e:84:42:5b:cd:38:1f:4a: f2:4d:75:10:f1:b6:35:9f:df:ca:7d:03:98:d3:ac: de:03:66:ee:2a:f1:d8:b0:7d:6e:07:54:0b:10:98: @@ -37,51 +64,24 @@ Certificate: 27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 X509v3 Authority Key Identifier: keyid:27:8E:67:11:74:C3:26:1D:3F:ED:33:63:B3:A4:D8:1D:30:E5:E8:D5 - DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com - serial:E9:D0:A7:5F:79:25:F4:3C + DirName:/C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:9A:41:47:CD:A1:14:62:8C X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption - 5f:86:14:f4:51:8b:bc:a5:4e:30:da:5e:ac:9a:f8:6c:d9:26: - 4b:93:f9:e3:1c:89:6f:9e:ee:b3:9d:77:3e:89:20:76:a3:e6: - e8:86:15:21:db:e2:33:b2:34:d5:d0:9f:f3:c1:a4:87:92:5c: - f9:d1:ff:30:2f:8e:03:bc:b3:3c:0c:32:a3:90:5f:1a:90:1e: - af:9d:f3:9e:d7:07:02:a9:7d:27:66:63:2f:af:18:d7:ac:18: - 98:8c:83:8f:38:f3:0b:ac:36:10:75:fb:ca:76:13:50:5b:02: - 8f:73:bf:e3:a0:ee:83:52:25:54:ce:26:ce:9c:bd:2f:79:ab: - 1b:60:b8:92:f1:03:c0:fc:3b:08:d9:c0:ad:d5:72:08:25:80: - 61:2d:dc:9f:a7:83:62:07:47:e0:07:4c:4b:07:30:04:a9:87: - 1c:55:7f:07:12:d0:cb:42:5d:cb:cf:66:01:1a:17:ee:f9:0f: - 60:b7:db:6f:68:e5:4e:41:62:6e:d3:6f:60:4f:4b:27:de:cf: - 18:07:f1:13:5d:cb:3f:a9:25:44:da:52:5c:c8:04:e1:56:12: - f5:2a:90:4e:d1:e2:af:01:b5:23:a1:ec:31:da:7b:63:69:c4: - b8:f3:e7:ce:a1:3d:c0:db:6d:f3:b2:d9:46:c8:9f:c3:b8:70: - 5a:1f:7f:ca ------BEGIN CERTIFICATE----- -MIIEnjCCA4agAwIBAgIJAOnQp195JfQ8MA0GCSqGSIb3DQEBBQUAMIGQMQswCQYD -VQQGEwJVUzEQMA4GA1UECBMHTW9udGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8G -A1UEChMIU2F3dG9vdGgxEzARBgNVBAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3 -dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMB4XDTEx -MTAyNDE4MTgxNVoXDTE0MDcyMDE4MTgxNVowgZAxCzAJBgNVBAYTAlVTMRAwDgYD -VQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYDVQQKEwhTYXd0b290 -aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEd -MBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggEiMA0GCSqGSIb3DQEBAQUA -A4IBDwAwggEKAoIBAQC/DMotFLIehEJbzTgfSvJNdRDxtjWf38p9A5jTrN4DZu4q -8diwfW4HVAsQmCFNgMsSIOfMT95FfclydzLqypC7aVIQAy+o85XF8YtiVhvvZ2+k -EEGVrQqb46XAsNJwdlAwW6joCCx87aeieo04KRysx+3yfJWwlYJ9SVw4zXcl772A -dVOUPD3KY1ufFbXTHRMvGdE823Y6zLh9yeXC19pAb9gh3HMbQi1TnP4a/H2rejY/ -mN6EfAVnzmoUOIep8Yy1aMtof3EgK/WgY/VWL6Mm0rdvsVoX1ziZCP6TWG/+wxNJ -CBYLp01nAFIxZyNOmO1RRR25BNkL7Ngos0u97TZ5AgMBAAGjgfgwgfUwHQYDVR0O -BBYEFCeOZxF0wyYdP+0zY7Ok2B0w5ejVMIHFBgNVHSMEgb0wgbqAFCeOZxF0wyYd -P+0zY7Ok2B0w5ejVoYGWpIGTMIGQMQswCQYDVQQGEwJVUzEQMA4GA1UECBMHTW9u -dGFuYTEQMA4GA1UEBxMHQm96ZW1hbjERMA8GA1UEChMIU2F3dG9vdGgxEzARBgNV -BAsTCkNvbnN1bHRpbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG -9w0BCQEWDmluZm9AeWFzc2wuY29tggkA6dCnX3kl9DwwDAYDVR0TBAUwAwEB/zAN -BgkqhkiG9w0BAQUFAAOCAQEAX4YU9FGLvKVOMNperJr4bNkmS5P54xyJb57us513 -PokgdqPm6IYVIdviM7I01dCf88Gkh5Jc+dH/MC+OA7yzPAwyo5BfGpAer53zntcH -Aql9J2ZjL68Y16wYmIyDjzjzC6w2EHX7ynYTUFsCj3O/46Dug1IlVM4mzpy9L3mr -G2C4kvEDwPw7CNnArdVyCCWAYS3cn6eDYgdH4AdMSwcwBKmHHFV/BxLQy0Jdy89m -ARoX7vkPYLfbb2jlTkFibtNvYE9LJ97PGAfxE13LP6klRNpSXMgE4VYS9SqQTtHi -rwG1I6HsMdp7Y2nEuPPnzqE9wNtt87LZRsifw7hwWh9/yg== ------END CERTIFICATE----- + 79:78:0c:6d:79:88:91:fc:3a:15:9c:f9:27:62:16:f0:21:1f: + fa:7d:3f:a2:a8:32:1e:f7:f2:11:a9:74:16:74:5e:dc:18:ca: + f0:00:2a:d5:03:06:26:30:f1:47:83:fd:32:6e:fc:ed:aa:4f: + 7d:0c:63:60:31:2f:7c:0c:bf:99:66:87:ed:27:08:86:2d:c4: + 33:e8:98:23:1c:fe:a3:db:9a:49:4e:fc:5a:42:ef:71:c3:3f: + ad:dc:4a:a8:d2:a3:1d:09:ac:33:04:7b:86:f3:6d:00:59:a3: + c8:db:d1:3c:73:f6:0e:90:d6:5e:49:e0:bf:36:63:08:7b:a5: + b0:8f:35:3b:56:8c:11:35:49:04:1c:d0:e7:ba:56:c5:0d:0a: + 91:8d:d6:b7:62:19:34:12:52:4c:d2:6d:7c:c5:3d:0f:18:81: + 54:cb:f6:3c:e5:84:d2:d6:71:15:ec:1a:34:0b:f0:a0:21:74: + 43:c8:a3:b0:df:d9:67:da:e2:ad:93:48:f8:a0:87:bd:79:14: + e0:62:0a:df:f7:31:2e:31:7b:d1:32:2a:0a:fe:5d:14:ef:d9: + 64:50:e4:83:91:bc:70:0d:d7:88:8d:d9:bc:84:0e:c5:1a:b3: + bf:64:02:4e:51:91:a4:a2:85:15:83:af:f0:5b:9b:28:49:5f: + b2:b3:03:d8 diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/client-cert.der b/FreeRTOS-Plus/Source/CyaSSL/certs/client-cert.der index a656ff91f3e20281d2ce8fa5154bb4dcfb1291c8..293985adb974f6aefe00cbcd63701ea735fbcfa6 100644 GIT binary patch literal 1198 zcmXqLVp(O-#5`#MGZP~d6DPyA^$sF`Bka8iFq&)E*|#s{G7DlU>`#f10j$u zZXWJ{qWtut#N6D>ymUhe12K>&GY@}xdAS})ZEsVVgi|YY55LF z3Jm1Lc@0er%nc0<&5bQhOrn5Xa|06tGbnekI=hKc2|0inSs9p{82K3tni#p5niv@w z4l`fW{%5(w$kjUdM2ogoP06gitF(gH-LEY(+r)0vcVSm%^|8Y)^R6^{{MF4^)SbS2 zVd)7o9j{B$-@A96=l%Kq&BsQ$>e?%w%s=ml;&Az{q^HwFViOv&rQ28UANzF`UQa(D>w`q*DG*4 ziySRU-(u91-`jSm!(pab^Da4uA|>(bL8&Um8_vC#JiG3HMNahrA?7Q7MZ5vI){Ctd z&y1UU;wDe)=9^tNL)32P{#vv9zpBrXisv_(vq>;@v%b*8{f~ z<~i1N>qN~uUGAOrmF+*%dbwxG{(D?*+K0{Koa6j6RME(-iL-5Gb&1TpD6Rd>l@m{Y z(yTuz+SIu-_-q~fgq5*n4<+MxBX&ey<-M=GIy<>ca^9T#8^S$vF0@TQoMZFrLD(Vb z#|xdLB9dC?mPj^ptdE@VW9HuU%U-YePM%8a;_Y%eGvTG)p^)PGxb?k{j83~MT$A*T ME;l^GuX~^l0F5cF6aWAK delta 817 zcmZ3-Ift{}powLMK@)Ss0%j&gCMHgXcCXTX6VqyTD}8Z+CWa6*U-?=z{teV!pP9nGz!QyF)%kWfO3g*aSG{9Cf&uG^BDCR zS-u%GexAILNs;F;(6_S6ERDMj8h1=S$0SidWl7^i;+#tp*D8V{88d*J5Q$-O53^Fe zOpQ~c<~+so7j7I3$v?ABgwx`G#*A50gUckUpBa?B(cmpze(%BAzN?|iS?=0?y?<)i z7T@4s8+VQ6B!ltqa`nqwnKxG}mKbt-t=E;>Jh|`8=Xl!*_Gcc4N=~ep{{Y z_b-#3wY+oUxb%NMf993kwqcFd!q;1()6W_`*(T^ct0;|kkyly&Kczj*e{XNUy7C?C Q$&H0|(%KInGp#=W0HM4HM*si- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/client-cert.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/client-cert.pem index 278b43fe6..38330d538 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/client-cert.pem +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/client-cert.pem @@ -2,17 +2,17 @@ Certificate: Data: Version: 3 (0x2) Serial Number: - 87:4a:75:be:91:66:d8:3d - Signature Algorithm: sha1WithRSAEncryption - Issuer: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=Programming, CN=www.yassl.com/emailAddress=info@yassl.com + b6:63:af:8f:5d:62:57:a0 + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Validity - Not Before: Oct 24 18:21:55 2011 GMT - Not After : Jul 20 18:21:55 2014 GMT - Subject: C=US, ST=Oregon, L=Portland, O=yaSSL, OU=Programming, CN=www.yassl.com/emailAddress=info@yassl.com + Not Before: Jul 11 17:39:44 2014 GMT + Not After : Apr 6 17:39:44 2017 GMT + Subject: C=US, ST=Montana, L=Bozeman, O=wolfSSL, OU=Programming, CN=www.wolfssl.com/emailAddress=info@wolfssl.com Subject Public Key Info: Public Key Algorithm: rsaEncryption - RSA Public Key: (2048 bit) - Modulus (2048 bit): + Public-Key: (2048 bit) + Modulus: 00:c3:03:d1:2b:fe:39:a4:32:45:3b:53:c8:84:2b: 2a:7c:74:9a:bd:aa:2a:52:07:47:d6:a6:36:b2:07: 32:8e:d0:ba:69:7b:c6:c3:44:9e:d4:81:48:fd:2d: @@ -37,51 +37,51 @@ Certificate: 33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 X509v3 Authority Key Identifier: keyid:33:D8:45:66:D7:68:87:18:7E:54:0D:70:27:91:C7:26:D7:85:65:C0 - DirName:/C=US/ST=Oregon/L=Portland/O=yaSSL/OU=Programming/CN=www.yassl.com/emailAddress=info@yassl.com - serial:87:4A:75:BE:91:66:D8:3D + DirName:/C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Programming/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + serial:B6:63:AF:8F:5D:62:57:A0 X509v3 Basic Constraints: CA:TRUE Signature Algorithm: sha1WithRSAEncryption - 1c:7c:42:81:29:9e:21:cf:d0:d8:c1:54:6f:cc:ae:14:09:38: - ff:68:98:9a:95:53:76:18:7b:e6:30:76:ec:28:0d:75:a7:de: - e0:cd:8e:d5:55:23:6a:47:2b:4e:8d:fc:7d:06:a3:d8:0f:ad: - 5e:d6:04:c9:00:33:fb:77:27:d3:b5:03:b3:7b:21:74:31:0b: - 4a:af:2d:1a:b3:93:8e:cc:f3:5f:3d:90:3f:cc:e3:55:19:91: - 7b:78:24:2e:4a:09:bb:18:4e:61:2d:9c:c6:0a:a0:34:91:88: - 70:6b:3b:48:47:bc:79:94:a2:a0:4d:32:47:54:c2:a3:dc:2e: - d2:51:4c:29:39:11:ff:e2:15:5e:58:97:36:f6:e9:06:06:86: - 0e:8d:9d:95:03:72:b2:8b:19:7c:e9:14:6e:a1:88:73:68:58: - 6d:71:5e:c2:d5:d3:13:d2:5f:de:ea:03:be:e2:00:40:e5:ce: - fd:e6:92:31:57:c3:eb:bb:66:ac:cb:2f:1a:fa:e0:62:a2:47: - f4:93:43:2a:4b:6c:5e:0a:2f:f9:e7:e6:4a:63:86:b0:ac:2a: - a1:eb:b4:5b:67:cd:32:e4:b6:11:4b:9a:72:66:0d:a2:4a:76: - 8f:fe:22:bc:83:fd:db:b7:d5:a9:ee:05:c9:b1:71:7e:1b:2b: - e1:e3:af:c0 + 85:10:90:c5:5d:de:25:8c:f2:57:7b:2d:14:1c:05:f9:71:63: + 40:b0:e3:c1:c1:2e:13:2a:7a:b7:d6:24:58:87:eb:03:fb:0d: + af:e0:f4:d0:c8:bc:51:36:10:4f:79:cc:4f:66:7d:af:99:cb: + 7b:ce:68:94:c6:36:aa:42:6e:8c:78:5b:b2:85:ca:d1:e1:a8: + 31:d1:81:d9:f9:c1:a3:9e:34:43:ef:0a:79:7d:3e:83:61:fc: + 14:5c:d1:dd:bc:0e:d7:51:b7:71:6e:41:7e:8b:2c:5a:9a:cb: + 77:4b:6a:f5:06:ff:02:af:1e:e6:63:4f:bc:44:d9:3f:56:9e: + 09:9c:43:f9:55:21:32:46:82:09:86:a9:7b:74:1c:9e:5a:2a: + bf:03:79:91:cb:f2:29:7f:c9:15:82:89:b9:53:cd:7e:07:90: + a9:5d:76:e1:19:5e:0d:58:b8:59:d5:0d:df:23:ab:6b:63:76: + 19:9e:9c:df:b0:57:49:6c:d0:86:97:c3:6c:3c:fa:e0:56:c2: + 1b:e3:a1:42:1a:58:62:85:9d:74:19:83:08:af:59:90:f8:99: + bd:67:d3:4a:ea:0e:c9:ca:61:8a:0d:8a:42:cc:90:e9:2e:c2: + 54:73:7f:5e:af:8d:e2:32:cb:45:20:d6:19:4d:5b:77:31:cc: + 0f:2d:c0:7e -----BEGIN CERTIFICATE----- -MIIEmDCCA4CgAwIBAgIJAIdKdb6RZtg9MA0GCSqGSIb3DQEBBQUAMIGOMQswCQYD -VQQGEwJVUzEPMA0GA1UECBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwG -A1UEChMFeWFTU0wxFDASBgNVBAsTC1Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cu -eWFzc2wuY29tMR0wGwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTAeFw0xMTEw -MjQxODIxNTVaFw0xNDA3MjAxODIxNTVaMIGOMQswCQYDVQQGEwJVUzEPMA0GA1UE -CBMGT3JlZ29uMREwDwYDVQQHEwhQb3J0bGFuZDEOMAwGA1UEChMFeWFTU0wxFDAS -BgNVBAsTC1Byb2dyYW1taW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJ -KoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEP -ADCCAQoCggEBAMMD0Sv+OaQyRTtTyIQrKnx0mr2qKlIHR9amNrIHMo7Quml7xsNE -ntSBSP0taKKLZ7uhdcg2LErSG/eLus8N+e/s8YEee5sDR5q/Zcx/ZSRppugUiVvk -NPfFsBST9Wd7Onp44QFWVpGmE0KN0jxAnEzv0YbfN1EbDKE79fGjSjXk4c6W3xt+ -v06X0BDoqAgwga8gC0MUxXRntDKCb42GwohAmTaDuh5AciIX11JlJHOwzu8Zza7/ -eGx7wBID1E5yDVBtO6M7o5lencjZDIWz2YrZVCbbbfqsu/8lTMTRefRx04ZAGBOw -Y7VyTjDEl4SGLVYv1xX3f8Cu9fxb5fuhutMCAwEAAaOB9jCB8zAdBgNVHQ4EFgQU -M9hFZtdohxh+VA1wJ5HHJteFZcAwgcMGA1UdIwSBuzCBuIAUM9hFZtdohxh+VA1w -J5HHJteFZcChgZSkgZEwgY4xCzAJBgNVBAYTAlVTMQ8wDQYDVQQIEwZPcmVnb24x -ETAPBgNVBAcTCFBvcnRsYW5kMQ4wDAYDVQQKEwV5YVNTTDEUMBIGA1UECxMLUHJv -Z3JhbW1pbmcxFjAUBgNVBAMTDXd3dy55YXNzbC5jb20xHTAbBgkqhkiG9w0BCQEW -DmluZm9AeWFzc2wuY29tggkAh0p1vpFm2D0wDAYDVR0TBAUwAwEB/zANBgkqhkiG -9w0BAQUFAAOCAQEAHHxCgSmeIc/Q2MFUb8yuFAk4/2iYmpVTdhh75jB27CgNdafe -4M2O1VUjakcrTo38fQaj2A+tXtYEyQAz+3cn07UDs3shdDELSq8tGrOTjszzXz2Q -P8zjVRmRe3gkLkoJuxhOYS2cxgqgNJGIcGs7SEe8eZSioE0yR1TCo9wu0lFMKTkR -/+IVXliXNvbpBgaGDo2dlQNysosZfOkUbqGIc2hYbXFewtXTE9Jf3uoDvuIAQOXO -/eaSMVfD67tmrMsvGvrgYqJH9JNDKktsXgov+efmSmOGsKwqoeu0W2fNMuS2EUua -cmYNokp2j/4ivIP927fVqe4FybFxfhsr4eOvwA== +MIIEqjCCA5KgAwIBAgIJALZjr49dYlegMA0GCSqGSIb3DQEBBQUAMIGUMQswCQYD +VQQGEwJVUzEQMA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4G +A1UECgwHd29sZlNTTDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3 +dy53b2xmc3NsLmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTAe +Fw0xNDA3MTExNzM5NDRaFw0xNzA0MDYxNzM5NDRaMIGUMQswCQYDVQQGEwJVUzEQ +MA4GA1UECAwHTW9udGFuYTEQMA4GA1UEBwwHQm96ZW1hbjEQMA4GA1UECgwHd29s +ZlNTTDEUMBIGA1UECwwLUHJvZ3JhbW1pbmcxGDAWBgNVBAMMD3d3dy53b2xmc3Ns +LmNvbTEfMB0GCSqGSIb3DQEJARYQaW5mb0B3b2xmc3NsLmNvbTCCASIwDQYJKoZI +hvcNAQEBBQADggEPADCCAQoCggEBAMMD0Sv+OaQyRTtTyIQrKnx0mr2qKlIHR9am +NrIHMo7Quml7xsNEntSBSP0taKKLZ7uhdcg2LErSG/eLus8N+e/s8YEee5sDR5q/ +Zcx/ZSRppugUiVvkNPfFsBST9Wd7Onp44QFWVpGmE0KN0jxAnEzv0YbfN1EbDKE7 +9fGjSjXk4c6W3xt+v06X0BDoqAgwga8gC0MUxXRntDKCb42GwohAmTaDuh5AciIX +11JlJHOwzu8Zza7/eGx7wBID1E5yDVBtO6M7o5lencjZDIWz2YrZVCbbbfqsu/8l +TMTRefRx04ZAGBOwY7VyTjDEl4SGLVYv1xX3f8Cu9fxb5fuhutMCAwEAAaOB/DCB ++TAdBgNVHQ4EFgQUM9hFZtdohxh+VA1wJ5HHJteFZcAwgckGA1UdIwSBwTCBvoAU +M9hFZtdohxh+VA1wJ5HHJteFZcChgZqkgZcwgZQxCzAJBgNVBAYTAlVTMRAwDgYD +VQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMRAwDgYDVQQKDAd3b2xmU1NM +MRQwEgYDVQQLDAtQcm9ncmFtbWluZzEYMBYGA1UEAwwPd3d3LndvbGZzc2wuY29t +MR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tggkAtmOvj11iV6AwDAYD +VR0TBAUwAwEB/zANBgkqhkiG9w0BAQUFAAOCAQEAhRCQxV3eJYzyV3stFBwF+XFj +QLDjwcEuEyp6t9YkWIfrA/sNr+D00Mi8UTYQT3nMT2Z9r5nLe85olMY2qkJujHhb +soXK0eGoMdGB2fnBo540Q+8KeX0+g2H8FFzR3bwO11G3cW5BfossWprLd0tq9Qb/ +Aq8e5mNPvETZP1aeCZxD+VUhMkaCCYape3QcnloqvwN5kcvyKX/JFYKJuVPNfgeQ +qV124RleDVi4WdUN3yOra2N2GZ6c37BXSWzQhpfDbDz64FbCG+OhQhpYYoWddBmD +CK9ZkPiZvWfTSuoOycphig2KQsyQ6S7CVHN/Xq+N4jLLRSDWGU1bdzHMDy3Afg== -----END CERTIFICATE----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/cliCrl.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/cliCrl.pem index 67a5713bc..8915758bb 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/cliCrl.pem +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/cliCrl.pem @@ -1,39 +1,39 @@ Certificate Revocation List (CRL): Version 2 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: /C=US/ST=Oregon/L=Portland/O=yaSSL/OU=Programming/CN=www.yassl.com/emailAddress=info@yassl.com - Last Update: Aug 10 18:01:01 2012 GMT - Next Update: Dec 8 18:01:01 2012 GMT + Signature Algorithm: sha1WithRSAEncryption + Issuer: /C=US/ST=Montana/L=Bozeman/O=wolfSSL/OU=Programming/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Last Update: Jul 11 20:39:48 2014 GMT + Next Update: Jul 11 20:39:48 2015 GMT CRL extensions: X509v3 CRL Number: - 62 + 2 No Revoked Certificates. Signature Algorithm: sha1WithRSAEncryption - 1e:69:b2:c4:72:a7:b2:c9:e1:b9:ac:06:40:2c:c5:66:9a:07: - 6c:91:2e:17:09:c7:86:b4:62:2d:0f:1f:a3:a3:1c:93:ce:45: - 53:d5:57:94:a6:77:af:51:da:86:e4:1e:6f:57:c8:cc:5f:07: - 8d:a5:db:bd:b3:f7:cf:e2:11:3c:e2:51:79:7e:b3:a9:47:f7: - c1:17:12:5b:7c:e5:c3:71:17:d2:ce:59:d4:0d:dc:45:ff:bc: - fe:a7:76:7b:92:88:52:0c:a5:e0:79:75:86:50:27:15:2a:01: - 66:a6:ba:96:d4:9a:14:1d:92:7d:63:72:5f:25:9b:05:72:cb: - ed:6d:7c:92:1f:4f:3e:64:cb:5d:80:9e:ad:c8:47:83:88:5b: - 3d:07:3f:d3:6a:2c:dd:c9:f7:09:bb:05:2f:9a:f4:73:15:f4: - 61:b1:47:87:9c:bf:c9:61:42:19:14:b8:67:9c:c5:c1:86:f1: - e8:63:71:40:6c:2f:b1:c1:0c:1f:f4:c4:80:e2:d0:cb:88:6b: - 51:1e:e9:b0:06:19:7c:6d:85:cf:05:7f:fe:3d:35:79:9e:f0: - 5b:f4:06:63:d4:eb:d2:e2:70:29:a9:02:b4:c1:b4:bd:53:f4: - 8f:b3:df:37:91:44:d5:e8:c4:10:86:76:0e:49:2b:ba:9a:a4: - dd:33:0e:7e + 35:c1:34:91:04:d9:88:99:83:40:ef:09:ee:04:28:91:be:7a: + b1:84:48:f4:f8:c5:9d:50:6c:67:56:4c:ee:b2:3a:32:5c:1d: + 1c:49:ef:58:72:a7:69:71:9a:d8:a6:68:0c:3e:ff:48:15:c7: + 44:28:67:6b:34:9d:c0:dc:c5:1b:d1:2f:e6:90:0f:45:7c:aa: + 0c:f9:3c:19:dd:55:a0:92:8a:a0:fe:93:1d:1f:42:ae:5f:7c: + 48:a5:de:61:89:94:bf:43:d3:c1:2d:e8:8b:f9:c5:6e:b9:8a: + 40:0e:6e:32:5e:39:83:cb:9b:76:6b:de:6e:6c:da:4e:1e:5c: + 69:d6:8c:08:0e:9f:de:4e:77:9d:f5:e9:97:29:b3:4c:e0:cb: + ed:46:68:ed:e1:89:ac:d7:b9:11:ca:5a:ed:fe:e3:73:20:6e: + 01:e6:77:a8:48:c7:01:83:40:25:a5:ee:d7:ef:2f:af:b8:e2: + 2d:85:37:2a:80:8f:7f:6a:a7:32:29:86:42:66:40:d7:eb:87: + 44:66:54:5f:04:5f:7b:22:14:6c:4c:5d:f0:57:ac:33:e0:da: + 53:d6:13:52:ea:85:b2:89:de:41:e6:a6:f5:0d:34:47:37:75: + 26:b8:c4:f3:e0:1b:c6:32:3f:3b:65:0a:20:08:8e:c7:7e:6d: + 61:f1:aa:eb -----BEGIN X509 CRL----- -MIIB6DCB0QIBATANBgkqhkiG9w0BAQUFADCBjjELMAkGA1UEBhMCVVMxDzANBgNV -BAgTBk9yZWdvbjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRQw -EgYDVQQLEwtQcm9ncmFtbWluZzEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsG -CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20XDTEyMDgxMDE4MDEwMVoXDTEyMTIw -ODE4MDEwMVqgDjAMMAoGA1UdFAQDAgE+MA0GCSqGSIb3DQEBBQUAA4IBAQAeabLE -cqeyyeG5rAZALMVmmgdskS4XCceGtGItDx+joxyTzkVT1VeUpnevUdqG5B5vV8jM -XweNpdu9s/fP4hE84lF5frOpR/fBFxJbfOXDcRfSzlnUDdxF/7z+p3Z7kohSDKXg -eXWGUCcVKgFmprqW1JoUHZJ9Y3JfJZsFcsvtbXySH08+ZMtdgJ6tyEeDiFs9Bz/T -aizdyfcJuwUvmvRzFfRhsUeHnL/JYUIZFLhnnMXBhvHoY3FAbC+xwQwf9MSA4tDL -iGtRHumwBhl8bYXPBX/+PTV5nvBb9AZj1OvS4nApqQK0wbS9U/SPs983kUTV6MQQ -hnYOSSu6mqTdMw5+ +MIIB7jCB1wIBATANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV +BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xEDAOBgNVBAoMB3dvbGZTU0wx +FDASBgNVBAsMC1Byb2dyYW1taW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE0MDcxMTIwMzk0OFoX +DTE1MDcxMTIwMzk0OFqgDjAMMAoGA1UdFAQDAgECMA0GCSqGSIb3DQEBBQUAA4IB +AQA1wTSRBNmImYNA7wnuBCiRvnqxhEj0+MWdUGxnVkzusjoyXB0cSe9YcqdpcZrY +pmgMPv9IFcdEKGdrNJ3A3MUb0S/mkA9FfKoM+TwZ3VWgkoqg/pMdH0KuX3xIpd5h +iZS/Q9PBLeiL+cVuuYpADm4yXjmDy5t2a95ubNpOHlxp1owIDp/eTned9emXKbNM +4MvtRmjt4Yms17kRylrt/uNzIG4B5neoSMcBg0Alpe7X7y+vuOIthTcqgI9/aqcy +KYZCZkDX64dEZlRfBF97IhRsTF3wV6wz4NpT1hNS6oWyid5B5qb1DTRHN3UmuMTz +4BvGMj87ZQogCI7Hfm1h8arr -----END X509 CRL----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.pem index b68ff3f4b..f4e18434e 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.pem +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.pem @@ -1,39 +1,39 @@ Certificate Revocation List (CRL): Version 2 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com - Last Update: Aug 10 18:01:01 2012 GMT - Next Update: Dec 8 18:01:01 2012 GMT + Signature Algorithm: sha1WithRSAEncryption + Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.wolfssl.com/emailAddress=info@wolfssl.com + Last Update: Jul 11 20:36:35 2014 GMT + Next Update: Jul 11 20:36:35 2015 GMT CRL extensions: X509v3 CRL Number: - 60 + 1 No Revoked Certificates. Signature Algorithm: sha1WithRSAEncryption - 26:1c:06:6a:42:ff:8b:18:71:4e:ef:7c:02:74:43:6f:7b:83: - 99:2f:e1:4e:74:0f:f9:99:62:a1:90:88:11:1b:d8:59:3b:1e: - 34:dd:f4:92:81:6f:49:2c:9a:5f:ba:21:6f:11:95:19:6e:da: - 38:a4:4e:a0:7e:4a:fb:7c:c6:9f:c8:26:2d:9b:cd:e8:30:14: - 10:38:56:63:89:bf:a7:eb:11:0f:7c:81:60:d7:c3:ab:07:ef: - 6c:af:81:4d:b9:cd:6e:91:c6:42:13:01:d8:1a:62:cb:52:fd: - 44:0b:fa:9f:34:de:75:ba:5a:3d:df:d4:b1:7e:a0:b9:3f:f5: - ed:a3:e6:ef:ef:20:95:45:3c:75:8c:a8:5c:ae:8c:e9:3c:f1: - e6:34:fd:65:bb:9a:f9:5f:8c:96:7c:32:12:50:43:2b:30:94: - 4e:8a:f0:c3:5e:c9:e2:49:08:83:64:7a:3b:f3:d5:30:f3:78: - 4b:20:3c:51:d0:da:37:14:f4:c8:f2:ab:41:d2:c3:b9:7a:7f: - 42:17:42:79:a4:10:67:4e:84:d4:e9:a9:e8:dd:46:5d:b2:f4: - e8:3d:1c:24:3c:81:e7:56:bb:43:11:e2:d9:a2:9d:ce:b5:78: - ad:19:14:7c:d7:37:e8:bf:f7:30:fc:4d:05:a9:33:6b:12:9f: - 24:19:39:35 + b4:54:84:e9:f8:c3:5c:e4:c4:a1:9a:71:eb:bc:46:96:09:bd: + 84:9d:4c:ac:29:a8:23:12:9d:80:8e:18:30:85:92:94:72:04: + 6d:74:05:31:e0:1b:20:b1:ef:6f:44:98:e8:d4:20:74:b1:ec: + 9f:fe:ad:74:14:66:ad:6f:5b:7a:45:02:b5:6f:a8:d3:bd:dc: + 88:94:d1:e2:78:e1:11:44:95:57:7d:d9:8c:7e:09:dc:aa:4f: + 07:e0:59:f2:09:30:d5:7c:a0:6c:54:88:d0:76:88:33:11:61: + 20:9d:3d:89:49:3b:85:be:e7:c0:38:f1:08:be:44:7a:1d:4c: + e4:84:7a:40:23:6f:85:bd:67:7b:77:7e:00:78:d2:3c:e2:a8: + 47:ba:5c:21:c4:78:15:81:a2:9e:a6:9c:c4:47:4c:ee:97:81: + 18:91:5e:18:2b:92:e8:06:1f:dc:f2:51:e1:b3:14:bf:c3:c5: + 9c:78:ce:41:2e:61:0b:71:ad:ea:9e:2d:bb:2e:e4:98:a9:14: + 47:3f:00:65:4e:09:17:82:ee:be:ea:48:1e:2e:a5:92:64:ce: + e9:b1:ee:ce:01:5b:e8:e3:fe:ba:dd:8c:eb:ad:34:32:15:00: + 56:4d:fe:9d:60:bf:a1:cd:9e:1b:61:94:21:0a:b1:98:4f:ec: + c1:af:b3:dc -----BEGIN X509 CRL----- -MIIB6jCB0wIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMxEDAOBgNV -BAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAPBgNVBAoTCFNhd3Rvb3Ro -MRMwEQYDVQQLEwpDb25zdWx0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0w -GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwODEwMTgwMTAxWhcNMTIx -MjA4MTgwMTAxWqAOMAwwCgYDVR0UBAMCATwwDQYJKoZIhvcNAQEFBQADggEBACYc -BmpC/4sYcU7vfAJ0Q297g5kv4U50D/mZYqGQiBEb2Fk7HjTd9JKBb0ksml+6IW8R -lRlu2jikTqB+Svt8xp/IJi2bzegwFBA4VmOJv6frEQ98gWDXw6sH72yvgU25zW6R -xkITAdgaYstS/UQL+p803nW6Wj3f1LF+oLk/9e2j5u/vIJVFPHWMqFyujOk88eY0 -/WW7mvlfjJZ8MhJQQyswlE6K8MNeyeJJCINkejvz1TDzeEsgPFHQ2jcU9Mjyq0HS -w7l6f0IXQnmkEGdOhNTpqejdRl2y9Og9HCQ8gedWu0MR4tminc61eK0ZFHzXN+i/ -9zD8TQWpM2sSnyQZOTU= +MIIB7jCB1wIBATANBgkqhkiG9w0BAQUFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV +BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro +MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE0MDcxMTIwMzYzNVoX +DTE1MDcxMTIwMzYzNVqgDjAMMAoGA1UdFAQDAgEBMA0GCSqGSIb3DQEBBQUAA4IB +AQC0VITp+MNc5MShmnHrvEaWCb2EnUysKagjEp2AjhgwhZKUcgRtdAUx4Bsgse9v +RJjo1CB0seyf/q10FGatb1t6RQK1b6jTvdyIlNHieOERRJVXfdmMfgncqk8H4Fny +CTDVfKBsVIjQdogzEWEgnT2JSTuFvufAOPEIvkR6HUzkhHpAI2+FvWd7d34AeNI8 +4qhHulwhxHgVgaKeppzER0zul4EYkV4YK5LoBh/c8lHhsxS/w8WceM5BLmELca3q +ni27LuSYqRRHPwBlTgkXgu6+6kgeLqWSZM7pse7OAVvo4/663YzrrTQyFQBWTf6d +YL+hzZ4bYZQhCrGYT+zBr7Pc -----END X509 CRL----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.revoked b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.revoked index cf6ec5597..205acfe88 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.revoked +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/crl.revoked @@ -1,41 +1,13 @@ -Certificate Revocation List (CRL): - Version 2 (0x1) - Signature Algorithm: sha1WithRSAEncryption - Issuer: /C=US/ST=Montana/L=Bozeman/O=Sawtooth/OU=Consulting/CN=www.yassl.com/emailAddress=info@yassl.com - Last Update: Aug 10 18:01:01 2012 GMT - Next Update: Dec 8 18:01:01 2012 GMT - CRL extensions: - X509v3 CRL Number: - 61 -Revoked Certificates: - Serial Number: 02 - Revocation Date: Aug 10 18:01:01 2012 GMT - Signature Algorithm: sha1WithRSAEncryption - 5c:eb:53:33:02:74:bb:c1:37:37:81:1a:36:9c:eb:d0:28:87: - 12:56:1a:d8:ec:ae:8e:ef:42:d0:61:07:f0:f0:b5:e8:2a:16: - 5e:78:ab:e9:ad:62:f3:6c:c5:fe:7a:b5:c7:0e:8a:e3:0a:2d: - 63:b5:ec:c4:c1:1f:1e:c3:77:b7:24:10:4b:09:b1:d8:ea:40: - 4f:74:6a:9a:d7:57:bd:b9:d3:e2:42:81:81:b2:5c:42:d8:d3: - 21:3f:f2:05:e2:11:8f:ce:60:cc:3b:76:55:e6:5f:6d:71:13: - b1:7e:2c:50:d2:29:fe:f2:ad:96:f9:ee:8f:5c:c3:0a:73:e7: - 78:c5:8f:6e:0d:35:66:64:4a:76:05:93:9f:eb:05:b2:c3:a1: - f5:d5:4c:4b:6e:79:f2:8d:51:90:7c:9d:a9:f5:94:7f:93:fe: - 39:da:c1:fb:8c:94:66:1d:d4:40:a9:48:ee:3b:91:14:83:4e: - b4:ea:93:07:f6:be:48:4a:ec:4c:26:61:2d:a2:66:01:c5:d8: - d3:18:f6:d0:1b:d2:94:13:c9:94:84:54:e4:44:10:01:66:25: - 47:ee:b2:19:4a:65:e3:79:42:9e:12:af:a7:4a:a4:66:35:e3: - 1a:db:2c:80:ff:a4:9c:2e:6e:32:8e:50:5d:ec:7e:de:1a:01: - a9:08:fc:a2 -----BEGIN X509 CRL----- -MIICADCB6QIBATANBgkqhkiG9w0BAQUFADCBkDELMAkGA1UEBhMCVVMxEDAOBgNV -BAgTB01vbnRhbmExEDAOBgNVBAcTB0JvemVtYW4xETAPBgNVBAoTCFNhd3Rvb3Ro -MRMwEQYDVQQLEwpDb25zdWx0aW5nMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0w -GwYJKoZIhvcNAQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwODEwMTgwMTAxWhcNMTIx -MjA4MTgwMTAxWjAUMBICAQIXDTEyMDgxMDE4MDEwMVqgDjAMMAoGA1UdFAQDAgE9 -MA0GCSqGSIb3DQEBBQUAA4IBAQBc61MzAnS7wTc3gRo2nOvQKIcSVhrY7K6O70LQ -YQfw8LXoKhZeeKvprWLzbMX+erXHDorjCi1jtezEwR8ew3e3JBBLCbHY6kBPdGqa -11e9udPiQoGBslxC2NMhP/IF4hGPzmDMO3ZV5l9tcROxfixQ0in+8q2W+e6PXMMK -c+d4xY9uDTVmZEp2BZOf6wWyw6H11UxLbnnyjVGQfJ2p9ZR/k/452sH7jJRmHdRA -qUjuO5EUg0606pMH9r5ISuxMJmEtomYBxdjTGPbQG9KUE8mUhFTkRBABZiVH7rIZ -SmXjeUKeEq+nSqRmNeMa2yyA/6ScLm4yjlBd7H7eGgGpCPyi +MIICBDCB7QIBATANBgkqhkiG9w0BAQsFADCBlDELMAkGA1UEBhMCVVMxEDAOBgNV +BAgMB01vbnRhbmExEDAOBgNVBAcMB0JvemVtYW4xETAPBgNVBAoMCFNhd3Rvb3Ro +MRMwEQYDVQQLDApDb25zdWx0aW5nMRgwFgYDVQQDDA93d3cud29sZnNzbC5jb20x +HzAdBgkqhkiG9w0BCQEWEGluZm9Ad29sZnNzbC5jb20XDTE0MDcxMTEyMzUyN1oX +DTE1MDcxMTEyMzUyN1owFDASAgEBFw0xNDA3MTExMjM1MjdaoA4wDDAKBgNVHRQE +AwIBOzANBgkqhkiG9w0BAQsFAAOCAQEAB+ao48FzCAbRKKPkFJX8Ho5SZl44YhNW +Uy/JxMkonyjyaMwp7GSwd2hNpv3geC6tHO7YLSRcyvyKu1BQVbeoa6FpultQSv5+ +twk6mmeSenzhzNhfJmzSEhJicXOgBoLAh4aBXkixQis9dAVg16/nNSS2DAJwEKMW +kXcJpuBLt6XLL0aM71+NDqB8HAUUPyuNWLiYEb4NlScIWNh7lI6ZWmsv8vb1PMmn +2hn4CVJIkHkfEHYnikek55iE31QMUyobCXzro+cR9jGR1iPZSQu9dxstRHF5bXai +eBYWZIblBVCSJ896a5TJ5uaA1RKk6ZZbAG43oQTB/hupaEPjTTXysw== -----END X509 CRL----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/eccCliCRL.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/eccCliCRL.pem index a40794850..5cfe2d566 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/eccCliCRL.pem +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/eccCliCRL.pem @@ -1,24 +1,26 @@ Certificate Revocation List (CRL): Version 2 (0x1) - Signature Algorithm: ecdsa-with-SHA1 + Signature Algorithm: ecdsa-with-SHA1 Issuer: /C=US/ST=Oregon/L=Salem/O=Client ECC/OU=Fast/CN=www.yassl.com/emailAddress=info@yassl.com - Last Update: Aug 10 18:01:01 2012 GMT - Next Update: Dec 8 18:01:01 2012 GMT + Last Update: Feb 7 20:14:06 2014 GMT + Next Update: Feb 7 20:14:06 2015 GMT CRL extensions: X509v3 CRL Number: - 63 -No Revoked Certificates. + 4 +Revoked Certificates: + Serial Number: 02 + Revocation Date: Feb 7 20:14:06 2014 GMT Signature Algorithm: ecdsa-with-SHA1 - 30:44:02:20:7f:8d:d7:28:61:96:4c:b7:a8:17:0a:7f:9d:cf: - fa:29:e1:1d:cb:30:61:1b:b3:6b:f0:61:68:15:25:76:62:32: - 02:20:55:ca:fc:37:b4:4c:f9:78:99:b3:c9:d4:1a:e1:fa:f7: - 8a:4a:94:ce:31:ed:b0:1f:dc:64:d7:2a:59:47:b9:2d + 30:44:02:20:10:95:f9:c8:20:bc:7d:ce:79:6d:35:23:4c:82: + 8c:f5:8b:d1:4f:69:a9:5e:70:97:dd:bb:c2:67:13:46:b0:47: + 02:20:4f:1f:43:c2:cc:63:1c:6e:26:89:2d:e7:ce:69:45:6d: + fb:8f:53:cd:1f:84:0f:93:fe:83:91:69:f2:91:c6:f9 -----BEGIN X509 CRL----- -MIIBHzCByAIBATAJBgcqhkjOPQQBMIGJMQswCQYDVQQGEwJVUzEPMA0GA1UECBMG +MIIBNTCB3gIBATAJBgcqhkjOPQQBMIGJMQswCQYDVQQGEwJVUzEPMA0GA1UECBMG T3JlZ29uMQ4wDAYDVQQHEwVTYWxlbTETMBEGA1UEChMKQ2xpZW50IEVDQzENMAsG A1UECxMERmFzdDEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJ -ARYOaW5mb0B5YXNzbC5jb20XDTEyMDgxMDE4MDEwMVoXDTEyMTIwODE4MDEwMVqg -DjAMMAoGA1UdFAQDAgE/MAkGByqGSM49BAEDRwAwRAIgf43XKGGWTLeoFwp/nc/6 -KeEdyzBhG7Nr8GFoFSV2YjICIFXK/De0TPl4mbPJ1Brh+veKSpTOMe2wH9xk1ypZ -R7kt +ARYOaW5mb0B5YXNzbC5jb20XDTE0MDIwNzIwMTQwNloXDTE1MDIwNzIwMTQwNlow +FDASAgECFw0xNDAyMDcyMDE0MDZaoA4wDDAKBgNVHRQEAwIBBDAJBgcqhkjOPQQB +A0cAMEQCIBCV+cggvH3OeW01I0yCjPWL0U9pqV5wl927wmcTRrBHAiBPH0PCzGMc +biaJLefOaUVt+49TzR+ED5P+g5Fp8pHG+Q== -----END X509 CRL----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/eccSrvCRL.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/eccSrvCRL.pem index 16d8b564c..48fae36f3 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/crl/eccSrvCRL.pem +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/crl/eccSrvCRL.pem @@ -1,24 +1,26 @@ Certificate Revocation List (CRL): Version 2 (0x1) - Signature Algorithm: ecdsa-with-SHA1 + Signature Algorithm: ecdsa-with-SHA1 Issuer: /C=US/ST=Washington/L=Seattle/O=Eliptic/OU=ECC/CN=www.yassl.com/emailAddress=info@yassl.com - Last Update: Aug 10 18:01:01 2012 GMT - Next Update: Dec 8 18:01:01 2012 GMT + Last Update: Feb 7 20:14:06 2014 GMT + Next Update: Feb 7 20:14:06 2015 GMT CRL extensions: X509v3 CRL Number: - 64 -No Revoked Certificates. + 5 +Revoked Certificates: + Serial Number: 02 + Revocation Date: Feb 7 20:14:06 2014 GMT Signature Algorithm: ecdsa-with-SHA1 - 30:44:02:20:59:42:06:a7:73:69:03:08:05:e8:4b:95:ca:cf: - f1:30:9e:84:4b:3c:52:c8:10:b9:c8:36:c8:07:64:65:fd:bf: - 02:20:71:60:a7:35:d6:8c:52:c2:df:06:dc:40:52:c5:ef:4c: - 8b:ec:96:4b:72:b0:c4:36:3e:c8:9d:62:5e:49:f2:5f + 30:44:02:20:2a:2a:2c:ff:8a:0f:6a:74:57:b8:41:a8:5a:5c: + 8c:7d:c1:7d:b1:76:a3:db:ff:22:1a:69:cd:80:8d:d5:e4:2a: + 02:20:2d:51:3e:01:5b:79:6c:f4:89:89:63:46:0b:65:44:46: + 59:2d:42:3e:ba:a8:6d:08:4a:20:1f:9a:06:cc:a9:65 -----BEGIN X509 CRL----- -MIIBITCBygIBATAJBgcqhkjOPQQBMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMK +MIIBNzCB4AIBATAJBgcqhkjOPQQBMIGLMQswCQYDVQQGEwJVUzETMBEGA1UECBMK V2FzaGluZ3RvbjEQMA4GA1UEBxMHU2VhdHRsZTEQMA4GA1UEChMHRWxpcHRpYzEM MAoGA1UECxMDRUNDMRYwFAYDVQQDEw13d3cueWFzc2wuY29tMR0wGwYJKoZIhvcN -AQkBFg5pbmZvQHlhc3NsLmNvbRcNMTIwODEwMTgwMTAxWhcNMTIxMjA4MTgwMTAx -WqAOMAwwCgYDVR0UBAMCAUAwCQYHKoZIzj0EAQNHADBEAiBZQganc2kDCAXoS5XK -z/EwnoRLPFLIELnINsgHZGX9vwIgcWCnNdaMUsLfBtxAUsXvTIvslktysMQ2Psid -Yl5J8l8= +AQkBFg5pbmZvQHlhc3NsLmNvbRcNMTQwMjA3MjAxNDA2WhcNMTUwMjA3MjAxNDA2 +WjAUMBICAQIXDTE0MDIwNzIwMTQwNlqgDjAMMAoGA1UdFAQDAgEFMAkGByqGSM49 +BAEDRwAwRAIgKios/4oPanRXuEGoWlyMfcF9sXaj2/8iGmnNgI3V5CoCIC1RPgFb +eWz0iYljRgtlREZZLUI+uqhtCEogH5oGzKll -----END X509 CRL----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/include.am b/FreeRTOS-Plus/Source/CyaSSL/certs/include.am index fcedd005b..32a2bfd0d 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/include.am @@ -26,15 +26,17 @@ EXTRA_DIST += \ EXTRA_DIST += \ certs/ca-key.der \ + certs/ca-cert.der \ certs/client-cert.der \ certs/client-key.der \ certs/dh2048.der \ certs/rsa2048.der \ certs/dsa2048.der \ - certs/ecc-key.der + certs/ecc-key.der \ + certs/server-key.der \ + certs/server-cert.der - -doc_DATA+= certs/taoCert.txt +dist_doc_DATA+= certs/taoCert.txt EXTRA_DIST+= certs/ntru-key.raw diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/ntru-cert.pem b/FreeRTOS-Plus/Source/CyaSSL/certs/ntru-cert.pem index aa06dfb72..e002ee3aa 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/certs/ntru-cert.pem +++ b/FreeRTOS-Plus/Source/CyaSSL/certs/ntru-cert.pem @@ -1,28 +1,28 @@ -----BEGIN CERTIFICATE----- -MIIEyTCCA7GgAwIBAgIIASZ+ezr7rN0wDQYJKoZIhvcNAQEFBQAwgZAxCzAJBgNV -BAYTAlVTMRAwDgYDVQQIEwdNb250YW5hMRAwDgYDVQQHEwdCb3plbWFuMREwDwYD -VQQKEwhTYXd0b290aDETMBEGA1UECxMKQ29uc3VsdGluZzEWMBQGA1UEAxMNd3d3 -Lnlhc3NsLmNvbTEdMBsGCSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wIhgPMjAx -MTEyMDUwMDE2MzdaGA8yMDEzMDQxOTAxMTYzN1owgYoxCzAJBgNVBAYTAlVTMQsw -CQYDVQQIEwJPUjERMA8GA1UEBxMIUG9ydGxhbmQxDjAMBgNVBAoTBXlhU1NMMRQw -EgYDVQQLEwtEZXZlbG9wbWVudDEWMBQGA1UEAxMNd3d3Lnlhc3NsLmNvbTEdMBsG -CSqGSIb3DQEJARYOaW5mb0B5YXNzbC5jb20wggJLMBgGCisGAQQBwXABAQIGCisG -AQQBwXABAi4DggItAASCAihFDRAy0fOBZth/IRQFJeuEUgrViJfGvKOUuNW6yYmn -9/YXT2I3/aiBZ/udSehoEFVPNgLs/ZWwNrsIuETH5TPkS1e9Ig4I5G839deKT89M -Qpq7GiKLwlLY3He/a6O+/UMEFH4ShdhDopsH2+IsWCX0H7Lvp8L8RqURrQNFXvlr -xRAFiBixEQNry2HyEcVz/9TQSdifE4KGUtneErqsk1/Sms1m1/NqW30H77YerJfs -QWsOEgasoJnYWS6knJC4XsUbJKqKcHRc6XeODOyf72J3ESvES2C+cqEsShxVP7zG -hDiHurwfyvIAUL4bZSBtlAqt60iOEsXScXwdbNrj+4iuFAyjX8+JrxGMbDNi3X5l -L2RLUiEIKUSGUozbDlR3jU2WoHUm76mZwjGe1+vOKpvqh5yrRoyqiDERj8wsGrDO -MdoheW1xSjQ3p5fQ/UOtagWA5Lh/MqbCIHdMzMLpbOmfhFJA5BXaNg/qThhjpmvf -csYfwWCWukKKbjfY7cxOVMuUN0VvoYBjOxt5UQhXuPjH/+5s4J7E/IxQrWz6fhcG -wfvJjWJjedfhP23Jm4zodbwtU6MgPF641DcAwcnBqSi/Ugi7d0YeHMqTJkSnIJZV -r3v1YLuqiFDzB6bx69DGpCxFMxIpdOPq4a9WpeQQ9H7cBK0HFl4tRPNnQ2XCrKMc -86gQ35aaM2vPvgj0d/zgC0AG8WFQEG1wYBvLEgfiQsi7auXoScYZA8AwDQYJKoZI -hvcNAQEFBQADggEBAJ7eyiJIGiyyrhAdaYOit3U3CUkGSatNXTkn8PRO8SwzPWCi -FQ+4AePYV+/ovtNZiqLwm7mVa3s2CS8LCk2s9/ld22cDJNV+gDkzrelUyTLUi0jr -zZJwEiaNXIEkYrLGifSzoNUgQBTzDmOSkm2UpIX70GTsXF73FKdqonf1VTnopVKa -XZDpIG3/TKyh8jCwowMrkxnHS886FhXiHGCBzM1rnp3S+r3b+rTqoKoeuZQnDgJP -IZwnZL6agtwbUfmZj6/868irlsLtC9M5nKBtj/U/tQIrW52XEhBqChmTXIq0JNL1 -++kWLLeu9t0T53Pth3VxMT/ePV0aURQvjINm60o= +MIIEzzCCA7egAwIBAgIIAXf7v+vECVkwDQYJKoZIhvcNAQEFBQAwgZQxCzAJBgNV +BAYTAlVTMRAwDgYDVQQIDAdNb250YW5hMRAwDgYDVQQHDAdCb3plbWFuMREwDwYD +VQQKDAhTYXd0b290aDETMBEGA1UECwwKQ29uc3VsdGluZzEYMBYGA1UEAwwPd3d3 +LndvbGZzc2wuY29tMR8wHQYJKoZIhvcNAQkBFhBpbmZvQHdvbGZzc2wuY29tMCIY +DzIwMTQwNzEwMjMyMDM5WhgPMjAxNTExMjMyMjIwMzlaMIGKMQswCQYDVQQGEwJV +UzELMAkGA1UECAwCT1IxETAPBgNVBAcMCFBvcnRsYW5kMQ4wDAYDVQQKDAV5YVNT +TDEUMBIGA1UECwwLRGV2ZWxvcG1lbnQxFjAUBgNVBAMMDXd3dy55YXNzbC5jb20x +HTAbBgkqhkiG9w0BCQEWDmluZm9AeWFzc2wuY29tMIICTTAaBgsrBgEEAcEWAQEB +AQYLKwYBBAHBFgEBAi4DggItAASCAijYe+JeNLXR6gSUtCr6lgMmeCQqvDRCb8wp +bzUt/kqyRU7K0eMTSMv40ThD6jriU3p8uQQ92OkfbNwtWfB3VyScTpyr4INIvS3D +gB6Y4uH+kDlWVQutqiPNvNSn0AxBnTEBOsBqqyDqzAXujcoSOxTbU9GLv5jk08iU +Q9H4EkGMQgUr0VsPSBjrxK0VrQY9StpyObUM2z6LfRNjI5SGDvR6FBRdKUBdmUWw +EMvUhB39MbFebvXHNkyFeFaTbc6hgCRgzLNHpb2xzq7YCb+F5CsLFD8WuWKLn/Fn +61MSLvP99mIUM5MBBqacfrJSFzBWL8LX/NpEAO4SRbnKUJRr3e8cjfALU9oZnCgr +2TY91lnlJcfPTeHLckkYVacz+l0E8zJpge7PViYGK2Zdune7EJZ2QZ/EnhV7mrjc +GVwK6PZQ/l0UpzSz0yYyAzsb9OW7AlGOnH6u6lCP0sYwMDRdr1fPvq5Cu0ZkVzy+ +sfVD5kOyy35WEJQVmyuTu8ifos0QcmbqCNF5IrZtfZL7m/4Msg+GePL6x20A1TMF +rZ//+1gNbcxaeZZVG7Jw7RfW461SMbTuypt3Qp2eNHox6OrF+6A96t5vfOwqYa8W +GMMobFVQR8lH4qsBt/km0iQVjkvIjoSaPSSBcIgBxzXJwU2XCzVsj8tFW9IXP1SG +4ouMty6qbFb73k9EwliEQkLBjXfINp5/wlR1nv4dAA66rZNtysktWah8t8jXtSAw +DQYJKoZIhvcNAQEFBQADggEBAGCcqiwYrVUdQ7t4CvuPkuD7NFIAlVFNdwKaiJSp +moCCNL3sBWW1UjGKTLLRvn08oPAmrOQ8OkK1rusw+G7hxWjicEypp/WcaVCQv4or +M+BtWOUZ+fgIn6gHt4JRLMqt/R/t70AvONhIESL/XEjgQCP+GDuz+UDiwIxhzdcn +pSFU7APxKbeKIrFxiMaH8fB8fwPY60IH/LRTX7jA5ixXQWOm6r3u5ocmMW4naHd4 +qAWB5wGmU/rmvrSw+v0mHjwvI66DiCeZl9Y9i4mOKk+7eOTdOsKR1VifBtEg/+Qj +UHiltbupX9fkm5ncvaRS/stAYywBheGYbEMYMaatndvMuzw= -----END CERTIFICATE----- diff --git a/FreeRTOS-Plus/Source/CyaSSL/certs/ntru-key.raw b/FreeRTOS-Plus/Source/CyaSSL/certs/ntru-key.raw index 69c6c23ed6917eb6d12cee4b0b4b8c0d9ea64298..e482d5980d9a3d6b09084297e1ec008e0ab611a8 100644 GIT binary patch literal 607 zcmV-l0-*f@0{{XL*n8q$G_}#{1eCNY`j!JGcqA&kG(vC8DQ`6`{z|e%PRh~a6G+SW z(KtiuI^t7$e7OWY*y$f^+$~w~cUL5wPMoXYgGjwC!+;)`;^F>~IaXB*t*Rr#Qlta<@56h9WZVvC>gXX{fEF7y5NViYrz0S2a=ezH;*Fjg+Z)>-8x$IngS%W_E=Ri`uhT?F$oX@Ty~Rwf23W?i~> zyAYOkL7&8)6?>Yv+!QIl;#xO86U9VTq zzOF*MMr2n!zOnT~=0mc}epV2a6`L!QyU3rS%@A^C>Il(!BDQUPlKY$f46+Y~c=Gzk zZ2;9X1+Aa|`&bQa%vyPtRU5K!?HAVLtx_?x?#i2YLYfUdB>?&ce z78t`QY*kQ4$w%U=0k`=k(j*m*OURCdnmr_eaEJlNHOawEmkTv)kIO|{(icBehT@Bi zw=Sw|R{P#hM8a5vLPEifcgQxLf5KFCp8g#G4!W(AZOX|lS*U!s$k(+XlG)+uXCQXw tMLj!En1q`GnCy*27K5wntrc=c)^AIoJ9TSOx=Kwp(mN1wPK7NZQ*Z@oCtd&m literal 607 zcmV-l0-*f@0{{XLMGX)#(er_3*nc4u1tsf*QVP|Gm&UxKl(^Np$%&`;_7_iLH~pxA zXZxK==x7jCPc{PV{gtpby9l^M$K^BROIN)j4hZCLH}%(wPtQz3n!6ezi^5Xa+;_ig zqrUw^1QdP}h1f%)n+MzCELbJD7UioXq5Cw=Bu@M7n%VF{n#dH7E z&`H>z6M}|P+1?Vmtdn2Tn$2d{^J-gt2k*8Xte5OTYYq|yte~0LSuUiUkhosO8zicV zaCBVhca99~pYLLK5i7(?V7_vpEJ_?zKfK0-IET8tAIkCoP`(>wAZ?Tit?NjR62;PS zd>w4sF`n1! z&MKSghn%ZMjH-w+5s%C)8nDhW+97#uaY{5dr1^qr zgi=7{71}lr>P{GArfc7F#vj38mbyZUZa3KN%uZCxls83hp@3sM8+lO(SGf4c|L$zy zp2Yl&P_1nGeisJ8`^k-BV|mx%KW)jIjOcZ|EmNZ)JYKleHvqxO!Ko;}QV6?uMjjl> zlO{x`AeL3Hd-Y(us)$hY2d44s(8i=JMKcm9bmQvbuU4hx5cGcB1g!@aUM)oPXG3Me ztfL(Bs1V^h=s17tq#N4)knTe5!iILHOmyJ`a&7D}zDf6hm$UPB!LH7B*p~&|pIW z13nOkgNNNWKd&S)FA*lf&cp7MUzM7hm}e+xzzHU$U!z`VxI!ya5(P>^3# zLWz@`7?qF%mywl$xrvdV!Jvtei>Zl`k>S8pj)&onp9*ugUvhO+XG}fjy6)2+6@wj9 z&*}SJ`zF(|r)K`|73uZ=V&(*ve(yTP{@hf*|KZ;11Nt?qQ&x!oITc&I>w)6aBE5XQ zwi{E6Z>^CI-WhLyU6NPT|6y`+U^jP){aWW8OJ!nAHm_q?kbLx8J$GbAMe(v8iIq&b z>kmsZ>g^DCeC&+FmdwR&#+mJTM|O)Z`~2eW+TuOc`ifisrUmls4cYuKH(q9sa`8n@ z=1!4I0y|RRZeTR6!AN=P!t!0hm!=m#id8+C#e3K? zVab*anNCieFK=+{F;>_dp|pI}>mv`JB{mZO}Il7-+D3a7;zytD%Fbk^zGb7`FwvkETPENWE{52ZbK0yMQ@LM1 z*BK2ZPvK)@QHu*?KdnQ!r5s!|v#tQ3W5xD=3t4D*bEb?KsRC`U!x;fCxDeyU%s{kh zqee4nhi=5X7pC**-K}%HdoLli{bo@Ny;QT|ZC@O`BXiLS1Bn#U5V>T-D$t>pO1$CJ z8e7Mpz`%`&aVS~lemfzXXPp#Ji0|5X50)hbn0GiM=4^maR8}MYxnp*`6TdK?D<3DaPA_eo%`tNj7f#P3u)4l&OgGF`vV|te^*0veOk|yLR z22fBAcrK}U4HTEO64)_7tDylw!Z7#;Ul!zHchX?;pN;7By6a=!Dwl!pOl;;=G*K%k zH1ty(#8?VHyRWtPN`*r$Jn>jqfdYYn0P-wUb~z(s$q+KPldZ458FiL{WahQFi9$iq zZO|MW_#3Qg%Qie@ecbdJxWizvS4dw{Pgy!ue=@)sLr_1i&Tkj<4xd2EPOTL?$$9C( zSvYfWoCmSK~EnCLK7oQ%lh;bq}BJHHhf#3s64@iUv$zr zE&tGj-}|#5dM=w6uI9Q6u3uB6QtcbWkph8%0PL9ByVd^rQc8USRY`AEZc;CVqbsw9 zVzX4zV^Z4Vh<2dwixs8Q7!-1MUdN*ZAD$UvwHq6r!}7H<`Aos8>kKA+)L%+bT%<(? za73q8z|GP!;=h5Fk}*MtIT}L?7^PDmIT~LdL%fG--)_?)0RAGFa84Q- zDFT6k0E$6YC{dnY)Se4Fn4?tkY*y5&>1i{CBn;Zr3@yaJPXcK;eAMRLOzqbe5yL(J z=fftzQ3Bq(b)0WjoO<()@6U?GE7IBqYDCF%{%)Cv_*=g5eCB1fPi*kX#s3z{iyIf> zSUsXQs{y>fK+aQ)j_vR6S)Jfx=6qiDj!W@7!2*GRO-1=YjKy2@DjJHk@*J#d=?qpj zw@z}F)#ZxP;{WmS7!y5)3AosHr^y^~Qj{=5;PH5L{b3tS3C!kbDsinG-$T4s+ohzw zHE^U}&rkdSRhc?HBhP1A^&oqP$zWt6EvR|mb88V^u+ymx(njZ{&sjv client-key.pem +1) openssl genrsa 1024 > client-key.pem -2) openssl req -new -x509 -nodes -md5 -days 1000 -key client-key.pem > client-cert.pem +2) openssl req -new -x509 -nodes -sha1 -days 1000 -key client-key.pem > client-cert.pem -3) note sha1 would be -sha1 +3) note md5 would be -md5 -- adding metadata to beginning @@ -21,15 +21,31 @@ same as self signed, use ca prefix instead of client ***** Create a cert signed by CA ************** -1) openssl req -newkey rsa:512 -md5 -days 1000 -nodes -keyout server-key.pem > server-req.pem +1) openssl req -newkey rsa:1024 -sha1 -days 1000 -nodes -keyout server-key.pem > server-req.pem * note if using exisitng key do: -new -key keyName 2) copy ca-key.pem ca-cert.srl (why ????) -3) openssl x509 -req -in server-req.pem -days 1000 -md5 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem +3) openssl x509 -req -in server-req.pem -days 1000 -sha1 -CA ca-cert.pem -CAkey ca-key.pem -set_serial 01 > server-cert.pem +***** Adding Subject Key ID and Authentication Key ID extensions to a cert ***** + +Create a config file for OpenSSL with the example contents: + + [skidakid] + subjectKeyIdentifier=hash + authorityKeyIdentifier=keyid + +Add to the openssl command for creating a cert signed by a CA step 3 the +following options: + + -extfile -extensions skidakid + +anywhere before the redirect. This will add the cert's public key hash as the +Subject Key Identifier, and the signer's SKID as the Authentication Key ID. + ***** To create a dsa cert ******************** diff --git a/FreeRTOS-Plus/Source/CyaSSL/config.in b/FreeRTOS-Plus/Source/CyaSSL/config.in index 0b87d4f83..e040f3662 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/config.in +++ b/FreeRTOS-Plus/Source/CyaSSL/config.in @@ -1,7 +1,10 @@ /* config.in. Generated from configure.ac by autoheader. */ -/* Define to 1 if you have the `alarm' function. */ -#undef HAVE_ALARM +/* Define if building universal (internal helper macro) */ +#undef AC_APPLE_UNIVERSAL_BUILD + +/* Define to 1 to enable debugging code. */ +#undef DEBUG /* Define to 1 if you have the header file. */ #undef HAVE_ARPA_INET_H @@ -15,6 +18,9 @@ /* Define to 1 if you have the header file. */ #undef HAVE_FCNTL_H +/* Define to 1 if you have the `getaddrinfo' function. */ +#undef HAVE_GETADDRINFO + /* Define to 1 if you have the `gethostbyname' function. */ #undef HAVE_GETHOSTBYNAME @@ -30,13 +36,12 @@ /* Define to 1 if you have the `network' library (-lnetwork). */ #undef HAVE_LIBNETWORK +/* Define to 1 if you have the `pthread' library (-lpthread). */ +#undef HAVE_LIBPTHREAD + /* Define to 1 if you have the header file. */ #undef HAVE_LIMITS_H -/* Define to 1 if your system has a GNU libc compatible `malloc' function, and - to 0 otherwise. */ -#undef HAVE_MALLOC - /* Define to 1 if you have the header file. */ #undef HAVE_MEMORY_H @@ -49,16 +54,15 @@ /* Define to 1 if you have the header file. */ #undef HAVE_NETINET_IN_H +/* Define to 1 if you have the header file. */ +#undef HAVE_PCAP_PCAP_H + /* Define if you have POSIX threads libraries and header files. */ #undef HAVE_PTHREAD /* Have PTHREAD_PRIO_INHERIT. */ #undef HAVE_PTHREAD_PRIO_INHERIT -/* Define to 1 if your system has a GNU libc compatible `realloc' function, - and to 0 otherwise. */ -#undef HAVE_REALLOC - /* Define to 1 if you have the `socket' function. */ #undef HAVE_SOCKET @@ -99,6 +103,9 @@ declarations. */ #undef HAVE_VISIBILITY +/* Define to 1 if the system has the type `__uint128_t'. */ +#undef HAVE___UINT128_T + /* Define to the sub-directory in which libtool stores uninstalled libraries. */ #undef LT_OBJDIR @@ -106,9 +113,6 @@ /* Define to 1 if your C compiler doesn't accept -c and -o together. */ #undef NO_MINUS_C_MINUS_O -/* Name of package */ -#undef PACKAGE - /* Define to the address where bug reports for this package should be sent. */ #undef PACKAGE_BUGREPORT @@ -121,6 +125,9 @@ /* Define to the one symbol short name of this package. */ #undef PACKAGE_TARNAME +/* Define to the home page for this package. */ +#undef PACKAGE_URL + /* Define to the version of this package. */ #undef PACKAGE_VERSION @@ -137,27 +144,32 @@ /* Define to 1 if you have the ANSI C header files. */ #undef STDC_HEADERS -/* Define to 1 if you can safely include both and . */ -#undef TIME_WITH_SYS_TIME +/* If the compiler supports a TLS storage class define it to that here */ +#undef TLS -/* Version number of package */ -#undef VERSION +/* Define if the code was built from VCS. */ +#undef VCS_CHECKOUT -/* Define to 1 if your processor stores words with the most significant byte - first (like Motorola and SPARC, unlike Intel and VAX). */ -#undef WORDS_BIGENDIAN +/* VCS system */ +#undef VCS_SYSTEM + +/* Define WORDS_BIGENDIAN to 1 if your processor stores words with the most + significant byte first (like Motorola and SPARC, unlike Intel). */ +#if defined AC_APPLE_UNIVERSAL_BUILD +# if defined __BIG_ENDIAN__ +# define WORDS_BIGENDIAN 1 +# endif +#else +# ifndef WORDS_BIGENDIAN +# undef WORDS_BIGENDIAN +# endif +#endif /* Define for Solaris 2.5.1 so the uint8_t typedef from , - , or is not used. If the typedef was allowed, the + , or is not used. If the typedef were allowed, the #define below would cause a syntax error. */ #undef _UINT8_T -/* Define to rpl_malloc if the replacement function should be used. */ -#undef malloc - -/* Define to rpl_realloc if the replacement function should be used. */ -#undef realloc - /* Define to `unsigned int' if does not define. */ #undef size_t diff --git a/FreeRTOS-Plus/Source/CyaSSL/config/compile b/FreeRTOS-Plus/Source/CyaSSL/config/compile deleted file mode 100644 index 1b1d23216..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/config/compile +++ /dev/null @@ -1,142 +0,0 @@ -#! /bin/sh -# Wrapper for compilers which do not understand `-c -o'. - -scriptversion=2005-05-14.22 - -# Copyright (C) 1999, 2000, 2003, 2004, 2005 Free Software Foundation, Inc. -# Written by Tom Tromey . -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA. - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# This file is maintained in Automake, please report -# bugs to or send patches to -# . - -case $1 in - '') - echo "$0: No command. Try \`$0 --help' for more information." 1>&2 - exit 1; - ;; - -h | --h*) - cat <<\EOF -Usage: compile [--help] [--version] PROGRAM [ARGS] - -Wrapper for compilers which do not understand `-c -o'. -Remove `-o dest.o' from ARGS, run PROGRAM with the remaining -arguments, and rename the output as expected. - -If you are trying to build a whole package this is not the -right script to run: please start by reading the file `INSTALL'. - -Report bugs to . -EOF - exit $? - ;; - -v | --v*) - echo "compile $scriptversion" - exit $? - ;; -esac - -ofile= -cfile= -eat= - -for arg -do - if test -n "$eat"; then - eat= - else - case $1 in - -o) - # configure might choose to run compile as `compile cc -o foo foo.c'. - # So we strip `-o arg' only if arg is an object. - eat=1 - case $2 in - *.o | *.obj) - ofile=$2 - ;; - *) - set x "$@" -o "$2" - shift - ;; - esac - ;; - *.c) - cfile=$1 - set x "$@" "$1" - shift - ;; - *) - set x "$@" "$1" - shift - ;; - esac - fi - shift -done - -if test -z "$ofile" || test -z "$cfile"; then - # If no `-o' option was seen then we might have been invoked from a - # pattern rule where we don't need one. That is ok -- this is a - # normal compilation that the losing compiler can handle. If no - # `.c' file was seen then we are probably linking. That is also - # ok. - exec "$@" -fi - -# Name of file we expect compiler to create. -cofile=`echo "$cfile" | sed -e 's|^.*/||' -e 's/\.c$/.o/'` - -# Create the lock directory. -# Note: use `[/.-]' here to ensure that we don't use the same name -# that we are using for the .o file. Also, base the name on the expected -# object file name, since that is what matters with a parallel build. -lockdir=`echo "$cofile" | sed -e 's|[/.-]|_|g'`.d -while true; do - if mkdir "$lockdir" >/dev/null 2>&1; then - break - fi - sleep 1 -done -# FIXME: race condition here if user kills between mkdir and trap. -trap "rmdir '$lockdir'; exit 1" 1 2 15 - -# Run the compile. -"$@" -ret=$? - -if test -f "$cofile"; then - mv "$cofile" "$ofile" -elif test -f "${cofile}bj"; then - mv "${cofile}bj" "$ofile" -fi - -rmdir "$lockdir" -exit $ret - -# Local Variables: -# mode: shell-script -# sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" -# End: diff --git a/FreeRTOS-Plus/Source/CyaSSL/config/depcomp b/FreeRTOS-Plus/Source/CyaSSL/config/depcomp deleted file mode 100644 index ca5ea4e1e..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/config/depcomp +++ /dev/null @@ -1,584 +0,0 @@ -#! /bin/sh -# depcomp - compile a program generating dependencies as side-effects - -scriptversion=2006-10-15.18 - -# Copyright (C) 1999, 2000, 2003, 2004, 2005, 2006 Free Software -# Foundation, Inc. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301, USA. - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -# Originally written by Alexandre Oliva . - -case $1 in - '') - echo "$0: No command. Try \`$0 --help' for more information." 1>&2 - exit 1; - ;; - -h | --h*) - cat <<\EOF -Usage: depcomp [--help] [--version] PROGRAM [ARGS] - -Run PROGRAMS ARGS to compile a file, generating dependencies -as side-effects. - -Environment variables: - depmode Dependency tracking mode. - source Source file read by `PROGRAMS ARGS'. - object Object file output by `PROGRAMS ARGS'. - DEPDIR directory where to store dependencies. - depfile Dependency file to output. - tmpdepfile Temporary file to use when outputing dependencies. - libtool Whether libtool is used (yes/no). - -Report bugs to . -EOF - exit $? - ;; - -v | --v*) - echo "depcomp $scriptversion" - exit $? - ;; -esac - -if test -z "$depmode" || test -z "$source" || test -z "$object"; then - echo "depcomp: Variables source, object and depmode must be set" 1>&2 - exit 1 -fi - -# Dependencies for sub/bar.o or sub/bar.obj go into sub/.deps/bar.Po. -depfile=${depfile-`echo "$object" | - sed 's|[^\\/]*$|'${DEPDIR-.deps}'/&|;s|\.\([^.]*\)$|.P\1|;s|Pobj$|Po|'`} -tmpdepfile=${tmpdepfile-`echo "$depfile" | sed 's/\.\([^.]*\)$/.T\1/'`} - -rm -f "$tmpdepfile" - -# Some modes work just like other modes, but use different flags. We -# parameterize here, but still list the modes in the big case below, -# to make depend.m4 easier to write. Note that we *cannot* use a case -# here, because this file can only contain one case statement. -if test "$depmode" = hp; then - # HP compiler uses -M and no extra arg. - gccflag=-M - depmode=gcc -fi - -if test "$depmode" = dashXmstdout; then - # This is just like dashmstdout with a different argument. - dashmflag=-xM - depmode=dashmstdout -fi - -case "$depmode" in -gcc3) -## gcc 3 implements dependency tracking that does exactly what -## we want. Yay! Note: for some reason libtool 1.4 doesn't like -## it if -MD -MP comes after the -MF stuff. Hmm. -## Unfortunately, FreeBSD c89 acceptance of flags depends upon -## the command line argument order; so add the flags where they -## appear in depend2.am. Note that the slowdown incurred here -## affects only configure: in makefiles, %FASTDEP% shortcuts this. - for arg - do - case $arg in - -c) set fnord "$@" -MT "$object" -MD -MP -MF "$tmpdepfile" "$arg" ;; - *) set fnord "$@" "$arg" ;; - esac - shift # fnord - shift # $arg - done - "$@" - stat=$? - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile" - exit $stat - fi - mv "$tmpdepfile" "$depfile" - ;; - -gcc) -## There are various ways to get dependency output from gcc. Here's -## why we pick this rather obscure method: -## - Don't want to use -MD because we'd like the dependencies to end -## up in a subdir. Having to rename by hand is ugly. -## (We might end up doing this anyway to support other compilers.) -## - The DEPENDENCIES_OUTPUT environment variable makes gcc act like -## -MM, not -M (despite what the docs say). -## - Using -M directly means running the compiler twice (even worse -## than renaming). - if test -z "$gccflag"; then - gccflag=-MD, - fi - "$@" -Wp,"$gccflag$tmpdepfile" - stat=$? - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile" - exit $stat - fi - rm -f "$depfile" - echo "$object : \\" > "$depfile" - alpha=ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz -## The second -e expression handles DOS-style file names with drive letters. - sed -e 's/^[^:]*: / /' \ - -e 's/^['$alpha']:\/[^:]*: / /' < "$tmpdepfile" >> "$depfile" -## This next piece of magic avoids the `deleted header file' problem. -## The problem is that when a header file which appears in a .P file -## is deleted, the dependency causes make to die (because there is -## typically no way to rebuild the header). We avoid this by adding -## dummy dependencies for each header file. Too bad gcc doesn't do -## this for us directly. - tr ' ' ' -' < "$tmpdepfile" | -## Some versions of gcc put a space before the `:'. On the theory -## that the space means something, we add a space to the output as -## well. -## Some versions of the HPUX 10.20 sed can't process this invocation -## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -hp) - # This case exists only to let depend.m4 do its work. It works by - # looking at the text of this script. This case will never be run, - # since it is checked for above. - exit 1 - ;; - -sgi) - if test "$libtool" = yes; then - "$@" "-Wp,-MDupdate,$tmpdepfile" - else - "$@" -MDupdate "$tmpdepfile" - fi - stat=$? - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile" - exit $stat - fi - rm -f "$depfile" - - if test -f "$tmpdepfile"; then # yes, the sourcefile depend on other files - echo "$object : \\" > "$depfile" - - # Clip off the initial element (the dependent). Don't try to be - # clever and replace this with sed code, as IRIX sed won't handle - # lines with more than a fixed number of characters (4096 in - # IRIX 6.2 sed, 8192 in IRIX 6.5). We also remove comment lines; - # the IRIX cc adds comments like `#:fec' to the end of the - # dependency line. - tr ' ' ' -' < "$tmpdepfile" \ - | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' | \ - tr ' -' ' ' >> $depfile - echo >> $depfile - - # The second pass generates a dummy entry for each header file. - tr ' ' ' -' < "$tmpdepfile" \ - | sed -e 's/^.*\.o://' -e 's/#.*$//' -e '/^$/ d' -e 's/$/:/' \ - >> $depfile - else - # The sourcefile does not contain any dependencies, so just - # store a dummy comment line, to avoid errors with the Makefile - # "include basename.Plo" scheme. - echo "#dummy" > "$depfile" - fi - rm -f "$tmpdepfile" - ;; - -aix) - # The C for AIX Compiler uses -M and outputs the dependencies - # in a .u file. In older versions, this file always lives in the - # current directory. Also, the AIX compiler puts `$object:' at the - # start of each line; $object doesn't have directory information. - # Version 6 uses the directory in both cases. - stripped=`echo "$object" | sed 's/\(.*\)\..*$/\1/'` - tmpdepfile="$stripped.u" - if test "$libtool" = yes; then - "$@" -Wc,-M - else - "$@" -M - fi - stat=$? - - if test -f "$tmpdepfile"; then : - else - stripped=`echo "$stripped" | sed 's,^.*/,,'` - tmpdepfile="$stripped.u" - fi - - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile" - exit $stat - fi - - if test -f "$tmpdepfile"; then - outname="$stripped.o" - # Each line is of the form `foo.o: dependent.h'. - # Do two passes, one to just change these to - # `$object: dependent.h' and one to simply `dependent.h:'. - sed -e "s,^$outname:,$object :," < "$tmpdepfile" > "$depfile" - sed -e "s,^$outname: \(.*\)$,\1:," < "$tmpdepfile" >> "$depfile" - else - # The sourcefile does not contain any dependencies, so just - # store a dummy comment line, to avoid errors with the Makefile - # "include basename.Plo" scheme. - echo "#dummy" > "$depfile" - fi - rm -f "$tmpdepfile" - ;; - -icc) - # Intel's C compiler understands `-MD -MF file'. However on - # icc -MD -MF foo.d -c -o sub/foo.o sub/foo.c - # ICC 7.0 will fill foo.d with something like - # foo.o: sub/foo.c - # foo.o: sub/foo.h - # which is wrong. We want: - # sub/foo.o: sub/foo.c - # sub/foo.o: sub/foo.h - # sub/foo.c: - # sub/foo.h: - # ICC 7.1 will output - # foo.o: sub/foo.c sub/foo.h - # and will wrap long lines using \ : - # foo.o: sub/foo.c ... \ - # sub/foo.h ... \ - # ... - - "$@" -MD -MF "$tmpdepfile" - stat=$? - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile" - exit $stat - fi - rm -f "$depfile" - # Each line is of the form `foo.o: dependent.h', - # or `foo.o: dep1.h dep2.h \', or ` dep3.h dep4.h \'. - # Do two passes, one to just change these to - # `$object: dependent.h' and one to simply `dependent.h:'. - sed "s,^[^:]*:,$object :," < "$tmpdepfile" > "$depfile" - # Some versions of the HPUX 10.20 sed can't process this invocation - # correctly. Breaking it into two sed invocations is a workaround. - sed 's,^[^:]*: \(.*\)$,\1,;s/^\\$//;/^$/d;/:$/d' < "$tmpdepfile" | - sed -e 's/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -hp2) - # The "hp" stanza above does not work with aCC (C++) and HP's ia64 - # compilers, which have integrated preprocessors. The correct option - # to use with these is +Maked; it writes dependencies to a file named - # 'foo.d', which lands next to the object file, wherever that - # happens to be. - # Much of this is similar to the tru64 case; see comments there. - dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` - test "x$dir" = "x$object" && dir= - base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` - if test "$libtool" = yes; then - tmpdepfile1=$dir$base.d - tmpdepfile2=$dir.libs/$base.d - "$@" -Wc,+Maked - else - tmpdepfile1=$dir$base.d - tmpdepfile2=$dir$base.d - "$@" +Maked - fi - stat=$? - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile1" "$tmpdepfile2" - exit $stat - fi - - for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" - do - test -f "$tmpdepfile" && break - done - if test -f "$tmpdepfile"; then - sed -e "s,^.*\.[a-z]*:,$object:," "$tmpdepfile" > "$depfile" - # Add `dependent.h:' lines. - sed -ne '2,${; s/^ *//; s/ \\*$//; s/$/:/; p;}' "$tmpdepfile" >> "$depfile" - else - echo "#dummy" > "$depfile" - fi - rm -f "$tmpdepfile" "$tmpdepfile2" - ;; - -tru64) - # The Tru64 compiler uses -MD to generate dependencies as a side - # effect. `cc -MD -o foo.o ...' puts the dependencies into `foo.o.d'. - # At least on Alpha/Redhat 6.1, Compaq CCC V6.2-504 seems to put - # dependencies in `foo.d' instead, so we check for that too. - # Subdirectories are respected. - dir=`echo "$object" | sed -e 's|/[^/]*$|/|'` - test "x$dir" = "x$object" && dir= - base=`echo "$object" | sed -e 's|^.*/||' -e 's/\.o$//' -e 's/\.lo$//'` - - if test "$libtool" = yes; then - # With Tru64 cc, shared objects can also be used to make a - # static library. This mechanism is used in libtool 1.4 series to - # handle both shared and static libraries in a single compilation. - # With libtool 1.4, dependencies were output in $dir.libs/$base.lo.d. - # - # With libtool 1.5 this exception was removed, and libtool now - # generates 2 separate objects for the 2 libraries. These two - # compilations output dependencies in $dir.libs/$base.o.d and - # in $dir$base.o.d. We have to check for both files, because - # one of the two compilations can be disabled. We should prefer - # $dir$base.o.d over $dir.libs/$base.o.d because the latter is - # automatically cleaned when .libs/ is deleted, while ignoring - # the former would cause a distcleancheck panic. - tmpdepfile1=$dir.libs/$base.lo.d # libtool 1.4 - tmpdepfile2=$dir$base.o.d # libtool 1.5 - tmpdepfile3=$dir.libs/$base.o.d # libtool 1.5 - tmpdepfile4=$dir.libs/$base.d # Compaq CCC V6.2-504 - "$@" -Wc,-MD - else - tmpdepfile1=$dir$base.o.d - tmpdepfile2=$dir$base.d - tmpdepfile3=$dir$base.d - tmpdepfile4=$dir$base.d - "$@" -MD - fi - - stat=$? - if test $stat -eq 0; then : - else - rm -f "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" - exit $stat - fi - - for tmpdepfile in "$tmpdepfile1" "$tmpdepfile2" "$tmpdepfile3" "$tmpdepfile4" - do - test -f "$tmpdepfile" && break - done - if test -f "$tmpdepfile"; then - sed -e "s,^.*\.[a-z]*:,$object:," < "$tmpdepfile" > "$depfile" - # That's a tab and a space in the []. - sed -e 's,^.*\.[a-z]*:[ ]*,,' -e 's,$,:,' < "$tmpdepfile" >> "$depfile" - else - echo "#dummy" > "$depfile" - fi - rm -f "$tmpdepfile" - ;; - -#nosideeffect) - # This comment above is used by automake to tell side-effect - # dependency tracking mechanisms from slower ones. - -dashmstdout) - # Important note: in order to support this mode, a compiler *must* - # always write the preprocessed file to stdout, regardless of -o. - "$@" || exit $? - - # Remove the call to Libtool. - if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do - shift - done - shift - fi - - # Remove `-o $object'. - IFS=" " - for arg - do - case $arg in - -o) - shift - ;; - $object) - shift - ;; - *) - set fnord "$@" "$arg" - shift # fnord - shift # $arg - ;; - esac - done - - test -z "$dashmflag" && dashmflag=-M - # Require at least two characters before searching for `:' - # in the target name. This is to cope with DOS-style filenames: - # a dependency such as `c:/foo/bar' could be seen as target `c' otherwise. - "$@" $dashmflag | - sed 's:^[ ]*[^: ][^:][^:]*\:[ ]*:'"$object"'\: :' > "$tmpdepfile" - rm -f "$depfile" - cat < "$tmpdepfile" > "$depfile" - tr ' ' ' -' < "$tmpdepfile" | \ -## Some versions of the HPUX 10.20 sed can't process this invocation -## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -dashXmstdout) - # This case only exists to satisfy depend.m4. It is never actually - # run, as this mode is specially recognized in the preamble. - exit 1 - ;; - -makedepend) - "$@" || exit $? - # Remove any Libtool call - if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do - shift - done - shift - fi - # X makedepend - shift - cleared=no - for arg in "$@"; do - case $cleared in - no) - set ""; shift - cleared=yes ;; - esac - case "$arg" in - -D*|-I*) - set fnord "$@" "$arg"; shift ;; - # Strip any option that makedepend may not understand. Remove - # the object too, otherwise makedepend will parse it as a source file. - -*|$object) - ;; - *) - set fnord "$@" "$arg"; shift ;; - esac - done - obj_suffix="`echo $object | sed 's/^.*\././'`" - touch "$tmpdepfile" - ${MAKEDEPEND-makedepend} -o"$obj_suffix" -f"$tmpdepfile" "$@" - rm -f "$depfile" - cat < "$tmpdepfile" > "$depfile" - sed '1,2d' "$tmpdepfile" | tr ' ' ' -' | \ -## Some versions of the HPUX 10.20 sed can't process this invocation -## correctly. Breaking it into two sed invocations is a workaround. - sed -e 's/^\\$//' -e '/^$/d' -e '/:$/d' | sed -e 's/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" "$tmpdepfile".bak - ;; - -cpp) - # Important note: in order to support this mode, a compiler *must* - # always write the preprocessed file to stdout. - "$@" || exit $? - - # Remove the call to Libtool. - if test "$libtool" = yes; then - while test $1 != '--mode=compile'; do - shift - done - shift - fi - - # Remove `-o $object'. - IFS=" " - for arg - do - case $arg in - -o) - shift - ;; - $object) - shift - ;; - *) - set fnord "$@" "$arg" - shift # fnord - shift # $arg - ;; - esac - done - - "$@" -E | - sed -n -e '/^# [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' \ - -e '/^#line [0-9][0-9]* "\([^"]*\)".*/ s:: \1 \\:p' | - sed '$ s: \\$::' > "$tmpdepfile" - rm -f "$depfile" - echo "$object : \\" > "$depfile" - cat < "$tmpdepfile" >> "$depfile" - sed < "$tmpdepfile" '/^$/d;s/^ //;s/ \\$//;s/$/ :/' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -msvisualcpp) - # Important note: in order to support this mode, a compiler *must* - # always write the preprocessed file to stdout, regardless of -o, - # because we must use -o when running libtool. - "$@" || exit $? - IFS=" " - for arg - do - case "$arg" in - "-Gm"|"/Gm"|"-Gi"|"/Gi"|"-ZI"|"/ZI") - set fnord "$@" - shift - shift - ;; - *) - set fnord "$@" "$arg" - shift - shift - ;; - esac - done - "$@" -E | - sed -n '/^#line [0-9][0-9]* "\([^"]*\)"/ s::echo "`cygpath -u \\"\1\\"`":p' | sort | uniq > "$tmpdepfile" - rm -f "$depfile" - echo "$object : \\" > "$depfile" - . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s:: \1 \\:p' >> "$depfile" - echo " " >> "$depfile" - . "$tmpdepfile" | sed 's% %\\ %g' | sed -n '/^\(.*\)$/ s::\1\::p' >> "$depfile" - rm -f "$tmpdepfile" - ;; - -none) - exec "$@" - ;; - -*) - echo "Unknown depmode $depmode" 1>&2 - exit 1 - ;; -esac - -exit 0 - -# Local Variables: -# mode: shell-script -# sh-indentation: 2 -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" -# End: diff --git a/FreeRTOS-Plus/Source/CyaSSL/config/missing b/FreeRTOS-Plus/Source/CyaSSL/config/missing deleted file mode 100644 index 1c8ff7049..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/config/missing +++ /dev/null @@ -1,367 +0,0 @@ -#! /bin/sh -# Common stub for a few missing GNU programs while installing. - -scriptversion=2006-05-10.23 - -# Copyright (C) 1996, 1997, 1999, 2000, 2002, 2003, 2004, 2005, 2006 -# Free Software Foundation, Inc. -# Originally by Fran,cois Pinard , 1996. - -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; either version 2, or (at your option) -# any later version. - -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. - -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA -# 02110-1301, USA. - -# As a special exception to the GNU General Public License, if you -# distribute this file as part of a program that contains a -# configuration script generated by Autoconf, you may include it under -# the same distribution terms that you use for the rest of that program. - -if test $# -eq 0; then - echo 1>&2 "Try \`$0 --help' for more information" - exit 1 -fi - -run=: -sed_output='s/.* --output[ =]\([^ ]*\).*/\1/p' -sed_minuso='s/.* -o \([^ ]*\).*/\1/p' - -# In the cases where this matters, `missing' is being run in the -# srcdir already. -if test -f configure.ac; then - configure_ac=configure.ac -else - configure_ac=configure.in -fi - -msg="missing on your system" - -case $1 in ---run) - # Try to run requested program, and just exit if it succeeds. - run= - shift - "$@" && exit 0 - # Exit code 63 means version mismatch. This often happens - # when the user try to use an ancient version of a tool on - # a file that requires a minimum version. In this case we - # we should proceed has if the program had been absent, or - # if --run hadn't been passed. - if test $? = 63; then - run=: - msg="probably too old" - fi - ;; - - -h|--h|--he|--hel|--help) - echo "\ -$0 [OPTION]... PROGRAM [ARGUMENT]... - -Handle \`PROGRAM [ARGUMENT]...' for when PROGRAM is missing, or return an -error status if there is no known handling for PROGRAM. - -Options: - -h, --help display this help and exit - -v, --version output version information and exit - --run try to run the given command, and emulate it if it fails - -Supported PROGRAM values: - aclocal touch file \`aclocal.m4' - autoconf touch file \`configure' - autoheader touch file \`config.h.in' - autom4te touch the output file, or create a stub one - automake touch all \`Makefile.in' files - bison create \`y.tab.[ch]', if possible, from existing .[ch] - flex create \`lex.yy.c', if possible, from existing .c - help2man touch the output file - lex create \`lex.yy.c', if possible, from existing .c - makeinfo touch the output file - tar try tar, gnutar, gtar, then tar without non-portable flags - yacc create \`y.tab.[ch]', if possible, from existing .[ch] - -Send bug reports to ." - exit $? - ;; - - -v|--v|--ve|--ver|--vers|--versi|--versio|--version) - echo "missing $scriptversion (GNU Automake)" - exit $? - ;; - - -*) - echo 1>&2 "$0: Unknown \`$1' option" - echo 1>&2 "Try \`$0 --help' for more information" - exit 1 - ;; - -esac - -# Now exit if we have it, but it failed. Also exit now if we -# don't have it and --version was passed (most likely to detect -# the program). -case $1 in - lex|yacc) - # Not GNU programs, they don't have --version. - ;; - - tar) - if test -n "$run"; then - echo 1>&2 "ERROR: \`tar' requires --run" - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - exit 1 - fi - ;; - - *) - if test -z "$run" && ($1 --version) > /dev/null 2>&1; then - # We have it, but it failed. - exit 1 - elif test "x$2" = "x--version" || test "x$2" = "x--help"; then - # Could not run --version or --help. This is probably someone - # running `$TOOL --version' or `$TOOL --help' to check whether - # $TOOL exists and not knowing $TOOL uses missing. - exit 1 - fi - ;; -esac - -# If it does not exist, or fails to run (possibly an outdated version), -# try to emulate it. -case $1 in - aclocal*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acinclude.m4' or \`${configure_ac}'. You might want - to install the \`Automake' and \`Perl' packages. Grab them from - any GNU archive site." - touch aclocal.m4 - ;; - - autoconf) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`${configure_ac}'. You might want to install the - \`Autoconf' and \`GNU m4' packages. Grab them from any GNU - archive site." - touch configure - ;; - - autoheader) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`acconfig.h' or \`${configure_ac}'. You might want - to install the \`Autoconf' and \`GNU m4' packages. Grab them - from any GNU archive site." - files=`sed -n 's/^[ ]*A[CM]_CONFIG_HEADER(\([^)]*\)).*/\1/p' ${configure_ac}` - test -z "$files" && files="config.h" - touch_files= - for f in $files; do - case $f in - *:*) touch_files="$touch_files "`echo "$f" | - sed -e 's/^[^:]*://' -e 's/:.*//'`;; - *) touch_files="$touch_files $f.in";; - esac - done - touch $touch_files - ;; - - automake*) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified \`Makefile.am', \`acinclude.m4' or \`${configure_ac}'. - You might want to install the \`Automake' and \`Perl' packages. - Grab them from any GNU archive site." - find . -type f -name Makefile.am -print | - sed 's/\.am$/.in/' | - while read f; do touch "$f"; done - ;; - - autom4te) - echo 1>&2 "\ -WARNING: \`$1' is needed, but is $msg. - You might have modified some files without having the - proper tools for further handling them. - You can get \`$1' as part of \`Autoconf' from any GNU - archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo "#! /bin/sh" - echo "# Created by GNU Automake missing as a replacement of" - echo "# $ $@" - echo "exit 0" - chmod +x $file - exit 1 - fi - ;; - - bison|yacc) - echo 1>&2 "\ -WARNING: \`$1' $msg. You should only need it if - you modified a \`.y' file. You may need the \`Bison' package - in order for those modifications to take effect. You can get - \`Bison' from any GNU archive site." - rm -f y.tab.c y.tab.h - if test $# -ne 1; then - eval LASTARG="\${$#}" - case $LASTARG in - *.y) - SRCFILE=`echo "$LASTARG" | sed 's/y$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.c - fi - SRCFILE=`echo "$LASTARG" | sed 's/y$/h/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" y.tab.h - fi - ;; - esac - fi - if test ! -f y.tab.h; then - echo >y.tab.h - fi - if test ! -f y.tab.c; then - echo 'main() { return 0; }' >y.tab.c - fi - ;; - - lex|flex) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.l' file. You may need the \`Flex' package - in order for those modifications to take effect. You can get - \`Flex' from any GNU archive site." - rm -f lex.yy.c - if test $# -ne 1; then - eval LASTARG="\${$#}" - case $LASTARG in - *.l) - SRCFILE=`echo "$LASTARG" | sed 's/l$/c/'` - if test -f "$SRCFILE"; then - cp "$SRCFILE" lex.yy.c - fi - ;; - esac - fi - if test ! -f lex.yy.c; then - echo 'main() { return 0; }' >lex.yy.c - fi - ;; - - help2man) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a dependency of a manual page. You may need the - \`Help2man' package in order for those modifications to take - effect. You can get \`Help2man' from any GNU archive site." - - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -f "$file"; then - touch $file - else - test -z "$file" || exec >$file - echo ".ab help2man is required to generate this page" - exit 1 - fi - ;; - - makeinfo) - echo 1>&2 "\ -WARNING: \`$1' is $msg. You should only need it if - you modified a \`.texi' or \`.texinfo' file, or any other file - indirectly affecting the aspect of the manual. The spurious - call might also be the consequence of using a buggy \`make' (AIX, - DU, IRIX). You might want to install the \`Texinfo' package or - the \`GNU make' package. Grab either from any GNU archive site." - # The file to touch is that specified with -o ... - file=`echo "$*" | sed -n "$sed_output"` - test -z "$file" && file=`echo "$*" | sed -n "$sed_minuso"` - if test -z "$file"; then - # ... or it is the one specified with @setfilename ... - infile=`echo "$*" | sed 's/.* \([^ ]*\) *$/\1/'` - file=`sed -n ' - /^@setfilename/{ - s/.* \([^ ]*\) *$/\1/ - p - q - }' $infile` - # ... or it is derived from the source name (dir/f.texi becomes f.info) - test -z "$file" && file=`echo "$infile" | sed 's,.*/,,;s,.[^.]*$,,'`.info - fi - # If the file does not exist, the user really needs makeinfo; - # let's fail without touching anything. - test -f $file || exit 1 - touch $file - ;; - - tar) - shift - - # We have already tried tar in the generic part. - # Look for gnutar/gtar before invocation to avoid ugly error - # messages. - if (gnutar --version > /dev/null 2>&1); then - gnutar "$@" && exit 0 - fi - if (gtar --version > /dev/null 2>&1); then - gtar "$@" && exit 0 - fi - firstarg="$1" - if shift; then - case $firstarg in - *o*) - firstarg=`echo "$firstarg" | sed s/o//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - case $firstarg in - *h*) - firstarg=`echo "$firstarg" | sed s/h//` - tar "$firstarg" "$@" && exit 0 - ;; - esac - fi - - echo 1>&2 "\ -WARNING: I can't seem to be able to run \`tar' with the given arguments. - You may want to install GNU tar or Free paxutils, or check the - command line arguments." - exit 1 - ;; - - *) - echo 1>&2 "\ -WARNING: \`$1' is needed, and is $msg. - You might have modified some files without having the - proper tools for further handling them. Check the \`README' file, - it often tells you about the needed prerequisites for installing - this package. You may also peek at any GNU archive site, in case - some other package would contain this missing \`$1' program." - exit 1 - ;; -esac - -exit 0 - -# Local variables: -# eval: (add-hook 'write-file-hooks 'time-stamp) -# time-stamp-start: "scriptversion=" -# time-stamp-format: "%:y-%02m-%02d.%02H" -# time-stamp-end: "$" -# End: diff --git a/FreeRTOS-Plus/Source/CyaSSL/configure b/FreeRTOS-Plus/Source/CyaSSL/configure index aff17db4a..1f221ebd6 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/configure +++ b/FreeRTOS-Plus/Source/CyaSSL/configure @@ -1,62 +1,83 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.61 for cyassl 2.3.0. +# Generated by GNU Autoconf 2.69 for cyassl 3.1.0. +# +# Report bugs to . +# +# +# Copyright (C) 1992-1996, 1998-2012 Free Software Foundation, Inc. # -# Report bugs to . # -# Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -# 2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. # This configure script is free software; the Free Software Foundation # gives unlimited permission to copy, distribute and modify it. -## --------------------- ## -## M4sh Initialization. ## -## --------------------- ## +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; esac - fi - - -# PATH needs CR -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' else - PATH_SEPARATOR=: + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' fi - rm -f conf$$.sh + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' fi -# Support unset when possible. -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } fi @@ -65,20 +86,19 @@ fi # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) -as_nl=' -' IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -case $0 in +as_myself= +case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break -done + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done IFS=$as_save_IFS ;; @@ -89,32 +109,324 @@ if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - { (exit 1); exit 1; } + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 fi -# Work around bugs in pre-3.0 UWIN ksh. -for as_var in ENV MAIL MAILPATH -do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + +# Use a proper internal environment variable to ensure we don't fall + # into an infinite loop, continuously re-executing ourselves. + if test x"${_as_can_reexec}" != xno && test "x$CONFIG_SHELL" != x; then + _as_can_reexec=no; export _as_can_reexec; + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +as_fn_exit 255 + fi + # We don't want this to propagate to other subprocesses. + { _as_can_reexec=; unset _as_can_reexec;} +if test "x$CONFIG_SHELL" = x; then + as_bourne_compatible="if test -n \"\${ZSH_VERSION+set}\" && (emulate sh) >/dev/null 2>&1; then : + emulate sh + NULLCMD=: + # Pre-4.2 versions of Zsh do word splitting on \${1+\"\$@\"}, which + # is contrary to our usage. Disable this feature. + alias -g '\${1+\"\$@\"}'='\"\$@\"' + setopt NO_GLOB_SUBST +else + case \`(set -o) 2>/dev/null\` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; +esac +fi +" + as_required="as_fn_return () { (exit \$1); } +as_fn_success () { as_fn_return 0; } +as_fn_failure () { as_fn_return 1; } +as_fn_ret_success () { return 0; } +as_fn_ret_failure () { return 1; } + +exitcode=0 +as_fn_success || { exitcode=1; echo as_fn_success failed.; } +as_fn_failure && { exitcode=1; echo as_fn_failure succeeded.; } +as_fn_ret_success || { exitcode=1; echo as_fn_ret_success failed.; } +as_fn_ret_failure && { exitcode=1; echo as_fn_ret_failure succeeded.; } +if ( set x; as_fn_ret_success y && test x = \"\$1\" ); then : + +else + exitcode=1; echo positional parameters were not saved. +fi +test x\$exitcode = x0 || exit 1 +test -x / || exit 1" + as_suggested=" as_lineno_1=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_1a=\$LINENO + as_lineno_2=";as_suggested=$as_suggested$LINENO;as_suggested=$as_suggested" as_lineno_2a=\$LINENO + eval 'test \"x\$as_lineno_1'\$as_run'\" != \"x\$as_lineno_2'\$as_run'\" && + test \"x\`expr \$as_lineno_1'\$as_run' + 1\`\" = \"x\$as_lineno_2'\$as_run'\"' || exit 1 + + test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || ( + ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' + ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO + ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO + PATH=/empty FPATH=/empty; export PATH FPATH + test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\ + || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" ) || exit 1 +test \$(( 1 + 1 )) = 2 || exit 1" + if (eval "$as_required") 2>/dev/null; then : + as_have_required=yes +else + as_have_required=no +fi + if test x$as_have_required = xyes && (eval "$as_suggested") 2>/dev/null; then : + +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_found=false +for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + as_found=: + case $as_dir in #( + /*) + for as_base in sh bash ksh sh5; do + # Try only shells that exist, to save several forks. + as_shell=$as_dir/$as_base + if { test -f "$as_shell" || test -f "$as_shell.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$as_shell"; } 2>/dev/null; then : + CONFIG_SHELL=$as_shell as_have_required=yes + if { $as_echo "$as_bourne_compatible""$as_suggested" | as_run=a "$as_shell"; } 2>/dev/null; then : + break 2 +fi +fi + done;; + esac + as_found=false +done +$as_found || { if { test -f "$SHELL" || test -f "$SHELL.exe"; } && + { $as_echo "$as_bourne_compatible""$as_required" | as_run=a "$SHELL"; } 2>/dev/null; then : + CONFIG_SHELL=$SHELL as_have_required=yes +fi; } +IFS=$as_save_IFS + + + if test "x$CONFIG_SHELL" != x; then : + export CONFIG_SHELL + # We cannot yet assume a decent shell, so we have to provide a +# neutralization value for shells without unset; and this also +# works around shells that cannot unset nonexistent variables. +# Preserve -v and -x to the replacement shell. +BASH_ENV=/dev/null +ENV=/dev/null +(unset BASH_ENV) >/dev/null 2>&1 && unset BASH_ENV ENV +case $- in # (((( + *v*x* | *x*v* ) as_opts=-vx ;; + *v* ) as_opts=-v ;; + *x* ) as_opts=-x ;; + * ) as_opts= ;; +esac +exec $CONFIG_SHELL $as_opts "$as_myself" ${1+"$@"} +# Admittedly, this is quite paranoid, since all the known shells bail +# out after a failed `exec'. +$as_echo "$0: could not re-execute with $CONFIG_SHELL" >&2 +exit 255 +fi + + if test x$as_have_required = xno; then : + $as_echo "$0: This script requires a shell more modern than all" + $as_echo "$0: the shells that I found on your system." + if test x${ZSH_VERSION+set} = xset ; then + $as_echo "$0: In particular, zsh $ZSH_VERSION has bugs and should" + $as_echo "$0: be upgraded to zsh 4.3.4 or later." else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var + $as_echo "$0: Please tell bug-autoconf@gnu.org and +$0: https://github.com/cyassl/cyassl/issues about your +$0: system, including any error possibly output before this +$0: message. Then install a modern shell, or manually run +$0: the script under such a shell if you do have one." fi -done + exit 1 +fi +fi +fi +SHELL=${CONFIG_SHELL-/bin/sh} +export SHELL +# Unset more variables known to interfere with behavior of common tools. +CLICOLOR_FORCE= GREP_OPTIONS= +unset CLICOLOR_FORCE GREP_OPTIONS + +## --------------------- ## +## M4sh Shell Functions. ## +## --------------------- ## +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 + fi + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error -# Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr @@ -128,13 +440,17 @@ else as_basename=false fi +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi -# Name of the executable. as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X/"$0" | +$as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q @@ -149,434 +465,115 @@ echo X/"$0" | } s/.*/./; q'` -# CDPATH. -$as_unset CDPATH +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits -if test "x$CONFIG_SHELL" = x; then - if (eval ":") 2>/dev/null; then - as_have_required=yes -else - as_have_required=no -fi + as_lineno_1=$LINENO as_lineno_1a=$LINENO + as_lineno_2=$LINENO as_lineno_2a=$LINENO + eval 'test "x$as_lineno_1'$as_run'" != "x$as_lineno_2'$as_run'" && + test "x`expr $as_lineno_1'$as_run' + 1`" = "x$as_lineno_2'$as_run'"' || { + # Blame Lee E. McMahon (1931-1989) for sed's syntax. :-) + sed -n ' + p + /[$]LINENO/= + ' <$as_myself | + sed ' + s/[$]LINENO.*/&-/ + t lineno + b + :lineno + N + :loop + s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ + t loop + s/-\n.*// + ' >$as_me.lineno && + chmod +x "$as_me.lineno" || + { $as_echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2; as_fn_exit 1; } - if test $as_have_required = yes && (eval ": -(as_func_return () { - (exit \$1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 + # If we had to re-execute with $CONFIG_SHELL, we're ensured to have + # already done that, so ensure we don't try to do so again and fall + # in an infinite loop. This has already happened in practice. + _as_can_reexec=no; export _as_can_reexec + # Don't try to exec as it changes $[0], causing all sort of problems + # (the dirname of $[0] is not the place where we might find the + # original and so on. Autoconf is especially sensitive to this). + . "./$as_me.lineno" + # Exit status is that of the last command. + exit } -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi +ECHO_C= ECHO_N= ECHO_T= +case `echo -n x` in #((((( +-n*) + case `echo 'xy\c'` in + *c*) ECHO_T=' ';; # ECHO_T is single tab character. + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; + esac;; +*) + ECHO_N='-n';; +esac -if as_func_ret_success; then - : +rm -f conf$$ conf$$.exe conf$$.file +if test -d conf$$.dir; then + rm -f conf$$.dir/conf$$.file else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. + rm -f conf$$.dir + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' fi +rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file +rmdir conf$$.dir 2>/dev/null -if ( set x; as_func_ret_success y && test x = \"\$1\" ); then - : +if mkdir -p . 2>/dev/null; then + as_mkdir_p='mkdir -p "$as_dir"' else - exitcode=1 - echo positional parameters were not saved. + test -d ./-p && rmdir ./-p + as_mkdir_p=false fi -test \$exitcode = 0) || { (exit 1); exit 1; } +as_test_x='test -x' +as_executable_p=as_fn_executable_p -( - as_lineno_1=\$LINENO - as_lineno_2=\$LINENO - test \"x\$as_lineno_1\" != \"x\$as_lineno_2\" && - test \"x\`expr \$as_lineno_1 + 1\`\" = \"x\$as_lineno_2\") || { (exit 1); exit 1; } +# Sed expression to map a string onto a valid CPP name. +as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" -( - test -n \"\${ZSH_VERSION+set}\${BASH_VERSION+set}\" || ( - ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' - ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO - ECHO=\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO\$ECHO - PATH=/empty FPATH=/empty; export PATH FPATH - test \"X\`printf %s \$ECHO\`\" = \"X\$ECHO\" \\ - || test \"X\`print -r -- \$ECHO\`\" = \"X\$ECHO\" )) || { (exit 1); exit 1; } -") 2> /dev/null; then - : -else - as_candidate_shells= - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in /bin$PATH_SEPARATOR/usr/bin$PATH_SEPARATOR$PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - case $as_dir in - /*) - for as_base in sh bash ksh sh5; do - as_candidate_shells="$as_candidate_shells $as_dir/$as_base" - done;; - esac -done -IFS=$as_save_IFS +# Sed expression to map a string onto a valid variable name. +as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" +SHELL=${CONFIG_SHELL-/bin/sh} - for as_shell in $as_candidate_shells $SHELL; do - # Try only shells that exist, to save several forks. - if { test -f "$as_shell" || test -f "$as_shell.exe"; } && - { ("$as_shell") 2> /dev/null <<\_ASEOF -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac -fi +test -n "$DJDIR" || exec 7<&0 &1 - -: -_ASEOF -}; then - CONFIG_SHELL=$as_shell - as_have_required=yes - if { "$as_shell" 2> /dev/null <<\_ASEOF -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then - emulate sh - NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which - # is contrary to our usage. Disable this feature. - alias -g '${1+"$@"}'='"$@"' - setopt NO_GLOB_SUBST -else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; -esac - -fi - - -: -(as_func_return () { - (exit $1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = "$1" ); then - : -else - exitcode=1 - echo positional parameters were not saved. -fi - -test $exitcode = 0) || { (exit 1); exit 1; } - -( - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2") || { (exit 1); exit 1; } - -( - test -n "${ZSH_VERSION+set}${BASH_VERSION+set}" || ( - ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' - ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO - ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO - PATH=/empty FPATH=/empty; export PATH FPATH - test "X`printf %s $ECHO`" = "X$ECHO" \ - || test "X`print -r -- $ECHO`" = "X$ECHO" )) || { (exit 1); exit 1; } - -_ASEOF -}; then - break -fi - -fi - - done - - if test "x$CONFIG_SHELL" != x; then - for as_var in BASH_ENV ENV - do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var - done - export CONFIG_SHELL - exec "$CONFIG_SHELL" "$as_myself" ${1+"$@"} -fi - - - if test $as_have_required = no; then - echo This script requires a shell more modern than all the - echo shells that I found on your system. Please install a - echo modern shell, or manually run the script under such a - echo shell if you do have one. - { (exit 1); exit 1; } -fi - - -fi - -fi - - - -(eval "as_func_return () { - (exit \$1) -} -as_func_success () { - as_func_return 0 -} -as_func_failure () { - as_func_return 1 -} -as_func_ret_success () { - return 0 -} -as_func_ret_failure () { - return 1 -} - -exitcode=0 -if as_func_success; then - : -else - exitcode=1 - echo as_func_success failed. -fi - -if as_func_failure; then - exitcode=1 - echo as_func_failure succeeded. -fi - -if as_func_ret_success; then - : -else - exitcode=1 - echo as_func_ret_success failed. -fi - -if as_func_ret_failure; then - exitcode=1 - echo as_func_ret_failure succeeded. -fi - -if ( set x; as_func_ret_success y && test x = \"\$1\" ); then - : -else - exitcode=1 - echo positional parameters were not saved. -fi - -test \$exitcode = 0") || { - echo No shell found that supports shell functions. - echo Please tell autoconf@gnu.org about your system, - echo including any error possibly output before this - echo message -} - - - - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || { - - # Create $as_me.lineno as a copy of $as_myself, but with $LINENO - # uniformly replaced by the line number. The first 'sed' inserts a - # line-number line after each line using $LINENO; the second 'sed' - # does the real work. The second script uses 'N' to pair each - # line-number line with the line containing $LINENO, and appends - # trailing '-' during substitution so that $LINENO is not a special - # case at line end. - # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the - # scripts with optimization help from Paolo Bonzini. Blame Lee - # E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 - { (exit 1); exit 1; }; } - - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi - -ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in --n*) - case `echo 'x\c'` in - *c*) ECHO_T=' ';; # ECHO_T is single tab character. - *) ECHO_C='\c';; - esac;; -*) - ECHO_N='-n';; -esac - -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - -rm -f conf$$ conf$$.exe conf$$.file -if test -d conf$$.dir; then - rm -f conf$$.dir/conf$$.file -else - rm -f conf$$.dir - mkdir conf$$.dir -fi -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln -else - as_ln_s='cp -p' -fi -rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file -rmdir conf$$.dir 2>/dev/null - -if mkdir -p . 2>/dev/null; then - as_mkdir_p=: -else - test -d ./-p && rmdir ./-p - as_mkdir_p=false -fi - -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x - -# Sed expression to map a string onto a valid CPP name. -as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" - -# Sed expression to map a string onto a valid variable name. -as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" - - -SHELL=${CONFIG_SHELL-/bin/sh} - - -exec 7<&0 &1 - -# Name of the host. -# hostname on some systems (SVR3.2, Linux) returns a bogus exit status, -# so uname gets run too. -ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` +# Name of the host. +# hostname on some systems (SVR3.2, old GNU/Linux) returns a bogus exit status, +# so uname gets run too. +ac_hostname=`(hostname || uname -n) 2>/dev/null | sed 1q` # # Initializations. @@ -589,14 +586,14 @@ cross_compiling=no subdirs= MFLAGS= MAKEFLAGS= -SHELL=${CONFIG_SHELL-/bin/sh} # Identity of this package. PACKAGE_NAME='cyassl' PACKAGE_TARNAME='cyassl' -PACKAGE_VERSION='2.3.0' -PACKAGE_STRING='cyassl 2.3.0' -PACKAGE_BUGREPORT='http://www.yassl.com' +PACKAGE_VERSION='3.1.0' +PACKAGE_STRING='cyassl 3.1.0' +PACKAGE_BUGREPORT='https://github.com/cyassl/cyassl/issues' +PACKAGE_URL='http://www.wolfssl.com' # Factoring default headers for most tests. ac_includes_default="\ @@ -634,170 +631,331 @@ ac_includes_default="\ # include #endif" -ac_header_list= -ac_func_list= -ac_subst_vars='SHELL -PATH_SEPARATOR -PACKAGE_NAME -PACKAGE_TARNAME -PACKAGE_VERSION -PACKAGE_STRING -PACKAGE_BUGREPORT -exec_prefix -prefix -program_transform_name -bindir -sbindir -libexecdir -datarootdir -datadir -sysconfdir -sharedstatedir -localstatedir -includedir -oldincludedir -docdir -infodir -htmldir -dvidir -pdfdir -psdir -libdir -localedir -mandir -DEFS -ECHO_C -ECHO_N -ECHO_T -LIBS -build_alias -host_alias -target_alias -build -build_cpu -build_vendor -build_os -host -host_cpu -host_vendor -host_os -target -target_cpu -target_vendor -target_os -INSTALL_PROGRAM -INSTALL_SCRIPT -INSTALL_DATA -am__isrc -CYGPATH_W -PACKAGE -VERSION -ACLOCAL -AUTOCONF -AUTOMAKE -AUTOHEADER -MAKEINFO -install_sh -STRIP -INSTALL_STRIP_PROGRAM -mkdir_p -AWK -SET_MAKE -am__leading_dot -AMTAR -am__tar -am__untar -CYASSL_LIBRARY_VERSION -AS -DLLTOOL -OBJDUMP -LIBTOOL -CC -CFLAGS -LDFLAGS -CPPFLAGS -ac_ct_CC -EXEEXT -OBJEXT -DEPDIR -am__include -am__quote -AMDEP_TRUE -AMDEP_FALSE -AMDEPBACKSLASH -CCDEPMODE -am__fastdepCC_TRUE -am__fastdepCC_FALSE -SED -GREP -EGREP -FGREP -LD -DUMPBIN -ac_ct_DUMPBIN -NM -LN_S -AR -RANLIB -DSYMUTIL -NMEDIT -LIPO -OTOOL -OTOOL64 -CPP -CXX -CXXFLAGS -ac_ct_CXX -CXXDEPMODE -am__fastdepCXX_TRUE -am__fastdepCXX_FALSE -CXXCPP -CFLAG_VISIBILITY -HAVE_VISIBILITY +ac_subst_vars='am__EXEEXT_FALSE +am__EXEEXT_TRUE +LTLIBOBJS LIBOBJS -CCAS -CCASFLAGS -CCASDEPMODE -am__fastdepCCAS_TRUE -am__fastdepCCAS_FALSE -LIBM -BUILD_FASTMATH_TRUE +INC_AMINCLUDE +AMINCLUDE +GENERIC_CONFIG +AM_LDFLAGS +AM_CFLAGS +AM_CPPFLAGS +HEX_VERSION +IS_VCS_CHECKOUT_FALSE +IS_VCS_CHECKOUT_TRUE +BUILD_MCAPI_FALSE +BUILD_MCAPI_TRUE +BUILD_LIBZ_FALSE +BUILD_LIBZ_TRUE +BUILD_EXAMPLES_FALSE +BUILD_EXAMPLES_TRUE +BUILD_SLOWMATH_FALSE +BUILD_SLOWMATH_TRUE BUILD_FASTMATH_FALSE -BUILD_SNIFFER_TRUE -BUILD_SNIFFER_FALSE -BUILD_AESGCM_TRUE -BUILD_AESGCM_FALSE -BUILD_AESNI_TRUE -BUILD_AESNI_FALSE -BUILD_MD2_TRUE -BUILD_MD2_FALSE -BUILD_RIPEMD_TRUE -BUILD_RIPEMD_FALSE -BUILD_SHA512_TRUE -BUILD_SHA512_FALSE -BUILD_HC128_TRUE +BUILD_FASTMATH_TRUE +USE_VALGRIND_FALSE +USE_VALGRIND_TRUE +HAVE_VALGRIND +BUILD_PKCS7_FALSE +BUILD_PKCS7_TRUE +BUILD_NTRU_FALSE +BUILD_NTRU_TRUE +BUILD_CRL_MONITOR_FALSE +BUILD_CRL_MONITOR_TRUE +BUILD_CRL_FALSE +BUILD_CRL_TRUE +HAVE_OPENSSL_CMD +BUILD_OCSP_FALSE +BUILD_OCSP_TRUE +BUILD_INLINE_FALSE +BUILD_INLINE_TRUE +BUILD_FIPS_FALSE +BUILD_FIPS_TRUE +BUILD_RABBIT_FALSE +BUILD_RABBIT_TRUE BUILD_HC128_FALSE -BUILD_NOINLINE_TRUE -BUILD_NOINLINE_FALSE -BUILD_ECC_TRUE +BUILD_HC128_TRUE +BUILD_PWDBASED_FALSE +BUILD_PWDBASED_TRUE +BUILD_MD4_FALSE +BUILD_MD4_TRUE +BUILD_SHA_FALSE +BUILD_SHA_TRUE +BUILD_MD5_FALSE +BUILD_MD5_TRUE +BUILD_RC4_FALSE +BUILD_RC4_TRUE +BUILD_DES3_FALSE +BUILD_DES3_TRUE +BUILD_CODING_FALSE +BUILD_CODING_TRUE +BUILD_AES_FALSE +BUILD_AES_TRUE +BUILD_ASN_FALSE +BUILD_ASN_TRUE +BUILD_DH_FALSE +BUILD_DH_TRUE +BUILD_RSA_FALSE +BUILD_RSA_TRUE +BUILD_MEMORY_FALSE +BUILD_MEMORY_TRUE BUILD_ECC_FALSE -BUILD_OCSP_TRUE -BUILD_OCSP_FALSE -BUILD_CRL_TRUE -BUILD_CRL_FALSE -BUILD_CRL_MONITOR_TRUE -BUILD_CRL_MONITOR_FALSE -BUILD_NTRU_TRUE -BUILD_NTRU_FALSE -ax_pthread_config -PTHREAD_CC -PTHREAD_LIBS +BUILD_ECC_TRUE +BUILD_DSA_FALSE +BUILD_DSA_TRUE +BUILD_SHA512_FALSE +BUILD_SHA512_TRUE +BUILD_BLAKE2_FALSE +BUILD_BLAKE2_TRUE +BUILD_RIPEMD_FALSE +BUILD_RIPEMD_TRUE +BUILD_MD2_FALSE +BUILD_MD2_TRUE +BUILD_CAMELLIA_FALSE +BUILD_CAMELLIA_TRUE +BUILD_AESNI_FALSE +BUILD_AESNI_TRUE +BUILD_AESCCM_FALSE +BUILD_AESCCM_TRUE +BUILD_AESGCM_FALSE +BUILD_AESGCM_TRUE +BUILD_SNIFFTEST_FALSE +BUILD_SNIFFTEST_TRUE +BUILD_SNIFFER_FALSE +BUILD_SNIFFER_TRUE +BUILD_LEANPSK_FALSE +BUILD_LEANPSK_TRUE PTHREAD_CFLAGS -HEX_VERSION -AM_CFLAGS -AM_LDFLAGS -LTLIBOBJS' +PTHREAD_LIBS +PTHREAD_CC +ax_pthread_config +DEBUG_FALSE +DEBUG_TRUE +MCHECK +LIBM +am__fastdepCCAS_FALSE +am__fastdepCCAS_TRUE +CCASDEPMODE +CCASFLAGS +CCAS +HAVE_VISIBILITY +CFLAG_VISIBILITY +CXXCPP +am__fastdepCXX_FALSE +am__fastdepCXX_TRUE +CXXDEPMODE +ac_ct_CXX +CXXFLAGS +CXX +CPP +OTOOL64 +OTOOL +LIPO +NMEDIT +DSYMUTIL +MANIFEST_TOOL +RANLIB +ac_ct_AR +AR +DLLTOOL +OBJDUMP +LN_S +NM +ac_ct_DUMPBIN +DUMPBIN +LD +FGREP +EGREP +GREP +SED +am__fastdepCC_FALSE +am__fastdepCC_TRUE +CCDEPMODE +am__nodep +AMDEPBACKSLASH +AMDEP_FALSE +AMDEP_TRUE +am__quote +am__include +DEPDIR +OBJEXT +EXEEXT +ac_ct_CC +CPPFLAGS +LDFLAGS +CFLAGS +CC +LIBTOOL +CYASSL_LIBRARY_VERSION +AM_BACKSLASH +AM_DEFAULT_VERBOSITY +AM_DEFAULT_V +AM_V +am__untar +am__tar +AMTAR +am__leading_dot +SET_MAKE +AWK +mkdir_p +MKDIR_P +INSTALL_STRIP_PROGRAM +STRIP +install_sh +MAKEINFO +AUTOHEADER +AUTOMAKE +AUTOCONF +ACLOCAL +VERSION +PACKAGE +CYGPATH_W +am__isrc +INSTALL_DATA +INSTALL_SCRIPT +INSTALL_PROGRAM +host_os +host_vendor +host_cpu +host +build_os +build_vendor +build_cpu +build +target_alias +host_alias +build_alias +LIBS +ECHO_T +ECHO_N +ECHO_C +DEFS +mandir +localedir +libdir +psdir +pdfdir +dvidir +htmldir +infodir +docdir +oldincludedir +includedir +localstatedir +sharedstatedir +sysconfdir +datadir +datarootdir +libexecdir +sbindir +bindir +program_transform_name +prefix +exec_prefix +PACKAGE_URL +PACKAGE_BUGREPORT +PACKAGE_STRING +PACKAGE_VERSION +PACKAGE_TARNAME +PACKAGE_NAME +PATH_SEPARATOR +SHELL' ac_subst_files='' +ac_user_opts=' +enable_option_checking +enable_silent_rules +enable_static +enable_shared +with_pic +enable_fast_install +enable_dependency_tracking +with_gnu_ld +with_sysroot +enable_libtool_lock +enable_debug +enable_singlethreaded +enable_dtls +enable_opensslextra +enable_ipv6 +enable_fortress +enable_bump +enable_leanpsk +enable_bigcache +enable_hugecache +enable_smallcache +enable_savesession +enable_savecert +enable_atomicuser +enable_pkcallbacks +enable_sniffer +enable_aesgcm +enable_aesccm +enable_aesni +enable_camellia +enable_md2 +enable_nullcipher +enable_ripemd +enable_blake2 +enable_sha512 +enable_sessioncerts +enable_keygen +enable_certgen +enable_certreq +enable_sep +enable_hkdf +enable_dsa +enable_ecc +enable_fpecc +enable_eccencrypt +enable_psk +enable_errorstrings +enable_oldtls +enable_stacksize +enable_memory +enable_rsa +enable_dh +enable_asn +enable_aes +enable_coding +enable_des3 +enable_arc4 +enable_md5 +enable_sha +enable_md4 +enable_webserver +enable_pwdbased +enable_hc128 +enable_rabbit +enable_fips +enable_hashdrbg +enable_filesystem +enable_inline +enable_ocsp +enable_crl +enable_crl_monitor +with_ntru +enable_sni +enable_maxfragment +enable_truncatedhmac +enable_renegotiation_indication +enable_supportedcurves +enable_tlsx +enable_pkcs7 +enable_scep +enable_smallstack +enable_valgrind +enable_testcert +enable_iopool +enable_certservice +enable_fastmath +enable_fasthugemath +enable_examples +with_libz +with_cavium +enable_mcapi +enable_jobserver +' ac_precious_vars='build_alias host_alias target_alias @@ -818,6 +976,8 @@ CCASFLAGS' # Initialize some variables set by options. ac_init_help= ac_init_version=false +ac_unrecognized_opts= +ac_unrecognized_sep= # The variables have the same names as the options, with # dashes changed to underlines. cache_file=/dev/null @@ -873,8 +1033,9 @@ do fi case $ac_option in - *=*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; - *) ac_optarg=yes ;; + *=?*) ac_optarg=`expr "X$ac_option" : '[^=]*=\(.*\)'` ;; + *=) ac_optarg= ;; + *) ac_optarg=yes ;; esac # Accept the important Cygnus configure options, so we can diagnose typos. @@ -916,13 +1077,20 @@ do datarootdir=$ac_optarg ;; -disable-* | --disable-*) - ac_feature=`expr "x$ac_option" : 'x-*disable-\(.*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*disable-\(.*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid feature name: $ac_feature" >&2 - { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` - eval enable_$ac_feature=no ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--disable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=no ;; -docdir | --docdir | --docdi | --doc | --do) ac_prev=docdir ;; @@ -935,13 +1103,20 @@ do dvidir=$ac_optarg ;; -enable-* | --enable-*) - ac_feature=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*enable-\([^=]*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_feature" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid feature name: $ac_feature" >&2 - { (exit 1); exit 1; }; } - ac_feature=`echo $ac_feature | sed 's/[-.]/_/g'` - eval enable_$ac_feature=\$ac_optarg ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid feature name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"enable_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--enable-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval enable_$ac_useropt=\$ac_optarg ;; -exec-prefix | --exec_prefix | --exec-prefix | --exec-prefi \ | --exec-pref | --exec-pre | --exec-pr | --exec-p | --exec- \ @@ -1132,22 +1307,36 @@ do ac_init_version=: ;; -with-* | --with-*) - ac_package=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*with-\([^=]*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid package name: $ac_package" >&2 - { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/[-.]/_/g'` - eval with_$ac_package=\$ac_optarg ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--with-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=\$ac_optarg ;; -without-* | --without-*) - ac_package=`expr "x$ac_option" : 'x-*without-\(.*\)'` + ac_useropt=`expr "x$ac_option" : 'x-*without-\(.*\)'` # Reject names that are not valid shell variable names. - expr "x$ac_package" : ".*[^-._$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid package name: $ac_package" >&2 - { (exit 1); exit 1; }; } - ac_package=`echo $ac_package | sed 's/[-.]/_/g'` - eval with_$ac_package=no ;; + expr "x$ac_useropt" : ".*[^-+._$as_cr_alnum]" >/dev/null && + as_fn_error $? "invalid package name: $ac_useropt" + ac_useropt_orig=$ac_useropt + ac_useropt=`$as_echo "$ac_useropt" | sed 's/[-+.]/_/g'` + case $ac_user_opts in + *" +"with_$ac_useropt" +"*) ;; + *) ac_unrecognized_opts="$ac_unrecognized_opts$ac_unrecognized_sep--without-$ac_useropt_orig" + ac_unrecognized_sep=', ';; + esac + eval with_$ac_useropt=no ;; --x) # Obsolete; use --with-x. @@ -1167,26 +1356,26 @@ do | --x-librar=* | --x-libra=* | --x-libr=* | --x-lib=* | --x-li=* | --x-l=*) x_libraries=$ac_optarg ;; - -*) { echo "$as_me: error: unrecognized option: $ac_option -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; } + -*) as_fn_error $? "unrecognized option: \`$ac_option' +Try \`$0 --help' for more information" ;; *=*) ac_envvar=`expr "x$ac_option" : 'x\([^=]*\)='` # Reject names that are not valid shell variable names. - expr "x$ac_envvar" : ".*[^_$as_cr_alnum]" >/dev/null && - { echo "$as_me: error: invalid variable name: $ac_envvar" >&2 - { (exit 1); exit 1; }; } + case $ac_envvar in #( + '' | [0-9]* | *[!_$as_cr_alnum]* ) + as_fn_error $? "invalid variable name: \`$ac_envvar'" ;; + esac eval $ac_envvar=\$ac_optarg export $ac_envvar ;; *) # FIXME: should be removed in autoconf 3.0. - echo "$as_me: WARNING: you should use --build, --host, --target" >&2 + $as_echo "$as_me: WARNING: you should use --build, --host, --target" >&2 expr "x$ac_option" : ".*[^-._$as_cr_alnum]" >/dev/null && - echo "$as_me: WARNING: invalid host type: $ac_option" >&2 - : ${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option} + $as_echo "$as_me: WARNING: invalid host type: $ac_option" >&2 + : "${build_alias=$ac_option} ${host_alias=$ac_option} ${target_alias=$ac_option}" ;; esac @@ -1194,23 +1383,36 @@ done if test -n "$ac_prev"; then ac_option=--`echo $ac_prev | sed 's/_/-/g'` - { echo "$as_me: error: missing argument to $ac_option" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "missing argument to $ac_option" +fi + +if test -n "$ac_unrecognized_opts"; then + case $enable_option_checking in + no) ;; + fatal) as_fn_error $? "unrecognized options: $ac_unrecognized_opts" ;; + *) $as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2 ;; + esac fi -# Be sure to have absolute directory names. +# Check all directory arguments for consistency. for ac_var in exec_prefix prefix bindir sbindir libexecdir datarootdir \ datadir sysconfdir sharedstatedir localstatedir includedir \ oldincludedir docdir infodir htmldir dvidir pdfdir psdir \ libdir localedir mandir do eval ac_val=\$$ac_var + # Remove trailing slashes. + case $ac_val in + */ ) + ac_val=`expr "X$ac_val" : 'X\(.*[^/]\)' \| "X$ac_val" : 'X\(.*\)'` + eval $ac_var=\$ac_val;; + esac + # Be sure to have absolute directory names. case $ac_val in [\\/$]* | ?:[\\/]* ) continue;; NONE | '' ) case $ac_var in *prefix ) continue;; esac;; esac - { echo "$as_me: error: expected an absolute directory name for --$ac_var: $ac_val" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "expected an absolute directory name for --$ac_var: $ac_val" done # There might be people who depend on the old broken behavior: `$host' @@ -1224,8 +1426,6 @@ target=$target_alias if test "x$host_alias" != x; then if test "x$build_alias" = x; then cross_compiling=maybe - echo "$as_me: WARNING: If you wanted to set the --build type, don't use --host. - If a cross compiler is detected then cross compile mode will be used." >&2 elif test "x$build_alias" != "x$host_alias"; then cross_compiling=yes fi @@ -1240,23 +1440,21 @@ test "$silent" = yes && exec 6>/dev/null ac_pwd=`pwd` && test -n "$ac_pwd" && ac_ls_di=`ls -di .` && ac_pwd_ls_di=`cd "$ac_pwd" && ls -di .` || - { echo "$as_me: error: Working directory cannot be determined" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "working directory cannot be determined" test "X$ac_ls_di" = "X$ac_pwd_ls_di" || - { echo "$as_me: error: pwd does not report name of working directory" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "pwd does not report name of working directory" # Find the source files, if location was not specified. if test -z "$srcdir"; then ac_srcdir_defaulted=yes # Try the directory containing this script, then the parent directory. - ac_confdir=`$as_dirname -- "$0" || -$as_expr X"$0" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$0" : 'X\(//\)[^/]' \| \ - X"$0" : 'X\(//\)$' \| \ - X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X"$0" | + ac_confdir=`$as_dirname -- "$as_myself" || +$as_expr X"$as_myself" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_myself" : 'X\(//\)[^/]' \| \ + X"$as_myself" : 'X\(//\)$' \| \ + X"$as_myself" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_myself" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -1283,13 +1481,11 @@ else fi if test ! -r "$srcdir/$ac_unique_file"; then test "$ac_srcdir_defaulted" = yes && srcdir="$ac_confdir or .." - { echo "$as_me: error: cannot find sources ($ac_unique_file) in $srcdir" >&2 - { (exit 1); exit 1; }; } + as_fn_error $? "cannot find sources ($ac_unique_file) in $srcdir" fi ac_msg="sources are in $srcdir, but \`cd $srcdir' does not work" ac_abs_confdir=`( - cd "$srcdir" && test -r "./$ac_unique_file" || { echo "$as_me: error: $ac_msg" >&2 - { (exit 1); exit 1; }; } + cd "$srcdir" && test -r "./$ac_unique_file" || as_fn_error $? "$ac_msg" pwd)` # When building in place, set srcdir=. if test "$ac_abs_confdir" = "$ac_pwd"; then @@ -1315,7 +1511,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures cyassl 2.3.0 to adapt to many kinds of systems. +\`configure' configures cyassl 3.1.0 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1329,7 +1525,7 @@ Configuration: --help=short display options specific to this package --help=recursive display the short help of all the included packages -V, --version display version information and exit - -q, --quiet, --silent do not print \`checking...' messages + -q, --quiet, --silent do not print \`checking ...' messages --cache-file=FILE cache test results in FILE [disabled] -C, --config-cache alias for \`--cache-file=config.cache' -n, --no-create do not create output files @@ -1337,9 +1533,9 @@ Configuration: Installation directories: --prefix=PREFIX install architecture-independent files in PREFIX - [$ac_default_prefix] + [$ac_default_prefix] --exec-prefix=EPREFIX install architecture-dependent files in EPREFIX - [PREFIX] + [PREFIX] By default, \`make install' will install all the files in \`$ac_default_prefix/bin', \`$ac_default_prefix/lib' etc. You can specify @@ -1349,25 +1545,25 @@ for instance \`--prefix=\$HOME'. For better control, use the options below. Fine tuning of the installation directories: - --bindir=DIR user executables [EPREFIX/bin] - --sbindir=DIR system admin executables [EPREFIX/sbin] - --libexecdir=DIR program executables [EPREFIX/libexec] - --sysconfdir=DIR read-only single-machine data [PREFIX/etc] - --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] - --localstatedir=DIR modifiable single-machine data [PREFIX/var] - --libdir=DIR object code libraries [EPREFIX/lib] - --includedir=DIR C header files [PREFIX/include] - --oldincludedir=DIR C header files for non-gcc [/usr/include] - --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] - --datadir=DIR read-only architecture-independent data [DATAROOTDIR] - --infodir=DIR info documentation [DATAROOTDIR/info] - --localedir=DIR locale-dependent data [DATAROOTDIR/locale] - --mandir=DIR man documentation [DATAROOTDIR/man] - --docdir=DIR documentation root [DATAROOTDIR/doc/cyassl] - --htmldir=DIR html documentation [DOCDIR] - --dvidir=DIR dvi documentation [DOCDIR] - --pdfdir=DIR pdf documentation [DOCDIR] - --psdir=DIR ps documentation [DOCDIR] + --bindir=DIR user executables [EPREFIX/bin] + --sbindir=DIR system admin executables [EPREFIX/sbin] + --libexecdir=DIR program executables [EPREFIX/libexec] + --sysconfdir=DIR read-only single-machine data [PREFIX/etc] + --sharedstatedir=DIR modifiable architecture-independent data [PREFIX/com] + --localstatedir=DIR modifiable single-machine data [PREFIX/var] + --libdir=DIR object code libraries [EPREFIX/lib] + --includedir=DIR C header files [PREFIX/include] + --oldincludedir=DIR C header files for non-gcc [/usr/include] + --datarootdir=DIR read-only arch.-independent data root [PREFIX/share] + --datadir=DIR read-only architecture-independent data [DATAROOTDIR] + --infodir=DIR info documentation [DATAROOTDIR/info] + --localedir=DIR locale-dependent data [DATAROOTDIR/locale] + --mandir=DIR man documentation [DATAROOTDIR/man] + --docdir=DIR documentation root [DATAROOTDIR/doc/cyassl] + --htmldir=DIR html documentation [DOCDIR] + --dvidir=DIR dvi documentation [DOCDIR] + --pdfdir=DIR pdf documentation [DOCDIR] + --psdir=DIR ps documentation [DOCDIR] _ACEOF cat <<\_ACEOF @@ -1380,72 +1576,125 @@ Program names: System types: --build=BUILD configure for building on BUILD [guessed] --host=HOST cross-compile to build programs to run on HOST [BUILD] - --target=TARGET configure for building compilers for TARGET [HOST] _ACEOF fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of cyassl 2.3.0:";; + short | recursive ) echo "Configuration of cyassl 3.1.0:";; esac cat <<\_ACEOF Optional Features: + --disable-option-checking ignore unrecognized --enable/--with options --disable-FEATURE do not include FEATURE (same as --enable-FEATURE=no) --enable-FEATURE[=ARG] include FEATURE [ARG=yes] + --enable-silent-rules less verbose build output (undo: "make V=1") + --disable-silent-rules verbose build output (undo: "make V=0") + --enable-static[=PKGS] build static libraries [default=no] --enable-shared[=PKGS] build shared libraries [default=yes] - --enable-static[=PKGS] build static libraries [default=yes] --enable-fast-install[=PKGS] optimize for fast installation [default=yes] - --disable-dependency-tracking speeds up one-time build - --enable-dependency-tracking do not reject slow dependency extractors + --enable-dependency-tracking + do not reject slow dependency extractors + --disable-dependency-tracking + speeds up one-time build --disable-libtool-lock avoid locking (might break parallel builds) - --enable-debug Enable CyaSSL debugging support (default: disabled) - --enable-small Enable smallest build (default: disabled) - --enable-singleThreaded Enable CyaSSL single threaded (default: disabled) + --enable-debug Add debug code/turns off optimizations (yes|no) + [default=no] + --enable-singlethreaded Enable CyaSSL single threaded (default: disabled) --enable-dtls Enable CyaSSL DTLS (default: disabled) - --enable-opensslExtra Enable extra OpenSSL API, size+ (default: disabled) + --enable-opensslextra Enable extra OpenSSL API, size+ (default: disabled) --enable-ipv6 Enable testing of IPV6 (default: disabled) --enable-fortress Enable SSL fortress build (default: disabled) --enable-bump Enable SSL Bump build (default: disabled) - --enable-fastmath Enable fast math for BigInts (default: disabled) - --enable-fasthugemath Enable fast math + huge code (default: disabled) + --enable-leanpsk Enable Lean PSK build (default: disabled) --enable-bigcache Enable big session cache (default: disabled) --enable-hugecache Enable huge session cache (default: disabled) --enable-smallcache Enable small session cache (default: disabled) + --enable-savesession Enable persistent session cache (default: disabled) + --enable-savecert Enable persistent cert cache (default: disabled) + --enable-atomicuser Enable Atomic User Record Layer (default: disabled) + --enable-pkcallbacks Enable Public Key Callbacks (default: disabled) --enable-sniffer Enable CyaSSL sniffer support (default: disabled) --enable-aesgcm Enable CyaSSL AES-GCM support (default: disabled) + --enable-aesccm Enable CyaSSL AES-CCM support (default: disabled) --enable-aesni Enable CyaSSL AES-NI support (default: disabled) + --enable-camellia Enable CyaSSL Camellia support (default: disabled) --enable-md2 Enable CyaSSL MD2 support (default: disabled) + --enable-nullcipher Enable CyaSSL NULL cipher support (default: disabled) --enable-ripemd Enable CyaSSL RIPEMD-160 support (default: disabled) + --enable-blake2 Enable CyaSSL BLAKE2 support (default: disabled) --enable-sha512 Enable CyaSSL SHA-512 support (default: disabled) --enable-sessioncerts Enable session cert storing (default: disabled) --enable-keygen Enable key generation (default: disabled) --enable-certgen Enable cert generation (default: disabled) - --enable-hc128 Enable HC-128 (default: disabled) - --enable-psk Enable PSK (default: disabled) - --enable-webServer Enable Web Server (default: disabled) - --enable-noFilesystem Enable No Filesystem (default: disabled) - --enable-noInline Enable No inline (default: disabled) + --enable-certreq Enable cert request generation (default: disabled) + --enable-sep Enable sep extensions (default: disabled) + --enable-hkdf Enable HKDF (HMAC-KDF) support (default: disabled) + --enable-dsa Enable DSA (default: disabled) --enable-ecc Enable ECC (default: disabled) + --enable-fpecc Enable Fixed Point cache ECC (default: disabled) + --enable-eccencrypt Enable ECC encrypt (default: disabled) + --enable-psk Enable PSK (default: disabled) + --enable-errorstrings Enable error strings table (default: enabled) + --enable-oldtls Enable old TLS versions < 1.2 (default: enabled) + --enable-stacksize Enable stack size info on examples (default: disabled) + --enable-memory Enable memory callbacks (default: enabled) + --enable-rsa Enable RSA (default: enabled) + --enable-dh Enable DH (default: disabled) + --enable-asn Enable ASN (default: enabled) + --enable-aes Enable AES (default: enabled) + --enable-coding Enable Coding base 16/64 (default: enabled) + --enable-des3 Enable DES3 (default: enabled) + --enable-arc4 Enable ARC4 (default: enabled) + --enable-md5 Enable MD5 (default: enabled) + --enable-sha Enable SHA (default: enabled) + --enable-md4 Enable MD4 (default: disabled) + --enable-webserver Enable Web Server (default: disabled) + --enable-pwdbased Enable PWDBASED (default: disabled) + --enable-hc128 Enable HC-128 (default: disabled) + --enable-rabbit Enable RABBIT (default: disabled) + --enable-fips Enable FIPS 140-2 (default: disabled) + --enable-hashdrbg Enable Hash DRBG support (default: disabled) + --enable-filesystem Enable Filesystem support (default: enabled) + --enable-inline Enable inline functions (default: enabled) --enable-ocsp Enable OCSP (default: disabled) --enable-crl Enable CRL (default: disabled) --enable-crl-monitor Enable CRL Monitor (default: disabled) - --enable-ntru Enable NTRU (default: disabled) + --enable-sni Enable SNI (default: disabled) + --enable-maxfragment Enable Maximum Fragment Length (default: disabled) + --enable-truncatedhmac Enable Truncated HMAC (default: disabled) + --enable-renegotiation-indication Enable Renegotiation Indication (default: disabled) + --enable-supportedcurves Enable Supported Elliptic Curves (default: disabled) + --enable-tlsx Enable all TLS Extensions (default: disabled) + --enable-pkcs7 Enable PKCS7 (default: disabled) + --enable-scep Enable wolfSCEP (default: disabled) + --enable-smallstack Enable Small Stack Usage (default: disabled) + --enable-valgrind Enable valgrind for unit tests (default: disabled) --enable-testcert Enable Test Cert (default: disabled) - --enable-gcc-lots-o-warnings - Enable lots of gcc warnings (default: disabled) - --enable-gcc-hardening Enable compiler security checks (default: disabled) - --enable-linker-hardening - Enable linker security fixups (default: disabled) + --enable-iopool Enable I/O Pool example (default: disabled) + --enable-certservice Enable cert service (default: disabled) + --enable-fastmath Enable fast math ops (default: enabled on x86_64) + --enable-fasthugemath Enable fast math + huge code (default: disabled) + --enable-examples Enable Examples (default: enabled) + --enable-mcapi Enable Microchip API (default: disabled) + --enable-jobserver[=no/yes/#] default=yes + Enable up to # make jobs + yes: enable one more than CPU count + Optional Packages: --with-PACKAGE[=ARG] use PACKAGE [ARG=yes] --without-PACKAGE do not use PACKAGE (same as --with-PACKAGE=no) - --with-pic try to use only PIC/non-PIC objects [default=use + --with-pic[=PKGS] try to use only PIC/non-PIC objects [default=use both] --with-gnu-ld assume the C compiler uses GNU ld [default=no] + --with-sysroot=DIR Search for dependent libraries within DIR + (or the compiler's sysroot if not specified). + --with-ntru=PATH Path to NTRU install (default /usr/) --with-libz=PATH PATH to libz install (default /usr/) + --with-cavium=PATH PATH to cavium/software dir Some influential environment variables: CC C compiler command @@ -1453,7 +1702,7 @@ Some influential environment variables: LDFLAGS linker flags, e.g. -L if you have libraries in a nonstandard directory LIBS libraries to pass to the linker, e.g. -l - CPPFLAGS C/C++/Objective C preprocessor flags, e.g. -I if + CPPFLAGS (Objective) C/C++ preprocessor flags, e.g. -I if you have headers in a nonstandard directory CPP C preprocessor CXX C++ compiler command @@ -1465,7 +1714,8 @@ Some influential environment variables: Use these variables to override the choices made by `configure' or to help it to find libraries and programs with nonstandard names/locations. -Report bugs to . +Report bugs to . +cyassl home page: . _ACEOF ac_status=$? fi @@ -1473,15 +1723,17 @@ fi if test "$ac_init_help" = "recursive"; then # If there are subdirs, report their specific --help. for ac_dir in : $ac_subdirs_all; do test "x$ac_dir" = x: && continue - test -d "$ac_dir" || continue + test -d "$ac_dir" || + { cd "$srcdir" && ac_pwd=`pwd` && srcdir=. && test -d "$ac_dir"; } || + continue ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'` + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; @@ -1517,7 +1769,7 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix echo && $SHELL "$ac_srcdir/configure" --help=recursive else - echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 + $as_echo "$as_me: WARNING: no configuration information is in $ac_dir" >&2 fi || ac_status=$? cd "$ac_pwd" || { ac_status=$?; break; } done @@ -1526,1138 +1778,1189 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -cyassl configure 2.3.0 -generated by GNU Autoconf 2.61 +cyassl configure 3.1.0 +generated by GNU Autoconf 2.69 -Copyright (C) 1992, 1993, 1994, 1995, 1996, 1998, 1999, 2000, 2001, -2002, 2003, 2004, 2005, 2006 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This configure script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it. _ACEOF exit fi -cat >config.log <<_ACEOF -This file contains any messages produced by compilers while -running configure, to aid debugging if configure makes a mistake. -It was created by cyassl $as_me 2.3.0, which was -generated by GNU Autoconf 2.61. Invocation command line was - - $ $0 $@ +## ------------------------ ## +## Autoconf initialization. ## +## ------------------------ ## -_ACEOF -exec 5>>config.log +# ac_fn_c_try_compile LINENO +# -------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_compile () { -cat <<_ASUNAME -## --------- ## -## Platform. ## -## --------- ## + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 -hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` -uname -m = `(uname -m) 2>/dev/null || echo unknown` -uname -r = `(uname -r) 2>/dev/null || echo unknown` -uname -s = `(uname -s) 2>/dev/null || echo unknown` -uname -v = `(uname -v) 2>/dev/null || echo unknown` - -/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` -/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` - -/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` -/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` -/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` -/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` -/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` -/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` -/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` - -_ASUNAME - -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - echo "PATH: $as_dir" -done -IFS=$as_save_IFS + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval -} >&5 +} # ac_fn_c_try_compile -cat >&5 <<_ACEOF +# ac_fn_c_try_link LINENO +# ----------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_link () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest$ac_exeext + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_c_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + test -x conftest$ac_exeext + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_retval=1 +fi + # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information + # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would + # interfere with the next link command; also delete a directory that is + # left behind by Apple's compiler. We do this before executing the actions. + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval -## ----------- ## -## Core tests. ## -## ----------- ## +} # ac_fn_c_try_link +# ac_fn_c_check_header_compile LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists and can be compiled using the include files in +# INCLUDES, setting the cache variable VAR accordingly. +ac_fn_c_check_header_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> _ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno +} # ac_fn_c_check_header_compile -# Keep a trace of the command line. -# Strip out --no-create and --no-recursion so they do not pile up. -# Strip out --silent because we don't want to record it for future runs. -# Also quote any args containing shell meta-characters. -# Make two passes to allow for proper duplicate-argument suppression. -ac_configure_args= -ac_configure_args0= -ac_configure_args1= -ac_must_keep_next=false -for ac_pass in 1 2 -do - for ac_arg - do - case $ac_arg in - -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; - -q | -quiet | --quiet | --quie | --qui | --qu | --q \ - | -silent | --silent | --silen | --sile | --sil) - continue ;; - *\'*) - ac_arg=`echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; - esac - case $ac_pass in - 1) ac_configure_args0="$ac_configure_args0 '$ac_arg'" ;; - 2) - ac_configure_args1="$ac_configure_args1 '$ac_arg'" - if test $ac_must_keep_next = true; then - ac_must_keep_next=false # Got value, back to normal. - else - case $ac_arg in - *=* | --config-cache | -C | -disable-* | --disable-* \ - | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ - | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ - | -with-* | --with-* | -without-* | --without-* | --x) - case "$ac_configure_args0 " in - "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; - esac - ;; - -* ) ac_must_keep_next=true ;; - esac - fi - ac_configure_args="$ac_configure_args '$ac_arg'" - ;; - esac - done -done -$as_unset ac_configure_args0 || test "${ac_configure_args0+set}" != set || { ac_configure_args0=; export ac_configure_args0; } -$as_unset ac_configure_args1 || test "${ac_configure_args1+set}" != set || { ac_configure_args1=; export ac_configure_args1; } - -# When interrupted or exit'd, cleanup temporary files, and complete -# config.log. We remove comments because anyway the quotes in there -# would cause problems or look ugly. -# WARNING: Use '\'' to represent an apostrophe within the trap. -# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. -trap 'exit_status=$? - # Save into config.log some information that might help in debugging. - { - echo +# ac_fn_c_try_cpp LINENO +# ---------------------- +# Try to preprocess conftest.$ac_ext, and return whether this succeeded. +ac_fn_c_try_cpp () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } > conftest.i && { + test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || + test ! -s conftest.err + }; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 - cat <<\_ASBOX -## ---------------- ## -## Cache variables. ## -## ---------------- ## -_ASBOX - echo - # The following way of writing the cache mishandles newlines in values, -( - for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do - eval ac_val=\$$ac_var - case $ac_val in #( - *${as_nl}*) - case $ac_var in #( - *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5 -echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; - esac - case $ac_var in #( - _ | IFS | as_nl) ;; #( - *) $as_unset $ac_var ;; - esac ;; - esac - done - (set) 2>&1 | - case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( - *${as_nl}ac_space=\ *) - sed -n \ - "s/'\''/'\''\\\\'\'''\''/g; - s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" - ;; #( - *) - sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" - ;; - esac | - sort -) - echo + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval - cat <<\_ASBOX -## ----------------- ## -## Output variables. ## -## ----------------- ## -_ASBOX - echo - for ac_var in $ac_subst_vars - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - echo "$ac_var='\''$ac_val'\''" - done | sort - echo +} # ac_fn_c_try_cpp - if test -n "$ac_subst_files"; then - cat <<\_ASBOX -## ------------------- ## -## File substitutions. ## -## ------------------- ## -_ASBOX - echo - for ac_var in $ac_subst_files - do - eval ac_val=\$$ac_var - case $ac_val in - *\'\''*) ac_val=`echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; - esac - echo "$ac_var='\''$ac_val'\''" - done | sort - echo - fi +# ac_fn_c_try_run LINENO +# ---------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. Assumes +# that executables *can* be run. +ac_fn_c_try_run () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { ac_try='./conftest$ac_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then : + ac_retval=0 +else + $as_echo "$as_me: program exited with status $ac_status" >&5 + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 - if test -s confdefs.h; then - cat <<\_ASBOX -## ----------- ## -## confdefs.h. ## -## ----------- ## -_ASBOX - echo - cat confdefs.h - echo - fi - test "$ac_signal" != 0 && - echo "$as_me: caught signal $ac_signal" - echo "$as_me: exit $exit_status" - } >&5 - rm -f core *.core core.conftest.* && - rm -f -r conftest* confdefs* conf$$* $ac_clean_files && - exit $exit_status -' 0 -for ac_signal in 1 2 13 15; do - trap 'ac_signal='$ac_signal'; { (exit 1); exit 1; }' $ac_signal -done -ac_signal=0 + ac_retval=$ac_status +fi + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval -# confdefs.h avoids OS command line length limits that DEFS can exceed. -rm -f -r conftest* confdefs.h +} # ac_fn_c_try_run -# Predefined preprocessor variables. +# ac_fn_c_check_func LINENO FUNC VAR +# ---------------------------------- +# Tests whether FUNC exists, setting the cache variable VAR accordingly +ac_fn_c_check_func () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Define $2 to an innocuous variant, in case declares $2. + For example, HP-UX 11i declares gettimeofday. */ +#define $2 innocuous_$2 -cat >>confdefs.h <<_ACEOF -#define PACKAGE_NAME "$PACKAGE_NAME" -_ACEOF +/* System header to define __stub macros and hopefully few prototypes, + which can conflict with char $2 (); below. + Prefer to if __STDC__ is defined, since + exists even on freestanding compilers. */ +#ifdef __STDC__ +# include +#else +# include +#endif -cat >>confdefs.h <<_ACEOF -#define PACKAGE_TARNAME "$PACKAGE_TARNAME" -_ACEOF +#undef $2 +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char $2 (); +/* The GNU C library defines this for functions which it implements + to always fail with ENOSYS. Some functions are actually named + something starting with __ and the normal name is an alias. */ +#if defined __stub_$2 || defined __stub___$2 +choke me +#endif -cat >>confdefs.h <<_ACEOF -#define PACKAGE_VERSION "$PACKAGE_VERSION" +int +main () +{ +return $2 (); + ; + return 0; +} _ACEOF +if ac_fn_c_try_link "$LINENO"; then : + eval "$3=yes" +else + eval "$3=no" +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno +} # ac_fn_c_check_func -cat >>confdefs.h <<_ACEOF -#define PACKAGE_STRING "$PACKAGE_STRING" -_ACEOF +# ac_fn_cxx_try_compile LINENO +# ---------------------------- +# Try to compile conftest.$ac_ext, and return whether this succeeded. +ac_fn_cxx_try_compile () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext + if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_cxx_werror_flag" || + test ! -s conftest.err + } && test -s conftest.$ac_objext; then : + ac_retval=0 +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + ac_retval=1 +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval -cat >>confdefs.h <<_ACEOF -#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" -_ACEOF - +} # ac_fn_cxx_try_compile -# Let the site file select an alternate cache file if it wants to. -# Prefer explicitly selected file to automatically selected ones. -if test -n "$CONFIG_SITE"; then - set x "$CONFIG_SITE" -elif test "x$prefix" != xNONE; then - set x "$prefix/share/config.site" "$prefix/etc/config.site" +# ac_fn_cxx_try_cpp LINENO +# ------------------------ +# Try to preprocess conftest.$ac_ext, and return whether this succeeded. +ac_fn_cxx_try_cpp () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if { { ac_try="$ac_cpp conftest.$ac_ext" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_cpp conftest.$ac_ext") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err + fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } > conftest.i && { + test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || + test ! -s conftest.err + }; then : + ac_retval=0 else - set x "$ac_default_prefix/share/config.site" \ - "$ac_default_prefix/etc/config.site" + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 + + ac_retval=1 fi -shift -for ac_site_file -do - if test -r "$ac_site_file"; then - { echo "$as_me:$LINENO: loading site script $ac_site_file" >&5 -echo "$as_me: loading site script $ac_site_file" >&6;} - sed 's/^/| /' "$ac_site_file" >&5 - . "$ac_site_file" - fi -done + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval -if test -r "$cache_file"; then - # Some versions of bash will fail to source /dev/null (special - # files actually), so we avoid doing that. - if test -f "$cache_file"; then - { echo "$as_me:$LINENO: loading cache $cache_file" >&5 -echo "$as_me: loading cache $cache_file" >&6;} - case $cache_file in - [\\/]* | ?:[\\/]* ) . "$cache_file";; - *) . "./$cache_file";; - esac +} # ac_fn_cxx_try_cpp + +# ac_fn_cxx_try_link LINENO +# ------------------------- +# Try to link conftest.$ac_ext, and return whether this succeeded. +ac_fn_cxx_try_link () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + rm -f conftest.$ac_objext conftest$ac_exeext + if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + grep -v '^ *+' conftest.err >conftest.er1 + cat conftest.er1 >&5 + mv -f conftest.er1 conftest.err fi + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && { + test -z "$ac_cxx_werror_flag" || + test ! -s conftest.err + } && test -s conftest$ac_exeext && { + test "$cross_compiling" = yes || + test -x conftest$ac_exeext + }; then : + ac_retval=0 else - { echo "$as_me:$LINENO: creating cache $cache_file" >&5 -echo "$as_me: creating cache $cache_file" >&6;} - >$cache_file -fi + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 -ac_header_list="$ac_header_list sys/time.h" -ac_header_list="$ac_header_list unistd.h" -ac_func_list="$ac_func_list alarm" -# Check that the precious variables saved in the cache have kept the same -# value. -ac_cache_corrupted=false -for ac_var in $ac_precious_vars; do - eval ac_old_set=\$ac_cv_env_${ac_var}_set - eval ac_new_set=\$ac_env_${ac_var}_set - eval ac_old_val=\$ac_cv_env_${ac_var}_value - eval ac_new_val=\$ac_env_${ac_var}_value - case $ac_old_set,$ac_new_set in - set,) - { echo "$as_me:$LINENO: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 -echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,set) - { echo "$as_me:$LINENO: error: \`$ac_var' was not set in the previous run" >&5 -echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} - ac_cache_corrupted=: ;; - ,);; - *) - if test "x$ac_old_val" != "x$ac_new_val"; then - { echo "$as_me:$LINENO: error: \`$ac_var' has changed since the previous run:" >&5 -echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} - { echo "$as_me:$LINENO: former value: $ac_old_val" >&5 -echo "$as_me: former value: $ac_old_val" >&2;} - { echo "$as_me:$LINENO: current value: $ac_new_val" >&5 -echo "$as_me: current value: $ac_new_val" >&2;} - ac_cache_corrupted=: - fi;; - esac - # Pass precious variables to config.status. - if test "$ac_new_set" = set; then - case $ac_new_val in - *\'*) ac_arg=$ac_var=`echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; - *) ac_arg=$ac_var=$ac_new_val ;; - esac - case " $ac_configure_args " in - *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. - *) ac_configure_args="$ac_configure_args '$ac_arg'" ;; - esac - fi -done -if $ac_cache_corrupted; then - { echo "$as_me:$LINENO: error: changes in the environment can compromise the build" >&5 -echo "$as_me: error: changes in the environment can compromise the build" >&2;} - { { echo "$as_me:$LINENO: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&5 -echo "$as_me: error: run \`make distclean' and/or \`rm $cache_file' and start over" >&2;} - { (exit 1); exit 1; }; } + ac_retval=1 fi + # Delete the IPA/IPO (Inter Procedural Analysis/Optimization) information + # created by the PGI compiler (conftest_ipa8_conftest.oo), as it would + # interfere with the next link command; also delete a directory that is + # left behind by Apple's compiler. We do this before executing the actions. + rm -rf conftest.dSYM conftest_ipa8_conftest.oo + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno + as_fn_set_status $ac_retval +} # ac_fn_cxx_try_link +# ac_fn_c_check_header_mongrel LINENO HEADER VAR INCLUDES +# ------------------------------------------------------- +# Tests whether HEADER exists, giving a warning if it cannot be compiled using +# the include files in INCLUDES and setting the cache variable VAR +# accordingly. +ac_fn_c_check_header_mongrel () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if eval \${$3+:} false; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +else + # Is the header compilable? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 usability" >&5 +$as_echo_n "checking $2 usability... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +#include <$2> +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_header_compiler=yes +else + ac_header_compiler=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_compiler" >&5 +$as_echo "$ac_header_compiler" >&6; } +# Is the header present? +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking $2 presence" >&5 +$as_echo_n "checking $2 presence... " >&6; } +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include <$2> +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + ac_header_preproc=yes +else + ac_header_preproc=no +fi +rm -f conftest.err conftest.i conftest.$ac_ext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_header_preproc" >&5 +$as_echo "$ac_header_preproc" >&6; } +# So? What about this header? +case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in #(( + yes:no: ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&5 +$as_echo "$as_me: WARNING: $2: accepted by the compiler, rejected by the preprocessor!" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} + ;; + no:yes:* ) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: present but cannot be compiled" >&5 +$as_echo "$as_me: WARNING: $2: present but cannot be compiled" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: check for missing prerequisite headers?" >&5 +$as_echo "$as_me: WARNING: $2: check for missing prerequisite headers?" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: see the Autoconf documentation" >&5 +$as_echo "$as_me: WARNING: $2: see the Autoconf documentation" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&5 +$as_echo "$as_me: WARNING: $2: section \"Present But Cannot Be Compiled\"" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $2: proceeding with the compiler's result" >&5 +$as_echo "$as_me: WARNING: $2: proceeding with the compiler's result" >&2;} +( $as_echo "## ------------------------------------------------------ ## +## Report this to https://github.com/cyassl/cyassl/issues ## +## ------------------------------------------------------ ##" + ) | sed "s/^/$as_me: WARNING: /" >&2 + ;; +esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for $2" >&5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=\$ac_header_compiler" +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +fi + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno +} # ac_fn_c_check_header_mongrel +# ac_fn_c_compute_int LINENO EXPR VAR INCLUDES +# -------------------------------------------- +# Tries to find the compile-time value of EXPR in a program that includes +# INCLUDES, setting VAR accordingly. Returns whether the value could be +# computed +ac_fn_c_compute_int () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + if test "$cross_compiling" = yes; then + # Depending upon the size, compute the lo and hi bounds. +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) >= 0)]; +test_array [0] = 0; +return test_array [0]; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_lo=0 ac_mid=0 + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=$ac_mid; break +else + as_fn_arith $ac_mid + 1 && ac_lo=$as_val + if test $ac_lo -le $ac_mid; then + ac_lo= ac_hi= + break + fi + as_fn_arith 2 '*' $ac_mid + 1 && ac_mid=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) < 0)]; +test_array [0] = 0; +return test_array [0]; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=-1 ac_mid=-1 + while :; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) >= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_lo=$ac_mid; break +else + as_fn_arith '(' $ac_mid ')' - 1 && ac_hi=$as_val + if test $ac_mid -le $ac_hi; then + ac_lo= ac_hi= + break + fi + as_fn_arith 2 '*' $ac_mid && ac_mid=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + done +else + ac_lo= ac_hi= +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +# Binary search between lo and hi bounds. +while test "x$ac_lo" != "x$ac_hi"; do + as_fn_arith '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo && ac_mid=$as_val + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +static int test_array [1 - 2 * !(($2) <= $ac_mid)]; +test_array [0] = 0; +return test_array [0]; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_hi=$ac_mid +else + as_fn_arith '(' $ac_mid ')' + 1 && ac_lo=$as_val +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +done +case $ac_lo in #(( +?*) eval "$3=\$ac_lo"; ac_retval=0 ;; +'') ac_retval=1 ;; +esac + else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +static long int longval () { return $2; } +static unsigned long int ulongval () { return $2; } +#include +#include +int +main () +{ + FILE *f = fopen ("conftest.val", "w"); + if (! f) + return 1; + if (($2) < 0) + { + long int i = longval (); + if (i != ($2)) + return 1; + fprintf (f, "%ld", i); + } + else + { + unsigned long int i = ulongval (); + if (i != ($2)) + return 1; + fprintf (f, "%lu", i); + } + /* Do not output a trailing newline, as this causes \r\n confusion + on some platforms. */ + return ferror (f) || fclose (f) != 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + echo >>conftest.val; read $3 &5 +$as_echo_n "checking for $2... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=no" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof ($2)) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$4 +int +main () +{ +if (sizeof (($2))) + return 0; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : +else + eval "$3=yes" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno +} # ac_fn_c_check_type +# ac_fn_c_find_uintX_t LINENO BITS VAR +# ------------------------------------ +# Finds an unsigned integer type with width BITS, setting cache variable VAR +# accordingly. +ac_fn_c_find_uintX_t () +{ + as_lineno=${as_lineno-"$1"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for uint$2_t" >&5 +$as_echo_n "checking for uint$2_t... " >&6; } +if eval \${$3+:} false; then : + $as_echo_n "(cached) " >&6 +else + eval "$3=no" + # Order is important - never check a type that is potentially smaller + # than half of the expected target width. + for ac_type in uint$2_t 'unsigned int' 'unsigned long int' \ + 'unsigned long long int' 'unsigned short int' 'unsigned char'; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ +static int test_array [1 - 2 * !((($ac_type) -1 >> ($2 / 2 - 1)) >> ($2 / 2 - 1) == 3)]; +test_array [0] = 0; +return test_array [0]; + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + case $ac_type in #( + uint$2_t) : + eval "$3=yes" ;; #( + *) : + eval "$3=\$ac_type" ;; +esac +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if eval test \"x\$"$3"\" = x"no"; then : +else + break +fi + done +fi +eval ac_res=\$$3 + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } + eval $as_lineno_stack; ${as_lineno_stack:+:} unset as_lineno +} # ac_fn_c_find_uintX_t +cat >config.log <<_ACEOF +This file contains any messages produced by compilers while +running configure, to aid debugging if configure makes a mistake. +It was created by cyassl $as_me 3.1.0, which was +generated by GNU Autoconf 2.69. Invocation command line was + $ $0 $@ -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - - - -ac_aux_dir= -for ac_dir in config "$srcdir"/config; do - if test -f "$ac_dir/install-sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install-sh -c" - break - elif test -f "$ac_dir/install.sh"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/install.sh -c" - break - elif test -f "$ac_dir/shtool"; then - ac_aux_dir=$ac_dir - ac_install_sh="$ac_aux_dir/shtool install -c" - break - fi -done -if test -z "$ac_aux_dir"; then - { { echo "$as_me:$LINENO: error: cannot find install-sh or install.sh in config \"$srcdir\"/config" >&5 -echo "$as_me: error: cannot find install-sh or install.sh in config \"$srcdir\"/config" >&2;} - { (exit 1); exit 1; }; } -fi - -# These three variables are undocumented and unsupported, -# and are intended to be withdrawn in a future Autoconf release. -# They can cause serious problems if a builder's source tree is in a directory -# whose full name contains unusual characters. -ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. -ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. -ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. - - - -# Make sure we can run config.sub. -$SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - { { echo "$as_me:$LINENO: error: cannot run $SHELL $ac_aux_dir/config.sub" >&5 -echo "$as_me: error: cannot run $SHELL $ac_aux_dir/config.sub" >&2;} - { (exit 1); exit 1; }; } - -{ echo "$as_me:$LINENO: checking build system type" >&5 -echo $ECHO_N "checking build system type... $ECHO_C" >&6; } -if test "${ac_cv_build+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_build_alias=$build_alias -test "x$ac_build_alias" = x && - ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` -test "x$ac_build_alias" = x && - { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 -echo "$as_me: error: cannot guess build type; you must specify one" >&2;} - { (exit 1); exit 1; }; } -ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&2;} - { (exit 1); exit 1; }; } - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_build" >&5 -echo "${ECHO_T}$ac_cv_build" >&6; } -case $ac_cv_build in -*-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical build" >&5 -echo "$as_me: error: invalid value of canonical build" >&2;} - { (exit 1); exit 1; }; };; -esac -build=$ac_cv_build -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_build -shift -build_cpu=$1 -build_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -build_os=$* -IFS=$ac_save_IFS -case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac - - -{ echo "$as_me:$LINENO: checking host system type" >&5 -echo $ECHO_N "checking host system type... $ECHO_C" >&6; } -if test "${ac_cv_host+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "x$host_alias" = x; then - ac_cv_host=$ac_cv_build -else - ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&2;} - { (exit 1); exit 1; }; } -fi - -fi -{ echo "$as_me:$LINENO: result: $ac_cv_host" >&5 -echo "${ECHO_T}$ac_cv_host" >&6; } -case $ac_cv_host in -*-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical host" >&5 -echo "$as_me: error: invalid value of canonical host" >&2;} - { (exit 1); exit 1; }; };; -esac -host=$ac_cv_host -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_host -shift -host_cpu=$1 -host_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -host_os=$* -IFS=$ac_save_IFS -case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac - - -{ echo "$as_me:$LINENO: checking target system type" >&5 -echo $ECHO_N "checking target system type... $ECHO_C" >&6; } -if test "${ac_cv_target+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "x$target_alias" = x; then - ac_cv_target=$ac_cv_host -else - ac_cv_target=`$SHELL "$ac_aux_dir/config.sub" $target_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $target_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $target_alias failed" >&2;} - { (exit 1); exit 1; }; } -fi +_ACEOF +exec 5>>config.log +{ +cat <<_ASUNAME +## --------- ## +## Platform. ## +## --------- ## -fi -{ echo "$as_me:$LINENO: result: $ac_cv_target" >&5 -echo "${ECHO_T}$ac_cv_target" >&6; } -case $ac_cv_target in -*-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical target" >&5 -echo "$as_me: error: invalid value of canonical target" >&2;} - { (exit 1); exit 1; }; };; -esac -target=$ac_cv_target -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_target -shift -target_cpu=$1 -target_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -target_os=$* -IFS=$ac_save_IFS -case $target_os in *\ *) target_os=`echo "$target_os" | sed 's/ /-/g'`;; esac +hostname = `(hostname || uname -n) 2>/dev/null | sed 1q` +uname -m = `(uname -m) 2>/dev/null || echo unknown` +uname -r = `(uname -r) 2>/dev/null || echo unknown` +uname -s = `(uname -s) 2>/dev/null || echo unknown` +uname -v = `(uname -v) 2>/dev/null || echo unknown` +/usr/bin/uname -p = `(/usr/bin/uname -p) 2>/dev/null || echo unknown` +/bin/uname -X = `(/bin/uname -X) 2>/dev/null || echo unknown` -# The aliases save the names the user supplied, while $host etc. -# will get canonicalized. -test -n "$target_alias" && - test "$program_prefix$program_suffix$program_transform_name" = \ - NONENONEs,x,x, && - program_prefix=${target_alias}- +/bin/arch = `(/bin/arch) 2>/dev/null || echo unknown` +/usr/bin/arch -k = `(/usr/bin/arch -k) 2>/dev/null || echo unknown` +/usr/convex/getsysinfo = `(/usr/convex/getsysinfo) 2>/dev/null || echo unknown` +/usr/bin/hostinfo = `(/usr/bin/hostinfo) 2>/dev/null || echo unknown` +/bin/machine = `(/bin/machine) 2>/dev/null || echo unknown` +/usr/bin/oslevel = `(/usr/bin/oslevel) 2>/dev/null || echo unknown` +/bin/universe = `(/bin/universe) 2>/dev/null || echo unknown` -am__api_version='1.10' +_ASUNAME -# Find a good install program. We prefer a C program (faster), -# so one script is as good as another. But avoid the broken or -# incompatible versions: -# SysV /etc/install, /usr/sbin/install -# SunOS /usr/etc/install -# IRIX /sbin/install -# AIX /bin/install -# AmigaOS /C/install, which installs bootblocks on floppy discs -# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag -# AFS /usr/afsws/bin/install, which mishandles nonexistent args -# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" -# OS/2's system install, which has a completely different semantic -# ./install, which can be erroneously created by make from ./install.sh. -{ echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 -echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6; } -if test -z "$INSTALL"; then -if test "${ac_cv_path_install+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - # Account for people who put trailing slashes in PATH elements. -case $as_dir/ in - ./ | .// | /cC/* | \ - /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ - ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ - /usr/ucb/* ) ;; - *) - # OSF1 and SCO ODT 3.0 have their own names for install. - # Don't use installbsd from OSF since it installs stuff as root - # by default. - for ac_prog in ginstall scoinst install; do - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then - if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 - fi - fi - done - done - ;; -esac -done + $as_echo "PATH: $as_dir" + done IFS=$as_save_IFS +} >&5 -fi - if test "${ac_cv_path_install+set}" = set; then - INSTALL=$ac_cv_path_install - else - # As a last resort, use the slow shell script. Don't cache a - # value for INSTALL within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - INSTALL=$ac_install_sh - fi -fi -{ echo "$as_me:$LINENO: result: $INSTALL" >&5 -echo "${ECHO_T}$INSTALL" >&6; } - -# Use test -z because SunOS4 sh mishandles braces in ${var-val}. -# It thinks the first close brace ends the variable substitution. -test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' - -test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' +cat >&5 <<_ACEOF -test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' -{ echo "$as_me:$LINENO: checking whether build environment is sane" >&5 -echo $ECHO_N "checking whether build environment is sane... $ECHO_C" >&6; } -# Just in case -sleep 1 -echo timestamp > conftest.file -# Do `set' in a subshell so we don't clobber the current shell's -# arguments. Must try -L first in case configure is actually a -# symlink; some systems play weird games with the mod time of symlinks -# (eg FreeBSD returns the mod time of the symlink's containing -# directory). -if ( - set X `ls -Lt $srcdir/configure conftest.file 2> /dev/null` - if test "$*" = "X"; then - # -L didn't work. - set X `ls -t $srcdir/configure conftest.file` - fi - rm -f conftest.file - if test "$*" != "X $srcdir/configure conftest.file" \ - && test "$*" != "X conftest.file $srcdir/configure"; then - - # If neither matched, then we have a broken ls. This can happen - # if, for instance, CONFIG_SHELL is bash and it inherits a - # broken ls alias from the environment. This has actually - # happened. Such a system could not be considered "sane". - { { echo "$as_me:$LINENO: error: ls -t appears to fail. Make sure there is not a broken -alias in your environment" >&5 -echo "$as_me: error: ls -t appears to fail. Make sure there is not a broken -alias in your environment" >&2;} - { (exit 1); exit 1; }; } - fi +## ----------- ## +## Core tests. ## +## ----------- ## - test "$2" = conftest.file - ) -then - # Ok. - : -else - { { echo "$as_me:$LINENO: error: newly created file is older than distributed files! -Check your system clock" >&5 -echo "$as_me: error: newly created file is older than distributed files! -Check your system clock" >&2;} - { (exit 1); exit 1; }; } -fi -{ echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -test "$program_prefix" != NONE && - program_transform_name="s&^&$program_prefix&;$program_transform_name" -# Use a double $ so make ignores it. -test "$program_suffix" != NONE && - program_transform_name="s&\$&$program_suffix&;$program_transform_name" -# Double any \ or $. echo might interpret backslashes. -# By default was `s,x,x', remove it if useless. -cat <<\_ACEOF >conftest.sed -s/[\\$]/&&/g;s/;s,x,x,$// _ACEOF -program_transform_name=`echo $program_transform_name | sed -f conftest.sed` -rm -f conftest.sed - -# expand $ac_aux_dir to an absolute path -am_aux_dir=`cd $ac_aux_dir && pwd` - -test x"${MISSING+set}" = xset || MISSING="\${SHELL} $am_aux_dir/missing" -# Use eval to expand $SHELL -if eval "$MISSING --run true"; then - am_missing_run="$MISSING --run " -else - am_missing_run= - { echo "$as_me:$LINENO: WARNING: \`missing' script is too old or missing" >&5 -echo "$as_me: WARNING: \`missing' script is too old or missing" >&2;} -fi - -{ echo "$as_me:$LINENO: checking for a thread-safe mkdir -p" >&5 -echo $ECHO_N "checking for a thread-safe mkdir -p... $ECHO_C" >&6; } -if test -z "$MKDIR_P"; then - if test "${ac_cv_path_mkdir+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in mkdir gmkdir; do - for ac_exec_ext in '' $ac_executable_extensions; do - { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; } || continue - case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( - 'mkdir (GNU coreutils) '* | \ - 'mkdir (coreutils) '* | \ - 'mkdir (fileutils) '4.1*) - ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext - break 3;; - esac - done - done -done -IFS=$as_save_IFS - -fi - - if test "${ac_cv_path_mkdir+set}" = set; then - MKDIR_P="$ac_cv_path_mkdir -p" - else - # As a last resort, use the slow shell script. Don't cache a - # value for MKDIR_P within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - test -d ./--version && rmdir ./--version - MKDIR_P="$ac_install_sh -d" - fi -fi -{ echo "$as_me:$LINENO: result: $MKDIR_P" >&5 -echo "${ECHO_T}$MKDIR_P" >&6; } -mkdir_p="$MKDIR_P" -case $mkdir_p in - [\\/$]* | ?:[\\/]*) ;; - */*) mkdir_p="\$(top_builddir)/$mkdir_p" ;; -esac -for ac_prog in gawk mawk nawk awk +# Keep a trace of the command line. +# Strip out --no-create and --no-recursion so they do not pile up. +# Strip out --silent because we don't want to record it for future runs. +# Also quote any args containing shell meta-characters. +# Make two passes to allow for proper duplicate-argument suppression. +ac_configure_args= +ac_configure_args0= +ac_configure_args1= +ac_must_keep_next=false +for ac_pass in 1 2 do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AWK+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$AWK"; then - ac_cv_prog_AWK="$AWK" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_AWK="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done + for ac_arg + do + case $ac_arg in + -no-create | --no-c* | -n | -no-recursion | --no-r*) continue ;; + -q | -quiet | --quiet | --quie | --qui | --qu | --q \ + | -silent | --silent | --silen | --sile | --sil) + continue ;; + *\'*) + ac_arg=`$as_echo "$ac_arg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + case $ac_pass in + 1) as_fn_append ac_configure_args0 " '$ac_arg'" ;; + 2) + as_fn_append ac_configure_args1 " '$ac_arg'" + if test $ac_must_keep_next = true; then + ac_must_keep_next=false # Got value, back to normal. + else + case $ac_arg in + *=* | --config-cache | -C | -disable-* | --disable-* \ + | -enable-* | --enable-* | -gas | --g* | -nfp | --nf* \ + | -q | -quiet | --q* | -silent | --sil* | -v | -verb* \ + | -with-* | --with-* | -without-* | --without-* | --x) + case "$ac_configure_args0 " in + "$ac_configure_args1"*" '$ac_arg' "* ) continue ;; + esac + ;; + -* ) ac_must_keep_next=true ;; + esac + fi + as_fn_append ac_configure_args " '$ac_arg'" + ;; + esac + done done -IFS=$as_save_IFS - -fi -fi -AWK=$ac_cv_prog_AWK -if test -n "$AWK"; then - { echo "$as_me:$LINENO: result: $AWK" >&5 -echo "${ECHO_T}$AWK" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - +{ ac_configure_args0=; unset ac_configure_args0;} +{ ac_configure_args1=; unset ac_configure_args1;} - test -n "$AWK" && break -done +# When interrupted or exit'd, cleanup temporary files, and complete +# config.log. We remove comments because anyway the quotes in there +# would cause problems or look ugly. +# WARNING: Use '\'' to represent an apostrophe within the trap. +# WARNING: Do not start the trap code with a newline, due to a FreeBSD 4.0 bug. +trap 'exit_status=$? + # Save into config.log some information that might help in debugging. + { + echo -{ echo "$as_me:$LINENO: checking whether ${MAKE-make} sets \$(MAKE)" >&5 -echo $ECHO_N "checking whether ${MAKE-make} sets \$(MAKE)... $ECHO_C" >&6; } -set x ${MAKE-make}; ac_make=`echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` -if { as_var=ac_cv_prog_make_${ac_make}_set; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.make <<\_ACEOF -SHELL = /bin/sh -all: - @echo '@@@%%%=$(MAKE)=@@@%%%' -_ACEOF -# GNU make sometimes prints "make[1]: Entering...", which would confuse us. -case `${MAKE-make} -f conftest.make 2>/dev/null` in - *@@@%%%=?*=@@@%%%*) - eval ac_cv_prog_make_${ac_make}_set=yes;; - *) - eval ac_cv_prog_make_${ac_make}_set=no;; -esac -rm -f conftest.make -fi -if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - SET_MAKE= -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } - SET_MAKE="MAKE=${MAKE-make}" -fi + $as_echo "## ---------------- ## +## Cache variables. ## +## ---------------- ##" + echo + # The following way of writing the cache mishandles newlines in values, +( + for ac_var in `(set) 2>&1 | sed -n '\''s/^\([a-zA-Z_][a-zA-Z0-9_]*\)=.*/\1/p'\''`; do + eval ac_val=\$$ac_var + case $ac_val in #( + *${as_nl}*) + case $ac_var in #( + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; + esac + case $ac_var in #( + _ | IFS | as_nl) ;; #( + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; + esac ;; + esac + done + (set) 2>&1 | + case $as_nl`(ac_space='\'' '\''; set) 2>&1` in #( + *${as_nl}ac_space=\ *) + sed -n \ + "s/'\''/'\''\\\\'\'''\''/g; + s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\''\\2'\''/p" + ;; #( + *) + sed -n "/^[_$as_cr_alnum]*_cv_[_$as_cr_alnum]*=/p" + ;; + esac | + sort +) + echo -rm -rf .tst 2>/dev/null -mkdir .tst 2>/dev/null -if test -d .tst; then - am__leading_dot=. -else - am__leading_dot=_ -fi -rmdir .tst 2>/dev/null + $as_echo "## ----------------- ## +## Output variables. ## +## ----------------- ##" + echo + for ac_var in $ac_subst_vars + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo -if test "`cd $srcdir && pwd`" != "`pwd`"; then - # Use -I$(srcdir) only when $(srcdir) != ., so that make's output - # is not polluted with repeated "-I." - am__isrc=' -I$(srcdir)' - # test to see if srcdir already configured - if test -f $srcdir/config.status; then - { { echo "$as_me:$LINENO: error: source directory already configured; run \"make distclean\" there first" >&5 -echo "$as_me: error: source directory already configured; run \"make distclean\" there first" >&2;} - { (exit 1); exit 1; }; } - fi -fi + if test -n "$ac_subst_files"; then + $as_echo "## ------------------- ## +## File substitutions. ## +## ------------------- ##" + echo + for ac_var in $ac_subst_files + do + eval ac_val=\$$ac_var + case $ac_val in + *\'\''*) ac_val=`$as_echo "$ac_val" | sed "s/'\''/'\''\\\\\\\\'\'''\''/g"`;; + esac + $as_echo "$ac_var='\''$ac_val'\''" + done | sort + echo + fi -# test whether we have cygpath -if test -z "$CYGPATH_W"; then - if (cygpath --version) >/dev/null 2>/dev/null; then - CYGPATH_W='cygpath -w' - else - CYGPATH_W=echo - fi -fi + if test -s confdefs.h; then + $as_echo "## ----------- ## +## confdefs.h. ## +## ----------- ##" + echo + cat confdefs.h + echo + fi + test "$ac_signal" != 0 && + $as_echo "$as_me: caught signal $ac_signal" + $as_echo "$as_me: exit $exit_status" + } >&5 + rm -f core *.core core.conftest.* && + rm -f -r conftest* confdefs* conf$$* $ac_clean_files && + exit $exit_status +' 0 +for ac_signal in 1 2 13 15; do + trap 'ac_signal='$ac_signal'; as_fn_exit 1' $ac_signal +done +ac_signal=0 +# confdefs.h avoids OS command line length limits that DEFS can exceed. +rm -f -r conftest* confdefs.h -# Define the identity of the package. - PACKAGE='cyassl' - VERSION='2.3.0' +$as_echo "/* confdefs.h */" > confdefs.h +# Predefined preprocessor variables. cat >>confdefs.h <<_ACEOF -#define PACKAGE "$PACKAGE" +#define PACKAGE_NAME "$PACKAGE_NAME" _ACEOF - cat >>confdefs.h <<_ACEOF -#define VERSION "$VERSION" +#define PACKAGE_TARNAME "$PACKAGE_TARNAME" _ACEOF -# Some tools Automake needs. - -ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} - - -AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} - - -AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} - +cat >>confdefs.h <<_ACEOF +#define PACKAGE_VERSION "$PACKAGE_VERSION" +_ACEOF -AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} +cat >>confdefs.h <<_ACEOF +#define PACKAGE_STRING "$PACKAGE_STRING" +_ACEOF +cat >>confdefs.h <<_ACEOF +#define PACKAGE_BUGREPORT "$PACKAGE_BUGREPORT" +_ACEOF -MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} +cat >>confdefs.h <<_ACEOF +#define PACKAGE_URL "$PACKAGE_URL" +_ACEOF -install_sh=${install_sh-"\$(SHELL) $am_aux_dir/install-sh"} -# Installed binaries are usually stripped using `strip' when the user -# run `make install-strip'. However `strip' might not be the right -# tool to use in cross-compilation environments, therefore Automake -# will honor the `STRIP' environment variable to overrule this program. -if test "$cross_compiling" != no; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. -set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$STRIP"; then - ac_cv_prog_STRIP="$STRIP" # Let the user override the test. +# Let the site file select an alternate cache file if it wants to. +# Prefer an explicitly selected file to automatically selected ones. +ac_site_file1=NONE +ac_site_file2=NONE +if test -n "$CONFIG_SITE"; then + # We do not want a PATH search for config.site. + case $CONFIG_SITE in #(( + -*) ac_site_file1=./$CONFIG_SITE;; + */*) ac_site_file1=$CONFIG_SITE;; + *) ac_site_file1=./$CONFIG_SITE;; + esac +elif test "x$prefix" != xNONE; then + ac_site_file1=$prefix/share/config.site + ac_site_file2=$prefix/etc/config.site else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH + ac_site_file1=$ac_default_prefix/share/config.site + ac_site_file2=$ac_default_prefix/etc/config.site +fi +for ac_site_file in "$ac_site_file1" "$ac_site_file2" do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_STRIP="${ac_tool_prefix}strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 + test "x$ac_site_file" = xNONE && continue + if test /dev/null != "$ac_site_file" && test -r "$ac_site_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading site script $ac_site_file" >&5 +$as_echo "$as_me: loading site script $ac_site_file" >&6;} + sed 's/^/| /' "$ac_site_file" >&5 + . "$ac_site_file" \ + || { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "failed to load site script $ac_site_file +See \`config.log' for more details" "$LINENO" 5; } fi done -done -IFS=$as_save_IFS -fi -fi -STRIP=$ac_cv_prog_STRIP -if test -n "$STRIP"; then - { echo "$as_me:$LINENO: result: $STRIP" >&5 -echo "${ECHO_T}$STRIP" >&6; } +if test -r "$cache_file"; then + # Some versions of bash will fail to source /dev/null (special files + # actually), so we avoid doing that. DJGPP emulates it as a regular file. + if test /dev/null != "$cache_file" && test -f "$cache_file"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: loading cache $cache_file" >&5 +$as_echo "$as_me: loading cache $cache_file" >&6;} + case $cache_file in + [\\/]* | ?:[\\/]* ) . "$cache_file";; + *) . "./$cache_file";; + esac + fi else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - + { $as_echo "$as_me:${as_lineno-$LINENO}: creating cache $cache_file" >&5 +$as_echo "$as_me: creating cache $cache_file" >&6;} + >$cache_file fi -if test -z "$ac_cv_prog_STRIP"; then - ac_ct_STRIP=$STRIP - # Extract the first word of "strip", so it can be a program name with args. -set dummy strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_STRIP"; then - ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_STRIP="strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS -fi -fi -ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP -if test -n "$ac_ct_STRIP"; then - { echo "$as_me:$LINENO: result: $ac_ct_STRIP" >&5 -echo "${ECHO_T}$ac_ct_STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_STRIP" = x; then - STRIP=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - STRIP=$ac_ct_STRIP +# Check that the precious variables saved in the cache have kept the same +# value. +ac_cache_corrupted=false +for ac_var in $ac_precious_vars; do + eval ac_old_set=\$ac_cv_env_${ac_var}_set + eval ac_new_set=\$ac_env_${ac_var}_set + eval ac_old_val=\$ac_cv_env_${ac_var}_value + eval ac_new_val=\$ac_env_${ac_var}_value + case $ac_old_set,$ac_new_set in + set,) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was set to \`$ac_old_val' in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,set) + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' was not set in the previous run" >&5 +$as_echo "$as_me: error: \`$ac_var' was not set in the previous run" >&2;} + ac_cache_corrupted=: ;; + ,);; + *) + if test "x$ac_old_val" != "x$ac_new_val"; then + # differences in whitespace do not lead to failure. + ac_old_val_w=`echo x $ac_old_val` + ac_new_val_w=`echo x $ac_new_val` + if test "$ac_old_val_w" != "$ac_new_val_w"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: \`$ac_var' has changed since the previous run:" >&5 +$as_echo "$as_me: error: \`$ac_var' has changed since the previous run:" >&2;} + ac_cache_corrupted=: + else + { $as_echo "$as_me:${as_lineno-$LINENO}: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&5 +$as_echo "$as_me: warning: ignoring whitespace changes in \`$ac_var' since the previous run:" >&2;} + eval $ac_var=\$ac_old_val + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: former value: \`$ac_old_val'" >&5 +$as_echo "$as_me: former value: \`$ac_old_val'" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: current value: \`$ac_new_val'" >&5 +$as_echo "$as_me: current value: \`$ac_new_val'" >&2;} + fi;; + esac + # Pass precious variables to config.status. + if test "$ac_new_set" = set; then + case $ac_new_val in + *\'*) ac_arg=$ac_var=`$as_echo "$ac_new_val" | sed "s/'/'\\\\\\\\''/g"` ;; + *) ac_arg=$ac_var=$ac_new_val ;; + esac + case " $ac_configure_args " in + *" '$ac_arg' "*) ;; # Avoid dups. Use of quotes ensures accuracy. + *) as_fn_append ac_configure_args " '$ac_arg'" ;; + esac fi -else - STRIP="$ac_cv_prog_STRIP" -fi - +done +if $ac_cache_corrupted; then + { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: error: changes in the environment can compromise the build" >&5 +$as_echo "$as_me: error: changes in the environment can compromise the build" >&2;} + as_fn_error $? "run \`make distclean' and/or \`rm $cache_file' and start over" "$LINENO" 5 fi -INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" - -# We need awk for the "check" target. The system "awk" is bad on -# some platforms. -# Always define AMTAR for backward compatibility. - -AMTAR=${AMTAR-"${am_missing_run}tar"} +## -------------------- ## +## Main body of script. ## +## -------------------- ## +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ echo "$as_me:$LINENO: checking how to create a ustar tar archive" >&5 -echo $ECHO_N "checking how to create a ustar tar archive... $ECHO_C" >&6; } -# Loop over all known methods to create a tar archive until one works. -_am_tools='gnutar plaintar pax cpio none' -_am_tools=${am_cv_prog_tar_ustar-$_am_tools} -# Do not fold the above two line into one, because Tru64 sh and -# Solaris sh will not grok spaces in the rhs of `-'. -for _am_tool in $_am_tools -do - case $_am_tool in - gnutar) - for _am_tar in tar gnutar gtar; - do - { echo "$as_me:$LINENO: $_am_tar --version" >&5 - ($_am_tar --version) >&5 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && break - done - am__tar="$_am_tar --format=ustar -chf - "'"$$tardir"' - am__tar_="$_am_tar --format=ustar -chf - "'"$tardir"' - am__untar="$_am_tar -xf -" - ;; - plaintar) - # Must skip GNU tar: if it does not support --format= it doesn't create - # ustar tarball either. - (tar --version) >/dev/null 2>&1 && continue - am__tar='tar chf - "$$tardir"' - am__tar_='tar chf - "$tardir"' - am__untar='tar xf -' - ;; - pax) - am__tar='pax -L -x ustar -w "$$tardir"' - am__tar_='pax -L -x ustar -w "$tardir"' - am__untar='pax -r' - ;; - cpio) - am__tar='find "$$tardir" -print | cpio -o -H ustar -L' - am__tar_='find "$tardir" -print | cpio -o -H ustar -L' - am__untar='cpio -i -H ustar -d' - ;; - none) - am__tar=false - am__tar_=false - am__untar=false - ;; - esac - # If the value was cached, stop now. We just wanted to have am__tar - # and am__untar set. - test -n "${am_cv_prog_tar_ustar}" && break - # tar/untar a dummy directory, and stop if the command works - rm -rf conftest.dir - mkdir conftest.dir - echo GrepMe > conftest.dir/file - { echo "$as_me:$LINENO: tardir=conftest.dir && eval $am__tar_ >conftest.tar" >&5 - (tardir=conftest.dir && eval $am__tar_ >conftest.tar) >&5 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - rm -rf conftest.dir - if test -s conftest.tar; then - { echo "$as_me:$LINENO: $am__untar &5 - ($am__untar &5 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } - grep GrepMe conftest.dir/file >/dev/null 2>&1 && break +ac_aux_dir= +for ac_dir in build-aux "$srcdir"/build-aux; do + if test -f "$ac_dir/install-sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install-sh -c" + break + elif test -f "$ac_dir/install.sh"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/install.sh -c" + break + elif test -f "$ac_dir/shtool"; then + ac_aux_dir=$ac_dir + ac_install_sh="$ac_aux_dir/shtool install -c" + break fi done -rm -rf conftest.dir - -if test "${am_cv_prog_tar_ustar+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - am_cv_prog_tar_ustar=$_am_tool +if test -z "$ac_aux_dir"; then + as_fn_error $? "cannot find install-sh, install.sh, or shtool in build-aux \"$srcdir\"/build-aux" "$LINENO" 5 fi -{ echo "$as_me:$LINENO: result: $am_cv_prog_tar_ustar" >&5 -echo "${ECHO_T}$am_cv_prog_tar_ustar" >&6; } - - - - - - -{ echo "$as_me:$LINENO: checking host system type" >&5 -echo $ECHO_N "checking host system type... $ECHO_C" >&6; } -if test "${ac_cv_host+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "x$host_alias" = x; then - ac_cv_host=$ac_cv_build -else - ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $host_alias failed" >&2;} - { (exit 1); exit 1; }; } -fi +# These three variables are undocumented and unsupported, +# and are intended to be withdrawn in a future Autoconf release. +# They can cause serious problems if a builder's source tree is in a directory +# whose full name contains unusual characters. +ac_config_guess="$SHELL $ac_aux_dir/config.guess" # Please don't use this var. +ac_config_sub="$SHELL $ac_aux_dir/config.sub" # Please don't use this var. +ac_configure="$SHELL $ac_aux_dir/configure" # Please don't use this var. -fi -{ echo "$as_me:$LINENO: result: $ac_cv_host" >&5 -echo "${ECHO_T}$ac_cv_host" >&6; } -case $ac_cv_host in -*-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical host" >&5 -echo "$as_me: error: invalid value of canonical host" >&2;} - { (exit 1); exit 1; }; };; -esac -host=$ac_cv_host -ac_save_IFS=$IFS; IFS='-' -set x $ac_cv_host -shift -host_cpu=$1 -host_vendor=$2 -shift; shift -# Remember, the first character of IFS is used to create $*, -# except with old shells: -host_os=$* -IFS=$ac_save_IFS -case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac # Make sure we can run config.sub. $SHELL "$ac_aux_dir/config.sub" sun4 >/dev/null 2>&1 || - { { echo "$as_me:$LINENO: error: cannot run $SHELL $ac_aux_dir/config.sub" >&5 -echo "$as_me: error: cannot run $SHELL $ac_aux_dir/config.sub" >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "cannot run $SHELL $ac_aux_dir/config.sub" "$LINENO" 5 -{ echo "$as_me:$LINENO: checking build system type" >&5 -echo $ECHO_N "checking build system type... $ECHO_C" >&6; } -if test "${ac_cv_build+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking build system type" >&5 +$as_echo_n "checking build system type... " >&6; } +if ${ac_cv_build+:} false; then : + $as_echo_n "(cached) " >&6 else ac_build_alias=$build_alias test "x$ac_build_alias" = x && ac_build_alias=`$SHELL "$ac_aux_dir/config.guess"` test "x$ac_build_alias" = x && - { { echo "$as_me:$LINENO: error: cannot guess build type; you must specify one" >&5 -echo "$as_me: error: cannot guess build type; you must specify one" >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "cannot guess build type; you must specify one" "$LINENO" 5 ac_cv_build=`$SHELL "$ac_aux_dir/config.sub" $ac_build_alias` || - { { echo "$as_me:$LINENO: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&5 -echo "$as_me: error: $SHELL $ac_aux_dir/config.sub $ac_build_alias failed" >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $ac_build_alias failed" "$LINENO" 5 fi -{ echo "$as_me:$LINENO: result: $ac_cv_build" >&5 -echo "${ECHO_T}$ac_cv_build" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_build" >&5 +$as_echo "$ac_cv_build" >&6; } case $ac_cv_build in *-*-*) ;; -*) { { echo "$as_me:$LINENO: error: invalid value of canonical build" >&5 -echo "$as_me: error: invalid value of canonical build" >&2;} - { (exit 1); exit 1; }; };; +*) as_fn_error $? "invalid value of canonical build" "$LINENO" 5;; esac build=$ac_cv_build ac_save_IFS=$IFS; IFS='-' @@ -2673,1301 +2976,836 @@ IFS=$ac_save_IFS case $build_os in *\ *) build_os=`echo "$build_os" | sed 's/ /-/g'`;; esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking host system type" >&5 +$as_echo_n "checking host system type... " >&6; } +if ${ac_cv_host+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test "x$host_alias" = x; then + ac_cv_host=$ac_cv_build +else + ac_cv_host=`$SHELL "$ac_aux_dir/config.sub" $host_alias` || + as_fn_error $? "$SHELL $ac_aux_dir/config.sub $host_alias failed" "$LINENO" 5 +fi - - - - -ac_config_headers="$ac_config_headers config.h:config.in" - - -#shared library versioning -CYASSL_LIBRARY_VERSION=3:1:0 -# | | | -# +------+ | +---+ -# | | | -# current:revision:age -# | | | -# | | +- increment if interfaces have been added -# | | set to zero if interfaces have been removed -# | or changed -# | +- increment if source code has changed -# | set to zero if current is incremented -# +- increment if interfaces have been added, removed or changed - - -# Make sure configure doesn't add to CFLAGS -CFLAGS="$CFLAGS $C_EXTRA_FLAGS" - -case `pwd` in - *\ * | *\ *) - { echo "$as_me:$LINENO: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 -echo "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_host" >&5 +$as_echo "$ac_cv_host" >&6; } +case $ac_cv_host in +*-*-*) ;; +*) as_fn_error $? "invalid value of canonical host" "$LINENO" 5;; esac - - - -macro_version='2.2.10' -macro_revision='1.3175' - +host=$ac_cv_host +ac_save_IFS=$IFS; IFS='-' +set x $ac_cv_host +shift +host_cpu=$1 +host_vendor=$2 +shift; shift +# Remember, the first character of IFS is used to create $*, +# except with old shells: +host_os=$* +IFS=$ac_save_IFS +case $host_os in *\ *) host_os=`echo "$host_os" | sed 's/ /-/g'`;; esac +am__api_version='1.14' +# Find a good install program. We prefer a C program (faster), +# so one script is as good as another. But avoid the broken or +# incompatible versions: +# SysV /etc/install, /usr/sbin/install +# SunOS /usr/etc/install +# IRIX /sbin/install +# AIX /bin/install +# AmigaOS /C/install, which installs bootblocks on floppy discs +# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag +# AFS /usr/afsws/bin/install, which mishandles nonexistent args +# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" +# OS/2's system install, which has a completely different semantic +# ./install, which can be erroneously created by make from ./install.sh. +# Reject install programs that cannot install multiple files. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a BSD-compatible install" >&5 +$as_echo_n "checking for a BSD-compatible install... " >&6; } +if test -z "$INSTALL"; then +if ${ac_cv_path_install+:} false; then : + $as_echo_n "(cached) " >&6 +else + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + # Account for people who put trailing slashes in PATH elements. +case $as_dir/ in #(( + ./ | .// | /[cC]/* | \ + /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ + ?:[\\/]os2[\\/]install[\\/]* | ?:[\\/]OS2[\\/]INSTALL[\\/]* | \ + /usr/ucb/* ) ;; + *) + # OSF1 and SCO ODT 3.0 have their own names for install. + # Don't use installbsd from OSF since it installs stuff as root + # by default. + for ac_prog in ginstall scoinst install; do + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext"; then + if test $ac_prog = install && + grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # AIX install. It has an incompatible calling convention. + : + elif test $ac_prog = install && + grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then + # program-specific install script used by HP pwplus--don't use. + : + else + rm -rf conftest.one conftest.two conftest.dir + echo one > conftest.one + echo two > conftest.two + mkdir conftest.dir + if "$as_dir/$ac_prog$ac_exec_ext" -c conftest.one conftest.two "`pwd`/conftest.dir" && + test -s conftest.one && test -s conftest.two && + test -s conftest.dir/conftest.one && + test -s conftest.dir/conftest.two + then + ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" + break 3 + fi + fi + fi + done + done + ;; +esac + done +IFS=$as_save_IFS +rm -rf conftest.one conftest.two conftest.dir +fi + if test "${ac_cv_path_install+set}" = set; then + INSTALL=$ac_cv_path_install + else + # As a last resort, use the slow shell script. Don't cache a + # value for INSTALL within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + INSTALL=$ac_install_sh + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $INSTALL" >&5 +$as_echo "$INSTALL" >&6; } +# Use test -z because SunOS4 sh mishandles braces in ${var-val}. +# It thinks the first close brace ends the variable substitution. +test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' +test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' +test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' -ltmain="$ac_aux_dir/ltmain.sh" +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether build environment is sane" >&5 +$as_echo_n "checking whether build environment is sane... " >&6; } +# Reject unsafe characters in $srcdir or the absolute working directory +# name. Accept space and tab only in the latter. +am_lf=' +' +case `pwd` in + *[\\\"\#\$\&\'\`$am_lf]*) + as_fn_error $? "unsafe absolute working directory name" "$LINENO" 5;; +esac +case $srcdir in + *[\\\"\#\$\&\'\`$am_lf\ \ ]*) + as_fn_error $? "unsafe srcdir value: '$srcdir'" "$LINENO" 5;; +esac -# Backslashify metacharacters that are still active within -# double-quoted strings. -sed_quote_subst='s/\(["`$\\]\)/\\\1/g' - -# Same as above, but do not quote variable references. -double_quote_subst='s/\(["`\\]\)/\\\1/g' - -# Sed substitution to delay expansion of an escaped shell variable in a -# double_quote_subst'ed string. -delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' - -# Sed substitution to delay expansion of an escaped single quote. -delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' - -# Sed substitution to avoid accidental globbing in evaled expressions -no_glob_subst='s/\*/\\\*/g' - -ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' -ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO -ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO - -{ echo "$as_me:$LINENO: checking how to print strings" >&5 -echo $ECHO_N "checking how to print strings... $ECHO_C" >&6; } -# Test print first, because it will be a builtin if present. -if test "X`print -r -- -n 2>/dev/null`" = X-n && \ - test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then - ECHO='print -r --' -elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then - ECHO='printf %s\n' +# Do 'set' in a subshell so we don't clobber the current shell's +# arguments. Must try -L first in case configure is actually a +# symlink; some systems play weird games with the mod time of symlinks +# (eg FreeBSD returns the mod time of the symlink's containing +# directory). +if ( + am_has_slept=no + for am_try in 1 2; do + echo "timestamp, slept: $am_has_slept" > conftest.file + set X `ls -Lt "$srcdir/configure" conftest.file 2> /dev/null` + if test "$*" = "X"; then + # -L didn't work. + set X `ls -t "$srcdir/configure" conftest.file` + fi + if test "$*" != "X $srcdir/configure conftest.file" \ + && test "$*" != "X conftest.file $srcdir/configure"; then + + # If neither matched, then we have a broken ls. This can happen + # if, for instance, CONFIG_SHELL is bash and it inherits a + # broken ls alias from the environment. This has actually + # happened. Such a system could not be considered "sane". + as_fn_error $? "ls -t appears to fail. Make sure there is not a broken + alias in your environment" "$LINENO" 5 + fi + if test "$2" = conftest.file || test $am_try -eq 2; then + break + fi + # Just in case. + sleep 1 + am_has_slept=yes + done + test "$2" = conftest.file + ) +then + # Ok. + : else - # Use this function as a fallback that always works. - func_fallback_echo () - { - eval 'cat <<_LTECHO_EOF -$1 -_LTECHO_EOF' - } - ECHO='func_fallback_echo' -fi - -# func_echo_all arg... -# Invoke $ECHO with all args, space-separated. -func_echo_all () -{ - $ECHO "" -} - -case "$ECHO" in - printf*) { echo "$as_me:$LINENO: result: printf" >&5 -echo "${ECHO_T}printf" >&6; } ;; - print*) { echo "$as_me:$LINENO: result: print -r" >&5 -echo "${ECHO_T}print -r" >&6; } ;; - *) { echo "$as_me:$LINENO: result: cat" >&5 -echo "${ECHO_T}cat" >&6; } ;; -esac - - - - - - - - - - - - - - -DEPDIR="${am__leading_dot}deps" - -ac_config_commands="$ac_config_commands depfiles" - - -am_make=${MAKE-make} -cat > confinc << 'END' -am__doit: - @echo done -.PHONY: am__doit -END -# If we don't find an include directive, just comment out the code. -{ echo "$as_me:$LINENO: checking for style of include used by $am_make" >&5 -echo $ECHO_N "checking for style of include used by $am_make... $ECHO_C" >&6; } -am__include="#" -am__quote= -_am_result=none -# First try GNU make style include. -echo "include confinc" > confmf -# We grep out `Entering directory' and `Leaving directory' -# messages which can occur if `w' ends up in MAKEFLAGS. -# In particular we don't look at `^make:' because GNU make might -# be invoked under some other name (usually "gmake"), in which -# case it prints its new name instead of `make'. -if test "`$am_make -s -f confmf 2> /dev/null | grep -v 'ing directory'`" = "done"; then - am__include=include - am__quote= - _am_result=GNU + as_fn_error $? "newly created file is older than distributed files! +Check your system clock" "$LINENO" 5 fi -# Now try BSD make style include. -if test "$am__include" = "#"; then - echo '.include "confinc"' > confmf - if test "`$am_make -s -f confmf 2> /dev/null`" = "done"; then - am__include=.include - am__quote="\"" - _am_result=BSD - fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +# If we didn't sleep, we still need to ensure time stamps of config.status and +# generated files are strictly newer. +am_sleep_pid= +if grep 'slept: no' conftest.file >/dev/null 2>&1; then + ( sleep 1 ) & + am_sleep_pid=$! fi +rm -f conftest.file -{ echo "$as_me:$LINENO: result: $_am_result" >&5 -echo "${ECHO_T}$_am_result" >&6; } -rm -f confinc confmf +test "$program_prefix" != NONE && + program_transform_name="s&^&$program_prefix&;$program_transform_name" +# Use a double $ so make ignores it. +test "$program_suffix" != NONE && + program_transform_name="s&\$&$program_suffix&;$program_transform_name" +# Double any \ or $. +# By default was `s,x,x', remove it if useless. +ac_script='s/[\\$]/&&/g;s/;s,x,x,$//' +program_transform_name=`$as_echo "$program_transform_name" | sed "$ac_script"` -# Check whether --enable-dependency-tracking was given. -if test "${enable_dependency_tracking+set}" = set; then - enableval=$enable_dependency_tracking; -fi +# expand $ac_aux_dir to an absolute path +am_aux_dir=`cd $ac_aux_dir && pwd` -if test "x$enable_dependency_tracking" != xno; then - am_depcomp="$ac_aux_dir/depcomp" - AMDEPBACKSLASH='\' +if test x"${MISSING+set}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + MISSING="\${SHELL} \"$am_aux_dir/missing\"" ;; + *) + MISSING="\${SHELL} $am_aux_dir/missing" ;; + esac fi - if test "x$enable_dependency_tracking" != xno; then - AMDEP_TRUE= - AMDEP_FALSE='#' +# Use eval to expand $SHELL +if eval "$MISSING --is-lightweight"; then + am_missing_run="$MISSING " else - AMDEP_TRUE='#' - AMDEP_FALSE= + am_missing_run= + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: 'missing' script is too old or missing" >&5 +$as_echo "$as_me: WARNING: 'missing' script is too old or missing" >&2;} fi +if test x"${install_sh}" != xset; then + case $am_aux_dir in + *\ * | *\ *) + install_sh="\${SHELL} '$am_aux_dir/install-sh'" ;; + *) + install_sh="\${SHELL} $am_aux_dir/install-sh" + esac +fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. -set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# Installed binaries are usually stripped using 'strip' when the user +# run "make install-strip". However 'strip' might not be the right +# tool to use in cross-compilation environments, therefore Automake +# will honor the 'STRIP' environment variable to overrule this program. +if test "$cross_compiling" != no; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. +set dummy ${ac_tool_prefix}strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_STRIP+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. + if test -n "$STRIP"; then + ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="${ac_tool_prefix}gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_STRIP="${ac_tool_prefix}strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } +STRIP=$ac_cv_prog_STRIP +if test -n "$STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +$as_echo "$STRIP" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi fi -if test -z "$ac_cv_prog_CC"; then - ac_ct_CC=$CC - # Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$ac_cv_prog_STRIP"; then + ac_ct_STRIP=$STRIP + # Extract the first word of "strip", so it can be a program name with args. +set dummy strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_STRIP+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. + if test -n "$ac_ct_STRIP"; then + ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CC="gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_STRIP="strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } +ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP +if test -n "$ac_ct_STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +$as_echo "$ac_ct_STRIP" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - if test "x$ac_ct_CC" = x; then - CC="" + if test "x$ac_ct_STRIP" = x; then + STRIP=":" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - CC=$ac_ct_CC + STRIP=$ac_ct_STRIP fi else - CC="$ac_cv_prog_CC" + STRIP="$ac_cv_prog_STRIP" fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. -set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. +fi +INSTALL_STRIP_PROGRAM="\$(install_sh) -c -s" + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a thread-safe mkdir -p" >&5 +$as_echo_n "checking for a thread-safe mkdir -p... " >&6; } +if test -z "$MKDIR_P"; then + if ${ac_cv_path_mkdir+:} false; then : + $as_echo_n "(cached) " >&6 else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/opt/sfw/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="${ac_tool_prefix}cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done + for ac_prog in mkdir gmkdir; do + for ac_exec_ext in '' $ac_executable_extensions; do + as_fn_executable_p "$as_dir/$ac_prog$ac_exec_ext" || continue + case `"$as_dir/$ac_prog$ac_exec_ext" --version 2>&1` in #( + 'mkdir (GNU coreutils) '* | \ + 'mkdir (coreutils) '* | \ + 'mkdir (fileutils) '4.1*) + ac_cv_path_mkdir=$as_dir/$ac_prog$ac_exec_ext + break 3;; + esac + done + done + done IFS=$as_save_IFS fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - + test -d ./--version && rmdir ./--version + if test "${ac_cv_path_mkdir+set}" = set; then + MKDIR_P="$ac_cv_path_mkdir -p" + else + # As a last resort, use the slow shell script. Don't cache a + # value for MKDIR_P within a source directory, because that will + # break other packages using the cache if that directory is + # removed, or if the value is a relative name. + MKDIR_P="$ac_install_sh -d" fi fi -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $MKDIR_P" >&5 +$as_echo "$MKDIR_P" >&6; } + +for ac_prog in gawk mawk nawk awk +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_AWK+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. + if test -n "$AWK"; then + ac_cv_prog_AWK="$AWK" # Let the user override the test. else - ac_prog_rejected=no as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_AWK="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# != 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" - fi fi fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } +AWK=$ac_cv_prog_AWK +if test -n "$AWK"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AWK" >&5 +$as_echo "$AWK" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - for ac_prog in cl.exe - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done + test -n "$AWK" && break done -IFS=$as_save_IFS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ${MAKE-make} sets \$(MAKE)" >&5 +$as_echo_n "checking whether ${MAKE-make} sets \$(MAKE)... " >&6; } +set x ${MAKE-make} +ac_make=`$as_echo "$2" | sed 's/+/p/g; s/[^a-zA-Z0-9_]/_/g'` +if eval \${ac_cv_prog_make_${ac_make}_set+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat >conftest.make <<\_ACEOF +SHELL = /bin/sh +all: + @echo '@@@%%%=$(MAKE)=@@@%%%' +_ACEOF +# GNU make sometimes prints "make[1]: Entering ...", which would confuse us. +case `${MAKE-make} -f conftest.make 2>/dev/null` in + *@@@%%%=?*=@@@%%%*) + eval ac_cv_prog_make_${ac_make}_set=yes;; + *) + eval ac_cv_prog_make_${ac_make}_set=no;; +esac +rm -f conftest.make fi -fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } +if eval test \$ac_cv_prog_make_${ac_make}_set = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + SET_MAKE= else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + SET_MAKE="MAKE=${MAKE-make}" fi +rm -rf .tst 2>/dev/null +mkdir .tst 2>/dev/null +if test -d .tst; then + am__leading_dot=. +else + am__leading_dot=_ +fi +rmdir .tst 2>/dev/null - test -n "$CC" && break - done +# Check whether --enable-silent-rules was given. +if test "${enable_silent_rules+set}" = set; then : + enableval=$enable_silent_rules; fi -if test -z "$CC"; then - ac_ct_CC=$CC - for ac_prog in cl.exe -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CC="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS +case $enable_silent_rules in # ((( + yes) AM_DEFAULT_VERBOSITY=0;; + no) AM_DEFAULT_VERBOSITY=1;; + *) AM_DEFAULT_VERBOSITY=1;; +esac +am_make=${MAKE-make} +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 +$as_echo_n "checking whether $am_make supports nested variables... " >&6; } +if ${am_cv_make_support_nested_variables+:} false; then : + $as_echo_n "(cached) " >&6 +else + if $as_echo 'TRUE=$(BAR$(V)) +BAR0=false +BAR1=true +V=1 +am__doit: + @$(TRUE) +.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then + am_cv_make_support_nested_variables=yes +else + am_cv_make_support_nested_variables=no fi fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 +$as_echo "$am_cv_make_support_nested_variables" >&6; } +if test $am_cv_make_support_nested_variables = yes; then + AM_V='$(V)' + AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + AM_V=$AM_DEFAULT_VERBOSITY + AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY fi +AM_BACKSLASH='\' +if test "`cd $srcdir && pwd`" != "`pwd`"; then + # Use -I$(srcdir) only when $(srcdir) != ., so that make's output + # is not polluted with repeated "-I." + am__isrc=' -I$(srcdir)' + # test to see if srcdir already configured + if test -f $srcdir/config.status; then + as_fn_error $? "source directory already configured; run \"make distclean\" there first" "$LINENO" 5 + fi +fi - test -n "$ac_ct_CC" && break -done - - if test "x$ac_ct_CC" = x; then - CC="" +# test whether we have cygpath +if test -z "$CYGPATH_W"; then + if (cygpath --version) >/dev/null 2>/dev/null; then + CYGPATH_W='cygpath -w' else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC + CYGPATH_W=echo fi fi -fi +# Define the identity of the package. + PACKAGE='cyassl' + VERSION='3.1.0' -test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&5 -echo "$as_me: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } +# Some tools Automake needs. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ +ACLOCAL=${ACLOCAL-"${am_missing_run}aclocal-${am__api_version}"} -int -main () -{ - ; - return 0; -} -_ACEOF -ac_clean_files_save=$ac_clean_files -ac_clean_files="$ac_clean_files a.out a.exe b.out" -# Try to create an executable without -o first, disregard a.out. -# It will help us diagnose broken compilers, and finding out an intuition -# of exeext. -{ echo "$as_me:$LINENO: checking for C compiler default output file name" >&5 -echo $ECHO_N "checking for C compiler default output file name... $ECHO_C" >&6; } -ac_link_default=`echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` -# -# List of possible output files, starting from the most likely. -# The algorithm is not robust to junk in `.', hence go to wildcards (a.*) -# only as a last resort. b.out is created by i960 compilers. -ac_files='a_out.exe a.exe conftest.exe a.out conftest a.* conftest.* b.out' -# -# The IRIX 6 linker writes into existing files which may not be -# executable, retaining their permissions. Remove them first so a -# subsequent execution test works. -ac_rmfiles= -for ac_file in $ac_files -do - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; - * ) ac_rmfiles="$ac_rmfiles $ac_file";; - esac -done -rm -f $ac_rmfiles +AUTOCONF=${AUTOCONF-"${am_missing_run}autoconf"} -if { (ac_try="$ac_link_default" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link_default") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. -# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' -# in a Makefile. We should not override ac_cv_exeext if it was cached, -# so that the user can short-circuit this test for compilers unknown to -# Autoconf. -for ac_file in $ac_files '' -do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) - ;; - [ab].out ) - # We found the default executable, but exeext='' is most - # certainly right. - break;; - *.* ) - if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; - then :; else - ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - fi - # We set ac_cv_exeext here because the later test for it is not - # safe: cross compilers may not add the suffix if given an `-o' - # argument, so we may need to know it at that point already. - # Even if this section looks crufty: it has the advantage of - # actually working. - break;; - * ) - break;; - esac -done -test "$ac_cv_exeext" = no && ac_cv_exeext= -else - ac_file='' -fi +AUTOMAKE=${AUTOMAKE-"${am_missing_run}automake-${am__api_version}"} -{ echo "$as_me:$LINENO: result: $ac_file" >&5 -echo "${ECHO_T}$ac_file" >&6; } -if test -z "$ac_file"; then - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 -{ { echo "$as_me:$LINENO: error: C compiler cannot create executables -See \`config.log' for more details." >&5 -echo "$as_me: error: C compiler cannot create executables -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } -fi +AUTOHEADER=${AUTOHEADER-"${am_missing_run}autoheader"} -ac_exeext=$ac_cv_exeext -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ echo "$as_me:$LINENO: checking whether the C compiler works" >&5 -echo $ECHO_N "checking whether the C compiler works... $ECHO_C" >&6; } -# FIXME: These cross compiler hacks should be removed for Autoconf 3.0 -# If not cross compiling, check that we can run a simple program. -if test "$cross_compiling" != yes; then - if { ac_try='./$ac_file' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - cross_compiling=no - else - if test "$cross_compiling" = maybe; then - cross_compiling=yes - else - { { echo "$as_me:$LINENO: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot run C compiled programs. -If you meant to cross compile, use \`--host'. -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } - fi - fi -fi -{ echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } +MAKEINFO=${MAKEINFO-"${am_missing_run}makeinfo"} -rm -f a.out a.exe conftest$ac_cv_exeext b.out -ac_clean_files=$ac_clean_files_save -# Check that the compiler produces executables we can run. If not, either -# the compiler is broken, or we cross compile. -{ echo "$as_me:$LINENO: checking whether we are cross compiling" >&5 -echo $ECHO_N "checking whether we are cross compiling... $ECHO_C" >&6; } -{ echo "$as_me:$LINENO: result: $cross_compiling" >&5 -echo "${ECHO_T}$cross_compiling" >&6; } - -{ echo "$as_me:$LINENO: checking for suffix of executables" >&5 -echo $ECHO_N "checking for suffix of executables... $ECHO_C" >&6; } -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # If both `conftest.exe' and `conftest' are `present' (well, observable) -# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will -# work properly (i.e., refer to `conftest.exe'), while it won't with -# `rm'. -for ac_file in conftest.exe conftest conftest.*; do - test -f "$ac_file" || continue - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.o | *.obj ) ;; - *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` - break;; - * ) break;; - esac -done -else - { { echo "$as_me:$LINENO: error: cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of executables: cannot compile and link -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi +# For better backward compatibility. To be removed once Automake 1.9.x +# dies out for good. For more background, see: +# +# +mkdir_p='$(MKDIR_P)' -rm -f conftest$ac_cv_exeext -{ echo "$as_me:$LINENO: result: $ac_cv_exeext" >&5 -echo "${ECHO_T}$ac_cv_exeext" >&6; } +# We need awk for the "check" target. The system "awk" is bad on +# some platforms. +# Always define AMTAR for backward compatibility. Yes, it's still used +# in the wild :-( We should find a proper way to deprecate it ... +AMTAR='$${TAR-tar}' -rm -f conftest.$ac_ext -EXEEXT=$ac_cv_exeext -ac_exeext=$EXEEXT -{ echo "$as_me:$LINENO: checking for suffix of object files" >&5 -echo $ECHO_N "checking for suffix of object files... $ECHO_C" >&6; } -if test "${ac_cv_objext+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -int -main () -{ +# We'll loop over all known methods to create a tar archive until one works. +_am_tools='gnutar plaintar pax cpio none' - ; - return 0; -} -_ACEOF -rm -f conftest.o conftest.obj -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - for ac_file in conftest.o conftest.obj conftest.*; do - test -f "$ac_file" || continue; - case $ac_file in - *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf ) ;; - *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` - break;; - esac -done -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - -{ { echo "$as_me:$LINENO: error: cannot compute suffix of object files: cannot compile -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute suffix of object files: cannot compile -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi +# The POSIX 1988 'ustar' format is defined with fixed-size fields. + # There is notably a 21 bits limit for the UID and the GID. In fact, + # the 'pax' utility can hang on bigger UID/GID (see automake bug#8343 + # and bug#13588). + am_max_uid=2097151 # 2^21 - 1 + am_max_gid=$am_max_uid + # The $UID and $GID variables are not portable, so we need to resort + # to the POSIX-mandated id(1) utility. Errors in the 'id' calls + # below are definitely unexpected, so allow the users to see them + # (that is, avoid stderr redirection). + am_uid=`id -u || echo unknown` + am_gid=`id -g || echo unknown` + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether UID '$am_uid' is supported by ustar format" >&5 +$as_echo_n "checking whether UID '$am_uid' is supported by ustar format... " >&6; } + if test $am_uid -le $am_max_uid; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + _am_tools=none + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether GID '$am_gid' is supported by ustar format" >&5 +$as_echo_n "checking whether GID '$am_gid' is supported by ustar format... " >&6; } + if test $am_gid -le $am_max_gid; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + _am_tools=none + fi -rm -f conftest.$ac_cv_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_objext" >&5 -echo "${ECHO_T}$ac_cv_objext" >&6; } -OBJEXT=$ac_cv_objext -ac_objext=$OBJEXT -{ echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; } -if test "${ac_cv_c_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ + { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to create a ustar tar archive" >&5 +$as_echo_n "checking how to create a ustar tar archive... " >&6; } -int -main () -{ -#ifndef __GNUC__ - choke me -#endif + # Go ahead even if we have the value already cached. We do so because we + # need to set the values for the 'am__tar' and 'am__untar' variables. + _am_tools=${am_cv_prog_tar_ustar-$_am_tools} - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + for _am_tool in $_am_tools; do + case $_am_tool in + gnutar) + for _am_tar in tar gnutar gtar; do + { echo "$as_me:$LINENO: $_am_tar --version" >&5 + ($_am_tar --version) >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } && break + done + am__tar="$_am_tar --format=ustar -chf - "'"$$tardir"' + am__tar_="$_am_tar --format=ustar -chf - "'"$tardir"' + am__untar="$_am_tar -xf -" + ;; + plaintar) + # Must skip GNU tar: if it does not support --format= it doesn't create + # ustar tarball either. + (tar --version) >/dev/null 2>&1 && continue + am__tar='tar chf - "$$tardir"' + am__tar_='tar chf - "$tardir"' + am__untar='tar xf -' + ;; + pax) + am__tar='pax -L -x ustar -w "$$tardir"' + am__tar_='pax -L -x ustar -w "$tardir"' + am__untar='pax -r' + ;; + cpio) + am__tar='find "$$tardir" -print | cpio -o -H ustar -L' + am__tar_='find "$tardir" -print | cpio -o -H ustar -L' + am__untar='cpio -i -H ustar -d' + ;; + none) + am__tar=false + am__tar_=false + am__untar=false + ;; + esac - ac_compiler_gnu=no -fi + # If the value was cached, stop now. We just wanted to have am__tar + # and am__untar set. + test -n "${am_cv_prog_tar_ustar}" && break -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_c_compiler_gnu=$ac_compiler_gnu + # tar/untar a dummy directory, and stop if the command works. + rm -rf conftest.dir + mkdir conftest.dir + echo GrepMe > conftest.dir/file + { echo "$as_me:$LINENO: tardir=conftest.dir && eval $am__tar_ >conftest.tar" >&5 + (tardir=conftest.dir && eval $am__tar_ >conftest.tar) >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } + rm -rf conftest.dir + if test -s conftest.tar; then + { echo "$as_me:$LINENO: $am__untar &5 + ($am__untar &5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } + { echo "$as_me:$LINENO: cat conftest.dir/file" >&5 + (cat conftest.dir/file) >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } + grep GrepMe conftest.dir/file >/dev/null 2>&1 && break + fi + done + rm -rf conftest.dir -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6; } -GCC=`test $ac_compiler_gnu = yes && echo yes` -ac_test_CFLAGS=${CFLAGS+set} -ac_save_CFLAGS=$CFLAGS -{ echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 -echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if ${am_cv_prog_tar_ustar+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_save_c_werror_flag=$ac_c_werror_flag - ac_c_werror_flag=yes - ac_cv_prog_cc_g=no - CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ + am_cv_prog_tar_ustar=$_am_tool +fi -int -main () -{ + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_tar_ustar" >&5 +$as_echo "$am_cv_prog_tar_ustar" >&6; } - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - CFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -int -main () -{ - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_c_werror_flag=$ac_save_c_werror_flag - CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -int -main () -{ +# POSIX will say in a future version that running "rm -f" with no argument +# is OK; and we want to be able to make that assumption in our Makefile +# recipes. So use an aggressive probe to check that the usage we want is +# actually supported "in the wild" to an acceptable degree. +# See automake bug#10828. +# To make any issue more visible, cause the running configure to be aborted +# by default if the 'rm' program in use doesn't match our expectations; the +# user can still override this though. +if rm -f && rm -fr && rm -rf; then : OK; else + cat >&2 <<'END' +Oops! - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +Your 'rm' program seems unable to run without file operands specified +on the command line, even when the '-f' option is present. This is contrary +to the behaviour of most rm programs out there, and not conforming with +the upcoming POSIX standard: +Please tell bug-automake@gnu.org about your system, including the value +of your $PATH and any error possibly output before this message. This +can help us improve future automake versions. -fi +END + if test x"$ACCEPT_INFERIOR_RM_PROGRAM" = x"yes"; then + echo 'Configuration will proceed anyway, since you have set the' >&2 + echo 'ACCEPT_INFERIOR_RM_PROGRAM variable to "yes"' >&2 + echo >&2 + else + cat >&2 <<'END' +Aborting the configuration process, to ensure you take notice of the issue. -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi +You can download and install GNU coreutils to get an 'rm' implementation +that behaves properly: . -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi +If you want to complete the configuration process using your problematic +'rm' anyway, export the environment variable ACCEPT_INFERIOR_RM_PROGRAM +to "yes", and re-run configure. -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then - CFLAGS=$ac_save_CFLAGS -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi -else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= +END + as_fn_error $? "Your 'rm' program is bad, sorry." "$LINENO" 5 fi fi -{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5 -echo $ECHO_N "checking for $CC option to accept ISO C89... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_c89+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_prog_cc_c89=no -ac_save_CC=$CC -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; -int -main () -{ -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; - ; - return 0; -} -_ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_c89=$ac_arg -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +#PROTECT_AC_USE_SYSTEM_EXTENSIONS -fi -rm -f core conftest.err conftest.$ac_objext - test "x$ac_cv_prog_cc_c89" != "xno" && break -done -rm -f conftest.$ac_ext -CC=$ac_save_CC -fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { echo "$as_me:$LINENO: result: none needed" >&5 -echo "${ECHO_T}none needed" >&6; } ;; - xno) - { echo "$as_me:$LINENO: result: unsupported" >&5 -echo "${ECHO_T}unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_c89" >&6; } ;; -esac +ac_config_headers="$ac_config_headers config.h:config.in" +#shared library versioning +CYASSL_LIBRARY_VERSION=5:6:0 +# | | | +# +------+ | +---+ +# | | | +# current:revision:age +# | | | +# | | +- increment if interfaces have been added +# | | set to zero if interfaces have been removed +# | or changed +# | +- increment if source code has changed +# | set to zero if current is incremented +# +- increment if interfaces have been added, removed or changed -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -depcc="$CC" am_compiler_list= +# capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even +# if user doesn't override, no way to tell +USER_C_EXTRA_FLAGS="$C_EXTRA_FLAGS" -{ echo "$as_me:$LINENO: checking dependency style of $depcc" >&5 -echo $ECHO_N "checking dependency style of $depcc... $ECHO_C" >&6; } -if test "${am_cv_CC_dependencies_compiler_type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then - # We make a subdir and do the tests there. Otherwise we can end up - # making bogus files that we don't know about and never remove. For - # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named `D' -- because `-MD' means `put the output - # in D'. - mkdir conftest.dir - # Copy depcomp to subdir because otherwise we won't find it if we're - # using a relative directory. - cp "$am_depcomp" conftest.dir - cd conftest.dir - # We will build objects and dependencies in a subdirectory because - # it helps to detect inapplicable dependency modes. For instance - # both Tru64's cc and ICC support -MD to output dependencies as a - # side effect of compilation, but ICC will put the dependencies in - # the current directory while Tru64 will put them in the object - # directory. - mkdir sub - am_cv_CC_dependencies_compiler_type=none - if test "$am_compiler_list" = ""; then - am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` - fi - for depmode in $am_compiler_list; do - # Setup a source with many dependencies, because some compilers - # like to wrap large dependency lists on column 80 (with \), and - # we should not choose a depcomp mode which is confused by this. - # - # We need to recreate these files for each test, as the compiler may - # overwrite some of them when testing with obscure command lines. - # This happens at least with the AIX C compiler. - : > sub/conftest.c - for i in 1 2 3 4 5 6; do - echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with - # Solaris 8's {/usr,}/bin/sh. - touch sub/conftst$i.h - done - echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf +case `pwd` in + *\ * | *\ *) + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&5 +$as_echo "$as_me: WARNING: Libtool does not cope well with whitespace in \`pwd\`" >&2;} ;; +esac - case $depmode in - nosideeffect) - # after this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested - if test "x$enable_dependency_tracking" = xyes; then - continue - else - break - fi - ;; - none) break ;; - esac - # We check with `-c' and `-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle `-M -o', and we need to detect this. - if depmode=$depmode \ - source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ - depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ - >/dev/null 2>conftest.err && - grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && - ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - # icc doesn't choke on unknown options, it will just issue warnings - # or remarks (even with -Werror). So we grep stderr for any message - # that says an option was ignored or not supported. - # When given -MP, icc 7.0 and 7.1 complain thusly: - # icc: Command line warning: ignoring option '-M'; no argument required - # The diagnosis changed in icc 8.0: - # icc: Command line remark: option '-MP' not supported - if (grep 'ignoring option' conftest.err || - grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else - am_cv_CC_dependencies_compiler_type=$depmode - break - fi - fi - done - cd .. - rm -rf conftest.dir -else - am_cv_CC_dependencies_compiler_type=none -fi -fi -{ echo "$as_me:$LINENO: result: $am_cv_CC_dependencies_compiler_type" >&5 -echo "${ECHO_T}$am_cv_CC_dependencies_compiler_type" >&6; } -CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type +macro_version='2.4.2' +macro_revision='1.3337' - if - test "x$enable_dependency_tracking" != xno \ - && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then - am__fastdepCC_TRUE= - am__fastdepCC_FALSE='#' -else - am__fastdepCC_TRUE='#' - am__fastdepCC_FALSE= -fi -{ echo "$as_me:$LINENO: checking for a sed that does not truncate output" >&5 -echo $ECHO_N "checking for a sed that does not truncate output... $ECHO_C" >&6; } -if test "${ac_cv_path_SED+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ - for ac_i in 1 2 3 4 5 6 7; do - ac_script="$ac_script$as_nl$ac_script" - done - echo "$ac_script" | sed 99q >conftest.sed - $as_unset ac_script || ac_script= - # Extract the first word of "sed gsed" to use in msg output -if test -z "$SED"; then -set dummy sed gsed; ac_prog_name=$2 -if test "${ac_cv_path_SED+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_path_SED_found=false -# Loop through the user's path and test for each of PROGNAME-LIST -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in sed gsed; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_SED" && $as_test_x "$ac_path_SED"; } || continue - # Check for GNU ac_path_SED and select it if it is found. - # Check for GNU $ac_path_SED -case `"$ac_path_SED" --version 2>&1` in -*GNU*) - ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; -*) - ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - echo '' >> "conftest.nl" - "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` - if test $ac_count -gt ${ac_path_SED_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_SED="$ac_path_SED" - ac_path_SED_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - $ac_path_SED_found && break 3 - done -done -done -IFS=$as_save_IFS -fi -SED="$ac_cv_path_SED" -if test -z "$SED"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in \$PATH" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in \$PATH" >&2;} - { (exit 1); exit 1; }; } -fi + + + +ltmain="$ac_aux_dir/ltmain.sh" + +# Backslashify metacharacters that are still active within +# double-quoted strings. +sed_quote_subst='s/\(["`$\\]\)/\\\1/g' + +# Same as above, but do not quote variable references. +double_quote_subst='s/\(["`\\]\)/\\\1/g' + +# Sed substitution to delay expansion of an escaped shell variable in a +# double_quote_subst'ed string. +delay_variable_subst='s/\\\\\\\\\\\$/\\\\\\$/g' + +# Sed substitution to delay expansion of an escaped single quote. +delay_single_quote_subst='s/'\''/'\'\\\\\\\'\''/g' + +# Sed substitution to avoid accidental globbing in evaled expressions +no_glob_subst='s/\*/\\\*/g' + +ECHO='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO +ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to print strings" >&5 +$as_echo_n "checking how to print strings... " >&6; } +# Test print first, because it will be a builtin if present. +if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ + test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='print -r --' +elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then + ECHO='printf %s\n' else - ac_cv_path_SED=$SED + # Use this function as a fallback that always works. + func_fallback_echo () + { + eval 'cat <<_LTECHO_EOF +$1 +_LTECHO_EOF' + } + ECHO='func_fallback_echo' fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_SED" >&5 -echo "${ECHO_T}$ac_cv_path_SED" >&6; } - SED="$ac_cv_path_SED" - rm -f conftest.sed +# func_echo_all arg... +# Invoke $ECHO with all args, space-separated. +func_echo_all () +{ + $ECHO "" +} -test -z "$SED" && SED=sed -Xsed="$SED -e 1s/^X//" +case "$ECHO" in + printf*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: printf" >&5 +$as_echo "printf" >&6; } ;; + print*) { $as_echo "$as_me:${as_lineno-$LINENO}: result: print -r" >&5 +$as_echo "print -r" >&6; } ;; + *) { $as_echo "$as_me:${as_lineno-$LINENO}: result: cat" >&5 +$as_echo "cat" >&6; } ;; +esac @@ -3979,1145 +3817,1449 @@ Xsed="$SED -e 1s/^X//" -{ echo "$as_me:$LINENO: checking for grep that handles long lines and -e" >&5 -echo $ECHO_N "checking for grep that handles long lines and -e... $ECHO_C" >&6; } -if test "${ac_cv_path_GREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # Extract the first word of "grep ggrep" to use in msg output -if test -z "$GREP"; then -set dummy grep ggrep; ac_prog_name=$2 -if test "${ac_cv_path_GREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_path_GREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_prog in grep ggrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_GREP" && $as_test_x "$ac_path_GREP"; } || continue - # Check for GNU ac_path_GREP and select it if it is found. - # Check for GNU $ac_path_GREP -case `"$ac_path_GREP" --version 2>&1` in -*GNU*) - ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; -*) - ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - echo 'GREP' >> "conftest.nl" - "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` - if test $ac_count -gt ${ac_path_GREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_GREP="$ac_path_GREP" - ac_path_GREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break - done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac - $ac_path_GREP_found && break 3 - done -done -done -IFS=$as_save_IFS +DEPDIR="${am__leading_dot}deps" +ac_config_commands="$ac_config_commands depfiles" -fi -GREP="$ac_cv_path_GREP" -if test -z "$GREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } +am_make=${MAKE-make} +cat > confinc << 'END' +am__doit: + @echo this is the am__doit target +.PHONY: am__doit +END +# If we don't find an include directive, just comment out the code. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for style of include used by $am_make" >&5 +$as_echo_n "checking for style of include used by $am_make... " >&6; } +am__include="#" +am__quote= +_am_result=none +# First try GNU make style include. +echo "include confinc" > confmf +# Ignore all kinds of additional output from 'make'. +case `$am_make -s -f confmf 2> /dev/null` in #( +*the\ am__doit\ target*) + am__include=include + am__quote= + _am_result=GNU + ;; +esac +# Now try BSD make style include. +if test "$am__include" = "#"; then + echo '.include "confinc"' > confmf + case `$am_make -s -f confmf 2> /dev/null` in #( + *the\ am__doit\ target*) + am__include=.include + am__quote="\"" + _am_result=BSD + ;; + esac fi -else - ac_cv_path_GREP=$GREP -fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $_am_result" >&5 +$as_echo "$_am_result" >&6; } +rm -f confinc confmf +# Check whether --enable-dependency-tracking was given. +if test "${enable_dependency_tracking+set}" = set; then : + enableval=$enable_dependency_tracking; fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_GREP" >&5 -echo "${ECHO_T}$ac_cv_path_GREP" >&6; } - GREP="$ac_cv_path_GREP" - -{ echo "$as_me:$LINENO: checking for egrep" >&5 -echo $ECHO_N "checking for egrep... $ECHO_C" >&6; } -if test "${ac_cv_path_EGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "x$enable_dependency_tracking" != xno; then + am_depcomp="$ac_aux_dir/depcomp" + AMDEPBACKSLASH='\' + am__nodep='_no' +fi + if test "x$enable_dependency_tracking" != xno; then + AMDEP_TRUE= + AMDEP_FALSE='#' else - if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 - then ac_cv_path_EGREP="$GREP -E" - else - # Extract the first word of "egrep" to use in msg output -if test -z "$EGREP"; then -set dummy egrep; ac_prog_name=$2 -if test "${ac_cv_path_EGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + AMDEP_TRUE='#' + AMDEP_FALSE= +fi + + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. +set dummy ${ac_tool_prefix}gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. else - ac_path_EGREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_prog in egrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_EGREP" && $as_test_x "$ac_path_EGREP"; } || continue - # Check for GNU ac_path_EGREP and select it if it is found. - # Check for GNU $ac_path_EGREP -case `"$ac_path_EGREP" --version 2>&1` in -*GNU*) - ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; -*) - ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - echo 'EGREP' >> "conftest.nl" - "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` - if test $ac_count -gt ${ac_path_EGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_EGREP="$ac_path_EGREP" - ac_path_EGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac +IFS=$as_save_IFS +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi - $ac_path_EGREP_found && break 3 - done -done +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi done + done IFS=$as_save_IFS - fi - -EGREP="$ac_cv_path_EGREP" -if test -z "$EGREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } fi - +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } else - ac_cv_path_EGREP=$EGREP + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - - fi + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_EGREP" >&5 -echo "${ECHO_T}$ac_cv_path_EGREP" >&6; } - EGREP="$ac_cv_path_EGREP" - -{ echo "$as_me:$LINENO: checking for fgrep" >&5 -echo $ECHO_N "checking for fgrep... $ECHO_C" >&6; } -if test "${ac_cv_path_FGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. +set dummy ${ac_tool_prefix}cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 else - if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1 - then ac_cv_path_FGREP="$GREP -F" - else - # Extract the first word of "fgrep" to use in msg output -if test -z "$FGREP"; then -set dummy fgrep; ac_prog_name=$2 -if test "${ac_cv_path_FGREP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. else - ac_path_FGREP_found=false -# Loop through the user's path and test for each of PROGNAME-LIST as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_prog in fgrep; do - for ac_exec_ext in '' $ac_executable_extensions; do - ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" - { test -f "$ac_path_FGREP" && $as_test_x "$ac_path_FGREP"; } || continue - # Check for GNU ac_path_FGREP and select it if it is found. - # Check for GNU $ac_path_FGREP -case `"$ac_path_FGREP" --version 2>&1` in -*GNU*) - ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;; -*) - ac_count=0 - echo $ECHO_N "0123456789$ECHO_C" >"conftest.in" - while : - do - cat "conftest.in" "conftest.in" >"conftest.tmp" - mv "conftest.tmp" "conftest.in" - cp "conftest.in" "conftest.nl" - echo 'FGREP' >> "conftest.nl" - "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break - diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break - ac_count=`expr $ac_count + 1` - if test $ac_count -gt ${ac_path_FGREP_max-0}; then - # Best one so far, save it but keep looking for a better one - ac_cv_path_FGREP="$ac_path_FGREP" - ac_path_FGREP_max=$ac_count - fi - # 10*(2^10) chars as input seems more than enough - test $ac_count -gt 10 && break + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done done - rm -f conftest.in conftest.tmp conftest.nl conftest.out;; -esac +IFS=$as_save_IFS +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi - $ac_path_FGREP_found && break 3 - done -done + fi +fi +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + ac_prog_rejected=no +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi done + done IFS=$as_save_IFS - +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# != 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + fi fi - -FGREP="$ac_cv_path_FGREP" -if test -z "$FGREP"; then - { { echo "$as_me:$LINENO: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&5 -echo "$as_me: error: no acceptable $ac_prog_name could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" >&2;} - { (exit 1); exit 1; }; } fi - +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } else - ac_cv_path_FGREP=$FGREP + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_path_FGREP" >&5 -echo "${ECHO_T}$ac_cv_path_FGREP" >&6; } - FGREP="$ac_cv_path_FGREP" - - -test -z "$GREP" && GREP=grep - +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + for ac_prog in cl.exe + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + test -n "$CC" && break + done +fi +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cl.exe +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + test -n "$ac_ct_CC" && break +done + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +fi +fi +test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "no acceptable C compiler found in \$PATH +See \`config.log' for more details" "$LINENO" 5; } +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ + ; + return 0; +} +_ACEOF +ac_clean_files_save=$ac_clean_files +ac_clean_files="$ac_clean_files a.out a.out.dSYM a.exe b.out" +# Try to create an executable without -o first, disregard a.out. +# It will help us diagnose broken compilers, and finding out an intuition +# of exeext. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler works" >&5 +$as_echo_n "checking whether the C compiler works... " >&6; } +ac_link_default=`$as_echo "$ac_link" | sed 's/ -o *conftest[^ ]*//'` +# The possible output files: +ac_files="a.out conftest.exe conftest a.exe a_out.exe b.out conftest.*" +ac_rmfiles= +for ac_file in $ac_files +do + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + * ) ac_rmfiles="$ac_rmfiles $ac_file";; + esac +done +rm -f $ac_rmfiles +if { { ac_try="$ac_link_default" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link_default") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # Autoconf-2.13 could set the ac_cv_exeext variable to `no'. +# So ignore a value of `no', otherwise this would lead to `EXEEXT = no' +# in a Makefile. We should not override ac_cv_exeext if it was cached, +# so that the user can short-circuit this test for compilers unknown to +# Autoconf. +for ac_file in $ac_files '' +do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) + ;; + [ab].out ) + # We found the default executable, but exeext='' is most + # certainly right. + break;; + *.* ) + if test "${ac_cv_exeext+set}" = set && test "$ac_cv_exeext" != no; + then :; else + ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + fi + # We set ac_cv_exeext here because the later test for it is not + # safe: cross compilers may not add the suffix if given an `-o' + # argument, so we may need to know it at that point already. + # Even if this section looks crufty: it has the advantage of + # actually working. + break;; + * ) + break;; + esac +done +test "$ac_cv_exeext" = no && ac_cv_exeext= -# Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then - withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes else - with_gnu_ld=no + ac_file='' fi +if test -z "$ac_file"; then : + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +$as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 -ac_prog=ld -if test "$GCC" = yes; then - # Check if gcc -print-prog-name=ld gives a path. - { echo "$as_me:$LINENO: checking for ld used by $CC" >&5 -echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } - case $host in - *-*-mingw*) - # gcc leaves a trailing carriage return which upsets mingw - ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; - *) - ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; - esac - case $ac_prog in - # Accept absolute paths. - [\\/]* | ?:[\\/]*) - re_direlt='/[^/][^/]*/\.\./' - # Canonicalize the pathname of ld - ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` - while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do - ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` - done - test -z "$LD" && LD="$ac_prog" - ;; - "") - # If it fails, then pretend we aren't using GCC. - ac_prog=ld - ;; - *) - # If it is relative, then search for the first ld in PATH. - with_gnu_ld=unknown - ;; - esac -elif test "$with_gnu_ld" = yes; then - { echo "$as_me:$LINENO: checking for GNU ld" >&5 -echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; } -else - { echo "$as_me:$LINENO: checking for non-GNU ld" >&5 -echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; } -fi -if test "${lt_cv_path_LD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -z "$LD"; then - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then - lt_cv_path_LD="$ac_dir/$ac_prog" - # Check to see if the program is GNU ld. I'd rather use --version, - # but apparently some variants of GNU ld only accept -v. - # Break only if it was the GNU/non-GNU ld that we prefer. - case `"$lt_cv_path_LD" -v 2>&1 &5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "C compiler cannot create executables +See \`config.log' for more details" "$LINENO" 5; } else - lt_cv_path_LD="$LD" # Let the user override the test with a path. -fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler default output file name" >&5 +$as_echo_n "checking for C compiler default output file name... " >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_file" >&5 +$as_echo "$ac_file" >&6; } +ac_exeext=$ac_cv_exeext -LD="$lt_cv_path_LD" -if test -n "$LD"; then - { echo "$as_me:$LINENO: result: $LD" >&5 -echo "${ECHO_T}$LD" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi -test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5 -echo "$as_me: error: no acceptable ld found in \$PATH" >&2;} - { (exit 1); exit 1; }; } -{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5 -echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; } -if test "${lt_cv_prog_gnu_ld+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - # I'd rather use --version here, but apparently some GNU lds only accept -v. -case `$LD -v 2>&1 &5 +$as_echo_n "checking for suffix of executables... " >&6; } +if { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + # If both `conftest.exe' and `conftest' are `present' (well, observable) +# catch `conftest.exe'. For instance with Cygwin, `ls conftest' will +# work properly (i.e., refer to `conftest.exe'), while it won't with +# `rm'. +for ac_file in conftest.exe conftest conftest.*; do + test -f "$ac_file" || continue + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM | *.o | *.obj ) ;; + *.* ) ac_cv_exeext=`expr "$ac_file" : '[^.]*\(\..*\)'` + break;; + * ) break;; + esac +done +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of executables: cannot compile and link +See \`config.log' for more details" "$LINENO" 5; } fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_gnu_ld" >&5 -echo "${ECHO_T}$lt_cv_prog_gnu_ld" >&6; } -with_gnu_ld=$lt_cv_prog_gnu_ld +rm -f conftest conftest$ac_cv_exeext +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_exeext" >&5 +$as_echo "$ac_cv_exeext" >&6; } +rm -f conftest.$ac_ext +EXEEXT=$ac_cv_exeext +ac_exeext=$EXEEXT +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ +FILE *f = fopen ("conftest.out", "w"); + return ferror (f) || fclose (f) != 0; + ; + return 0; +} +_ACEOF +ac_clean_files="$ac_clean_files conftest.out" +# Check that the compiler produces executables we can run. If not, either +# the compiler is broken, or we cross compile. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are cross compiling" >&5 +$as_echo_n "checking whether we are cross compiling... " >&6; } +if test "$cross_compiling" != yes; then + { { ac_try="$ac_link" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_link") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if { ac_try='./conftest$ac_cv_exeext' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + cross_compiling=no + else + if test "$cross_compiling" = maybe; then + cross_compiling=yes + else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot run C compiled programs. +If you meant to cross compile, use \`--host'. +See \`config.log' for more details" "$LINENO" 5; } + fi + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $cross_compiling" >&5 +$as_echo "$cross_compiling" >&6; } +rm -f conftest.$ac_ext conftest$ac_cv_exeext conftest.out +ac_clean_files=$ac_clean_files_save +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for suffix of object files" >&5 +$as_echo_n "checking for suffix of object files... " >&6; } +if ${ac_cv_objext+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ + ; + return 0; +} +_ACEOF +rm -f conftest.o conftest.obj +if { { ac_try="$ac_compile" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compile") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then : + for ac_file in conftest.o conftest.obj conftest.*; do + test -f "$ac_file" || continue; + case $ac_file in + *.$ac_ext | *.xcoff | *.tds | *.d | *.pdb | *.xSYM | *.bb | *.bbg | *.map | *.inf | *.dSYM ) ;; + *) ac_cv_objext=`expr "$ac_file" : '.*\.\(.*\)'` + break;; + esac +done +else + $as_echo "$as_me: failed program was:" >&5 +sed 's/^/| /' conftest.$ac_ext >&5 +{ { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "cannot compute suffix of object files: cannot compile +See \`config.log' for more details" "$LINENO" 5; } +fi +rm -f conftest.$ac_cv_objext conftest.$ac_ext +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_objext" >&5 +$as_echo "$ac_cv_objext" >&6; } +OBJEXT=$ac_cv_objext +ac_objext=$OBJEXT +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 +$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } +if ${ac_cv_c_compiler_gnu+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_compiler_gnu=yes +else + ac_compiler_gnu=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu -{ echo "$as_me:$LINENO: checking for BSD- or MS-compatible name lister (nm)" >&5 -echo $ECHO_N "checking for BSD- or MS-compatible name lister (nm)... $ECHO_C" >&6; } -if test "${lt_cv_path_NM+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +$as_echo "$ac_cv_c_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GCC=yes else - if test -n "$NM"; then - # Let the user override the test. - lt_cv_path_NM="$NM" + GCC= +fi +ac_test_CFLAGS=${CFLAGS+set} +ac_save_CFLAGS=$CFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +$as_echo_n "checking whether $CC accepts -g... " >&6; } +if ${ac_cv_prog_cc_g+:} false; then : + $as_echo_n "(cached) " >&6 else - lt_nm_to_check="${ac_tool_prefix}nm" - if test -n "$ac_tool_prefix" && test "$build" = "$host"; then - lt_nm_to_check="$lt_nm_to_check nm" - fi - for lt_tmp_nm in $lt_nm_to_check; do - lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR - for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do - IFS="$lt_save_ifs" - test -z "$ac_dir" && ac_dir=. - tmp_nm="$ac_dir/$lt_tmp_nm" - if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then - # Check to see if the nm accepts a BSD-compat flag. - # Adding the `sed 1q' prevents false positives on HP-UX, which says: - # nm: unknown option "B" ignored - # Tru64's nm complains that /dev/null is an invalid object file - case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in - */dev/null* | *'Invalid file or object type'*) - lt_cv_path_NM="$tmp_nm -B" - break - ;; - *) - case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in - */dev/null*) - lt_cv_path_NM="$tmp_nm -p" - break - ;; - *) - lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but - continue # so that we can try to find one that supports BSD flags - ;; - esac - ;; - esac - fi - done - IFS="$lt_save_ifs" - done - : ${lt_cv_path_NM=no} -fi -fi -{ echo "$as_me:$LINENO: result: $lt_cv_path_NM" >&5 -echo "${ECHO_T}$lt_cv_path_NM" >&6; } -if test "$lt_cv_path_NM" != "no"; then - NM="$lt_cv_path_NM" -else - # Didn't find any BSD compatible name lister, look for dumpbin. - if test -n "$DUMPBIN"; then : - # Let the user override the test. - else - if test -n "$ac_tool_prefix"; then - for ac_prog in dumpbin "link -dump" - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_DUMPBIN+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + ac_save_c_werror_flag=$ac_c_werror_flag + ac_c_werror_flag=yes + ac_cv_prog_cc_g=no + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes else - if test -n "$DUMPBIN"; then - ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test. + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS + ac_c_werror_flag=$ac_save_c_werror_flag + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi -DUMPBIN=$ac_cv_prog_DUMPBIN -if test -n "$DUMPBIN"; then - { echo "$as_me:$LINENO: result: $DUMPBIN" >&5 -echo "${ECHO_T}$DUMPBIN" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi - - - test -n "$DUMPBIN" && break - done +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_c_werror_flag=$ac_save_c_werror_flag fi -if test -z "$DUMPBIN"; then - ac_ct_DUMPBIN=$DUMPBIN - for ac_prog in dumpbin "link -dump" -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_DUMPBIN+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_DUMPBIN"; then - ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test. +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +$as_echo "$ac_cv_prog_cc_g" >&6; } +if test "$ac_test_CFLAGS" = set; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= fi -done -done -IFS=$as_save_IFS - fi -fi -ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN -if test -n "$ac_ct_DUMPBIN"; then - { echo "$as_me:$LINENO: result: $ac_ct_DUMPBIN" >&5 -echo "${ECHO_T}$ac_ct_DUMPBIN" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 +$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +if ${ac_cv_prog_cc_c89+:} false; then : + $as_echo_n "(cached) " >&6 else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi + ac_cv_prog_cc_c89=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +struct stat; +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; - test -n "$ac_ct_DUMPBIN" && break -done +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) 'x' +int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; - if test "x$ac_ct_DUMPBIN" = x; then - DUMPBIN=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - DUMPBIN=$ac_ct_DUMPBIN - fi +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ + -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c89=$ac_arg fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c89" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC - case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in - *COFF*) - DUMPBIN="$DUMPBIN -symbols" - ;; - *) - DUMPBIN=: - ;; - esac - fi - - if test "$DUMPBIN" != ":"; then - NM="$DUMPBIN" - fi fi -test -z "$NM" && NM=nm - +# AC_CACHE_VAL +case "x$ac_cv_prog_cc_c89" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + CC="$CC $ac_cv_prog_cc_c89" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c89" != xno; then : +fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 +$as_echo_n "checking whether $CC understands -c and -o together... " >&6; } +if ${am_cv_prog_cc_c_o+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -{ echo "$as_me:$LINENO: checking the name lister ($NM) interface" >&5 -echo $ECHO_N "checking the name lister ($NM) interface... $ECHO_C" >&6; } -if test "${lt_cv_nm_interface+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_nm_interface="BSD nm" - echo "int some_variable = 0;" > conftest.$ac_ext - (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5) - (eval "$ac_compile" 2>conftest.err) - cat conftest.err >&5 - (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5) - (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) - cat conftest.err >&5 - (eval echo "\"\$as_me:$LINENO: output\"" >&5) - cat conftest.out >&5 - if $GREP 'External.*some_variable' conftest.out > /dev/null; then - lt_cv_nm_interface="MS dumpbin" - fi - rm -r -f conftest* + ; + return 0; +} +_ACEOF + # Make sure it works both with $CC and with simple cc. + # Following AC_PROG_CC_C_O, we do the test twice because some + # compilers refuse to overwrite an existing .o file with -o, + # though they will create one. + am_cv_prog_cc_c_o=yes + for am_i in 1 2; do + if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5 + ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } \ + && test -f conftest2.$ac_objext; then + : OK + else + am_cv_prog_cc_c_o=no + break + fi + done + rm -f core conftest* + unset am_i fi -{ echo "$as_me:$LINENO: result: $lt_cv_nm_interface" >&5 -echo "${ECHO_T}$lt_cv_nm_interface" >&6; } - -{ echo "$as_me:$LINENO: checking whether ln -s works" >&5 -echo $ECHO_N "checking whether ln -s works... $ECHO_C" >&6; } -LN_S=$as_ln_s -if test "$LN_S" = "ln -s"; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else - { echo "$as_me:$LINENO: result: no, using $LN_S" >&5 -echo "${ECHO_T}no, using $LN_S" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 +$as_echo "$am_cv_prog_cc_c_o" >&6; } +if test "$am_cv_prog_cc_c_o" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu -# find the maximum length of command line arguments -{ echo "$as_me:$LINENO: checking the maximum length of command line arguments" >&5 -echo $ECHO_N "checking the maximum length of command line arguments... $ECHO_C" >&6; } -if test "${lt_cv_sys_max_cmd_len+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - i=0 - teststring="ABCD" - - case $build_os in - msdosdjgpp*) - # On DJGPP, this test can blow up pretty badly due to problems in libc - # (any single argument exceeding 2000 bytes causes a buffer overrun - # during glob expansion). Even if it were fixed, the result of this - # check would be larger than it should be. - lt_cv_sys_max_cmd_len=12288; # 12K is about right - ;; - - gnu*) - # Under GNU Hurd, this test is not required because there is - # no limit to the length of command line arguments. - # Libtool will interpret -1 as no limit whatsoever - lt_cv_sys_max_cmd_len=-1; - ;; - - cygwin* | mingw* | cegcc*) - # On Win9x/ME, this test blows up -- it succeeds, but takes - # about 5 minutes as the teststring grows exponentially. - # Worse, since 9x/ME are not pre-emptively multitasking, - # you end up with a "frozen" computer, even though with patience - # the test eventually succeeds (with a max line length of 256k). - # Instead, let's just punt: use the minimum linelength reported by - # all of the supported platforms: 8192 (on NT/2K/XP). - lt_cv_sys_max_cmd_len=8192; - ;; - - mint*) - # On MiNT this can take a long time and run out of memory. - lt_cv_sys_max_cmd_len=8192; - ;; - amigaos*) - # On AmigaOS with pdksh, this test takes hours, literally. - # So we just punt and use a minimum line length of 8192. - lt_cv_sys_max_cmd_len=8192; - ;; +depcc="$CC" am_compiler_list= - netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) - # This has been around since 386BSD, at least. Likely further. - if test -x /sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` - elif test -x /usr/sbin/sysctl; then - lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` - else - lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs - fi - # And add a safety zone - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - ;; +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +$as_echo_n "checking dependency style of $depcc... " >&6; } +if ${am_cv_CC_dependencies_compiler_type+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". + rm -rf conftest.dir + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub - interix*) - # We know the value 262144 and hardcode it with a safety zone (like BSD) - lt_cv_sys_max_cmd_len=196608 - ;; + am_cv_CC_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` + fi + am__universal=false + case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac - osf*) - # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure - # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not - # nice to cause kernel panics so lets avoid the loop below. - # First set a reasonable default. - lt_cv_sys_max_cmd_len=16384 + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. # - if test -x /sbin/sysconfig; then - case `/sbin/sysconfig -q proc exec_disable_arg_limit` in - *1*) lt_cv_sys_max_cmd_len=-1 ;; - esac - fi - ;; - sco3.2v5*) - lt_cv_sys_max_cmd_len=102400 - ;; - sysv5* | sco5v6* | sysv4.2uw2*) - kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` - if test -n "$kargmax"; then - lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` - else - lt_cv_sys_max_cmd_len=32768 - fi - ;; - *) - lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` - if test -n "$lt_cv_sys_max_cmd_len"; then - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` - else - # Make teststring a little bigger before we do anything with it. - # a 1K string should be a reasonable start. - for i in 1 2 3 4 5 6 7 8 ; do - teststring=$teststring$teststring - done - SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} - # If test is not a shell built-in, we'll probably end up computing a - # maximum length that is only half of the actual maximum length, but - # we can't tell. - while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ - = "X$teststring$teststring"; } >/dev/null 2>&1 && - test $i != 17 # 1/2 MB should be enough - do - i=`expr $i + 1` - teststring=$teststring$teststring - done - # Only check the string length outside the loop. - lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` - teststring= - # Add a significant safety factor because C++ compilers can tack on - # massive amounts of additional arguments before passing them to the - # linker. It appears as though 1/2 is a usable value. - lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` - fi - ;; - esac + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf -fi + # We check with '-c' and '-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvc7 | msvc7msys | msvisualcpp | msvcmsys) + # This compiler won't grok '-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CC_dependencies_compiler_type=$depmode + break + fi + fi + done -if test -n $lt_cv_sys_max_cmd_len ; then - { echo "$as_me:$LINENO: result: $lt_cv_sys_max_cmd_len" >&5 -echo "${ECHO_T}$lt_cv_sys_max_cmd_len" >&6; } + cd .. + rm -rf conftest.dir else - { echo "$as_me:$LINENO: result: none" >&5 -echo "${ECHO_T}none" >&6; } + am_cv_CC_dependencies_compiler_type=none fi -max_cmd_len=$lt_cv_sys_max_cmd_len - - - - - - -: ${CP="cp -f"} -: ${MV="mv -f"} -: ${RM="rm -f"} - -{ echo "$as_me:$LINENO: checking whether the shell understands some XSI constructs" >&5 -echo $ECHO_N "checking whether the shell understands some XSI constructs... $ECHO_C" >&6; } -# Try some XSI features -xsi_shell=no -( _lt_dummy="a/b/c" - test "${_lt_dummy##*/},${_lt_dummy%/*},"${_lt_dummy%"$_lt_dummy"}, \ - = c,a/b,, \ - && eval 'test $(( 1 + 1 )) -eq 2 \ - && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ - && xsi_shell=yes -{ echo "$as_me:$LINENO: result: $xsi_shell" >&5 -echo "${ECHO_T}$xsi_shell" >&6; } - - -{ echo "$as_me:$LINENO: checking whether the shell understands \"+=\"" >&5 -echo $ECHO_N "checking whether the shell understands \"+=\"... $ECHO_C" >&6; } -lt_shell_append=no -( foo=bar; set foo baz; eval "$1+=\$2" && test "$foo" = barbaz ) \ - >/dev/null 2>&1 \ - && lt_shell_append=yes -{ echo "$as_me:$LINENO: result: $lt_shell_append" >&5 -echo "${ECHO_T}$lt_shell_append" >&6; } +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 +$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } +CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - lt_unset=unset + if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then + am__fastdepCC_TRUE= + am__fastdepCC_FALSE='#' else - lt_unset=false + am__fastdepCC_TRUE='#' + am__fastdepCC_FALSE= fi - - - -# test EBCDIC or ASCII -case `echo X|tr X '\101'` in - A) # ASCII based system - # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr - lt_SP2NL='tr \040 \012' - lt_NL2SP='tr \015\012 \040\040' - ;; - *) # EBCDIC based system - lt_SP2NL='tr \100 \n' - lt_NL2SP='tr \r\n \100\100' - ;; +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for a sed that does not truncate output" >&5 +$as_echo_n "checking for a sed that does not truncate output... " >&6; } +if ${ac_cv_path_SED+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_script=s/aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa/bbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbbb/ + for ac_i in 1 2 3 4 5 6 7; do + ac_script="$ac_script$as_nl$ac_script" + done + echo "$ac_script" 2>/dev/null | sed 99q >conftest.sed + { ac_script=; unset ac_script;} + if test -z "$SED"; then + ac_path_SED_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in sed gsed; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_SED="$as_dir/$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_SED" || continue +# Check for GNU ac_path_SED and select it if it is found. + # Check for GNU $ac_path_SED +case `"$ac_path_SED" --version 2>&1` in +*GNU*) + ac_cv_path_SED="$ac_path_SED" ac_path_SED_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo '' >> "conftest.nl" + "$ac_path_SED" -f conftest.sed < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_SED_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_SED="$ac_path_SED" + ac_path_SED_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; esac + $ac_path_SED_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_SED"; then + as_fn_error $? "no acceptable sed could be found in \$PATH" "$LINENO" 5 + fi +else + ac_cv_path_SED=$SED +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_SED" >&5 +$as_echo "$ac_cv_path_SED" >&6; } + SED="$ac_cv_path_SED" + rm -f conftest.sed +test -z "$SED" && SED=sed +Xsed="$SED -e 1s/^X//" -{ echo "$as_me:$LINENO: checking for $LD option to reload object files" >&5 -echo $ECHO_N "checking for $LD option to reload object files... $ECHO_C" >&6; } -if test "${lt_cv_ld_reload_flag+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_ld_reload_flag='-r' -fi -{ echo "$as_me:$LINENO: result: $lt_cv_ld_reload_flag" >&5 -echo "${ECHO_T}$lt_cv_ld_reload_flag" >&6; } -reload_flag=$lt_cv_ld_reload_flag -case $reload_flag in -"" | " "*) ;; -*) reload_flag=" $reload_flag" ;; -esac -reload_cmds='$LD$reload_flag -o $output$reload_objs' -case $host_os in - darwin*) - if test "$GCC" = yes; then - reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs' - else - reload_cmds='$LD$reload_flag -o $output$reload_objs' - fi - ;; -esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for grep that handles long lines and -e" >&5 +$as_echo_n "checking for grep that handles long lines and -e... " >&6; } +if ${ac_cv_path_GREP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$GREP"; then + ac_path_GREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_prog in grep ggrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_GREP="$as_dir/$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_GREP" || continue +# Check for GNU ac_path_GREP and select it if it is found. + # Check for GNU $ac_path_GREP +case `"$ac_path_GREP" --version 2>&1` in +*GNU*) + ac_cv_path_GREP="$ac_path_GREP" ac_path_GREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'GREP' >> "conftest.nl" + "$ac_path_GREP" -e 'GREP$' -e '-(cannot match)-' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_GREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_GREP="$ac_path_GREP" + ac_path_GREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac + $ac_path_GREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_GREP"; then + as_fn_error $? "no acceptable grep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi +else + ac_cv_path_GREP=$GREP +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_GREP" >&5 +$as_echo "$ac_cv_path_GREP" >&6; } + GREP="$ac_cv_path_GREP" -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. -set dummy ${ac_tool_prefix}objdump; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_OBJDUMP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$OBJDUMP"; then - ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for egrep" >&5 +$as_echo_n "checking for egrep... " >&6; } +if ${ac_cv_path_EGREP+:} false; then : + $as_echo_n "(cached) " >&6 else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH + if echo a | $GREP -E '(a|b)' >/dev/null 2>&1 + then ac_cv_path_EGREP="$GREP -E" + else + if test -z "$EGREP"; then + ac_path_EGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS + for ac_prog in egrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_EGREP="$as_dir/$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_EGREP" || continue +# Check for GNU ac_path_EGREP and select it if it is found. + # Check for GNU $ac_path_EGREP +case `"$ac_path_EGREP" --version 2>&1` in +*GNU*) + ac_cv_path_EGREP="$ac_path_EGREP" ac_path_EGREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'EGREP' >> "conftest.nl" + "$ac_path_EGREP" 'EGREP$' < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_EGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_EGREP="$ac_path_EGREP" + ac_path_EGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac -fi -fi -OBJDUMP=$ac_cv_prog_OBJDUMP -if test -n "$OBJDUMP"; then - { echo "$as_me:$LINENO: result: $OBJDUMP" >&5 -echo "${ECHO_T}$OBJDUMP" >&6; } + $ac_path_EGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_EGREP"; then + as_fn_error $? "no acceptable egrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + ac_cv_path_EGREP=$EGREP fi - + fi fi -if test -z "$ac_cv_prog_OBJDUMP"; then - ac_ct_OBJDUMP=$OBJDUMP - # Extract the first word of "objdump", so it can be a program name with args. -set dummy objdump; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_OBJDUMP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_OBJDUMP"; then - ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_EGREP" >&5 +$as_echo "$ac_cv_path_EGREP" >&6; } + EGREP="$ac_cv_path_EGREP" + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for fgrep" >&5 +$as_echo_n "checking for fgrep... " >&6; } +if ${ac_cv_path_FGREP+:} false; then : + $as_echo_n "(cached) " >&6 else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH + if echo 'ab*c' | $GREP -F 'ab*c' >/dev/null 2>&1 + then ac_cv_path_FGREP="$GREP -F" + else + if test -z "$FGREP"; then + ac_path_FGREP_found=false + # Loop through the user's path and test for each of PROGNAME-LIST + as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH$PATH_SEPARATOR/usr/xpg4/bin do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_OBJDUMP="objdump" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS + for ac_prog in fgrep; do + for ac_exec_ext in '' $ac_executable_extensions; do + ac_path_FGREP="$as_dir/$ac_prog$ac_exec_ext" + as_fn_executable_p "$ac_path_FGREP" || continue +# Check for GNU ac_path_FGREP and select it if it is found. + # Check for GNU $ac_path_FGREP +case `"$ac_path_FGREP" --version 2>&1` in +*GNU*) + ac_cv_path_FGREP="$ac_path_FGREP" ac_path_FGREP_found=:;; +*) + ac_count=0 + $as_echo_n 0123456789 >"conftest.in" + while : + do + cat "conftest.in" "conftest.in" >"conftest.tmp" + mv "conftest.tmp" "conftest.in" + cp "conftest.in" "conftest.nl" + $as_echo 'FGREP' >> "conftest.nl" + "$ac_path_FGREP" FGREP < "conftest.nl" >"conftest.out" 2>/dev/null || break + diff "conftest.out" "conftest.nl" >/dev/null 2>&1 || break + as_fn_arith $ac_count + 1 && ac_count=$as_val + if test $ac_count -gt ${ac_path_FGREP_max-0}; then + # Best one so far, save it but keep looking for a better one + ac_cv_path_FGREP="$ac_path_FGREP" + ac_path_FGREP_max=$ac_count + fi + # 10*(2^10) chars as input seems more than enough + test $ac_count -gt 10 && break + done + rm -f conftest.in conftest.tmp conftest.nl conftest.out;; +esac -fi -fi -ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP -if test -n "$ac_ct_OBJDUMP"; then - { echo "$as_me:$LINENO: result: $ac_ct_OBJDUMP" >&5 -echo "${ECHO_T}$ac_ct_OBJDUMP" >&6; } + $ac_path_FGREP_found && break 3 + done + done + done +IFS=$as_save_IFS + if test -z "$ac_cv_path_FGREP"; then + as_fn_error $? "no acceptable fgrep could be found in $PATH$PATH_SEPARATOR/usr/xpg4/bin" "$LINENO" 5 + fi else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + ac_cv_path_FGREP=$FGREP fi - if test "x$ac_ct_OBJDUMP" = x; then - OBJDUMP="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - OBJDUMP=$ac_ct_OBJDUMP - fi -else - OBJDUMP="$ac_cv_prog_OBJDUMP" + fi fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_path_FGREP" >&5 +$as_echo "$ac_cv_path_FGREP" >&6; } + FGREP="$ac_cv_path_FGREP" -test -z "$OBJDUMP" && OBJDUMP=objdump +test -z "$GREP" && GREP=grep -{ echo "$as_me:$LINENO: checking how to recognize dependent libraries" >&5 -echo $ECHO_N "checking how to recognize dependent libraries... $ECHO_C" >&6; } -if test "${lt_cv_deplibs_check_method+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_file_magic_cmd='$MAGIC_CMD' -lt_cv_file_magic_test_file= -lt_cv_deplibs_check_method='unknown' -# Need to set the preceding variable on all platforms that support -# interlibrary dependencies. -# 'none' -- dependencies not supported. -# `unknown' -- same as none, but documents that we really don't know. -# 'pass_all' -- all dependencies passed with no checks. -# 'test_compile' -- check by making test program. -# 'file_magic [[regex]]' -- check by looking for files in library path -# which responds to the $file_magic_cmd with a given extended regex. -# If you have `file' or equivalent on your system and you're not sure -# whether `pass_all' will *always* work, you probably want this one. - -case $host_os in -aix[4-9]*) - lt_cv_deplibs_check_method=pass_all - ;; - -beos*) - lt_cv_deplibs_check_method=pass_all - ;; - -bsdi[45]*) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' - lt_cv_file_magic_cmd='/usr/bin/file -L' - lt_cv_file_magic_test_file=/shlib/libc.so - ;; - -cygwin*) - # func_win32_libid is a shell function defined in ltmain.sh - lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='func_win32_libid' - ;; - -mingw* | pw32*) - # Base MSYS/MinGW do not provide the 'file' command needed by - # func_win32_libid shell function, so use a weaker test based on 'objdump', - # unless we find 'file', for example because we are cross-compiling. - # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin. - if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then - lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' - lt_cv_file_magic_cmd='func_win32_libid' - else - # Keep this pattern in sync with the one in func_win32_libid. - lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' - lt_cv_file_magic_cmd='$OBJDUMP -f' - fi - ;; - -cegcc*) - # use the weaker test based on 'objdump'. See mingw*. - lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' - lt_cv_file_magic_cmd='$OBJDUMP -f' - ;; - -darwin* | rhapsody*) - lt_cv_deplibs_check_method=pass_all - ;; - -freebsd* | dragonfly*) - if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then - case $host_cpu in - i*86 ) - # Not sure whether the presence of OpenBSD here was a mistake. - # Let's accept both of them until this is cleared up. - lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` - ;; - esac - else - lt_cv_deplibs_check_method=pass_all - fi - ;; -gnu*) - lt_cv_deplibs_check_method=pass_all - ;; -haiku*) - lt_cv_deplibs_check_method=pass_all - ;; -hpux10.20* | hpux11*) - lt_cv_file_magic_cmd=/usr/bin/file - case $host_cpu in - ia64*) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' - lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so - ;; - hppa*64*) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]' - lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl - ;; - *) - lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library' - lt_cv_file_magic_test_file=/usr/lib/libc.sl - ;; - esac - ;; -interix[3-9]*) - # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$' - ;; -irix5* | irix6* | nonstopux*) - case $LD in - *-32|*"-32 ") libmagic=32-bit;; - *-n32|*"-n32 ") libmagic=N32;; - *-64|*"-64 ") libmagic=64-bit;; - *) libmagic=never-match;; - esac - lt_cv_deplibs_check_method=pass_all - ;; -# This must be Linux ELF. -linux* | k*bsd*-gnu | kopensolaris*-gnu) - lt_cv_deplibs_check_method=pass_all - ;; -netbsd*) - if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$' - fi - ;; -newos6*) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' - lt_cv_file_magic_cmd=/usr/bin/file - lt_cv_file_magic_test_file=/usr/lib/libnls.so - ;; -*nto* | *qnx*) - lt_cv_deplibs_check_method=pass_all - ;; -openbsd*) - if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$' - else - lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' - fi - ;; -osf3* | osf4* | osf5*) - lt_cv_deplibs_check_method=pass_all - ;; -rdos*) - lt_cv_deplibs_check_method=pass_all - ;; -solaris*) - lt_cv_deplibs_check_method=pass_all - ;; -sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) - lt_cv_deplibs_check_method=pass_all - ;; +# Check whether --with-gnu-ld was given. +if test "${with_gnu_ld+set}" = set; then : + withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes +else + with_gnu_ld=no +fi -sysv4 | sysv4.3*) - case $host_vendor in - motorola) - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]' - lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` - ;; - ncr) - lt_cv_deplibs_check_method=pass_all - ;; - sequent) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )' - ;; - sni) - lt_cv_file_magic_cmd='/bin/file' - lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib" - lt_cv_file_magic_test_file=/lib/libc.so - ;; - siemens) - lt_cv_deplibs_check_method=pass_all +ac_prog=ld +if test "$GCC" = yes; then + # Check if gcc -print-prog-name=ld gives a path. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 +$as_echo_n "checking for ld used by $CC... " >&6; } + case $host in + *-*-mingw*) + # gcc leaves a trailing carriage return which upsets mingw + ac_prog=`($CC -print-prog-name=ld) 2>&5 | tr -d '\015'` ;; + *) + ac_prog=`($CC -print-prog-name=ld) 2>&5` ;; + esac + case $ac_prog in + # Accept absolute paths. + [\\/]* | ?:[\\/]*) + re_direlt='/[^/][^/]*/\.\./' + # Canonicalize the pathname of ld + ac_prog=`$ECHO "$ac_prog"| $SED 's%\\\\%/%g'` + while $ECHO "$ac_prog" | $GREP "$re_direlt" > /dev/null 2>&1; do + ac_prog=`$ECHO $ac_prog| $SED "s%$re_direlt%/%"` + done + test -z "$LD" && LD="$ac_prog" + ;; + "") + # If it fails, then pretend we aren't using GCC. + ac_prog=ld ;; - pc) - lt_cv_deplibs_check_method=pass_all + *) + # If it is relative, then search for the first ld in PATH. + with_gnu_ld=unknown ;; esac - ;; +elif test "$with_gnu_ld" = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 +$as_echo_n "checking for GNU ld... " >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 +$as_echo_n "checking for non-GNU ld... " >&6; } +fi +if ${lt_cv_path_LD+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$LD"; then + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for ac_dir in $PATH; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + if test -f "$ac_dir/$ac_prog" || test -f "$ac_dir/$ac_prog$ac_exeext"; then + lt_cv_path_LD="$ac_dir/$ac_prog" + # Check to see if the program is GNU ld. I'd rather use --version, + # but apparently some variants of GNU ld only accept -v. + # Break only if it was the GNU/non-GNU ld that we prefer. + case `"$lt_cv_path_LD" -v 2>&1 &5 +$as_echo "$LD" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 +$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } +if ${lt_cv_prog_gnu_ld+:} false; then : + $as_echo_n "(cached) " >&6 +else + # I'd rather use --version here, but apparently some GNU lds only accept -v. +case `$LD -v 2>&1 &5 -echo "${ECHO_T}$lt_cv_deplibs_check_method" >&6; } -file_magic_cmd=$lt_cv_file_magic_cmd -deplibs_check_method=$lt_cv_deplibs_check_method -test -z "$deplibs_check_method" && deplibs_check_method=unknown - - - +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_gnu_ld" >&5 +$as_echo "$lt_cv_prog_gnu_ld" >&6; } +with_gnu_ld=$lt_cv_prog_gnu_ld @@ -5127,364 +5269,413 @@ test -z "$deplibs_check_method" && deplibs_check_method=unknown -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ar", so it can be a program name with args. -set dummy ${ac_tool_prefix}ar; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AR+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for BSD- or MS-compatible name lister (nm)" >&5 +$as_echo_n "checking for BSD- or MS-compatible name lister (nm)... " >&6; } +if ${lt_cv_path_NM+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$AR"; then - ac_cv_prog_AR="$AR" # Let the user override the test. + if test -n "$NM"; then + # Let the user override the test. + lt_cv_path_NM="$NM" else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_AR="${ac_tool_prefix}ar" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 + lt_nm_to_check="${ac_tool_prefix}nm" + if test -n "$ac_tool_prefix" && test "$build" = "$host"; then + lt_nm_to_check="$lt_nm_to_check nm" fi -done -done -IFS=$as_save_IFS - + for lt_tmp_nm in $lt_nm_to_check; do + lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR + for ac_dir in $PATH /usr/ccs/bin/elf /usr/ccs/bin /usr/ucb /bin; do + IFS="$lt_save_ifs" + test -z "$ac_dir" && ac_dir=. + tmp_nm="$ac_dir/$lt_tmp_nm" + if test -f "$tmp_nm" || test -f "$tmp_nm$ac_exeext" ; then + # Check to see if the nm accepts a BSD-compat flag. + # Adding the `sed 1q' prevents false positives on HP-UX, which says: + # nm: unknown option "B" ignored + # Tru64's nm complains that /dev/null is an invalid object file + case `"$tmp_nm" -B /dev/null 2>&1 | sed '1q'` in + */dev/null* | *'Invalid file or object type'*) + lt_cv_path_NM="$tmp_nm -B" + break + ;; + *) + case `"$tmp_nm" -p /dev/null 2>&1 | sed '1q'` in + */dev/null*) + lt_cv_path_NM="$tmp_nm -p" + break + ;; + *) + lt_cv_path_NM=${lt_cv_path_NM="$tmp_nm"} # keep the first match, but + continue # so that we can try to find one that supports BSD flags + ;; + esac + ;; + esac + fi + done + IFS="$lt_save_ifs" + done + : ${lt_cv_path_NM=no} fi fi -AR=$ac_cv_prog_AR -if test -n "$AR"; then - { echo "$as_me:$LINENO: result: $AR" >&5 -echo "${ECHO_T}$AR" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_NM" >&5 +$as_echo "$lt_cv_path_NM" >&6; } +if test "$lt_cv_path_NM" != "no"; then + NM="$lt_cv_path_NM" else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - -fi -if test -z "$ac_cv_prog_AR"; then - ac_ct_AR=$AR - # Extract the first word of "ar", so it can be a program name with args. -set dummy ar; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_AR+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + # Didn't find any BSD compatible name lister, look for dumpbin. + if test -n "$DUMPBIN"; then : + # Let the user override the test. + else + if test -n "$ac_tool_prefix"; then + for ac_prog in dumpbin "link -dump" + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_DUMPBIN+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_AR"; then - ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. + if test -n "$DUMPBIN"; then + ac_cv_prog_DUMPBIN="$DUMPBIN" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_AR="ar" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_DUMPBIN="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -ac_ct_AR=$ac_cv_prog_ac_ct_AR -if test -n "$ac_ct_AR"; then - { echo "$as_me:$LINENO: result: $ac_ct_AR" >&5 -echo "${ECHO_T}$ac_ct_AR" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_AR" = x; then - AR="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - AR=$ac_ct_AR - fi +DUMPBIN=$ac_cv_prog_DUMPBIN +if test -n "$DUMPBIN"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DUMPBIN" >&5 +$as_echo "$DUMPBIN" >&6; } else - AR="$ac_cv_prog_AR" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -test -z "$AR" && AR=ar -test -z "$AR_FLAGS" && AR_FLAGS=cru - - - - - - - - - - -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. -set dummy ${ac_tool_prefix}strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + test -n "$DUMPBIN" && break + done +fi +if test -z "$DUMPBIN"; then + ac_ct_DUMPBIN=$DUMPBIN + for ac_prog in dumpbin "link -dump" +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_DUMPBIN+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$STRIP"; then - ac_cv_prog_STRIP="$STRIP" # Let the user override the test. + if test -n "$ac_ct_DUMPBIN"; then + ac_cv_prog_ac_ct_DUMPBIN="$ac_ct_DUMPBIN" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_STRIP="${ac_tool_prefix}strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_DUMPBIN="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -STRIP=$ac_cv_prog_STRIP -if test -n "$STRIP"; then - { echo "$as_me:$LINENO: result: $STRIP" >&5 -echo "${ECHO_T}$STRIP" >&6; } +ac_ct_DUMPBIN=$ac_cv_prog_ac_ct_DUMPBIN +if test -n "$ac_ct_DUMPBIN"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DUMPBIN" >&5 +$as_echo "$ac_ct_DUMPBIN" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -fi -if test -z "$ac_cv_prog_STRIP"; then - ac_ct_STRIP=$STRIP - # Extract the first word of "strip", so it can be a program name with args. -set dummy strip; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_STRIP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_STRIP"; then - ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_STRIP="strip" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done + test -n "$ac_ct_DUMPBIN" && break done -IFS=$as_save_IFS -fi -fi -ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP -if test -n "$ac_ct_STRIP"; then - { echo "$as_me:$LINENO: result: $ac_ct_STRIP" >&5 -echo "${ECHO_T}$ac_ct_STRIP" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - if test "x$ac_ct_STRIP" = x; then - STRIP=":" + if test "x$ac_ct_DUMPBIN" = x; then + DUMPBIN=":" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - STRIP=$ac_ct_STRIP + DUMPBIN=$ac_ct_DUMPBIN fi -else - STRIP="$ac_cv_prog_STRIP" fi -test -z "$STRIP" && STRIP=: - - + case `$DUMPBIN -symbols /dev/null 2>&1 | sed '1q'` in + *COFF*) + DUMPBIN="$DUMPBIN -symbols" + ;; + *) + DUMPBIN=: + ;; + esac + fi + if test "$DUMPBIN" != ":"; then + NM="$DUMPBIN" + fi +fi +test -z "$NM" && NM=nm -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. -set dummy ${ac_tool_prefix}ranlib; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_RANLIB+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$RANLIB"; then - ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS -fi -fi -RANLIB=$ac_cv_prog_RANLIB -if test -n "$RANLIB"; then - { echo "$as_me:$LINENO: result: $RANLIB" >&5 -echo "${ECHO_T}$RANLIB" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi -fi -if test -z "$ac_cv_prog_RANLIB"; then - ac_ct_RANLIB=$RANLIB - # Extract the first word of "ranlib", so it can be a program name with args. -set dummy ranlib; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_RANLIB+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_RANLIB"; then - ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the name lister ($NM) interface" >&5 +$as_echo_n "checking the name lister ($NM) interface... " >&6; } +if ${lt_cv_nm_interface+:} false; then : + $as_echo_n "(cached) " >&6 else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_RANLIB="ranlib" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 + lt_cv_nm_interface="BSD nm" + echo "int some_variable = 0;" > conftest.$ac_ext + (eval echo "\"\$as_me:$LINENO: $ac_compile\"" >&5) + (eval "$ac_compile" 2>conftest.err) + cat conftest.err >&5 + (eval echo "\"\$as_me:$LINENO: $NM \\\"conftest.$ac_objext\\\"\"" >&5) + (eval "$NM \"conftest.$ac_objext\"" 2>conftest.err > conftest.out) + cat conftest.err >&5 + (eval echo "\"\$as_me:$LINENO: output\"" >&5) + cat conftest.out >&5 + if $GREP 'External.*some_variable' conftest.out > /dev/null; then + lt_cv_nm_interface="MS dumpbin" fi -done -done -IFS=$as_save_IFS - -fi -fi -ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB -if test -n "$ac_ct_RANLIB"; then - { echo "$as_me:$LINENO: result: $ac_ct_RANLIB" >&5 -echo "${ECHO_T}$ac_ct_RANLIB" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + rm -f conftest* fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_nm_interface" >&5 +$as_echo "$lt_cv_nm_interface" >&6; } - if test "x$ac_ct_RANLIB" = x; then - RANLIB=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - RANLIB=$ac_ct_RANLIB - fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether ln -s works" >&5 +$as_echo_n "checking whether ln -s works... " >&6; } +LN_S=$as_ln_s +if test "$LN_S" = "ln -s"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } else - RANLIB="$ac_cv_prog_RANLIB" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no, using $LN_S" >&5 +$as_echo "no, using $LN_S" >&6; } fi -test -z "$RANLIB" && RANLIB=: - - - +# find the maximum length of command line arguments +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking the maximum length of command line arguments" >&5 +$as_echo_n "checking the maximum length of command line arguments... " >&6; } +if ${lt_cv_sys_max_cmd_len+:} false; then : + $as_echo_n "(cached) " >&6 +else + i=0 + teststring="ABCD" + case $build_os in + msdosdjgpp*) + # On DJGPP, this test can blow up pretty badly due to problems in libc + # (any single argument exceeding 2000 bytes causes a buffer overrun + # during glob expansion). Even if it were fixed, the result of this + # check would be larger than it should be. + lt_cv_sys_max_cmd_len=12288; # 12K is about right + ;; + gnu*) + # Under GNU Hurd, this test is not required because there is + # no limit to the length of command line arguments. + # Libtool will interpret -1 as no limit whatsoever + lt_cv_sys_max_cmd_len=-1; + ;; -# Determine commands to create old-style static archives. -old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' -old_postinstall_cmds='chmod 644 $oldlib' -old_postuninstall_cmds= + cygwin* | mingw* | cegcc*) + # On Win9x/ME, this test blows up -- it succeeds, but takes + # about 5 minutes as the teststring grows exponentially. + # Worse, since 9x/ME are not pre-emptively multitasking, + # you end up with a "frozen" computer, even though with patience + # the test eventually succeeds (with a max line length of 256k). + # Instead, let's just punt: use the minimum linelength reported by + # all of the supported platforms: 8192 (on NT/2K/XP). + lt_cv_sys_max_cmd_len=8192; + ;; -if test -n "$RANLIB"; then - case $host_os in - openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + mint*) + # On MiNT this can take a long time and run out of memory. + lt_cv_sys_max_cmd_len=8192; ;; - *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + + amigaos*) + # On AmigaOS with pdksh, this test takes hours, literally. + # So we just punt and use a minimum line length of 8192. + lt_cv_sys_max_cmd_len=8192; ;; - esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" -fi -case $host_os in - darwin*) - lock_old_archive_extraction=yes ;; - *) - lock_old_archive_extraction=no ;; -esac + netbsd* | freebsd* | openbsd* | darwin* | dragonfly*) + # This has been around since 386BSD, at least. Likely further. + if test -x /sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/sbin/sysctl -n kern.argmax` + elif test -x /usr/sbin/sysctl; then + lt_cv_sys_max_cmd_len=`/usr/sbin/sysctl -n kern.argmax` + else + lt_cv_sys_max_cmd_len=65536 # usable default for all BSDs + fi + # And add a safety zone + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + ;; + + interix*) + # We know the value 262144 and hardcode it with a safety zone (like BSD) + lt_cv_sys_max_cmd_len=196608 + ;; + os2*) + # The test takes a long time on OS/2. + lt_cv_sys_max_cmd_len=8192 + ;; + osf*) + # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure + # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not + # nice to cause kernel panics so lets avoid the loop below. + # First set a reasonable default. + lt_cv_sys_max_cmd_len=16384 + # + if test -x /sbin/sysconfig; then + case `/sbin/sysconfig -q proc exec_disable_arg_limit` in + *1*) lt_cv_sys_max_cmd_len=-1 ;; + esac + fi + ;; + sco3.2v5*) + lt_cv_sys_max_cmd_len=102400 + ;; + sysv5* | sco5v6* | sysv4.2uw2*) + kargmax=`grep ARG_MAX /etc/conf/cf.d/stune 2>/dev/null` + if test -n "$kargmax"; then + lt_cv_sys_max_cmd_len=`echo $kargmax | sed 's/.*[ ]//'` + else + lt_cv_sys_max_cmd_len=32768 + fi + ;; + *) + lt_cv_sys_max_cmd_len=`(getconf ARG_MAX) 2> /dev/null` + if test -n "$lt_cv_sys_max_cmd_len"; then + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 4` + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \* 3` + else + # Make teststring a little bigger before we do anything with it. + # a 1K string should be a reasonable start. + for i in 1 2 3 4 5 6 7 8 ; do + teststring=$teststring$teststring + done + SHELL=${SHELL-${CONFIG_SHELL-/bin/sh}} + # If test is not a shell built-in, we'll probably end up computing a + # maximum length that is only half of the actual maximum length, but + # we can't tell. + while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \ + = "X$teststring$teststring"; } >/dev/null 2>&1 && + test $i != 17 # 1/2 MB should be enough + do + i=`expr $i + 1` + teststring=$teststring$teststring + done + # Only check the string length outside the loop. + lt_cv_sys_max_cmd_len=`expr "X$teststring" : ".*" 2>&1` + teststring= + # Add a significant safety factor because C++ compilers can tack on + # massive amounts of additional arguments before passing them to the + # linker. It appears as though 1/2 is a usable value. + lt_cv_sys_max_cmd_len=`expr $lt_cv_sys_max_cmd_len \/ 2` + fi + ;; + esac +fi +if test -n $lt_cv_sys_max_cmd_len ; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sys_max_cmd_len" >&5 +$as_echo "$lt_cv_sys_max_cmd_len" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none" >&5 +$as_echo "none" >&6; } +fi +max_cmd_len=$lt_cv_sys_max_cmd_len +: ${CP="cp -f"} +: ${MV="mv -f"} +: ${RM="rm -f"} +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands some XSI constructs" >&5 +$as_echo_n "checking whether the shell understands some XSI constructs... " >&6; } +# Try some XSI features +xsi_shell=no +( _lt_dummy="a/b/c" + test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \ + = c,a/b,b/c, \ + && eval 'test $(( 1 + 1 )) -eq 2 \ + && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ + && xsi_shell=yes +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $xsi_shell" >&5 +$as_echo "$xsi_shell" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the shell understands \"+=\"" >&5 +$as_echo_n "checking whether the shell understands \"+=\"... " >&6; } +lt_shell_append=no +( foo=bar; set foo baz; eval "$1+=\$2" && test "$foo" = barbaz ) \ + >/dev/null 2>&1 \ + && lt_shell_append=yes +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_shell_append" >&5 +$as_echo "$lt_shell_append" >&6; } +if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then + lt_unset=unset +else + lt_unset=false +fi +# test EBCDIC or ASCII +case `echo X|tr X '\101'` in + A) # ASCII based system + # \n is not interpreted correctly by Solaris 8 /usr/ucb/tr + lt_SP2NL='tr \040 \012' + lt_NL2SP='tr \015\012 \040\040' + ;; + *) # EBCDIC based system + lt_SP2NL='tr \100 \n' + lt_NL2SP='tr \r\n \100\100' + ;; +esac @@ -5494,255 +5685,211 @@ esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to $host format" >&5 +$as_echo_n "checking how to convert $build file names to $host format... " >&6; } +if ${lt_cv_to_host_file_cmd+:} false; then : + $as_echo_n "(cached) " >&6 +else + case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 + ;; + esac + ;; + *-*-cygwin* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin + ;; + esac + ;; + * ) # unhandled hosts (and "normal" native builds) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; +esac +fi +to_host_file_cmd=$lt_cv_to_host_file_cmd +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_host_file_cmd" >&5 +$as_echo "$lt_cv_to_host_file_cmd" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to convert $build file names to toolchain format" >&5 +$as_echo_n "checking how to convert $build file names to toolchain format... " >&6; } +if ${lt_cv_to_tool_file_cmd+:} false; then : + $as_echo_n "(cached) " >&6 +else + #assume ordinary cross tools, or native build. +lt_cv_to_tool_file_cmd=func_convert_file_noop +case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 + ;; + esac + ;; +esac +fi +to_tool_file_cmd=$lt_cv_to_tool_file_cmd +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_to_tool_file_cmd" >&5 +$as_echo "$lt_cv_to_tool_file_cmd" >&6; } -# If no C compiler was specified, use CC. -LTCC=${LTCC-"$CC"} -# If no C compiler flags were specified, use CFLAGS. -LTCFLAGS=${LTCFLAGS-"$CFLAGS"} -# Allow CC to be a program name with arguments. -compiler=$CC -# Check for command to grab the raw symbol name followed by C symbol from nm. -{ echo "$as_me:$LINENO: checking command to parse $NM output from $compiler object" >&5 -echo $ECHO_N "checking command to parse $NM output from $compiler object... $ECHO_C" >&6; } -if test "${lt_cv_sys_global_symbol_pipe+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $LD option to reload object files" >&5 +$as_echo_n "checking for $LD option to reload object files... " >&6; } +if ${lt_cv_ld_reload_flag+:} false; then : + $as_echo_n "(cached) " >&6 else + lt_cv_ld_reload_flag='-r' +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_reload_flag" >&5 +$as_echo "$lt_cv_ld_reload_flag" >&6; } +reload_flag=$lt_cv_ld_reload_flag +case $reload_flag in +"" | " "*) ;; +*) reload_flag=" $reload_flag" ;; +esac +reload_cmds='$LD$reload_flag -o $output$reload_objs' +case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + if test "$GCC" != yes; then + reload_cmds=false + fi + ;; + darwin*) + if test "$GCC" = yes; then + reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs' + else + reload_cmds='$LD$reload_flag -o $output$reload_objs' + fi + ;; +esac -# These are sane defaults that work on at least a few old systems. -# [They come from Ultrix. What could be older than Ultrix?!! ;)] -# Character class describing NM global symbol codes. -symcode='[BCDEGRST]' -# Regexp to match symbols that can be accessed directly from C. -sympat='\([_A-Za-z][_A-Za-z0-9]*\)' -# Define system-specific variables. -case $host_os in -aix*) - symcode='[BCDT]' - ;; -cygwin* | mingw* | pw32* | cegcc*) - symcode='[ABCDGISTW]' - ;; -hpux*) - if test "$host_cpu" = ia64; then - symcode='[ABCDEGRST]' - fi - ;; -irix* | nonstopux*) - symcode='[BCDEGRST]' - ;; -osf*) - symcode='[BCDEGQRST]' - ;; -solaris*) - symcode='[BDRT]' - ;; -sco3.2v5*) - symcode='[DT]' - ;; -sysv4.2uw2*) - symcode='[DT]' - ;; -sysv5* | sco5v6* | unixware* | OpenUNIX*) - symcode='[ABDT]' - ;; -sysv4) - symcode='[DFNSTU]' - ;; -esac -# If we're using GNU nm, then use its standard symbol codes. -case `$NM -V 2>&1` in -*GNU* | *'with BFD'*) - symcode='[ABCDGIRSTW]' ;; -esac -# Transform an extracted symbol line into a proper C declaration. -# Some systems (esp. on ia64) link data and code symbols differently, -# so use this general approach. -lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" -# Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (void *) \&\2},/p'" -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\) $/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"lib\2\", (void *) \&\2},/p'" -# Handle CRLF in mingw tool chain -opt_cr= -case $build_os in -mingw*) - opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp - ;; -esac - -# Try without a prefix underscore, then with it. -for ac_symprfx in "" "_"; do - # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. - symxfrm="\\1 $ac_symprfx\\2 \\2" - - # Write the raw and C identifiers. - if test "$lt_cv_nm_interface" = "MS dumpbin"; then - # Fake it for dumpbin and say T for any non-static function - # and D for any global variable. - # Also find C++ and __fastcall symbols from MSVC++, - # which start with @ or ?. - lt_cv_sys_global_symbol_pipe="$AWK '"\ -" {last_section=section; section=\$ 3};"\ -" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ -" \$ 0!~/External *\|/{next};"\ -" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ -" {if(hide[section]) next};"\ -" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\ -" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\ -" s[1]~/^[@?]/{print s[1], s[1]; next};"\ -" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\ -" ' prfx=^$ac_symprfx" - else - lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. +set dummy ${ac_tool_prefix}objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_OBJDUMP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OBJDUMP"; then + ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 fi +done + done +IFS=$as_save_IFS - # Check to see that the pipe works correctly. - pipe_works=no - - rm -r -f conftest* - cat > conftest.$ac_ext <<_LT_EOF -#ifdef __cplusplus -extern "C" { -#endif -char nm_test_var; -void nm_test_func(void); -void nm_test_func(void){} -#ifdef __cplusplus -} -#endif -int main(){nm_test_var='a';nm_test_func();return(0);} -_LT_EOF - - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - # Now try to grab the symbols. - nlist=conftest.nm - if { (eval echo "$as_me:$LINENO: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\"") >&5 - (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s "$nlist"; then - # Try sorting and uniquifying the output. - if sort "$nlist" | uniq > "$nlist"T; then - mv -f "$nlist"T "$nlist" - else - rm -f "$nlist"T - fi - - # Make sure that we snagged all the symbols we need. - if $GREP ' nm_test_var$' "$nlist" >/dev/null; then - if $GREP ' nm_test_func$' "$nlist" >/dev/null; then - cat <<_LT_EOF > conftest.$ac_ext -#ifdef __cplusplus -extern "C" { -#endif - -_LT_EOF - # Now generate the symbol file. - eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' - - cat <<_LT_EOF >> conftest.$ac_ext - -/* The mapping between symbol names and symbols. */ -const struct { - const char *name; - void *address; -} -lt__PROGRAM__LTX_preloaded_symbols[] = -{ - { "@PROGRAM@", (void *) 0 }, -_LT_EOF - $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext - cat <<\_LT_EOF >> conftest.$ac_ext - {0, (void *) 0} -}; - -/* This works around a problem in FreeBSD linker */ -#ifdef FREEBSD_WORKAROUND -static const void *lt_preloaded_setup() { - return lt__PROGRAM__LTX_preloaded_symbols; -} -#endif +fi +fi +OBJDUMP=$ac_cv_prog_OBJDUMP +if test -n "$OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OBJDUMP" >&5 +$as_echo "$OBJDUMP" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi -#ifdef __cplusplus -} -#endif -_LT_EOF - # Now try linking the two files. - mv conftest.$ac_objext conftstm.$ac_objext - lt_save_LIBS="$LIBS" - lt_save_CFLAGS="$CFLAGS" - LIBS="conftstm.$ac_objext" - CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag" - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 - (eval $ac_link) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext}; then - pipe_works=yes - fi - LIBS="$lt_save_LIBS" - CFLAGS="$lt_save_CFLAGS" - else - echo "cannot find nm_test_func in $nlist" >&5 - fi - else - echo "cannot find nm_test_var in $nlist" >&5 - fi - else - echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5 - fi - else - echo "$progname: failed program was:" >&5 - cat conftest.$ac_ext >&5 - fi - rm -rf conftest* conftst* - # Do not use the global_symbol_pipe unless it works. - if test "$pipe_works" = yes; then - break - else - lt_cv_sys_global_symbol_pipe= +fi +if test -z "$ac_cv_prog_OBJDUMP"; then + ac_ct_OBJDUMP=$OBJDUMP + # Extract the first word of "objdump", so it can be a program name with args. +set dummy objdump; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_OBJDUMP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OBJDUMP"; then + ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_OBJDUMP="objdump" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 fi done + done +IFS=$as_save_IFS fi - -if test -z "$lt_cv_sys_global_symbol_pipe"; then - lt_cv_sys_global_symbol_to_cdecl= fi -if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then - { echo "$as_me:$LINENO: result: failed" >&5 -echo "${ECHO_T}failed" >&6; } +ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP +if test -n "$ac_ct_OBJDUMP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OBJDUMP" >&5 +$as_echo "$ac_ct_OBJDUMP" >&6; } else - { echo "$as_me:$LINENO: result: ok" >&5 -echo "${ECHO_T}ok" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi + if test "x$ac_ct_OBJDUMP" = x; then + OBJDUMP="false" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OBJDUMP=$ac_ct_OBJDUMP + fi +else + OBJDUMP="$ac_cv_prog_OBJDUMP" +fi +test -z "$OBJDUMP" && OBJDUMP=objdump @@ -5752,718 +5899,784 @@ fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to recognize dependent libraries" >&5 +$as_echo_n "checking how to recognize dependent libraries... " >&6; } +if ${lt_cv_deplibs_check_method+:} false; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_file_magic_cmd='$MAGIC_CMD' +lt_cv_file_magic_test_file= +lt_cv_deplibs_check_method='unknown' +# Need to set the preceding variable on all platforms that support +# interlibrary dependencies. +# 'none' -- dependencies not supported. +# `unknown' -- same as none, but documents that we really don't know. +# 'pass_all' -- all dependencies passed with no checks. +# 'test_compile' -- check by making test program. +# 'file_magic [[regex]]' -- check by looking for files in library path +# which responds to the $file_magic_cmd with a given extended regex. +# If you have `file' or equivalent on your system and you're not sure +# whether `pass_all' will *always* work, you probably want this one. +case $host_os in +aix[4-9]*) + lt_cv_deplibs_check_method=pass_all + ;; +beos*) + lt_cv_deplibs_check_method=pass_all + ;; +bsdi[45]*) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib)' + lt_cv_file_magic_cmd='/usr/bin/file -L' + lt_cv_file_magic_test_file=/shlib/libc.so + ;; +cygwin*) + # func_win32_libid is a shell function defined in ltmain.sh + lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' + lt_cv_file_magic_cmd='func_win32_libid' + ;; +mingw* | pw32*) + # Base MSYS/MinGW do not provide the 'file' command needed by + # func_win32_libid shell function, so use a weaker test based on 'objdump', + # unless we find 'file', for example because we are cross-compiling. + # func_win32_libid assumes BSD nm, so disallow it if using MS dumpbin. + if ( test "$lt_cv_nm_interface" = "BSD nm" && file / ) >/dev/null 2>&1; then + lt_cv_deplibs_check_method='file_magic ^x86 archive import|^x86 DLL' + lt_cv_file_magic_cmd='func_win32_libid' + else + # Keep this pattern in sync with the one in func_win32_libid. + lt_cv_deplibs_check_method='file_magic file format (pei*-i386(.*architecture: i386)?|pe-arm-wince|pe-x86-64)' + lt_cv_file_magic_cmd='$OBJDUMP -f' + fi + ;; +cegcc*) + # use the weaker test based on 'objdump'. See mingw*. + lt_cv_deplibs_check_method='file_magic file format pe-arm-.*little(.*architecture: arm)?' + lt_cv_file_magic_cmd='$OBJDUMP -f' + ;; +darwin* | rhapsody*) + lt_cv_deplibs_check_method=pass_all + ;; +freebsd* | dragonfly*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + case $host_cpu in + i*86 ) + # Not sure whether the presence of OpenBSD here was a mistake. + # Let's accept both of them until this is cleared up. + lt_cv_deplibs_check_method='file_magic (FreeBSD|OpenBSD|DragonFly)/i[3-9]86 (compact )?demand paged shared library' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so.*` + ;; + esac + else + lt_cv_deplibs_check_method=pass_all + fi + ;; +gnu*) + lt_cv_deplibs_check_method=pass_all + ;; +haiku*) + lt_cv_deplibs_check_method=pass_all + ;; +hpux10.20* | hpux11*) + lt_cv_file_magic_cmd=/usr/bin/file + case $host_cpu in + ia64*) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF-[0-9][0-9]) shared object file - IA64' + lt_cv_file_magic_test_file=/usr/lib/hpux32/libc.so + ;; + hppa*64*) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|ELF[ -][0-9][0-9])(-bit)?( [LM]SB)? shared object( file)?[, -]* PA-RISC [0-9]\.[0-9]' + lt_cv_file_magic_test_file=/usr/lib/pa20_64/libc.sl + ;; + *) + lt_cv_deplibs_check_method='file_magic (s[0-9][0-9][0-9]|PA-RISC[0-9]\.[0-9]) shared library' + lt_cv_file_magic_test_file=/usr/lib/libc.sl + ;; + esac + ;; -# Check whether --enable-libtool-lock was given. -if test "${enable_libtool_lock+set}" = set; then - enableval=$enable_libtool_lock; -fi - -test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes +interix[3-9]*) + # PIC code is broken on Interix 3.x, that's why |\.a not |_pic\.a here + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|\.a)$' + ;; -# Some flags need to be propagated to the compiler or linker for good -# libtool support. -case $host in -ia64-*-hpux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.$ac_objext` in - *ELF-32*) - HPUX_IA64_MODE="32" - ;; - *ELF-64*) - HPUX_IA64_MODE="64" - ;; - esac - fi - rm -rf conftest* +irix5* | irix6* | nonstopux*) + case $LD in + *-32|*"-32 ") libmagic=32-bit;; + *-n32|*"-n32 ") libmagic=N32;; + *-64|*"-64 ") libmagic=64-bit;; + *) libmagic=never-match;; + esac + lt_cv_deplibs_check_method=pass_all ;; -*-*-irix6*) - # Find out which ABI we are using. - echo '#line '$LINENO' "configure"' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - if test "$lt_cv_prog_gnu_ld" = yes; then - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -melf32bsmip" - ;; - *N32*) - LD="${LD-ld} -melf32bmipn32" - ;; - *64-bit*) - LD="${LD-ld} -melf64bmip" - ;; - esac - else - case `/usr/bin/file conftest.$ac_objext` in - *32-bit*) - LD="${LD-ld} -32" - ;; - *N32*) - LD="${LD-ld} -n32" - ;; - *64-bit*) - LD="${LD-ld} -64" - ;; - esac - fi - fi - rm -rf conftest* + +# This must be glibc/ELF. +linux* | k*bsd*-gnu | kopensolaris*-gnu) + lt_cv_deplibs_check_method=pass_all ;; -x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ -s390*-*linux*|s390*-*tpf*|sparc*-*linux*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.o` in - *32-bit*) - case $host in - x86_64-*kfreebsd*-gnu) - LD="${LD-ld} -m elf_i386_fbsd" - ;; - x86_64-*linux*) - LD="${LD-ld} -m elf_i386" - ;; - ppc64-*linux*|powerpc64-*linux*) - LD="${LD-ld} -m elf32ppclinux" - ;; - s390x-*linux*) - LD="${LD-ld} -m elf_s390" - ;; - sparc64-*linux*) - LD="${LD-ld} -m elf32_sparc" - ;; - esac - ;; - *64-bit*) - case $host in - x86_64-*kfreebsd*-gnu) - LD="${LD-ld} -m elf_x86_64_fbsd" - ;; - x86_64-*linux*) - LD="${LD-ld} -m elf_x86_64" - ;; - ppc*-*linux*|powerpc*-*linux*) - LD="${LD-ld} -m elf64ppc" - ;; - s390*-*linux*|s390*-*tpf*) - LD="${LD-ld} -m elf64_s390" - ;; - sparc*-*linux*) - LD="${LD-ld} -m elf64_sparc" - ;; - esac - ;; - esac +netbsd*) + if echo __ELF__ | $CC -E - | $GREP __ELF__ > /dev/null; then + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so|_pic\.a)$' fi - rm -rf conftest* ;; -*-*-sco3.2v5*) - # On SCO OpenServer 5, we need -belf to get full-featured binaries. - SAVE_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -belf" - { echo "$as_me:$LINENO: checking whether the C compiler needs -belf" >&5 -echo $ECHO_N "checking whether the C compiler needs -belf... $ECHO_C" >&6; } -if test "${lt_cv_cc_needs_belf+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu +newos6*) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (executable|dynamic lib)' + lt_cv_file_magic_cmd=/usr/bin/file + lt_cv_file_magic_test_file=/usr/lib/libnls.so + ;; - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ +*nto* | *qnx*) + lt_cv_deplibs_check_method=pass_all + ;; -int -main () -{ +openbsd*) + if test -z "`echo __ELF__ | $CC -E - | $GREP __ELF__`" || test "$host_os-$host_cpu" = "openbsd2.8-powerpc"; then + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|\.so|_pic\.a)$' + else + lt_cv_deplibs_check_method='match_pattern /lib[^/]+(\.so\.[0-9]+\.[0-9]+|_pic\.a)$' + fi + ;; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - lt_cv_cc_needs_belf=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +osf3* | osf4* | osf5*) + lt_cv_deplibs_check_method=pass_all + ;; - lt_cv_cc_needs_belf=no -fi +rdos*) + lt_cv_deplibs_check_method=pass_all + ;; -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu +solaris*) + lt_cv_deplibs_check_method=pass_all + ;; -fi -{ echo "$as_me:$LINENO: result: $lt_cv_cc_needs_belf" >&5 -echo "${ECHO_T}$lt_cv_cc_needs_belf" >&6; } - if test x"$lt_cv_cc_needs_belf" != x"yes"; then - # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf - CFLAGS="$SAVE_CFLAGS" - fi +sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) + lt_cv_deplibs_check_method=pass_all ;; -sparc*-*solaris*) - # Find out which ABI we are using. - echo 'int i;' > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 - (eval $ac_compile) 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then - case `/usr/bin/file conftest.o` in - *64-bit*) - case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; - *) - if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then - LD="${LD-ld} -64" - fi - ;; - esac - ;; - esac - fi - rm -rf conftest* + +sysv4 | sysv4.3*) + case $host_vendor in + motorola) + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [ML]SB (shared object|dynamic lib) M[0-9][0-9]* Version [0-9]' + lt_cv_file_magic_test_file=`echo /usr/lib/libc.so*` + ;; + ncr) + lt_cv_deplibs_check_method=pass_all + ;; + sequent) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method='file_magic ELF [0-9][0-9]*-bit [LM]SB (shared object|dynamic lib )' + ;; + sni) + lt_cv_file_magic_cmd='/bin/file' + lt_cv_deplibs_check_method="file_magic ELF [0-9][0-9]*-bit [LM]SB dynamic lib" + lt_cv_file_magic_test_file=/lib/libc.so + ;; + siemens) + lt_cv_deplibs_check_method=pass_all + ;; + pc) + lt_cv_deplibs_check_method=pass_all + ;; + esac ;; -esac -need_locks="$enable_libtool_lock" +tpf*) + lt_cv_deplibs_check_method=pass_all + ;; +esac +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_deplibs_check_method" >&5 +$as_echo "$lt_cv_deplibs_check_method" >&6; } +file_magic_glob= +want_nocaseglob=no +if test "$build" = "$host"; then case $host_os in - rhapsody* | darwin*) - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args. -set dummy ${ac_tool_prefix}dsymutil; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_DSYMUTIL+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + mingw* | pw32*) + if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then + want_nocaseglob=yes + else + file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[\1]\/[\1]\/g;/g"` + fi + ;; + esac +fi + +file_magic_cmd=$lt_cv_file_magic_cmd +deplibs_check_method=$lt_cv_deplibs_check_method +test -z "$deplibs_check_method" && deplibs_check_method=unknown + + + + + + + + + + + + + + + + + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. +set dummy ${ac_tool_prefix}dlltool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_DLLTOOL+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$DSYMUTIL"; then - ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test. + if test -n "$DLLTOOL"; then + ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -DSYMUTIL=$ac_cv_prog_DSYMUTIL -if test -n "$DSYMUTIL"; then - { echo "$as_me:$LINENO: result: $DSYMUTIL" >&5 -echo "${ECHO_T}$DSYMUTIL" >&6; } +DLLTOOL=$ac_cv_prog_DLLTOOL +if test -n "$DLLTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DLLTOOL" >&5 +$as_echo "$DLLTOOL" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi fi -if test -z "$ac_cv_prog_DSYMUTIL"; then - ac_ct_DSYMUTIL=$DSYMUTIL - # Extract the first word of "dsymutil", so it can be a program name with args. -set dummy dsymutil; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_DSYMUTIL+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$ac_cv_prog_DLLTOOL"; then + ac_ct_DLLTOOL=$DLLTOOL + # Extract the first word of "dlltool", so it can be a program name with args. +set dummy dlltool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_DLLTOOL+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_DSYMUTIL"; then - ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test. + if test -n "$ac_ct_DLLTOOL"; then + ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_DLLTOOL="dlltool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL -if test -n "$ac_ct_DSYMUTIL"; then - { echo "$as_me:$LINENO: result: $ac_ct_DSYMUTIL" >&5 -echo "${ECHO_T}$ac_ct_DSYMUTIL" >&6; } +ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL +if test -n "$ac_ct_DLLTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DLLTOOL" >&5 +$as_echo "$ac_ct_DLLTOOL" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - if test "x$ac_ct_DSYMUTIL" = x; then - DSYMUTIL=":" + if test "x$ac_ct_DLLTOOL" = x; then + DLLTOOL="false" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - DSYMUTIL=$ac_ct_DSYMUTIL + DLLTOOL=$ac_ct_DLLTOOL fi else - DSYMUTIL="$ac_cv_prog_DSYMUTIL" + DLLTOOL="$ac_cv_prog_DLLTOOL" fi - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args. -set dummy ${ac_tool_prefix}nmedit; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_NMEDIT+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +test -z "$DLLTOOL" && DLLTOOL=dlltool + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to associate runtime and link libraries" >&5 +$as_echo_n "checking how to associate runtime and link libraries... " >&6; } +if ${lt_cv_sharedlib_from_linklib_cmd+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$NMEDIT"; then - ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test. + lt_cv_sharedlib_from_linklib_cmd='unknown' + +case $host_os in +cygwin* | mingw* | pw32* | cegcc*) + # two different shell functions defined in ltmain.sh + # decide which to use based on capabilities of $DLLTOOL + case `$DLLTOOL --help 2>&1` in + *--identify-strict*) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib + ;; + *) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback + ;; + esac + ;; +*) + # fallback: assume linklib IS sharedlib + lt_cv_sharedlib_from_linklib_cmd="$ECHO" + ;; +esac + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_sharedlib_from_linklib_cmd" >&5 +$as_echo "$lt_cv_sharedlib_from_linklib_cmd" >&6; } +sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd +test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO + + + + + + + + +if test -n "$ac_tool_prefix"; then + for ac_prog in ar + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_AR+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$AR"; then + ac_cv_prog_AR="$AR" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_AR="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -NMEDIT=$ac_cv_prog_NMEDIT -if test -n "$NMEDIT"; then - { echo "$as_me:$LINENO: result: $NMEDIT" >&5 -echo "${ECHO_T}$NMEDIT" >&6; } +AR=$ac_cv_prog_AR +if test -n "$AR"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $AR" >&5 +$as_echo "$AR" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi + test -n "$AR" && break + done fi -if test -z "$ac_cv_prog_NMEDIT"; then - ac_ct_NMEDIT=$NMEDIT - # Extract the first word of "nmedit", so it can be a program name with args. -set dummy nmedit; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_NMEDIT+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$AR"; then + ac_ct_AR=$AR + for ac_prog in ar +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_AR+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_NMEDIT"; then - ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test. + if test -n "$ac_ct_AR"; then + ac_cv_prog_ac_ct_AR="$ac_ct_AR" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_NMEDIT="nmedit" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_AR="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT -if test -n "$ac_ct_NMEDIT"; then - { echo "$as_me:$LINENO: result: $ac_ct_NMEDIT" >&5 -echo "${ECHO_T}$ac_ct_NMEDIT" >&6; } +ac_ct_AR=$ac_cv_prog_ac_ct_AR +if test -n "$ac_ct_AR"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_AR" >&5 +$as_echo "$ac_ct_AR" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - if test "x$ac_ct_NMEDIT" = x; then - NMEDIT=":" + + test -n "$ac_ct_AR" && break +done + + if test "x$ac_ct_AR" = x; then + AR="false" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - NMEDIT=$ac_ct_NMEDIT + AR=$ac_ct_AR fi +fi + +: ${AR=ar} +: ${AR_FLAGS=cru} + + + + + + + + + + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for archiver @FILE support" >&5 +$as_echo_n "checking for archiver @FILE support... " >&6; } +if ${lt_cv_ar_at_file+:} false; then : + $as_echo_n "(cached) " >&6 else - NMEDIT="$ac_cv_prog_NMEDIT" + lt_cv_ar_at_file=no + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + echo conftest.$ac_objext > conftest.lst + lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&5' + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 + (eval $lt_ar_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if test "$ac_status" -eq 0; then + # Ensure the archiver fails upon bogus file names. + rm -f conftest.$ac_objext libconftest.a + { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$lt_ar_try\""; } >&5 + (eval $lt_ar_try) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + if test "$ac_status" -ne 0; then + lt_cv_ar_at_file=@ + fi + fi + rm -f conftest.* libconftest.a + fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args. -set dummy ${ac_tool_prefix}lipo; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_LIPO+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ar_at_file" >&5 +$as_echo "$lt_cv_ar_at_file" >&6; } + +if test "x$lt_cv_ar_at_file" = xno; then + archiver_list_spec= else - if test -n "$LIPO"; then - ac_cv_prog_LIPO="$LIPO" # Let the user override the test. + archiver_list_spec=$lt_cv_ar_at_file +fi + + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}strip", so it can be a program name with args. +set dummy ${ac_tool_prefix}strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_STRIP+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$STRIP"; then + ac_cv_prog_STRIP="$STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_LIPO="${ac_tool_prefix}lipo" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_STRIP="${ac_tool_prefix}strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -LIPO=$ac_cv_prog_LIPO -if test -n "$LIPO"; then - { echo "$as_me:$LINENO: result: $LIPO" >&5 -echo "${ECHO_T}$LIPO" >&6; } +STRIP=$ac_cv_prog_STRIP +if test -n "$STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $STRIP" >&5 +$as_echo "$STRIP" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi fi -if test -z "$ac_cv_prog_LIPO"; then - ac_ct_LIPO=$LIPO - # Extract the first word of "lipo", so it can be a program name with args. -set dummy lipo; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_LIPO+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$ac_cv_prog_STRIP"; then + ac_ct_STRIP=$STRIP + # Extract the first word of "strip", so it can be a program name with args. +set dummy strip; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_STRIP+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_LIPO"; then - ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test. + if test -n "$ac_ct_STRIP"; then + ac_cv_prog_ac_ct_STRIP="$ac_ct_STRIP" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_LIPO="lipo" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_STRIP="strip" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO -if test -n "$ac_ct_LIPO"; then - { echo "$as_me:$LINENO: result: $ac_ct_LIPO" >&5 -echo "${ECHO_T}$ac_ct_LIPO" >&6; } +ac_ct_STRIP=$ac_cv_prog_ac_ct_STRIP +if test -n "$ac_ct_STRIP"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_STRIP" >&5 +$as_echo "$ac_ct_STRIP" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - if test "x$ac_ct_LIPO" = x; then - LIPO=":" + if test "x$ac_ct_STRIP" = x; then + STRIP=":" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - LIPO=$ac_ct_LIPO + STRIP=$ac_ct_STRIP fi else - LIPO="$ac_cv_prog_LIPO" + STRIP="$ac_cv_prog_STRIP" fi - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args. -set dummy ${ac_tool_prefix}otool; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_OTOOL+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +test -z "$STRIP" && STRIP=: + + + + + + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}ranlib", so it can be a program name with args. +set dummy ${ac_tool_prefix}ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_RANLIB+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$OTOOL"; then - ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test. + if test -n "$RANLIB"; then + ac_cv_prog_RANLIB="$RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_OTOOL="${ac_tool_prefix}otool" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_RANLIB="${ac_tool_prefix}ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -OTOOL=$ac_cv_prog_OTOOL -if test -n "$OTOOL"; then - { echo "$as_me:$LINENO: result: $OTOOL" >&5 -echo "${ECHO_T}$OTOOL" >&6; } +RANLIB=$ac_cv_prog_RANLIB +if test -n "$RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $RANLIB" >&5 +$as_echo "$RANLIB" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi fi -if test -z "$ac_cv_prog_OTOOL"; then - ac_ct_OTOOL=$OTOOL - # Extract the first word of "otool", so it can be a program name with args. -set dummy otool; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_OTOOL+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$ac_cv_prog_RANLIB"; then + ac_ct_RANLIB=$RANLIB + # Extract the first word of "ranlib", so it can be a program name with args. +set dummy ranlib; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_RANLIB+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_OTOOL"; then - ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test. + if test -n "$ac_ct_RANLIB"; then + ac_cv_prog_ac_ct_RANLIB="$ac_ct_RANLIB" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_OTOOL="otool" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_RANLIB="ranlib" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL -if test -n "$ac_ct_OTOOL"; then - { echo "$as_me:$LINENO: result: $ac_ct_OTOOL" >&5 -echo "${ECHO_T}$ac_ct_OTOOL" >&6; } +ac_ct_RANLIB=$ac_cv_prog_ac_ct_RANLIB +if test -n "$ac_ct_RANLIB"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_RANLIB" >&5 +$as_echo "$ac_ct_RANLIB" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - if test "x$ac_ct_OTOOL" = x; then - OTOOL=":" + if test "x$ac_ct_RANLIB" = x; then + RANLIB=":" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - OTOOL=$ac_ct_OTOOL + RANLIB=$ac_ct_RANLIB fi else - OTOOL="$ac_cv_prog_OTOOL" + RANLIB="$ac_cv_prog_RANLIB" fi - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args. -set dummy ${ac_tool_prefix}otool64; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_OTOOL64+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$OTOOL64"; then - ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS +test -z "$RANLIB" && RANLIB=: -fi -fi -OTOOL64=$ac_cv_prog_OTOOL64 -if test -n "$OTOOL64"; then - { echo "$as_me:$LINENO: result: $OTOOL64" >&5 -echo "${ECHO_T}$OTOOL64" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi -fi -if test -z "$ac_cv_prog_OTOOL64"; then - ac_ct_OTOOL64=$OTOOL64 - # Extract the first word of "otool64", so it can be a program name with args. -set dummy otool64; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_OTOOL64+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_OTOOL64"; then - ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_OTOOL64="otool64" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS -fi -fi -ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64 -if test -n "$ac_ct_OTOOL64"; then - { echo "$as_me:$LINENO: result: $ac_ct_OTOOL64" >&5 -echo "${ECHO_T}$ac_ct_OTOOL64" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + + +# Determine commands to create old-style static archives. +old_archive_cmds='$AR $AR_FLAGS $oldlib$oldobjs' +old_postinstall_cmds='chmod 644 $oldlib' +old_postuninstall_cmds= + +if test -n "$RANLIB"; then + case $host_os in + openbsd*) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib" + ;; + *) + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib" + ;; + esac + old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib" fi - if test "x$ac_ct_OTOOL64" = x; then - OTOOL64=":" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; +case $host_os in + darwin*) + lock_old_archive_extraction=yes ;; + *) + lock_old_archive_extraction=no ;; esac - OTOOL64=$ac_ct_OTOOL64 - fi -else - OTOOL64="$ac_cv_prog_OTOOL64" -fi @@ -6491,565 +6704,283 @@ fi - { echo "$as_me:$LINENO: checking for -single_module linker flag" >&5 -echo $ECHO_N "checking for -single_module linker flag... $ECHO_C" >&6; } -if test "${lt_cv_apple_cc_single_mod+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_apple_cc_single_mod=no - if test -z "${LT_MULTI_MODULE}"; then - # By default we will add the -single_module flag. You can override - # by either setting the environment variable LT_MULTI_MODULE - # non-empty at configure time, or by adding -multi_module to the - # link flags. - rm -rf libconftest.dylib* - echo "int foo(void){return 1;}" > conftest.c - echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ --dynamiclib -Wl,-single_module conftest.c" >&5 - $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ - -dynamiclib -Wl,-single_module conftest.c 2>conftest.err - _lt_result=$? - if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then - lt_cv_apple_cc_single_mod=yes - else - cat conftest.err >&5 - fi - rm -rf libconftest.dylib* - rm -f conftest.* - fi -fi -{ echo "$as_me:$LINENO: result: $lt_cv_apple_cc_single_mod" >&5 -echo "${ECHO_T}$lt_cv_apple_cc_single_mod" >&6; } - { echo "$as_me:$LINENO: checking for -exported_symbols_list linker flag" >&5 -echo $ECHO_N "checking for -exported_symbols_list linker flag... $ECHO_C" >&6; } -if test "${lt_cv_ld_exported_symbols_list+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_ld_exported_symbols_list=no - save_LDFLAGS=$LDFLAGS - echo "_main" > conftest.sym - LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -int -main () -{ - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - lt_cv_ld_exported_symbols_list=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - lt_cv_ld_exported_symbols_list=no -fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - LDFLAGS="$save_LDFLAGS" -fi -{ echo "$as_me:$LINENO: result: $lt_cv_ld_exported_symbols_list" >&5 -echo "${ECHO_T}$lt_cv_ld_exported_symbols_list" >&6; } - { echo "$as_me:$LINENO: checking for -force_load linker flag" >&5 -echo $ECHO_N "checking for -force_load linker flag... $ECHO_C" >&6; } -if test "${lt_cv_ld_force_load+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - lt_cv_ld_force_load=no - cat > conftest.c << _LT_EOF -int forced_loaded() { return 2;} -_LT_EOF - echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5 - $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5 - echo "$AR cru libconftest.a conftest.o" >&5 - $AR cru libconftest.a conftest.o 2>&5 - echo "$RANLIB libconftest.a" >&5 - $RANLIB libconftest.a 2>&5 - cat > conftest.c << _LT_EOF -int main() { return 0;} -_LT_EOF - echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5 - $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err - _lt_result=$? - if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then - lt_cv_ld_force_load=yes - else - cat conftest.err >&5 - fi - rm -f conftest.err libconftest.a conftest conftest.c - rm -rf conftest.dSYM -fi -{ echo "$as_me:$LINENO: result: $lt_cv_ld_force_load" >&5 -echo "${ECHO_T}$lt_cv_ld_force_load" >&6; } - case $host_os in - rhapsody* | darwin1.[012]) - _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; - darwin1.*) - _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; - darwin*) # darwin 5.x on - # if running on 10.5 or later, the deployment target defaults - # to the OS version, if on x86, and 10.4, the deployment - # target defaults to 10.4. Don't you love it? - case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in - 10.0,*86*-darwin8*|10.0,*-darwin[91]*) - _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; - 10.[012]*) - _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; - 10.*) - _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; - esac - ;; - esac - if test "$lt_cv_apple_cc_single_mod" = "yes"; then - _lt_dar_single_mod='$single_module' - fi - if test "$lt_cv_ld_exported_symbols_list" = "yes"; then - _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' - else - _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}' - fi - if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then - _lt_dsymutil='~$DSYMUTIL $lib || :' - else - _lt_dsymutil= - fi - ;; - esac -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -{ echo "$as_me:$LINENO: checking how to run the C preprocessor" >&5 -echo $ECHO_N "checking how to run the C preprocessor... $ECHO_C" >&6; } -# On Suns, sometimes $CPP names a directory. -if test -n "$CPP" && test -d "$CPP"; then - CPP= -fi -if test -z "$CPP"; then - if test "${ac_cv_prog_CPP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + + + + + +# If no C compiler was specified, use CC. +LTCC=${LTCC-"$CC"} + +# If no C compiler flags were specified, use CFLAGS. +LTCFLAGS=${LTCFLAGS-"$CFLAGS"} + +# Allow CC to be a program name with arguments. +compiler=$CC + + +# Check for command to grab the raw symbol name followed by C symbol from nm. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking command to parse $NM output from $compiler object" >&5 +$as_echo_n "checking command to parse $NM output from $compiler object... " >&6; } +if ${lt_cv_sys_global_symbol_pipe+:} false; then : + $as_echo_n "(cached) " >&6 else - # Double quotes because CPP needs to be expanded - for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" - do - ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - # Broken: fails on valid input. -continue -fi +# These are sane defaults that work on at least a few old systems. +# [They come from Ultrix. What could be older than Ultrix?!! ;)] -rm -f conftest.err conftest.$ac_ext +# Character class describing NM global symbol codes. +symcode='[BCDEGRST]' - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +# Regexp to match symbols that can be accessed directly from C. +sympat='\([_A-Za-z][_A-Za-z0-9]*\)' - # Passes both tests. -ac_preproc_ok=: -break -fi +# Define system-specific variables. +case $host_os in +aix*) + symcode='[BCDT]' + ;; +cygwin* | mingw* | pw32* | cegcc*) + symcode='[ABCDGISTW]' + ;; +hpux*) + if test "$host_cpu" = ia64; then + symcode='[ABCDEGRST]' + fi + ;; +irix* | nonstopux*) + symcode='[BCDEGRST]' + ;; +osf*) + symcode='[BCDEGQRST]' + ;; +solaris*) + symcode='[BDRT]' + ;; +sco3.2v5*) + symcode='[DT]' + ;; +sysv4.2uw2*) + symcode='[DT]' + ;; +sysv5* | sco5v6* | unixware* | OpenUNIX*) + symcode='[ABDT]' + ;; +sysv4) + symcode='[DFNSTU]' + ;; +esac -rm -f conftest.err conftest.$ac_ext +# If we're using GNU nm, then use its standard symbol codes. +case `$NM -V 2>&1` in +*GNU* | *'with BFD'*) + symcode='[ABCDGIRSTW]' ;; +esac -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - break -fi +# Transform an extracted symbol line into a proper C declaration. +# Some systems (esp. on ia64) link data and code symbols differently, +# so use this general approach. +lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" - done - ac_cv_prog_CPP=$CPP +# Transform an extracted symbol line into symbol name and symbol address +lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"\2\", (void *) \&\2},/p'" +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([^ ]*\)[ ]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([^ ]*\) \(lib[^ ]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([^ ]*\) \([^ ]*\)$/ {\"lib\2\", (void *) \&\2},/p'" -fi - CPP=$ac_cv_prog_CPP -else - ac_cv_prog_CPP=$CPP -fi -{ echo "$as_me:$LINENO: result: $CPP" >&5 -echo "${ECHO_T}$CPP" >&6; } -ac_preproc_ok=false -for ac_c_preproc_warn_flag in '' yes -do - # Use a header file that comes with gcc, so configuring glibc - # with a fresh cross-compiler works. - # Prefer to if __STDC__ is defined, since - # exists even on freestanding compilers. - # On the NeXT, cc -E runs the code through the compiler's parser, - # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#ifdef __STDC__ -# include -#else -# include -#endif - Syntax error -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; +# Handle CRLF in mingw tool chain +opt_cr= +case $build_os in +mingw*) + opt_cr=`$ECHO 'x\{0,1\}' | tr x '\015'` # option cr in regexp + ;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - # Broken: fails on valid input. -continue -fi +# Try without a prefix underscore, then with it. +for ac_symprfx in "" "_"; do -rm -f conftest.err conftest.$ac_ext + # Transform symcode, sympat, and symprfx into a raw symbol and a C symbol. + symxfrm="\\1 $ac_symprfx\\2 \\2" - # OK, works on sane cases. Now check whether nonexistent headers - # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - # Broken: success on invalid input. -continue -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + # Write the raw and C identifiers. + if test "$lt_cv_nm_interface" = "MS dumpbin"; then + # Fake it for dumpbin and say T for any non-static function + # and D for any global variable. + # Also find C++ and __fastcall symbols from MSVC++, + # which start with @ or ?. + lt_cv_sys_global_symbol_pipe="$AWK '"\ +" {last_section=section; section=\$ 3};"\ +" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\ +" /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ +" \$ 0!~/External *\|/{next};"\ +" / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ +" {if(hide[section]) next};"\ +" {f=0}; \$ 0~/\(\).*\|/{f=1}; {printf f ? \"T \" : \"D \"};"\ +" {split(\$ 0, a, /\||\r/); split(a[2], s)};"\ +" s[1]~/^[@?]/{print s[1], s[1]; next};"\ +" s[1]~prfx {split(s[1],t,\"@\"); print t[1], substr(t[1],length(prfx))}"\ +" ' prfx=^$ac_symprfx" + else + lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[ ]\($symcode$symcode*\)[ ][ ]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" + fi + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" - # Passes both tests. -ac_preproc_ok=: -break -fi + # Check to see that the pipe works correctly. + pipe_works=no -rm -f conftest.err conftest.$ac_ext + rm -f conftest* + cat > conftest.$ac_ext <<_LT_EOF +#ifdef __cplusplus +extern "C" { +#endif +char nm_test_var; +void nm_test_func(void); +void nm_test_func(void){} +#ifdef __cplusplus +} +#endif +int main(){nm_test_var='a';nm_test_func();return(0);} +_LT_EOF -done -# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - : -else - { { echo "$as_me:$LINENO: error: C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." >&5 -echo "$as_me: error: C preprocessor \"$CPP\" fails sanity check -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -fi + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + # Now try to grab the symbols. + nlist=conftest.nm + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist\""; } >&5 + (eval $NM conftest.$ac_objext \| "$lt_cv_sys_global_symbol_pipe" \> $nlist) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s "$nlist"; then + # Try sorting and uniquifying the output. + if sort "$nlist" | uniq > "$nlist"T; then + mv -f "$nlist"T "$nlist" + else + rm -f "$nlist"T + fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu + # Make sure that we snagged all the symbols we need. + if $GREP ' nm_test_var$' "$nlist" >/dev/null; then + if $GREP ' nm_test_func$' "$nlist" >/dev/null; then + cat <<_LT_EOF > conftest.$ac_ext +/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ +#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) +/* DATA imports from DLLs on WIN32 con't be const, because runtime + relocations are performed -- see ld's documentation on pseudo-relocs. */ +# define LT_DLSYM_CONST +#elif defined(__osf__) +/* This system does not cope well with relocations in const data. */ +# define LT_DLSYM_CONST +#else +# define LT_DLSYM_CONST const +#endif +#ifdef __cplusplus +extern "C" { +#endif -{ echo "$as_me:$LINENO: checking for ANSI C header files" >&5 -echo $ECHO_N "checking for ANSI C header files... $ECHO_C" >&6; } -if test "${ac_cv_header_stdc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include +_LT_EOF + # Now generate the symbol file. + eval "$lt_cv_sys_global_symbol_to_cdecl"' < "$nlist" | $GREP -v main >> conftest.$ac_ext' -int -main () -{ + cat <<_LT_EOF >> conftest.$ac_ext - ; - return 0; +/* The mapping between symbol names and symbols. */ +LT_DLSYM_CONST struct { + const char *name; + void *address; } -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_stdc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +lt__PROGRAM__LTX_preloaded_symbols[] = +{ + { "@PROGRAM@", (void *) 0 }, +_LT_EOF + $SED "s/^$symcode$symcode* \(.*\) \(.*\)$/ {\"\2\", (void *) \&\2},/" < "$nlist" | $GREP -v main >> conftest.$ac_ext + cat <<\_LT_EOF >> conftest.$ac_ext + {0, (void *) 0} +}; - ac_cv_header_stdc=no -fi +/* This works around a problem in FreeBSD linker */ +#ifdef FREEBSD_WORKAROUND +static const void *lt_preloaded_setup() { + return lt__PROGRAM__LTX_preloaded_symbols; +} +#endif -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +#ifdef __cplusplus +} +#endif +_LT_EOF + # Now try linking the two files. + mv conftest.$ac_objext conftstm.$ac_objext + lt_globsym_save_LIBS=$LIBS + lt_globsym_save_CFLAGS=$CFLAGS + LIBS="conftstm.$ac_objext" + CFLAGS="$CFLAGS$lt_prog_compiler_no_builtin_flag" + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 + (eval $ac_link) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext}; then + pipe_works=yes + fi + LIBS=$lt_globsym_save_LIBS + CFLAGS=$lt_globsym_save_CFLAGS + else + echo "cannot find nm_test_func in $nlist" >&5 + fi + else + echo "cannot find nm_test_var in $nlist" >&5 + fi + else + echo "cannot run $lt_cv_sys_global_symbol_pipe" >&5 + fi + else + echo "$progname: failed program was:" >&5 + cat conftest.$ac_ext >&5 + fi + rm -rf conftest* conftst* -if test $ac_cv_header_stdc = yes; then - # SunOS 4.x string.h does not declare mem*, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include + # Do not use the global_symbol_pipe unless it works. + if test "$pipe_works" = yes; then + break + else + lt_cv_sys_global_symbol_pipe= + fi +done -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "memchr" >/dev/null 2>&1; then - : -else - ac_cv_header_stdc=no fi -rm -f -r conftest* +if test -z "$lt_cv_sys_global_symbol_pipe"; then + lt_cv_sys_global_symbol_to_cdecl= fi - -if test $ac_cv_header_stdc = yes; then - # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include - -_ACEOF -if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | - $EGREP "free" >/dev/null 2>&1; then - : +if test -z "$lt_cv_sys_global_symbol_pipe$lt_cv_sys_global_symbol_to_cdecl"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: failed" >&5 +$as_echo "failed" >&6; } else - ac_cv_header_stdc=no + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ok" >&5 +$as_echo "ok" >&6; } fi -rm -f -r conftest* +# Response file support. +if test "$lt_cv_nm_interface" = "MS dumpbin"; then + nm_file_list_spec='@' +elif $NM --help 2>/dev/null | grep '[@]FILE' >/dev/null; then + nm_file_list_spec='@' fi -if test $ac_cv_header_stdc = yes; then - # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. - if test "$cross_compiling" = yes; then - : -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#if ((' ' & 0x0FF) == 0x020) -# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') -# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) -#else -# define ISLOWER(c) \ - (('a' <= (c) && (c) <= 'i') \ - || ('j' <= (c) && (c) <= 'r') \ - || ('s' <= (c) && (c) <= 'z')) -# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) -#endif - -#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) -int -main () -{ - int i; - for (i = 0; i < 256; i++) - if (XOR (islower (i), ISLOWER (i)) - || toupper (i) != TOUPPER (i)) - return 2; - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - : -else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 -( exit $ac_status ) -ac_cv_header_stdc=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext -fi -fi -fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_stdc" >&5 -echo "${ECHO_T}$ac_cv_header_stdc" >&6; } -if test $ac_cv_header_stdc = yes; then -cat >>confdefs.h <<\_ACEOF -#define STDC_HEADERS 1 -_ACEOF -fi -# On IRIX 5.3, sys/types and inttypes.h are conflicting. @@ -7059,470 +6990,839 @@ fi -for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ - inttypes.h stdint.h unistd.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - eval "$as_ac_Header=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF -fi -done -for ac_header in dlfcn.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - eval "$as_ac_Header=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - eval "$as_ac_Header=no" -fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for sysroot" >&5 +$as_echo_n "checking for sysroot... " >&6; } +# Check whether --with-sysroot was given. +if test "${with_sysroot+set}" = set; then : + withval=$with_sysroot; +else + with_sysroot=no fi -done - - +lt_sysroot= +case ${with_sysroot} in #( + yes) + if test "$GCC" = yes; then + lt_sysroot=`$CC --print-sysroot 2>/dev/null` + fi + ;; #( + /*) + lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + ;; #( + no|'') + ;; #( + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${with_sysroot}" >&5 +$as_echo "${with_sysroot}" >&6; } + as_fn_error $? "The sysroot must be an absolute path." "$LINENO" 5 + ;; +esac + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${lt_sysroot:-no}" >&5 +$as_echo "${lt_sysroot:-no}" >&6; } -# Set options -enable_win32_dll=yes -case $host in -*-*-cygwin* | *-*-mingw* | *-*-pw32* | *-*-cegcc*) - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}as", so it can be a program name with args. -set dummy ${ac_tool_prefix}as; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_AS+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$AS"; then - ac_cv_prog_AS="$AS" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_AS="${ac_tool_prefix}as" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS -fi -fi -AS=$ac_cv_prog_AS -if test -n "$AS"; then - { echo "$as_me:$LINENO: result: $AS" >&5 -echo "${ECHO_T}$AS" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi +# Check whether --enable-libtool-lock was given. +if test "${enable_libtool_lock+set}" = set; then : + enableval=$enable_libtool_lock; fi -if test -z "$ac_cv_prog_AS"; then - ac_ct_AS=$AS - # Extract the first word of "as", so it can be a program name with args. -set dummy as; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_AS+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_AS"; then - ac_cv_prog_ac_ct_AS="$ac_ct_AS" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_AS="as" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS -fi -fi -ac_ct_AS=$ac_cv_prog_ac_ct_AS -if test -n "$ac_ct_AS"; then - { echo "$as_me:$LINENO: result: $ac_ct_AS" >&5 -echo "${ECHO_T}$ac_ct_AS" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi +test "x$enable_libtool_lock" != xno && enable_libtool_lock=yes - if test "x$ac_ct_AS" = x; then - AS="false" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - AS=$ac_ct_AS +# Some flags need to be propagated to the compiler or linker for good +# libtool support. +case $host in +ia64-*-hpux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.$ac_objext` in + *ELF-32*) + HPUX_IA64_MODE="32" + ;; + *ELF-64*) + HPUX_IA64_MODE="64" + ;; + esac fi + rm -rf conftest* + ;; +*-*-irix6*) + # Find out which ABI we are using. + echo '#line '$LINENO' "configure"' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + if test "$lt_cv_prog_gnu_ld" = yes; then + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -melf32bsmip" + ;; + *N32*) + LD="${LD-ld} -melf32bmipn32" + ;; + *64-bit*) + LD="${LD-ld} -melf64bmip" + ;; + esac + else + case `/usr/bin/file conftest.$ac_objext` in + *32-bit*) + LD="${LD-ld} -32" + ;; + *N32*) + LD="${LD-ld} -n32" + ;; + *64-bit*) + LD="${LD-ld} -64" + ;; + esac + fi + fi + rm -rf conftest* + ;; + +x86_64-*kfreebsd*-gnu|x86_64-*linux*|ppc*-*linux*|powerpc*-*linux*| \ +s390*-*linux*|s390*-*tpf*|sparc*-*linux*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.o` in + *32-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_i386_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_i386" + ;; + ppc64-*linux*|powerpc64-*linux*) + LD="${LD-ld} -m elf32ppclinux" + ;; + s390x-*linux*) + LD="${LD-ld} -m elf_s390" + ;; + sparc64-*linux*) + LD="${LD-ld} -m elf32_sparc" + ;; + esac + ;; + *64-bit*) + case $host in + x86_64-*kfreebsd*-gnu) + LD="${LD-ld} -m elf_x86_64_fbsd" + ;; + x86_64-*linux*) + LD="${LD-ld} -m elf_x86_64" + ;; + ppc*-*linux*|powerpc*-*linux*) + LD="${LD-ld} -m elf64ppc" + ;; + s390*-*linux*|s390*-*tpf*) + LD="${LD-ld} -m elf64_s390" + ;; + sparc*-*linux*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; + +*-*-sco3.2v5*) + # On SCO OpenServer 5, we need -belf to get full-featured binaries. + SAVE_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -belf" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the C compiler needs -belf" >&5 +$as_echo_n "checking whether the C compiler needs -belf... " >&6; } +if ${lt_cv_cc_needs_belf+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_cc_needs_belf=yes else - AS="$ac_cv_prog_AS" + lt_cv_cc_needs_belf=no fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}dlltool", so it can be a program name with args. -set dummy ${ac_tool_prefix}dlltool; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_DLLTOOL+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_cc_needs_belf" >&5 +$as_echo "$lt_cv_cc_needs_belf" >&6; } + if test x"$lt_cv_cc_needs_belf" != x"yes"; then + # this is probably gcc 2.8.0, egcs 1.0 or newer; no need for -belf + CFLAGS="$SAVE_CFLAGS" + fi + ;; +*-*solaris*) + # Find out which ABI we are using. + echo 'int i;' > conftest.$ac_ext + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 + (eval $ac_compile) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then + case `/usr/bin/file conftest.o` in + *64-bit*) + case $lt_cv_prog_gnu_ld in + yes*) + case $host in + i?86-*-solaris*) + LD="${LD-ld} -m elf_x86_64" + ;; + sparc*-*-solaris*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + # GNU ld 2.21 introduced _sol2 emulations. Use them if available. + if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then + LD="${LD-ld}_sol2" + fi + ;; + *) + if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then + LD="${LD-ld} -64" + fi + ;; + esac + ;; + esac + fi + rm -rf conftest* + ;; +esac + +need_locks="$enable_libtool_lock" + +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}mt", so it can be a program name with args. +set dummy ${ac_tool_prefix}mt; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_MANIFEST_TOOL+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$DLLTOOL"; then - ac_cv_prog_DLLTOOL="$DLLTOOL" # Let the user override the test. + if test -n "$MANIFEST_TOOL"; then + ac_cv_prog_MANIFEST_TOOL="$MANIFEST_TOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_DLLTOOL="${ac_tool_prefix}dlltool" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_MANIFEST_TOOL="${ac_tool_prefix}mt" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -DLLTOOL=$ac_cv_prog_DLLTOOL -if test -n "$DLLTOOL"; then - { echo "$as_me:$LINENO: result: $DLLTOOL" >&5 -echo "${ECHO_T}$DLLTOOL" >&6; } +MANIFEST_TOOL=$ac_cv_prog_MANIFEST_TOOL +if test -n "$MANIFEST_TOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MANIFEST_TOOL" >&5 +$as_echo "$MANIFEST_TOOL" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi fi -if test -z "$ac_cv_prog_DLLTOOL"; then - ac_ct_DLLTOOL=$DLLTOOL - # Extract the first word of "dlltool", so it can be a program name with args. -set dummy dlltool; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_DLLTOOL+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$ac_cv_prog_MANIFEST_TOOL"; then + ac_ct_MANIFEST_TOOL=$MANIFEST_TOOL + # Extract the first word of "mt", so it can be a program name with args. +set dummy mt; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_MANIFEST_TOOL+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_DLLTOOL"; then - ac_cv_prog_ac_ct_DLLTOOL="$ac_ct_DLLTOOL" # Let the user override the test. + if test -n "$ac_ct_MANIFEST_TOOL"; then + ac_cv_prog_ac_ct_MANIFEST_TOOL="$ac_ct_MANIFEST_TOOL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_DLLTOOL="dlltool" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_MANIFEST_TOOL="mt" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -ac_ct_DLLTOOL=$ac_cv_prog_ac_ct_DLLTOOL -if test -n "$ac_ct_DLLTOOL"; then - { echo "$as_me:$LINENO: result: $ac_ct_DLLTOOL" >&5 -echo "${ECHO_T}$ac_ct_DLLTOOL" >&6; } +ac_ct_MANIFEST_TOOL=$ac_cv_prog_ac_ct_MANIFEST_TOOL +if test -n "$ac_ct_MANIFEST_TOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_MANIFEST_TOOL" >&5 +$as_echo "$ac_ct_MANIFEST_TOOL" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - if test "x$ac_ct_DLLTOOL" = x; then - DLLTOOL="false" + if test "x$ac_ct_MANIFEST_TOOL" = x; then + MANIFEST_TOOL=":" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - DLLTOOL=$ac_ct_DLLTOOL + MANIFEST_TOOL=$ac_ct_MANIFEST_TOOL fi else - DLLTOOL="$ac_cv_prog_DLLTOOL" + MANIFEST_TOOL="$ac_cv_prog_MANIFEST_TOOL" fi - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}objdump", so it can be a program name with args. -set dummy ${ac_tool_prefix}objdump; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_OBJDUMP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $MANIFEST_TOOL is a manifest tool" >&5 +$as_echo_n "checking if $MANIFEST_TOOL is a manifest tool... " >&6; } +if ${lt_cv_path_mainfest_tool+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$OBJDUMP"; then - ac_cv_prog_OBJDUMP="$OBJDUMP" # Let the user override the test. + lt_cv_path_mainfest_tool=no + echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&5 + $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out + cat conftest.err >&5 + if $GREP 'Manifest Tool' conftest.out > /dev/null; then + lt_cv_path_mainfest_tool=yes + fi + rm -f conftest* +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_path_mainfest_tool" >&5 +$as_echo "$lt_cv_path_mainfest_tool" >&6; } +if test "x$lt_cv_path_mainfest_tool" != xyes; then + MANIFEST_TOOL=: +fi + + + + + + + case $host_os in + rhapsody* | darwin*) + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}dsymutil", so it can be a program name with args. +set dummy ${ac_tool_prefix}dsymutil; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_DSYMUTIL+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$DSYMUTIL"; then + ac_cv_prog_DSYMUTIL="$DSYMUTIL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_OBJDUMP="${ac_tool_prefix}objdump" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_DSYMUTIL="${ac_tool_prefix}dsymutil" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -OBJDUMP=$ac_cv_prog_OBJDUMP -if test -n "$OBJDUMP"; then - { echo "$as_me:$LINENO: result: $OBJDUMP" >&5 -echo "${ECHO_T}$OBJDUMP" >&6; } +DSYMUTIL=$ac_cv_prog_DSYMUTIL +if test -n "$DSYMUTIL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $DSYMUTIL" >&5 +$as_echo "$DSYMUTIL" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi fi -if test -z "$ac_cv_prog_OBJDUMP"; then - ac_ct_OBJDUMP=$OBJDUMP - # Extract the first word of "objdump", so it can be a program name with args. -set dummy objdump; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_OBJDUMP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test -z "$ac_cv_prog_DSYMUTIL"; then + ac_ct_DSYMUTIL=$DSYMUTIL + # Extract the first word of "dsymutil", so it can be a program name with args. +set dummy dsymutil; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_DSYMUTIL+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$ac_ct_OBJDUMP"; then - ac_cv_prog_ac_ct_OBJDUMP="$ac_ct_OBJDUMP" # Let the user override the test. + if test -n "$ac_ct_DSYMUTIL"; then + ac_cv_prog_ac_ct_DSYMUTIL="$ac_ct_DSYMUTIL" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_OBJDUMP="objdump" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_DSYMUTIL="dsymutil" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi -ac_ct_OBJDUMP=$ac_cv_prog_ac_ct_OBJDUMP -if test -n "$ac_ct_OBJDUMP"; then - { echo "$as_me:$LINENO: result: $ac_ct_OBJDUMP" >&5 -echo "${ECHO_T}$ac_ct_OBJDUMP" >&6; } +ac_ct_DSYMUTIL=$ac_cv_prog_ac_ct_DSYMUTIL +if test -n "$ac_ct_DSYMUTIL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_DSYMUTIL" >&5 +$as_echo "$ac_ct_DSYMUTIL" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi - if test "x$ac_ct_OBJDUMP" = x; then - OBJDUMP="false" + if test "x$ac_ct_DSYMUTIL" = x; then + DSYMUTIL=":" else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac - OBJDUMP=$ac_ct_OBJDUMP + DSYMUTIL=$ac_ct_DSYMUTIL fi else - OBJDUMP="$ac_cv_prog_OBJDUMP" + DSYMUTIL="$ac_cv_prog_DSYMUTIL" fi - ;; -esac - -test -z "$AS" && AS=as + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}nmedit", so it can be a program name with args. +set dummy ${ac_tool_prefix}nmedit; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_NMEDIT+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$NMEDIT"; then + ac_cv_prog_NMEDIT="$NMEDIT" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_NMEDIT="${ac_tool_prefix}nmedit" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi +fi +NMEDIT=$ac_cv_prog_NMEDIT +if test -n "$NMEDIT"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $NMEDIT" >&5 +$as_echo "$NMEDIT" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +fi +if test -z "$ac_cv_prog_NMEDIT"; then + ac_ct_NMEDIT=$NMEDIT + # Extract the first word of "nmedit", so it can be a program name with args. +set dummy nmedit; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_NMEDIT+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_NMEDIT"; then + ac_cv_prog_ac_ct_NMEDIT="$ac_ct_NMEDIT" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_NMEDIT="nmedit" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi +fi +ac_ct_NMEDIT=$ac_cv_prog_ac_ct_NMEDIT +if test -n "$ac_ct_NMEDIT"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_NMEDIT" >&5 +$as_echo "$ac_ct_NMEDIT" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi -test -z "$DLLTOOL" && DLLTOOL=dlltool + if test "x$ac_ct_NMEDIT" = x; then + NMEDIT=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + NMEDIT=$ac_ct_NMEDIT + fi +else + NMEDIT="$ac_cv_prog_NMEDIT" +fi + + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}lipo", so it can be a program name with args. +set dummy ${ac_tool_prefix}lipo; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_LIPO+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$LIPO"; then + ac_cv_prog_LIPO="$LIPO" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_LIPO="${ac_tool_prefix}lipo" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +LIPO=$ac_cv_prog_LIPO +if test -n "$LIPO"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LIPO" >&5 +$as_echo "$LIPO" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +fi +if test -z "$ac_cv_prog_LIPO"; then + ac_ct_LIPO=$LIPO + # Extract the first word of "lipo", so it can be a program name with args. +set dummy lipo; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_LIPO+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_LIPO"; then + ac_cv_prog_ac_ct_LIPO="$ac_ct_LIPO" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_LIPO="lipo" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi +fi +ac_ct_LIPO=$ac_cv_prog_ac_ct_LIPO +if test -n "$ac_ct_LIPO"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_LIPO" >&5 +$as_echo "$ac_ct_LIPO" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + if test "x$ac_ct_LIPO" = x; then + LIPO=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + LIPO=$ac_ct_LIPO + fi +else + LIPO="$ac_cv_prog_LIPO" +fi -test -z "$OBJDUMP" && OBJDUMP=objdump + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}otool", so it can be a program name with args. +set dummy ${ac_tool_prefix}otool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_OTOOL+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OTOOL"; then + ac_cv_prog_OTOOL="$OTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_OTOOL="${ac_tool_prefix}otool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi +fi +OTOOL=$ac_cv_prog_OTOOL +if test -n "$OTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL" >&5 +$as_echo "$OTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +fi +if test -z "$ac_cv_prog_OTOOL"; then + ac_ct_OTOOL=$OTOOL + # Extract the first word of "otool", so it can be a program name with args. +set dummy otool; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_OTOOL+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OTOOL"; then + ac_cv_prog_ac_ct_OTOOL="$ac_ct_OTOOL" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_OTOOL="otool" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS +fi +fi +ac_ct_OTOOL=$ac_cv_prog_ac_ct_OTOOL +if test -n "$ac_ct_OTOOL"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL" >&5 +$as_echo "$ac_ct_OTOOL" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + if test "x$ac_ct_OTOOL" = x; then + OTOOL=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OTOOL=$ac_ct_OTOOL + fi +else + OTOOL="$ac_cv_prog_OTOOL" +fi + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}otool64", so it can be a program name with args. +set dummy ${ac_tool_prefix}otool64; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_OTOOL64+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$OTOOL64"; then + ac_cv_prog_OTOOL64="$OTOOL64" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_OTOOL64="${ac_tool_prefix}otool64" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - enable_dlopen=no +fi +fi +OTOOL64=$ac_cv_prog_OTOOL64 +if test -n "$OTOOL64"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $OTOOL64" >&5 +$as_echo "$OTOOL64" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi +fi +if test -z "$ac_cv_prog_OTOOL64"; then + ac_ct_OTOOL64=$OTOOL64 + # Extract the first word of "otool64", so it can be a program name with args. +set dummy otool64; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_OTOOL64+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_OTOOL64"; then + ac_cv_prog_ac_ct_OTOOL64="$ac_ct_OTOOL64" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_OTOOL64="otool64" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - # Check whether --enable-shared was given. -if test "${enable_shared+set}" = set; then - enableval=$enable_shared; p=${PACKAGE-default} - case $enableval in - yes) enable_shared=yes ;; - no) enable_shared=no ;; - *) - enable_shared=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_shared=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac +fi +fi +ac_ct_OTOOL64=$ac_cv_prog_ac_ct_OTOOL64 +if test -n "$ac_ct_OTOOL64"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_OTOOL64" >&5 +$as_echo "$ac_ct_OTOOL64" >&6; } else - enable_shared=yes + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi + if test "x$ac_ct_OTOOL64" = x; then + OTOOL64=":" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + OTOOL64=$ac_ct_OTOOL64 + fi +else + OTOOL64="$ac_cv_prog_OTOOL64" +fi @@ -7531,28 +7831,6 @@ fi - # Check whether --enable-static was given. -if test "${enable_static+set}" = set; then - enableval=$enable_static; p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac -else - enable_static=yes -fi @@ -7563,15 +7841,8 @@ fi -# Check whether --with-pic was given. -if test "${with_pic+set}" = set; then - withval=$with_pic; pic_mode="$withval" -else - pic_mode=default -fi -test -z "$pic_mode" && pic_mode=default @@ -7579,45 +7850,574 @@ test -z "$pic_mode" && pic_mode=default - # Check whether --enable-fast-install was given. -if test "${enable_fast_install+set}" = set; then - enableval=$enable_fast_install; p=${PACKAGE-default} - case $enableval in - yes) enable_fast_install=yes ;; - no) enable_fast_install=no ;; - *) - enable_fast_install=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_fast_install=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -single_module linker flag" >&5 +$as_echo_n "checking for -single_module linker flag... " >&6; } +if ${lt_cv_apple_cc_single_mod+:} false; then : + $as_echo_n "(cached) " >&6 else - enable_fast_install=yes + lt_cv_apple_cc_single_mod=no + if test -z "${LT_MULTI_MODULE}"; then + # By default we will add the -single_module flag. You can override + # by either setting the environment variable LT_MULTI_MODULE + # non-empty at configure time, or by adding -multi_module to the + # link flags. + rm -rf libconftest.dylib* + echo "int foo(void){return 1;}" > conftest.c + echo "$LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ +-dynamiclib -Wl,-single_module conftest.c" >&5 + $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ + -dynamiclib -Wl,-single_module conftest.c 2>conftest.err + _lt_result=$? + # If there is a non-empty error log, and "single_module" + # appears in it, assume the flag caused a linker warning + if test -s conftest.err && $GREP single_module conftest.err; then + cat conftest.err >&5 + # Otherwise, if the output was created with a 0 exit code from + # the compiler, it worked. + elif test -f libconftest.dylib && test $_lt_result -eq 0; then + lt_cv_apple_cc_single_mod=yes + else + cat conftest.err >&5 + fi + rm -rf libconftest.dylib* + rm -f conftest.* + fi fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_apple_cc_single_mod" >&5 +$as_echo "$lt_cv_apple_cc_single_mod" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -exported_symbols_list linker flag" >&5 +$as_echo_n "checking for -exported_symbols_list linker flag... " >&6; } +if ${lt_cv_ld_exported_symbols_list+:} false; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ld_exported_symbols_list=no + save_LDFLAGS=$LDFLAGS + echo "_main" > conftest.sym + LDFLAGS="$LDFLAGS -Wl,-exported_symbols_list,conftest.sym" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_ld_exported_symbols_list=yes +else + lt_cv_ld_exported_symbols_list=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS="$save_LDFLAGS" +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_exported_symbols_list" >&5 +$as_echo "$lt_cv_ld_exported_symbols_list" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for -force_load linker flag" >&5 +$as_echo_n "checking for -force_load linker flag... " >&6; } +if ${lt_cv_ld_force_load+:} false; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_ld_force_load=no + cat > conftest.c << _LT_EOF +int forced_loaded() { return 2;} +_LT_EOF + echo "$LTCC $LTCFLAGS -c -o conftest.o conftest.c" >&5 + $LTCC $LTCFLAGS -c -o conftest.o conftest.c 2>&5 + echo "$AR cru libconftest.a conftest.o" >&5 + $AR cru libconftest.a conftest.o 2>&5 + echo "$RANLIB libconftest.a" >&5 + $RANLIB libconftest.a 2>&5 + cat > conftest.c << _LT_EOF +int main() { return 0;} +_LT_EOF + echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&5 + $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err + _lt_result=$? + if test -s conftest.err && $GREP force_load conftest.err; then + cat conftest.err >&5 + elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then + lt_cv_ld_force_load=yes + else + cat conftest.err >&5 + fi + rm -f conftest.err libconftest.a conftest conftest.c + rm -rf conftest.dSYM +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_ld_force_load" >&5 +$as_echo "$lt_cv_ld_force_load" >&6; } + case $host_os in + rhapsody* | darwin1.[012]) + _lt_dar_allow_undefined='${wl}-undefined ${wl}suppress' ;; + darwin1.*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + darwin*) # darwin 5.x on + # if running on 10.5 or later, the deployment target defaults + # to the OS version, if on x86, and 10.4, the deployment + # target defaults to 10.4. Don't you love it? + case ${MACOSX_DEPLOYMENT_TARGET-10.0},$host in + 10.0,*86*-darwin8*|10.0,*-darwin[91]*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + 10.[012]*) + _lt_dar_allow_undefined='${wl}-flat_namespace ${wl}-undefined ${wl}suppress' ;; + 10.*) + _lt_dar_allow_undefined='${wl}-undefined ${wl}dynamic_lookup' ;; + esac + ;; + esac + if test "$lt_cv_apple_cc_single_mod" = "yes"; then + _lt_dar_single_mod='$single_module' + fi + if test "$lt_cv_ld_exported_symbols_list" = "yes"; then + _lt_dar_export_syms=' ${wl}-exported_symbols_list,$output_objdir/${libname}-symbols.expsym' + else + _lt_dar_export_syms='~$NMEDIT -s $output_objdir/${libname}-symbols.expsym ${lib}' + fi + if test "$DSYMUTIL" != ":" && test "$lt_cv_ld_force_load" = "no"; then + _lt_dsymutil='~$DSYMUTIL $lib || :' + else + _lt_dsymutil= + fi + ;; + esac + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C preprocessor" >&5 +$as_echo_n "checking how to run the C preprocessor... " >&6; } +# On Suns, sometimes $CPP names a directory. +if test -n "$CPP" && test -d "$CPP"; then + CPP= +fi +if test -z "$CPP"; then + if ${ac_cv_prog_CPP+:} false; then : + $as_echo_n "(cached) " >&6 +else + # Double quotes because CPP needs to be expanded + for CPP in "$CC -E" "$CC -E -traditional-cpp" "/lib/cpp" + do + ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + +else + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + # Broken: success on invalid input. +continue +else + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : + break +fi + + done + ac_cv_prog_CPP=$CPP + +fi + CPP=$ac_cv_prog_CPP +else + ac_cv_prog_CPP=$CPP +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPP" >&5 +$as_echo "$CPP" >&6; } +ac_preproc_ok=false +for ac_c_preproc_warn_flag in '' yes +do + # Use a header file that comes with gcc, so configuring glibc + # with a fresh cross-compiler works. + # Prefer to if __STDC__ is defined, since + # exists even on freestanding compilers. + # On the NeXT, cc -E runs the code through the compiler's parser, + # not just through cpp. "Syntax error" is here to catch this case. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifdef __STDC__ +# include +#else +# include +#endif + Syntax error +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + +else + # Broken: fails on valid input. +continue +fi +rm -f conftest.err conftest.i conftest.$ac_ext + + # OK, works on sane cases. Now check whether nonexistent headers + # can be detected and how. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +_ACEOF +if ac_fn_c_try_cpp "$LINENO"; then : + # Broken: success on invalid input. +continue +else + # Passes both tests. +ac_preproc_ok=: +break +fi +rm -f conftest.err conftest.i conftest.$ac_ext + +done +# Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : + +else + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "C preprocessor \"$CPP\" fails sanity check +See \`config.log' for more details" "$LINENO" 5; } +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for ANSI C header files" >&5 +$as_echo_n "checking for ANSI C header files... " >&6; } +if ${ac_cv_header_stdc+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#include +#include + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_header_stdc=yes +else + ac_cv_header_stdc=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +if test $ac_cv_header_stdc = yes; then + # SunOS 4.x string.h does not declare mem*, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "memchr" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # ISC 2.0.2 stdlib.h does not declare free, contrary to ANSI. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +_ACEOF +if (eval "$ac_cpp conftest.$ac_ext") 2>&5 | + $EGREP "free" >/dev/null 2>&1; then : + +else + ac_cv_header_stdc=no +fi +rm -f conftest* + +fi + +if test $ac_cv_header_stdc = yes; then + # /bin/cc in Irix-4.0.5 gets non-ANSI ctype macros unless using -ansi. + if test "$cross_compiling" = yes; then : + : +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +#if ((' ' & 0x0FF) == 0x020) +# define ISLOWER(c) ('a' <= (c) && (c) <= 'z') +# define TOUPPER(c) (ISLOWER(c) ? 'A' + ((c) - 'a') : (c)) +#else +# define ISLOWER(c) \ + (('a' <= (c) && (c) <= 'i') \ + || ('j' <= (c) && (c) <= 'r') \ + || ('s' <= (c) && (c) <= 'z')) +# define TOUPPER(c) (ISLOWER(c) ? ((c) | 0x40) : (c)) +#endif + +#define XOR(e, f) (((e) && !(f)) || (!(e) && (f))) +int +main () +{ + int i; + for (i = 0; i < 256; i++) + if (XOR (islower (i), ISLOWER (i)) + || toupper (i) != TOUPPER (i)) + return 2; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + +else + ac_cv_header_stdc=no +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_header_stdc" >&5 +$as_echo "$ac_cv_header_stdc" >&6; } +if test $ac_cv_header_stdc = yes; then + +$as_echo "#define STDC_HEADERS 1" >>confdefs.h + +fi + +# On IRIX 5.3, sys/types and inttypes.h are conflicting. +for ac_header in sys/types.h sys/stat.h stdlib.h string.h memory.h strings.h \ + inttypes.h stdint.h unistd.h +do : + as_ac_Header=`$as_echo "ac_cv_header_$ac_header" | $as_tr_sh` +ac_fn_c_check_header_compile "$LINENO" "$ac_header" "$as_ac_Header" "$ac_includes_default +" +if eval test \"x\$"$as_ac_Header"\" = x"yes"; then : + cat >>confdefs.h <<_ACEOF +#define `$as_echo "HAVE_$ac_header" | $as_tr_cpp` 1 +_ACEOF + +fi + +done + + +for ac_header in dlfcn.h +do : + ac_fn_c_check_header_compile "$LINENO" "dlfcn.h" "ac_cv_header_dlfcn_h" "$ac_includes_default +" +if test "x$ac_cv_header_dlfcn_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_DLFCN_H 1 +_ACEOF + +fi + +done + + + + + +# Set options +# Check whether --enable-static was given. +if test "${enable_static+set}" = set; then : + enableval=$enable_static; p=${PACKAGE-default} + case $enableval in + yes) enable_static=yes ;; + no) enable_static=no ;; + *) + enable_static=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_static=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_static=no +fi + + + + + + + + + + + enable_dlopen=no + + + enable_win32_dll=no + + + # Check whether --enable-shared was given. +if test "${enable_shared+set}" = set; then : + enableval=$enable_shared; p=${PACKAGE-default} + case $enableval in + yes) enable_shared=yes ;; + no) enable_shared=no ;; + *) + enable_shared=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_shared=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_shared=yes +fi + + + + + + + + + + + +# Check whether --with-pic was given. +if test "${with_pic+set}" = set; then : + withval=$with_pic; lt_p=${PACKAGE-default} + case $withval in + yes|no) pic_mode=$withval ;; + *) + pic_mode=default + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for lt_pkg in $withval; do + IFS="$lt_save_ifs" + if test "X$lt_pkg" = "X$lt_p"; then + pic_mode=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + pic_mode=default +fi + + +test -z "$pic_mode" && pic_mode=default + + + + + + + + # Check whether --enable-fast-install was given. +if test "${enable_fast_install+set}" = set; then : + enableval=$enable_fast_install; p=${PACKAGE-default} + case $enableval in + yes) enable_fast_install=yes ;; + no) enable_fast_install=no ;; + *) + enable_fast_install=no + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for pkg in $enableval; do + IFS="$lt_save_ifs" + if test "X$pkg" = "X$p"; then + enable_fast_install=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac +else + enable_fast_install=yes +fi + + + + + + + + + + + +# This can be used to rebuild libtool when needed +LIBTOOL_DEPS="$ltmain" + +# Always use our own libtool. +LIBTOOL='$(SHELL) $(top_builddir)/libtool' -# This can be used to rebuild libtool when needed -LIBTOOL_DEPS="$ltmain" - -# Always use our own libtool. -LIBTOOL='$(SHELL) $(top_builddir)/libtool' - @@ -7662,10 +8462,10 @@ if test -n "${ZSH_VERSION+set}" ; then setopt NO_GLOB_SUBST fi -{ echo "$as_me:$LINENO: checking for objdir" >&5 -echo $ECHO_N "checking for objdir... $ECHO_C" >&6; } -if test "${lt_cv_objdir+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for objdir" >&5 +$as_echo_n "checking for objdir... " >&6; } +if ${lt_cv_objdir+:} false; then : + $as_echo_n "(cached) " >&6 else rm -f .libs 2>/dev/null mkdir .libs 2>/dev/null @@ -7677,8 +8477,8 @@ else fi rmdir .libs 2>/dev/null fi -{ echo "$as_me:$LINENO: result: $lt_cv_objdir" >&5 -echo "${ECHO_T}$lt_cv_objdir" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_objdir" >&5 +$as_echo "$lt_cv_objdir" >&6; } objdir=$lt_cv_objdir @@ -7740,10 +8540,10 @@ test -z "$MAGIC_CMD" && MAGIC_CMD=file case $deplibs_check_method in file_magic*) if test "$file_magic_cmd" = '$MAGIC_CMD'; then - { echo "$as_me:$LINENO: checking for ${ac_tool_prefix}file" >&5 -echo $ECHO_N "checking for ${ac_tool_prefix}file... $ECHO_C" >&6; } -if test "${lt_cv_path_MAGIC_CMD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ${ac_tool_prefix}file" >&5 +$as_echo_n "checking for ${ac_tool_prefix}file... " >&6; } +if ${lt_cv_path_MAGIC_CMD+:} false; then : + $as_echo_n "(cached) " >&6 else case $MAGIC_CMD in [\\/*] | ?:[\\/]*) @@ -7793,11 +8593,11 @@ fi MAGIC_CMD="$lt_cv_path_MAGIC_CMD" if test -n "$MAGIC_CMD"; then - { echo "$as_me:$LINENO: result: $MAGIC_CMD" >&5 -echo "${ECHO_T}$MAGIC_CMD" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 +$as_echo "$MAGIC_CMD" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -7806,10 +8606,10 @@ fi if test -z "$lt_cv_path_MAGIC_CMD"; then if test -n "$ac_tool_prefix"; then - { echo "$as_me:$LINENO: checking for file" >&5 -echo $ECHO_N "checking for file... $ECHO_C" >&6; } -if test "${lt_cv_path_MAGIC_CMD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for file" >&5 +$as_echo_n "checking for file... " >&6; } +if ${lt_cv_path_MAGIC_CMD+:} false; then : + $as_echo_n "(cached) " >&6 else case $MAGIC_CMD in [\\/*] | ?:[\\/]*) @@ -7859,11 +8659,11 @@ fi MAGIC_CMD="$lt_cv_path_MAGIC_CMD" if test -n "$MAGIC_CMD"; then - { echo "$as_me:$LINENO: result: $MAGIC_CMD" >&5 -echo "${ECHO_T}$MAGIC_CMD" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $MAGIC_CMD" >&5 +$as_echo "$MAGIC_CMD" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -7923,7 +8723,7 @@ ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" >conftest.$ac_ext eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err _lt_compiler_boilerplate=`cat conftest.err` -$RM -r conftest* +$RM conftest* ac_outfile=conftest.$ac_objext echo "$lt_simple_link_test_code" >conftest.$ac_ext @@ -7948,10 +8748,10 @@ if test "$GCC" = yes; then lt_prog_compiler_no_builtin_flag=' -fno-builtin' ;; esac - { echo "$as_me:$LINENO: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 -echo $ECHO_N "checking if $compiler supports -fno-rtti -fno-exceptions... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_rtti_exceptions+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -fno-rtti -fno-exceptions" >&5 +$as_echo_n "checking if $compiler supports -fno-rtti -fno-exceptions... " >&6; } +if ${lt_cv_prog_compiler_rtti_exceptions+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_rtti_exceptions=no ac_outfile=conftest.$ac_objext @@ -7980,11 +8780,11 @@ else lt_cv_prog_compiler_rtti_exceptions=yes fi fi - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_rtti_exceptions" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_rtti_exceptions" >&5 +$as_echo "$lt_cv_prog_compiler_rtti_exceptions" >&6; } if test x"$lt_cv_prog_compiler_rtti_exceptions" = xyes; then lt_prog_compiler_no_builtin_flag="$lt_prog_compiler_no_builtin_flag -fno-rtti -fno-exceptions" @@ -8003,8 +8803,6 @@ fi lt_prog_compiler_pic= lt_prog_compiler_static= -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } if test "$GCC" = yes; then lt_prog_compiler_wl='-Wl,' @@ -8104,7 +8902,9 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } case $cc_basename in nvcc*) # Cuda Compiler Driver 2.2 lt_prog_compiler_wl='-Xlinker ' - lt_prog_compiler_pic='-Xcompiler -fPIC' + if test -n "$lt_prog_compiler_pic"; then + lt_prog_compiler_pic="-Xcompiler $lt_prog_compiler_pic" + fi ;; esac else @@ -8169,6 +8969,12 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } lt_prog_compiler_pic='--shared' lt_prog_compiler_static='--static' ;; + nagfor*) + # NAG Fortran compiler + lt_prog_compiler_wl='-Wl,-Wl,,' + lt_prog_compiler_pic='-PIC' + lt_prog_compiler_static='-Bstatic' + ;; pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) # Portland Group compilers (*not* the Pentium gcc compiler, # which looks to be a dead project) @@ -8189,18 +8995,33 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } ;; *) case `$CC -V 2>&1 | sed 5q` in - *Sun\ F* | *Sun*Fortran*) + *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [1-7].* | *Sun*Fortran*\ 8.[0-3]*) # Sun Fortran 8.3 passes all unrecognized flags to the linker lt_prog_compiler_pic='-KPIC' lt_prog_compiler_static='-Bstatic' lt_prog_compiler_wl='' ;; + *Sun\ F* | *Sun*Fortran*) + lt_prog_compiler_pic='-KPIC' + lt_prog_compiler_static='-Bstatic' + lt_prog_compiler_wl='-Qoption ld ' + ;; *Sun\ C*) # Sun C 5.9 lt_prog_compiler_pic='-KPIC' lt_prog_compiler_static='-Bstatic' lt_prog_compiler_wl='-Wl,' ;; + *Intel*\ [CF]*Compiler*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-fPIC' + lt_prog_compiler_static='-static' + ;; + *Portland\ Group*) + lt_prog_compiler_wl='-Wl,' + lt_prog_compiler_pic='-fpic' + lt_prog_compiler_static='-Bstatic' + ;; esac ;; esac @@ -8288,22 +9109,26 @@ case $host_os in lt_prog_compiler_pic="$lt_prog_compiler_pic -DPIC" ;; esac -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic" >&6; } - - - - +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 +$as_echo_n "checking for $compiler option to produce PIC... " >&6; } +if ${lt_cv_prog_compiler_pic+:} false; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_pic=$lt_prog_compiler_pic +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic" >&5 +$as_echo "$lt_cv_prog_compiler_pic" >&6; } +lt_prog_compiler_pic=$lt_cv_prog_compiler_pic # # Check to make sure the PIC flag actually works. # if test -n "$lt_prog_compiler_pic"; then - { echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic works... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_pic_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic works" >&5 +$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic works... " >&6; } +if ${lt_cv_prog_compiler_pic_works+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_pic_works=no ac_outfile=conftest.$ac_objext @@ -8332,11 +9157,11 @@ else lt_cv_prog_compiler_pic_works=yes fi fi - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_pic_works" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_pic_works" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works" >&5 +$as_echo "$lt_cv_prog_compiler_pic_works" >&6; } if test x"$lt_cv_prog_compiler_pic_works" = xyes; then case $lt_prog_compiler_pic in @@ -8355,14 +9180,19 @@ fi + + + + + # # Check to make sure the static flag actually works. # wl=$lt_prog_compiler_wl eval lt_tmp_static_flag=\"$lt_prog_compiler_static\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_static_works+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 +$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } +if ${lt_cv_prog_compiler_static_works+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_static_works=no save_LDFLAGS="$LDFLAGS" @@ -8387,8 +9217,8 @@ else LDFLAGS="$save_LDFLAGS" fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_static_works" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_static_works" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works" >&5 +$as_echo "$lt_cv_prog_compiler_static_works" >&6; } if test x"$lt_cv_prog_compiler_static_works" = xyes; then : @@ -8402,10 +9232,10 @@ fi - { echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if ${lt_cv_prog_compiler_c_o+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_c_o=no $RM -r conftest 2>/dev/null @@ -8439,28 +9269,28 @@ else fi fi chmod u+w . 2>&5 - $RM -r conftest* + $RM conftest* # SGI C++ compiler will create directory out/ii_files/ for # template instantiation test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files $RM out/* && rmdir out cd .. $RM -r conftest - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 +$as_echo "$lt_cv_prog_compiler_c_o" >&6; } - { echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if ${lt_cv_prog_compiler_c_o+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_c_o=no $RM -r conftest 2>/dev/null @@ -8494,18 +9324,18 @@ else fi fi chmod u+w . 2>&5 - $RM -r conftest* + $RM conftest* # SGI C++ compiler will create directory out/ii_files/ for # template instantiation test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files $RM out/* && rmdir out cd .. $RM -r conftest - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o" >&5 +$as_echo "$lt_cv_prog_compiler_c_o" >&6; } @@ -8513,19 +9343,19 @@ echo "${ECHO_T}$lt_cv_prog_compiler_c_o" >&6; } hard_links="nottested" if test "$lt_cv_prog_compiler_c_o" = no && test "$need_locks" != no; then # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 +$as_echo_n "checking if we can lock with hard links... " >&6; } hard_links=yes - $RM -r conftest* + $RM conftest* ln conftest.a conftest.b 2>/dev/null && hard_links=no touch conftest.a ln conftest.a conftest.b 2>&5 || hard_links=no ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 +$as_echo "$hard_links" >&6; } if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 +$as_echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} need_locks=warn fi else @@ -8537,8 +9367,8 @@ fi - { echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 +$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } runpath_var= allow_undefined_flag= @@ -8553,7 +9383,6 @@ echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared librar hardcode_direct=no hardcode_direct_absolute=no hardcode_libdir_flag_spec= - hardcode_libdir_flag_spec_ld= hardcode_libdir_separator= hardcode_minus_L=no hardcode_shlibpath_var=unsupported @@ -8705,7 +9534,8 @@ _LT_EOF allow_undefined_flag=unsupported always_export_symbols=no enable_shared_with_static_runtimes=yes - export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols' + export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols' + exclude_expsyms='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname' if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' @@ -8753,7 +9583,7 @@ _LT_EOF if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ && test "$tmp_diet" = no then - tmp_addflag= + tmp_addflag=' $pic_flag' tmp_sharedflag='-shared' case $cc_basename,$host_cpu in pgcc*) # Portland Group C compiler @@ -8802,8 +9632,7 @@ _LT_EOF xlf* | bgf* | bgxlf* | mpixlf*) # IBM XL Fortran 10.1 on PPC cannot create shared libs itself whole_archive_flag_spec='--whole-archive$convenience --no-whole-archive' - hardcode_libdir_flag_spec= - hardcode_libdir_flag_spec_ld='-rpath $libdir' + hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' archive_cmds='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test "x$supports_anon_versioning" = xyes; then archive_expsym_cmds='echo "{ global:" > $output_objdir/$libname.ver~ @@ -8823,8 +9652,8 @@ _LT_EOF archive_cmds='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' wlarc= else - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' fi ;; @@ -8842,8 +9671,8 @@ _LT_EOF _LT_EOF elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' else ld_shlibs=no fi @@ -8889,8 +9718,8 @@ _LT_EOF *) if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' else ld_shlibs=no fi @@ -9020,11 +9849,13 @@ _LT_EOF allow_undefined_flag='-berok' # Determine the default libpath from the value encoded in an # empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + if ${lt_cv_aix_libpath_+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -9035,47 +9866,31 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -lt_aix_libpath_sed=' - /Import File Strings/,/^$/ { - /^0/ { - s/^0 *\(.*\)$/\1/ - p - } - }' -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then - aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_link "$LINENO"; then : + lt_aix_libpath_sed=' + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }' + lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_="/usr/lib:/lib" + fi fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi + aix_libpath=$lt_cv_aix_libpath_ +fi hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" archive_expsym_cmds='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" @@ -9087,11 +9902,13 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi else # Determine the default libpath from the value encoded in an # empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + if ${lt_cv_aix_libpath_+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -9102,47 +9919,31 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -lt_aix_libpath_sed=' - /Import File Strings/,/^$/ { - /^0/ { - s/^0 *\(.*\)$/\1/ - p - } - }' -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then - aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_c_try_link "$LINENO"; then : + lt_aix_libpath_sed=' + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }' + lt_cv_aix_libpath_=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test -z "$lt_cv_aix_libpath_"; then + lt_cv_aix_libpath_="/usr/lib:/lib" + fi fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi + aix_libpath=$lt_cv_aix_libpath_ +fi hardcode_libdir_flag_spec='${wl}-blibpath:$libdir:'"$aix_libpath" # Warning - without using the other run time loading flags, @@ -9187,20 +9988,64 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi # Microsoft Visual C++. # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. - hardcode_libdir_flag_spec=' ' - allow_undefined_flag=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - old_archive_from_new_cmds='true' - # FIXME: Should let the user specify the lib program. - old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs' - fix_srcfile_path='`cygpath -w "$srcfile"`' - enable_shared_with_static_runtimes=yes + case $cc_basename in + cl*) + # Native MSVC + hardcode_libdir_flag_spec=' ' + allow_undefined_flag=unsupported + always_export_symbols=yes + file_list_spec='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + archive_cmds='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + archive_expsym_cmds='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, )='true' + enable_shared_with_static_runtimes=yes + exclude_expsyms='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' + export_symbols_cmds='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1,DATA/'\'' | $SED -e '\''/^[AITW][ ]/s/.*[ ]//'\'' | sort | uniq > $export_symbols' + # Don't use ranlib + old_postinstall_cmds='chmod 644 $oldlib' + postlink_cmds='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # Assume MSVC wrapper + hardcode_libdir_flag_spec=' ' + allow_undefined_flag=unsupported + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + archive_cmds='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' + # The linker will automatically build a .lib file if we build a DLL. + old_archive_from_new_cmds='true' + # FIXME: Should let the user specify the lib program. + old_archive_cmds='lib -OUT:$oldlib$oldobjs$old_deplibs' + enable_shared_with_static_runtimes=yes + ;; + esac ;; darwin* | rhapsody*) @@ -9212,6 +10057,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hardcode_shlibpath_var=unsupported if test "$lt_cv_ld_force_load" = "yes"; then whole_archive_flag_spec='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + else whole_archive_flag_spec='' fi @@ -9240,10 +10086,6 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hardcode_shlibpath_var=no ;; - freebsd1*) - ld_shlibs=no - ;; - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor # support. Future versions do this automatically, but an explicit c++rt0.o # does not break anything, and helps significantly (at the cost of a little @@ -9256,7 +10098,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) + freebsd2.*) archive_cmds='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' hardcode_direct=yes hardcode_minus_L=yes @@ -9265,7 +10107,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi # FreeBSD 3 and greater uses gcc -shared to do shared libraries. freebsd* | dragonfly*) - archive_cmds='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' hardcode_libdir_flag_spec='-R$libdir' hardcode_direct=yes hardcode_shlibpath_var=no @@ -9273,7 +10115,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hpux9*) if test "$GCC" = yes; then - archive_cmds='$RM $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + archive_cmds='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' else archive_cmds='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' fi @@ -9289,13 +10131,12 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hpux10*) if test "$GCC" = yes && test "$with_gnu_ld" = no; then - archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' else archive_cmds='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' fi if test "$with_gnu_ld" = no; then hardcode_libdir_flag_spec='${wl}+b ${wl}$libdir' - hardcode_libdir_flag_spec_ld='+b $libdir' hardcode_libdir_separator=: hardcode_direct=yes hardcode_direct_absolute=yes @@ -9313,10 +10154,10 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi archive_cmds='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' ;; ia64*) - archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' ;; *) - archive_cmds='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' ;; esac else @@ -9331,10 +10172,10 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi # Older versions of the 11.00 compiler do not understand -b yet # (HP92453-01 A.11.01.20 doesn't, HP92453-01 B.11.X.35175-35176.GP does) - { echo "$as_me:$LINENO: checking if $CC understands -b" >&5 -echo $ECHO_N "checking if $CC understands -b... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler__b+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $CC understands -b" >&5 +$as_echo_n "checking if $CC understands -b... " >&6; } +if ${lt_cv_prog_compiler__b+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler__b=no save_LDFLAGS="$LDFLAGS" @@ -9359,8 +10200,8 @@ else LDFLAGS="$save_LDFLAGS" fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler__b" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler__b" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler__b" >&5 +$as_echo "$lt_cv_prog_compiler__b" >&6; } if test x"$lt_cv_prog_compiler__b" = xyes; then archive_cmds='$CC -b ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' @@ -9395,45 +10236,36 @@ fi irix5* | irix6* | nonstopux*) if test "$GCC" = yes; then - archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + archive_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' # Try to use the -exported_symbol ld option, if it does not # work, assume that -exports_file does not work either and # implicitly export all symbols. - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" - cat >conftest.$ac_ext <<_ACEOF -int foo(void) {} + # This should be the same for all languages, so no per-tag cache variable. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $host_os linker accepts -exported_symbol" >&5 +$as_echo_n "checking whether the $host_os linker accepts -exported_symbol... " >&6; } +if ${lt_cv_irix_exported_symbol+:} false; then : + $as_echo_n "(cached) " >&6 +else + save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int foo (void) { return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' - +if ac_fn_c_try_link "$LINENO"; then : + lt_cv_irix_exported_symbol=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + lt_cv_irix_exported_symbol=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - LDFLAGS="$save_LDFLAGS" +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS="$save_LDFLAGS" +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_irix_exported_symbol" >&5 +$as_echo "$lt_cv_irix_exported_symbol" >&6; } + if test "$lt_cv_irix_exported_symbol" = yes; then + archive_expsym_cmds='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' + fi else archive_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' archive_expsym_cmds='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib' @@ -9518,7 +10350,7 @@ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ osf4* | osf5*) # as osf3* with the addition of -msym flag if test "$GCC" = yes; then allow_undefined_flag=' ${wl}-expect_unresolved ${wl}\*' - archive_cmds='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + archive_cmds='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' hardcode_libdir_flag_spec='${wl}-rpath ${wl}$libdir' else allow_undefined_flag=' -expect_unresolved \*' @@ -9537,9 +10369,9 @@ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ no_undefined_flag=' -z defs' if test "$GCC" = yes; then wlarc='${wl}' - archive_cmds='$CC -shared ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + archive_cmds='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' archive_expsym_cmds='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' else case `$CC -V 2>&1` in *"Compilers 5.0"*) @@ -9688,8 +10520,8 @@ rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ fi fi -{ echo "$as_me:$LINENO: result: $ld_shlibs" >&5 -echo "${ECHO_T}$ld_shlibs" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs" >&5 +$as_echo "$ld_shlibs" >&6; } test "$ld_shlibs" = no && can_build_shared=no with_gnu_ld=$with_gnu_ld @@ -9725,19 +10557,19 @@ x|xyes) # Test whether the compiler implicitly links with -lc since on some # systems, -lgcc has to come before -lc. If gcc already passes -lc # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } -if test "${lt_cv_archive_cmds_need_lc+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 +$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; } +if ${lt_cv_archive_cmds_need_lc+:} false; then : + $as_echo_n "(cached) " >&6 else - $RM -r conftest* + $RM conftest* echo "$lt_simple_compile_test_code" > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } 2>conftest.err; then soname=conftest lib=conftest libobjs=conftest.$ac_objext @@ -9751,11 +10583,11 @@ else libname=conftest lt_save_allow_undefined_flag=$allow_undefined_flag allow_undefined_flag= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5 (eval $archive_cmds 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } then lt_cv_archive_cmds_need_lc=no else @@ -9765,11 +10597,11 @@ else else cat conftest.err 1>&5 fi - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_archive_cmds_need_lc" >&5 -echo "${ECHO_T}$lt_cv_archive_cmds_need_lc" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc" >&5 +$as_echo "$lt_cv_archive_cmds_need_lc" >&6; } archive_cmds_need_lc=$lt_cv_archive_cmds_need_lc ;; esac @@ -9928,13 +10760,8 @@ esac - - - - - - { echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 +$as_echo_n "checking dynamic linker characteristics... " >&6; } if test "$GCC" = yes; then case $host_os in @@ -10022,7 +10849,7 @@ need_version=unknown case $host_os in aix3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' shlibpath_var=LIBPATH @@ -10031,7 +10858,7 @@ aix3*) ;; aix[4-9]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no hardcode_into_libs=yes @@ -10096,7 +10923,7 @@ beos*) ;; bsdi[45]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' @@ -10115,8 +10942,9 @@ cygwin* | mingw* | pw32* | cegcc*) need_version=no need_lib_prefix=no - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32* | yes,cegcc*) + case $GCC,$cc_basename in + yes,*) + # gcc library_names_spec='$libname.dll.a' # DLL is installed to $(libdir)/../bin by postinstall_cmds postinstall_cmds='base_file=`basename \${file}`~ @@ -10149,13 +10977,71 @@ cygwin* | mingw* | pw32* | cegcc*) library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' ;; esac + dynamic_linker='Win32 ld.exe' + ;; + + *,cl*) + # Native MSVC + libname_spec='$name' + soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' + library_names_spec='${libname}.dll.lib' + + case $build_os in + mingw*) + sys_lib_search_path_spec= + lt_save_ifs=$IFS + IFS=';' + for lt_path in $LIB + do + IFS=$lt_save_ifs + # Let DOS variable expansion print the short 8.3 style file name. + lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` + sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" + done + IFS=$lt_save_ifs + # Convert to MSYS style. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` + ;; + cygwin*) + # Convert to unix form, then to dos form, then back to unix form + # but this time dos style (no spaces!) so that the unix form looks + # like /cygdrive/c/PROGRA~1:/cygdr... + sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` + sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` + sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + ;; + *) + sys_lib_search_path_spec="$LIB" + if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then + # It is most probably a Windows format PATH. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` + else + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + fi + # FIXME: find the short name or the path components, as spaces are + # common. (e.g. "Program Files" -> "PROGRA~1") + ;; + esac + + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + dynamic_linker='Win32 link.exe' ;; *) + # Assume MSVC wrapper library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' + dynamic_linker='Win32 ld.exe' ;; esac - dynamic_linker='Win32 ld.exe' # FIXME: first we should search . and the directory the executable is in shlibpath_var=PATH ;; @@ -10165,7 +11051,7 @@ darwin* | rhapsody*) version_type=darwin need_lib_prefix=no need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' + library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH @@ -10176,7 +11062,7 @@ darwin* | rhapsody*) ;; dgux*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' @@ -10184,10 +11070,6 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd1*) - dynamic_linker=no - ;; - freebsd* | dragonfly*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. @@ -10195,7 +11077,7 @@ freebsd* | dragonfly*) objformat=`/usr/bin/objformat` else case $host_os in - freebsd[123]*) objformat=aout ;; + freebsd[23].*) objformat=aout ;; *) objformat=elf ;; esac fi @@ -10213,7 +11095,7 @@ freebsd* | dragonfly*) esac shlibpath_var=LD_LIBRARY_PATH case $host_os in - freebsd2*) + freebsd2.*) shlibpath_overrides_runpath=yes ;; freebsd3.[01]* | freebsdelf3.[01]*) @@ -10233,17 +11115,18 @@ freebsd* | dragonfly*) ;; gnu*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no hardcode_into_libs=yes ;; haiku*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no dynamic_linker="$host_os runtime_loader" @@ -10304,7 +11187,7 @@ hpux9* | hpux10* | hpux11*) ;; interix[3-9]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' @@ -10320,7 +11203,7 @@ irix5* | irix6* | nonstopux*) nonstopux*) version_type=nonstopux ;; *) if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor else version_type=irix fi ;; @@ -10357,9 +11240,9 @@ linux*oldld* | linux*aout* | linux*coff*) dynamic_linker=no ;; -# This must be Linux ELF. +# This must be glibc/ELF. linux* | k*bsd*-gnu | kopensolaris*-gnu) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -10369,19 +11252,15 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu) shlibpath_overrides_runpath=no # Some binutils ld are patched to set DT_RUNPATH - if test "${lt_cv_shlibpath_overrides_runpath+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if ${lt_cv_shlibpath_overrides_runpath+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_shlibpath_overrides_runpath=no save_LDFLAGS=$LDFLAGS save_libdir=$libdir eval "libdir=/foo; wl=\"$lt_prog_compiler_wl\"; \ LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec\"" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -10392,37 +11271,13 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then +if ac_fn_c_try_link "$LINENO"; then : + if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then : lt_cv_shlibpath_overrides_runpath=yes fi - -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS libdir=$save_libdir @@ -10469,7 +11324,7 @@ netbsd*) ;; newsos6) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes @@ -10538,7 +11393,7 @@ rdos*) ;; solaris*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -10563,7 +11418,7 @@ sunos4*) ;; sysv4 | sysv4.3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -10587,7 +11442,7 @@ sysv4 | sysv4.3*) sysv4*MP*) if test -d /usr/nec ;then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' soname_spec='$libname${shared_ext}.$major' shlibpath_var=LD_LIBRARY_PATH @@ -10618,7 +11473,7 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) tpf*) # TPF is a cross-target only. Preferred cross-host = GNU/Linux. - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -10628,7 +11483,7 @@ tpf*) ;; uts4*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -10638,8 +11493,8 @@ uts4*) dynamic_linker=no ;; esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 +$as_echo "$dynamic_linker" >&6; } test "$dynamic_linker" = no && can_build_shared=no variables_saved_for_relink="PATH $shlibpath_var $runpath_var" @@ -10745,8 +11600,8 @@ fi - { echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 +$as_echo_n "checking how to hardcode library paths into programs... " >&6; } hardcode_action= if test -n "$hardcode_libdir_flag_spec" || test -n "$runpath_var" || @@ -10770,8 +11625,8 @@ else # directories. hardcode_action=unsupported fi -{ echo "$as_me:$LINENO: result: $hardcode_action" >&5 -echo "${ECHO_T}$hardcode_action" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action" >&5 +$as_echo "$hardcode_action" >&6; } if test "$hardcode_action" = relink || test "$inherit_rpath" = yes; then @@ -10815,18 +11670,14 @@ else darwin*) # if libdl is installed we need to link against it - { echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5 -echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; } -if test "${ac_cv_lib_dl_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +$as_echo_n "checking for dlopen in -ldl... " >&6; } +if ${ac_cv_lib_dl_dlopen+:} false; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS LIBS="-ldl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -10844,39 +11695,18 @@ return dlopen (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dl_dlopen=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dl_dlopen=no + ac_cv_lib_dl_dlopen=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; } -if test $ac_cv_lib_dl_dlopen = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +$as_echo "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = xyes; then : lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" else @@ -10889,33 +11719,19 @@ fi ;; *) - { echo "$as_me:$LINENO: checking for shl_load" >&5 -echo $ECHO_N "checking for shl_load... $ECHO_C" >&6; } -if test "${ac_cv_func_shl_load+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + ac_fn_c_check_func "$LINENO" "shl_load" "ac_cv_func_shl_load" +if test "x$ac_cv_func_shl_load" = xyes; then : + lt_cv_dlopen="shl_load" else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for shl_load in -ldld" >&5 +$as_echo_n "checking for shl_load in -ldld... " >&6; } +if ${ac_cv_lib_dld_shl_load+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-ldld $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Define shl_load to an innocuous variant, in case declares shl_load. - For example, HP-UX 11i declares gettimeofday. */ -#define shl_load innocuous_shl_load - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char shl_load (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef shl_load /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC @@ -10924,13 +11740,6 @@ cat >>conftest.$ac_ext <<_ACEOF extern "C" #endif char shl_load (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_shl_load || defined __stub___shl_load -choke me -#endif - int main () { @@ -10939,52 +11748,32 @@ return shl_load (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_shl_load=yes +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_dld_shl_load=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_shl_load=no + ac_cv_lib_dld_shl_load=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_shl_load" >&5 -echo "${ECHO_T}$ac_cv_func_shl_load" >&6; } -if test $ac_cv_func_shl_load = yes; then - lt_cv_dlopen="shl_load" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_shl_load" >&5 +$as_echo "$ac_cv_lib_dld_shl_load" >&6; } +if test "x$ac_cv_lib_dld_shl_load" = xyes; then : + lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld" +else + ac_fn_c_check_func "$LINENO" "dlopen" "ac_cv_func_dlopen" +if test "x$ac_cv_func_dlopen" = xyes; then : + lt_cv_dlopen="dlopen" else - { echo "$as_me:$LINENO: checking for shl_load in -ldld" >&5 -echo $ECHO_N "checking for shl_load in -ldld... $ECHO_C" >&6; } -if test "${ac_cv_lib_dld_shl_load+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -ldl" >&5 +$as_echo_n "checking for dlopen in -ldl... " >&6; } +if ${ac_cv_lib_dl_dlopen+:} false; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS -LIBS="-ldld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +LIBS="-ldl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -10993,77 +11782,38 @@ cat >>conftest.$ac_ext <<_ACEOF #ifdef __cplusplus extern "C" #endif -char shl_load (); +char dlopen (); int main () { -return shl_load (); +return dlopen (); ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_dld_shl_load=yes +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_dl_dlopen=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dld_shl_load=no + ac_cv_lib_dl_dlopen=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dld_shl_load" >&5 -echo "${ECHO_T}$ac_cv_lib_dld_shl_load" >&6; } -if test $ac_cv_lib_dld_shl_load = yes; then - lt_cv_dlopen="shl_load" lt_cv_dlopen_libs="-ldld" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dl_dlopen" >&5 +$as_echo "$ac_cv_lib_dl_dlopen" >&6; } +if test "x$ac_cv_lib_dl_dlopen" = xyes; then : + lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" else - { echo "$as_me:$LINENO: checking for dlopen" >&5 -echo $ECHO_N "checking for dlopen... $ECHO_C" >&6; } -if test "${ac_cv_func_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dlopen in -lsvld" >&5 +$as_echo_n "checking for dlopen in -lsvld... " >&6; } +if ${ac_cv_lib_svld_dlopen+:} false; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ac_check_lib_save_LIBS=$LIBS +LIBS="-lsvld $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Define dlopen to an innocuous variant, in case declares dlopen. - For example, HP-UX 11i declares gettimeofday. */ -#define dlopen innocuous_dlopen - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char dlopen (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef dlopen /* Override any GCC internal prototype to avoid an error. Use char because int might match the return type of a GCC @@ -11072,13 +11822,6 @@ cat >>conftest.$ac_ext <<_ACEOF extern "C" #endif char dlopen (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_dlopen || defined __stub___dlopen -choke me -#endif - int main () { @@ -11087,52 +11830,28 @@ return dlopen (); return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_func_dlopen=yes +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_svld_dlopen=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_func_dlopen=no + ac_cv_lib_svld_dlopen=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_dlopen" >&5 -echo "${ECHO_T}$ac_cv_func_dlopen" >&6; } -if test $ac_cv_func_dlopen = yes; then - lt_cv_dlopen="dlopen" +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_svld_dlopen" >&5 +$as_echo "$ac_cv_lib_svld_dlopen" >&6; } +if test "x$ac_cv_lib_svld_dlopen" = xyes; then : + lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld" else - { echo "$as_me:$LINENO: checking for dlopen in -ldl" >&5 -echo $ECHO_N "checking for dlopen in -ldl... $ECHO_C" >&6; } -if test "${ac_cv_lib_dl_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for dld_link in -ldld" >&5 +$as_echo_n "checking for dld_link in -ldld... " >&6; } +if ${ac_cv_lib_dld_dld_link+:} false; then : + $as_echo_n "(cached) " >&6 else ac_check_lib_save_LIBS=$LIBS -LIBS="-ldl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +LIBS="-ldld $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ /* Override any GCC internal prototype to avoid an error. @@ -11141,176 +11860,27 @@ cat >>conftest.$ac_ext <<_ACEOF #ifdef __cplusplus extern "C" #endif -char dlopen (); +char dld_link (); int main () { -return dlopen (); +return dld_link (); ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_dl_dlopen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dl_dlopen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dl_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_dl_dlopen" >&6; } -if test $ac_cv_lib_dl_dlopen = yes; then - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-ldl" -else - { echo "$as_me:$LINENO: checking for dlopen in -lsvld" >&5 -echo $ECHO_N "checking for dlopen in -lsvld... $ECHO_C" >&6; } -if test "${ac_cv_lib_svld_dlopen+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lsvld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dlopen (); -int -main () -{ -return dlopen (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_svld_dlopen=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_svld_dlopen=no -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_svld_dlopen" >&5 -echo "${ECHO_T}$ac_cv_lib_svld_dlopen" >&6; } -if test $ac_cv_lib_svld_dlopen = yes; then - lt_cv_dlopen="dlopen" lt_cv_dlopen_libs="-lsvld" -else - { echo "$as_me:$LINENO: checking for dld_link in -ldld" >&5 -echo $ECHO_N "checking for dld_link in -ldld... $ECHO_C" >&6; } -if test "${ac_cv_lib_dld_dld_link+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_check_lib_save_LIBS=$LIBS -LIBS="-ldld $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char dld_link (); -int -main () -{ -return dld_link (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then +if ac_fn_c_try_link "$LINENO"; then : ac_cv_lib_dld_dld_link=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_dld_dld_link=no + ac_cv_lib_dld_dld_link=no fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LIBS=$ac_check_lib_save_LIBS fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_dld_dld_link" >&5 -echo "${ECHO_T}$ac_cv_lib_dld_dld_link" >&6; } -if test $ac_cv_lib_dld_dld_link = yes; then +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_dld_dld_link" >&5 +$as_echo "$ac_cv_lib_dld_dld_link" >&6; } +if test "x$ac_cv_lib_dld_dld_link" = xyes; then : lt_cv_dlopen="dld_link" lt_cv_dlopen_libs="-ldld" fi @@ -11349,10 +11919,10 @@ fi save_LIBS="$LIBS" LIBS="$lt_cv_dlopen_libs $LIBS" - { echo "$as_me:$LINENO: checking whether a program can dlopen itself" >&5 -echo $ECHO_N "checking whether a program can dlopen itself... $ECHO_C" >&6; } -if test "${lt_cv_dlopen_self+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a program can dlopen itself" >&5 +$as_echo_n "checking whether a program can dlopen itself... " >&6; } +if ${lt_cv_dlopen_self+:} false; then : + $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : lt_cv_dlopen_self=cross @@ -11404,10 +11974,10 @@ else /* When -fvisbility=hidden is used, assume the code has been annotated correspondingly for the symbols needed. */ #if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) -void fnord () __attribute__((visibility("default"))); +int fnord () __attribute__((visibility("default"))); #endif -void fnord () { int i=42; } +int fnord () { return 42; } int main () { void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); @@ -11429,11 +11999,11 @@ int main () return status; } _LT_EOF - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext} 2>/dev/null; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then (./conftest; exit; ) >&5 2>/dev/null lt_status=$? case x$lt_status in @@ -11450,15 +12020,15 @@ rm -fr conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_dlopen_self" >&5 -echo "${ECHO_T}$lt_cv_dlopen_self" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self" >&5 +$as_echo "$lt_cv_dlopen_self" >&6; } if test "x$lt_cv_dlopen_self" = xyes; then wl=$lt_prog_compiler_wl eval LDFLAGS=\"\$LDFLAGS $lt_prog_compiler_static\" - { echo "$as_me:$LINENO: checking whether a statically linked program can dlopen itself" >&5 -echo $ECHO_N "checking whether a statically linked program can dlopen itself... $ECHO_C" >&6; } -if test "${lt_cv_dlopen_self_static+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether a statically linked program can dlopen itself" >&5 +$as_echo_n "checking whether a statically linked program can dlopen itself... " >&6; } +if ${lt_cv_dlopen_self_static+:} false; then : + $as_echo_n "(cached) " >&6 else if test "$cross_compiling" = yes; then : lt_cv_dlopen_self_static=cross @@ -11510,10 +12080,10 @@ else /* When -fvisbility=hidden is used, assume the code has been annotated correspondingly for the symbols needed. */ #if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) -void fnord () __attribute__((visibility("default"))); +int fnord () __attribute__((visibility("default"))); #endif -void fnord () { int i=42; } +int fnord () { return 42; } int main () { void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); @@ -11535,11 +12105,11 @@ int main () return status; } _LT_EOF - if { (eval echo "$as_me:$LINENO: \"$ac_link\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_link\""; } >&5 (eval $ac_link) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && test -s conftest${ac_exeext} 2>/dev/null; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && test -s conftest${ac_exeext} 2>/dev/null; then (./conftest; exit; ) >&5 2>/dev/null lt_status=$? case x$lt_status in @@ -11556,8 +12126,8 @@ rm -fr conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_dlopen_self_static" >&5 -echo "${ECHO_T}$lt_cv_dlopen_self_static" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_dlopen_self_static" >&5 +$as_echo "$lt_cv_dlopen_self_static" >&6; } fi CPPFLAGS="$save_CPPFLAGS" @@ -11595,13 +12165,13 @@ fi striplib= old_striplib= -{ echo "$as_me:$LINENO: checking whether stripping libraries is possible" >&5 -echo $ECHO_N "checking whether stripping libraries is possible... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether stripping libraries is possible" >&5 +$as_echo_n "checking whether stripping libraries is possible... " >&6; } if test -n "$STRIP" && $STRIP -V 2>&1 | $GREP "GNU strip" >/dev/null; then test -z "$old_striplib" && old_striplib="$STRIP --strip-debug" test -z "$striplib" && striplib="$STRIP --strip-unneeded" - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } else # FIXME - insert some real tests, host_os isn't really good enough case $host_os in @@ -11609,16 +12179,16 @@ else if test -n "$STRIP" ; then striplib="$STRIP -x" old_striplib="$STRIP -S" - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi ;; *) - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } ;; esac fi @@ -11635,13 +12205,13 @@ fi # Report which library types will actually be built - { echo "$as_me:$LINENO: checking if libtool supports shared libraries" >&5 -echo $ECHO_N "checking if libtool supports shared libraries... $ECHO_C" >&6; } - { echo "$as_me:$LINENO: result: $can_build_shared" >&5 -echo "${ECHO_T}$can_build_shared" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if libtool supports shared libraries" >&5 +$as_echo_n "checking if libtool supports shared libraries... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $can_build_shared" >&5 +$as_echo "$can_build_shared" >&6; } - { echo "$as_me:$LINENO: checking whether to build shared libraries" >&5 -echo $ECHO_N "checking whether to build shared libraries... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build shared libraries" >&5 +$as_echo_n "checking whether to build shared libraries... " >&6; } test "$can_build_shared" = "no" && enable_shared=no # On AIX, shared libraries and static libraries use the same namespace, and @@ -11661,15 +12231,15 @@ echo $ECHO_N "checking whether to build shared libraries... $ECHO_C" >&6; } fi ;; esac - { echo "$as_me:$LINENO: result: $enable_shared" >&5 -echo "${ECHO_T}$enable_shared" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_shared" >&5 +$as_echo "$enable_shared" >&6; } - { echo "$as_me:$LINENO: checking whether to build static libraries" >&5 -echo $ECHO_N "checking whether to build static libraries... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether to build static libraries" >&5 +$as_echo_n "checking whether to build static libraries... " >&6; } # Make sure either enable_shared or enable_static is yes. test "$enable_shared" = yes || enable_static=yes - { echo "$as_me:$LINENO: result: $enable_static" >&5 -echo "${ECHO_T}$enable_static" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $enable_static" >&5 +$as_echo "$enable_static" >&6; } @@ -11695,6 +12265,8 @@ CC="$lt_save_CC" + + ac_config_commands="$ac_config_commands libtool" @@ -11717,10 +12289,10 @@ if test -z "$CXX"; then do # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CXX+:} false; then : + $as_echo_n "(cached) " >&6 else if test -n "$CXX"; then ac_cv_prog_CXX="$CXX" # Let the user override the test. @@ -11730,25 +12302,25 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi CXX=$ac_cv_prog_CXX if test -n "$CXX"; then - { echo "$as_me:$LINENO: result: $CXX" >&5 -echo "${ECHO_T}$CXX" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXX" >&5 +$as_echo "$CXX" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -11761,10 +12333,10 @@ if test -z "$CXX"; then do # Extract the first word of "$ac_prog", so it can be a program name with args. set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CXX+:} false; then : + $as_echo_n "(cached) " >&6 else if test -n "$ac_ct_CXX"; then ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. @@ -11774,25 +12346,25 @@ for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then ac_cv_prog_ac_ct_CXX="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS fi fi ac_ct_CXX=$ac_cv_prog_ac_ct_CXX if test -n "$ac_ct_CXX"; then - { echo "$as_me:$LINENO: result: $ac_ct_CXX" >&5 -echo "${ECHO_T}$ac_ct_CXX" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CXX" >&5 +$as_echo "$ac_ct_CXX" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi @@ -11804,12 +12376,8 @@ done else case $cross_compiling:$ac_tool_warned in yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} ac_tool_warned=yes ;; esac CXX=$ac_ct_CXX @@ -11819,49 +12387,36 @@ fi fi fi # Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C++ compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C++ compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" case "(($ac_try" in *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; *) ac_try_echo=$ac_try;; esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done -{ echo "$as_me:$LINENO: checking whether we are using the GNU C++ compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C++ compiler... $ECHO_C" >&6; } -if test "${ac_cv_cxx_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C++ compiler" >&5 +$as_echo_n "checking whether we are using the GNU C++ compiler... " >&6; } +if ${ac_cv_cxx_compiler_gnu+:} false; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -11875,54 +12430,34 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_cxx_try_compile "$LINENO"; then : ac_compiler_gnu=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no + ac_compiler_gnu=no fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cv_cxx_compiler_gnu=$ac_compiler_gnu fi -{ echo "$as_me:$LINENO: result: $ac_cv_cxx_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_cxx_compiler_gnu" >&6; } -GXX=`test $ac_compiler_gnu = yes && echo yes` +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cxx_compiler_gnu" >&5 +$as_echo "$ac_cv_cxx_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GXX=yes +else + GXX= +fi ac_test_CXXFLAGS=${CXXFLAGS+set} ac_save_CXXFLAGS=$CXXFLAGS -{ echo "$as_me:$LINENO: checking whether $CXX accepts -g" >&5 -echo $ECHO_N "checking whether $CXX accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cxx_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CXX accepts -g" >&5 +$as_echo_n "checking whether $CXX accepts -g... " >&6; } +if ${ac_cv_prog_cxx_g+:} false; then : + $as_echo_n "(cached) " >&6 else ac_save_cxx_werror_flag=$ac_cxx_werror_flag ac_cxx_werror_flag=yes ac_cv_prog_cxx_g=no CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -11933,34 +12468,11 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_cxx_try_compile "$LINENO"; then : ac_cv_prog_cxx_g=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - CXXFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + CXXFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -11971,35 +12483,12 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_cxx_try_compile "$LINENO"; then : - ac_cxx_werror_flag=$ac_save_cxx_werror_flag +else + ac_cxx_werror_flag=$ac_save_cxx_werror_flag CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -12010,42 +12499,18 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_cxx_try_compile "$LINENO"; then : ac_cv_prog_cxx_g=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ac_cxx_werror_flag=$ac_save_cxx_werror_flag fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cxx_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cxx_g" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_g" >&5 +$as_echo "$ac_cv_prog_cxx_g" >&6; } if test "$ac_test_CXXFLAGS" = set; then CXXFLAGS=$ac_save_CXXFLAGS elif test $ac_cv_prog_cxx_g = yes; then @@ -12069,17 +12534,18 @@ ac_compiler_gnu=$ac_cv_c_compiler_gnu depcc="$CXX" am_compiler_list= -{ echo "$as_me:$LINENO: checking dependency style of $depcc" >&5 -echo $ECHO_N "checking dependency style of $depcc... $ECHO_C" >&6; } -if test "${am_cv_CXX_dependencies_compiler_type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +$as_echo_n "checking dependency style of $depcc... " >&6; } +if ${am_cv_CXX_dependencies_compiler_type+:} false; then : + $as_echo_n "(cached) " >&6 else if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then # We make a subdir and do the tests there. Otherwise we can end up # making bogus files that we don't know about and never remove. For # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named `D' -- because `-MD' means `put the output - # in D'. + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". + rm -rf conftest.dir mkdir conftest.dir # Copy depcomp to subdir because otherwise we won't find it if we're # using a relative directory. @@ -12097,6 +12563,11 @@ else if test "$am_compiler_list" = ""; then am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` fi + am__universal=false + case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac + for depmode in $am_compiler_list; do # Setup a source with many dependencies, because some compilers # like to wrap large dependency lists on column 80 (with \), and @@ -12108,35 +12579,49 @@ else : > sub/conftest.c for i in 1 2 3 4 5 6; do echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with - # Solaris 8's {/usr,}/bin/sh. - touch sub/conftst$i.h + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h done echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + # We check with '-c' and '-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; nosideeffect) - # after this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. if test "x$enable_dependency_tracking" = xyes; then continue else break fi ;; + msvc7 | msvc7msys | msvisualcpp | msvcmsys) + # This compiler won't grok '-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; none) break ;; esac - # We check with `-c' and `-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle `-M -o', and we need to detect this. if depmode=$depmode \ - source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ + source=sub/conftest.c object=$am__obj \ depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ >/dev/null 2>conftest.err && grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && ${MAKE-make} -s -f confmf > /dev/null 2>&1; then # icc doesn't choke on unknown options, it will just issue warnings # or remarks (even with -Werror). So we grep stderr for any message @@ -12160,8 +12645,8 @@ else fi fi -{ echo "$as_me:$LINENO: result: $am_cv_CXX_dependencies_compiler_type" >&5 -echo "${ECHO_T}$am_cv_CXX_dependencies_compiler_type" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CXX_dependencies_compiler_type" >&5 +$as_echo "$am_cv_CXX_dependencies_compiler_type" >&6; } CXXDEPMODE=depmode=$am_cv_CXX_dependencies_compiler_type if @@ -12176,6 +12661,16 @@ fi + + +func_stripname_cnf () +{ + case ${2} in + .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; + *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; + esac +} # func_stripname_cnf + if test -n "$CXX" && ( test "X$CXX" != "Xno" && ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || (test "X$CXX" != "Xg++"))) ; then @@ -12184,11 +12679,11 @@ ac_cpp='$CXXCPP $CPPFLAGS' ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -{ echo "$as_me:$LINENO: checking how to run the C++ preprocessor" >&5 -echo $ECHO_N "checking how to run the C++ preprocessor... $ECHO_C" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking how to run the C++ preprocessor" >&5 +$as_echo_n "checking how to run the C++ preprocessor... " >&6; } if test -z "$CXXCPP"; then - if test "${ac_cv_prog_CXXCPP+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if ${ac_cv_prog_CXXCPP+:} false; then : + $as_echo_n "(cached) " >&6 else # Double quotes because CXXCPP needs to be expanded for CXXCPP in "$CXX -E" "/lib/cpp" @@ -12202,11 +12697,7 @@ do # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include @@ -12215,76 +12706,34 @@ cat >>conftest.$ac_ext <<_ACEOF #endif Syntax error _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_cxx_try_cpp "$LINENO"; then : +else # Broken: fails on valid input. continue fi - -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then +if ac_fn_cxx_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - # Passes both tests. ac_preproc_ok=: break fi - -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : break fi @@ -12296,8 +12745,8 @@ fi else ac_cv_prog_CXXCPP=$CXXCPP fi -{ echo "$as_me:$LINENO: result: $CXXCPP" >&5 -echo "${ECHO_T}$CXXCPP" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXXCPP" >&5 +$as_echo "$CXXCPP" >&6; } ac_preproc_ok=false for ac_cxx_preproc_warn_flag in '' yes do @@ -12307,11 +12756,7 @@ do # exists even on freestanding compilers. # On the NeXT, cc -E runs the code through the compiler's parser, # not just through cpp. "Syntax error" is here to catch this case. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #ifdef __STDC__ # include @@ -12320,83 +12765,40 @@ cat >>conftest.$ac_ext <<_ACEOF #endif Syntax error _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then - : -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_cxx_try_cpp "$LINENO"; then : +else # Broken: fails on valid input. continue fi - -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext # OK, works on sane cases. Now check whether nonexistent headers # can be detected and how. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ #include _ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_cxx_preproc_warn_flag$ac_cxx_werror_flag" || - test ! -s conftest.err - }; then +if ac_fn_cxx_try_cpp "$LINENO"; then : # Broken: success on invalid input. continue else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - # Passes both tests. ac_preproc_ok=: break fi - -rm -f conftest.err conftest.$ac_ext +rm -f conftest.err conftest.i conftest.$ac_ext done # Because of `break', _AC_PREPROC_IFELSE's cleaning code was skipped. -rm -f conftest.err conftest.$ac_ext -if $ac_preproc_ok; then - : +rm -f conftest.i conftest.err conftest.$ac_ext +if $ac_preproc_ok; then : + else - { { echo "$as_me:$LINENO: error: C++ preprocessor \"$CXXCPP\" fails sanity check -See \`config.log' for more details." >&5 -echo "$as_me: error: C++ preprocessor \"$CXXCPP\" fails sanity check -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "C++ preprocessor \"$CXXCPP\" fails sanity check +See \`config.log' for more details" "$LINENO" 5; } fi ac_ext=c @@ -12424,7 +12826,6 @@ export_dynamic_flag_spec_CXX= hardcode_direct_CXX=no hardcode_direct_absolute_CXX=no hardcode_libdir_flag_spec_CXX= -hardcode_libdir_flag_spec_ld_CXX= hardcode_libdir_separator_CXX= hardcode_minus_L_CXX=no hardcode_shlibpath_var_CXX=unsupported @@ -12480,7 +12881,7 @@ compiler=$CC echo "$lt_simple_compile_test_code" >conftest.$ac_ext eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err _lt_compiler_boilerplate=`cat conftest.err` -$RM -r conftest* +$RM conftest* ac_outfile=conftest.$ac_objext echo "$lt_simple_link_test_code" >conftest.$ac_ext @@ -12491,6 +12892,7 @@ $RM -r conftest* # Allow CC to be a program name with arguments. lt_save_CC=$CC + lt_save_CFLAGS=$CFLAGS lt_save_LD=$LD lt_save_GCC=$GCC GCC=$GXX @@ -12508,6 +12910,7 @@ $RM -r conftest* fi test -z "${LDCXX+set}" || LD=$LDCXX CC=${CXX-"c++"} + CFLAGS=$CXXFLAGS compiler=$CC compiler_CXX=$CC for cc_temp in $compiler""; do @@ -12536,7 +12939,7 @@ cc_basename=`$ECHO "$cc_temp" | $SED "s%.*/%%; s%^$host_alias-%%"` # Check whether --with-gnu-ld was given. -if test "${with_gnu_ld+set}" = set; then +if test "${with_gnu_ld+set}" = set; then : withval=$with_gnu_ld; test "$withval" = no || with_gnu_ld=yes else with_gnu_ld=no @@ -12545,8 +12948,8 @@ fi ac_prog=ld if test "$GCC" = yes; then # Check if gcc -print-prog-name=ld gives a path. - { echo "$as_me:$LINENO: checking for ld used by $CC" >&5 -echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for ld used by $CC" >&5 +$as_echo_n "checking for ld used by $CC... " >&6; } case $host in *-*-mingw*) # gcc leaves a trailing carriage return which upsets mingw @@ -12575,14 +12978,14 @@ echo $ECHO_N "checking for ld used by $CC... $ECHO_C" >&6; } ;; esac elif test "$with_gnu_ld" = yes; then - { echo "$as_me:$LINENO: checking for GNU ld" >&5 -echo $ECHO_N "checking for GNU ld... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for GNU ld" >&5 +$as_echo_n "checking for GNU ld... " >&6; } else - { echo "$as_me:$LINENO: checking for non-GNU ld" >&5 -echo $ECHO_N "checking for non-GNU ld... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for non-GNU ld" >&5 +$as_echo_n "checking for non-GNU ld... " >&6; } fi -if test "${lt_cv_path_LD+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if ${lt_cv_path_LD+:} false; then : + $as_echo_n "(cached) " >&6 else if test -z "$LD"; then lt_save_ifs="$IFS"; IFS=$PATH_SEPARATOR @@ -12612,19 +13015,17 @@ fi LD="$lt_cv_path_LD" if test -n "$LD"; then - { echo "$as_me:$LINENO: result: $LD" >&5 -echo "${ECHO_T}$LD" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $LD" >&5 +$as_echo "$LD" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -test -z "$LD" && { { echo "$as_me:$LINENO: error: no acceptable ld found in \$PATH" >&5 -echo "$as_me: error: no acceptable ld found in \$PATH" >&2;} - { (exit 1); exit 1; }; } -{ echo "$as_me:$LINENO: checking if the linker ($LD) is GNU ld" >&5 -echo $ECHO_N "checking if the linker ($LD) is GNU ld... $ECHO_C" >&6; } -if test "${lt_cv_prog_gnu_ld+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +test -z "$LD" && as_fn_error $? "no acceptable ld found in \$PATH" "$LINENO" 5 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if the linker ($LD) is GNU ld" >&5 +$as_echo_n "checking if the linker ($LD) is GNU ld... " >&6; } +if ${lt_cv_prog_gnu_ld+:} false; then : + $as_echo_n "(cached) " >&6 else # I'd rather use --version here, but apparently some GNU lds only accept -v. case `$LD -v 2>&1 &1 &5 -echo "${ECHO_T}$lt_cv_prog_gnu_ld" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_gnu_ld" >&5 +$as_echo "$lt_cv_prog_gnu_ld" >&6; } with_gnu_ld=$lt_cv_prog_gnu_ld @@ -12649,8 +13050,8 @@ with_gnu_ld=$lt_cv_prog_gnu_ld # Check if GNU C++ uses GNU ld as the underlying linker, since the # archiving commands below assume that GNU ld is being used. if test "$with_gnu_ld" = yes; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - archive_expsym_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + archive_cmds_CXX='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + archive_expsym_cmds_CXX='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' hardcode_libdir_flag_spec_CXX='${wl}-rpath ${wl}$libdir' export_dynamic_flag_spec_CXX='${wl}--export-dynamic' @@ -12691,8 +13092,8 @@ with_gnu_ld=$lt_cv_prog_gnu_ld fi # PORTME: fill in a description of your system's C++ link characteristics - { echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 +$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } ld_shlibs_CXX=yes case $host_os in aix3*) @@ -12792,11 +13193,13 @@ echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared librar allow_undefined_flag_CXX='-berok' # Determine the default libpath from the value encoded in an empty # executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + if ${lt_cv_aix_libpath__CXX+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -12807,47 +13210,31 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -lt_aix_libpath_sed=' - /Import File Strings/,/^$/ { - /^0/ { - s/^0 *\(.*\)$/\1/ - p - } - }' -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then - aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_cxx_try_link "$LINENO"; then : + lt_aix_libpath_sed=' + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }' + lt_cv_aix_libpath__CXX=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$lt_cv_aix_libpath__CXX"; then + lt_cv_aix_libpath__CXX=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test -z "$lt_cv_aix_libpath__CXX"; then + lt_cv_aix_libpath__CXX="/usr/lib:/lib" + fi fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi + aix_libpath=$lt_cv_aix_libpath__CXX +fi hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath" @@ -12860,11 +13247,13 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi else # Determine the default libpath from the value encoded in an # empty executable. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + if ${lt_cv_aix_libpath__CXX+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -12875,47 +13264,31 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - -lt_aix_libpath_sed=' - /Import File Strings/,/^$/ { - /^0/ { - s/^0 *\(.*\)$/\1/ - p - } - }' -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then - aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -fi -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if ac_fn_cxx_try_link "$LINENO"; then : + lt_aix_libpath_sed=' + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }' + lt_cv_aix_libpath__CXX=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$lt_cv_aix_libpath__CXX"; then + lt_cv_aix_libpath__CXX=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test -z "$lt_cv_aix_libpath__CXX"; then + lt_cv_aix_libpath__CXX="/usr/lib:/lib" + fi fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi + aix_libpath=$lt_cv_aix_libpath__CXX +fi hardcode_libdir_flag_spec_CXX='${wl}-blibpath:$libdir:'"$aix_libpath" # Warning - without using the other run time loading flags, @@ -12958,29 +13331,75 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; cygwin* | mingw* | pw32* | cegcc*) - # _LT_TAGVAR(hardcode_libdir_flag_spec, CXX) is actually meaningless, - # as there is no search path for DLLs. - hardcode_libdir_flag_spec_CXX='-L$libdir' - export_dynamic_flag_spec_CXX='${wl}--export-all-symbols' - allow_undefined_flag_CXX=unsupported - always_export_symbols_CXX=no - enable_shared_with_static_runtimes_CXX=yes - - if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - archive_expsym_cmds_CXX='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - ld_shlibs_CXX=no - fi - ;; + case $GXX,$cc_basename in + ,cl* | no,cl*) + # Native MSVC + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + hardcode_libdir_flag_spec_CXX=' ' + allow_undefined_flag_CXX=unsupported + always_export_symbols_CXX=yes + file_list_spec_CXX='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + archive_cmds_CXX='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + archive_expsym_cmds_CXX='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + $SED -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + $SED -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, CXX)='true' + enable_shared_with_static_runtimes_CXX=yes + # Don't use ranlib + old_postinstall_cmds_CXX='chmod 644 $oldlib' + postlink_cmds_CXX='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + func_to_tool_file "$lt_outputfile"~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # g++ + # _LT_TAGVAR(hardcode_libdir_flag_spec, CXX) is actually meaningless, + # as there is no search path for DLLs. + hardcode_libdir_flag_spec_CXX='-L$libdir' + export_dynamic_flag_spec_CXX='${wl}--export-all-symbols' + allow_undefined_flag_CXX=unsupported + always_export_symbols_CXX=no + enable_shared_with_static_runtimes_CXX=yes + + if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then + archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + # If the export-symbols file already is a .def file (1st line + # is EXPORTS), use it as is; otherwise, prepend... + archive_expsym_cmds_CXX='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + cp $export_symbols $output_objdir/$soname.def; + else + echo EXPORTS > $output_objdir/$soname.def; + cat $export_symbols >> $output_objdir/$soname.def; + fi~ + $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + else + ld_shlibs_CXX=no + fi + ;; + esac + ;; darwin* | rhapsody*) @@ -12990,6 +13409,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi hardcode_shlibpath_var_CXX=unsupported if test "$lt_cv_ld_force_load" = "yes"; then whole_archive_flag_spec_CXX='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + else whole_archive_flag_spec_CXX='' fi @@ -13034,7 +13454,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi esac ;; - freebsd[12]*) + freebsd2.*) # C++ shared libraries reported to be fairly broken before # switch to ELF ld_shlibs_CXX=no @@ -13086,7 +13506,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; *) if test "$GXX" = yes; then - archive_cmds_CXX='$RM $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + archive_cmds_CXX='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' else # FIXME: insert proper C++ library support ld_shlibs_CXX=no @@ -13157,10 +13577,10 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; ia64*) - archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + archive_cmds_CXX='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; *) - archive_cmds_CXX='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + archive_cmds_CXX='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; esac fi @@ -13201,9 +13621,9 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi *) if test "$GXX" = yes; then if test "$with_gnu_ld" = no; then - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + archive_cmds_CXX='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' else - archive_cmds_CXX='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib' + archive_cmds_CXX='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib' fi fi link_all_deplibs_CXX=yes @@ -13481,7 +13901,7 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' ;; *) - archive_cmds_CXX='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + archive_cmds_CXX='$CC -shared $pic_flag -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' ;; esac @@ -13568,9 +13988,9 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi if test "$GXX" = yes && test "$with_gnu_ld" = no; then no_undefined_flag_CXX=' ${wl}-z ${wl}defs' if $CC --version | $GREP -v '^2\.7' > /dev/null; then - archive_cmds_CXX='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' + archive_cmds_CXX='$CC -shared $pic_flag -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' archive_expsym_cmds_CXX='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' + $CC -shared $pic_flag -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when @@ -13677,8 +14097,8 @@ if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi ;; esac - { echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5 -echo "${ECHO_T}$ld_shlibs_CXX" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs_CXX" >&5 +$as_echo "$ld_shlibs_CXX" >&6; } test "$ld_shlibs_CXX" = no && can_build_shared=no GCC_CXX="$GXX" @@ -13705,11 +14125,19 @@ private: }; _LT_EOF -if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + +_lt_libdeps_save_CFLAGS=$CFLAGS +case "$CC $CFLAGS " in #( +*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;; +*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;; +*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;; +esac + +if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; then # Parse the compiler output and extract the necessary # objects, libraries and library flags. @@ -13718,7 +14146,7 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 pre_test_object_deps_done=no for p in `eval "$output_verbose_link_cmd"`; do - case $p in + case ${prev}${p} in -L* | -R* | -l*) # Some compilers place space between "-{L,R}" and the path. @@ -13727,13 +14155,22 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 test $p = "-R"; then prev=$p continue - else - prev= fi + # Expand the sysroot to ease extracting the directories later. + if test -z "$prev"; then + case $p in + -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;; + -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;; + -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;; + esac + fi + case $p in + =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;; + esac if test "$pre_test_object_deps_done" = no; then - case $p in - -L* | -R*) + case ${prev} in + -L | -R) # Internal compiler library paths should come after those # provided the user. The postdeps already come after the # user supplied libs so there is no need to process them. @@ -13753,8 +14190,10 @@ if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 postdeps_CXX="${postdeps_CXX} ${prev}${p}" fi fi + prev= ;; + *.lto.$objext) ;; # Ignore GCC LTO objects *.$objext) # This assumes that the test object file only shows up # once in the compiler output. @@ -13790,6 +14229,7 @@ else fi $RM -f confest.$objext +CFLAGS=$_lt_libdeps_save_CFLAGS # PORTME: override above test on systems where it is broken case $host_os in @@ -13890,8 +14330,6 @@ fi lt_prog_compiler_pic_CXX= lt_prog_compiler_static_CXX= -{ echo "$as_me:$LINENO: checking for $compiler option to produce PIC" >&5 -echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } # C++ specific cases for pic, static, wl, etc. if test "$GXX" = yes; then @@ -13995,6 +14433,11 @@ echo $ECHO_N "checking for $compiler option to produce PIC... $ECHO_C" >&6; } ;; esac ;; + mingw* | cygwin* | os2* | pw32* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + lt_prog_compiler_pic_CXX='-DDLL_EXPORT' + ;; dgux*) case $cc_basename in ec++*) @@ -14212,19 +14655,26 @@ case $host_os in lt_prog_compiler_pic_CXX="$lt_prog_compiler_pic_CXX -DPIC" ;; esac -{ echo "$as_me:$LINENO: result: $lt_prog_compiler_pic_CXX" >&5 -echo "${ECHO_T}$lt_prog_compiler_pic_CXX" >&6; } - +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $compiler option to produce PIC" >&5 +$as_echo_n "checking for $compiler option to produce PIC... " >&6; } +if ${lt_cv_prog_compiler_pic_CXX+:} false; then : + $as_echo_n "(cached) " >&6 +else + lt_cv_prog_compiler_pic_CXX=$lt_prog_compiler_pic_CXX +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_CXX" >&5 +$as_echo "$lt_cv_prog_compiler_pic_CXX" >&6; } +lt_prog_compiler_pic_CXX=$lt_cv_prog_compiler_pic_CXX # # Check to make sure the PIC flag actually works. # if test -n "$lt_prog_compiler_pic_CXX"; then - { echo "$as_me:$LINENO: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5 -echo $ECHO_N "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_pic_works_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works" >&5 +$as_echo_n "checking if $compiler PIC flag $lt_prog_compiler_pic_CXX works... " >&6; } +if ${lt_cv_prog_compiler_pic_works_CXX+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_pic_works_CXX=no ac_outfile=conftest.$ac_objext @@ -14253,11 +14703,11 @@ else lt_cv_prog_compiler_pic_works_CXX=yes fi fi - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_pic_works_CXX" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_pic_works_CXX" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_pic_works_CXX" >&5 +$as_echo "$lt_cv_prog_compiler_pic_works_CXX" >&6; } if test x"$lt_cv_prog_compiler_pic_works_CXX" = xyes; then case $lt_prog_compiler_pic_CXX in @@ -14273,14 +14723,16 @@ fi + + # # Check to make sure the static flag actually works. # wl=$lt_prog_compiler_wl_CXX eval lt_tmp_static_flag=\"$lt_prog_compiler_static_CXX\" -{ echo "$as_me:$LINENO: checking if $compiler static flag $lt_tmp_static_flag works" >&5 -echo $ECHO_N "checking if $compiler static flag $lt_tmp_static_flag works... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_static_works_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler static flag $lt_tmp_static_flag works" >&5 +$as_echo_n "checking if $compiler static flag $lt_tmp_static_flag works... " >&6; } +if ${lt_cv_prog_compiler_static_works_CXX+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_static_works_CXX=no save_LDFLAGS="$LDFLAGS" @@ -14305,8 +14757,8 @@ else LDFLAGS="$save_LDFLAGS" fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_static_works_CXX" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_static_works_CXX" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_static_works_CXX" >&5 +$as_echo "$lt_cv_prog_compiler_static_works_CXX" >&6; } if test x"$lt_cv_prog_compiler_static_works_CXX" = xyes; then : @@ -14317,10 +14769,10 @@ fi - { echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if ${lt_cv_prog_compiler_c_o_CXX+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_c_o_CXX=no $RM -r conftest 2>/dev/null @@ -14354,25 +14806,25 @@ else fi fi chmod u+w . 2>&5 - $RM -r conftest* + $RM conftest* # SGI C++ compiler will create directory out/ii_files/ for # template instantiation test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files $RM out/* && rmdir out cd .. $RM -r conftest - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_CXX" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o_CXX" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5 +$as_echo "$lt_cv_prog_compiler_c_o_CXX" >&6; } - { echo "$as_me:$LINENO: checking if $compiler supports -c -o file.$ac_objext" >&5 -echo $ECHO_N "checking if $compiler supports -c -o file.$ac_objext... $ECHO_C" >&6; } -if test "${lt_cv_prog_compiler_c_o_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if $compiler supports -c -o file.$ac_objext" >&5 +$as_echo_n "checking if $compiler supports -c -o file.$ac_objext... " >&6; } +if ${lt_cv_prog_compiler_c_o_CXX+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_prog_compiler_c_o_CXX=no $RM -r conftest 2>/dev/null @@ -14406,18 +14858,18 @@ else fi fi chmod u+w . 2>&5 - $RM -r conftest* + $RM conftest* # SGI C++ compiler will create directory out/ii_files/ for # template instantiation test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files $RM out/* && rmdir out cd .. $RM -r conftest - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_prog_compiler_c_o_CXX" >&5 -echo "${ECHO_T}$lt_cv_prog_compiler_c_o_CXX" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_prog_compiler_c_o_CXX" >&5 +$as_echo "$lt_cv_prog_compiler_c_o_CXX" >&6; } @@ -14425,19 +14877,19 @@ echo "${ECHO_T}$lt_cv_prog_compiler_c_o_CXX" >&6; } hard_links="nottested" if test "$lt_cv_prog_compiler_c_o_CXX" = no && test "$need_locks" != no; then # do not overwrite the value of need_locks provided by the user - { echo "$as_me:$LINENO: checking if we can lock with hard links" >&5 -echo $ECHO_N "checking if we can lock with hard links... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if we can lock with hard links" >&5 +$as_echo_n "checking if we can lock with hard links... " >&6; } hard_links=yes - $RM -r conftest* + $RM conftest* ln conftest.a conftest.b 2>/dev/null && hard_links=no touch conftest.a ln conftest.a conftest.b 2>&5 || hard_links=no ln conftest.a conftest.b 2>/dev/null && hard_links=no - { echo "$as_me:$LINENO: result: $hard_links" >&5 -echo "${ECHO_T}$hard_links" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $hard_links" >&5 +$as_echo "$hard_links" >&6; } if test "$hard_links" = no; then - { echo "$as_me:$LINENO: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 -echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&5 +$as_echo "$as_me: WARNING: \`$CC' does not support \`-c -o', so \`make -j' may be unsafe" >&2;} need_locks=warn fi else @@ -14446,10 +14898,11 @@ fi - { echo "$as_me:$LINENO: checking whether the $compiler linker ($LD) supports shared libraries" >&5 -echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared libraries... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the $compiler linker ($LD) supports shared libraries" >&5 +$as_echo_n "checking whether the $compiler linker ($LD) supports shared libraries... " >&6; } export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + exclude_expsyms_CXX='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' case $host_os in aix[4-9]*) # If we're using GNU nm, then we don't want the "-C" option. @@ -14464,18 +14917,25 @@ echo $ECHO_N "checking whether the $compiler linker ($LD) supports shared librar ;; pw32*) export_symbols_cmds_CXX="$ltdll_cmds" - ;; + ;; cygwin* | mingw* | cegcc*) - export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;/^.*[ ]__nm__/s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols' - ;; + case $cc_basename in + cl*) + exclude_expsyms_CXX='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' + ;; + *) + export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[BCDGRS][ ]/s/.*[ ]\([^ ]*\)/\1 DATA/;s/^.*[ ]__nm__\([^ ]*\)[ ][^ ]*/\1 DATA/;/^I[ ]/d;/^[AITW][ ]/s/.* //'\'' | sort | uniq > $export_symbols' + exclude_expsyms_CXX='[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname' + ;; + esac + ;; *) export_symbols_cmds_CXX='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - ;; + ;; esac - exclude_expsyms_CXX='_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*' -{ echo "$as_me:$LINENO: result: $ld_shlibs_CXX" >&5 -echo "${ECHO_T}$ld_shlibs_CXX" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ld_shlibs_CXX" >&5 +$as_echo "$ld_shlibs_CXX" >&6; } test "$ld_shlibs_CXX" = no && can_build_shared=no with_gnu_ld_CXX=$with_gnu_ld @@ -14502,19 +14962,19 @@ x|xyes) # Test whether the compiler implicitly links with -lc since on some # systems, -lgcc has to come before -lc. If gcc already passes -lc # to ld, don't add -lc before -lgcc. - { echo "$as_me:$LINENO: checking whether -lc should be explicitly linked in" >&5 -echo $ECHO_N "checking whether -lc should be explicitly linked in... $ECHO_C" >&6; } -if test "${lt_cv_archive_cmds_need_lc_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether -lc should be explicitly linked in" >&5 +$as_echo_n "checking whether -lc should be explicitly linked in... " >&6; } +if ${lt_cv_archive_cmds_need_lc_CXX+:} false; then : + $as_echo_n "(cached) " >&6 else - $RM -r conftest* + $RM conftest* echo "$lt_simple_compile_test_code" > conftest.$ac_ext - if { (eval echo "$as_me:$LINENO: \"$ac_compile\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$ac_compile\""; } >&5 (eval $ac_compile) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } 2>conftest.err; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } 2>conftest.err; then soname=conftest lib=conftest libobjs=conftest.$ac_objext @@ -14528,11 +14988,11 @@ else libname=conftest lt_save_allow_undefined_flag=$allow_undefined_flag_CXX allow_undefined_flag_CXX= - if { (eval echo "$as_me:$LINENO: \"$archive_cmds_CXX 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\"") >&5 + if { { eval echo "\"\$as_me\":${as_lineno-$LINENO}: \"$archive_cmds_CXX 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1\""; } >&5 (eval $archive_cmds_CXX 2\>\&1 \| $GREP \" -lc \" \>/dev/null 2\>\&1) 2>&5 ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } then lt_cv_archive_cmds_need_lc_CXX=no else @@ -14542,11 +15002,11 @@ else else cat conftest.err 1>&5 fi - $RM -r conftest* + $RM conftest* fi -{ echo "$as_me:$LINENO: result: $lt_cv_archive_cmds_need_lc_CXX" >&5 -echo "${ECHO_T}$lt_cv_archive_cmds_need_lc_CXX" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $lt_cv_archive_cmds_need_lc_CXX" >&5 +$as_echo "$lt_cv_archive_cmds_need_lc_CXX" >&6; } archive_cmds_need_lc_CXX=$lt_cv_archive_cmds_need_lc_CXX ;; esac @@ -14615,10 +15075,8 @@ esac - - - { echo "$as_me:$LINENO: checking dynamic linker characteristics" >&5 -echo $ECHO_N "checking dynamic linker characteristics... $ECHO_C" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking dynamic linker characteristics" >&5 +$as_echo_n "checking dynamic linker characteristics... " >&6; } library_names_spec= libname_spec='lib$name' @@ -14642,7 +15100,7 @@ need_version=unknown case $host_os in aix3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' shlibpath_var=LIBPATH @@ -14651,7 +15109,7 @@ aix3*) ;; aix[4-9]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no hardcode_into_libs=yes @@ -14716,7 +15174,7 @@ beos*) ;; bsdi[45]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' @@ -14735,8 +15193,9 @@ cygwin* | mingw* | pw32* | cegcc*) need_version=no need_lib_prefix=no - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32* | yes,cegcc*) + case $GCC,$cc_basename in + yes,*) + # gcc library_names_spec='$libname.dll.a' # DLL is installed to $(libdir)/../bin by postinstall_cmds postinstall_cmds='base_file=`basename \${file}`~ @@ -14768,13 +15227,71 @@ cygwin* | mingw* | pw32* | cegcc*) library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' ;; esac + dynamic_linker='Win32 ld.exe' + ;; + + *,cl*) + # Native MSVC + libname_spec='$name' + soname_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext}' + library_names_spec='${libname}.dll.lib' + + case $build_os in + mingw*) + sys_lib_search_path_spec= + lt_save_ifs=$IFS + IFS=';' + for lt_path in $LIB + do + IFS=$lt_save_ifs + # Let DOS variable expansion print the short 8.3 style file name. + lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` + sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" + done + IFS=$lt_save_ifs + # Convert to MSYS style. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([a-zA-Z]\\):| /\\1|g' -e 's|^ ||'` + ;; + cygwin*) + # Convert to unix form, then to dos form, then back to unix form + # but this time dos style (no spaces!) so that the unix form looks + # like /cygdrive/c/PROGRA~1:/cygdr... + sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` + sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` + sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + ;; + *) + sys_lib_search_path_spec="$LIB" + if $ECHO "$sys_lib_search_path_spec" | $GREP ';[c-zC-Z]:/' >/dev/null; then + # It is most probably a Windows format PATH. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` + else + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + fi + # FIXME: find the short name or the path components, as spaces are + # common. (e.g. "Program Files" -> "PROGRA~1") + ;; + esac + + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + dynamic_linker='Win32 link.exe' ;; *) + # Assume MSVC wrapper library_names_spec='${libname}`echo ${release} | $SED -e 's/[.]/-/g'`${versuffix}${shared_ext} $libname.lib' + dynamic_linker='Win32 ld.exe' ;; esac - dynamic_linker='Win32 ld.exe' # FIXME: first we should search . and the directory the executable is in shlibpath_var=PATH ;; @@ -14784,7 +15301,7 @@ darwin* | rhapsody*) version_type=darwin need_lib_prefix=no need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' + library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH @@ -14794,7 +15311,7 @@ darwin* | rhapsody*) ;; dgux*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' @@ -14802,10 +15319,6 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd1*) - dynamic_linker=no - ;; - freebsd* | dragonfly*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. @@ -14813,7 +15326,7 @@ freebsd* | dragonfly*) objformat=`/usr/bin/objformat` else case $host_os in - freebsd[123]*) objformat=aout ;; + freebsd[23].*) objformat=aout ;; *) objformat=elf ;; esac fi @@ -14831,7 +15344,7 @@ freebsd* | dragonfly*) esac shlibpath_var=LD_LIBRARY_PATH case $host_os in - freebsd2*) + freebsd2.*) shlibpath_overrides_runpath=yes ;; freebsd3.[01]* | freebsdelf3.[01]*) @@ -14851,17 +15364,18 @@ freebsd* | dragonfly*) ;; gnu*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no hardcode_into_libs=yes ;; haiku*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no dynamic_linker="$host_os runtime_loader" @@ -14922,7 +15436,7 @@ hpux9* | hpux10* | hpux11*) ;; interix[3-9]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' @@ -14938,7 +15452,7 @@ irix5* | irix6* | nonstopux*) nonstopux*) version_type=nonstopux ;; *) if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor else version_type=irix fi ;; @@ -14975,9 +15489,9 @@ linux*oldld* | linux*aout* | linux*coff*) dynamic_linker=no ;; -# This must be Linux ELF. +# This must be glibc/ELF. linux* | k*bsd*-gnu | kopensolaris*-gnu) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -14987,19 +15501,15 @@ linux* | k*bsd*-gnu | kopensolaris*-gnu) shlibpath_overrides_runpath=no # Some binutils ld are patched to set DT_RUNPATH - if test "${lt_cv_shlibpath_overrides_runpath+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if ${lt_cv_shlibpath_overrides_runpath+:} false; then : + $as_echo_n "(cached) " >&6 else lt_cv_shlibpath_overrides_runpath=no save_LDFLAGS=$LDFLAGS save_libdir=$libdir eval "libdir=/foo; wl=\"$lt_prog_compiler_wl_CXX\"; \ LDFLAGS=\"\$LDFLAGS $hardcode_libdir_flag_spec_CXX\"" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -15010,37 +15520,13 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then +if ac_fn_cxx_try_link "$LINENO"; then : + if ($OBJDUMP -p conftest$ac_exeext) 2>/dev/null | grep "RUNPATH.*$libdir" >/dev/null; then : lt_cv_shlibpath_overrides_runpath=yes fi - -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext LDFLAGS=$save_LDFLAGS libdir=$save_libdir @@ -15087,7 +15573,7 @@ netbsd*) ;; newsos6) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes @@ -15156,7 +15642,7 @@ rdos*) ;; solaris*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -15181,7 +15667,7 @@ sunos4*) ;; sysv4 | sysv4.3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -15205,7 +15691,7 @@ sysv4 | sysv4.3*) sysv4*MP*) if test -d /usr/nec ;then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' soname_spec='$libname${shared_ext}.$major' shlibpath_var=LD_LIBRARY_PATH @@ -15234,137 +15720,2459 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) sys_lib_dlsearch_path_spec='/usr/lib' ;; -tpf*) - # TPF is a cross-target only. Preferred cross-host = GNU/Linux. - version_type=linux - need_lib_prefix=no - need_version=no - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - shlibpath_var=LD_LIBRARY_PATH - shlibpath_overrides_runpath=no - hardcode_into_libs=yes - ;; +tpf*) + # TPF is a cross-target only. Preferred cross-host = GNU/Linux. + version_type=linux # correct to gnu/linux during the next big refactor + need_lib_prefix=no + need_version=no + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no + hardcode_into_libs=yes + ;; + +uts4*) + version_type=linux # correct to gnu/linux during the next big refactor + library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' + soname_spec='${libname}${release}${shared_ext}$major' + shlibpath_var=LD_LIBRARY_PATH + ;; + +*) + dynamic_linker=no + ;; +esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $dynamic_linker" >&5 +$as_echo "$dynamic_linker" >&6; } +test "$dynamic_linker" = no && can_build_shared=no + +variables_saved_for_relink="PATH $shlibpath_var $runpath_var" +if test "$GCC" = yes; then + variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" +fi + +if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then + sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" +fi +if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then + sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" +fi + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking how to hardcode library paths into programs" >&5 +$as_echo_n "checking how to hardcode library paths into programs... " >&6; } +hardcode_action_CXX= +if test -n "$hardcode_libdir_flag_spec_CXX" || + test -n "$runpath_var_CXX" || + test "X$hardcode_automatic_CXX" = "Xyes" ; then + + # We can hardcode non-existent directories. + if test "$hardcode_direct_CXX" != no && + # If the only mechanism to avoid hardcoding is shlibpath_var, we + # have to relink, otherwise we might link with an installed library + # when we should be linking with a yet-to-be-installed one + ## test "$_LT_TAGVAR(hardcode_shlibpath_var, CXX)" != no && + test "$hardcode_minus_L_CXX" != no; then + # Linking always hardcodes the temporary library directory. + hardcode_action_CXX=relink + else + # We can link without hardcoding, and we can hardcode nonexisting dirs. + hardcode_action_CXX=immediate + fi +else + # We cannot hardcode anything, or else we can only hardcode existing + # directories. + hardcode_action_CXX=unsupported +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $hardcode_action_CXX" >&5 +$as_echo "$hardcode_action_CXX" >&6; } + +if test "$hardcode_action_CXX" = relink || + test "$inherit_rpath_CXX" = yes; then + # Fast installation is not supported + enable_fast_install=no +elif test "$shlibpath_overrides_runpath" = yes || + test "$enable_shared" = no; then + # Fast installation is not necessary + enable_fast_install=needless +fi + + + + + + + + fi # test -n "$compiler" + + CC=$lt_save_CC + CFLAGS=$lt_save_CFLAGS + LDCXX=$LD + LD=$lt_save_LD + GCC=$lt_save_GCC + with_gnu_ld=$lt_save_with_gnu_ld + lt_cv_path_LDCXX=$lt_cv_path_LD + lt_cv_path_LD=$lt_save_path_LD + lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld + lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld +fi # test "$_lt_caught_CXX_error" != yes + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + + + + + CFLAG_VISIBILITY= + HAVE_VISIBILITY=0 + if test -n "$GCC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the -Werror option is usable" >&5 +$as_echo_n "checking whether the -Werror option is usable... " >&6; } + if ${gl_cv_cc_vis_werror+:} false; then : + $as_echo_n "(cached) " >&6 +else + + gl_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -Werror" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_cc_vis_werror=yes +else + gl_cv_cc_vis_werror=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS="$gl_save_CFLAGS" +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_cc_vis_werror" >&5 +$as_echo "$gl_cv_cc_vis_werror" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for simple visibility declarations" >&5 +$as_echo_n "checking for simple visibility declarations... " >&6; } + if ${gl_cv_cc_visibility+:} false; then : + $as_echo_n "(cached) " >&6 +else + + gl_save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS -fvisibility=hidden" + if test $gl_cv_cc_vis_werror = yes; then + CFLAGS="$CFLAGS -Werror" + fi + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +extern __attribute__((__visibility__("hidden"))) int hiddenvar; + extern __attribute__((__visibility__("default"))) int exportedvar; + extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void); + extern __attribute__((__visibility__("default"))) int exportedfunc (void); + void dummyfunc (void) {} + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + gl_cv_cc_visibility=yes +else + gl_cv_cc_visibility=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS="$gl_save_CFLAGS" +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $gl_cv_cc_visibility" >&5 +$as_echo "$gl_cv_cc_visibility" >&6; } + if test $gl_cv_cc_visibility = yes; then + CFLAG_VISIBILITY="-fvisibility=hidden" + HAVE_VISIBILITY=1 + fi + fi + + + +cat >>confdefs.h <<_ACEOF +#define HAVE_VISIBILITY $HAVE_VISIBILITY +_ACEOF + + +if test -n "$CFLAG_VISIBILITY" ; then : + + AM_CPPFLAGS="$AM_CPPFLAGS $CFLAG_VISIBILITY" + CPPFLAGS="$CPPFLAGS $CFLAG_VISIBILITY" + +fi + +# Check whether --enable-silent-rules was given. +if test "${enable_silent_rules+set}" = set; then : + enableval=$enable_silent_rules; +fi + +case $enable_silent_rules in # ((( + yes) AM_DEFAULT_VERBOSITY=0;; + no) AM_DEFAULT_VERBOSITY=1;; + *) AM_DEFAULT_VERBOSITY=0;; +esac +am_make=${MAKE-make} +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $am_make supports nested variables" >&5 +$as_echo_n "checking whether $am_make supports nested variables... " >&6; } +if ${am_cv_make_support_nested_variables+:} false; then : + $as_echo_n "(cached) " >&6 +else + if $as_echo 'TRUE=$(BAR$(V)) +BAR0=false +BAR1=true +V=1 +am__doit: + @$(TRUE) +.PHONY: am__doit' | $am_make -f - >/dev/null 2>&1; then + am_cv_make_support_nested_variables=yes +else + am_cv_make_support_nested_variables=no +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_make_support_nested_variables" >&5 +$as_echo "$am_cv_make_support_nested_variables" >&6; } +if test $am_cv_make_support_nested_variables = yes; then + AM_V='$(V)' + AM_DEFAULT_V='$(AM_DEFAULT_VERBOSITY)' +else + AM_V=$AM_DEFAULT_VERBOSITY + AM_DEFAULT_V=$AM_DEFAULT_VERBOSITY +fi +AM_BACKSLASH='\' + + +for ac_func in gethostbyname +do : + ac_fn_c_check_func "$LINENO" "gethostbyname" "ac_cv_func_gethostbyname" +if test "x$ac_cv_func_gethostbyname" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GETHOSTBYNAME 1 +_ACEOF + +fi +done + +for ac_func in getaddrinfo +do : + ac_fn_c_check_func "$LINENO" "getaddrinfo" "ac_cv_func_getaddrinfo" +if test "x$ac_cv_func_getaddrinfo" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GETADDRINFO 1 +_ACEOF + +fi +done + +for ac_func in gettimeofday +do : + ac_fn_c_check_func "$LINENO" "gettimeofday" "ac_cv_func_gettimeofday" +if test "x$ac_cv_func_gettimeofday" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_GETTIMEOFDAY 1 +_ACEOF + +fi +done + +for ac_func in inet_ntoa +do : + ac_fn_c_check_func "$LINENO" "inet_ntoa" "ac_cv_func_inet_ntoa" +if test "x$ac_cv_func_inet_ntoa" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_INET_NTOA 1 +_ACEOF + +fi +done + +for ac_func in memset +do : + ac_fn_c_check_func "$LINENO" "memset" "ac_cv_func_memset" +if test "x$ac_cv_func_memset" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_MEMSET 1 +_ACEOF + +fi +done + +for ac_func in socket +do : + ac_fn_c_check_func "$LINENO" "socket" "ac_cv_func_socket" +if test "x$ac_cv_func_socket" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SOCKET 1 +_ACEOF + +fi +done + +for ac_header in arpa/inet.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "arpa/inet.h" "ac_cv_header_arpa_inet_h" "$ac_includes_default" +if test "x$ac_cv_header_arpa_inet_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_ARPA_INET_H 1 +_ACEOF + +fi + +done + +for ac_header in fcntl.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "fcntl.h" "ac_cv_header_fcntl_h" "$ac_includes_default" +if test "x$ac_cv_header_fcntl_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_FCNTL_H 1 +_ACEOF + +fi + +done + +for ac_header in limits.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "limits.h" "ac_cv_header_limits_h" "$ac_includes_default" +if test "x$ac_cv_header_limits_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LIMITS_H 1 +_ACEOF + +fi + +done + +for ac_header in netdb.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "netdb.h" "ac_cv_header_netdb_h" "$ac_includes_default" +if test "x$ac_cv_header_netdb_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_NETDB_H 1 +_ACEOF + +fi + +done + +for ac_header in netinet/in.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "netinet/in.h" "ac_cv_header_netinet_in_h" "$ac_includes_default" +if test "x$ac_cv_header_netinet_in_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_NETINET_IN_H 1 +_ACEOF + +fi + +done + +for ac_header in stddef.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "stddef.h" "ac_cv_header_stddef_h" "$ac_includes_default" +if test "x$ac_cv_header_stddef_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_STDDEF_H 1 +_ACEOF + +fi + +done + +for ac_header in sys/ioctl.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "sys/ioctl.h" "ac_cv_header_sys_ioctl_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_ioctl_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SYS_IOCTL_H 1 +_ACEOF + +fi + +done + +for ac_header in sys/socket.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "sys/socket.h" "ac_cv_header_sys_socket_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_socket_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SYS_SOCKET_H 1 +_ACEOF + +fi + +done + +for ac_header in sys/time.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "sys/time.h" "ac_cv_header_sys_time_h" "$ac_includes_default" +if test "x$ac_cv_header_sys_time_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_SYS_TIME_H 1 +_ACEOF + +fi + +done + +for ac_header in errno.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "errno.h" "ac_cv_header_errno_h" "$ac_includes_default" +if test "x$ac_cv_header_errno_h" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_ERRNO_H 1 +_ACEOF + +fi + +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lnetwork" >&5 +$as_echo_n "checking for socket in -lnetwork... " >&6; } +if ${ac_cv_lib_network_socket+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lnetwork $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char socket (); +int +main () +{ +return socket (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_network_socket=yes +else + ac_cv_lib_network_socket=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_network_socket" >&5 +$as_echo "$ac_cv_lib_network_socket" >&6; } +if test "x$ac_cv_lib_network_socket" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBNETWORK 1 +_ACEOF + + LIBS="-lnetwork $LIBS" + +fi + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long long" >&5 +$as_echo_n "checking size of long long... " >&6; } +if ${ac_cv_sizeof_long_long+:} false; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long long))" "ac_cv_sizeof_long_long" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_long_long" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (long long) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_long_long=0 + fi +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long_long" >&5 +$as_echo "$ac_cv_sizeof_long_long" >&6; } + + + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_LONG_LONG $ac_cv_sizeof_long_long +_ACEOF + + +# The cast to long int works around a bug in the HP C Compiler +# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects +# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. +# This bug is HP SR number 8606223364. +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking size of long" >&5 +$as_echo_n "checking size of long... " >&6; } +if ${ac_cv_sizeof_long+:} false; then : + $as_echo_n "(cached) " >&6 +else + if ac_fn_c_compute_int "$LINENO" "(long int) (sizeof (long))" "ac_cv_sizeof_long" "$ac_includes_default"; then : + +else + if test "$ac_cv_type_long" = yes; then + { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error 77 "cannot compute sizeof (long) +See \`config.log' for more details" "$LINENO" 5; } + else + ac_cv_sizeof_long=0 + fi +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_sizeof_long" >&5 +$as_echo "$ac_cv_sizeof_long" >&6; } + + + +cat >>confdefs.h <<_ACEOF +#define SIZEOF_LONG $ac_cv_sizeof_long +_ACEOF + + +ac_fn_c_check_type "$LINENO" "__uint128_t" "ac_cv_type___uint128_t" "$ac_includes_default" +if test "x$ac_cv_type___uint128_t" = xyes; then : + +cat >>confdefs.h <<_ACEOF +#define HAVE___UINT128_T 1 +_ACEOF + + +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether byte ordering is bigendian" >&5 +$as_echo_n "checking whether byte ordering is bigendian... " >&6; } +if ${ac_cv_c_bigendian+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_c_bigendian=unknown + # See if we're dealing with a universal compiler. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#ifndef __APPLE_CC__ + not a universal capable compiler + #endif + typedef int dummy; + +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + + # Check for potential -arch flags. It is not universal unless + # there are at least two -arch flags with different values. + ac_arch= + ac_prev= + for ac_word in $CC $CFLAGS $CPPFLAGS $LDFLAGS; do + if test -n "$ac_prev"; then + case $ac_word in + i?86 | x86_64 | ppc | ppc64) + if test -z "$ac_arch" || test "$ac_arch" = "$ac_word"; then + ac_arch=$ac_word + else + ac_cv_c_bigendian=universal + break + fi + ;; + esac + ac_prev= + elif test "x$ac_word" = "x-arch"; then + ac_prev=arch + fi + done +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if test $ac_cv_c_bigendian = unknown; then + # See if sys/param.h defines the BYTE_ORDER macro. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + +int +main () +{ +#if ! (defined BYTE_ORDER && defined BIG_ENDIAN \ + && defined LITTLE_ENDIAN && BYTE_ORDER && BIG_ENDIAN \ + && LITTLE_ENDIAN) + bogus endian macros + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + # It does; now see whether it defined to BIG_ENDIAN or not. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + #include + +int +main () +{ +#if BYTE_ORDER != BIG_ENDIAN + not big endian + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_bigendian=yes +else + ac_cv_c_bigendian=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + fi + if test $ac_cv_c_bigendian = unknown; then + # See if defines _LITTLE_ENDIAN or _BIG_ENDIAN (e.g., Solaris). + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +#if ! (defined _LITTLE_ENDIAN || defined _BIG_ENDIAN) + bogus endian macros + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + # It does; now see whether it defined to _BIG_ENDIAN or not. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + +int +main () +{ +#ifndef _BIG_ENDIAN + not big endian + #endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_c_bigendian=yes +else + ac_cv_c_bigendian=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + fi + if test $ac_cv_c_bigendian = unknown; then + # Compile a test program. + if test "$cross_compiling" = yes; then : + # Try to guess by grepping values from an object file. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +short int ascii_mm[] = + { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; + short int ascii_ii[] = + { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; + int use_ascii (int i) { + return ascii_mm[i] + ascii_ii[i]; + } + short int ebcdic_ii[] = + { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; + short int ebcdic_mm[] = + { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; + int use_ebcdic (int i) { + return ebcdic_mm[i] + ebcdic_ii[i]; + } + extern int foo; + +int +main () +{ +return use_ascii (foo) == use_ebcdic (foo); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + if grep BIGenDianSyS conftest.$ac_objext >/dev/null; then + ac_cv_c_bigendian=yes + fi + if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then + if test "$ac_cv_c_bigendian" = unknown; then + ac_cv_c_bigendian=no + else + # finding both strings is unlikely to happen, but who knows? + ac_cv_c_bigendian=unknown + fi + fi +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +$ac_includes_default +int +main () +{ + + /* Are we little or big endian? From Harbison&Steele. */ + union + { + long int l; + char c[sizeof (long int)]; + } u; + u.l = 1; + return u.c[sizeof (long int) - 1] == 1; + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_run "$LINENO"; then : + ac_cv_c_bigendian=no +else + ac_cv_c_bigendian=yes +fi +rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext \ + conftest.$ac_objext conftest.beam conftest.$ac_ext +fi + + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_bigendian" >&5 +$as_echo "$ac_cv_c_bigendian" >&6; } + case $ac_cv_c_bigendian in #( + yes) + $as_echo "#define WORDS_BIGENDIAN 1" >>confdefs.h +;; #( + no) + ;; #( + universal) + +$as_echo "#define AC_APPLE_UNIVERSAL_BUILD 1" >>confdefs.h + + ;; #( + *) + as_fn_error $? "unknown endianness + presetting ac_cv_c_bigendian=no (or yes) will help" "$LINENO" 5 ;; + esac + +# mktime check takes forever on some systems, if time supported it would be +# highly unusual for mktime to be missing +#AC_FUNC_MKTIME + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. +set dummy ${ac_tool_prefix}gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$ac_cv_prog_CC"; then + ac_ct_CC=$CC + # Extract the first word of "gcc", so it can be a program name with args. +set dummy gcc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="gcc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +else + CC="$ac_cv_prog_CC" +fi + +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. +set dummy ${ac_tool_prefix}cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="${ac_tool_prefix}cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + fi +fi +if test -z "$CC"; then + # Extract the first word of "cc", so it can be a program name with args. +set dummy cc; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else + ac_prog_rejected=no +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then + ac_prog_rejected=yes + continue + fi + ac_cv_prog_CC="cc" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +if test $ac_prog_rejected = yes; then + # We found a bogon in the path, so make sure we never use it. + set dummy $ac_cv_prog_CC + shift + if test $# != 0; then + # We chose a different compiler from the bogus one. + # However, it has the same basename, so the bogon will be chosen + # first if we set CC to just the basename; use the full file name. + shift + ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" + fi +fi +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + +fi +if test -z "$CC"; then + if test -n "$ac_tool_prefix"; then + for ac_prog in cl.exe + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CC"; then + ac_cv_prog_CC="$CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CC="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CC=$ac_cv_prog_CC +if test -n "$CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CC" >&5 +$as_echo "$CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$CC" && break + done +fi +if test -z "$CC"; then + ac_ct_CC=$CC + for ac_prog in cl.exe +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CC"; then + ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CC=$ac_cv_prog_ac_ct_CC +if test -n "$ac_ct_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CC" >&5 +$as_echo "$ac_ct_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_CC" && break +done + + if test "x$ac_ct_CC" = x; then + CC="" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CC=$ac_ct_CC + fi +fi + +fi + + +test -z "$CC" && { { $as_echo "$as_me:${as_lineno-$LINENO}: error: in \`$ac_pwd':" >&5 +$as_echo "$as_me: error: in \`$ac_pwd':" >&2;} +as_fn_error $? "no acceptable C compiler found in \$PATH +See \`config.log' for more details" "$LINENO" 5; } + +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C compiler" >&5 +$as_echo_n "checking whether we are using the GNU C compiler... " >&6; } +if ${ac_cv_c_compiler_gnu+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_compiler_gnu=yes +else + ac_compiler_gnu=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_c_compiler_gnu=$ac_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_c_compiler_gnu" >&5 +$as_echo "$ac_cv_c_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GCC=yes +else + GCC= +fi +ac_test_CFLAGS=${CFLAGS+set} +ac_save_CFLAGS=$CFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC accepts -g" >&5 +$as_echo_n "checking whether $CC accepts -g... " >&6; } +if ${ac_cv_prog_cc_g+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_save_c_werror_flag=$ac_c_werror_flag + ac_c_werror_flag=yes + ac_cv_prog_cc_g=no + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +else + CFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + +else + ac_c_werror_flag=$ac_save_c_werror_flag + CFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_g=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_c_werror_flag=$ac_save_c_werror_flag +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_g" >&5 +$as_echo "$ac_cv_prog_cc_g" >&6; } +if test "$ac_test_CFLAGS" = set; then + CFLAGS=$ac_save_CFLAGS +elif test $ac_cv_prog_cc_g = yes; then + if test "$GCC" = yes; then + CFLAGS="-g -O2" + else + CFLAGS="-g" + fi +else + if test "$GCC" = yes; then + CFLAGS="-O2" + else + CFLAGS= + fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $CC option to accept ISO C89" >&5 +$as_echo_n "checking for $CC option to accept ISO C89... " >&6; } +if ${ac_cv_prog_cc_c89+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_prog_cc_c89=no +ac_save_CC=$CC +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +#include +struct stat; +/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ +struct buf { int x; }; +FILE * (*rcsopen) (struct buf *, struct stat *, int); +static char *e (p, i) + char **p; + int i; +{ + return p[i]; +} +static char *f (char * (*g) (char **, int), char **p, ...) +{ + char *s; + va_list v; + va_start (v,p); + s = g (p, va_arg (v,int)); + va_end (v); + return s; +} + +/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has + function prototypes and stuff, but not '\xHH' hex character constants. + These don't provoke an error unfortunately, instead are silently treated + as 'x'. The following induces an error, until -std is added to get + proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an + array size at least. It's necessary to write '\x00'==0 to get something + that's true only with -std. */ +int osf4_cc_array ['\x00' == 0 ? 1 : -1]; + +/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters + inside strings and character constants. */ +#define FOO(x) 'x' +int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; + +int test (int i, double x); +struct s1 {int (*f) (int a);}; +struct s2 {int (*f) (double a);}; +int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); +int argc; +char **argv; +int +main () +{ +return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; + return 0; +} +_ACEOF +for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ + -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" +do + CC="$ac_save_CC $ac_arg" + if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_prog_cc_c89=$ac_arg +fi +rm -f core conftest.err conftest.$ac_objext + test "x$ac_cv_prog_cc_c89" != "xno" && break +done +rm -f conftest.$ac_ext +CC=$ac_save_CC + +fi +# AC_CACHE_VAL +case "x$ac_cv_prog_cc_c89" in + x) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: none needed" >&5 +$as_echo "none needed" >&6; } ;; + xno) + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unsupported" >&5 +$as_echo "unsupported" >&6; } ;; + *) + CC="$CC $ac_cv_prog_cc_c89" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cc_c89" >&5 +$as_echo "$ac_cv_prog_cc_c89" >&6; } ;; +esac +if test "x$ac_cv_prog_cc_c89" != xno; then : + +fi + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC understands -c and -o together" >&5 +$as_echo_n "checking whether $CC understands -c and -o together... " >&6; } +if ${am_cv_prog_cc_c_o+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF + # Make sure it works both with $CC and with simple cc. + # Following AC_PROG_CC_C_O, we do the test twice because some + # compilers refuse to overwrite an existing .o file with -o, + # though they will create one. + am_cv_prog_cc_c_o=yes + for am_i in 1 2; do + if { echo "$as_me:$LINENO: $CC -c conftest.$ac_ext -o conftest2.$ac_objext" >&5 + ($CC -c conftest.$ac_ext -o conftest2.$ac_objext) >&5 2>&5 + ac_status=$? + echo "$as_me:$LINENO: \$? = $ac_status" >&5 + (exit $ac_status); } \ + && test -f conftest2.$ac_objext; then + : OK + else + am_cv_prog_cc_c_o=no + break + fi + done + rm -f core conftest* + unset am_i +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_prog_cc_c_o" >&5 +$as_echo "$am_cv_prog_cc_c_o" >&6; } +if test "$am_cv_prog_cc_c_o" != yes; then + # Losing compiler, so override with the script. + # FIXME: It is wrong to rewrite CC. + # But if we don't then we get into trouble of one sort or another. + # A longer-term fix would be to have automake use am__CC in this case, + # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" + CC="$am_aux_dir/compile $CC" +fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + +depcc="$CC" am_compiler_list= + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +$as_echo_n "checking dependency style of $depcc... " >&6; } +if ${am_cv_CC_dependencies_compiler_type+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". + rm -rf conftest.dir + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_CC_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` + fi + am__universal=false + case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with '-c' and '-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvc7 | msvc7msys | msvisualcpp | msvcmsys) + # This compiler won't grok '-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CC_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_CC_dependencies_compiler_type=none +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CC_dependencies_compiler_type" >&5 +$as_echo "$am_cv_CC_dependencies_compiler_type" >&6; } +CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type + + if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then + am__fastdepCC_TRUE= + am__fastdepCC_FALSE='#' +else + am__fastdepCC_TRUE='#' + am__fastdepCC_FALSE= +fi + + +if test "x$CC" != xcc; then + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CC and cc understand -c and -o together" >&5 +$as_echo_n "checking whether $CC and cc understand -c and -o together... " >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether cc understands -c and -o together" >&5 +$as_echo_n "checking whether cc understands -c and -o together... " >&6; } +fi +set dummy $CC; ac_cc=`$as_echo "$2" | + sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` +if eval \${ac_cv_prog_cc_${ac_cc}_c_o+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +# Make sure it works both with $CC and with simple cc. +# We do the test twice because some compilers refuse to overwrite an +# existing .o file with -o, though they will create one. +ac_try='$CC -c conftest.$ac_ext -o conftest2.$ac_objext >&5' +rm -f conftest2.* +if { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && + test -f conftest2.$ac_objext && { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; +then + eval ac_cv_prog_cc_${ac_cc}_c_o=yes + if test "x$CC" != xcc; then + # Test first that cc exists at all. + if { ac_try='cc -c conftest.$ac_ext >&5' + { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; }; then + ac_try='cc -c conftest.$ac_ext -o conftest2.$ac_objext >&5' + rm -f conftest2.* + if { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } && + test -f conftest2.$ac_objext && { { case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_try") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; }; + then + # cc works too. + : + else + # cc exists but doesn't like -o. + eval ac_cv_prog_cc_${ac_cc}_c_o=no + fi + fi + fi +else + eval ac_cv_prog_cc_${ac_cc}_c_o=no +fi +rm -f core conftest* + +fi +if eval test \$ac_cv_prog_cc_${ac_cc}_c_o = yes; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } + +$as_echo "#define NO_MINUS_C_MINUS_O 1" >>confdefs.h + +fi + +ac_ext=cpp +ac_cpp='$CXXCPP $CPPFLAGS' +ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_cxx_compiler_gnu +if test -z "$CXX"; then + if test -n "$CCC"; then + CXX=$CCC + else + if test -n "$ac_tool_prefix"; then + for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC + do + # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. +set dummy $ac_tool_prefix$ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_CXX+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$CXX"; then + ac_cv_prog_CXX="$CXX" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +CXX=$ac_cv_prog_CXX +if test -n "$CXX"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CXX" >&5 +$as_echo "$CXX" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$CXX" && break + done +fi +if test -z "$CXX"; then + ac_ct_CXX=$CXX + for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ac_ct_CXX+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ac_ct_CXX"; then + ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ac_ct_CXX="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +ac_ct_CXX=$ac_cv_prog_ac_ct_CXX +if test -n "$ac_ct_CXX"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_ct_CXX" >&5 +$as_echo "$ac_ct_CXX" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + + + test -n "$ac_ct_CXX" && break +done + + if test "x$ac_ct_CXX" = x; then + CXX="g++" + else + case $cross_compiling:$ac_tool_warned in +yes:) +{ $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: using cross tools not prefixed with host triplet" >&5 +$as_echo "$as_me: WARNING: using cross tools not prefixed with host triplet" >&2;} +ac_tool_warned=yes ;; +esac + CXX=$ac_ct_CXX + fi +fi + + fi +fi +# Provide some information about the compiler. +$as_echo "$as_me:${as_lineno-$LINENO}: checking for C++ compiler version" >&5 +set X $ac_compile +ac_compiler=$2 +for ac_option in --version -v -V -qversion; do + { { ac_try="$ac_compiler $ac_option >&5" +case "(($ac_try" in + *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; + *) ac_try_echo=$ac_try;; +esac +eval ac_try_echo="\"\$as_me:${as_lineno-$LINENO}: $ac_try_echo\"" +$as_echo "$ac_try_echo"; } >&5 + (eval "$ac_compiler $ac_option >&5") 2>conftest.err + ac_status=$? + if test -s conftest.err; then + sed '10a\ +... rest of stderr output deleted ... + 10q' conftest.err >conftest.er1 + cat conftest.er1 >&5 + fi + rm -f conftest.er1 conftest.err + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } +done + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether we are using the GNU C++ compiler" >&5 +$as_echo_n "checking whether we are using the GNU C++ compiler... " >&6; } +if ${ac_cv_cxx_compiler_gnu+:} false; then : + $as_echo_n "(cached) " >&6 +else + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ +#ifndef __GNUC__ + choke me +#endif + + ; + return 0; +} +_ACEOF +if ac_fn_cxx_try_compile "$LINENO"; then : + ac_compiler_gnu=yes +else + ac_compiler_gnu=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +ac_cv_cxx_compiler_gnu=$ac_compiler_gnu + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_cxx_compiler_gnu" >&5 +$as_echo "$ac_cv_cxx_compiler_gnu" >&6; } +if test $ac_compiler_gnu = yes; then + GXX=yes +else + GXX= +fi +ac_test_CXXFLAGS=${CXXFLAGS+set} +ac_save_CXXFLAGS=$CXXFLAGS +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether $CXX accepts -g" >&5 +$as_echo_n "checking whether $CXX accepts -g... " >&6; } +if ${ac_cv_prog_cxx_g+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_save_cxx_werror_flag=$ac_cxx_werror_flag + ac_cxx_werror_flag=yes + ac_cv_prog_cxx_g=no + CXXFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_cxx_try_compile "$LINENO"; then : + ac_cv_prog_cxx_g=yes +else + CXXFLAGS="" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_cxx_try_compile "$LINENO"; then : + +else + ac_cxx_werror_flag=$ac_save_cxx_werror_flag + CXXFLAGS="-g" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_cxx_try_compile "$LINENO"; then : + ac_cv_prog_cxx_g=yes +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + ac_cxx_werror_flag=$ac_save_cxx_werror_flag +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_prog_cxx_g" >&5 +$as_echo "$ac_cv_prog_cxx_g" >&6; } +if test "$ac_test_CXXFLAGS" = set; then + CXXFLAGS=$ac_save_CXXFLAGS +elif test $ac_cv_prog_cxx_g = yes; then + if test "$GXX" = yes; then + CXXFLAGS="-g -O2" + else + CXXFLAGS="-g" + fi +else + if test "$GXX" = yes; then + CXXFLAGS="-O2" + else + CXXFLAGS= + fi +fi +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + +depcc="$CXX" am_compiler_list= + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +$as_echo_n "checking dependency style of $depcc... " >&6; } +if ${am_cv_CXX_dependencies_compiler_type+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". + rm -rf conftest.dir + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_CXX_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` + fi + am__universal=false + case " $depcc " in #( + *\ -arch\ *\ -arch\ *) am__universal=true ;; + esac + + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + + # We check with '-c' and '-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvc7 | msvc7msys | msvisualcpp | msvcmsys) + # This compiler won't grok '-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CXX_dependencies_compiler_type=$depmode + break + fi + fi + done + + cd .. + rm -rf conftest.dir +else + am_cv_CXX_dependencies_compiler_type=none +fi + +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CXX_dependencies_compiler_type" >&5 +$as_echo "$am_cv_CXX_dependencies_compiler_type" >&6; } +CXXDEPMODE=depmode=$am_cv_CXX_dependencies_compiler_type + + if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CXX_dependencies_compiler_type" = gcc3; then + am__fastdepCXX_TRUE= + am__fastdepCXX_FALSE='#' +else + am__fastdepCXX_TRUE='#' + am__fastdepCXX_FALSE= +fi + + + +ac_fn_c_check_type "$LINENO" "size_t" "ac_cv_type_size_t" "$ac_includes_default" +if test "x$ac_cv_type_size_t" = xyes; then : + +else + +cat >>confdefs.h <<_ACEOF +#define size_t unsigned int +_ACEOF + +fi + +ac_fn_c_find_uintX_t "$LINENO" "8" "ac_cv_c_uint8_t" +case $ac_cv_c_uint8_t in #( + no|yes) ;; #( + *) + +$as_echo "#define _UINT8_T 1" >>confdefs.h + + +cat >>confdefs.h <<_ACEOF +#define uint8_t $ac_cv_c_uint8_t +_ACEOF +;; + esac -uts4*) - version_type=linux - library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' - soname_spec='${libname}${release}${shared_ext}$major' - shlibpath_var=LD_LIBRARY_PATH - ;; +# By default we simply use the C compiler to build assembly code. -*) - dynamic_linker=no - ;; -esac -{ echo "$as_me:$LINENO: result: $dynamic_linker" >&5 -echo "${ECHO_T}$dynamic_linker" >&6; } -test "$dynamic_linker" = no && can_build_shared=no +test "${CCAS+set}" = set || CCAS=$CC +test "${CCASFLAGS+set}" = set || CCASFLAGS=$CFLAGS -variables_saved_for_relink="PATH $shlibpath_var $runpath_var" -if test "$GCC" = yes; then - variables_saved_for_relink="$variables_saved_for_relink GCC_EXEC_PREFIX COMPILER_PATH LIBRARY_PATH" -fi -if test "${lt_cv_sys_lib_search_path_spec+set}" = set; then - sys_lib_search_path_spec="$lt_cv_sys_lib_search_path_spec" -fi -if test "${lt_cv_sys_lib_dlsearch_path_spec+set}" = set; then - sys_lib_dlsearch_path_spec="$lt_cv_sys_lib_dlsearch_path_spec" -fi + +depcc="$CCAS" am_compiler_list= + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking dependency style of $depcc" >&5 +$as_echo_n "checking dependency style of $depcc... " >&6; } +if ${am_cv_CCAS_dependencies_compiler_type+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then + # We make a subdir and do the tests there. Otherwise we can end up + # making bogus files that we don't know about and never remove. For + # instance it was reported that on HP-UX the gcc test will end up + # making a dummy file named 'D' -- because '-MD' means "put the output + # in D". + rm -rf conftest.dir + mkdir conftest.dir + # Copy depcomp to subdir because otherwise we won't find it if we're + # using a relative directory. + cp "$am_depcomp" conftest.dir + cd conftest.dir + # We will build objects and dependencies in a subdirectory because + # it helps to detect inapplicable dependency modes. For instance + # both Tru64's cc and ICC support -MD to output dependencies as a + # side effect of compilation, but ICC will put the dependencies in + # the current directory while Tru64 will put them in the object + # directory. + mkdir sub + + am_cv_CCAS_dependencies_compiler_type=none + if test "$am_compiler_list" = ""; then + am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` + fi + am__universal=false + for depmode in $am_compiler_list; do + # Setup a source with many dependencies, because some compilers + # like to wrap large dependency lists on column 80 (with \), and + # we should not choose a depcomp mode which is confused by this. + # + # We need to recreate these files for each test, as the compiler may + # overwrite some of them when testing with obscure command lines. + # This happens at least with the AIX C compiler. + : > sub/conftest.c + for i in 1 2 3 4 5 6; do + echo '#include "conftst'$i'.h"' >> sub/conftest.c + # Using ": > sub/conftst$i.h" creates only sub/conftst1.h with + # Solaris 10 /bin/sh. + echo '/* dummy */' > sub/conftst$i.h + done + echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf + # We check with '-c' and '-o' for the sake of the "dashmstdout" + # mode. It turns out that the SunPro C++ compiler does not properly + # handle '-M -o', and we need to detect this. Also, some Intel + # versions had trouble with output in subdirs. + am__obj=sub/conftest.${OBJEXT-o} + am__minus_obj="-o $am__obj" + case $depmode in + gcc) + # This depmode causes a compiler race in universal mode. + test "$am__universal" = false || continue + ;; + nosideeffect) + # After this tag, mechanisms are not by side-effect, so they'll + # only be used when explicitly requested. + if test "x$enable_dependency_tracking" = xyes; then + continue + else + break + fi + ;; + msvc7 | msvc7msys | msvisualcpp | msvcmsys) + # This compiler won't grok '-c -o', but also, the minuso test has + # not run yet. These depmodes are late enough in the game, and + # so weak that their functioning should not be impacted. + am__obj=conftest.${OBJEXT-o} + am__minus_obj= + ;; + none) break ;; + esac + if depmode=$depmode \ + source=sub/conftest.c object=$am__obj \ + depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ + $SHELL ./depcomp $depcc -c $am__minus_obj sub/conftest.c \ + >/dev/null 2>conftest.err && + grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && + grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && + grep $am__obj sub/conftest.Po > /dev/null 2>&1 && + ${MAKE-make} -s -f confmf > /dev/null 2>&1; then + # icc doesn't choke on unknown options, it will just issue warnings + # or remarks (even with -Werror). So we grep stderr for any message + # that says an option was ignored or not supported. + # When given -MP, icc 7.0 and 7.1 complain thusly: + # icc: Command line warning: ignoring option '-M'; no argument required + # The diagnosis changed in icc 8.0: + # icc: Command line remark: option '-MP' not supported + if (grep 'ignoring option' conftest.err || + grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else + am_cv_CCAS_dependencies_compiler_type=$depmode + break + fi + fi + done + cd .. + rm -rf conftest.dir +else + am_cv_CCAS_dependencies_compiler_type=none +fi +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $am_cv_CCAS_dependencies_compiler_type" >&5 +$as_echo "$am_cv_CCAS_dependencies_compiler_type" >&6; } +CCASDEPMODE=depmode=$am_cv_CCAS_dependencies_compiler_type + if + test "x$enable_dependency_tracking" != xno \ + && test "$am_cv_CCAS_dependencies_compiler_type" = gcc3; then + am__fastdepCCAS_TRUE= + am__fastdepCCAS_FALSE='#' +else + am__fastdepCCAS_TRUE='#' + am__fastdepCCAS_FALSE= +fi +LIBM= +case $host in +*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*) + # These system don't have libm, or don't need it + ;; +*-ncr-sysv4.3*) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for _mwvalidcheckl in -lmw" >&5 +$as_echo_n "checking for _mwvalidcheckl in -lmw... " >&6; } +if ${ac_cv_lib_mw__mwvalidcheckl+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lmw $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char _mwvalidcheckl (); +int +main () +{ +return _mwvalidcheckl (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_mw__mwvalidcheckl=yes +else + ac_cv_lib_mw__mwvalidcheckl=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_mw__mwvalidcheckl" >&5 +$as_echo "$ac_cv_lib_mw__mwvalidcheckl" >&6; } +if test "x$ac_cv_lib_mw__mwvalidcheckl" = xyes; then : + LIBM="-lmw" +fi + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for cos in -lm" >&5 +$as_echo_n "checking for cos in -lm... " >&6; } +if ${ac_cv_lib_m_cos+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lm $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char cos (); +int +main () +{ +return cos (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_m_cos=yes +else + ac_cv_lib_m_cos=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_m_cos" >&5 +$as_echo "$ac_cv_lib_m_cos" >&6; } +if test "x$ac_cv_lib_m_cos" = xyes; then : + LIBM="$LIBM -lm" +fi + ;; +*) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for cos in -lm" >&5 +$as_echo_n "checking for cos in -lm... " >&6; } +if ${ac_cv_lib_m_cos+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lm $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char cos (); +int +main () +{ +return cos (); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_m_cos=yes +else + ac_cv_lib_m_cos=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_m_cos" >&5 +$as_echo "$ac_cv_lib_m_cos" >&6; } +if test "x$ac_cv_lib_m_cos" = xyes; then : + LIBM="-lm" +fi + ;; +esac +OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer" +OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer" +OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET" +DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL" +thread_ls_on=no +# Thread local storage + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for thread local storage (TLS) class" >&5 +$as_echo_n "checking for thread local storage (TLS) class... " >&6; } + if ${ac_cv_tls+:} false; then : + $as_echo_n "(cached) " >&6 +else + ax_tls_keywords="__thread __declspec(thread) none" + for ax_tls_keyword in $ax_tls_keywords; do + case $ax_tls_keyword in #( + none) : + ac_cv_tls=none ; break ;; #( + *) : + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include + static void + foo(void) { + static $ax_tls_keyword int bar; + exit(1); + } +int +main () +{ + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + ac_cv_tls=$ax_tls_keyword ; break +else + ac_cv_tls=none +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext ;; +esac + done +fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_tls" >&5 +$as_echo "$ac_cv_tls" >&6; } + if test "$ac_cv_tls" != "none"; then : +cat >>confdefs.h <<_ACEOF +#define TLS $ac_cv_tls +_ACEOF + AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS" + thread_ls_on=yes +else + : +fi +# DEBUG + # Check whether --enable-debug was given. +if test "${enable_debug+set}" = set; then : + enableval=$enable_debug; ax_enable_debug=$enableval +else + ax_enable_debug=no +fi + if test "x$ax_enable_debug" = xyes; then : +$as_echo "#define DEBUG 1" >>confdefs.h - { echo "$as_me:$LINENO: checking how to hardcode library paths into programs" >&5 -echo $ECHO_N "checking how to hardcode library paths into programs... $ECHO_C" >&6; } -hardcode_action_CXX= -if test -n "$hardcode_libdir_flag_spec_CXX" || - test -n "$runpath_var_CXX" || - test "X$hardcode_automatic_CXX" = "Xyes" ; then +else - # We can hardcode non-existent directories. - if test "$hardcode_direct_CXX" != no && - # If the only mechanism to avoid hardcoding is shlibpath_var, we - # have to relink, otherwise we might link with an installed library - # when we should be linking with a yet-to-be-installed one - ## test "$_LT_TAGVAR(hardcode_shlibpath_var, CXX)" != no && - test "$hardcode_minus_L_CXX" != no; then - # Linking always hardcodes the temporary library directory. - hardcode_action_CXX=relink - else - # We can link without hardcoding, and we can hardcode nonexisting dirs. - hardcode_action_CXX=immediate - fi + +$as_echo "#define DEBUG 0" >>confdefs.h + +fi + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for debug" >&5 +$as_echo_n "checking for debug... " >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_enable_debug" >&5 +$as_echo "$ax_enable_debug" >&6; } + if test "x${ax_enable_debug}" = xyes; then + DEBUG_TRUE= + DEBUG_FALSE='#' else - # We cannot hardcode anything, or else we can only hardcode existing - # directories. - hardcode_action_CXX=unsupported + DEBUG_TRUE='#' + DEBUG_FALSE= fi -{ echo "$as_me:$LINENO: result: $hardcode_action_CXX" >&5 -echo "${ECHO_T}$hardcode_action_CXX" >&6; } -if test "$hardcode_action_CXX" = relink || - test "$inherit_rpath_CXX" = yes; then - # Fast installation is not supported - enable_fast_install=no -elif test "$shlibpath_overrides_runpath" = yes || - test "$enable_shared" = no; then - # Fast installation is not necessary - enable_fast_install=needless +if test "$ax_enable_debug" = "yes"; then : + AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS" +else + AM_CFLAGS="$AM_CFLAGS -DNDEBUG" fi +# SINGLE THREADED +# Check whether --enable-singlethreaded was given. +if test "${enable_singlethreaded+set}" = set; then : + enableval=$enable_singlethreaded; ENABLED_SINGLETHREADED=$enableval +else + ENABLED_SINGLETHREADED=no +fi + if test x"$CC" = xclang; then + wolfssl_darwin_clang=yes + elif test x"$CC" = x || test x"$CC" = xgcc; then + if /usr/bin/gcc -v 2>&1 | grep 'clang' >/dev/null 2>&1; then + wolfssl_darwin_clang=yes + fi + fi +if test "x$ENABLED_SINGLETHREADED" = "xno" ; then : - fi # test -n "$compiler" - CC=$lt_save_CC - LDCXX=$LD - LD=$lt_save_LD - GCC=$lt_save_GCC - with_gnu_ld=$lt_save_with_gnu_ld - lt_cv_path_LDCXX=$lt_cv_path_LD - lt_cv_path_LD=$lt_save_path_LD - lt_cv_prog_gnu_ldcxx=$lt_cv_prog_gnu_ld - lt_cv_prog_gnu_ld=$lt_save_with_gnu_ld -fi # test "$_lt_caught_CXX_error" != yes ac_ext=c ac_cpp='$CPP $CPPFLAGS' @@ -15372,4737 +18180,2908 @@ ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' ac_compiler_gnu=$ac_cv_c_compiler_gnu +ax_pthread_ok=no +# We used to check for pthread.h first, but this fails if pthread.h +# requires special compiler flags (e.g. on True64 or Sequent). +# It gets checked for in the link test anyway. - - - CFLAG_VISIBILITY= - HAVE_VISIBILITY=0 - if test -n "$GCC"; then - { echo "$as_me:$LINENO: checking whether the -Werror option is usable" >&5 -echo $ECHO_N "checking whether the -Werror option is usable... $ECHO_C" >&6; } - if test "${gl_cv_cc_vis_werror+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - - gl_save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -Werror" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +# First of all, check if the user has set any of the PTHREAD_LIBS, +# etcetera environment variables, and if threads linking works using +# them: +if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS" >&5 +$as_echo_n "checking for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS... " >&6; } + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_join (); int main () { - +return pthread_join (); ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - gl_cv_cc_vis_werror=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - gl_cv_cc_vis_werror=no +if ac_fn_c_try_link "$LINENO"; then : + ax_pthread_ok=yes fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - CFLAGS="$gl_save_CFLAGS" +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_ok" >&5 +$as_echo "$ax_pthread_ok" >&6; } + if test x"$ax_pthread_ok" = xno; then + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" + fi + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" fi - { echo "$as_me:$LINENO: result: $gl_cv_cc_vis_werror" >&5 -echo "${ECHO_T}$gl_cv_cc_vis_werror" >&6; } - { echo "$as_me:$LINENO: checking for simple visibility declarations" >&5 -echo $ECHO_N "checking for simple visibility declarations... $ECHO_C" >&6; } - if test "${gl_cv_cc_visibility+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else +# We must check for the threads library under a number of different +# names; the ordering is very important because some systems +# (e.g. DEC) have both -lpthread and -lpthreads, where one of the +# libraries is broken (non-POSIX). - gl_save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS -fvisibility=hidden" - if test $gl_cv_cc_vis_werror = yes; then - CFLAGS="$CFLAGS -Werror" - fi - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -extern __attribute__((__visibility__("hidden"))) int hiddenvar; - extern __attribute__((__visibility__("default"))) int exportedvar; - extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void); - extern __attribute__((__visibility__("default"))) int exportedfunc (void); - void dummyfunc (void) {} -int -main () -{ +# Create a list of thread flags to try. Items starting with a "-" are +# C compiler flags, and other items are library names, except for "none" +# which indicates that we try without any flags at all, and "pthread-config" +# which is a program returning the flags for the Pth emulation library. - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - gl_cv_cc_visibility=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" - gl_cv_cc_visibility=no -fi +# The ordering *is* (sometimes) important. Some notes on the +# individual items follow: -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - CFLAGS="$gl_save_CFLAGS" +# pthreads: AIX (must check this before -lpthread) +# none: in case threads are in libc; should be tried before -Kthread and +# other compiler flags to prevent continual compiler warnings +# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) +# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) +# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) +# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) +# -pthreads: Solaris/gcc +# -mthreads: Mingw32/gcc, Lynx/gcc +# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it +# doesn't hurt to check since this sometimes defines pthreads too; +# also defines -D_REENTRANT) +# ... -mt is also the pthreads flag for HP/aCC +# pthread: Linux, etcetera +# --thread-safe: KAI C++ +# pthread-config: use pthread-config program (for GNU Pth library) + +case ${host_os} in + solaris*) + + # On Solaris (at least, for some versions), libc contains stubbed + # (non-functional) versions of the pthreads routines, so link-based + # tests will erroneously succeed. (We need to link with -pthreads/-mt/ + # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather + # a function called by this macro, so we could check for that, but + # who knows whether they'll stub that too in a future libc.) So, + # we'll just look for -pthreads and -lpthread first: + + ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" + ;; + + darwin*) + + if test x"$wolfssl_darwin_clang" = x"yes"; then : + ax_pthread_flags="$ax_pthread_flags" +else + ax_pthread_flags="-pthread $ax_pthread_flags" fi + ;; +esac - { echo "$as_me:$LINENO: result: $gl_cv_cc_visibility" >&5 -echo "${ECHO_T}$gl_cv_cc_visibility" >&6; } - if test $gl_cv_cc_visibility = yes; then - CFLAG_VISIBILITY="-fvisibility=hidden" - HAVE_VISIBILITY=1 - fi - fi +if test x"$ax_pthread_ok" = xno; then +for flag in $ax_pthread_flags; do + case $flag in + none) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthreads work without any flags" >&5 +$as_echo_n "checking whether pthreads work without any flags... " >&6; } + ;; + -*) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether pthreads work with $flag" >&5 +$as_echo_n "checking whether pthreads work with $flag... " >&6; } + PTHREAD_CFLAGS="$flag" + ;; -cat >>confdefs.h <<_ACEOF -#define HAVE_VISIBILITY $HAVE_VISIBILITY -_ACEOF + pthread-config) + # Extract the first word of "pthread-config", so it can be a program name with args. +set dummy pthread-config; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_ax_pthread_config+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$ax_pthread_config"; then + ac_cv_prog_ax_pthread_config="$ax_pthread_config" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_ax_pthread_config="yes" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + test -z "$ac_cv_prog_ax_pthread_config" && ac_cv_prog_ax_pthread_config="no" +fi +fi +ax_pthread_config=$ac_cv_prog_ax_pthread_config +if test -n "$ax_pthread_config"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_config" >&5 +$as_echo "$ax_pthread_config" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } +fi + if test x"$ax_pthread_config" = xno; then continue; fi + PTHREAD_CFLAGS="`pthread-config --cflags`" + PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" + ;; + *) + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for the pthreads library -l$flag" >&5 +$as_echo_n "checking for the pthreads library -l$flag... " >&6; } + PTHREAD_LIBS="-l$flag" + ;; + esac + save_LIBS="$LIBS" + save_CFLAGS="$CFLAGS" + LIBS="$PTHREAD_LIBS $LIBS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" -for ac_func in gethostbyname -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + # Check for various functions. We must include pthread.h, + # since some functions may be macros. (On the Sequent, we + # need a special flag -Kthread to make this header compile.) + # We check for pthread_join because it is in -lpthread on IRIX + # while pthread_create is in libc. We check for pthread_attr_init + # due to DEC craziness with -lpthreads. We check for + # pthread_cleanup_push because it is one of the few pthread + # functions on Solaris that doesn't have a non-functional libc stub. + # We try pthread_create on general principles. + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func +#include + static void routine(void *a) { a = 0; } + static void *start_routine(void *a) { return a; } +int +main () +{ +pthread_t th; pthread_attr_t attr; + pthread_create(&th, 0, start_routine, 0); + pthread_join(th, 0); + pthread_attr_init(&attr); + pthread_cleanup_push(routine, 0); + pthread_cleanup_pop(0) /* ; */ + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_pthread_ok=yes +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" -#ifdef __STDC__ -# include -#else -# include -#endif + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_pthread_ok" >&5 +$as_echo "$ax_pthread_ok" >&6; } + if test "x$ax_pthread_ok" = xyes; then + break; + fi -#undef $ac_func + PTHREAD_LIBS="" + PTHREAD_CFLAGS="" +done +fi -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif +# Various other checks: +if test "x$ax_pthread_ok" = xyes; then + save_LIBS="$LIBS" + LIBS="$PTHREAD_LIBS $LIBS" + save_CFLAGS="$CFLAGS" + CFLAGS="$CFLAGS $PTHREAD_CFLAGS" + # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for joinable pthread attribute" >&5 +$as_echo_n "checking for joinable pthread attribute... " >&6; } + attr_name=unknown + for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include int main () { -return $ac_func (); +int attr = $attr; return attr /* ; */ ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - +if ac_fn_c_try_link "$LINENO"; then : + attr_name=$attr; break fi -done - +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + done + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $attr_name" >&5 +$as_echo "$attr_name" >&6; } + if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then -for ac_func in gettimeofday -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ +cat >>confdefs.h <<_ACEOF +#define PTHREAD_CREATE_JOINABLE $attr_name _ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ + fi -#ifdef __STDC__ -# include -#else -# include -#endif + { $as_echo "$as_me:${as_lineno-$LINENO}: checking if more special flags are required for pthreads" >&5 +$as_echo_n "checking if more special flags are required for pthreads... " >&6; } + flag=no + case ${host_os} in + aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";; + osf* | hpux*) flag="-D_REENTRANT";; + solaris*) + if test "$GCC" = "yes"; then + flag="-D_REENTRANT" + else + flag="-mt -D_REENTRANT" + fi + ;; + esac + { $as_echo "$as_me:${as_lineno-$LINENO}: result: ${flag}" >&5 +$as_echo "${flag}" >&6; } + if test "x$flag" != xno; then + PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" + fi -#undef $ac_func + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for PTHREAD_PRIO_INHERIT" >&5 +$as_echo_n "checking for PTHREAD_PRIO_INHERIT... " >&6; } +if ${ax_cv_PTHREAD_PRIO_INHERIT+:} false; then : + $as_echo_n "(cached) " >&6 +else -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + #include int main () { -return $ac_func (); +int i = PTHREAD_PRIO_INHERIT; ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_PTHREAD_PRIO_INHERIT=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ax_cv_PTHREAD_PRIO_INHERIT=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext - eval "$as_ac_var=no" fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_PTHREAD_PRIO_INHERIT" >&5 +$as_echo "$ax_cv_PTHREAD_PRIO_INHERIT" >&6; } + if test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"; then : + +$as_echo "#define HAVE_PTHREAD_PRIO_INHERIT 1" >>confdefs.h -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF + LIBS="$save_LIBS" + CFLAGS="$save_CFLAGS" + + # More AIX lossage: compile with *_r variant + if test "x$GCC" != xyes; then + case $host_os in + aix*) + case "x/$CC" in #( + x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6) : + #handle absolute path differently from PATH based program lookup + case "x$CC" in #( + x/*) : + if as_fn_executable_p ${CC}_r; then : + PTHREAD_CC="${CC}_r" +fi ;; #( + *) : + for ac_prog in ${CC}_r +do + # Extract the first word of "$ac_prog", so it can be a program name with args. +set dummy $ac_prog; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_PTHREAD_CC+:} false; then : + $as_echo_n "(cached) " >&6 +else + if test -n "$PTHREAD_CC"; then + ac_cv_prog_PTHREAD_CC="$PTHREAD_CC" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_PTHREAD_CC="$ac_prog" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS + +fi +fi +PTHREAD_CC=$ac_cv_prog_PTHREAD_CC +if test -n "$PTHREAD_CC"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $PTHREAD_CC" >&5 +$as_echo "$PTHREAD_CC" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi + + + test -n "$PTHREAD_CC" && break done +test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" + ;; +esac ;; #( + *) : + ;; +esac + ;; + esac + fi +fi +test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" -for ac_func in inet_ntoa -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ -#ifdef __STDC__ -# include -#else -# include -#endif -#undef $ac_func -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif +# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: +if test x"$ax_pthread_ok" = xyes; then -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" + +$as_echo "#define HAVE_PTHREAD 1" >>confdefs.h + + AM_CFLAGS="-D_POSIX_THREADS $AM_CFLAGS $PTHREAD_CFLAGS" + LIBS="$LIBS $PTHREAD_LIBS" + + : else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ax_pthread_ok=no - eval "$as_ac_var=no" -fi + ENABLED_SINGLETHREADED=yes -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF +ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + fi -done +if test "x$ENABLED_SINGLETHREADED" = "xyes" ; then : + AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" +fi -for ac_func in memset -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ +# DTLS +# Check whether --enable-dtls was given. +if test "${enable_dtls+set}" = set; then : + enableval=$enable_dtls; ENABLED_DTLS=$enableval +else + ENABLED_DTLS=no -#ifdef __STDC__ -# include -#else -# include -#endif +fi -#undef $ac_func +if test "$ENABLED_DTLS" = "yes" +then + AM_CFLAGS="-DCYASSL_DTLS $AM_CFLAGS" +fi -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" +# OPENSSL Extra Compatibility +# Check whether --enable-opensslextra was given. +if test "${enable_opensslextra+set}" = set; then : + enableval=$enable_opensslextra; ENABLED_OPENSSLEXTRA=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_OPENSSLEXTRA=no + +fi + +if test "$ENABLED_OPENSSLEXTRA" = "yes" +then + AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" +fi - eval "$as_ac_var=no" +if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes" +then + as_fn_error $? "cannot enable small and opensslextra, only one or the other." "$LINENO" 5 fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext + +# IPv6 Test Apps +# Check whether --enable-ipv6 was given. +if test "${enable_ipv6+set}" = set; then : + enableval=$enable_ipv6; ENABLED_IPV6=$enableval +else + ENABLED_IPV6=no + fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF + +if test "$ENABLED_IPV6" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DTEST_IPV6" fi -done -for ac_func in socket -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func +# Fortress build +# Check whether --enable-fortress was given. +if test "${enable_fortress+set}" = set; then : + enableval=$enable_fortress; ENABLED_FORTRESS=$enableval +else + ENABLED_FORTRESS=no -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ +fi -#ifdef __STDC__ -# include -#else -# include -#endif -#undef $ac_func +if test "$ENABLED_FORTRESS" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DCYASSL_ALWAYS_VERIFY_CB -DOPENSSL_EXTRA -DCYASSL_DES_ECB -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DCYASSL_DER_LOAD -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_KEY_GEN" +fi -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif -int -main () -{ -return $ac_func (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" +# ssl bump build +# Check whether --enable-bump was given. +if test "${enable_bump+set}" = set; then : + enableval=$enable_bump; ENABLED_BUMP=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_BUMP=no - eval "$as_ac_var=no" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF +if test "$ENABLED_BUMP" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DCYASSL_DER_LOAD -DCYASSL_ALT_NAMES -DCYASSL_TEST_CERT" fi -done +ENABLED_SLOWMATH="yes" -for ac_header in arpa/inet.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes +# lean psk build +# Check whether --enable-leanpsk was given. +if test "${enable_leanpsk+set}" = set; then : + enableval=$enable_leanpsk; ENABLED_LEANPSK=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_LEANPSK=no - ac_header_compiler=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if test "$ENABLED_LEANPSK" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_LEANPSK -DHAVE_NULL_CIPHER -DSINGLE_THREADED -DNO_AES -DNO_FILESYSTEM -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_DES3 -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_WRITEV -DNO_SESSION_CACHE -DNO_DEV_RANDOM -DCYASSL_USER_IO -DNO_SHA -DUSE_SLOW_SHA" + ENABLED_SLOWMATH="no" + ENABLED_SINGLETHREADED="yes" +fi - ac_header_preproc=no + if test "x$ENABLED_LEANPSK" = "xyes"; then + BUILD_LEANPSK_TRUE= + BUILD_LEANPSK_FALSE='#' +else + BUILD_LEANPSK_TRUE='#' + BUILD_LEANPSK_FALSE= fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +# big cache +# Check whether --enable-bigcache was given. +if test "${enable_bigcache+set}" = set; then : + enableval=$enable_bigcache; ENABLED_BIGCACHE=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + ENABLED_BIGCACHE=no fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + +if test "$ENABLED_BIGCACHE" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DBIG_SESSION_CACHE" fi -done +# HUGE cache +# Check whether --enable-hugecache was given. +if test "${enable_hugecache+set}" = set; then : + enableval=$enable_hugecache; ENABLED_HUGECACHE=$enableval +else + ENABLED_HUGECACHE=no -for ac_header in fcntl.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_compiler=no + +if test "$ENABLED_HUGECACHE" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHUGE_SESSION_CACHE" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes +# SMALL cache +# Check whether --enable-smallcache was given. +if test "${enable_smallcache+set}" = set; then : + enableval=$enable_smallcache; ENABLED_SMALLCACHE=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_SMALLCACHE=no - ac_header_preproc=no fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" +if test "$ENABLED_SMALLCACHE" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DSMALL_SESSION_CACHE" fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + + +# Persistent session cache +# Check whether --enable-savesession was given. +if test "${enable_savesession+set}" = set; then : + enableval=$enable_savesession; ENABLED_SAVESESSION=$enableval +else + ENABLED_SAVESESSION=no fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + +if test "$ENABLED_SAVESESSION" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE" fi -done +# Persistent cert cache +# Check whether --enable-savecert was given. +if test "${enable_savecert+set}" = set; then : + enableval=$enable_savecert; ENABLED_SAVECERT=$enableval +else + ENABLED_SAVECERT=no -for ac_header in limits.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_compiler=no + +if test "$ENABLED_SAVECERT" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes +# Atomic User Record Layer +# Check whether --enable-atomicuser was given. +if test "${enable_atomicuser+set}" = set; then : + enableval=$enable_atomicuser; ENABLED_ATOMICUSER=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_ATOMICUSER=no - ac_header_preproc=no fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_ATOMICUSER" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER" +fi + + +# Public Key Callbacks +# Check whether --enable-pkcallbacks was given. +if test "${enable_pkcallbacks+set}" = set; then : + enableval=$enable_pkcallbacks; ENABLED_PKCALLBACKS=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" + ENABLED_PKCALLBACKS=no + fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + +if test "$ENABLED_PKCALLBACKS" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS" fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then + + +# SNIFFER +ENABLED_SNIFFTEST=no +# Check whether --enable-sniffer was given. +if test "${enable_sniffer+set}" = set; then : + enableval=$enable_sniffer; + ENABLED_SNIFFER=yes + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" + if test "x$enableval" = "xyes" ; then : + for ac_header in pcap/pcap.h +do : + ac_fn_c_check_header_mongrel "$LINENO" "pcap/pcap.h" "ac_cv_header_pcap_pcap_h" "$ac_includes_default" +if test "x$ac_cv_header_pcap_pcap_h" = xyes; then : cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 +#define HAVE_PCAP_PCAP_H 1 _ACEOF + ENABLED_SNIFFTEST=yes + +else + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cannot enable sniffer test without having libpcap available." >&5 +$as_echo "$as_me: WARNING: cannot enable sniffer test without having libpcap available." >&2;} fi done - -for ac_header in netdb.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_compiler=no + ENABLED_SNIFFER=no + fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes + if test "x$ENABLED_SNIFFER" = "xyes" ; then + BUILD_SNIFFER_TRUE= + BUILD_SNIFFER_FALSE='#' else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + BUILD_SNIFFER_TRUE='#' + BUILD_SNIFFER_FALSE= +fi - ac_header_preproc=no + if test "x$ENABLED_SNIFFTEST" = "xyes" ; then + BUILD_SNIFFTEST_TRUE= + BUILD_SNIFFTEST_FALSE='#' +else + BUILD_SNIFFTEST_TRUE='#' + BUILD_SNIFFTEST_FALSE= fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# AES-GCM +# Check whether --enable-aesgcm was given. +if test "${enable_aesgcm+set}" = set; then : + enableval=$enable_aesgcm; ENABLED_AESGCM=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + ENABLED_AESGCM=no fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + +if test "$ENABLED_AESGCM" = "word32" +then + AM_CFLAGS="$AM_CFLAGS -DGCM_WORD32" + ENABLED_AESGCM=yes fi -done +if test "$ENABLED_AESGCM" = "small" +then + AM_CFLAGS="$AM_CFLAGS -DGCM_SMALL" + ENABLED_AESGCM=yes +fi +if test "$ENABLED_AESGCM" = "table" +then + AM_CFLAGS="$AM_CFLAGS -DGCM_TABLE" + ENABLED_AESGCM=yes +fi -for ac_header in netinet/in.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_AESGCM" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM" fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + + if test "x$ENABLED_AESGCM" = "xyes"; then + BUILD_AESGCM_TRUE= + BUILD_AESGCM_FALSE='#' else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes + BUILD_AESGCM_TRUE='#' + BUILD_AESGCM_FALSE= +fi + + + +# AES-CCM +# Check whether --enable-aesccm was given. +if test "${enable_aesccm+set}" = set; then : + enableval=$enable_aesccm; ENABLED_AESCCM=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_AESCCM=no - ac_header_compiler=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +if test "$ENABLED_AESCCM" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM" +fi - ac_header_preproc=no + if test "x$ENABLED_AESCCM" = "xyes"; then + BUILD_AESCCM_TRUE= + BUILD_AESCCM_FALSE='#' +else + BUILD_AESCCM_TRUE='#' + BUILD_AESCCM_FALSE= fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +# AES-NI +# Check whether --enable-aesni was given. +if test "${enable_aesni+set}" = set; then : + enableval=$enable_aesni; ENABLED_AESNI=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" + ENABLED_AESNI=no + fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + +if test "$ENABLED_AESNI" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_AESNI" + if test "$GCC" = "yes" + then + # GCC needs these flags, icc doesn't + # opt levels greater than 2 may cause problems on systems w/o aesni + if test "$CC" != "icc" + then + AM_CFLAGS="$AM_CFLAGS -maes -msse4" + fi + fi fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + if test "x$ENABLED_AESNI" = "xyes"; then + BUILD_AESNI_TRUE= + BUILD_AESNI_FALSE='#' +else + BUILD_AESNI_TRUE='#' + BUILD_AESNI_FALSE= fi -done -for ac_header in stddef.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# Camellia +# Check whether --enable-camellia was given. +if test "${enable_camellia+set}" = set; then : + enableval=$enable_camellia; ENABLED_CAMELLIA=$enableval +else + ENABLED_CAMELLIA=no + +fi + + +if test "$ENABLED_CAMELLIA" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_CAMELLIA" fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + + if test "x$ENABLED_CAMELLIA" = "xyes"; then + BUILD_CAMELLIA_TRUE= + BUILD_CAMELLIA_FALSE='#' else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes + BUILD_CAMELLIA_TRUE='#' + BUILD_CAMELLIA_FALSE= +fi + + + +# MD2 +# Check whether --enable-md2 was given. +if test "${enable_md2+set}" = set; then : + enableval=$enable_md2; ENABLED_MD2=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_MD2=no - ac_header_compiler=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes +if test "$ENABLED_BUMP" = "yes" +then + ENABLED_MD2="yes" +fi + +if test "$ENABLED_MD2" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_MD2" +fi + + if test "x$ENABLED_MD2" = "xyes"; then + BUILD_MD2_TRUE= + BUILD_MD2_FALSE='#' else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + BUILD_MD2_TRUE='#' + BUILD_MD2_FALSE= +fi + + + +# NULL CIPHER +# Check whether --enable-nullcipher was given. +if test "${enable_nullcipher+set}" = set; then : + enableval=$enable_nullcipher; ENABLED_NULL_CIPHER=$enableval +else + ENABLED_NULL_CIPHER=no - ac_header_preproc=no fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_NULL_CIPHER" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_NULL_CIPHER" +fi + +# RIPEMD +# Check whether --enable-ripemd was given. +if test "${enable_ripemd+set}" = set; then : + enableval=$enable_ripemd; ENABLED_RIPEMD=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" + ENABLED_RIPEMD=no + fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + +if test "$ENABLED_RIPEMD" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_RIPEMD" fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + if test "x$ENABLED_RIPEMD" = "xyes"; then + BUILD_RIPEMD_TRUE= + BUILD_RIPEMD_FALSE='#' +else + BUILD_RIPEMD_TRUE='#' + BUILD_RIPEMD_FALSE= fi -done -for ac_header in sys/ioctl.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes +# BLAKE2 +# Check whether --enable-blake2 was given. +if test "${enable_blake2+set}" = set; then : + enableval=$enable_blake2; ENABLED_BLAKE2=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_BLAKE2=no - ac_header_compiler=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_preproc=no +if test "$ENABLED_BLAKE2" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_BLAKE2" fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test "x$ENABLED_BLAKE2" = "xyes"; then + BUILD_BLAKE2_TRUE= + BUILD_BLAKE2_FALSE='#' else - eval "$as_ac_Header=\$ac_header_preproc" + BUILD_BLAKE2_TRUE='#' + BUILD_BLAKE2_FALSE= fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF -fi -done +# SHA512 +# Check whether --enable-sha512 was given. +if test "${enable_sha512+set}" = set; then : + enableval=$enable_sha512; ENABLED_SHA512=$enableval +else + ENABLED_SHA512=no + +fi -for ac_header in sys/socket.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_SHA512" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SHA512 -DCYASSL_SHA384" fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_compiler=no +if test "$ENABLED_FORTRESS" = "yes" +then + ENABLED_SHA512="yes" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes + if test "x$ENABLED_SHA512" = "xyes"; then + BUILD_SHA512_TRUE= + BUILD_SHA512_FALSE='#' else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_header_preproc=no + BUILD_SHA512_TRUE='#' + BUILD_SHA512_FALSE= fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +# SESSION CERTS +# Check whether --enable-sessioncerts was given. +if test "${enable_sessioncerts+set}" = set; then : + enableval=$enable_sessioncerts; ENABLED_SESSIONCERTS=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" -fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + ENABLED_SESSIONCERTS=no fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + +if test "$ENABLED_SESSIONCERTS" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS" fi -done +# KEY GENERATION +# Check whether --enable-keygen was given. +if test "${enable_keygen+set}" = set; then : + enableval=$enable_keygen; ENABLED_KEYGEN=$enableval +else + ENABLED_KEYGEN=no -for ac_header in sys/time.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_compiler=no + +if test "$ENABLED_KEYGEN" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_KEY_GEN" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes +# CERT GENERATION +# Check whether --enable-certgen was given. +if test "${enable_certgen+set}" = set; then : + enableval=$enable_certgen; ENABLED_CERTGEN=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_CERTGEN=no - ac_header_preproc=no fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - eval "$as_ac_Header=\$ac_header_preproc" +if test "$ENABLED_CERTGEN" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN" fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + + +# CERT REQUEST GENERATION +# Check whether --enable-certreq was given. +if test "${enable_certreq+set}" = set; then : + enableval=$enable_certreq; ENABLED_CERTREQ=$enableval +else + ENABLED_CERTREQ=no fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + +if test "$ENABLED_CERTREQ" = "yes" +then + if test "$ENABLED_CERTGEN" = "no" + then + as_fn_error $? "cannot enable certreq without enabling certgen." "$LINENO" 5 + fi + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ" fi -done +# SEP +# Check whether --enable-sep was given. +if test "${enable_sep+set}" = set; then : + enableval=$enable_sep; ENABLED_SEP=$enableval +else + ENABLED_SEP=no -for ac_header in errno.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_compiler=no +if test "$ENABLED_SEP" = "yes" +then + AM_CFLAGS="-DCYASSL_SEP -DKEEP_PEER_CERT $AM_CFLAGS" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes +# HKDF +# Check whether --enable-hkdf was given. +if test "${enable_hkdf+set}" = set; then : + enableval=$enable_hkdf; ENABLED_HKDF=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_HKDF=no + +fi - ac_header_preproc=no +if test "$ENABLED_HKDF" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_HKDF" fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# DSA +# Check whether --enable-dsa was given. +if test "${enable_dsa+set}" = set; then : + enableval=$enable_dsa; ENABLED_DSA=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" + ENABLED_DSA=no + fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + +if test "$ENABLED_DSA" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_DSA" fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + if test "x$ENABLED_DSA" = "xyes"; then + BUILD_DSA_TRUE= + BUILD_DSA_FALSE='#' +else + BUILD_DSA_TRUE='#' + BUILD_DSA_FALSE= fi -done -{ echo "$as_me:$LINENO: checking for socket in -lnetwork" >&5 -echo $ECHO_N "checking for socket in -lnetwork... $ECHO_C" >&6; } -if test "${ac_cv_lib_network_socket+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# ECC +# Check whether --enable-ecc was given. +if test "${enable_ecc+set}" = set; then : + enableval=$enable_ecc; ENABLED_ECC=$enableval else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lnetwork $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ + ENABLED_ECC=no -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char socket (); -int -main () -{ -return socket (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_network_socket=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 +fi - ac_cv_lib_network_socket=no + +if test "$ENABLED_ECC" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS + if test "x$ENABLED_ECC" = "xyes"; then + BUILD_ECC_TRUE= + BUILD_ECC_FALSE='#' +else + BUILD_ECC_TRUE='#' + BUILD_ECC_FALSE= fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_network_socket" >&5 -echo "${ECHO_T}$ac_cv_lib_network_socket" >&6; } -if test $ac_cv_lib_network_socket = yes; then - cat >>confdefs.h <<_ACEOF -#define HAVE_LIBNETWORK 1 -_ACEOF - LIBS="-lnetwork $LIBS" + +if test "$ENABLED_ECC" = "yes" && test "$ENABLED_SMALL" = "yes" +then + as_fn_error $? "cannot enable ecc and small, ecc requires TLS which small turns off." "$LINENO" 5 fi -{ echo "$as_me:$LINENO: checking for long long" >&5 -echo $ECHO_N "checking for long long... $ECHO_C" >&6; } -if test "${ac_cv_type_long_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef long long ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_long_long=yes + +# FP ECC, Fixed Point cache ECC +# Check whether --enable-fpecc was given. +if test "${enable_fpecc+set}" = set; then : + enableval=$enable_fpecc; ENABLED_FPECC=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_FPECC=no - ac_cv_type_long_long=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +if test "$ENABLED_FPECC" = "yes" +then + if test "$ENABLED_ECC" = "no" + then + as_fn_error $? "cannot enable fpecc without enabling ecc." "$LINENO" 5 + fi + AM_CFLAGS="$AM_CFLAGS -DFP_ECC" fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_long_long" >&5 -echo "${ECHO_T}$ac_cv_type_long_long" >&6; } -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ echo "$as_me:$LINENO: checking size of long long" >&5 -echo $ECHO_N "checking size of long long... $ECHO_C" >&6; } -if test "${ac_cv_sizeof_long_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +# ECC encrypt +# Check whether --enable-eccencrypt was given. +if test "${enable_eccencrypt+set}" = set; then : + enableval=$enable_eccencrypt; ENABLED_ECC_ENCRYPT=$enableval else - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= 0)]; -test_array [0] = 0 + ENABLED_ECC_ENCRYPT=no - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=0 ac_mid=0 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 +fi - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid; break -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_lo=`expr $ac_mid + 1` - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid + 1` +if test "$ENABLED_ECC_ENCRYPT" = "yes" +then + if test "$ENABLED_ECC" = "no" + then + as_fn_error $? "cannot enable eccencrypt without enabling ecc." "$LINENO" 5 + fi + if test "$ENABLED_HKDF" = "no" + then + as_fn_error $? "cannot enable eccencrypt without enabling hkdf." "$LINENO" 5 + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC_ENCRYPT" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done + +# PSK +# Check whether --enable-psk was given. +if test "${enable_psk+set}" = set; then : + enableval=$enable_psk; ENABLED_PSK=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_PSK=no - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) < 0)]; -test_array [0] = 0 +fi - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=$ac_mid; break +if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_PSK" +fi + +if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "yes" +then + ENABLED_PSK=yes +fi + + +# ERROR STRINGS +# Check whether --enable-errorstrings was given. +if test "${enable_errorstrings+set}" = set; then : + enableval=$enable_errorstrings; ENABLED_ERROR_STRINGS=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_ERROR_STRINGS=yes - ac_hi=`expr '(' $ac_mid ')' - 1` - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid` fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done + +if test "$ENABLED_ERROR_STRINGS" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + # turn off error strings if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS" + ENABLED_ERROR_STRINGS=no + fi +fi + + +# OLD TLS +# Check whether --enable-oldtls was given. +if test "${enable_oldtls+set}" = set; then : + enableval=$enable_oldtls; ENABLED_OLD_TLS=$enableval +else + ENABLED_OLD_TLS=yes - ac_lo= ac_hi= fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +if test "$ENABLED_OLD_TLS" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS" +else + # turn off old if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS" + ENABLED_OLD_TLS=no + fi fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid +# STACK SIZE info for examples +# Check whether --enable-stacksize was given. +if test "${enable_stacksize+set}" = set; then : + enableval=$enable_stacksize; ENABLED_STACKSIZE=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_STACKSIZE=no - ac_lo=`expr '(' $ac_mid ')' + 1` fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in -?*) ac_cv_sizeof_long_long=$ac_lo;; -'') if test "$ac_cv_type_long_long" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (long long) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (long long) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_long_long=0 - fi ;; -esac + +if test "$ENABLED_STACKSIZE" = "yes" +then + ac_fn_c_check_func "$LINENO" "posix_memalign" "ac_cv_func_posix_memalign" +if test "x$ac_cv_func_posix_memalign" = xyes; then : + else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + as_fn_error $? "stacksize needs posix_memalign" "$LINENO" 5 +fi + + ac_fn_c_check_func "$LINENO" "pthread_attr_setstack" "ac_cv_func_pthread_attr_setstack" +if test "x$ac_cv_func_pthread_attr_setstack" = xyes; then : + +else + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for pthread_attr_setstack in -lpthread" >&5 +$as_echo_n "checking for pthread_attr_setstack in -lpthread... " >&6; } +if ${ac_cv_lib_pthread_pthread_attr_setstack+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lpthread $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default - typedef long long ac__type_sizeof_; -static long int longval () { return (long int) (sizeof (ac__type_sizeof_)); } -static unsigned long int ulongval () { return (long int) (sizeof (ac__type_sizeof_)); } -#include -#include + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char pthread_attr_setstack (); int main () { - - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (((long int) (sizeof (ac__type_sizeof_))) < 0) - { - long int i = longval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%ld\n", i); - } - else - { - unsigned long int i = ulongval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%lu\n", i); - } - return ferror (f) || fclose (f) != 0; - +return pthread_attr_setstack (); ; return 0; } _ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_sizeof_long_long=`cat conftest.val` +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_pthread_pthread_attr_setstack=yes else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_pthread_pthread_attr_setstack=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_pthread_pthread_attr_setstack" >&5 +$as_echo "$ac_cv_lib_pthread_pthread_attr_setstack" >&6; } +if test "x$ac_cv_lib_pthread_pthread_attr_setstack" = xyes; then : + cat >>confdefs.h <<_ACEOF +#define HAVE_LIBPTHREAD 1 +_ACEOF + + LIBS="-lpthread $LIBS" -( exit $ac_status ) -if test "$ac_cv_type_long_long" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (long long) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (long long) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_long_long=0 - fi fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext + fi -rm -f conftest.val + + AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE -DCYASSL_LOW_MEMORY" fi -{ echo "$as_me:$LINENO: result: $ac_cv_sizeof_long_long" >&5 -echo "${ECHO_T}$ac_cv_sizeof_long_long" >&6; } +# MEMORY +# Check whether --enable-memory was given. +if test "${enable_memory+set}" = set; then : + enableval=$enable_memory; ENABLED_MEMORY=$enableval +else + ENABLED_MEMORY=yes -cat >>confdefs.h <<_ACEOF -#define SIZEOF_LONG_LONG $ac_cv_sizeof_long_long -_ACEOF +fi -{ echo "$as_me:$LINENO: checking for long" >&5 -echo $ECHO_N "checking for long... $ECHO_C" >&6; } -if test "${ac_cv_type_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_MEMORY" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_CYASSL_MEMORY" else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -typedef long ac__type_new_; -int -main () -{ -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_long=yes + # turn off memory cb if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + # but don't turn on NO_CYASSL_MEMORY because using own + ENABLED_MEMORY=no + fi +fi + + if test "x$ENABLED_MEMORY" = "xyes"; then + BUILD_MEMORY_TRUE= + BUILD_MEMORY_FALSE='#' else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + BUILD_MEMORY_TRUE='#' + BUILD_MEMORY_FALSE= +fi + + + +# RSA +# Check whether --enable-rsa was given. +if test "${enable_rsa+set}" = set; then : + enableval=$enable_rsa; ENABLED_RSA=$enableval +else + ENABLED_RSA=yes - ac_cv_type_long=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + +if test "$ENABLED_RSA" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_RSA" +else + # turn off RSA if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_RSA" + ENABLED_RSA=no + fi fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_long" >&5 -echo "${ECHO_T}$ac_cv_type_long" >&6; } -# The cast to long int works around a bug in the HP C Compiler -# version HP92453-01 B.11.11.23709.GP, which incorrectly rejects -# declarations like `int a3[[(sizeof (unsigned char)) >= 0]];'. -# This bug is HP SR number 8606223364. -{ echo "$as_me:$LINENO: checking size of long" >&5 -echo $ECHO_N "checking size of long... $ECHO_C" >&6; } -if test "${ac_cv_sizeof_long+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + if test "x$ENABLED_RSA" = "xyes"; then + BUILD_RSA_TRUE= + BUILD_RSA_FALSE='#' else - if test "$cross_compiling" = yes; then - # Depending upon the size, compute the lo and hi bounds. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= 0)]; -test_array [0] = 0 + BUILD_RSA_TRUE='#' + BUILD_RSA_FALSE= +fi - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=0 ac_mid=0 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid; break + +# DH +# Check whether --enable-dh was given. +if test "${enable_dh+set}" = set; then : + enableval=$enable_dh; ENABLED_DH=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_DH=no - ac_lo=`expr $ac_mid + 1` - if test $ac_lo -le $ac_mid; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid + 1` fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done + +if test "$ENABLED_DH" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_DH" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + # turn off DH if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_DH" + ENABLED_DH=no + fi +fi - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) < 0)]; -test_array [0] = 0 + if test "x$ENABLED_DH" = "xyes"; then + BUILD_DH_TRUE= + BUILD_DH_FALSE='#' +else + BUILD_DH_TRUE='#' + BUILD_DH_FALSE= +fi - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=-1 ac_mid=-1 - while :; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) >= $ac_mid)]; -test_array [0] = 0 - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_lo=$ac_mid; break + +# ASN +# turn off asn, which means no certs, no rsa, no dh, no dsa, no ecc, +# and no big int, use this to disable all public key stuff +# Check whether --enable-asn was given. +if test "${enable_asn+set}" = set; then : + enableval=$enable_asn; ENABLED_ASN=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_ASN=yes - ac_hi=`expr '(' $ac_mid ')' - 1` - if test $ac_mid -le $ac_hi; then - ac_lo= ac_hi= - break - fi - ac_mid=`expr 2 '*' $ac_mid` fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - done + +if test "$ENABLED_ASN" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + # turn off ASN if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT" + ENABLED_ASN=no + fi +fi - ac_lo= ac_hi= +if test "$ENABLED_RSA" = "yes" && test "$ENABLED_ASN" = "no" +then + as_fn_error $? "please disable rsa if disabling asn." "$LINENO" 5 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext +if test "$ENABLED_DSA" = "yes" && test "$ENABLED_ASN" = "no" +then + as_fn_error $? "please disable dsa if disabling asn." "$LINENO" 5 fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -# Binary search between lo and hi bounds. -while test "x$ac_lo" != "x$ac_hi"; do - ac_mid=`expr '(' $ac_hi - $ac_lo ')' / 2 + $ac_lo` - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -int -main () -{ -static int test_array [1 - 2 * !(((long int) (sizeof (ac__type_sizeof_))) <= $ac_mid)]; -test_array [0] = 0 +if test "$ENABLED_DH" = "yes" && test "$ENABLED_ASN" = "no" +then + as_fn_error $? "please disable dh if disabling asn." "$LINENO" 5 +fi - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_hi=$ac_mid +if test "$ENABLED_ECC" = "yes" && test "$ENABLED_ASN" = "no" +then + as_fn_error $? "please disable ecc if disabling asn." "$LINENO" 5 +fi + +if test "$ENABLED_PSK" = "no" && test "$ENABLED_ASN" = "no" +then + as_fn_error $? "please enable psk if disabling asn." "$LINENO" 5 +fi + +if test "$ENABLED_ASN" = "no" +then + ENABLED_FASTMATH=no + ENABLED_SLOWMATH=no +fi + + if test "x$ENABLED_ASN" = "xyes"; then + BUILD_ASN_TRUE= + BUILD_ASN_FALSE='#' else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + BUILD_ASN_TRUE='#' + BUILD_ASN_FALSE= +fi + + + +# AES +# Check whether --enable-aes was given. +if test "${enable_aes+set}" = set; then : + enableval=$enable_aes; ENABLED_AES=$enableval +else + ENABLED_AES=yes - ac_lo=`expr '(' $ac_mid ')' + 1` fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -done -case $ac_lo in -?*) ac_cv_sizeof_long=$ac_lo;; -'') if test "$ac_cv_type_long" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (long) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (long) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_long=0 - fi ;; -esac + +if test "$ENABLED_AES" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_AES" else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default - typedef long ac__type_sizeof_; -static long int longval () { return (long int) (sizeof (ac__type_sizeof_)); } -static unsigned long int ulongval () { return (long int) (sizeof (ac__type_sizeof_)); } -#include -#include -int -main () -{ + # turn off AES if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_AES" + ENABLED_AES=no + fi +fi - FILE *f = fopen ("conftest.val", "w"); - if (! f) - return 1; - if (((long int) (sizeof (ac__type_sizeof_))) < 0) - { - long int i = longval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%ld\n", i); - } - else - { - unsigned long int i = ulongval (); - if (i != ((long int) (sizeof (ac__type_sizeof_)))) - return 1; - fprintf (f, "%lu\n", i); - } - return ferror (f) || fclose (f) != 0; + if test "x$ENABLED_AES" = "xyes"; then + BUILD_AES_TRUE= + BUILD_AES_FALSE='#' +else + BUILD_AES_TRUE='#' + BUILD_AES_FALSE= +fi - ; - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_sizeof_long=`cat conftest.val` + + +# CODING +# Check whether --enable-coding was given. +if test "${enable_coding+set}" = set; then : + enableval=$enable_coding; ENABLED_CODING=$enableval else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_CODING=yes -( exit $ac_status ) -if test "$ac_cv_type_long" = yes; then - { { echo "$as_me:$LINENO: error: cannot compute sizeof (long) -See \`config.log' for more details." >&5 -echo "$as_me: error: cannot compute sizeof (long) -See \`config.log' for more details." >&2;} - { (exit 77); exit 77; }; } - else - ac_cv_sizeof_long=0 - fi fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext + + +if test "$ENABLED_CODING" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_CODING" +else + # turn off CODING if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_CODING" + ENABLED_CODING=no + fi fi -rm -f conftest.val + + if test "x$ENABLED_CODING" = "xyes"; then + BUILD_CODING_TRUE= + BUILD_CODING_FALSE='#' +else + BUILD_CODING_TRUE='#' + BUILD_CODING_FALSE= fi -{ echo "$as_me:$LINENO: result: $ac_cv_sizeof_long" >&5 -echo "${ECHO_T}$ac_cv_sizeof_long" >&6; } -cat >>confdefs.h <<_ACEOF -#define SIZEOF_LONG $ac_cv_sizeof_long -_ACEOF +# DES3 +# Check whether --enable-des3 was given. +if test "${enable_des3+set}" = set; then : + enableval=$enable_des3; ENABLED_DES3=$enableval +else + ENABLED_DES3=yes + +fi -{ echo "$as_me:$LINENO: checking whether byte ordering is bigendian" >&5 -echo $ECHO_N "checking whether byte ordering is bigendian... $ECHO_C" >&6; } -if test "${ac_cv_c_bigendian+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_DES3" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_DES3" else - # See if sys/param.h defines the BYTE_ORDER macro. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include + # turn off DES3 if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_DES3" + ENABLED_DES3=no + fi +fi -int -main () -{ -#if ! (defined BYTE_ORDER && defined BIG_ENDIAN && defined LITTLE_ENDIAN \ - && BYTE_ORDER && BIG_ENDIAN && LITTLE_ENDIAN) - bogus endian macros -#endif + if test "x$ENABLED_DES3" = "xyes"; then + BUILD_DES3_TRUE= + BUILD_DES3_FALSE='#' +else + BUILD_DES3_TRUE='#' + BUILD_DES3_FALSE= +fi - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - # It does; now see whether it defined to BIG_ENDIAN or not. -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -int -main () -{ -#if BYTE_ORDER != BIG_ENDIAN - not big endian -#endif - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_c_bigendian=yes +# ARC4 +# Check whether --enable-arc4 was given. +if test "${enable_arc4+set}" = set; then : + enableval=$enable_arc4; ENABLED_ARC4=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_ARC4=yes - ac_cv_c_bigendian=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - # It does not; compile a test program. -if test "$cross_compiling" = yes; then - # try to guess the endianness by grepping values into an object file - ac_cv_c_bigendian=unknown - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -short int ascii_mm[] = { 0x4249, 0x4765, 0x6E44, 0x6961, 0x6E53, 0x7953, 0 }; -short int ascii_ii[] = { 0x694C, 0x5454, 0x656C, 0x6E45, 0x6944, 0x6E61, 0 }; -void _ascii () { char *s = (char *) ascii_mm; s = (char *) ascii_ii; } -short int ebcdic_ii[] = { 0x89D3, 0xE3E3, 0x8593, 0x95C5, 0x89C4, 0x9581, 0 }; -short int ebcdic_mm[] = { 0xC2C9, 0xC785, 0x95C4, 0x8981, 0x95E2, 0xA8E2, 0 }; -void _ebcdic () { char *s = (char *) ebcdic_mm; s = (char *) ebcdic_ii; } -int -main () -{ - _ascii (); _ebcdic (); - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - if grep BIGenDianSyS conftest.$ac_objext >/dev/null ; then - ac_cv_c_bigendian=yes +if test "$ENABLED_ARC4" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_RC4" +else + # turn off ARC4 if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_RC4" + ENABLED_ARC4=no + fi fi -if grep LiTTleEnDian conftest.$ac_objext >/dev/null ; then - if test "$ac_cv_c_bigendian" = unknown; then - ac_cv_c_bigendian=no - else - # finding both strings is unlikely to happen, but who knows? - ac_cv_c_bigendian=unknown - fi + + if test "x$ENABLED_ARC4" = "xyes"; then + BUILD_RC4_TRUE= + BUILD_RC4_FALSE='#' +else + BUILD_RC4_TRUE='#' + BUILD_RC4_FALSE= fi + + + +# MD5 +# Check whether --enable-md5 was given. +if test "${enable_md5+set}" = set; then : + enableval=$enable_md5; ENABLED_MD5=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_MD5=yes + +fi +if test "$ENABLED_MD5" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS" +else + # turn off MD5 if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS" + ENABLED_MD5=no + fi fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if test "x$ENABLED_MD5" = "xyes"; then + BUILD_MD5_TRUE= + BUILD_MD5_FALSE='#' else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -int -main () -{ + BUILD_MD5_TRUE='#' + BUILD_MD5_FALSE= +fi - /* Are we little or big endian? From Harbison&Steele. */ - union - { - long int l; - char c[sizeof (long int)]; - } u; - u.l = 1; - return u.c[sizeof (long int) - 1] == 1; - ; - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_c_bigendian=no + +# SHA +# Check whether --enable-sha was given. +if test "${enable_sha+set}" = set; then : + enableval=$enable_sha; ENABLED_SHA=$enableval else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_SHA=yes -( exit $ac_status ) -ac_cv_c_bigendian=yes -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi +if test "$ENABLED_SHA" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS" +else + # turn off SHA if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS" + ENABLED_SHA=no + fi fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + if test "x$ENABLED_SHA" = "xyes"; then + BUILD_SHA_TRUE= + BUILD_SHA_FALSE='#' +else + BUILD_SHA_TRUE='#' + BUILD_SHA_FALSE= fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_bigendian" >&5 -echo "${ECHO_T}$ac_cv_c_bigendian" >&6; } -case $ac_cv_c_bigendian in - yes) -cat >>confdefs.h <<\_ACEOF -#define WORDS_BIGENDIAN 1 -_ACEOF - ;; - no) - ;; - *) - { { echo "$as_me:$LINENO: error: unknown endianness -presetting ac_cv_c_bigendian=no (or yes) will help" >&5 -echo "$as_me: error: unknown endianness -presetting ac_cv_c_bigendian=no (or yes) will help" >&2;} - { (exit 1); exit 1; }; } ;; -esac -# Check whether --enable-static was given. -if test "${enable_static+set}" = set; then - enableval=$enable_static; p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac + +# MD4 +# Check whether --enable-md4 was given. +if test "${enable_md4+set}" = set; then : + enableval=$enable_md4; ENABLED_MD4=$enableval else - enable_static=no + ENABLED_MD4=no + fi +if test "$ENABLED_MD4" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_MD4" +fi + if test "x$ENABLED_MD4" = "xyes"; then + BUILD_MD4_TRUE= + BUILD_MD4_FALSE='#' +else + BUILD_MD4_TRUE='#' + BUILD_MD4_FALSE= +fi -# Check whether --enable-static was given. -if test "${enable_static+set}" = set; then - enableval=$enable_static; p=${PACKAGE-default} - case $enableval in - yes) enable_static=yes ;; - no) enable_static=no ;; - *) - enable_static=no - # Look at the argument we got. We use all the common list separators. - lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," - for pkg in $enableval; do - IFS="$lt_save_ifs" - if test "X$pkg" = "X$p"; then - enable_static=yes - fi - done - IFS="$lt_save_ifs" - ;; - esac +# Web Server Build +# Check whether --enable-webserver was given. +if test "${enable_webserver+set}" = set; then : + enableval=$enable_webserver; ENABLED_WEBSERVER=$enableval +else + ENABLED_WEBSERVER=no + +fi + + +if test "$ENABLED_WEBSERVER" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER" +fi + + +# PWDBASED +# Check whether --enable-pwdbased was given. +if test "${enable_pwdbased+set}" = set; then : + enableval=$enable_pwdbased; ENABLED_PWDBASED=$enableval else - enable_static=no + ENABLED_PWDBASED=no + fi +if test "$ENABLED_PWDBASED" = "no" +then + if test "$ENABLED_OPENSSLEXTRA" = "yes" || test "$ENABLED_WEBSERVER" = "yes" + then + # opensslextra and webserver needs pwdbased + ENABLED_PWDBASED=yes + else + AM_CFLAGS="$AM_CFLAGS -DNO_PWDBASED" + fi +fi + if test "x$ENABLED_PWDBASED" = "xyes"; then + BUILD_PWDBASED_TRUE= + BUILD_PWDBASED_FALSE='#' +else + BUILD_PWDBASED_TRUE='#' + BUILD_PWDBASED_FALSE= +fi +# HC128 +# Check whether --enable-hc128 was given. +if test "${enable_hc128+set}" = set; then : + enableval=$enable_hc128; ENABLED_HC128=$enableval +else + ENABLED_HC128=no -for ac_header in stdlib.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes + + +if test "$ENABLED_HC128" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_HC128" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128" +fi - ac_header_compiler=no + if test "x$ENABLED_HC128" = "xyes"; then + BUILD_HC128_TRUE= + BUILD_HC128_FALSE='#' +else + BUILD_HC128_TRUE='#' + BUILD_HC128_FALSE= fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes + +# RABBIT +# Check whether --enable-rabbit was given. +if test "${enable_rabbit+set}" = set; then : + enableval=$enable_rabbit; ENABLED_RABBIT=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_RABBIT=no - ac_header_preproc=no fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_RABBIT" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_RABBIT" else - eval "$as_ac_Header=\$ac_header_preproc" + AM_CFLAGS="$AM_CFLAGS -DHAVE_RABBIT" fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + if test "x$ENABLED_RABBIT" = "xyes"; then + BUILD_RABBIT_TRUE= + BUILD_RABBIT_FALSE='#' +else + BUILD_RABBIT_TRUE='#' + BUILD_RABBIT_FALSE= fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF -fi -done -{ echo "$as_me:$LINENO: checking for GNU libc compatible malloc" >&5 -echo $ECHO_N "checking for GNU libc compatible malloc... $ECHO_C" >&6; } -if test "${ac_cv_func_malloc_0_nonnull+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# FIPS +# Check whether --enable-fips was given. +if test "${enable_fips+set}" = set; then : + enableval=$enable_fips; ENABLED_FIPS=$enableval else - if test "$cross_compiling" = yes; then - ac_cv_func_malloc_0_nonnull=no -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#if defined STDC_HEADERS || defined HAVE_STDLIB_H -# include -#else -char *malloc (); -#endif + ENABLED_FIPS=no -int -main () -{ -return ! malloc (0); - ; - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_malloc_0_nonnull=yes +fi + + +if test "x$ENABLED_FIPS" = "xyes" +then + # requires thread local storage + if test "$thread_ls_on" = "no" + then + as_fn_error $? "FIPS requires Thread Local Storage" "$LINENO" 5 + fi + # requires SHA512 + if test "x$ENABLED_SHA512" = "xno" + then + ENABLED_SHA512="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SHA512 -DCYASSL_SHA384" + if test "x$ENABLED_SHA512" = "xyes"; then + BUILD_SHA512_TRUE= + BUILD_SHA512_FALSE='#' else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + BUILD_SHA512_TRUE='#' + BUILD_SHA512_FALSE= +fi -( exit $ac_status ) -ac_cv_func_malloc_0_nonnull=no + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS" fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext + + if test "x$ENABLED_FIPS" = "xyes"; then + BUILD_FIPS_TRUE= + BUILD_FIPS_FALSE='#' +else + BUILD_FIPS_TRUE='#' + BUILD_FIPS_FALSE= fi + +# Hash DRBG +# Check whether --enable-hashdrbg was given. +if test "${enable_hashdrbg+set}" = set; then : + enableval=$enable_hashdrbg; ENABLED_HASHDRBG=$enableval +else + ENABLED_HASHDRBG=no + fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_malloc_0_nonnull" >&5 -echo "${ECHO_T}$ac_cv_func_malloc_0_nonnull" >&6; } -if test $ac_cv_func_malloc_0_nonnull = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_MALLOC 1 -_ACEOF +if test "x$ENABLED_HASHDRBG" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG" else - cat >>confdefs.h <<\_ACEOF -#define HAVE_MALLOC 0 -_ACEOF - - case " $LIBOBJS " in - *" malloc.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS malloc.$ac_objext" - ;; -esac + # turn on Hash DRBG if FIPS is on or ARC4 is off + if test "x$ENABLED_FIPS" = "xyes" || test "x$ENABLED_ARC4" = "xno" + then + AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG" + ENABLED_HASHDRBG=yes + fi +fi -cat >>confdefs.h <<\_ACEOF -#define malloc rpl_malloc -_ACEOF +# Filesystem Build +# Check whether --enable-filesystem was given. +if test "${enable_filesystem+set}" = set; then : + enableval=$enable_filesystem; ENABLED_FILESYSTEM=$enableval +else + ENABLED_FILESYSTEM=yes fi - -{ echo "$as_me:$LINENO: checking whether time.h and sys/time.h may both be included" >&5 -echo $ECHO_N "checking whether time.h and sys/time.h may both be included... $ECHO_C" >&6; } -if test "${ac_cv_header_time+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_FILESYSTEM" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM" else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include + # turn off filesystem if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM" + ENABLED_FILESYSTEM=no + fi +fi -int -main () -{ -if ((struct tm *) 0) -return 0; - ; - return 0; -} -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_header_time=yes + +# inline Build +# Check whether --enable-inline was given. +if test "${enable_inline+set}" = set; then : + enableval=$enable_inline; ENABLED_INLINE=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_INLINE=yes - ac_cv_header_time=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi -{ echo "$as_me:$LINENO: result: $ac_cv_header_time" >&5 -echo "${ECHO_T}$ac_cv_header_time" >&6; } -if test $ac_cv_header_time = yes; then -cat >>confdefs.h <<\_ACEOF -#define TIME_WITH_SYS_TIME 1 -_ACEOF +if test "$ENABLED_INLINE" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_INLINE" +fi + if test "x$ENABLED_INLINE" = "xyes"; then + BUILD_INLINE_TRUE= + BUILD_INLINE_FALSE='#' +else + BUILD_INLINE_TRUE='#' + BUILD_INLINE_FALSE= fi +# OCSP +# Check whether --enable-ocsp was given. +if test "${enable_ocsp+set}" = set; then : + enableval=$enable_ocsp; ENABLED_OCSP=$enableval +else + ENABLED_OCSP=no +fi -for ac_header in $ac_header_list -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_OCSP" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP" fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + + if test "x$ENABLED_OCSP" = "xyes"; then + BUILD_OCSP_TRUE= + BUILD_OCSP_FALSE='#' else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes + BUILD_OCSP_TRUE='#' + BUILD_OCSP_FALSE= +fi + + + +if test "$ENABLED_OCSP" = "yes" +then + # check openssl command tool for testing ocsp + # Extract the first word of "openssl", so it can be a program name with args. +set dummy openssl; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_HAVE_OPENSSL_CMD+:} false; then : + $as_echo_n "(cached) " >&6 else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + if test -n "$HAVE_OPENSSL_CMD"; then + ac_cv_prog_HAVE_OPENSSL_CMD="$HAVE_OPENSSL_CMD" # Let the user override the test. +else +as_save_IFS=$IFS; IFS=$PATH_SEPARATOR +for as_dir in $PATH +do + IFS=$as_save_IFS + test -z "$as_dir" && as_dir=. + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_HAVE_OPENSSL_CMD="yes" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 + break 2 + fi +done + done +IFS=$as_save_IFS - ac_header_compiler=no + test -z "$ac_cv_prog_HAVE_OPENSSL_CMD" && ac_cv_prog_HAVE_OPENSSL_CMD="no" +fi +fi +HAVE_OPENSSL_CMD=$ac_cv_prog_HAVE_OPENSSL_CMD +if test -n "$HAVE_OPENSSL_CMD"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $HAVE_OPENSSL_CMD" >&5 +$as_echo "$HAVE_OPENSSL_CMD" >&6; } +else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_preproc=no + if test "$HAVE_OPENSSL_CMD" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DHAVE_OPENSSL_CMD" + else + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: openssl command line tool not available for testing ocsp" >&5 +$as_echo "$as_me: WARNING: openssl command line tool not available for testing ocsp" >&2;} + fi fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# CRL +# Check whether --enable-crl was given. +if test "${enable_crl+set}" = set; then : + enableval=$enable_crl; ENABLED_CRL=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" + ENABLED_CRL=no fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF +if test "$ENABLED_CRL" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL" fi -done + if test "x$ENABLED_CRL" = "xyes"; then + BUILD_CRL_TRUE= + BUILD_CRL_FALSE='#' +else + BUILD_CRL_TRUE='#' + BUILD_CRL_FALSE= +fi +# CRL Monitor +# Check whether --enable-crl-monitor was given. +if test "${enable_crl_monitor+set}" = set; then : + enableval=$enable_crl_monitor; ENABLED_CRL_MONITOR=$enableval +else + ENABLED_CRL_MONITOR=no +fi +if test "$ENABLED_CRL_MONITOR" = "yes" +then + case $host_os in + *linux* | *darwin* | *freebsd*) + AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" ;; + *) + as_fn_error $? "crl monitor only allowed on linux, OS X, or freebsd" "$LINENO" 5 ;; + esac +fi + if test "x$ENABLED_CRL_MONITOR" = "xyes"; then + BUILD_CRL_MONITOR_TRUE= + BUILD_CRL_MONITOR_FALSE='#' +else + BUILD_CRL_MONITOR_TRUE='#' + BUILD_CRL_MONITOR_FALSE= +fi -for ac_func in $ac_func_list -do -as_ac_var=`echo "ac_cv_func_$ac_func" | $as_tr_sh` -{ echo "$as_me:$LINENO: checking for $ac_func" >&5 -echo $ECHO_N "checking for $ac_func... $ECHO_C" >&6; } -if { as_var=$as_ac_var; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +# NTRU +ENABLED_NTRU="no" +tryntrudir="" + +# Check whether --with-ntru was given. +if test "${with_ntru+set}" = set; then : + withval=$with_ntru; + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for NTRU" >&5 +$as_echo_n "checking for NTRU... " >&6; } + CPPFLAGS="$CPPFLAGS -DHAVE_NTRU" + LIBS="$LIBS -lNTRUEncrypt" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Define $ac_func to an innocuous variant, in case declares $ac_func. - For example, HP-UX 11i declares gettimeofday. */ -#define $ac_func innocuous_$ac_func - -/* System header to define __stub macros and hopefully few prototypes, - which can conflict with char $ac_func (); below. - Prefer to if __STDC__ is defined, since - exists even on freestanding compilers. */ - -#ifdef __STDC__ -# include -#else -# include -#endif - -#undef $ac_func - -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char $ac_func (); -/* The GNU C library defines this for functions which it implements - to always fail with ENOSYS. Some functions are actually named - something starting with __ and the normal name is an alias. */ -#if defined __stub_$ac_func || defined __stub___$ac_func -choke me -#endif - +#include int main () { -return $ac_func (); + ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - eval "$as_ac_var=yes" +if ac_fn_c_try_link "$LINENO"; then : + ntru_linked=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - eval "$as_ac_var=no" -fi - -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -fi -ac_res=`eval echo '${'$as_ac_var'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -if test `eval echo '${'$as_ac_var'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_func" | $as_tr_cpp` 1 -_ACEOF - + ntru_linked=no fi -done - - - - - +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test "x$ntru_linked" == "xno" ; then + if test "x$withval" != "xno" ; then + tryntrudir=$withval + fi + if test "x$withval" == "xyes" ; then + tryntrudir="/usr" + fi + LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib" + CPPFLAGS="$CPPFLAGS -I$tryntrudir/include" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ + ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ntru_linked=yes +else + ntru_linked=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + if test "x$ntru_linked" == "xno" ; then + as_fn_error $? "NTRU isn't found. + If it's already installed, specify its path using --with-ntru=/dir/" "$LINENO" 5 + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + AM_LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib" + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU" + ENABLED_NTRU="yes" +fi + if test "x$ENABLED_NTRU" = "xyes"; then + BUILD_NTRU_TRUE= + BUILD_NTRU_FALSE='#' +else + BUILD_NTRU_TRUE='#' + BUILD_NTRU_FALSE= +fi +if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes" +then + as_fn_error $? "cannot enable ntru and small, ntru requires TLS which small turns off." "$LINENO" 5 +fi -{ echo "$as_me:$LINENO: checking for working mktime" >&5 -echo $ECHO_N "checking for working mktime... $ECHO_C" >&6; } -if test "${ac_cv_func_working_mktime+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# SNI +# Check whether --enable-sni was given. +if test "${enable_sni+set}" = set; then : + enableval=$enable_sni; ENABLED_SNI=$enableval else - if test "$cross_compiling" = yes; then - ac_cv_func_working_mktime=no -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -/* Test program from Paul Eggert and Tony Leneis. */ -#ifdef TIME_WITH_SYS_TIME -# include -# include -#else -# ifdef HAVE_SYS_TIME_H -# include -# else -# include -# endif -#endif - -#include - -#ifdef HAVE_UNISTD_H -# include -#endif + ENABLED_SNI=no -#ifndef HAVE_ALARM -# define alarm(X) /* empty */ -#endif +fi -/* Work around redefinition to rpl_putenv by other config tests. */ -#undef putenv -static time_t time_t_max; -static time_t time_t_min; +if test "x$ENABLED_SNI" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI" +fi -/* Values we'll use to set the TZ environment variable. */ -static char *tz_strings[] = { - (char *) 0, "TZ=GMT0", "TZ=JST-9", - "TZ=EST+3EDT+2,M10.1.0/00:00:00,M2.3.0/00:00:00" -}; -#define N_STRINGS (sizeof (tz_strings) / sizeof (tz_strings[0])) +# Maximum Fragment Length +# Check whether --enable-maxfragment was given. +if test "${enable_maxfragment+set}" = set; then : + enableval=$enable_maxfragment; ENABLED_MAX_FRAGMENT=$enableval +else + ENABLED_MAX_FRAGMENT=no -/* Return 0 if mktime fails to convert a date in the spring-forward gap. - Based on a problem report from Andreas Jaeger. */ -static int -spring_forward_gap () -{ - /* glibc (up to about 1998-10-07) failed this test. */ - struct tm tm; - - /* Use the portable POSIX.1 specification "TZ=PST8PDT,M4.1.0,M10.5.0" - instead of "TZ=America/Vancouver" in order to detect the bug even - on systems that don't support the Olson extension, or don't have the - full zoneinfo tables installed. */ - putenv ("TZ=PST8PDT,M4.1.0,M10.5.0"); - - tm.tm_year = 98; - tm.tm_mon = 3; - tm.tm_mday = 5; - tm.tm_hour = 2; - tm.tm_min = 0; - tm.tm_sec = 0; - tm.tm_isdst = -1; - return mktime (&tm) != (time_t) -1; -} +fi -static int -mktime_test1 (now) - time_t now; -{ - struct tm *lt; - return ! (lt = localtime (&now)) || mktime (lt) == now; -} -static int -mktime_test (now) - time_t now; -{ - return (mktime_test1 (now) - && mktime_test1 ((time_t) (time_t_max - now)) - && mktime_test1 ((time_t) (time_t_min + now))); -} +if test "x$ENABLED_MAX_FRAGMENT" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_MAX_FRAGMENT" +fi -static int -irix_6_4_bug () -{ - /* Based on code from Ariel Faigon. */ - struct tm tm; - tm.tm_year = 96; - tm.tm_mon = 3; - tm.tm_mday = 0; - tm.tm_hour = 0; - tm.tm_min = 0; - tm.tm_sec = 0; - tm.tm_isdst = -1; - mktime (&tm); - return tm.tm_mon == 2 && tm.tm_mday == 31; -} +# Truncated HMAC +# Check whether --enable-truncatedhmac was given. +if test "${enable_truncatedhmac+set}" = set; then : + enableval=$enable_truncatedhmac; ENABLED_TRUNCATED_HMAC=$enableval +else + ENABLED_TRUNCATED_HMAC=no -static int -bigtime_test (j) - int j; -{ - struct tm tm; - time_t now; - tm.tm_year = tm.tm_mon = tm.tm_mday = tm.tm_hour = tm.tm_min = tm.tm_sec = j; - now = mktime (&tm); - if (now != (time_t) -1) - { - struct tm *lt = localtime (&now); - if (! (lt - && lt->tm_year == tm.tm_year - && lt->tm_mon == tm.tm_mon - && lt->tm_mday == tm.tm_mday - && lt->tm_hour == tm.tm_hour - && lt->tm_min == tm.tm_min - && lt->tm_sec == tm.tm_sec - && lt->tm_yday == tm.tm_yday - && lt->tm_wday == tm.tm_wday - && ((lt->tm_isdst < 0 ? -1 : 0 < lt->tm_isdst) - == (tm.tm_isdst < 0 ? -1 : 0 < tm.tm_isdst)))) - return 0; - } - return 1; -} +fi -static int -year_2050_test () -{ - /* The correct answer for 2050-02-01 00:00:00 in Pacific time, - ignoring leap seconds. */ - unsigned long int answer = 2527315200UL; - - struct tm tm; - time_t t; - tm.tm_year = 2050 - 1900; - tm.tm_mon = 2 - 1; - tm.tm_mday = 1; - tm.tm_hour = tm.tm_min = tm.tm_sec = 0; - tm.tm_isdst = -1; - - /* Use the portable POSIX.1 specification "TZ=PST8PDT,M4.1.0,M10.5.0" - instead of "TZ=America/Vancouver" in order to detect the bug even - on systems that don't support the Olson extension, or don't have the - full zoneinfo tables installed. */ - putenv ("TZ=PST8PDT,M4.1.0,M10.5.0"); - - t = mktime (&tm); - - /* Check that the result is either a failure, or close enough - to the correct answer that we can assume the discrepancy is - due to leap seconds. */ - return (t == (time_t) -1 - || (0 < t && answer - 120 <= t && t <= answer + 120)); -} -int -main () -{ - time_t t, delta; - int i, j; - - /* This test makes some buggy mktime implementations loop. - Give up after 60 seconds; a mktime slower than that - isn't worth using anyway. */ - alarm (60); - - for (time_t_max = 1; 0 < time_t_max; time_t_max *= 2) - continue; - time_t_max--; - if ((time_t) -1 < 0) - for (time_t_min = -1; (time_t) (time_t_min * 2) < 0; time_t_min *= 2) - continue; - delta = time_t_max / 997; /* a suitable prime number */ - for (i = 0; i < N_STRINGS; i++) - { - if (tz_strings[i]) - putenv (tz_strings[i]); - - for (t = 0; t <= time_t_max - delta; t += delta) - if (! mktime_test (t)) - return 1; - if (! (mktime_test ((time_t) 1) - && mktime_test ((time_t) (60 * 60)) - && mktime_test ((time_t) (60 * 60 * 24)))) - return 1; +if test "x$ENABLED_TRUNCATED_HMAC" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC" +fi - for (j = 1; 0 < j; j *= 2) - if (! bigtime_test (j)) - return 1; - if (! bigtime_test (j - 1)) - return 1; - } - return ! (irix_6_4_bug () && spring_forward_gap () && year_2050_test ()); -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_working_mktime=yes +# Renegotiation Indication +# Check whether --enable-renegotiation-indication was given. +if test "${enable_renegotiation_indication+set}" = set; then : + enableval=$enable_renegotiation_indication; ENABLED_RENEGOTIATION_INDICATION=$enableval else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_RENEGOTIATION_INDICATION=no -( exit $ac_status ) -ac_cv_func_working_mktime=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi +if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_RENEGOTIATION_INDICATION" fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_working_mktime" >&5 -echo "${ECHO_T}$ac_cv_func_working_mktime" >&6; } -if test $ac_cv_func_working_mktime = no; then - case " $LIBOBJS " in - *" mktime.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS mktime.$ac_objext" - ;; -esac + +# Supported Elliptic Curves Extensions +# Check whether --enable-supportedcurves was given. +if test "${enable_supportedcurves+set}" = set; then : + enableval=$enable_supportedcurves; ENABLED_SUPPORTED_CURVES=$enableval +else + ENABLED_SUPPORTED_CURVES=no fi -for ac_header in stdlib.h -do -as_ac_Header=`echo "ac_cv_header_$ac_header" | $as_tr_sh` -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - { echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "x$ENABLED_SUPPORTED_CURVES" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES" fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } -else - # Is the header compilable? -{ echo "$as_me:$LINENO: checking $ac_header usability" >&5 -echo $ECHO_N "checking $ac_header usability... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -$ac_includes_default -#include <$ac_header> -_ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_header_compiler=yes + +# TLS Extensions +# Check whether --enable-tlsx was given. +if test "${enable_tlsx+set}" = set; then : + enableval=$enable_tlsx; ENABLED_TLSX=$enableval else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_TLSX=no - ac_header_compiler=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_compiler" >&5 -echo "${ECHO_T}$ac_header_compiler" >&6; } - -# Is the header present? -{ echo "$as_me:$LINENO: checking $ac_header presence" >&5 -echo $ECHO_N "checking $ac_header presence... $ECHO_C" >&6; } -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include <$ac_header> -_ACEOF -if { (ac_try="$ac_cpp conftest.$ac_ext" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_cpp conftest.$ac_ext") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } >/dev/null && { - test -z "$ac_c_preproc_warn_flag$ac_c_werror_flag" || - test ! -s conftest.err - }; then - ac_header_preproc=yes -else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_header_preproc=no +if test "x$ENABLED_TLSX" = "xyes" +then + ENABLED_SNI=yes + ENABLED_MAX_FRAGMENT=yes + ENABLED_TRUNCATED_HMAC=yes + ENABLED_RENEGOTIATION_INDICATION=yes + ENABLED_SUPPORTED_CURVES=yes + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_RENEGOTIATION_INDICATION -DHAVE_SUPPORTED_CURVES" fi -rm -f conftest.err conftest.$ac_ext -{ echo "$as_me:$LINENO: result: $ac_header_preproc" >&5 -echo "${ECHO_T}$ac_header_preproc" >&6; } - -# So? What about this header? -case $ac_header_compiler:$ac_header_preproc:$ac_c_preproc_warn_flag in - yes:no: ) - { echo "$as_me:$LINENO: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&5 -echo "$as_me: WARNING: $ac_header: accepted by the compiler, rejected by the preprocessor!" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the compiler's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the compiler's result" >&2;} - ac_header_preproc=yes - ;; - no:yes:* ) - { echo "$as_me:$LINENO: WARNING: $ac_header: present but cannot be compiled" >&5 -echo "$as_me: WARNING: $ac_header: present but cannot be compiled" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: check for missing prerequisite headers?" >&5 -echo "$as_me: WARNING: $ac_header: check for missing prerequisite headers?" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: see the Autoconf documentation" >&5 -echo "$as_me: WARNING: $ac_header: see the Autoconf documentation" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&5 -echo "$as_me: WARNING: $ac_header: section \"Present But Cannot Be Compiled\"" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: proceeding with the preprocessor's result" >&5 -echo "$as_me: WARNING: $ac_header: proceeding with the preprocessor's result" >&2;} - { echo "$as_me:$LINENO: WARNING: $ac_header: in the future, the compiler will take precedence" >&5 -echo "$as_me: WARNING: $ac_header: in the future, the compiler will take precedence" >&2;} - ( cat <<\_ASBOX -## ----------------------------------- ## -## Report this to http://www.yassl.com ## -## ----------------------------------- ## -_ASBOX - ) | sed "s/^/$as_me: WARNING: /" >&2 - ;; -esac -{ echo "$as_me:$LINENO: checking for $ac_header" >&5 -echo $ECHO_N "checking for $ac_header... $ECHO_C" >&6; } -if { as_var=$as_ac_Header; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +# PKCS7 +# Check whether --enable-pkcs7 was given. +if test "${enable_pkcs7+set}" = set; then : + enableval=$enable_pkcs7; ENABLED_PKCS7=$enableval else - eval "$as_ac_Header=\$ac_header_preproc" + ENABLED_PKCS7=no fi -ac_res=`eval echo '${'$as_ac_Header'}'` - { echo "$as_me:$LINENO: result: $ac_res" >&5 -echo "${ECHO_T}$ac_res" >&6; } + +if test "$ENABLED_PKCS7" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7" fi -if test `eval echo '${'$as_ac_Header'}'` = yes; then - cat >>confdefs.h <<_ACEOF -#define `echo "HAVE_$ac_header" | $as_tr_cpp` 1 -_ACEOF + if test "x$ENABLED_PKCS7" = "xyes"; then + BUILD_PKCS7_TRUE= + BUILD_PKCS7_FALSE='#' +else + BUILD_PKCS7_TRUE='#' + BUILD_PKCS7_FALSE= fi -done -{ echo "$as_me:$LINENO: checking for GNU libc compatible realloc" >&5 -echo $ECHO_N "checking for GNU libc compatible realloc... $ECHO_C" >&6; } -if test "${ac_cv_func_realloc_0_nonnull+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test "$cross_compiling" = yes; then - ac_cv_func_realloc_0_nonnull=no -else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#if defined STDC_HEADERS || defined HAVE_STDLIB_H -# include -#else -char *realloc (); -#endif -int -main () -{ -return ! realloc (0, 0); - ; - return 0; -} -_ACEOF -rm -f conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { ac_try='./conftest$ac_exeext' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_cv_func_realloc_0_nonnull=yes +# Simple Certificate Enrollment Protocol (SCEP) +# Check whether --enable-scep was given. +if test "${enable_scep+set}" = set; then : + enableval=$enable_scep; ENABLED_WOLFSCEP=$enableval else - echo "$as_me: program exited with status $ac_status" >&5 -echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ENABLED_WOLFSCEP=no -( exit $ac_status ) -ac_cv_func_realloc_0_nonnull=no -fi -rm -f core *.core core.conftest.* gmon.out bb.out conftest$ac_exeext conftest.$ac_objext conftest.$ac_ext fi +if test "$ENABLED_WOLFSCEP" = "yes" +then + # Enable prereqs if not already enabled + if test "x$ENABLED_KEYGEN" = "xno" + then + ENABLED_KEYGEN="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_KEY_GEN" + fi + if test "x$ENABLED_CERTGEN" = "xno" + then + ENABLED_CERTGEN="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN" + fi + if test "x$ENABLED_CERTREQ" = "xno" + then + ENABLED_CERTREQ="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ" + fi + if test "x$ENABLED_PKCS7" = "xno" + then + ENABLED_PKCS7="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7" + if test "x$ENABLED_PKCS7" = "xyes"; then + BUILD_PKCS7_TRUE= + BUILD_PKCS7_FALSE='#' +else + BUILD_PKCS7_TRUE='#' + BUILD_PKCS7_FALSE= +fi + fi + AM_CFLAGS="$AM_CFLAGS -DCYASSL_HAVE_WOLFSCEP" fi -{ echo "$as_me:$LINENO: result: $ac_cv_func_realloc_0_nonnull" >&5 -echo "${ECHO_T}$ac_cv_func_realloc_0_nonnull" >&6; } -if test $ac_cv_func_realloc_0_nonnull = yes; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_REALLOC 1 -_ACEOF +# Small Stack +# Check whether --enable-smallstack was given. +if test "${enable_smallstack+set}" = set; then : + enableval=$enable_smallstack; ENABLED_SMALL_STACK=$enableval else - cat >>confdefs.h <<\_ACEOF -#define HAVE_REALLOC 0 -_ACEOF - - case " $LIBOBJS " in - *" realloc.$ac_objext "* ) ;; - *) LIBOBJS="$LIBOBJS realloc.$ac_objext" - ;; -esac + ENABLED_SMALL_STACK=no +fi -cat >>confdefs.h <<\_ACEOF -#define realloc rpl_realloc -_ACEOF +if test "x$ENABLED_SMALL_STACK" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SMALL_STACK" fi +#valgrind +# Check whether --enable-valgrind was given. +if test "${enable_valgrind+set}" = set; then : + enableval=$enable_valgrind; ENABLED_VALGRIND=$enableval +else + ENABLED_VALGRIND=no +fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}gcc", so it can be a program name with args. -set dummy ${ac_tool_prefix}gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +if test "$ENABLED_VALGRIND" = "yes" +then + # Extract the first word of "valgrind", so it can be a program name with args. +set dummy valgrind; ac_word=$2 +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking for $ac_word" >&5 +$as_echo_n "checking for $ac_word... " >&6; } +if ${ac_cv_prog_HAVE_VALGRIND+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. + if test -n "$HAVE_VALGRIND"; then + ac_cv_prog_HAVE_VALGRIND="$HAVE_VALGRIND" # Let the user override the test. else as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="${ac_tool_prefix}gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 + for ac_exec_ext in '' $ac_executable_extensions; do + if as_fn_executable_p "$as_dir/$ac_word$ac_exec_ext"; then + ac_cv_prog_HAVE_VALGRIND="yes" + $as_echo "$as_me:${as_lineno-$LINENO}: found $as_dir/$ac_word$ac_exec_ext" >&5 break 2 fi done -done + done IFS=$as_save_IFS + test -z "$ac_cv_prog_HAVE_VALGRIND" && ac_cv_prog_HAVE_VALGRIND="no" fi fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } +HAVE_VALGRIND=$ac_cv_prog_HAVE_VALGRIND +if test -n "$HAVE_VALGRIND"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $HAVE_VALGRIND" >&5 +$as_echo "$HAVE_VALGRIND" >&6; } else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: result: no" >&5 +$as_echo "no" >&6; } fi + + if test "$HAVE_VALGRIND" = "no" + then + as_fn_error $? "Valgrind not found." "$LINENO" 5 + fi + enable_shared=no + enable_static=yes + AM_CFLAGS="$AM_CFLAGS -DHAVE_VALGRIND" fi -if test -z "$ac_cv_prog_CC"; then - ac_ct_CC=$CC - # Extract the first word of "gcc", so it can be a program name with args. -set dummy gcc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + + if test "x$ENABLED_VALGRIND" = "xyes"; then + USE_VALGRIND_TRUE= + USE_VALGRIND_FALSE='#' else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. + USE_VALGRIND_TRUE='#' + USE_VALGRIND_FALSE= +fi + + + +# Test certs, use internal cert functions for extra testing +# Check whether --enable-testcert was given. +if test "${enable_testcert+set}" = set; then : + enableval=$enable_testcert; ENABLED_TESTCERT=$enableval else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CC="gcc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS + ENABLED_TESTCERT=no fi + + +if test "$ENABLED_TESTCERT" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_TEST_CERT" fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } + + +# I/O Pool, an example to show user how to override memory handler and use +# a pool for the input/output buffer requests +# Check whether --enable-iopool was given. +if test "${enable_iopool+set}" = set; then : + enableval=$enable_iopool; ENABLED_IOPOOL=$enableval else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + ENABLED_IOPOOL=no + fi - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi + +if test "$ENABLED_IOPOOL" = "yes" +then + if test "$thread_ls_on" = "no" + then + as_fn_error $? "I/O Pool example requires Thread Local Storage" "$LINENO" 5 + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_IO_POOL -DXMALLOC_USER" +fi + + +# Certificate Service Support +# Check whether --enable-certservice was given. +if test "${enable_certservice+set}" = set; then : + enableval=$enable_certservice; ENABLED_CERT_SERVICE=$enableval else - CC="$ac_cv_prog_CC" + ENABLED_CERT_SERVICE=no + fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - # Extract the first word of "${ac_tool_prefix}cc", so it can be a program name with args. -set dummy ${ac_tool_prefix}cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +if test "$ENABLED_CERT_SERVICE" = "yes" +then + # Requires ecc,certgen, and opensslextra make sure on + if test "x$ENABLED_CERTGEN" = "xno" + then + ENABLED_CERTGEN="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN" + fi + if test "x$ENABLED_ECC" = "xno" + then + ENABLED_ECC="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR" + if test "x$ENABLED_ECC" = "xyes"; then + BUILD_ECC_TRUE= + BUILD_ECC_FALSE='#' else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. + BUILD_ECC_TRUE='#' + BUILD_ECC_FALSE= +fi + + fi + if test "x$ENABLED_OPENSSLEXTRA" = "xno" + then + ENABLED_OPENSSLEXTRA="yes" + AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" + fi + AM_CFLAGS="$AM_CFLAGS -DCYASSL_HAVE_CERT_SERVICE" +fi + + +# set fastmath default +FASTMATH_DEFAULT=no + +if test "$host_cpu" = "x86_64" +then +FASTMATH_DEFAULT=yes +fi + +# fastmath +# Check whether --enable-fastmath was given. +if test "${enable_fastmath+set}" = set; then : + enableval=$enable_fastmath; ENABLED_FASTMATH=$enableval else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="${ac_tool_prefix}cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS + ENABLED_FASTMATH=$FASTMATH_DEFAULT fi + + +if test "x$ENABLED_FASTMATH" = "xyes" +then + # turn off fastmth if leanpsk on or asn off + if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no" + then + ENABLED_FASTMATH=no + else + AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH" + ENABLED_SLOWMATH="no" + fi fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } + + +# fast HUGE math +# Check whether --enable-fasthugemath was given. +if test "${enable_fasthugemath+set}" = set; then : + enableval=$enable_fasthugemath; ENABLED_FASTHUGEMATH=$enableval else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + ENABLED_FASTHUGEMATH=no + fi - fi +if test "$ENABLED_BUMP" = "yes" +then + ENABLED_FASTHUGEMATH="yes" fi -if test -z "$CC"; then - # Extract the first word of "cc", so it can be a program name with args. -set dummy cc; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +if test "$ENABLED_FASTHUGEMATH" = "yes" +then + ENABLED_FASTMATH="yes" + AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH" + ENABLED_SLOWMATH="no" +fi + + if test "x$ENABLED_FASTMATH" = "xyes"; then + BUILD_FASTMATH_TRUE= + BUILD_FASTMATH_FALSE='#' else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. + BUILD_FASTMATH_TRUE='#' + BUILD_FASTMATH_FALSE= +fi + + if test "x$ENABLED_SLOWMATH" = "xyes"; then + BUILD_SLOWMATH_TRUE= + BUILD_SLOWMATH_FALSE='#' else - ac_prog_rejected=no -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - if test "$as_dir/$ac_word$ac_exec_ext" = "/usr/ucb/cc"; then - ac_prog_rejected=yes - continue - fi - ac_cv_prog_CC="cc" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS + BUILD_SLOWMATH_TRUE='#' + BUILD_SLOWMATH_FALSE= +fi + + + +# Enable Examples, used to disable examples +# Check whether --enable-examples was given. +if test "${enable_examples+set}" = set; then : + enableval=$enable_examples; ENABLED_EXAMPLES=$enableval +else + ENABLED_EXAMPLES=yes -if test $ac_prog_rejected = yes; then - # We found a bogon in the path, so make sure we never use it. - set dummy $ac_cv_prog_CC - shift - if test $# != 0; then - # We chose a different compiler from the bogus one. - # However, it has the same basename, so the bogon will be chosen - # first if we set CC to just the basename; use the full file name. - shift - ac_cv_prog_CC="$as_dir/$ac_word${1+' '}$@" - fi fi + + +if test "x$ENABLED_FILESYSTEM" = "xno"; then : + ENABLED_EXAMPLES="no" fi +if test "x$ENABLED_INLINE" = "xno"; then : + ENABLED_EXAMPLES="no" fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } +# certs still have sha signatures for now +if test "x$ENABLED_SHA" = "xno"; then : + ENABLED_EXAMPLES="no" +fi + if test "x$ENABLED_EXAMPLES" = "xyes"; then + BUILD_EXAMPLES_TRUE= + BUILD_EXAMPLES_FALSE='#' +else + BUILD_EXAMPLES_TRUE='#' + BUILD_EXAMPLES_FALSE= +fi + + + +# LIBZ +ENABLED_LIBZ="no" +trylibzdir="" + +# Check whether --with-libz was given. +if test "${with_libz+set}" = set; then : + withval=$with_libz; + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for libz" >&5 +$as_echo_n "checking for libz... " >&6; } + CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ" + LIBS="$LIBS -lz" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ + deflateInit(0, 8); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + libz_linked=yes +else + libz_linked=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + if test "x$libz_linked" == "xno" ; then + if test "x$withval" != "xno" ; then + trylibzdir=$withval + fi + if test "x$withval" == "xyes" ; then + trylibzdir="/usr" + fi + + AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib" + CPPFLAGS="$CPPFLAGS -I$trylibzdir/include" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include +int +main () +{ + deflateInit(0, 8); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + libz_linked=yes else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + libz_linked=no fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + if test "x$libz_linked" == "xno" ; then + as_fn_error $? "libz isn't found. + If it's already installed, specify its path using --with-libz=/dir/" "$LINENO" 5 + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + else + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + fi + ENABLED_LIBZ="yes" fi -if test -z "$CC"; then - if test -n "$ac_tool_prefix"; then - for ac_prog in cl.exe - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CC"; then - ac_cv_prog_CC="$CC" # Let the user override the test. + + if test "x$ENABLED_LIBZ" = "xyes"; then + BUILD_LIBZ_TRUE= + BUILD_LIBZ_FALSE='#' else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CC="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS + BUILD_LIBZ_TRUE='#' + BUILD_LIBZ_FALSE= +fi + + + +# cavium +trycaviumdir="" + +# Check whether --with-cavium was given. +if test "${with_cavium+set}" = set; then : + withval=$with_cavium; + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for cavium" >&5 +$as_echo_n "checking for cavium... " >&6; } + CPPFLAGS="$CPPFLAGS -DHAVE_CAVIUM" + + if test "x$withval" == "xyes" ; then + as_fn_error $? "need a PATH for --with-cavium" "$LINENO" 5 + fi + if test "x$withval" != "xno" ; then + trycaviumdir=$withval + fi + LDFLAGS="$AM_LDFLAGS $trycaviumdir/api/cavium_common.o" + CPPFLAGS="$CPPFLAGS -I$trycaviumdir/include" + + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +#include "cavium_common.h" +int +main () +{ + CspShutdown(CAVIUM_DEV_ID); + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + cavium_linked=yes +else + cavium_linked=no fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + + if test "x$cavium_linked" == "xno" ; then + as_fn_error $? "cavium isn't found. + If it's already installed, specify its path using --with-cavium=/dir/" "$LINENO" 5 + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: yes" >&5 +$as_echo "yes" >&6; } + enable_shared=no + enable_static=yes + + fi -CC=$ac_cv_prog_CC -if test -n "$CC"; then - { echo "$as_me:$LINENO: result: $CC" >&5 -echo "${ECHO_T}$CC" >&6; } + + + +# microchip api +# Check whether --enable-mcapi was given. +if test "${enable_mcapi+set}" = set; then : + enableval=$enable_mcapi; ENABLED_MCAPI=$enableval else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + ENABLED_MCAPI=no + fi - test -n "$CC" && break - done +if test "$ENABLED_MCAPI" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT" +fi + +if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_SHA512" = "no" +then + as_fn_error $? "please enable sha512 if enabling mcapi." "$LINENO" 5 fi -if test -z "$CC"; then - ac_ct_CC=$CC - for ac_prog in cl.exe -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CC"; then - ac_cv_prog_ac_ct_CC="$ac_ct_CC" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CC="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS +if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_ECC" = "no" +then + as_fn_error $? "please enable ecc if enabling mcapi." "$LINENO" 5 fi + +if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_LIBZ" = "no" +then + as_fn_error $? "please use --with-libz if enabling mcapi." "$LINENO" 5 fi -ac_ct_CC=$ac_cv_prog_ac_ct_CC -if test -n "$ac_ct_CC"; then - { echo "$as_me:$LINENO: result: $ac_ct_CC" >&5 -echo "${ECHO_T}$ac_ct_CC" >&6; } + + if test "x$ENABLED_MCAPI" = "xyes"; then + BUILD_MCAPI_TRUE= + BUILD_MCAPI_FALSE='#' else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + BUILD_MCAPI_TRUE='#' + BUILD_MCAPI_FALSE= fi - test -n "$ac_ct_CC" && break -done - if test "x$ac_ct_CC" = x; then - CC="" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CC=$ac_ct_CC - fi -fi +# OPTIMIZE FLAGS +if test "$GCC" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused" + if test "$ax_enable_debug" = "no" + then + if test "$ENABLED_FASTMATH" = "yes" + then + AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS" + if test "$ENABLED_FASTHUGEMATH" = "yes" + then + AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS" + fi + else + AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS" + fi + fi fi +# ICC command line warning for non supported warning flags +if test "$CC" = "icc" +then + AM_CFLAGS="$AM_CFLAGS -wd10006" +fi -test -z "$CC" && { { echo "$as_me:$LINENO: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&5 -echo "$as_me: error: no acceptable C compiler found in \$PATH -See \`config.log' for more details." >&2;} - { (exit 1); exit 1; }; } -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ echo "$as_me:$LINENO: checking whether we are using the GNU C compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C compiler... $ECHO_C" >&6; } -if test "${ac_cv_c_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing gethostbyname" >&5 +$as_echo_n "checking for library containing gethostbyname... " >&6; } +if ${ac_cv_search_gethostbyname+:} false; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char gethostbyname (); int main () { -#ifndef __GNUC__ - choke me -#endif - +return gethostbyname (); ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes +for ac_lib in '' nsl; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_gethostbyname=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_gethostbyname+:} false; then : + break +fi +done +if ${ac_cv_search_gethostbyname+:} false; then : + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_search_gethostbyname=no +fi +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_gethostbyname" >&5 +$as_echo "$ac_cv_search_gethostbyname" >&6; } +ac_res=$ac_cv_search_gethostbyname +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" - ac_compiler_gnu=no fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_c_compiler_gnu=$ac_compiler_gnu + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for library containing socket" >&5 +$as_echo_n "checking for library containing socket... " >&6; } +if ${ac_cv_search_socket+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_func_search_save_LIBS=$LIBS +cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char socket (); +int +main () +{ +return socket (); + ; + return 0; +} +_ACEOF +for ac_lib in '' socket; do + if test -z "$ac_lib"; then + ac_res="none required" + else + ac_res=-l$ac_lib + LIBS="-l$ac_lib $ac_func_search_save_LIBS" + fi + if ac_fn_c_try_link "$LINENO"; then : + ac_cv_search_socket=$ac_res +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext + if ${ac_cv_search_socket+:} false; then : + break +fi +done +if ${ac_cv_search_socket+:} false; then : +else + ac_cv_search_socket=no fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_c_compiler_gnu" >&6; } -GCC=`test $ac_compiler_gnu = yes && echo yes` -ac_test_CFLAGS=${CFLAGS+set} -ac_save_CFLAGS=$CFLAGS -{ echo "$as_me:$LINENO: checking whether $CC accepts -g" >&5 -echo $ECHO_N "checking whether $CC accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +rm conftest.$ac_ext +LIBS=$ac_func_search_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_search_socket" >&5 +$as_echo "$ac_cv_search_socket" >&6; } +ac_res=$ac_cv_search_socket +if test "$ac_res" != no; then : + test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" + else - ac_save_c_werror_flag=$ac_c_werror_flag - ac_c_werror_flag=yes - ac_cv_prog_cc_g=no - CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for socket in -lsocket" >&5 +$as_echo_n "checking for socket in -lsocket... " >&6; } +if ${ac_cv_lib_socket_socket+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_check_lib_save_LIBS=$LIBS +LIBS="-lsocket -lnsl $LIBS" +cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ +/* Override any GCC internal prototype to avoid an error. + Use char because int might match the return type of a GCC + builtin and then its argument prototype would still apply. */ +#ifdef __cplusplus +extern "C" +#endif +char socket (); int main () { - +return socket (); ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_g=yes +if ac_fn_c_try_link "$LINENO"; then : + ac_cv_lib_socket_socket=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + ac_cv_lib_socket_socket=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext +LIBS=$ac_check_lib_save_LIBS +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_lib_socket_socket" >&5 +$as_echo "$ac_cv_lib_socket_socket" >&6; } +if test "x$ac_cv_lib_socket_socket" = xyes; then : + LIBS="-lsocket -lnsl $LIBS" +fi - CFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +fi + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts " >&5 +$as_echo_n "checking whether C compiler accepts ... " >&6; } +if ${ax_cv_check_cflags__+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS " + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -20113,35 +21092,57 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then +if ac_fn_c_try_compile "$LINENO"; then : + ax_cv_check_cflags__=yes +else + ax_cv_check_cflags__=no +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_cflags__" >&5 +$as_echo "$ax_cv_check_cflags__" >&6; } +if test x"$ax_cv_check_cflags__" = xyes; then : : else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + : +fi - ac_c_werror_flag=$ac_save_c_werror_flag - CFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains "; } >&5 + (: CFLAGS already contains ) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \""; } >&5 + (: CFLAGS="$CFLAGS ") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS " + ;; + esac +else + CFLAGS="" +fi + + + +for flag in ; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -20152,303 +21153,162 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_g=yes +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + eval "$as_CACHEVAR=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_c_werror_flag=$ac_save_c_werror_flag -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cc_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_g" >&6; } -if test "$ac_test_CFLAGS" = set; then - CFLAGS=$ac_save_CFLAGS -elif test $ac_cv_prog_cc_g = yes; then - if test "$GCC" = yes; then - CFLAGS="-g -O2" - else - CFLAGS="-g" - fi else - if test "$GCC" = yes; then - CFLAGS="-O2" - else - CFLAGS= - fi + : fi -{ echo "$as_me:$LINENO: checking for $CC option to accept ISO C89" >&5 -echo $ECHO_N "checking for $CC option to accept ISO C89... $ECHO_C" >&6; } -if test "${ac_cv_prog_cc_c89+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - ac_cv_prog_cc_c89=no -ac_save_CC=$CC -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF -/* end confdefs.h. */ -#include -#include -#include -#include -/* Most of the following tests are stolen from RCS 5.7's src/conf.sh. */ -struct buf { int x; }; -FILE * (*rcsopen) (struct buf *, struct stat *, int); -static char *e (p, i) - char **p; - int i; -{ - return p[i]; -} -static char *f (char * (*g) (char **, int), char **p, ...) -{ - char *s; - va_list v; - va_start (v,p); - s = g (p, va_arg (v,int)); - va_end (v); - return s; -} -/* OSF 4.0 Compaq cc is some sort of almost-ANSI by default. It has - function prototypes and stuff, but not '\xHH' hex character constants. - These don't provoke an error unfortunately, instead are silently treated - as 'x'. The following induces an error, until -std is added to get - proper ANSI mode. Curiously '\x00'!='x' always comes out true, for an - array size at least. It's necessary to write '\x00'==0 to get something - that's true only with -std. */ -int osf4_cc_array ['\x00' == 0 ? 1 : -1]; +done -/* IBM C 6 for AIX is almost-ANSI by default, but it replaces macro parameters - inside strings and character constants. */ -#define FOO(x) 'x' -int xlc6_cc_array[FOO(a) == 'x' ? 1 : -1]; +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts " >&5 +$as_echo_n "checking whether the linker accepts ... " >&6; } +if ${ax_cv_check_ldflags__+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS " + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ -int test (int i, double x); -struct s1 {int (*f) (int a);}; -struct s2 {int (*f) (double a);}; -int pairnames (int, char **, FILE *(*)(struct buf *, struct stat *, int), int, int); -int argc; -char **argv; int main () { -return f (e, argv, 0) != argv[0] || f (e, argv, 1) != argv[1]; + ; return 0; } _ACEOF -for ac_arg in '' -qlanglvl=extc89 -qlanglvl=ansi -std \ - -Ae "-Aa -D_HPUX_SOURCE" "-Xc -D__EXTENSIONS__" -do - CC="$ac_save_CC $ac_arg" - rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cc_c89=$ac_arg +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags__=yes else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + ax_cv_check_ldflags__=no +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags__" >&5 +$as_echo "$ax_cv_check_ldflags__" >&6; } +if test x"$ax_cv_check_ldflags__" = xyes; then : + : +else + : fi -rm -f core conftest.err conftest.$ac_objext - test "x$ac_cv_prog_cc_c89" != "xno" && break -done -rm -f conftest.$ac_ext -CC=$ac_save_CC + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for vcs system" >&5 +$as_echo_n "checking for vcs system... " >&6; } +if ${ac_cv_vcs_system+:} false; then : + $as_echo_n "(cached) " >&6 +else + ac_cv_vcs_system="none" + if test -d ".bzr"; then : + ac_cv_vcs_system="bazaar" +fi + if test -d ".svn"; then : + ac_cv_vcs_system="svn" +fi + if test -d ".hg"; then : + ac_cv_vcs_system="mercurial" +fi + if test -d ".git"; then : + ac_cv_vcs_system="git" +fi fi -# AC_CACHE_VAL -case "x$ac_cv_prog_cc_c89" in - x) - { echo "$as_me:$LINENO: result: none needed" >&5 -echo "${ECHO_T}none needed" >&6; } ;; - xno) - { echo "$as_me:$LINENO: result: unsupported" >&5 -echo "${ECHO_T}unsupported" >&6; } ;; - *) - CC="$CC $ac_cv_prog_cc_c89" - { echo "$as_me:$LINENO: result: $ac_cv_prog_cc_c89" >&5 -echo "${ECHO_T}$ac_cv_prog_cc_c89" >&6; } ;; -esac +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_vcs_system" >&5 +$as_echo "$ac_cv_vcs_system" >&6; } +cat >>confdefs.h <<_ACEOF +#define VCS_SYSTEM "$ac_cv_vcs_system" +_ACEOF -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -depcc="$CC" am_compiler_list= -{ echo "$as_me:$LINENO: checking dependency style of $depcc" >&5 -echo $ECHO_N "checking dependency style of $depcc... $ECHO_C" >&6; } -if test "${am_cv_CC_dependencies_compiler_type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + { $as_echo "$as_me:${as_lineno-$LINENO}: checking for vcs checkout" >&5 +$as_echo_n "checking for vcs checkout... " >&6; } +if ${ac_cv_vcs_checkout+:} false; then : + $as_echo_n "(cached) " >&6 else - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then - # We make a subdir and do the tests there. Otherwise we can end up - # making bogus files that we don't know about and never remove. For - # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named `D' -- because `-MD' means `put the output - # in D'. - mkdir conftest.dir - # Copy depcomp to subdir because otherwise we won't find it if we're - # using a relative directory. - cp "$am_depcomp" conftest.dir - cd conftest.dir - # We will build objects and dependencies in a subdirectory because - # it helps to detect inapplicable dependency modes. For instance - # both Tru64's cc and ICC support -MD to output dependencies as a - # side effect of compilation, but ICC will put the dependencies in - # the current directory while Tru64 will put them in the object - # directory. - mkdir sub - - am_cv_CC_dependencies_compiler_type=none - if test "$am_compiler_list" = ""; then - am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` - fi - for depmode in $am_compiler_list; do - # Setup a source with many dependencies, because some compilers - # like to wrap large dependency lists on column 80 (with \), and - # we should not choose a depcomp mode which is confused by this. - # - # We need to recreate these files for each test, as the compiler may - # overwrite some of them when testing with obscure command lines. - # This happens at least with the AIX C compiler. - : > sub/conftest.c - for i in 1 2 3 4 5 6; do - echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with - # Solaris 8's {/usr,}/bin/sh. - touch sub/conftst$i.h - done - echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf - - case $depmode in - nosideeffect) - # after this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested - if test "x$enable_dependency_tracking" = xyes; then - continue - else - break - fi - ;; - none) break ;; - esac - # We check with `-c' and `-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle `-M -o', and we need to detect this. - if depmode=$depmode \ - source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ - depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ - >/dev/null 2>conftest.err && - grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && - ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - # icc doesn't choke on unknown options, it will just issue warnings - # or remarks (even with -Werror). So we grep stderr for any message - # that says an option was ignored or not supported. - # When given -MP, icc 7.0 and 7.1 complain thusly: - # icc: Command line warning: ignoring option '-M'; no argument required - # The diagnosis changed in icc 8.0: - # icc: Command line remark: option '-MP' not supported - if (grep 'ignoring option' conftest.err || - grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else - am_cv_CC_dependencies_compiler_type=$depmode - break - fi - fi - done - - cd .. - rm -rf conftest.dir + if test "x$ac_cv_vcs_system" != "xnone"; then : + ac_cv_vcs_checkout=yes else - am_cv_CC_dependencies_compiler_type=none + ac_cv_vcs_checkout=no fi fi -{ echo "$as_me:$LINENO: result: $am_cv_CC_dependencies_compiler_type" >&5 -echo "${ECHO_T}$am_cv_CC_dependencies_compiler_type" >&6; } -CCDEPMODE=depmode=$am_cv_CC_dependencies_compiler_type - - if - test "x$enable_dependency_tracking" != xno \ - && test "$am_cv_CC_dependencies_compiler_type" = gcc3; then - am__fastdepCC_TRUE= - am__fastdepCC_FALSE='#' +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_cv_vcs_checkout" >&5 +$as_echo "$ac_cv_vcs_checkout" >&6; } + + if test "x$ac_cv_vcs_checkout" = "xyes"; then + IS_VCS_CHECKOUT_TRUE= + IS_VCS_CHECKOUT_FALSE='#' else - am__fastdepCC_TRUE='#' - am__fastdepCC_FALSE= + IS_VCS_CHECKOUT_TRUE='#' + IS_VCS_CHECKOUT_FALSE= fi + if test "x$ac_cv_vcs_checkout" = "xyes"; then : + +$as_echo "#define VCS_CHECKOUT 1" >>confdefs.h -if test "x$CC" != xcc; then - { echo "$as_me:$LINENO: checking whether $CC and cc understand -c and -o together" >&5 -echo $ECHO_N "checking whether $CC and cc understand -c and -o together... $ECHO_C" >&6; } else - { echo "$as_me:$LINENO: checking whether cc understands -c and -o together" >&5 -echo $ECHO_N "checking whether cc understands -c and -o together... $ECHO_C" >&6; } + +$as_echo "#define VCS_CHECKOUT 0" >>confdefs.h + fi -set dummy $CC; ac_cc=`echo $2 | - sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` -if { as_var=ac_cv_prog_cc_${ac_cc}_c_o; eval "test \"\${$as_var+set}\" = set"; }; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + + + + + + + AX_HARDEN_LIB= + ax_append_compile_link_flags_extra= + if test "x$ac_cv_vcs_checkout" = "xyes"; then : + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Werror" >&5 +$as_echo_n "checking whether the linker accepts -Werror... " >&6; } +if ${ax_cv_check_ldflags___Werror+:} false; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -Werror" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -20459,311 +21319,120 @@ main () return 0; } _ACEOF -# Make sure it works both with $CC and with simple cc. -# We do the test twice because some compilers refuse to overwrite an -# existing .o file with -o, though they will create one. -ac_try='$CC -c conftest.$ac_ext -o conftest2.$ac_objext >&5' -rm -f conftest2.* -if { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - test -f conftest2.$ac_objext && { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; -then - eval ac_cv_prog_cc_${ac_cc}_c_o=yes - if test "x$CC" != xcc; then - # Test first that cc exists at all. - if { ac_try='cc -c conftest.$ac_ext >&5' - { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; }; then - ac_try='cc -c conftest.$ac_ext -o conftest2.$ac_objext >&5' - rm -f conftest2.* - if { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && - test -f conftest2.$ac_objext && { (case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_try") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); }; - then - # cc works too. - : - else - # cc exists but doesn't like -o. - eval ac_cv_prog_cc_${ac_cc}_c_o=no - fi - fi - fi +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___Werror=yes else - eval ac_cv_prog_cc_${ac_cc}_c_o=no + ax_cv_check_ldflags___Werror=no fi -rm -f -r core conftest* - +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags fi -if eval test \$ac_cv_prog_cc_${ac_cc}_c_o = yes; then - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } -else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Werror" >&5 +$as_echo "$ax_cv_check_ldflags___Werror" >&6; } +if test x"$ax_cv_check_ldflags___Werror" = xyes; then : -cat >>confdefs.h <<\_ACEOF -#define NO_MINUS_C_MINUS_O 1 -_ACEOF + AX_HARDEN_LIB="-Werror $AX_HARDEN_LIB" +else + : fi -ac_ext=cpp -ac_cpp='$CXXCPP $CPPFLAGS' -ac_compile='$CXX -c $CXXFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CXX -o conftest$ac_exeext $CXXFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_cxx_compiler_gnu -if test -z "$CXX"; then - if test -n "$CCC"; then - CXX=$CCC - else - if test -n "$ac_tool_prefix"; then - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC - do - # Extract the first word of "$ac_tool_prefix$ac_prog", so it can be a program name with args. -set dummy $ac_tool_prefix$ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$CXX"; then - ac_cv_prog_CXX="$CXX" # Let the user override the test. + else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_CXX="$ac_tool_prefix$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS -fi -fi -CXX=$ac_cv_prog_CXX -if test -n "$CXX"; then - { echo "$as_me:$LINENO: result: $CXX" >&5 -echo "${ECHO_T}$CXX" >&6; } + { $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -Werror" >&5 +$as_echo_n "checking whether the linker accepts -Werror... " >&6; } +if ${ax_cv_check_ldflags___Werror+:} false; then : + $as_echo_n "(cached) " >&6 else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS -Werror" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - test -n "$CXX" && break - done -fi -if test -z "$CXX"; then - ac_ct_CXX=$CXX - for ac_prog in g++ c++ gpp aCC CC cxx cc++ cl.exe FCC KCC RCC xlC_r xlC -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ac_ct_CXX+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ac_ct_CXX"; then - ac_cv_prog_ac_ct_CXX="$ac_ct_CXX" # Let the user override the test. -else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ac_ct_CXX="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS +int +main () +{ -fi -fi -ac_ct_CXX=$ac_cv_prog_ac_ct_CXX -if test -n "$ac_ct_CXX"; then - { echo "$as_me:$LINENO: result: $ac_ct_CXX" >&5 -echo "${ECHO_T}$ac_ct_CXX" >&6; } + ; + return 0; +} +_ACEOF +if ac_fn_c_try_link "$LINENO"; then : + ax_cv_check_ldflags___Werror=yes else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + ax_cv_check_ldflags___Werror=no fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: $ax_cv_check_ldflags___Werror" >&5 +$as_echo "$ax_cv_check_ldflags___Werror" >&6; } +if test x"$ax_cv_check_ldflags___Werror" = xyes; then : + ax_append_compile_link_flags_extra='-Werror' - test -n "$ac_ct_CXX" && break -done - - if test "x$ac_ct_CXX" = x; then - CXX="g++" - else - case $cross_compiling:$ac_tool_warned in -yes:) -{ echo "$as_me:$LINENO: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&5 -echo "$as_me: WARNING: In the future, Autoconf will not detect cross-tools -whose name does not start with the host triplet. If you think this -configuration is useful to you, please write to autoconf@gnu.org." >&2;} -ac_tool_warned=yes ;; -esac - CXX=$ac_ct_CXX - fi +else + : fi - fi + fi -# Provide some information about the compiler. -echo "$as_me:$LINENO: checking for C++ compiler version" >&5 -ac_compiler=`set X $ac_compile; echo $2` -{ (ac_try="$ac_compiler --version >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler --version >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -v >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -v >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ (ac_try="$ac_compiler -V >&5" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compiler -V >&5") 2>&5 - ac_status=$? - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } -{ echo "$as_me:$LINENO: checking whether we are using the GNU C++ compiler" >&5 -echo $ECHO_N "checking whether we are using the GNU C++ compiler... $ECHO_C" >&6; } -if test "${ac_cv_cxx_compiler_gnu+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + as_CACHEVAR=`$as_echo "ax_cv_check_ldflags_$ax_append_compile_link_flags_extra_-z relro -z now" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -z relro -z now" >&5 +$as_echo_n "checking whether the linker accepts -z relro -z now... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS $ax_append_compile_link_flags_extra -z relro -z now" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int main () { -#ifndef __GNUC__ - choke me -#endif ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_compiler_gnu=yes +if ac_fn_c_try_link "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_compiler_gnu=no + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -ac_cv_cxx_compiler_gnu=$ac_compiler_gnu + AX_HARDEN_LIB="-z relro -z now $AX_HARDEN_LIB" +else + : fi -{ echo "$as_me:$LINENO: result: $ac_cv_cxx_compiler_gnu" >&5 -echo "${ECHO_T}$ac_cv_cxx_compiler_gnu" >&6; } -GXX=`test $ac_compiler_gnu = yes && echo yes` -ac_test_CXXFLAGS=${CXXFLAGS+set} -ac_save_CXXFLAGS=$CXXFLAGS -{ echo "$as_me:$LINENO: checking whether $CXX accepts -g" >&5 -echo $ECHO_N "checking whether $CXX accepts -g... $ECHO_C" >&6; } -if test "${ac_cv_prog_cxx_g+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + + + as_CACHEVAR=`$as_echo "ax_cv_check_ldflags_$ax_append_compile_link_flags_extra_-pie" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether the linker accepts -pie" >&5 +$as_echo_n "checking whether the linker accepts -pie... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_save_cxx_werror_flag=$ac_cxx_werror_flag - ac_cxx_werror_flag=yes - ac_cv_prog_cxx_g=no - CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS $ax_append_compile_link_flags_extra -pie" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -20774,34 +21443,58 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cxx_g=yes +if ac_fn_c_try_link "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext \ + conftest$ac_exeext conftest.$ac_ext + LDFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : - CXXFLAGS="" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + AX_HARDEN_LIB="-pie $AX_HARDEN_LIB" + +else + : +fi + + + LIB="$LIB $AX_HARDEN_LIB" + + + + + + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu + + + CFLAGS= + ac_cv_warnings_as_errors=no + ax_append_compile_cflags_extra= + if test "$ac_cv_vcs_checkout" = "yes"; then : + + + +for flag in -Werror; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -20812,35 +21505,63 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" +fi + +else : +fi + +done + + ac_cv_warnings_as_errors=yes + else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - ac_cxx_werror_flag=$ac_save_cxx_werror_flag - CXXFLAGS="-g" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + +for flag in -Werror; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ int @@ -20851,2395 +21572,2661 @@ main () return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_cxx_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_prog_cxx_g=yes +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext -fi - -rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + eval "$as_CACHEVAR=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - ac_cxx_werror_flag=$ac_save_cxx_werror_flag -fi -{ echo "$as_me:$LINENO: result: $ac_cv_prog_cxx_g" >&5 -echo "${ECHO_T}$ac_cv_prog_cxx_g" >&6; } -if test "$ac_test_CXXFLAGS" = set; then - CXXFLAGS=$ac_save_CXXFLAGS -elif test $ac_cv_prog_cxx_g = yes; then - if test "$GXX" = yes; then - CXXFLAGS="-g -O2" - else - CXXFLAGS="-g" - fi + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${ax_append_compile_cflags_extra+:} false; then : + case " $ax_append_compile_cflags_extra " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : ax_append_compile_cflags_extra already contains \$flag"; } >&5 + (: ax_append_compile_cflags_extra already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : ax_append_compile_cflags_extra=\"\$ax_append_compile_cflags_extra \$flag\""; } >&5 + (: ax_append_compile_cflags_extra="$ax_append_compile_cflags_extra $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ax_append_compile_cflags_extra="$ax_append_compile_cflags_extra $flag" + ;; + esac else - if test "$GXX" = yes; then - CXXFLAGS="-O2" - else - CXXFLAGS= - fi + ax_append_compile_cflags_extra="$flag" fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu - -depcc="$CXX" am_compiler_list= -{ echo "$as_me:$LINENO: checking dependency style of $depcc" >&5 -echo $ECHO_N "checking dependency style of $depcc... $ECHO_C" >&6; } -if test "${am_cv_CXX_dependencies_compiler_type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 else - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then - # We make a subdir and do the tests there. Otherwise we can end up - # making bogus files that we don't know about and never remove. For - # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named `D' -- because `-MD' means `put the output - # in D'. - mkdir conftest.dir - # Copy depcomp to subdir because otherwise we won't find it if we're - # using a relative directory. - cp "$am_depcomp" conftest.dir - cd conftest.dir - # We will build objects and dependencies in a subdirectory because - # it helps to detect inapplicable dependency modes. For instance - # both Tru64's cc and ICC support -MD to output dependencies as a - # side effect of compilation, but ICC will put the dependencies in - # the current directory while Tru64 will put them in the object - # directory. - mkdir sub + : +fi - am_cv_CXX_dependencies_compiler_type=none - if test "$am_compiler_list" = ""; then - am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` - fi - for depmode in $am_compiler_list; do - # Setup a source with many dependencies, because some compilers - # like to wrap large dependency lists on column 80 (with \), and - # we should not choose a depcomp mode which is confused by this. - # - # We need to recreate these files for each test, as the compiler may - # overwrite some of them when testing with obscure command lines. - # This happens at least with the AIX C compiler. - : > sub/conftest.c - for i in 1 2 3 4 5 6; do - echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with - # Solaris 8's {/usr,}/bin/sh. - touch sub/conftst$i.h - done - echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf +done - case $depmode in - nosideeffect) - # after this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested - if test "x$enable_dependency_tracking" = xyes; then - continue - else - break - fi - ;; - none) break ;; - esac - # We check with `-c' and `-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle `-M -o', and we need to detect this. - if depmode=$depmode \ - source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ - depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ - >/dev/null 2>conftest.err && - grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && - ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - # icc doesn't choke on unknown options, it will just issue warnings - # or remarks (even with -Werror). So we grep stderr for any message - # that says an option was ignored or not supported. - # When given -MP, icc 7.0 and 7.1 complain thusly: - # icc: Command line warning: ignoring option '-M'; no argument required - # The diagnosis changed in icc 8.0: - # icc: Command line remark: option '-MP' not supported - if (grep 'ignoring option' conftest.err || - grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else - am_cv_CXX_dependencies_compiler_type=$depmode - break - fi - fi - done - cd .. - rm -rf conftest.dir -else - am_cv_CXX_dependencies_compiler_type=none fi -fi -{ echo "$as_me:$LINENO: result: $am_cv_CXX_dependencies_compiler_type" >&5 -echo "${ECHO_T}$am_cv_CXX_dependencies_compiler_type" >&6; } -CXXDEPMODE=depmode=$am_cv_CXX_dependencies_compiler_type + if test "$ax_enable_debug" = "yes"; then : - if - test "x$enable_dependency_tracking" != xno \ - && test "$am_cv_CXX_dependencies_compiler_type" = gcc3; then - am__fastdepCXX_TRUE= - am__fastdepCXX_FALSE='#' -else - am__fastdepCXX_TRUE='#' - am__fastdepCXX_FALSE= -fi -# Find a good install program. We prefer a C program (faster), -# so one script is as good as another. But avoid the broken or -# incompatible versions: -# SysV /etc/install, /usr/sbin/install -# SunOS /usr/etc/install -# IRIX /sbin/install -# AIX /bin/install -# AmigaOS /C/install, which installs bootblocks on floppy discs -# AIX 4 /usr/bin/installbsd, which doesn't work without a -g flag -# AFS /usr/afsws/bin/install, which mishandles nonexistent args -# SVR4 /usr/ucb/install, which tries to use the nonexistent group "staff" -# OS/2's system install, which has a completely different semantic -# ./install, which can be erroneously created by make from ./install.sh. -{ echo "$as_me:$LINENO: checking for a BSD-compatible install" >&5 -echo $ECHO_N "checking for a BSD-compatible install... $ECHO_C" >&6; } -if test -z "$INSTALL"; then -if test "${ac_cv_path_install+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +for flag in -g; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags__$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - # Account for people who put trailing slashes in PATH elements. -case $as_dir/ in - ./ | .// | /cC/* | \ - /etc/* | /usr/sbin/* | /usr/etc/* | /sbin/* | /usr/afsws/bin/* | \ - ?:\\/os2\\/install\\/* | ?:\\/OS2\\/INSTALL\\/* | \ - /usr/ucb/* ) ;; - *) - # OSF1 and SCO ODT 3.0 have their own names for install. - # Don't use installbsd from OSF since it installs stuff as root - # by default. - for ac_prog in ginstall scoinst install; do - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_prog$ac_exec_ext" && $as_test_x "$as_dir/$ac_prog$ac_exec_ext"; }; then - if test $ac_prog = install && - grep dspmsg "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # AIX install. It has an incompatible calling convention. - : - elif test $ac_prog = install && - grep pwplus "$as_dir/$ac_prog$ac_exec_ext" >/dev/null 2>&1; then - # program-specific install script used by HP pwplus--don't use. - : - else - ac_cv_path_install="$as_dir/$ac_prog$ac_exec_ext -c" - break 3 - fi - fi - done - done - ;; -esac -done -IFS=$as_save_IFS + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - if test "${ac_cv_path_install+set}" = set; then - INSTALL=$ac_cv_path_install - else - # As a last resort, use the slow shell script. Don't cache a - # value for INSTALL within a source directory, because that will - # break other packages using the cache if that directory is - # removed, or if the value is a relative name. - INSTALL=$ac_install_sh - fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi -{ echo "$as_me:$LINENO: result: $INSTALL" >&5 -echo "${ECHO_T}$INSTALL" >&6; } -# Use test -z because SunOS4 sh mishandles braces in ${var-val}. -# It thinks the first close brace ends the variable substitution. -test -z "$INSTALL_PROGRAM" && INSTALL_PROGRAM='${INSTALL}' +else + : +fi -test -z "$INSTALL_SCRIPT" && INSTALL_SCRIPT='${INSTALL}' +done -test -z "$INSTALL_DATA" && INSTALL_DATA='${INSTALL} -m 644' -{ echo "$as_me:$LINENO: checking for size_t" >&5 -echo $ECHO_N "checking for size_t... $ECHO_C" >&6; } -if test "${ac_cv_type_size_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +for flag in -ggdb; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default -typedef size_t ac__type_new_; + int main () { -if ((ac__type_new_ *) 0) - return 0; -if (sizeof (ac__type_new_)) - return 0; + ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - ac_cv_type_size_t=yes +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_type_size_t=no + eval "$as_CACHEVAR=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi -{ echo "$as_me:$LINENO: result: $ac_cv_type_size_t" >&5 -echo "${ECHO_T}$ac_cv_type_size_t" >&6; } -if test $ac_cv_type_size_t = yes; then - : + else + : +fi -cat >>confdefs.h <<_ACEOF -#define size_t unsigned int -_ACEOF +done -fi - { echo "$as_me:$LINENO: checking for uint8_t" >&5 -echo $ECHO_N "checking for uint8_t... $ECHO_C" >&6; } -if test "${ac_cv_c_uint8_t+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +for flag in -O0; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_cv_c_uint8_t=no - for ac_type in 'uint8_t' 'unsigned int' 'unsigned long int' \ - 'unsigned long long int' 'unsigned short int' 'unsigned char'; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -$ac_includes_default + int main () { -static int test_array [1 - 2 * !(($ac_type) -1 >> (8 - 1) == 1)]; -test_array [0] = 0 ; return 0; } _ACEOF -rm -f conftest.$ac_objext -if { (ac_try="$ac_compile" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_compile") 2>conftest.er1 - ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest.$ac_objext; then - case $ac_type in - uint8_t) ac_cv_c_uint8_t=yes ;; - *) ac_cv_c_uint8_t=$ac_type ;; -esac - +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + eval "$as_CACHEVAR=no" fi - rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext - test "$ac_cv_c_uint8_t" != no && break - done -fi -{ echo "$as_me:$LINENO: result: $ac_cv_c_uint8_t" >&5 -echo "${ECHO_T}$ac_cv_c_uint8_t" >&6; } - case $ac_cv_c_uint8_t in #( - no|yes) ;; #( - *) - -cat >>confdefs.h <<\_ACEOF -#define _UINT8_T 1 -_ACEOF - - -cat >>confdefs.h <<_ACEOF -#define uint8_t $ac_cv_c_uint8_t -_ACEOF -;; - esac - -# By default we simply use the C compiler to build assembly code. - -test "${CCAS+set}" = set || CCAS=$CC -test "${CCASFLAGS+set}" = set || CCASFLAGS=$CFLAGS - - - -depcc="$CCAS" am_compiler_list= - -{ echo "$as_me:$LINENO: checking dependency style of $depcc" >&5 -echo $ECHO_N "checking dependency style of $depcc... $ECHO_C" >&6; } -if test "${am_cv_CCAS_dependencies_compiler_type+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -z "$AMDEP_TRUE" && test -f "$am_depcomp"; then - # We make a subdir and do the tests there. Otherwise we can end up - # making bogus files that we don't know about and never remove. For - # instance it was reported that on HP-UX the gcc test will end up - # making a dummy file named `D' -- because `-MD' means `put the output - # in D'. - mkdir conftest.dir - # Copy depcomp to subdir because otherwise we won't find it if we're - # using a relative directory. - cp "$am_depcomp" conftest.dir - cd conftest.dir - # We will build objects and dependencies in a subdirectory because - # it helps to detect inapplicable dependency modes. For instance - # both Tru64's cc and ICC support -MD to output dependencies as a - # side effect of compilation, but ICC will put the dependencies in - # the current directory while Tru64 will put them in the object - # directory. - mkdir sub - - am_cv_CCAS_dependencies_compiler_type=none - if test "$am_compiler_list" = ""; then - am_compiler_list=`sed -n 's/^#*\([a-zA-Z0-9]*\))$/\1/p' < ./depcomp` - fi - for depmode in $am_compiler_list; do - # Setup a source with many dependencies, because some compilers - # like to wrap large dependency lists on column 80 (with \), and - # we should not choose a depcomp mode which is confused by this. - # - # We need to recreate these files for each test, as the compiler may - # overwrite some of them when testing with obscure command lines. - # This happens at least with the AIX C compiler. - : > sub/conftest.c - for i in 1 2 3 4 5 6; do - echo '#include "conftst'$i'.h"' >> sub/conftest.c - # Using `: > sub/conftst$i.h' creates only sub/conftst1.h with - # Solaris 8's {/usr,}/bin/sh. - touch sub/conftst$i.h - done - echo "${am__include} ${am__quote}sub/conftest.Po${am__quote}" > confmf - - case $depmode in - nosideeffect) - # after this tag, mechanisms are not by side-effect, so they'll - # only be used when explicitly requested - if test "x$enable_dependency_tracking" = xyes; then - continue - else - break - fi + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } ;; - none) break ;; - esac - # We check with `-c' and `-o' for the sake of the "dashmstdout" - # mode. It turns out that the SunPro C++ compiler does not properly - # handle `-M -o', and we need to detect this. - if depmode=$depmode \ - source=sub/conftest.c object=sub/conftest.${OBJEXT-o} \ - depfile=sub/conftest.Po tmpdepfile=sub/conftest.TPo \ - $SHELL ./depcomp $depcc -c -o sub/conftest.${OBJEXT-o} sub/conftest.c \ - >/dev/null 2>conftest.err && - grep sub/conftst1.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftst6.h sub/conftest.Po > /dev/null 2>&1 && - grep sub/conftest.${OBJEXT-o} sub/conftest.Po > /dev/null 2>&1 && - ${MAKE-make} -s -f confmf > /dev/null 2>&1; then - # icc doesn't choke on unknown options, it will just issue warnings - # or remarks (even with -Werror). So we grep stderr for any message - # that says an option was ignored or not supported. - # When given -MP, icc 7.0 and 7.1 complain thusly: - # icc: Command line warning: ignoring option '-M'; no argument required - # The diagnosis changed in icc 8.0: - # icc: Command line remark: option '-MP' not supported - if (grep 'ignoring option' conftest.err || - grep 'not supported' conftest.err) >/dev/null 2>&1; then :; else - am_cv_CCAS_dependencies_compiler_type=$depmode - break - fi - fi - done - - cd .. - rm -rf conftest.dir + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - am_cv_CCAS_dependencies_compiler_type=none -fi - + CFLAGS="$flag" fi -{ echo "$as_me:$LINENO: result: $am_cv_CCAS_dependencies_compiler_type" >&5 -echo "${ECHO_T}$am_cv_CCAS_dependencies_compiler_type" >&6; } -CCASDEPMODE=depmode=$am_cv_CCAS_dependencies_compiler_type - if - test "x$enable_dependency_tracking" != xno \ - && test "$am_cv_CCAS_dependencies_compiler_type" = gcc3; then - am__fastdepCCAS_TRUE= - am__fastdepCCAS_FALSE='#' else - am__fastdepCCAS_TRUE='#' - am__fastdepCCAS_FALSE= + : fi +done + -# FIXME: we rely on the cache variable name because -# there is no other way. -set dummy $CC -ac_cc=`echo $2 | sed 's/[^a-zA-Z0-9_]/_/g;s/^[0-9]/_/'` -if eval "test \"`echo '$ac_cv_prog_cc_'${ac_cc}_c_o`\" != yes"; then - # Losing compiler, so override with the script. - # FIXME: It is wrong to rewrite CC. - # But if we don't then we get into trouble of one sort or another. - # A longer-term fix would be to have automake use am__CC in this case, - # and then we could set am__CC="\$(top_srcdir)/compile \$(CC)" - CC="$am_aux_dir/compile $CC" fi -LIBM= -case $host in -*-*-beos* | *-*-cegcc* | *-*-cygwin* | *-*-haiku* | *-*-pw32* | *-*-darwin*) - # These system don't have libm, or don't need it - ;; -*-ncr-sysv4.3*) - { echo "$as_me:$LINENO: checking for _mwvalidcheckl in -lmw" >&5 -echo $ECHO_N "checking for _mwvalidcheckl in -lmw... $ECHO_C" >&6; } -if test "${ac_cv_lib_mw__mwvalidcheckl+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +for flag in -Wno-pragmas; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lmw $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char _mwvalidcheckl (); int main () { -return _mwvalidcheckl (); + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_mw__mwvalidcheckl=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_mw__mwvalidcheckl=no + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_mw__mwvalidcheckl" >&5 -echo "${ECHO_T}$ac_cv_lib_mw__mwvalidcheckl" >&6; } -if test $ac_cv_lib_mw__mwvalidcheckl = yes; then - LIBM="-lmw" +else + : fi - { echo "$as_me:$LINENO: checking for cos in -lm" >&5 -echo $ECHO_N "checking for cos in -lm... $ECHO_C" >&6; } -if test "${ac_cv_lib_m_cos+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +done + + + + +for flag in -Wall; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lm $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char cos (); int main () { -return cos (); + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_m_cos=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_m_cos=no + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_m_cos" >&5 -echo "${ECHO_T}$ac_cv_lib_m_cos" >&6; } -if test $ac_cv_lib_m_cos = yes; then - LIBM="$LIBM -lm" +else + : fi - ;; -*) - { echo "$as_me:$LINENO: checking for cos in -lm" >&5 -echo $ECHO_N "checking for cos in -lm... $ECHO_C" >&6; } -if test "${ac_cv_lib_m_cos+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +done + + + +for flag in -Wno-strict-aliasing; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lm $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char cos (); int main () { -return cos (); + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_m_cos=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_m_cos=no + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_m_cos" >&5 -echo "${ECHO_T}$ac_cv_lib_m_cos" >&6; } -if test $ac_cv_lib_m_cos = yes; then - LIBM="-lm" +else + : fi - ;; -esac +done -OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer" -OPTIMIZE_FAST_CFLAGS="-O3 -fomit-frame-pointer" -OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET" -DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL" +for flag in -Wextra; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ -# DEBUG -# Check whether --enable-debug was given. -if test "${enable_debug+set}" = set; then - enableval=$enable_debug; ENABLED_DEBUG=$enableval -else - ENABLED_DEBUG=no +int +main () +{ + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - -if test "$ENABLED_DEBUG" = "yes" -then - # Full debug. Very slow in some cases - AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS" +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - # Optimized version. No debug - AM_CFLAGS="$AM_CFLAGS -DNDEBUG" + CFLAGS="$flag" fi - -# SMALL BUILD -# Check whether --enable-small was given. -if test "${enable_small+set}" = set; then - enableval=$enable_small; ENABLED_SMALL=$enableval else - ENABLED_SMALL=no - + : fi -if test "$ENABLED_SMALL" = "yes" -then - # make small no tls build with smallest cipher - # if you only want server or client you can define NO_CYASSL_SERVER or - # NO_CYASSL_CLIENT but then some of the examples and testsuite won't build - # note that TLS needs HMAC - AM_CFLAGS="-DNO_TLS -DNO_HMAC -DNO_AES -DNO_DES3 -DNO_SHA256 -DNO_ERROR_STRINGS -DNO_RABBIT -DNO_PSK -DNO_DSA -DNO_DH -DNO_PWDBASED $AM_CFLAGS" -fi +done -# SINGLE THREADED -# Check whether --enable-singleThreaded was given. -if test "${enable_singleThreaded+set}" = set; then - enableval=$enable_singleThreaded; ENABLED_SINGLETHREADED=$enableval -else - ENABLED_SINGLETHREADED=no -fi +for flag in -Wunknown-pragmas; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else -if test "$ENABLED_SINGLETHREADED" = "yes" -then - AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -# DTLS -# Check whether --enable-dtls was given. -if test "${enable_dtls+set}" = set; then - enableval=$enable_dtls; ENABLED_DTLS=$enableval + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - ENABLED_DTLS=no - + eval "$as_CACHEVAR=no" fi - -if test "$ENABLED_DTLS" = "yes" -then - AM_CFLAGS="-DCYASSL_DTLS $AM_CFLAGS" +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - -# OPENSSL Extra Compatibility -# Check whether --enable-opensslExtra was given. -if test "${enable_opensslExtra+set}" = set; then - enableval=$enable_opensslExtra; ENABLED_OPENSSLEXTRA=$enableval else - ENABLED_OPENSSLEXTRA=no - + : fi -if test "$ENABLED_OPENSSLEXTRA" = "yes" -then - AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" -fi +done -if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes" -then - { { echo "$as_me:$LINENO: error: cannot enable small and opensslExtra, only one or the other." >&5 -echo "$as_me: error: cannot enable small and opensslExtra, only one or the other." >&2;} - { (exit 1); exit 1; }; } -fi -# IPv6 Test Apps -# Check whether --enable-ipv6 was given. -if test "${enable_ipv6+set}" = set; then - enableval=$enable_ipv6; ENABLED_IPV6=$enableval +for flag in -Wthis-test-should-fail; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_IPV6=no - -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ -if test "$ENABLED_IPV6" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DTEST_IPV6" -fi - +int +main () +{ -# Fortress build -# Check whether --enable-fortress was given. -if test "${enable_fortress+set}" = set; then - enableval=$enable_fortress; ENABLED_FORTRESS=$enableval + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - ENABLED_FORTRESS=no - + eval "$as_CACHEVAR=no" fi - - -if test "$ENABLED_FORTRESS" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DOPENSSL_EXTRA -DCYASSL_DES_ECB -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DCYASSL_DER_LOAD -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_KEY_GEN" +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - -# ssl bump build -# Check whether --enable-bump was given. -if test "${enable_bump+set}" = set; then - enableval=$enable_bump; ENABLED_BUMP=$enableval else - ENABLED_BUMP=no - + : fi +done -if test "$ENABLED_BUMP" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DCYASSL_DER_LOAD -DCYASSL_ALT_NAMES -DCYASSL_TEST_CERT" -fi + if test "$CC" = "clang"; then : -# fastmath -# Check whether --enable-fastmath was given. -if test "${enable_fastmath+set}" = set; then - enableval=$enable_fastmath; ENABLED_FASTMATH=$enableval else - ENABLED_FASTMATH=no - -fi - -if test "x$ENABLED_FASTMATH" = "xyes" -then - AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH" -fi -# fast HUGE math -# Check whether --enable-fasthugemath was given. -if test "${enable_fasthugemath+set}" = set; then - enableval=$enable_fasthugemath; ENABLED_FASTHUGEMATH=$enableval +for flag in --param=ssp-buffer-size=1; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_FASTHUGEMATH=no - -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ -if test "$ENABLED_BUMP" = "yes" -then - ENABLED_FASTHUGEMATH="yes" -fi +int +main () +{ -if test "$ENABLED_FASTHUGEMATH" = "yes" -then - ENABLED_FASTMATH="yes" - AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - - if test "x$ENABLED_FASTMATH" = "xyes"; then - BUILD_FASTMATH_TRUE= - BUILD_FASTMATH_FALSE='#' +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - BUILD_FASTMATH_TRUE='#' - BUILD_FASTMATH_FALSE= + CFLAGS="$flag" fi - - -# big cache -# Check whether --enable-bigcache was given. -if test "${enable_bigcache+set}" = set; then - enableval=$enable_bigcache; ENABLED_BIGCACHE=$enableval else - ENABLED_BIGCACHE=no - + : fi +done + -if test "$ENABLED_BIGCACHE" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DBIG_SESSION_CACHE" fi -# HUGE cache -# Check whether --enable-hugecache was given. -if test "${enable_hugecache+set}" = set; then - enableval=$enable_hugecache; ENABLED_HUGECACHE=$enableval +for flag in -Waddress; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_HUGECACHE=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_HUGECACHE" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DHUGE_SESSION_CACHE" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - - -# SMALL cache -# Check whether --enable-smallcache was given. -if test "${enable_smallcache+set}" = set; then - enableval=$enable_smallcache; ENABLED_SMALLCACHE=$enableval +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - ENABLED_SMALLCACHE=no + CFLAGS="$flag" +fi +else + : fi +done -if test "$ENABLED_SMALLCACHE" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DSMALL_SESSION_CACHE" -fi -# SNIFFER -# Check whether --enable-sniffer was given. -if test "${enable_sniffer+set}" = set; then - enableval=$enable_sniffer; ENABLED_SNIFFER=$enableval +for flag in -Warray-bounds; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_SNIFFER=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_SNIFFER" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - - if test "x$ENABLED_SNIFFER" = "xyes"; then - BUILD_SNIFFER_TRUE= - BUILD_SNIFFER_FALSE='#' +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" +fi + else - BUILD_SNIFFER_TRUE='#' - BUILD_SNIFFER_FALSE= + : fi +done -# AES-GCM -# Check whether --enable-aesgcm was given. -if test "${enable_aesgcm+set}" = set; then - enableval=$enable_aesgcm; ENABLED_AESGCM=$enableval -else - ENABLED_AESGCM=no -fi +for flag in -Wbad-function-cast; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else -if test "$ENABLED_AESGCM" = "word32" -then - AM_CFLAGS="$AM_CFLAGS -DGCM_WORD32" - ENABLED_AESGCM=yes -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ -if test "$ENABLED_AESGCM" = "small" -then - AM_CFLAGS="$AM_CFLAGS -DGCM_SMALL" - ENABLED_AESGCM=yes -fi +int +main () +{ -if test "$ENABLED_AESGCM" = "table" -then - AM_CFLAGS="$AM_CFLAGS -DGCM_TABLE" - ENABLED_AESGCM=yes + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - -if test "$ENABLED_AESGCM" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM -DCYASSL_SHA384 -DCYASSL_SHA512" +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - if test "x$ENABLED_AESGCM" = "xyes"; then - BUILD_AESGCM_TRUE= - BUILD_AESGCM_FALSE='#' else - BUILD_AESGCM_TRUE='#' - BUILD_AESGCM_FALSE= + : fi +done -# AES-NI -# Check whether --enable-aesni was given. -if test "${enable_aesni+set}" = set; then - enableval=$enable_aesni; ENABLED_AESNI=$enableval + + +for flag in -Wchar-subscripts; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_AESNI=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_AESNI" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_AESNI" - if test "$GCC" = "yes" - then - # GCC needs these flags, icc doesn't - AM_CFLAGS="$AM_CFLAGS -maes -msse4" - fi + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - if test "x$ENABLED_AESNI" = "xyes"; then - BUILD_AESNI_TRUE= - BUILD_AESNI_FALSE='#' else - BUILD_AESNI_TRUE='#' - BUILD_AESNI_FALSE= + : fi +done + -# MD2 -# Check whether --enable-md2 was given. -if test "${enable_md2+set}" = set; then - enableval=$enable_md2; ENABLED_MD2=$enableval +for flag in -Wcomment; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_MD2=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_BUMP" = "yes" -then - ENABLED_MD2="yes" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - -if test "$ENABLED_MD2" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_MD2" +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - if test "x$ENABLED_MD2" = "xyes"; then - BUILD_MD2_TRUE= - BUILD_MD2_FALSE='#' else - BUILD_MD2_TRUE='#' - BUILD_MD2_FALSE= + : fi +done -# RIPEMD -# Check whether --enable-ripemd was given. -if test "${enable_ripemd+set}" = set; then - enableval=$enable_ripemd; ENABLED_RIPEMD=$enableval + +for flag in -Wfloat-equal; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_RIPEMD=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_RIPEMD" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_RIPEMD" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - if test "x$ENABLED_RIPEMD" = "xyes"; then - BUILD_RIPEMD_TRUE= - BUILD_RIPEMD_FALSE='#' else - BUILD_RIPEMD_TRUE='#' - BUILD_RIPEMD_FALSE= + : fi +done -# SHA512 -# Check whether --enable-sha512 was given. -if test "${enable_sha512+set}" = set; then - enableval=$enable_sha512; ENABLED_SHA512=$enableval + +for flag in -Wformat-security; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_SHA512=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_SHA512" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_SHA512" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - -if test "$ENABLED_FORTRESS" = "yes" -then - ENABLED_SHA512="yes" +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi -if test "$ENABLED_AESGCM" = "yes" -then - ENABLED_SHA512="yes" +else + : fi +done - if test "x$ENABLED_SHA512" = "xyes"; then - BUILD_SHA512_TRUE= - BUILD_SHA512_FALSE='#' + + +for flag in -Wformat=2; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - BUILD_SHA512_TRUE='#' - BUILD_SHA512_FALSE= -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -# SESSION CERTS -# Check whether --enable-sessioncerts was given. -if test "${enable_sessioncerts+set}" = set; then - enableval=$enable_sessioncerts; ENABLED_SESSIONCERTS=$enableval + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - ENABLED_SESSIONCERTS=no + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" +fi +else + : fi +done -if test "$ENABLED_SESSIONCERTS" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DSESSION_CERTS" -fi -# KEY GENERATION -# Check whether --enable-keygen was given. -if test "${enable_keygen+set}" = set; then - enableval=$enable_keygen; ENABLED_KEYGEN=$enableval +for flag in -Wmaybe-uninitialized; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_KEYGEN=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_KEYGEN" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_KEY_GEN" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - -# CERT GENERATION -# Check whether --enable-certgen was given. -if test "${enable_certgen+set}" = set; then - enableval=$enable_certgen; ENABLED_CERTGEN=$enableval else - ENABLED_CERTGEN=no - + : fi +done -if test "$ENABLED_CERTGEN" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN" -fi -# HC128 -# Check whether --enable-hc128 was given. -if test "${enable_hc128+set}" = set; then - enableval=$enable_hc128; ENABLED_HC128=$enableval +for flag in -Wmissing-field-initializers; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_HC128=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_HC128" = "no" -then - AM_CFLAGS="$AM_CFLAGS -DNO_HC128" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128" + eval "$as_CACHEVAR=no" fi - - if test "x$ENABLED_HC128" = "xyes"; then - BUILD_HC128_TRUE= - BUILD_HC128_FALSE='#' +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - BUILD_HC128_TRUE='#' - BUILD_HC128_FALSE= + CFLAGS="$flag" fi - - -# PSK -# Check whether --enable-psk was given. -if test "${enable_psk+set}" = set; then - enableval=$enable_psk; ENABLED_PSK=$enableval else - ENABLED_PSK=no - + : fi +done -if test "$ENABLED_PSK" = "no" -then - AM_CFLAGS="$AM_CFLAGS -DNO_PSK" -fi -# Web Server Build -# Check whether --enable-webServer was given. -if test "${enable_webServer+set}" = set; then - enableval=$enable_webServer; ENABLED_WEBSERVER=$enableval +for flag in -Wmissing-noreturn; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_WEBSERVER=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_WEBSERVER" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - - -# No Filesystem Build -# Check whether --enable-noFilesystem was given. -if test "${enable_noFilesystem+set}" = set; then - enableval=$enable_noFilesystem; ENABLED_NOFILESYSTEM=$enableval +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - ENABLED_NOFILESYSTEM=no + CFLAGS="$flag" +fi +else + : fi +done -if test "$ENABLED_NOFILESYSTEM" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM" -fi -# No inline Build -# Check whether --enable-noInline was given. -if test "${enable_noInline+set}" = set; then - enableval=$enable_noInline; ENABLED_NOINLINE=$enableval +for flag in -Wmissing-prototypes; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_NOINLINE=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_NOINLINE" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DNO_INLINE" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - if test "x$ENABLED_NOINLINE" = "xyes"; then - BUILD_NOINLINE_TRUE= - BUILD_NOINLINE_FALSE='#' else - BUILD_NOINLINE_TRUE='#' - BUILD_NOINLINE_FALSE= + : fi +done -# ECC -# Check whether --enable-ecc was given. -if test "${enable_ecc+set}" = set; then - enableval=$enable_ecc; ENABLED_ECC=$enableval + +for flag in -Wnested-externs; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_ECC=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_ECC" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" fi - - if test "x$ENABLED_ECC" = "xyes"; then - BUILD_ECC_TRUE= - BUILD_ECC_FALSE='#' +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - BUILD_ECC_TRUE='#' - BUILD_ECC_FALSE= + CFLAGS="$flag" fi +else + : +fi +done -if test "$ENABLED_ECC" = "yes" && test "$ENABLED_SMALL" = "yes" -then - { { echo "$as_me:$LINENO: error: cannot enable ecc and small, ecc requires TLS which small turns off." >&5 -echo "$as_me: error: cannot enable ecc and small, ecc requires TLS which small turns off." >&2;} - { (exit 1); exit 1; }; } -fi -# OCSP -# Check whether --enable-ocsp was given. -if test "${enable_ocsp+set}" = set; then - enableval=$enable_ocsp; ENABLED_OCSP=$enableval +for flag in -Wnormalized=id; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_OCSP=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ -if test "$ENABLED_OCSP" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP" -fi +int +main () +{ - if test "x$ENABLED_OCSP" = "xyes"; then - BUILD_OCSP_TRUE= - BUILD_OCSP_FALSE='#' + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - BUILD_OCSP_TRUE='#' - BUILD_OCSP_FALSE= + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - - -# CRL -# Check whether --enable-crl was given. -if test "${enable_crl+set}" = set; then - enableval=$enable_crl; ENABLED_CRL=$enableval else - ENABLED_CRL=no + : fi +done -if test "$ENABLED_CRL" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL" -fi - if test "x$ENABLED_CRL" = "xyes"; then - BUILD_CRL_TRUE= - BUILD_CRL_FALSE='#' + +for flag in -Woverride-init; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - BUILD_CRL_TRUE='#' - BUILD_CRL_FALSE= -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -# CRL Monitor -# Check whether --enable-crl-monitor was given. -if test "${enable_crl_monitor+set}" = set; then - enableval=$enable_crl_monitor; ENABLED_CRL_MONITOR=$enableval + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - ENABLED_CRL_MONITOR=no + eval "$as_CACHEVAR=no" fi - - -if test "$ENABLED_CRL_MONITOR" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - if test "x$ENABLED_CRL_MONITOR" = "xyes"; then - BUILD_CRL_MONITOR_TRUE= - BUILD_CRL_MONITOR_FALSE='#' else - BUILD_CRL_MONITOR_TRUE='#' - BUILD_CRL_MONITOR_FALSE= + : fi +done -# NTRU -ntruHome=`pwd`/NTRU_algorithm -ntruInclude=$ntruHome/cryptolib -ntruLib=$ntruHome -# Check whether --enable-ntru was given. -if test "${enable_ntru+set}" = set; then - enableval=$enable_ntru; ENABLED_NTRU=$enableval + +for flag in -Wpointer-arith; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_NTRU=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_NTRU" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -I$ntruInclude" - AM_LDFLAGS="$AM_LDFLAGS -L$ntruLib" - LIBS="$LIBS -lntru_encrypt" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi - if test "x$ENABLED_NTRU" = "xyes"; then - BUILD_NTRU_TRUE= - BUILD_NTRU_FALSE='#' else - BUILD_NTRU_TRUE='#' - BUILD_NTRU_FALSE= + : fi +done -if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes" -then - { { echo "$as_me:$LINENO: error: cannot enable ntru and small, ntru requires TLS which small turns off." >&5 -echo "$as_me: error: cannot enable ntru and small, ntru requires TLS which small turns off." >&2;} - { (exit 1); exit 1; }; } -fi -# Test certs, use internal cert functions for extra testing -# Check whether --enable-testcert was given. -if test "${enable_testcert+set}" = set; then - enableval=$enable_testcert; ENABLED_TESTCERT=$enableval +for flag in -Wpointer-sign; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ENABLED_TESTCERT=no -fi + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -if test "$ENABLED_TESTCERT" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_TEST_CERT" + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi +else + : +fi -# LIBZ -trylibzdir="" +done -# Check whether --with-libz was given. -if test "${with_libz+set}" = set; then - withval=$with_libz; - { echo "$as_me:$LINENO: checking for libz" >&5 -echo $ECHO_N "checking for libz... $ECHO_C" >&6; } - CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ" - LIBS="$LIBS -lz" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + +for flag in -Wredundant-decls; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include + int main () { - deflateInit(0, 8); + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - libz_linked=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + CFLAGS="$flag" +fi - libz_linked=no +else + : fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +done - if test "x$libz_linked" == "xno" ; then - if test "x$withval" != "xno" ; then - trylibzdir=$withval - fi - if test "x$withval" == "xyes" ; then - trylibzdir="/usr" - fi - AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib" - CPPFLAGS="$CPPFLAGS -I$trylibzdir/include" - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF +for flag in -Wshadow; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include + int main () { - deflateInit(0, 8); + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - libz_linked=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - libz_linked=no + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +else + : +fi - if test "x$libz_linked" == "xno" ; then - { { echo "$as_me:$LINENO: error: libz isn't found. - If it's already installed, specify its path using --with-libz=/dir/" >&5 -echo "$as_me: error: libz isn't found. - If it's already installed, specify its path using --with-libz=/dir/" >&2;} - { (exit 1); exit 1; }; } - fi - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - else - { echo "$as_me:$LINENO: result: yes" >&5 -echo "${ECHO_T}yes" >&6; } - fi +done -fi +for flag in -Wshorten-64-to-32; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -# OPTIMIZE FLAGS -if test "$GCC" = "yes" -then - AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused" - if test "$ENABLED_DEBUG" = "no" - then - if test "$ENABLED_FASTMATH" = "yes" - then - AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS" - if test "$ENABLED_FASTHUGEMATH" = "yes" - then - AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS" - fi - else - AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS" - fi - fi + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi +else + : +fi +done -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu -ax_pthread_ok=no -# We used to check for pthread.h first, but this fails if pthread.h -# requires special compiler flags (e.g. on True64 or Sequent). -# It gets checked for in the link test anyway. +for flag in -Wsign-compare; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else -# First of all, check if the user has set any of the PTHREAD_LIBS, -# etcetera environment variables, and if threads linking works using -# them: -if test x"$PTHREAD_LIBS$PTHREAD_CFLAGS" != x; then - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS" - save_LIBS="$LIBS" - LIBS="$PTHREAD_LIBS $LIBS" - { echo "$as_me:$LINENO: checking for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS" >&5 -echo $ECHO_N "checking for pthread_join in LIBS=$PTHREAD_LIBS with CFLAGS=$PTHREAD_CFLAGS... $ECHO_C" >&6; } - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char pthread_join (); int main () { -return pthread_join (); + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ax_pthread_ok=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - { echo "$as_me:$LINENO: result: $ax_pthread_ok" >&5 -echo "${ECHO_T}$ax_pthread_ok" >&6; } - if test x"$ax_pthread_ok" = xno; then - PTHREAD_LIBS="" - PTHREAD_CFLAGS="" - fi - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" +else + : fi -# We must check for the threads library under a number of different -# names; the ordering is very important because some systems -# (e.g. DEC) have both -lpthread and -lpthreads, where one of the -# libraries is broken (non-POSIX). +done -# Create a list of thread flags to try. Items starting with a "-" are -# C compiler flags, and other items are library names, except for "none" -# which indicates that we try without any flags at all, and "pthread-config" -# which is a program returning the flags for the Pth emulation library. -ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mthreads pthread --thread-safe -mt pthread-config" -# The ordering *is* (sometimes) important. Some notes on the -# individual items follow: +for flag in -Wstrict-overflow=1; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else -# pthreads: AIX (must check this before -lpthread) -# none: in case threads are in libc; should be tried before -Kthread and -# other compiler flags to prevent continual compiler warnings -# -Kthread: Sequent (threads in libc, but -Kthread needed for pthread.h) -# -kthread: FreeBSD kernel threads (preferred to -pthread since SMP-able) -# lthread: LinuxThreads port on FreeBSD (also preferred to -pthread) -# -pthread: Linux/gcc (kernel threads), BSD/gcc (userland threads) -# -pthreads: Solaris/gcc -# -mthreads: Mingw32/gcc, Lynx/gcc -# -mt: Sun Workshop C (may only link SunOS threads [-lthread], but it -# doesn't hurt to check since this sometimes defines pthreads too; -# also defines -D_REENTRANT) -# ... -mt is also the pthreads flag for HP/aCC -# pthread: Linux, etcetera -# --thread-safe: KAI C++ -# pthread-config: use pthread-config program (for GNU Pth library) + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ + +int +main () +{ + + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" +fi -case "${host_cpu}-${host_os}" in - *solaris*) +else + : +fi - # On Solaris (at least, for some versions), libc contains stubbed - # (non-functional) versions of the pthreads routines, so link-based - # tests will erroneously succeed. (We need to link with -pthreads/-mt/ - # -lpthread.) (The stubs are missing pthread_cleanup_push, or rather - # a function called by this macro, so we could check for that, but - # who knows whether they'll stub that too in a future libc.) So, - # we'll just look for -pthreads and -lpthread first: +done - ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" - ;; - *-darwin*) - ax_pthread_flags="-pthread $ax_pthread_flags" - ;; -esac -if test x"$ax_pthread_ok" = xno; then -for flag in $ax_pthread_flags; do +for flag in -Wstrict-prototypes; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else - case $flag in - none) - { echo "$as_me:$LINENO: checking whether pthreads work without any flags" >&5 -echo $ECHO_N "checking whether pthreads work without any flags... $ECHO_C" >&6; } - ;; + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - -*) - { echo "$as_me:$LINENO: checking whether pthreads work with $flag" >&5 -echo $ECHO_N "checking whether pthreads work with $flag... $ECHO_C" >&6; } - PTHREAD_CFLAGS="$flag" - ;; +int +main () +{ - pthread-config) - # Extract the first word of "pthread-config", so it can be a program name with args. -set dummy pthread-config; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_ax_pthread_config+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$ax_pthread_config"; then - ac_cv_prog_ax_pthread_config="$ax_pthread_config" # Let the user override the test. + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_ax_pthread_config="yes" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - - test -z "$ac_cv_prog_ax_pthread_config" && ac_cv_prog_ax_pthread_config="no" + eval "$as_CACHEVAR=no" fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" fi -ax_pthread_config=$ac_cv_prog_ax_pthread_config -if test -n "$ax_pthread_config"; then - { echo "$as_me:$LINENO: result: $ax_pthread_config" >&5 -echo "${ECHO_T}$ax_pthread_config" >&6; } + else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } + : fi +done - if test x"$ax_pthread_config" = xno; then continue; fi - PTHREAD_CFLAGS="`pthread-config --cflags`" - PTHREAD_LIBS="`pthread-config --ldflags` `pthread-config --libs`" - ;; - *) - { echo "$as_me:$LINENO: checking for the pthreads library -l$flag" >&5 -echo $ECHO_N "checking for the pthreads library -l$flag... $ECHO_C" >&6; } - PTHREAD_LIBS="-l$flag" - ;; - esac - save_LIBS="$LIBS" - save_CFLAGS="$CFLAGS" - LIBS="$PTHREAD_LIBS $LIBS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS" +for flag in -Wswitch-enum; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else - # Check for various functions. We must include pthread.h, - # since some functions may be macros. (On the Sequent, we - # need a special flag -Kthread to make this header compile.) - # We check for pthread_join because it is in -lpthread on IRIX - # while pthread_create is in libc. We check for pthread_attr_init - # due to DEC craziness with -lpthreads. We check for - # pthread_cleanup_push because it is one of the few pthread - # functions on Solaris that doesn't have a non-functional libc stub. - # We try pthread_create on general principles. - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include - static void routine(void *a) { a = 0; } - static void *start_routine(void *a) { return a; } + int main () { -pthread_t th; pthread_attr_t attr; - pthread_create(&th, 0, start_routine, 0); - pthread_join(th, 0); - pthread_attr_init(&attr); - pthread_cleanup_push(routine, 0); - pthread_cleanup_pop(0) /* ; */ + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ax_pthread_ok=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +else + : +fi - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" +done - { echo "$as_me:$LINENO: result: $ax_pthread_ok" >&5 -echo "${ECHO_T}$ax_pthread_ok" >&6; } - if test "x$ax_pthread_ok" = xyes; then - break; - fi - PTHREAD_LIBS="" - PTHREAD_CFLAGS="" -done -fi -# Various other checks: -if test "x$ax_pthread_ok" = xyes; then - save_LIBS="$LIBS" - LIBS="$PTHREAD_LIBS $LIBS" - save_CFLAGS="$CFLAGS" - CFLAGS="$CFLAGS $PTHREAD_CFLAGS" +for flag in -Wundef; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else - # Detect AIX lossage: JOINABLE attribute is called UNDETACHED. - { echo "$as_me:$LINENO: checking for joinable pthread attribute" >&5 -echo $ECHO_N "checking for joinable pthread attribute... $ECHO_C" >&6; } - attr_name=unknown - for attr in PTHREAD_CREATE_JOINABLE PTHREAD_CREATE_UNDETACHED; do - cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include + int main () { -int attr = $attr; return attr /* ; */ + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - attr_name=$attr; break + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext - done - { echo "$as_me:$LINENO: result: $attr_name" >&5 -echo "${ECHO_T}$attr_name" >&6; } - if test "$attr_name" != PTHREAD_CREATE_JOINABLE; then +else + : +fi -cat >>confdefs.h <<_ACEOF -#define PTHREAD_CREATE_JOINABLE $attr_name -_ACEOF +done - fi - { echo "$as_me:$LINENO: checking if more special flags are required for pthreads" >&5 -echo $ECHO_N "checking if more special flags are required for pthreads... $ECHO_C" >&6; } - flag=no - case "${host_cpu}-${host_os}" in - *-aix* | *-freebsd* | *-darwin*) flag="-D_THREAD_SAFE";; - *solaris* | *-osf* | *-hpux*) flag="-D_REENTRANT";; - esac - { echo "$as_me:$LINENO: result: ${flag}" >&5 -echo "${ECHO_T}${flag}" >&6; } - if test "x$flag" != xno; then - PTHREAD_CFLAGS="$flag $PTHREAD_CFLAGS" - fi - { echo "$as_me:$LINENO: checking for PTHREAD_PRIO_INHERIT" >&5 -echo $ECHO_N "checking for PTHREAD_PRIO_INHERIT... $ECHO_C" >&6; } -if test "${ax_cv_PTHREAD_PRIO_INHERIT+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +for flag in -Wunused; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - cat >conftest.$ac_ext <<_ACEOF - - /* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -#include + int main () { -int i = PTHREAD_PRIO_INHERIT; + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ax_cv_PTHREAD_PRIO_INHERIT=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 + CFLAGS="$flag" +fi - ax_cv_PTHREAD_PRIO_INHERIT=no +else + : fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext +done -fi -{ echo "$as_me:$LINENO: result: $ax_cv_PTHREAD_PRIO_INHERIT" >&5 -echo "${ECHO_T}$ax_cv_PTHREAD_PRIO_INHERIT" >&6; } - if test "x$ax_cv_PTHREAD_PRIO_INHERIT" = "xyes"; then -cat >>confdefs.h <<\_ACEOF -#define HAVE_PTHREAD_PRIO_INHERIT 1 -_ACEOF -fi +for flag in -Wunused-result; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ - LIBS="$save_LIBS" - CFLAGS="$save_CFLAGS" +int +main () +{ - # More AIX lossage: must compile with xlc_r or cc_r - if test x"$GCC" != xyes; then - for ac_prog in xlc_r cc_r -do - # Extract the first word of "$ac_prog", so it can be a program name with args. -set dummy $ac_prog; ac_word=$2 -{ echo "$as_me:$LINENO: checking for $ac_word" >&5 -echo $ECHO_N "checking for $ac_word... $ECHO_C" >&6; } -if test "${ac_cv_prog_PTHREAD_CC+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 -else - if test -n "$PTHREAD_CC"; then - ac_cv_prog_PTHREAD_CC="$PTHREAD_CC" # Let the user override the test. + ; + return 0; +} +_ACEOF +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else -as_save_IFS=$IFS; IFS=$PATH_SEPARATOR -for as_dir in $PATH -do - IFS=$as_save_IFS - test -z "$as_dir" && as_dir=. - for ac_exec_ext in '' $ac_executable_extensions; do - if { test -f "$as_dir/$ac_word$ac_exec_ext" && $as_test_x "$as_dir/$ac_word$ac_exec_ext"; }; then - ac_cv_prog_PTHREAD_CC="$ac_prog" - echo "$as_me:$LINENO: found $as_dir/$ac_word$ac_exec_ext" >&5 - break 2 - fi -done -done -IFS=$as_save_IFS - -fi + eval "$as_CACHEVAR=no" fi -PTHREAD_CC=$ac_cv_prog_PTHREAD_CC -if test -n "$PTHREAD_CC"; then - { echo "$as_me:$LINENO: result: $PTHREAD_CC" >&5 -echo "${ECHO_T}$PTHREAD_CC" >&6; } +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - { echo "$as_me:$LINENO: result: no" >&5 -echo "${ECHO_T}no" >&6; } -fi - - - test -n "$PTHREAD_CC" && break -done -test -n "$PTHREAD_CC" || PTHREAD_CC="${CC}" + CFLAGS="$flag" +fi - else - PTHREAD_CC=$CC - fi else - PTHREAD_CC="$CC" + : fi +done +for flag in -Wunused-variable; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 +else -# Finally, execute ACTION-IF-FOUND/ACTION-IF-NOT-FOUND: -if test x"$ax_pthread_ok" = xyes; then + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext +/* end confdefs.h. */ +int +main () +{ -cat >>confdefs.h <<\_ACEOF -#define HAVE_PTHREAD 1 + ; + return 0; +} _ACEOF - - - : +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" else - ax_pthread_ok=no - - -cat >>confdefs.h <<\_ACEOF -#define HAVE_PTHREAD 0 -_ACEOF - + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac +else + CFLAGS="$flag" +fi +else + : fi -ac_ext=c -ac_cpp='$CPP $CPPFLAGS' -ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' -ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' -ac_compiler_gnu=$ac_cv_c_compiler_gnu +done - { echo "$as_me:$LINENO: checking for library containing gethostbyname" >&5 -echo $ECHO_N "checking for library containing gethostbyname... $ECHO_C" >&6; } -if test "${ac_cv_search_gethostbyname+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 +for flag in -Wwrite-strings; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_func_search_save_LIBS=$LIBS -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char gethostbyname (); int main () { -return gethostbyname (); + ; return 0; } _ACEOF -for ac_lib in '' nsl; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_search_gethostbyname=$ac_res + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext - if test "${ac_cv_search_gethostbyname+set}" = set; then - break -fi -done -if test "${ac_cv_search_gethostbyname+set}" = set; then - : else - ac_cv_search_gethostbyname=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS + : fi -{ echo "$as_me:$LINENO: result: $ac_cv_search_gethostbyname" >&5 -echo "${ECHO_T}$ac_cv_search_gethostbyname" >&6; } -ac_res=$ac_cv_search_gethostbyname -if test "$ac_res" != no; then - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" -fi +done + - { echo "$as_me:$LINENO: checking for library containing socket" >&5 -echo $ECHO_N "checking for library containing socket... $ECHO_C" >&6; } -if test "${ac_cv_search_socket+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +for flag in -fwrapv; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_func_search_save_LIBS=$LIBS -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char socket (); int main () { -return socket (); + ; return 0; } _ACEOF -for ac_lib in '' socket; do - if test -z "$ac_lib"; then - ac_res="none required" - else - ac_res=-l$ac_lib - LIBS="-l$ac_lib $ac_func_search_save_LIBS" - fi - rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_search_socket=$ac_res + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext - if test "${ac_cv_search_socket+set}" = set; then - break -fi -done -if test "${ac_cv_search_socket+set}" = set; then - : else - ac_cv_search_socket=no -fi -rm conftest.$ac_ext -LIBS=$ac_func_search_save_LIBS + : fi -{ echo "$as_me:$LINENO: result: $ac_cv_search_socket" >&5 -echo "${ECHO_T}$ac_cv_search_socket" >&6; } -ac_res=$ac_cv_search_socket -if test "$ac_res" != no; then - test "$ac_res" = "none required" || LIBS="$ac_res $LIBS" -else +done + - { echo "$as_me:$LINENO: checking for socket in -lsocket" >&5 -echo $ECHO_N "checking for socket in -lsocket... $ECHO_C" >&6; } -if test "${ac_cv_lib_socket_socket+set}" = set; then - echo $ECHO_N "(cached) $ECHO_C" >&6 + +for flag in -fPIE; do + as_CACHEVAR=`$as_echo "ax_cv_check_cflags_$ax_append_compile_cflags_extra_$flag" | $as_tr_sh` +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking whether C compiler accepts $flag" >&5 +$as_echo_n "checking whether C compiler accepts $flag... " >&6; } +if eval \${$as_CACHEVAR+:} false; then : + $as_echo_n "(cached) " >&6 else - ac_check_lib_save_LIBS=$LIBS -LIBS="-lsocket -lnsl $LIBS" -cat >conftest.$ac_ext <<_ACEOF -/* confdefs.h. */ -_ACEOF -cat confdefs.h >>conftest.$ac_ext -cat >>conftest.$ac_ext <<_ACEOF + + ax_check_save_flags=$CFLAGS + CFLAGS="$CFLAGS $ax_append_compile_cflags_extra $flag" + cat confdefs.h - <<_ACEOF >conftest.$ac_ext /* end confdefs.h. */ -/* Override any GCC internal prototype to avoid an error. - Use char because int might match the return type of a GCC - builtin and then its argument prototype would still apply. */ -#ifdef __cplusplus -extern "C" -#endif -char socket (); int main () { -return socket (); + ; return 0; } _ACEOF -rm -f conftest.$ac_objext conftest$ac_exeext -if { (ac_try="$ac_link" -case "(($ac_try" in - *\"* | *\`* | *\\*) ac_try_echo=\$ac_try;; - *) ac_try_echo=$ac_try;; -esac -eval "echo \"\$as_me:$LINENO: $ac_try_echo\"") >&5 - (eval "$ac_link") 2>conftest.er1 +if ac_fn_c_try_compile "$LINENO"; then : + eval "$as_CACHEVAR=yes" +else + eval "$as_CACHEVAR=no" +fi +rm -f core conftest.err conftest.$ac_objext conftest.$ac_ext + CFLAGS=$ax_check_save_flags +fi +eval ac_res=\$$as_CACHEVAR + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $ac_res" >&5 +$as_echo "$ac_res" >&6; } +if test x"`eval 'as_val=${'$as_CACHEVAR'};$as_echo "$as_val"'`" = xyes; then : + if ${CFLAGS+:} false; then : + case " $CFLAGS " in + *" $flag "*) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS already contains \$flag"; } >&5 + (: CFLAGS already contains $flag) 2>&5 ac_status=$? - grep -v '^ *+' conftest.er1 >conftest.err - rm -f conftest.er1 - cat conftest.err >&5 - echo "$as_me:$LINENO: \$? = $ac_status" >&5 - (exit $ac_status); } && { - test -z "$ac_c_werror_flag" || - test ! -s conftest.err - } && test -s conftest$ac_exeext && - $as_test_x conftest$ac_exeext; then - ac_cv_lib_socket_socket=yes + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + ;; + *) + { { $as_echo "$as_me:${as_lineno-$LINENO}: : CFLAGS=\"\$CFLAGS \$flag\""; } >&5 + (: CFLAGS="$CFLAGS $flag") 2>&5 + ac_status=$? + $as_echo "$as_me:${as_lineno-$LINENO}: \$? = $ac_status" >&5 + test $ac_status = 0; } + CFLAGS="$CFLAGS $flag" + ;; + esac else - echo "$as_me: failed program was:" >&5 -sed 's/^/| /' conftest.$ac_ext >&5 - - ac_cv_lib_socket_socket=no + CFLAGS="$flag" fi -rm -f core conftest.err conftest.$ac_objext conftest_ipa8_conftest.oo \ - conftest$ac_exeext conftest.$ac_ext -LIBS=$ac_check_lib_save_LIBS -fi -{ echo "$as_me:$LINENO: result: $ac_cv_lib_socket_socket" >&5 -echo "${ECHO_T}$ac_cv_lib_socket_socket" >&6; } -if test $ac_cv_lib_socket_socket = yes; then - LIBS="-lsocket -lnsl $LIBS" +else + : fi -fi +done + ac_ext=c +ac_cpp='$CPP $CPPFLAGS' +ac_compile='$CC -c $CFLAGS $CPPFLAGS conftest.$ac_ext >&5' +ac_link='$CC -o conftest$ac_exeext $CFLAGS $CPPFLAGS $LDFLAGS conftest.$ac_ext $LIBS >&5' +ac_compiler_gnu=$ac_cv_c_compiler_gnu -GCCWARNINGS="-Wall -fno-strict-aliasing -W -Wfloat-equal -Wundef \ - -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes \ - -Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment \ - -Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls \ - -Wnested-externs -Wbad-function-cast -Wswitch-enum -Winit-self \ - -Wmissing-field-initializers -Wdeclaration-after-statement \ - -Wold-style-definition -Waddress -Wmissing-noreturn -Wnormalized=id \ - -Woverride-init -Wstrict-overflow=1 -Wextra -Wstack-protector -Wformat \ - -Wformat-security -Wpointer-sign -Wshadow -Wswitch-default" -case "$host_os" in - *linux*) -GCCWARNINGS="$GCCWARNINGS -Warray-bounds" - ;; +# link to ws2_32 if on mingw +case $host_os in + *mingw32) + LDFLAGS="$LDFLAGS -lws2_32" ;; esac -# Check whether --enable-gcc-lots-o-warnings was given. -if test "${enable_gcc_lots_o_warnings+set}" = set; then - enableval=$enable_gcc_lots_o_warnings; if test x$enableval = xyes; then - AM_CFLAGS="$AM_CFLAGS $GCCWARNINGS" -fi -fi - - -# Check whether --enable-gcc-hardening was given. -if test "${enable_gcc_hardening+set}" = set; then - enableval=$enable_gcc_hardening; if test x$enableval = xyes; then - AM_CFLAGS="$AM_CFLAGS -D_FORTIFY_SOURCE=2 -fstack-protector-all" - AM_CFLAGS="$AM_CFLAGS -fwrapv -fPIE -Wstack-protector" - AM_CFLAGS="$AM_CFLAGS --param ssp-buffer-size=1" - LDFLAGS="$LDFLAGS -pie" -fi -fi - - -# Check whether --enable-linker-hardening was given. -if test "${enable_linker_hardening+set}" = set; then - enableval=$enable_linker_hardening; if test x$enableval = xyes; then - LDFLAGS="$LDFLAGS -z relro -z now" -fi -fi - +# add user C_EXTRA_FLAGS back +CFLAGS="$CFLAGS $USER_C_EXTRA_FLAGS" +OPTION_FLAGS="$USER_C_EXTRA_FLAGS $AM_CFLAGS" @@ -23247,7 +24234,7 @@ fi awk -F. '{printf "0x%0.2d%0.3d%0.3d", $1, $2, $3}'` -AM_CFLAGS="$AM_CFLAGS $CFLAG_VISIBILITY" + @@ -23258,7 +24245,249 @@ ac_config_files="$ac_config_files Makefile" ac_config_files="$ac_config_files cyassl/version.h" -ac_config_files="$ac_config_files support/libcyassl.pc" +ac_config_files="$ac_config_files cyassl/options.h" + +ac_config_files="$ac_config_files support/cyassl.pc" + +ac_config_files="$ac_config_files rpm/spec" + + +# create a generic PACKAGE-config file +L=`echo $PACKAGE $LIBS` +P=`echo $L | sed -e 's/ -.*//'` +P=`echo $P` +V=`echo $VERSION` +F=`echo $P-config` +L=`echo -l$L | sed -e 's/^-llib/-l/'` +{ $as_echo "$as_me:${as_lineno-$LINENO}: result: creating $F - generic $V for $L" >&5 +$as_echo "creating $F - generic $V for $L" >&6; } +test "x$prefix" = xNONE && prefix="$ac_default_prefix" +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' +echo '#! /bin/sh' >$F +echo ' ' >>$F +echo 'package="'$P'"' >>$F +echo 'version="'$V'"' >>$F +echo 'libs="'$L'"' >>$F +echo ' ' >>$F +# in the order of occurence a standard automake Makefile +echo 'prefix="'$prefix'"' >>$F +echo 'exec_prefix="'$exec_prefix'"' >>$F +echo 'bindir="'$bindir'"' >>$F +echo 'sbindir="'$sbindir'"' >>$F +echo 'libexecdir="'$libexecdir'"' >>$F +echo 'datadir="'$datadir'"' >>$F +echo 'sysconfdir="'$sysconfdir'"' >>$F +echo 'sharedstatedir="'$sharedstatedir'"' >>$F +echo 'localstatedir="'$localstatedir'"' >>$F +echo 'libdir="'$libdir'"' >>$F +echo 'infodir="'$infodir'"' >>$F +echo 'mandir="'$mandir'"' >>$F +echo 'includedir="'$includedir'"' >>$F +echo 'target="'$target'"' >>$F +echo 'host="'$host'"' >>$F +echo 'build="'$build'"' >>$F +echo ' ' >>$F +echo 'if test "'"\$""#"'" -eq 0; then' >>$F +echo ' cat <>$F +echo 'Usage: $package-config OPTIONS' >>$F +echo 'Options:' >>$F +echo ' --prefix=DIR) : \$prefix' >>$F +echo ' --package) : \$package' >>$F +echo ' --version) : \$version' >>$F +echo ' --cflags) : -I\$includedir' >>$F +echo ' --libs) : -L\$libdir -l\$package' >>$F +echo ' --help) print all the options (not just these)' >>$F +echo 'EOF' >>$F +echo 'fi' >>$F +echo ' ' >>$F +echo 'o=""' >>$F +echo 'h=""' >>$F +echo 'for i in "$@"; do' >>$F +echo ' case $i in' >>$F +echo ' --prefix=*) prefix=`echo $i | sed -e "s/--prefix=//"` ;;' >>$F +echo ' --prefix) o="$o $prefix" ;;' >>$F +echo ' --package) o="$o $package" ;;' >>$F +echo ' --version) o="$o $version" ;;' >>$F +echo ' --cflags) if test "_$includedir" != "_/usr/include"' >>$F +echo ' then o="$o -I$includedir" ; fi' >>$F +echo ' ;;' >>$F +echo ' --libs) o="$o -L$libdir $libs" ;;' >>$F +echo ' --exec_prefix|--eprefix) o="$o $exec_prefix" ;;' >>$F +echo ' --bindir) o="$o $bindir" ;;' >>$F +echo ' --sbindir) o="$o $sbindir" ;;' >>$F +echo ' --libexecdir) o="$o $libexecdir" ;;' >>$F +echo ' --datadir) o="$o $datadir" ;;' >>$F +echo ' --datainc) o="$o -I$datadir" ;;' >>$F +echo ' --datalib) o="$o -L$datadir" ;;' >>$F +echo ' --sysconfdir) o="$o $sysconfdir" ;;' >>$F +echo ' --sharedstatedir) o="$o $sharedstatedir" ;;' >>$F +echo ' --localstatedir) o="$o $localstatedir" ;;' >>$F +echo ' --libdir) o="$o $libdir" ;;' >>$F +echo ' --libadd) o="$o -L$libdir" ;;' >>$F +echo ' --infodir) o="$o $infodir" ;;' >>$F +echo ' --mandir) o="$o $mandir" ;;' >>$F +echo ' --target) o="$o $target" ;;' >>$F +echo ' --host) o="$o $host" ;;' >>$F +echo ' --build) o="$o $build" ;;' >>$F +echo ' --data) o="$o -I$datadir/$package" ;;' >>$F +echo ' --pkgdatadir) o="$o $datadir/$package" ;;' >>$F +echo ' --pkgdatainc) o="$o -I$datadir/$package" ;;' >>$F +echo ' --pkgdatalib) o="$o -L$datadir/$package" ;;' >>$F +echo ' --pkglibdir) o="$o $libdir/$package" ;;' >>$F +echo ' --pkglibinc) o="$o -I$libinc/$package" ;;' >>$F +echo ' --pkglibadd) o="$o -L$libadd/$package" ;;' >>$F +echo ' --pkgincludedir) o="$o $includedir/$package" ;;' >>$F +echo ' --help) h="1" ;;' >>$F +echo ' -?//*|-?/*//*|-?./*//*|//*|/*//*|./*//*) ' >>$F +echo ' v=`echo $i | sed -e s://:\$:g`' >>$F +echo ' v=`eval "echo $v"` ' >>$F +echo ' o="$o $v" ;; ' >>$F +echo ' esac' >>$F +echo 'done' >>$F +echo ' ' >>$F +echo 'o=`eval "echo $o"`' >>$F +echo 'o=`eval "echo $o"`' >>$F +echo 'eval "echo $o"' >>$F +echo ' ' >>$F +echo 'if test ! -z "$h" ; then ' >>$F +echo 'cat <>$F +echo ' --prefix=xxx) (what is that for anyway?)' >>$F +echo ' --prefix) \$prefix $prefix' >>$F +echo ' --package) \$package $package' >>$F +echo ' --version) \$version $version' >>$F +echo ' --cflags) -I\$includedir unless it is /usr/include' >>$F +echo ' --libs) -L\$libdir -l\$PACKAGE \$LIBS' >>$F +echo ' --exec_prefix) or... ' >>$F +echo ' --eprefix) \$exec_prefix $exec_prefix' >>$F +echo ' --bindir) \$bindir $bindir' >>$F +echo ' --sbindir) \$sbindir $sbindir' >>$F +echo ' --libexecdir) \$libexecdir $libexecdir' >>$F +echo ' --datadir) \$datadir $datadir' >>$F +echo ' --sysconfdir) \$sysconfdir $sysconfdir' >>$F +echo ' --sharedstatedir) \$sharedstatedir$sharedstatedir' >>$F +echo ' --localstatedir) \$localstatedir $localstatedir' >>$F +echo ' --libdir) \$libdir $libdir' >>$F +echo ' --infodir) \$infodir $infodir' >>$F +echo ' --mandir) \$mandir $mandir' >>$F +echo ' --target) \$target $target' >>$F +echo ' --host) \$host $host' >>$F +echo ' --build) \$build $build' >>$F +echo ' --data) -I\$datadir/\$package' >>$F +echo ' --pkgdatadir) \$datadir/\$package' >>$F +echo ' --pkglibdir) \$libdir/\$package' >>$F +echo ' --pkgincludedir) \$includedir/\$package' >>$F +echo ' --help) generated by ax_create_generic_config.m4' >>$F +echo ' -I//varname and other inc-targets like --pkgdatainc supported' >>$F +echo ' -L//varname and other lib-targets, e.g. --pkgdatalib or --libadd' >>$F +echo 'EOF' >>$F +echo 'fi' >>$F +GENERIC_CONFIG="$F" + + + + + + { $as_echo "$as_me:${as_lineno-$LINENO}: checking the number of available CPUs" >&5 +$as_echo_n "checking the number of available CPUs... " >&6; } + CPU_COUNT="0" + + case $host_os in #( + + *darwin*) : + + if test -x /usr/sbin/sysctl; then : + + sysctl_a=`/usr/sbin/sysctl -a 2>/dev/null| grep -c hw.cpu` + if test sysctl_a; then : + + CPU_COUNT=`/usr/sbin/sysctl -n hw.ncpu` + +fi + +fi ;; #( + + *linux*) : + + if test "x$CPU_COUNT" = "x0" -a -e /proc/cpuinfo; then : + + if test "x$CPU_COUNT" = "x0" -a -e /proc/cpuinfo; then : + + CPU_COUNT=`$EGREP -c '^processor' /proc/cpuinfo` + +fi + +fi + ;; #( + *) : + ;; +esac + + if test "x$CPU_COUNT" = "x0"; then : + + CPU_COUNT="1" + { $as_echo "$as_me:${as_lineno-$LINENO}: result: unable to detect (assuming 1) " >&5 +$as_echo "unable to detect (assuming 1) " >&6; } + +else + + { $as_echo "$as_me:${as_lineno-$LINENO}: result: $CPU_COUNT " >&5 +$as_echo "$CPU_COUNT " >&6; } + +fi + + +AX_DOLLAR="\$" +AX_SRB="\\135" +AX_SLB="\\133" +AX_BS="\\\\" +AX_DQ="\"" + + +{ $as_echo "$as_me:${as_lineno-$LINENO}: adding automake macro support" >&5 +$as_echo "$as_me: adding automake macro support" >&6;} +AMINCLUDE="aminclude.am" + +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $AMINCLUDE" >&5 +$as_echo "$as_me: creating $AMINCLUDE" >&6;} +AMINCLUDE_TIME=`date` + + +printf " +# generated automatically by configure from AX_AUTOMAKE_MACROS +# on $AMINCLUDE_TIME + +" > "$AMINCLUDE" + + +INC_AMINCLUDE="include \$(top_builddir)/$AMINCLUDE" + + + + + + # Check whether --enable-jobserver was given. +if test "${enable_jobserver+set}" = set; then : + enableval=$enable_jobserver; +else + enable_jobserver=yes +fi + + if test "x$enable_jobserver" = "xyes"; then + enable_jobserver=$CPU_COUNT + ((enable_jobserver++)) + fi + + if test "x$enable_jobserver" != "xno"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: added jobserver support to make for $enable_jobserver jobs" >&5 +$as_echo "$as_me: added jobserver support to make for $enable_jobserver jobs" >&6;} + + + + +printf "AM_MAKEFLAGS += -j$enable_jobserver \n" >> "$AMINCLUDE" + + + fi cat >confcache <<\_ACEOF @@ -23288,12 +24517,13 @@ _ACEOF case $ac_val in #( *${as_nl}*) case $ac_var in #( - *_cv_*) { echo "$as_me:$LINENO: WARNING: Cache variable $ac_var contains a newline." >&5 -echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; + *_cv_*) { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: cache variable $ac_var contains a newline" >&5 +$as_echo "$as_me: WARNING: cache variable $ac_var contains a newline" >&2;} ;; esac case $ac_var in #( _ | IFS | as_nl) ;; #( - *) $as_unset $ac_var ;; + BASH_ARGV | BASH_SOURCE) eval $ac_var= ;; #( + *) { eval $ac_var=; unset $ac_var;} ;; esac ;; esac done @@ -23301,8 +24531,8 @@ echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; (set) 2>&1 | case $as_nl`(ac_space=' '; set) 2>&1` in #( *${as_nl}ac_space=\ *) - # `set' does not quote correctly, so add quotes (double-quote - # substitution turns \\\\ into \\, and sed turns \\ into \). + # `set' does not quote correctly, so add quotes: double-quote + # substitution turns \\\\ into \\, and sed turns \\ into \. sed -n \ "s/'/'\\\\''/g; s/^\\([_$as_cr_alnum]*_cv_[_$as_cr_alnum]*\\)=\\(.*\\)/\\1='\\2'/p" @@ -23324,13 +24554,24 @@ echo "$as_me: WARNING: Cache variable $ac_var contains a newline." >&2;} ;; :end' >>confcache if diff "$cache_file" confcache >/dev/null 2>&1; then :; else if test -w "$cache_file"; then - test "x$cache_file" != "x/dev/null" && - { echo "$as_me:$LINENO: updating cache $cache_file" >&5 -echo "$as_me: updating cache $cache_file" >&6;} - cat confcache >$cache_file + if test "x$cache_file" != "x/dev/null"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: updating cache $cache_file" >&5 +$as_echo "$as_me: updating cache $cache_file" >&6;} + if test ! -f "$cache_file" || test -h "$cache_file"; then + cat confcache >"$cache_file" + else + case $cache_file in #( + */* | ?:*) + mv -f confcache "$cache_file"$$ && + mv -f "$cache_file"$$ "$cache_file" ;; #( + *) + mv -f confcache "$cache_file" ;; + esac + fi + fi else - { echo "$as_me:$LINENO: not updating unwritable cache $cache_file" >&5 -echo "$as_me: not updating unwritable cache $cache_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: not updating unwritable cache $cache_file" >&5 +$as_echo "$as_me: not updating unwritable cache $cache_file" >&6;} fi fi rm -f confcache @@ -23343,167 +24584,251 @@ DEFS=-DHAVE_CONFIG_H ac_libobjs= ac_ltlibobjs= +U= for ac_i in : $LIBOBJS; do test "x$ac_i" = x: && continue # 1. Remove the extension, and $U if already installed. ac_script='s/\$U\././;s/\.o$//;s/\.obj$//' - ac_i=`echo "$ac_i" | sed "$ac_script"` + ac_i=`$as_echo "$ac_i" | sed "$ac_script"` # 2. Prepend LIBOBJDIR. When used with automake>=1.10 LIBOBJDIR # will be set to the directory where LIBOBJS objects are built. - ac_libobjs="$ac_libobjs \${LIBOBJDIR}$ac_i\$U.$ac_objext" - ac_ltlibobjs="$ac_ltlibobjs \${LIBOBJDIR}$ac_i"'$U.lo' + as_fn_append ac_libobjs " \${LIBOBJDIR}$ac_i\$U.$ac_objext" + as_fn_append ac_ltlibobjs " \${LIBOBJDIR}$ac_i"'$U.lo' done LIBOBJS=$ac_libobjs LTLIBOBJS=$ac_ltlibobjs +{ $as_echo "$as_me:${as_lineno-$LINENO}: checking that generated files are newer than configure" >&5 +$as_echo_n "checking that generated files are newer than configure... " >&6; } + if test -n "$am_sleep_pid"; then + # Hide warnings about reused PIDs. + wait $am_sleep_pid 2>/dev/null + fi + { $as_echo "$as_me:${as_lineno-$LINENO}: result: done" >&5 +$as_echo "done" >&6; } + if test -n "$EXEEXT"; then + am__EXEEXT_TRUE= + am__EXEEXT_FALSE='#' +else + am__EXEEXT_TRUE='#' + am__EXEEXT_FALSE= +fi + if test -z "${AMDEP_TRUE}" && test -z "${AMDEP_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"AMDEP\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"AMDEP\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"AMDEP\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCC\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"am__fastdepCC\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCXX_TRUE}" && test -z "${am__fastdepCXX_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCXX\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"am__fastdepCXX\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"am__fastdepCXX\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi + if test -z "${am__fastdepCC_TRUE}" && test -z "${am__fastdepCC_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCC\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"am__fastdepCC\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"am__fastdepCC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCXX_TRUE}" && test -z "${am__fastdepCXX_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCXX\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"am__fastdepCXX\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"am__fastdepCXX\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${am__fastdepCCAS_TRUE}" && test -z "${am__fastdepCCAS_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"am__fastdepCCAS\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"am__fastdepCCAS\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"am__fastdepCCAS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${DEBUG_TRUE}" && test -z "${DEBUG_FALSE}"; then + as_fn_error $? "conditional \"DEBUG\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${BUILD_FASTMATH_TRUE}" && test -z "${BUILD_FASTMATH_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_FASTMATH\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_FASTMATH\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } +if test -z "${BUILD_LEANPSK_TRUE}" && test -z "${BUILD_LEANPSK_FALSE}"; then + as_fn_error $? "conditional \"BUILD_LEANPSK\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_SNIFFER_TRUE}" && test -z "${BUILD_SNIFFER_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_SNIFFER\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_SNIFFER\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_SNIFFER\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_SNIFFTEST_TRUE}" && test -z "${BUILD_SNIFFTEST_FALSE}"; then + as_fn_error $? "conditional \"BUILD_SNIFFTEST\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_AESGCM_TRUE}" && test -z "${BUILD_AESGCM_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_AESGCM\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_AESGCM\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_AESGCM\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_AESCCM_TRUE}" && test -z "${BUILD_AESCCM_FALSE}"; then + as_fn_error $? "conditional \"BUILD_AESCCM\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_AESNI_TRUE}" && test -z "${BUILD_AESNI_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_AESNI\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_AESNI\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_AESNI\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_CAMELLIA_TRUE}" && test -z "${BUILD_CAMELLIA_FALSE}"; then + as_fn_error $? "conditional \"BUILD_CAMELLIA\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_MD2_TRUE}" && test -z "${BUILD_MD2_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_MD2\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_MD2\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_MD2\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_RIPEMD_TRUE}" && test -z "${BUILD_RIPEMD_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_RIPEMD\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_RIPEMD\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_RIPEMD\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_BLAKE2_TRUE}" && test -z "${BUILD_BLAKE2_FALSE}"; then + as_fn_error $? "conditional \"BUILD_BLAKE2\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_SHA512_TRUE}" && test -z "${BUILD_SHA512_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_SHA512\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_SHA512\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_SHA512\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -if test -z "${BUILD_HC128_TRUE}" && test -z "${BUILD_HC128_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_HC128\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_HC128\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } -fi -if test -z "${BUILD_NOINLINE_TRUE}" && test -z "${BUILD_NOINLINE_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_NOINLINE\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_NOINLINE\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } +if test -z "${BUILD_DSA_TRUE}" && test -z "${BUILD_DSA_FALSE}"; then + as_fn_error $? "conditional \"BUILD_DSA\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_ECC_TRUE}" && test -z "${BUILD_ECC_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_ECC\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_ECC\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_ECC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_MEMORY_TRUE}" && test -z "${BUILD_MEMORY_FALSE}"; then + as_fn_error $? "conditional \"BUILD_MEMORY\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_RSA_TRUE}" && test -z "${BUILD_RSA_FALSE}"; then + as_fn_error $? "conditional \"BUILD_RSA\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_DH_TRUE}" && test -z "${BUILD_DH_FALSE}"; then + as_fn_error $? "conditional \"BUILD_DH\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_ASN_TRUE}" && test -z "${BUILD_ASN_FALSE}"; then + as_fn_error $? "conditional \"BUILD_ASN\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_AES_TRUE}" && test -z "${BUILD_AES_FALSE}"; then + as_fn_error $? "conditional \"BUILD_AES\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_CODING_TRUE}" && test -z "${BUILD_CODING_FALSE}"; then + as_fn_error $? "conditional \"BUILD_CODING\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_DES3_TRUE}" && test -z "${BUILD_DES3_FALSE}"; then + as_fn_error $? "conditional \"BUILD_DES3\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_RC4_TRUE}" && test -z "${BUILD_RC4_FALSE}"; then + as_fn_error $? "conditional \"BUILD_RC4\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_MD5_TRUE}" && test -z "${BUILD_MD5_FALSE}"; then + as_fn_error $? "conditional \"BUILD_MD5\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_SHA_TRUE}" && test -z "${BUILD_SHA_FALSE}"; then + as_fn_error $? "conditional \"BUILD_SHA\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_MD4_TRUE}" && test -z "${BUILD_MD4_FALSE}"; then + as_fn_error $? "conditional \"BUILD_MD4\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_PWDBASED_TRUE}" && test -z "${BUILD_PWDBASED_FALSE}"; then + as_fn_error $? "conditional \"BUILD_PWDBASED\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_HC128_TRUE}" && test -z "${BUILD_HC128_FALSE}"; then + as_fn_error $? "conditional \"BUILD_HC128\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_RABBIT_TRUE}" && test -z "${BUILD_RABBIT_FALSE}"; then + as_fn_error $? "conditional \"BUILD_RABBIT\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_SHA512_TRUE}" && test -z "${BUILD_SHA512_FALSE}"; then + as_fn_error $? "conditional \"BUILD_SHA512\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_FIPS_TRUE}" && test -z "${BUILD_FIPS_FALSE}"; then + as_fn_error $? "conditional \"BUILD_FIPS\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_INLINE_TRUE}" && test -z "${BUILD_INLINE_FALSE}"; then + as_fn_error $? "conditional \"BUILD_INLINE\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_OCSP_TRUE}" && test -z "${BUILD_OCSP_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_OCSP\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_OCSP\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_OCSP\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_CRL_TRUE}" && test -z "${BUILD_CRL_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_CRL\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_CRL\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_CRL\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_CRL_MONITOR_TRUE}" && test -z "${BUILD_CRL_MONITOR_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_CRL_MONITOR\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_CRL_MONITOR\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_CRL_MONITOR\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi if test -z "${BUILD_NTRU_TRUE}" && test -z "${BUILD_NTRU_FALSE}"; then - { { echo "$as_me:$LINENO: error: conditional \"BUILD_NTRU\" was never defined. -Usually this means the macro was only invoked conditionally." >&5 -echo "$as_me: error: conditional \"BUILD_NTRU\" was never defined. -Usually this means the macro was only invoked conditionally." >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "conditional \"BUILD_NTRU\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_PKCS7_TRUE}" && test -z "${BUILD_PKCS7_FALSE}"; then + as_fn_error $? "conditional \"BUILD_PKCS7\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_PKCS7_TRUE}" && test -z "${BUILD_PKCS7_FALSE}"; then + as_fn_error $? "conditional \"BUILD_PKCS7\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${USE_VALGRIND_TRUE}" && test -z "${USE_VALGRIND_FALSE}"; then + as_fn_error $? "conditional \"USE_VALGRIND\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_ECC_TRUE}" && test -z "${BUILD_ECC_FALSE}"; then + as_fn_error $? "conditional \"BUILD_ECC\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_FASTMATH_TRUE}" && test -z "${BUILD_FASTMATH_FALSE}"; then + as_fn_error $? "conditional \"BUILD_FASTMATH\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_SLOWMATH_TRUE}" && test -z "${BUILD_SLOWMATH_FALSE}"; then + as_fn_error $? "conditional \"BUILD_SLOWMATH\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_EXAMPLES_TRUE}" && test -z "${BUILD_EXAMPLES_FALSE}"; then + as_fn_error $? "conditional \"BUILD_EXAMPLES\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_LIBZ_TRUE}" && test -z "${BUILD_LIBZ_FALSE}"; then + as_fn_error $? "conditional \"BUILD_LIBZ\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${BUILD_MCAPI_TRUE}" && test -z "${BUILD_MCAPI_FALSE}"; then + as_fn_error $? "conditional \"BUILD_MCAPI\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 +fi +if test -z "${IS_VCS_CHECKOUT_TRUE}" && test -z "${IS_VCS_CHECKOUT_FALSE}"; then + as_fn_error $? "conditional \"IS_VCS_CHECKOUT\" was never defined. +Usually this means the macro was only invoked conditionally." "$LINENO" 5 fi -: ${CONFIG_STATUS=./config.status} +: "${CONFIG_STATUS=./config.status}" +ac_write_fail=0 ac_clean_files_save=$ac_clean_files ac_clean_files="$ac_clean_files $CONFIG_STATUS" -{ echo "$as_me:$LINENO: creating $CONFIG_STATUS" >&5 -echo "$as_me: creating $CONFIG_STATUS" >&6;} -cat >$CONFIG_STATUS <<_ACEOF +{ $as_echo "$as_me:${as_lineno-$LINENO}: creating $CONFIG_STATUS" >&5 +$as_echo "$as_me: creating $CONFIG_STATUS" >&6;} +as_write_fail=0 +cat >$CONFIG_STATUS <<_ASEOF || as_write_fail=1 #! $SHELL # Generated by $as_me. # Run this file to recreate the current configuration. @@ -23513,59 +24838,79 @@ cat >$CONFIG_STATUS <<_ACEOF debug=false ac_cs_recheck=false ac_cs_silent=false -SHELL=\${CONFIG_SHELL-$SHELL} -_ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF -## --------------------- ## -## M4sh Initialization. ## -## --------------------- ## +SHELL=\${CONFIG_SHELL-$SHELL} +export SHELL +_ASEOF +cat >>$CONFIG_STATUS <<\_ASEOF || as_write_fail=1 +## -------------------- ## +## M4sh Initialization. ## +## -------------------- ## # Be more Bourne compatible DUALCASE=1; export DUALCASE # for MKS sh -if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then +if test -n "${ZSH_VERSION+set}" && (emulate sh) >/dev/null 2>&1; then : emulate sh NULLCMD=: - # Zsh 3.x and 4.x performs word splitting on ${1+"$@"}, which + # Pre-4.2 versions of Zsh do word splitting on ${1+"$@"}, which # is contrary to our usage. Disable this feature. alias -g '${1+"$@"}'='"$@"' setopt NO_GLOB_SUBST else - case `(set -o) 2>/dev/null` in - *posix*) set -o posix ;; + case `(set -o) 2>/dev/null` in #( + *posix*) : + set -o posix ;; #( + *) : + ;; esac - fi - - -# PATH needs CR -# Avoid depending upon Character Ranges. -as_cr_letters='abcdefghijklmnopqrstuvwxyz' -as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' -as_cr_Letters=$as_cr_letters$as_cr_LETTERS -as_cr_digits='0123456789' -as_cr_alnum=$as_cr_Letters$as_cr_digits - -# The user is always right. -if test "${PATH_SEPARATOR+set}" != set; then - echo "#! /bin/sh" >conf$$.sh - echo "exit 0" >>conf$$.sh - chmod +x conf$$.sh - if (PATH="/nonexistent;."; conf$$.sh) >/dev/null 2>&1; then - PATH_SEPARATOR=';' +as_nl=' +' +export as_nl +# Printing a long string crashes Solaris 7 /usr/bin/printf. +as_echo='\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\' +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo +as_echo=$as_echo$as_echo$as_echo$as_echo$as_echo$as_echo +# Prefer a ksh shell builtin over an external printf program on Solaris, +# but without wasting forks for bash or zsh. +if test -z "$BASH_VERSION$ZSH_VERSION" \ + && (test "X`print -r -- $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='print -r --' + as_echo_n='print -rn --' +elif (test "X`printf %s $as_echo`" = "X$as_echo") 2>/dev/null; then + as_echo='printf %s\n' + as_echo_n='printf %s' +else + if test "X`(/usr/ucb/echo -n -n $as_echo) 2>/dev/null`" = "X-n $as_echo"; then + as_echo_body='eval /usr/ucb/echo -n "$1$as_nl"' + as_echo_n='/usr/ucb/echo -n' else - PATH_SEPARATOR=: + as_echo_body='eval expr "X$1" : "X\\(.*\\)"' + as_echo_n_body='eval + arg=$1; + case $arg in #( + *"$as_nl"*) + expr "X$arg" : "X\\(.*\\)$as_nl"; + arg=`expr "X$arg" : ".*$as_nl\\(.*\\)"`;; + esac; + expr "X$arg" : "X\\(.*\\)" | tr -d "$as_nl" + ' + export as_echo_n_body + as_echo_n='sh -c $as_echo_n_body as_echo' fi - rm -f conf$$.sh + export as_echo_body + as_echo='sh -c $as_echo_body as_echo' fi -# Support unset when possible. -if ( (MAIL=60; unset MAIL) || exit) >/dev/null 2>&1; then - as_unset=unset -else - as_unset=false +# The user is always right. +if test "${PATH_SEPARATOR+set}" != set; then + PATH_SEPARATOR=: + (PATH='/bin;/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 && { + (PATH='/bin:/bin'; FPATH=$PATH; sh -c :) >/dev/null 2>&1 || + PATH_SEPARATOR=';' + } fi @@ -23574,20 +24919,19 @@ fi # there to prevent editors from complaining about space-tab. # (If _AS_PATH_WALK were called with IFS unset, it would disable word # splitting by setting IFS to empty value.) -as_nl=' -' IFS=" "" $as_nl" # Find who we are. Look in the path if we contain no directory separator. -case $0 in +as_myself= +case $0 in #(( *[\\/]* ) as_myself=$0 ;; *) as_save_IFS=$IFS; IFS=$PATH_SEPARATOR for as_dir in $PATH do IFS=$as_save_IFS test -z "$as_dir" && as_dir=. - test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break -done + test -r "$as_dir/$0" && as_myself=$as_dir/$0 && break + done IFS=$as_save_IFS ;; @@ -23598,32 +24942,111 @@ if test "x$as_myself" = x; then as_myself=$0 fi if test ! -f "$as_myself"; then - echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 - { (exit 1); exit 1; } + $as_echo "$as_myself: error: cannot find myself; rerun with an absolute file name" >&2 + exit 1 fi -# Work around bugs in pre-3.0 UWIN ksh. -for as_var in ENV MAIL MAILPATH -do ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var +# Unset variables that we do not need and which cause bugs (e.g. in +# pre-3.0 UWIN ksh). But do not cause bugs in bash 2.01; the "|| exit 1" +# suppresses any "Segmentation fault" message there. '((' could +# trigger a bug in pdksh 5.2.14. +for as_var in BASH_ENV ENV MAIL MAILPATH +do eval test x\${$as_var+set} = xset \ + && ( (unset $as_var) || exit 1) >/dev/null 2>&1 && unset $as_var || : done PS1='$ ' PS2='> ' PS4='+ ' # NLS nuisances. -for as_var in \ - LANG LANGUAGE LC_ADDRESS LC_ALL LC_COLLATE LC_CTYPE LC_IDENTIFICATION \ - LC_MEASUREMENT LC_MESSAGES LC_MONETARY LC_NAME LC_NUMERIC LC_PAPER \ - LC_TELEPHONE LC_TIME -do - if (set +x; test -z "`(eval $as_var=C; export $as_var) 2>&1`"); then - eval $as_var=C; export $as_var - else - ($as_unset $as_var) >/dev/null 2>&1 && $as_unset $as_var +LC_ALL=C +export LC_ALL +LANGUAGE=C +export LANGUAGE + +# CDPATH. +(unset CDPATH) >/dev/null 2>&1 && unset CDPATH + + +# as_fn_error STATUS ERROR [LINENO LOG_FD] +# ---------------------------------------- +# Output "`basename $0`: error: ERROR" to stderr. If LINENO and LOG_FD are +# provided, also output the error to LOG_FD, referencing LINENO. Then exit the +# script with STATUS, using 1 if that was 0. +as_fn_error () +{ + as_status=$1; test $as_status -eq 0 && as_status=1 + if test "$4"; then + as_lineno=${as_lineno-"$3"} as_lineno_stack=as_lineno_stack=$as_lineno_stack + $as_echo "$as_me:${as_lineno-$LINENO}: error: $2" >&$4 fi -done + $as_echo "$as_me: error: $2" >&2 + as_fn_exit $as_status +} # as_fn_error + + +# as_fn_set_status STATUS +# ----------------------- +# Set $? to STATUS, without forking. +as_fn_set_status () +{ + return $1 +} # as_fn_set_status + +# as_fn_exit STATUS +# ----------------- +# Exit the shell with STATUS, even in a "trap 0" or "set -e" context. +as_fn_exit () +{ + set +e + as_fn_set_status $1 + exit $1 +} # as_fn_exit + +# as_fn_unset VAR +# --------------- +# Portably unset VAR. +as_fn_unset () +{ + { eval $1=; unset $1;} +} +as_unset=as_fn_unset +# as_fn_append VAR VALUE +# ---------------------- +# Append the text in VALUE to the end of the definition contained in VAR. Take +# advantage of any shell optimizations that allow amortized linear growth over +# repeated appends, instead of the typical quadratic growth present in naive +# implementations. +if (eval "as_var=1; as_var+=2; test x\$as_var = x12") 2>/dev/null; then : + eval 'as_fn_append () + { + eval $1+=\$2 + }' +else + as_fn_append () + { + eval $1=\$$1\$2 + } +fi # as_fn_append + +# as_fn_arith ARG... +# ------------------ +# Perform arithmetic evaluation on the ARGs, and store the result in the +# global $as_val. Take advantage of shells that can avoid forks. The arguments +# must be portable across $(()) and expr. +if (eval "test \$(( 1 + 1 )) = 2") 2>/dev/null; then : + eval 'as_fn_arith () + { + as_val=$(( $* )) + }' +else + as_fn_arith () + { + as_val=`expr "$@" || test $? -eq 1` + } +fi # as_fn_arith + -# Required to use basename. if expr a : '\(a\)' >/dev/null 2>&1 && test "X`expr 00001 : '.*\(...\)'`" = X001; then as_expr=expr @@ -23637,13 +25060,17 @@ else as_basename=false fi +if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then + as_dirname=dirname +else + as_dirname=false +fi -# Name of the executable. as_me=`$as_basename -- "$0" || $as_expr X/"$0" : '.*/\([^/][^/]*\)/*$' \| \ X"$0" : 'X\(//\)$' \| \ X"$0" : 'X\(/\)' \| . 2>/dev/null || -echo X/"$0" | +$as_echo X/"$0" | sed '/^.*\/\([^/][^/]*\)\/*$/{ s//\1/ q @@ -23658,131 +25085,118 @@ echo X/"$0" | } s/.*/./; q'` -# CDPATH. -$as_unset CDPATH - - - - as_lineno_1=$LINENO - as_lineno_2=$LINENO - test "x$as_lineno_1" != "x$as_lineno_2" && - test "x`expr $as_lineno_1 + 1`" = "x$as_lineno_2" || { - - # Create $as_me.lineno as a copy of $as_myself, but with $LINENO - # uniformly replaced by the line number. The first 'sed' inserts a - # line-number line after each line using $LINENO; the second 'sed' - # does the real work. The second script uses 'N' to pair each - # line-number line with the line containing $LINENO, and appends - # trailing '-' during substitution so that $LINENO is not a special - # case at line end. - # (Raja R Harinath suggested sed '=', and Paul Eggert wrote the - # scripts with optimization help from Paolo Bonzini. Blame Lee - # E. McMahon (1931-1989) for sed's syntax. :-) - sed -n ' - p - /[$]LINENO/= - ' <$as_myself | - sed ' - s/[$]LINENO.*/&-/ - t lineno - b - :lineno - N - :loop - s/[$]LINENO\([^'$as_cr_alnum'_].*\n\)\(.*\)/\2\1\2/ - t loop - s/-\n.*// - ' >$as_me.lineno && - chmod +x "$as_me.lineno" || - { echo "$as_me: error: cannot create $as_me.lineno; rerun with a POSIX shell" >&2 - { (exit 1); exit 1; }; } - - # Don't try to exec as it changes $[0], causing all sort of problems - # (the dirname of $[0] is not the place where we might find the - # original and so on. Autoconf is especially sensitive to this). - . "./$as_me.lineno" - # Exit status is that of the last command. - exit -} - - -if (as_dir=`dirname -- /` && test "X$as_dir" = X/) >/dev/null 2>&1; then - as_dirname=dirname -else - as_dirname=false -fi +# Avoid depending upon Character Ranges. +as_cr_letters='abcdefghijklmnopqrstuvwxyz' +as_cr_LETTERS='ABCDEFGHIJKLMNOPQRSTUVWXYZ' +as_cr_Letters=$as_cr_letters$as_cr_LETTERS +as_cr_digits='0123456789' +as_cr_alnum=$as_cr_Letters$as_cr_digits ECHO_C= ECHO_N= ECHO_T= -case `echo -n x` in +case `echo -n x` in #((((( -n*) - case `echo 'x\c'` in + case `echo 'xy\c'` in *c*) ECHO_T=' ';; # ECHO_T is single tab character. - *) ECHO_C='\c';; + xy) ECHO_C='\c';; + *) echo `echo ksh88 bug on AIX 6.1` > /dev/null + ECHO_T=' ';; esac;; *) ECHO_N='-n';; esac -if expr a : '\(a\)' >/dev/null 2>&1 && - test "X`expr 00001 : '.*\(...\)'`" = X001; then - as_expr=expr -else - as_expr=false -fi - rm -f conf$$ conf$$.exe conf$$.file if test -d conf$$.dir; then rm -f conf$$.dir/conf$$.file else rm -f conf$$.dir - mkdir conf$$.dir -fi -echo >conf$$.file -if ln -s conf$$.file conf$$ 2>/dev/null; then - as_ln_s='ln -s' - # ... but there are two gotchas: - # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. - # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. - # In both cases, we have to default to `cp -p'. - ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || - as_ln_s='cp -p' -elif ln conf$$.file conf$$ 2>/dev/null; then - as_ln_s=ln -else - as_ln_s='cp -p' + mkdir conf$$.dir 2>/dev/null +fi +if (echo >conf$$.file) 2>/dev/null; then + if ln -s conf$$.file conf$$ 2>/dev/null; then + as_ln_s='ln -s' + # ... but there are two gotchas: + # 1) On MSYS, both `ln -s file dir' and `ln file dir' fail. + # 2) DJGPP < 2.04 has no symlinks; `ln -s' creates a wrapper executable. + # In both cases, we have to default to `cp -pR'. + ln -s conf$$.file conf$$.dir 2>/dev/null && test ! -f conf$$.exe || + as_ln_s='cp -pR' + elif ln conf$$.file conf$$ 2>/dev/null; then + as_ln_s=ln + else + as_ln_s='cp -pR' + fi +else + as_ln_s='cp -pR' fi rm -f conf$$ conf$$.exe conf$$.dir/conf$$.file conf$$.file rmdir conf$$.dir 2>/dev/null + +# as_fn_mkdir_p +# ------------- +# Create "$as_dir" as a directory, including parents if necessary. +as_fn_mkdir_p () +{ + + case $as_dir in #( + -*) as_dir=./$as_dir;; + esac + test -d "$as_dir" || eval $as_mkdir_p || { + as_dirs= + while :; do + case $as_dir in #( + *\'*) as_qdir=`$as_echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #'( + *) as_qdir=$as_dir;; + esac + as_dirs="'$as_qdir' $as_dirs" + as_dir=`$as_dirname -- "$as_dir" || +$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$as_dir" : 'X\(//\)[^/]' \| \ + X"$as_dir" : 'X\(//\)$' \| \ + X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$as_dir" | + sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ + s//\1/ + q + } + /^X\(\/\/\)[^/].*/{ + s//\1/ + q + } + /^X\(\/\/\)$/{ + s//\1/ + q + } + /^X\(\/\).*/{ + s//\1/ + q + } + s/.*/./; q'` + test -d "$as_dir" && break + done + test -z "$as_dirs" || eval "mkdir $as_dirs" + } || test -d "$as_dir" || as_fn_error $? "cannot create directory $as_dir" + + +} # as_fn_mkdir_p if mkdir -p . 2>/dev/null; then - as_mkdir_p=: + as_mkdir_p='mkdir -p "$as_dir"' else test -d ./-p && rmdir ./-p as_mkdir_p=false fi -if test -x / >/dev/null 2>&1; then - as_test_x='test -x' -else - if ls -dL / >/dev/null 2>&1; then - as_ls_L_option=L - else - as_ls_L_option= - fi - as_test_x=' - eval sh -c '\'' - if test -d "$1"; then - test -d "$1/."; - else - case $1 in - -*)set "./$1";; - esac; - case `ls -ld'$as_ls_L_option' "$1" 2>/dev/null` in - ???[sx]*):;;*)false;;esac;fi - '\'' sh - ' -fi -as_executable_p=$as_test_x + +# as_fn_executable_p FILE +# ----------------------- +# Test if FILE is an executable regular file. +as_fn_executable_p () +{ + test -f "$1" && test -x "$1" +} # as_fn_executable_p +as_test_x='test -x' +as_executable_p=as_fn_executable_p # Sed expression to map a string onto a valid CPP name. as_tr_cpp="eval sed 'y%*$as_cr_letters%P$as_cr_LETTERS%;s%[^_$as_cr_alnum]%_%g'" @@ -23792,13 +25206,19 @@ as_tr_sh="eval sed 'y%*+%pp%;s%[^_$as_cr_alnum]%_%g'" exec 6>&1 +## ----------------------------------- ## +## Main body of $CONFIG_STATUS script. ## +## ----------------------------------- ## +_ASEOF +test $as_write_fail = 0 && chmod +x $CONFIG_STATUS || ac_write_fail=1 -# Save the log message, to keep $[0] and so on meaningful, and to +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# Save the log message, to keep $0 and so on meaningful, and to # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by cyassl $as_me 2.3.0, which was -generated by GNU Autoconf 2.61. Invocation command line was +This file was extended by cyassl $as_me 3.1.0, which was +generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES CONFIG_HEADERS = $CONFIG_HEADERS @@ -23811,7 +25231,16 @@ on `(hostname || uname -n) 2>/dev/null | sed 1q` _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +case $ac_config_files in *" +"*) set x $ac_config_files; shift; ac_config_files=$*;; +esac + +case $ac_config_headers in *" +"*) set x $ac_config_headers; shift; ac_config_headers=$*;; +esac + + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # Files that config.status was made for. config_files="$ac_config_files" config_headers="$ac_config_headers" @@ -23819,22 +25248,25 @@ config_commands="$ac_config_commands" _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 ac_cs_usage="\ -\`$as_me' instantiates files from templates according to the -current configuration. +\`$as_me' instantiates files and other configuration actions +from templates according to the current configuration. Unless the files +and actions are specified as TAGs, all are instantiated by default. -Usage: $0 [OPTIONS] [FILE]... +Usage: $0 [OPTION]... [TAG]... -h, --help print this help, then exit -V, --version print version number and configuration settings, then exit - -q, --quiet do not print progress messages + --config print configuration, then exit + -q, --quiet, --silent + do not print progress messages -d, --debug don't remove temporary files --recheck update $as_me by reconfiguring in the same conditions - --file=FILE[:TEMPLATE] - instantiate the configuration file FILE - --header=FILE[:TEMPLATE] - instantiate the configuration header FILE + --file=FILE[:TEMPLATE] + instantiate the configuration file FILE + --header=FILE[:TEMPLATE] + instantiate the configuration header FILE Configuration files: $config_files @@ -23845,16 +25277,18 @@ $config_headers Configuration commands: $config_commands -Report bugs to ." +Report bugs to . +cyassl home page: ." _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -cyassl config.status 2.3.0 -configured by $0, generated by GNU Autoconf 2.61, - with options \\"`echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`\\" +cyassl config.status 3.1.0 +configured by $0, generated by GNU Autoconf 2.69, + with options \\"\$ac_cs_config\\" -Copyright (C) 2006 Free Software Foundation, Inc. +Copyright (C) 2012 Free Software Foundation, Inc. This config.status script is free software; the Free Software Foundation gives unlimited permission to copy, distribute and modify it." @@ -23862,20 +25296,26 @@ ac_pwd='$ac_pwd' srcdir='$srcdir' INSTALL='$INSTALL' MKDIR_P='$MKDIR_P' +AWK='$AWK' +test -n "\$AWK" || AWK=awk _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF -# If no file are specified by the user, then we need to provide default -# value. By we need to know if files were specified by the user. +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +# The default lists apply if the user does not specify any file. ac_need_defaults=: while test $# != 0 do case $1 in - --*=*) + --*=?*) ac_option=`expr "X$1" : 'X\([^=]*\)='` ac_optarg=`expr "X$1" : 'X[^=]*=\(.*\)'` ac_shift=: ;; + --*=) + ac_option=`expr "X$1" : 'X\([^=]*\)='` + ac_optarg= + ac_shift=: + ;; *) ac_option=$1 ac_optarg=$2 @@ -23888,34 +25328,41 @@ do -recheck | --recheck | --rechec | --reche | --rech | --rec | --re | --r) ac_cs_recheck=: ;; --version | --versio | --versi | --vers | --ver | --ve | --v | -V ) - echo "$ac_cs_version"; exit ;; + $as_echo "$ac_cs_version"; exit ;; + --config | --confi | --conf | --con | --co | --c ) + $as_echo "$ac_cs_config"; exit ;; --debug | --debu | --deb | --de | --d | -d ) debug=: ;; --file | --fil | --fi | --f ) $ac_shift - CONFIG_FILES="$CONFIG_FILES $ac_optarg" + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + '') as_fn_error $? "missing file argument" ;; + esac + as_fn_append CONFIG_FILES " '$ac_optarg'" ac_need_defaults=false;; --header | --heade | --head | --hea ) $ac_shift - CONFIG_HEADERS="$CONFIG_HEADERS $ac_optarg" + case $ac_optarg in + *\'*) ac_optarg=`$as_echo "$ac_optarg" | sed "s/'/'\\\\\\\\''/g"` ;; + esac + as_fn_append CONFIG_HEADERS " '$ac_optarg'" ac_need_defaults=false;; --he | --h) # Conflict between --help and --header - { echo "$as_me: error: ambiguous option: $1 -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; };; + as_fn_error $? "ambiguous option: \`$1' +Try \`$0 --help' for more information.";; --help | --hel | -h ) - echo "$ac_cs_usage"; exit ;; + $as_echo "$ac_cs_usage"; exit ;; -q | -quiet | --quiet | --quie | --qui | --qu | --q \ | -silent | --silent | --silen | --sile | --sil | --si | --s) ac_cs_silent=: ;; # This is an error. - -*) { echo "$as_me: error: unrecognized option: $1 -Try \`$0 --help' for more information." >&2 - { (exit 1); exit 1; }; } ;; + -*) as_fn_error $? "unrecognized option: \`$1' +Try \`$0 --help' for more information." ;; - *) ac_config_targets="$ac_config_targets $1" + *) as_fn_append ac_config_targets " $1" ac_need_defaults=false ;; esac @@ -23930,27 +25377,29 @@ if $ac_cs_silent; then fi _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 if \$ac_cs_recheck; then - echo "running CONFIG_SHELL=$SHELL $SHELL $0 "$ac_configure_args \$ac_configure_extra_args " --no-create --no-recursion" >&6 - CONFIG_SHELL=$SHELL + set X $SHELL '$0' $ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + shift + \$as_echo "running CONFIG_SHELL=$SHELL \$*" >&6 + CONFIG_SHELL='$SHELL' export CONFIG_SHELL - exec $SHELL "$0"$ac_configure_args \$ac_configure_extra_args --no-create --no-recursion + exec "\$@" fi _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 exec 5>>config.log { echo sed 'h;s/./-/g;s/^.../## /;s/...$/ ##/;p;x;p;x' <<_ASBOX ## Running $as_me. ## _ASBOX - echo "$ac_log" + $as_echo "$ac_log" } >&5 _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 # # INIT-COMMANDS # @@ -23966,15 +25415,13 @@ double_quote_subst='$double_quote_subst' delay_variable_subst='$delay_variable_subst' macro_version='`$ECHO "$macro_version" | $SED "$delay_single_quote_subst"`' macro_revision='`$ECHO "$macro_revision" | $SED "$delay_single_quote_subst"`' -AS='`$ECHO "$AS" | $SED "$delay_single_quote_subst"`' -DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' -OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' -enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' enable_static='`$ECHO "$enable_static" | $SED "$delay_single_quote_subst"`' +enable_shared='`$ECHO "$enable_shared" | $SED "$delay_single_quote_subst"`' pic_mode='`$ECHO "$pic_mode" | $SED "$delay_single_quote_subst"`' enable_fast_install='`$ECHO "$enable_fast_install" | $SED "$delay_single_quote_subst"`' SHELL='`$ECHO "$SHELL" | $SED "$delay_single_quote_subst"`' ECHO='`$ECHO "$ECHO" | $SED "$delay_single_quote_subst"`' +PATH_SEPARATOR='`$ECHO "$PATH_SEPARATOR" | $SED "$delay_single_quote_subst"`' host_alias='`$ECHO "$host_alias" | $SED "$delay_single_quote_subst"`' host='`$ECHO "$host" | $SED "$delay_single_quote_subst"`' host_os='`$ECHO "$host_os" | $SED "$delay_single_quote_subst"`' @@ -23995,12 +25442,20 @@ exeext='`$ECHO "$exeext" | $SED "$delay_single_quote_subst"`' lt_unset='`$ECHO "$lt_unset" | $SED "$delay_single_quote_subst"`' lt_SP2NL='`$ECHO "$lt_SP2NL" | $SED "$delay_single_quote_subst"`' lt_NL2SP='`$ECHO "$lt_NL2SP" | $SED "$delay_single_quote_subst"`' +lt_cv_to_host_file_cmd='`$ECHO "$lt_cv_to_host_file_cmd" | $SED "$delay_single_quote_subst"`' +lt_cv_to_tool_file_cmd='`$ECHO "$lt_cv_to_tool_file_cmd" | $SED "$delay_single_quote_subst"`' reload_flag='`$ECHO "$reload_flag" | $SED "$delay_single_quote_subst"`' reload_cmds='`$ECHO "$reload_cmds" | $SED "$delay_single_quote_subst"`' +OBJDUMP='`$ECHO "$OBJDUMP" | $SED "$delay_single_quote_subst"`' deplibs_check_method='`$ECHO "$deplibs_check_method" | $SED "$delay_single_quote_subst"`' file_magic_cmd='`$ECHO "$file_magic_cmd" | $SED "$delay_single_quote_subst"`' +file_magic_glob='`$ECHO "$file_magic_glob" | $SED "$delay_single_quote_subst"`' +want_nocaseglob='`$ECHO "$want_nocaseglob" | $SED "$delay_single_quote_subst"`' +DLLTOOL='`$ECHO "$DLLTOOL" | $SED "$delay_single_quote_subst"`' +sharedlib_from_linklib_cmd='`$ECHO "$sharedlib_from_linklib_cmd" | $SED "$delay_single_quote_subst"`' AR='`$ECHO "$AR" | $SED "$delay_single_quote_subst"`' AR_FLAGS='`$ECHO "$AR_FLAGS" | $SED "$delay_single_quote_subst"`' +archiver_list_spec='`$ECHO "$archiver_list_spec" | $SED "$delay_single_quote_subst"`' STRIP='`$ECHO "$STRIP" | $SED "$delay_single_quote_subst"`' RANLIB='`$ECHO "$RANLIB" | $SED "$delay_single_quote_subst"`' old_postinstall_cmds='`$ECHO "$old_postinstall_cmds" | $SED "$delay_single_quote_subst"`' @@ -24015,14 +25470,17 @@ lt_cv_sys_global_symbol_pipe='`$ECHO "$lt_cv_sys_global_symbol_pipe" | $SED "$de lt_cv_sys_global_symbol_to_cdecl='`$ECHO "$lt_cv_sys_global_symbol_to_cdecl" | $SED "$delay_single_quote_subst"`' lt_cv_sys_global_symbol_to_c_name_address='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address" | $SED "$delay_single_quote_subst"`' lt_cv_sys_global_symbol_to_c_name_address_lib_prefix='`$ECHO "$lt_cv_sys_global_symbol_to_c_name_address_lib_prefix" | $SED "$delay_single_quote_subst"`' +nm_file_list_spec='`$ECHO "$nm_file_list_spec" | $SED "$delay_single_quote_subst"`' +lt_sysroot='`$ECHO "$lt_sysroot" | $SED "$delay_single_quote_subst"`' objdir='`$ECHO "$objdir" | $SED "$delay_single_quote_subst"`' MAGIC_CMD='`$ECHO "$MAGIC_CMD" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_no_builtin_flag='`$ECHO "$lt_prog_compiler_no_builtin_flag" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_pic='`$ECHO "$lt_prog_compiler_pic" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_wl='`$ECHO "$lt_prog_compiler_wl" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_static='`$ECHO "$lt_prog_compiler_static" | $SED "$delay_single_quote_subst"`' lt_cv_prog_compiler_c_o='`$ECHO "$lt_cv_prog_compiler_c_o" | $SED "$delay_single_quote_subst"`' need_locks='`$ECHO "$need_locks" | $SED "$delay_single_quote_subst"`' +MANIFEST_TOOL='`$ECHO "$MANIFEST_TOOL" | $SED "$delay_single_quote_subst"`' DSYMUTIL='`$ECHO "$DSYMUTIL" | $SED "$delay_single_quote_subst"`' NMEDIT='`$ECHO "$NMEDIT" | $SED "$delay_single_quote_subst"`' LIPO='`$ECHO "$LIPO" | $SED "$delay_single_quote_subst"`' @@ -24046,7 +25504,6 @@ with_gnu_ld='`$ECHO "$with_gnu_ld" | $SED "$delay_single_quote_subst"`' allow_undefined_flag='`$ECHO "$allow_undefined_flag" | $SED "$delay_single_quote_subst"`' no_undefined_flag='`$ECHO "$no_undefined_flag" | $SED "$delay_single_quote_subst"`' hardcode_libdir_flag_spec='`$ECHO "$hardcode_libdir_flag_spec" | $SED "$delay_single_quote_subst"`' -hardcode_libdir_flag_spec_ld='`$ECHO "$hardcode_libdir_flag_spec_ld" | $SED "$delay_single_quote_subst"`' hardcode_libdir_separator='`$ECHO "$hardcode_libdir_separator" | $SED "$delay_single_quote_subst"`' hardcode_direct='`$ECHO "$hardcode_direct" | $SED "$delay_single_quote_subst"`' hardcode_direct_absolute='`$ECHO "$hardcode_direct_absolute" | $SED "$delay_single_quote_subst"`' @@ -24055,12 +25512,12 @@ hardcode_shlibpath_var='`$ECHO "$hardcode_shlibpath_var" | $SED "$delay_single_q hardcode_automatic='`$ECHO "$hardcode_automatic" | $SED "$delay_single_quote_subst"`' inherit_rpath='`$ECHO "$inherit_rpath" | $SED "$delay_single_quote_subst"`' link_all_deplibs='`$ECHO "$link_all_deplibs" | $SED "$delay_single_quote_subst"`' -fix_srcfile_path='`$ECHO "$fix_srcfile_path" | $SED "$delay_single_quote_subst"`' always_export_symbols='`$ECHO "$always_export_symbols" | $SED "$delay_single_quote_subst"`' export_symbols_cmds='`$ECHO "$export_symbols_cmds" | $SED "$delay_single_quote_subst"`' exclude_expsyms='`$ECHO "$exclude_expsyms" | $SED "$delay_single_quote_subst"`' include_expsyms='`$ECHO "$include_expsyms" | $SED "$delay_single_quote_subst"`' prelink_cmds='`$ECHO "$prelink_cmds" | $SED "$delay_single_quote_subst"`' +postlink_cmds='`$ECHO "$postlink_cmds" | $SED "$delay_single_quote_subst"`' file_list_spec='`$ECHO "$file_list_spec" | $SED "$delay_single_quote_subst"`' variables_saved_for_relink='`$ECHO "$variables_saved_for_relink" | $SED "$delay_single_quote_subst"`' need_lib_prefix='`$ECHO "$need_lib_prefix" | $SED "$delay_single_quote_subst"`' @@ -24099,8 +25556,8 @@ old_archive_cmds_CXX='`$ECHO "$old_archive_cmds_CXX" | $SED "$delay_single_quote compiler_CXX='`$ECHO "$compiler_CXX" | $SED "$delay_single_quote_subst"`' GCC_CXX='`$ECHO "$GCC_CXX" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_no_builtin_flag_CXX='`$ECHO "$lt_prog_compiler_no_builtin_flag_CXX" | $SED "$delay_single_quote_subst"`' -lt_prog_compiler_wl_CXX='`$ECHO "$lt_prog_compiler_wl_CXX" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_pic_CXX='`$ECHO "$lt_prog_compiler_pic_CXX" | $SED "$delay_single_quote_subst"`' +lt_prog_compiler_wl_CXX='`$ECHO "$lt_prog_compiler_wl_CXX" | $SED "$delay_single_quote_subst"`' lt_prog_compiler_static_CXX='`$ECHO "$lt_prog_compiler_static_CXX" | $SED "$delay_single_quote_subst"`' lt_cv_prog_compiler_c_o_CXX='`$ECHO "$lt_cv_prog_compiler_c_o_CXX" | $SED "$delay_single_quote_subst"`' archive_cmds_need_lc_CXX='`$ECHO "$archive_cmds_need_lc_CXX" | $SED "$delay_single_quote_subst"`' @@ -24118,7 +25575,6 @@ with_gnu_ld_CXX='`$ECHO "$with_gnu_ld_CXX" | $SED "$delay_single_quote_subst"`' allow_undefined_flag_CXX='`$ECHO "$allow_undefined_flag_CXX" | $SED "$delay_single_quote_subst"`' no_undefined_flag_CXX='`$ECHO "$no_undefined_flag_CXX" | $SED "$delay_single_quote_subst"`' hardcode_libdir_flag_spec_CXX='`$ECHO "$hardcode_libdir_flag_spec_CXX" | $SED "$delay_single_quote_subst"`' -hardcode_libdir_flag_spec_ld_CXX='`$ECHO "$hardcode_libdir_flag_spec_ld_CXX" | $SED "$delay_single_quote_subst"`' hardcode_libdir_separator_CXX='`$ECHO "$hardcode_libdir_separator_CXX" | $SED "$delay_single_quote_subst"`' hardcode_direct_CXX='`$ECHO "$hardcode_direct_CXX" | $SED "$delay_single_quote_subst"`' hardcode_direct_absolute_CXX='`$ECHO "$hardcode_direct_absolute_CXX" | $SED "$delay_single_quote_subst"`' @@ -24127,12 +25583,12 @@ hardcode_shlibpath_var_CXX='`$ECHO "$hardcode_shlibpath_var_CXX" | $SED "$delay_ hardcode_automatic_CXX='`$ECHO "$hardcode_automatic_CXX" | $SED "$delay_single_quote_subst"`' inherit_rpath_CXX='`$ECHO "$inherit_rpath_CXX" | $SED "$delay_single_quote_subst"`' link_all_deplibs_CXX='`$ECHO "$link_all_deplibs_CXX" | $SED "$delay_single_quote_subst"`' -fix_srcfile_path_CXX='`$ECHO "$fix_srcfile_path_CXX" | $SED "$delay_single_quote_subst"`' always_export_symbols_CXX='`$ECHO "$always_export_symbols_CXX" | $SED "$delay_single_quote_subst"`' export_symbols_cmds_CXX='`$ECHO "$export_symbols_cmds_CXX" | $SED "$delay_single_quote_subst"`' exclude_expsyms_CXX='`$ECHO "$exclude_expsyms_CXX" | $SED "$delay_single_quote_subst"`' include_expsyms_CXX='`$ECHO "$include_expsyms_CXX" | $SED "$delay_single_quote_subst"`' prelink_cmds_CXX='`$ECHO "$prelink_cmds_CXX" | $SED "$delay_single_quote_subst"`' +postlink_cmds_CXX='`$ECHO "$postlink_cmds_CXX" | $SED "$delay_single_quote_subst"`' file_list_spec_CXX='`$ECHO "$file_list_spec_CXX" | $SED "$delay_single_quote_subst"`' hardcode_action_CXX='`$ECHO "$hardcode_action_CXX" | $SED "$delay_single_quote_subst"`' compiler_lib_search_dirs_CXX='`$ECHO "$compiler_lib_search_dirs_CXX" | $SED "$delay_single_quote_subst"`' @@ -24155,11 +25611,9 @@ _LTECHO_EOF' } # Quote evaled strings. -for var in AS \ -DLLTOOL \ -OBJDUMP \ -SHELL \ +for var in SHELL \ ECHO \ +PATH_SEPARATOR \ SED \ GREP \ EGREP \ @@ -24170,10 +25624,16 @@ LN_S \ lt_SP2NL \ lt_NL2SP \ reload_flag \ +OBJDUMP \ deplibs_check_method \ file_magic_cmd \ +file_magic_glob \ +want_nocaseglob \ +DLLTOOL \ +sharedlib_from_linklib_cmd \ AR \ AR_FLAGS \ +archiver_list_spec \ STRIP \ RANLIB \ CC \ @@ -24183,12 +25643,14 @@ lt_cv_sys_global_symbol_pipe \ lt_cv_sys_global_symbol_to_cdecl \ lt_cv_sys_global_symbol_to_c_name_address \ lt_cv_sys_global_symbol_to_c_name_address_lib_prefix \ +nm_file_list_spec \ lt_prog_compiler_no_builtin_flag \ -lt_prog_compiler_wl \ lt_prog_compiler_pic \ +lt_prog_compiler_wl \ lt_prog_compiler_static \ lt_cv_prog_compiler_c_o \ need_locks \ +MANIFEST_TOOL \ DSYMUTIL \ NMEDIT \ LIPO \ @@ -24202,9 +25664,7 @@ with_gnu_ld \ allow_undefined_flag \ no_undefined_flag \ hardcode_libdir_flag_spec \ -hardcode_libdir_flag_spec_ld \ hardcode_libdir_separator \ -fix_srcfile_path \ exclude_expsyms \ include_expsyms \ file_list_spec \ @@ -24226,8 +25686,8 @@ LD_CXX \ reload_flag_CXX \ compiler_CXX \ lt_prog_compiler_no_builtin_flag_CXX \ -lt_prog_compiler_wl_CXX \ lt_prog_compiler_pic_CXX \ +lt_prog_compiler_wl_CXX \ lt_prog_compiler_static_CXX \ lt_cv_prog_compiler_c_o_CXX \ export_dynamic_flag_spec_CXX \ @@ -24237,9 +25697,7 @@ with_gnu_ld_CXX \ allow_undefined_flag_CXX \ no_undefined_flag_CXX \ hardcode_libdir_flag_spec_CXX \ -hardcode_libdir_flag_spec_ld_CXX \ hardcode_libdir_separator_CXX \ -fix_srcfile_path_CXX \ exclude_expsyms_CXX \ include_expsyms_CXX \ file_list_spec_CXX \ @@ -24273,6 +25731,7 @@ module_cmds \ module_expsym_cmds \ export_symbols_cmds \ prelink_cmds \ +postlink_cmds \ postinstall_cmds \ postuninstall_cmds \ finish_cmds \ @@ -24287,7 +25746,8 @@ archive_expsym_cmds_CXX \ module_cmds_CXX \ module_expsym_cmds_CXX \ export_symbols_cmds_CXX \ -prelink_cmds_CXX; do +prelink_cmds_CXX \ +postlink_cmds_CXX; do case \`eval \\\\\$ECHO \\\\""\\\\\$\$var"\\\\"\` in *[\\\\\\\`\\"\\\$]*) eval "lt_\$var=\\\\\\"\\\`\\\$ECHO \\"\\\$\$var\\" | \\\$SED -e \\"\\\$double_quote_subst\\" -e \\"\\\$sed_quote_subst\\" -e \\"\\\$delay_variable_subst\\"\\\`\\\\\\"" @@ -24322,7 +25782,7 @@ fi _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # Handling of arguments. for ac_config_target in $ac_config_targets @@ -24334,11 +25794,11 @@ do "stamp-h") CONFIG_FILES="$CONFIG_FILES stamp-h" ;; "Makefile") CONFIG_FILES="$CONFIG_FILES Makefile" ;; "cyassl/version.h") CONFIG_FILES="$CONFIG_FILES cyassl/version.h" ;; - "support/libcyassl.pc") CONFIG_FILES="$CONFIG_FILES support/libcyassl.pc" ;; + "cyassl/options.h") CONFIG_FILES="$CONFIG_FILES cyassl/options.h" ;; + "support/cyassl.pc") CONFIG_FILES="$CONFIG_FILES support/cyassl.pc" ;; + "rpm/spec") CONFIG_FILES="$CONFIG_FILES rpm/spec" ;; - *) { { echo "$as_me:$LINENO: error: invalid argument: $ac_config_target" >&5 -echo "$as_me: error: invalid argument: $ac_config_target" >&2;} - { (exit 1); exit 1; }; };; + *) as_fn_error $? "invalid argument: \`$ac_config_target'" "$LINENO" 5;; esac done @@ -24361,313 +25821,302 @@ fi # after its creation but before its name has been assigned to `$tmp'. $debug || { - tmp= + tmp= ac_tmp= trap 'exit_status=$? - { test -z "$tmp" || test ! -d "$tmp" || rm -fr "$tmp"; } && exit $exit_status + : "${ac_tmp:=$tmp}" + { test ! -d "$ac_tmp" || rm -fr "$ac_tmp"; } && exit $exit_status ' 0 - trap '{ (exit 1); exit 1; }' 1 2 13 15 + trap 'as_fn_exit 1' 1 2 13 15 } # Create a (secure) tmp directory for tmp files. { tmp=`(umask 077 && mktemp -d "./confXXXXXX") 2>/dev/null` && - test -n "$tmp" && test -d "$tmp" + test -d "$tmp" } || { tmp=./conf$$-$RANDOM (umask 077 && mkdir "$tmp") -} || -{ - echo "$me: cannot create a temporary directory in ." >&2 - { (exit 1); exit 1; } -} - -# -# Set up the sed scripts for CONFIG_FILES section. -# +} || as_fn_error $? "cannot create a temporary directory in ." "$LINENO" 5 +ac_tmp=$tmp -# No need to generate the scripts if there are no CONFIG_FILES. -# This happens for instance when ./config.status config.h +# Set up the scripts for CONFIG_FILES section. +# No need to generate them if there are no CONFIG_FILES. +# This happens for instance with `./config.status config.h'. if test -n "$CONFIG_FILES"; then -_ACEOF +ac_cr=`echo X | tr X '\015'` +# On cygwin, bash can eat \r inside `` if the user requested igncr. +# But we know of no other shell where ac_cr would be empty at this +# point, so we can use a bashism as a fallback. +if test "x$ac_cr" = x; then + eval ac_cr=\$\'\\r\' +fi +ac_cs_awk_cr=`$AWK 'BEGIN { print "a\rb" }' /dev/null` +if test "$ac_cs_awk_cr" = "a${ac_cr}b"; then + ac_cs_awk_cr='\\r' +else + ac_cs_awk_cr=$ac_cr +fi + +echo 'BEGIN {' >"$ac_tmp/subs1.awk" && +_ACEOF +{ + echo "cat >conf$$subs.awk <<_ACEOF" && + echo "$ac_subst_vars" | sed 's/.*/&!$&$ac_delim/' && + echo "_ACEOF" +} >conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 +ac_delim_num=`echo "$ac_subst_vars" | grep -c '^'` ac_delim='%!_!# ' for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -SHELL!$SHELL$ac_delim -PATH_SEPARATOR!$PATH_SEPARATOR$ac_delim -PACKAGE_NAME!$PACKAGE_NAME$ac_delim -PACKAGE_TARNAME!$PACKAGE_TARNAME$ac_delim -PACKAGE_VERSION!$PACKAGE_VERSION$ac_delim -PACKAGE_STRING!$PACKAGE_STRING$ac_delim -PACKAGE_BUGREPORT!$PACKAGE_BUGREPORT$ac_delim -exec_prefix!$exec_prefix$ac_delim -prefix!$prefix$ac_delim -program_transform_name!$program_transform_name$ac_delim -bindir!$bindir$ac_delim -sbindir!$sbindir$ac_delim -libexecdir!$libexecdir$ac_delim -datarootdir!$datarootdir$ac_delim -datadir!$datadir$ac_delim -sysconfdir!$sysconfdir$ac_delim -sharedstatedir!$sharedstatedir$ac_delim -localstatedir!$localstatedir$ac_delim -includedir!$includedir$ac_delim -oldincludedir!$oldincludedir$ac_delim -docdir!$docdir$ac_delim -infodir!$infodir$ac_delim -htmldir!$htmldir$ac_delim -dvidir!$dvidir$ac_delim -pdfdir!$pdfdir$ac_delim -psdir!$psdir$ac_delim -libdir!$libdir$ac_delim -localedir!$localedir$ac_delim -mandir!$mandir$ac_delim -DEFS!$DEFS$ac_delim -ECHO_C!$ECHO_C$ac_delim -ECHO_N!$ECHO_N$ac_delim -ECHO_T!$ECHO_T$ac_delim -LIBS!$LIBS$ac_delim -build_alias!$build_alias$ac_delim -host_alias!$host_alias$ac_delim -target_alias!$target_alias$ac_delim -build!$build$ac_delim -build_cpu!$build_cpu$ac_delim -build_vendor!$build_vendor$ac_delim -build_os!$build_os$ac_delim -host!$host$ac_delim -host_cpu!$host_cpu$ac_delim -host_vendor!$host_vendor$ac_delim -host_os!$host_os$ac_delim -target!$target$ac_delim -target_cpu!$target_cpu$ac_delim -target_vendor!$target_vendor$ac_delim -target_os!$target_os$ac_delim -INSTALL_PROGRAM!$INSTALL_PROGRAM$ac_delim -INSTALL_SCRIPT!$INSTALL_SCRIPT$ac_delim -INSTALL_DATA!$INSTALL_DATA$ac_delim -am__isrc!$am__isrc$ac_delim -CYGPATH_W!$CYGPATH_W$ac_delim -PACKAGE!$PACKAGE$ac_delim -VERSION!$VERSION$ac_delim -ACLOCAL!$ACLOCAL$ac_delim -AUTOCONF!$AUTOCONF$ac_delim -AUTOMAKE!$AUTOMAKE$ac_delim -AUTOHEADER!$AUTOHEADER$ac_delim -MAKEINFO!$MAKEINFO$ac_delim -install_sh!$install_sh$ac_delim -STRIP!$STRIP$ac_delim -INSTALL_STRIP_PROGRAM!$INSTALL_STRIP_PROGRAM$ac_delim -mkdir_p!$mkdir_p$ac_delim -AWK!$AWK$ac_delim -SET_MAKE!$SET_MAKE$ac_delim -am__leading_dot!$am__leading_dot$ac_delim -AMTAR!$AMTAR$ac_delim -am__tar!$am__tar$ac_delim -am__untar!$am__untar$ac_delim -CYASSL_LIBRARY_VERSION!$CYASSL_LIBRARY_VERSION$ac_delim -AS!$AS$ac_delim -DLLTOOL!$DLLTOOL$ac_delim -OBJDUMP!$OBJDUMP$ac_delim -LIBTOOL!$LIBTOOL$ac_delim -CC!$CC$ac_delim -CFLAGS!$CFLAGS$ac_delim -LDFLAGS!$LDFLAGS$ac_delim -CPPFLAGS!$CPPFLAGS$ac_delim -ac_ct_CC!$ac_ct_CC$ac_delim -EXEEXT!$EXEEXT$ac_delim -OBJEXT!$OBJEXT$ac_delim -DEPDIR!$DEPDIR$ac_delim -am__include!$am__include$ac_delim -am__quote!$am__quote$ac_delim -AMDEP_TRUE!$AMDEP_TRUE$ac_delim -AMDEP_FALSE!$AMDEP_FALSE$ac_delim -AMDEPBACKSLASH!$AMDEPBACKSLASH$ac_delim -CCDEPMODE!$CCDEPMODE$ac_delim -am__fastdepCC_TRUE!$am__fastdepCC_TRUE$ac_delim -am__fastdepCC_FALSE!$am__fastdepCC_FALSE$ac_delim -SED!$SED$ac_delim -GREP!$GREP$ac_delim -EGREP!$EGREP$ac_delim -FGREP!$FGREP$ac_delim -LD!$LD$ac_delim -_ACEOF + . ./conf$$subs.sh || + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 97; then + ac_delim_n=`sed -n "s/.*$ac_delim\$/X/p" conf$$subs.awk | grep -c X` + if test $ac_delim_n = $ac_delim_num; then break elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "could not make $CONFIG_STATUS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done +rm -f conf$$subs.sh + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +cat >>"\$ac_tmp/subs1.awk" <<\\_ACAWK && +_ACEOF +sed -n ' +h +s/^/S["/; s/!.*/"]=/ +p +g +s/^[^!]*!// +:repl +t repl +s/'"$ac_delim"'$// +t delim +:nl +h +s/\(.\{148\}\)..*/\1/ +t more1 +s/["\\]/\\&/g; s/^/"/; s/$/\\n"\\/ +p +n +b repl +:more1 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t nl +:delim +h +s/\(.\{148\}\)..*/\1/ +t more2 +s/["\\]/\\&/g; s/^/"/; s/$/"/ +p +b +:more2 +s/["\\]/\\&/g; s/^/"/; s/$/"\\/ +p +g +s/.\{148\}// +t delim +' >$CONFIG_STATUS || ac_write_fail=1 +rm -f conf$$subs.awk +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +_ACAWK +cat >>"\$ac_tmp/subs1.awk" <<_ACAWK && + for (key in S) S_is_set[key] = 1 + FS = "" + +} +{ + line = $ 0 + nfields = split(line, field, "@") + substed = 0 + len = length(field[1]) + for (i = 2; i < nfields; i++) { + key = field[i] + keylen = length(key) + if (S_is_set[key]) { + value = S[key] + line = substr(line, 1, len) "" value "" substr(line, len + keylen + 3) + len += length(value) + length(field[++i]) + substed = 1 + } else + len += 1 + keylen + } + + print line +} -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` +_ACAWK +_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +if sed "s/$ac_cr//" < /dev/null > /dev/null 2>&1; then + sed "s/$ac_cr\$//; s/$ac_cr/$ac_cs_awk_cr/g" +else + cat +fi < "$ac_tmp/subs1.awk" > "$ac_tmp/subs.awk" \ + || as_fn_error $? "could not setup config files machinery" "$LINENO" 5 +_ACEOF + +# VPATH may cause trouble with some makes, so we remove sole $(srcdir), +# ${srcdir} and @srcdir@ entries from VPATH if srcdir is ".", strip leading and +# trailing colons and then remove the whole line if VPATH becomes empty +# (actually we leave an empty line to preserve line numbers). +if test "x$srcdir" = x.; then + ac_vpsub='/^[ ]*VPATH[ ]*=[ ]*/{ +h +s/// +s/^/:/ +s/[ ]*$/:/ +s/:\$(srcdir):/:/g +s/:\${srcdir}:/:/g +s/:@srcdir@:/:/g +s/^:*// +s/:*$// +x +s/\(=[ ]*\).*/\1/ +G +s/\n// +s/^[^=]*=[ ]*$// +}' fi -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-1.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -CEOF$ac_eof +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 +fi # test -n "$CONFIG_FILES" + +# Set up the scripts for CONFIG_HEADERS section. +# No need to generate them if there are no CONFIG_HEADERS. +# This happens for instance with `./config.status Makefile'. +if test -n "$CONFIG_HEADERS"; then +cat >"$ac_tmp/defines.awk" <<\_ACAWK || +BEGIN { _ACEOF +# Transform confdefs.h into an awk script `defines.awk', embedded as +# here-document in config.status, that substitutes the proper values into +# config.h.in to produce config.h. +# Create a delimiter string that does not exist in confdefs.h, to ease +# handling of long lines. ac_delim='%!_!# ' -for ac_last_try in false false false false false :; do - cat >conf$$subs.sed <<_ACEOF -DUMPBIN!$DUMPBIN$ac_delim -ac_ct_DUMPBIN!$ac_ct_DUMPBIN$ac_delim -NM!$NM$ac_delim -LN_S!$LN_S$ac_delim -AR!$AR$ac_delim -RANLIB!$RANLIB$ac_delim -DSYMUTIL!$DSYMUTIL$ac_delim -NMEDIT!$NMEDIT$ac_delim -LIPO!$LIPO$ac_delim -OTOOL!$OTOOL$ac_delim -OTOOL64!$OTOOL64$ac_delim -CPP!$CPP$ac_delim -CXX!$CXX$ac_delim -CXXFLAGS!$CXXFLAGS$ac_delim -ac_ct_CXX!$ac_ct_CXX$ac_delim -CXXDEPMODE!$CXXDEPMODE$ac_delim -am__fastdepCXX_TRUE!$am__fastdepCXX_TRUE$ac_delim -am__fastdepCXX_FALSE!$am__fastdepCXX_FALSE$ac_delim -CXXCPP!$CXXCPP$ac_delim -CFLAG_VISIBILITY!$CFLAG_VISIBILITY$ac_delim -HAVE_VISIBILITY!$HAVE_VISIBILITY$ac_delim -LIBOBJS!$LIBOBJS$ac_delim -CCAS!$CCAS$ac_delim -CCASFLAGS!$CCASFLAGS$ac_delim -CCASDEPMODE!$CCASDEPMODE$ac_delim -am__fastdepCCAS_TRUE!$am__fastdepCCAS_TRUE$ac_delim -am__fastdepCCAS_FALSE!$am__fastdepCCAS_FALSE$ac_delim -LIBM!$LIBM$ac_delim -BUILD_FASTMATH_TRUE!$BUILD_FASTMATH_TRUE$ac_delim -BUILD_FASTMATH_FALSE!$BUILD_FASTMATH_FALSE$ac_delim -BUILD_SNIFFER_TRUE!$BUILD_SNIFFER_TRUE$ac_delim -BUILD_SNIFFER_FALSE!$BUILD_SNIFFER_FALSE$ac_delim -BUILD_AESGCM_TRUE!$BUILD_AESGCM_TRUE$ac_delim -BUILD_AESGCM_FALSE!$BUILD_AESGCM_FALSE$ac_delim -BUILD_AESNI_TRUE!$BUILD_AESNI_TRUE$ac_delim -BUILD_AESNI_FALSE!$BUILD_AESNI_FALSE$ac_delim -BUILD_MD2_TRUE!$BUILD_MD2_TRUE$ac_delim -BUILD_MD2_FALSE!$BUILD_MD2_FALSE$ac_delim -BUILD_RIPEMD_TRUE!$BUILD_RIPEMD_TRUE$ac_delim -BUILD_RIPEMD_FALSE!$BUILD_RIPEMD_FALSE$ac_delim -BUILD_SHA512_TRUE!$BUILD_SHA512_TRUE$ac_delim -BUILD_SHA512_FALSE!$BUILD_SHA512_FALSE$ac_delim -BUILD_HC128_TRUE!$BUILD_HC128_TRUE$ac_delim -BUILD_HC128_FALSE!$BUILD_HC128_FALSE$ac_delim -BUILD_NOINLINE_TRUE!$BUILD_NOINLINE_TRUE$ac_delim -BUILD_NOINLINE_FALSE!$BUILD_NOINLINE_FALSE$ac_delim -BUILD_ECC_TRUE!$BUILD_ECC_TRUE$ac_delim -BUILD_ECC_FALSE!$BUILD_ECC_FALSE$ac_delim -BUILD_OCSP_TRUE!$BUILD_OCSP_TRUE$ac_delim -BUILD_OCSP_FALSE!$BUILD_OCSP_FALSE$ac_delim -BUILD_CRL_TRUE!$BUILD_CRL_TRUE$ac_delim -BUILD_CRL_FALSE!$BUILD_CRL_FALSE$ac_delim -BUILD_CRL_MONITOR_TRUE!$BUILD_CRL_MONITOR_TRUE$ac_delim -BUILD_CRL_MONITOR_FALSE!$BUILD_CRL_MONITOR_FALSE$ac_delim -BUILD_NTRU_TRUE!$BUILD_NTRU_TRUE$ac_delim -BUILD_NTRU_FALSE!$BUILD_NTRU_FALSE$ac_delim -ax_pthread_config!$ax_pthread_config$ac_delim -PTHREAD_CC!$PTHREAD_CC$ac_delim -PTHREAD_LIBS!$PTHREAD_LIBS$ac_delim -PTHREAD_CFLAGS!$PTHREAD_CFLAGS$ac_delim -HEX_VERSION!$HEX_VERSION$ac_delim -AM_CFLAGS!$AM_CFLAGS$ac_delim -AM_LDFLAGS!$AM_LDFLAGS$ac_delim -LTLIBOBJS!$LTLIBOBJS$ac_delim -_ACEOF - - if test `sed -n "s/.*$ac_delim\$/X/p" conf$$subs.sed | grep -c X` = 64; then +for ac_last_try in false false :; do + ac_tt=`sed -n "/$ac_delim/p" confdefs.h` + if test -z "$ac_tt"; then break elif $ac_last_try; then - { { echo "$as_me:$LINENO: error: could not make $CONFIG_STATUS" >&5 -echo "$as_me: error: could not make $CONFIG_STATUS" >&2;} - { (exit 1); exit 1; }; } + as_fn_error $? "could not make $CONFIG_HEADERS" "$LINENO" 5 else ac_delim="$ac_delim!$ac_delim _$ac_delim!! " fi done -ac_eof=`sed -n '/^CEOF[0-9]*$/s/CEOF/0/p' conf$$subs.sed` -if test -n "$ac_eof"; then - ac_eof=`echo "$ac_eof" | sort -nru | sed 1q` - ac_eof=`expr $ac_eof + 1` -fi +# For the awk script, D is an array of macro values keyed by name, +# likewise P contains macro parameters if any. Preserve backslash +# newline sequences. -cat >>$CONFIG_STATUS <<_ACEOF -cat >"\$tmp/subs-2.sed" <<\CEOF$ac_eof -/@[a-zA-Z_][a-zA-Z_0-9]*@/!b end -_ACEOF -sed ' -s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g -s/^/s,@/; s/!/@,|#_!!_#|/ -:n -t n -s/'"$ac_delim"'$/,g/; t -s/$/\\/; p -N; s/^.*\n//; s/[,\\&]/\\&/g; s/@/@|#_!!_#|/g; b n -' >>$CONFIG_STATUS >$CONFIG_STATUS <<_ACEOF -:end -s/|#_!!_#|//g -CEOF$ac_eof +ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* +sed -n ' +s/.\{148\}/&'"$ac_delim"'/g +t rset +:rset +s/^[ ]*#[ ]*define[ ][ ]*/ / +t def +d +:def +s/\\$// +t bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3"/p +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2"/p +d +:bsnl +s/["\\]/\\&/g +s/^ \('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/P["\1"]="\2"\ +D["\1"]=" \3\\\\\\n"\\/p +t cont +s/^ \('"$ac_word_re"'\)[ ]*\(.*\)/D["\1"]=" \2\\\\\\n"\\/p +t cont +d +:cont +n +s/.\{148\}/&'"$ac_delim"'/g +t clear +:clear +s/\\$// +t bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/"/p +d +:bsnlc +s/["\\]/\\&/g; s/^/"/; s/$/\\\\\\n"\\/p +b cont +' >$CONFIG_STATUS || ac_write_fail=1 + +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 + for (key in D) D_is_set[key] = 1 + FS = "" +} +/^[\t ]*#[\t ]*(define|undef)[\t ]+$ac_word_re([\t (]|\$)/ { + line = \$ 0 + split(line, arg, " ") + if (arg[1] == "#") { + defundef = arg[2] + mac1 = arg[3] + } else { + defundef = substr(arg[1], 2) + mac1 = arg[2] + } + split(mac1, mac2, "(") #) + macro = mac2[1] + prefix = substr(line, 1, index(line, defundef) - 1) + if (D_is_set[macro]) { + # Preserve the white space surrounding the "#". + print prefix "define", macro P[macro] D[macro] + next + } else { + # Replace #undef with comments. This is necessary, for example, + # in the case of _POSIX_SOURCE, which is predefined and required + # on some systems where configure will not decide to define it. + if (defundef == "undef") { + print "/*", prefix defundef, macro, "*/" + next + } + } +} +{ print } +_ACAWK _ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 + as_fn_error $? "could not setup config headers machinery" "$LINENO" 5 +fi # test -n "$CONFIG_HEADERS" -# VPATH may cause trouble with some makes, so we remove $(srcdir), -# ${srcdir} and @srcdir@ from VPATH if srcdir is ".", strip leading and -# trailing colons and then remove the whole line if VPATH becomes empty -# (actually we leave an empty line to preserve line numbers). -if test "x$srcdir" = x.; then - ac_vpsub='/^[ ]*VPATH[ ]*=/{ -s/:*\$(srcdir):*/:/ -s/:*\${srcdir}:*/:/ -s/:*@srcdir@:*/:/ -s/^\([^=]*=[ ]*\):*/\1/ -s/:*$// -s/^[^=]*=[ ]*$// -}' -fi - -cat >>$CONFIG_STATUS <<\_ACEOF -fi # test -n "$CONFIG_FILES" - - -for ac_tag in :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS +eval set X " :F $CONFIG_FILES :H $CONFIG_HEADERS :C $CONFIG_COMMANDS" +shift +for ac_tag do case $ac_tag in :[FHLC]) ac_mode=$ac_tag; continue;; esac case $ac_mode$ac_tag in :[FHL]*:*);; - :L* | :C*:*) { { echo "$as_me:$LINENO: error: Invalid tag $ac_tag." >&5 -echo "$as_me: error: Invalid tag $ac_tag." >&2;} - { (exit 1); exit 1; }; };; + :L* | :C*:*) as_fn_error $? "invalid tag \`$ac_tag'" "$LINENO" 5;; :[FH]-) ac_tag=-:-;; :[FH]*) ac_tag=$ac_tag:$ac_tag.in;; esac @@ -24686,7 +26135,7 @@ echo "$as_me: error: Invalid tag $ac_tag." >&2;} for ac_f do case $ac_f in - -) ac_f="$tmp/stdin";; + -) ac_f="$ac_tmp/stdin";; *) # Look for the file first in the build tree, then in the source tree # (if the path is not absolute). The absolute path cannot be DOS-style, # because $ac_f cannot contain `:'. @@ -24695,26 +26144,34 @@ echo "$as_me: error: Invalid tag $ac_tag." >&2;} [\\/$]*) false;; *) test -f "$srcdir/$ac_f" && ac_f="$srcdir/$ac_f";; esac || - { { echo "$as_me:$LINENO: error: cannot find input file: $ac_f" >&5 -echo "$as_me: error: cannot find input file: $ac_f" >&2;} - { (exit 1); exit 1; }; };; + as_fn_error 1 "cannot find input file: \`$ac_f'" "$LINENO" 5;; esac - ac_file_inputs="$ac_file_inputs $ac_f" + case $ac_f in *\'*) ac_f=`$as_echo "$ac_f" | sed "s/'/'\\\\\\\\''/g"`;; esac + as_fn_append ac_file_inputs " '$ac_f'" done # Let's still pretend it is `configure' which instantiates (i.e., don't # use $as_me), people would be surprised to read: # /* config.h. Generated by config.status. */ - configure_input="Generated from "`IFS=: - echo $* | sed 's|^[^:]*/||;s|:[^:]*/|, |g'`" by configure." + configure_input='Generated from '` + $as_echo "$*" | sed 's|^[^:]*/||;s|:[^:]*/|, |g' + `' by configure.' if test x"$ac_file" != x-; then configure_input="$ac_file. $configure_input" - { echo "$as_me:$LINENO: creating $ac_file" >&5 -echo "$as_me: creating $ac_file" >&6;} + { $as_echo "$as_me:${as_lineno-$LINENO}: creating $ac_file" >&5 +$as_echo "$as_me: creating $ac_file" >&6;} fi + # Neutralize special characters interpreted by sed in replacement strings. + case $configure_input in #( + *\&* | *\|* | *\\* ) + ac_sed_conf_input=`$as_echo "$configure_input" | + sed 's/[\\\\&|]/\\\\&/g'`;; #( + *) ac_sed_conf_input=$configure_input;; + esac case $ac_tag in - *:-:* | *:-) cat >"$tmp/stdin";; + *:-:* | *:-) cat >"$ac_tmp/stdin" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; esac ;; esac @@ -24724,42 +26181,7 @@ $as_expr X"$ac_file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$ac_file" : 'X\(//\)[^/]' \| \ X"$ac_file" : 'X\(//\)$' \| \ X"$ac_file" : 'X\(/\)' \| . 2>/dev/null || -echo X"$ac_file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - { as_dir="$ac_dir" - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || { $as_mkdir_p && mkdir -p "$as_dir"; } || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -echo X"$as_dir" | +$as_echo X"$ac_file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -24777,20 +26199,15 @@ echo X"$as_dir" | q } s/.*/./; q'` - test -d "$as_dir" && break - done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5 -echo "$as_me: error: cannot create directory $as_dir" >&2;} - { (exit 1); exit 1; }; }; } + as_dir="$ac_dir"; as_fn_mkdir_p ac_builddir=. case "$ac_dir" in .) ac_dir_suffix= ac_top_builddir_sub=. ac_top_build_prefix= ;; *) - ac_dir_suffix=/`echo "$ac_dir" | sed 's,^\.[\\/],,'` + ac_dir_suffix=/`$as_echo "$ac_dir" | sed 's|^\.[\\/]||'` # A ".." for each directory in $ac_dir_suffix. - ac_top_builddir_sub=`echo "$ac_dir_suffix" | sed 's,/[^\\/]*,/..,g;s,/,,'` + ac_top_builddir_sub=`$as_echo "$ac_dir_suffix" | sed 's|/[^\\/]*|/..|g;s|/||'` case $ac_top_builddir_sub in "") ac_top_builddir_sub=. ac_top_build_prefix= ;; *) ac_top_build_prefix=$ac_top_builddir_sub/ ;; @@ -24835,12 +26252,12 @@ ac_abs_srcdir=$ac_abs_top_srcdir$ac_dir_suffix esac _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # If the template does not know about datarootdir, expand it. # FIXME: This hack should be removed a few years after 2.60. ac_datarootdir_hack=; ac_datarootdir_seen= - -case `sed -n '/datarootdir/ { +ac_sed_dataroot=' +/datarootdir/ { p q } @@ -24848,36 +26265,37 @@ case `sed -n '/datarootdir/ { /@docdir@/p /@infodir@/p /@localedir@/p -/@mandir@/p -' $ac_file_inputs` in +/@mandir@/p' +case `eval "sed -n \"\$ac_sed_dataroot\" $ac_file_inputs"` in *datarootdir*) ac_datarootdir_seen=yes;; *@datadir@*|*@docdir@*|*@infodir@*|*@localedir@*|*@mandir@*) - { echo "$as_me:$LINENO: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 -echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&5 +$as_echo "$as_me: WARNING: $ac_file_inputs seems to ignore the --datarootdir setting" >&2;} _ACEOF -cat >>$CONFIG_STATUS <<_ACEOF +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_datarootdir_hack=' s&@datadir@&$datadir&g s&@docdir@&$docdir&g s&@infodir@&$infodir&g s&@localedir@&$localedir&g s&@mandir@&$mandir&g - s&\\\${datarootdir}&$datarootdir&g' ;; + s&\\\${datarootdir}&$datarootdir&g' ;; esac _ACEOF # Neutralize VPATH when `$srcdir' = `.'. # Shell code in configure.ac might set extrasub. # FIXME: do we really want to maintain this feature? -cat >>$CONFIG_STATUS <<_ACEOF - sed "$ac_vpsub +cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 +ac_sed_extra="$ac_vpsub $extrasub _ACEOF -cat >>$CONFIG_STATUS <<\_ACEOF +cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 :t /@[a-zA-Z_][a-zA-Z_0-9]*@/!b -s&@configure_input@&$configure_input&;t t +s|@configure_input@|$ac_sed_conf_input|;t t s&@top_builddir@&$ac_top_builddir_sub&;t t +s&@top_build_prefix@&$ac_top_build_prefix&;t t s&@srcdir@&$ac_srcdir&;t t s&@abs_srcdir@&$ac_abs_srcdir&;t t s&@top_srcdir@&$ac_top_srcdir&;t t @@ -24888,135 +26306,66 @@ s&@abs_top_builddir@&$ac_abs_top_builddir&;t t s&@INSTALL@&$ac_INSTALL&;t t s&@MKDIR_P@&$ac_MKDIR_P&;t t $ac_datarootdir_hack -" $ac_file_inputs | sed -f "$tmp/subs-1.sed" | sed -f "$tmp/subs-2.sed" >$tmp/out +" +eval sed \"\$ac_sed_extra\" "$ac_file_inputs" | $AWK -f "$ac_tmp/subs.awk" \ + >$ac_tmp/out || as_fn_error $? "could not create $ac_file" "$LINENO" 5 test -z "$ac_datarootdir_hack$ac_datarootdir_seen" && - { ac_out=`sed -n '/\${datarootdir}/p' "$tmp/out"`; test -n "$ac_out"; } && - { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' "$tmp/out"`; test -z "$ac_out"; } && - { echo "$as_me:$LINENO: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined." >&5 -echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' -which seems to be undefined. Please make sure it is defined." >&2;} - - rm -f "$tmp/stdin" + { ac_out=`sed -n '/\${datarootdir}/p' "$ac_tmp/out"`; test -n "$ac_out"; } && + { ac_out=`sed -n '/^[ ]*datarootdir[ ]*:*=/p' \ + "$ac_tmp/out"`; test -z "$ac_out"; } && + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&5 +$as_echo "$as_me: WARNING: $ac_file contains a reference to the variable \`datarootdir' +which seems to be undefined. Please make sure it is defined" >&2;} + + rm -f "$ac_tmp/stdin" case $ac_file in - -) cat "$tmp/out"; rm -f "$tmp/out";; - *) rm -f "$ac_file"; mv "$tmp/out" $ac_file;; - esac + -) cat "$ac_tmp/out" && rm -f "$ac_tmp/out";; + *) rm -f "$ac_file" && mv "$ac_tmp/out" "$ac_file";; + esac \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 ;; :H) # # CONFIG_HEADER # -_ACEOF - -# Transform confdefs.h into a sed script `conftest.defines', that -# substitutes the proper values into config.h.in to produce config.h. -rm -f conftest.defines conftest.tail -# First, append a space to every undef/define line, to ease matching. -echo 's/$/ /' >conftest.defines -# Then, protect against being on the right side of a sed subst, or in -# an unquoted here document, in config.status. If some macros were -# called several times there might be several #defines for the same -# symbol, which is useless. But do not sort them, since the last -# AC_DEFINE must be honored. -ac_word_re=[_$as_cr_Letters][_$as_cr_alnum]* -# These sed commands are passed to sed as "A NAME B PARAMS C VALUE D", where -# NAME is the cpp macro being defined, VALUE is the value it is being given. -# PARAMS is the parameter list in the macro definition--in most cases, it's -# just an empty string. -ac_dA='s,^\\([ #]*\\)[^ ]*\\([ ]*' -ac_dB='\\)[ (].*,\\1define\\2' -ac_dC=' ' -ac_dD=' ,' - -uniq confdefs.h | - sed -n ' - t rset - :rset - s/^[ ]*#[ ]*define[ ][ ]*// - t ok - d - :ok - s/[\\&,]/\\&/g - s/^\('"$ac_word_re"'\)\(([^()]*)\)[ ]*\(.*\)/ '"$ac_dA"'\1'"$ac_dB"'\2'"${ac_dC}"'\3'"$ac_dD"'/p - s/^\('"$ac_word_re"'\)[ ]*\(.*\)/'"$ac_dA"'\1'"$ac_dB$ac_dC"'\2'"$ac_dD"'/p - ' >>conftest.defines - -# Remove the space that was appended to ease matching. -# Then replace #undef with comments. This is necessary, for -# example, in the case of _POSIX_SOURCE, which is predefined and required -# on some systems where configure will not decide to define it. -# (The regexp can be short, since the line contains either #define or #undef.) -echo 's/ $// -s,^[ #]*u.*,/* & */,' >>conftest.defines - -# Break up conftest.defines: -ac_max_sed_lines=50 - -# First sed command is: sed -f defines.sed $ac_file_inputs >"$tmp/out1" -# Second one is: sed -f defines.sed "$tmp/out1" >"$tmp/out2" -# Third one will be: sed -f defines.sed "$tmp/out2" >"$tmp/out1" -# et cetera. -ac_in='$ac_file_inputs' -ac_out='"$tmp/out1"' -ac_nxt='"$tmp/out2"' - -while : -do - # Write a here document: - cat >>$CONFIG_STATUS <<_ACEOF - # First, check the format of the line: - cat >"\$tmp/defines.sed" <<\\CEOF -/^[ ]*#[ ]*undef[ ][ ]*$ac_word_re[ ]*/b def -/^[ ]*#[ ]*define[ ][ ]*$ac_word_re[( ]/b def -b -:def -_ACEOF - sed ${ac_max_sed_lines}q conftest.defines >>$CONFIG_STATUS - echo 'CEOF - sed -f "$tmp/defines.sed"' "$ac_in >$ac_out" >>$CONFIG_STATUS - ac_in=$ac_out; ac_out=$ac_nxt; ac_nxt=$ac_in - sed 1,${ac_max_sed_lines}d conftest.defines >conftest.tail - grep . conftest.tail >/dev/null || break - rm -f conftest.defines - mv conftest.tail conftest.defines -done -rm -f conftest.defines conftest.tail - -echo "ac_result=$ac_in" >>$CONFIG_STATUS -cat >>$CONFIG_STATUS <<\_ACEOF if test x"$ac_file" != x-; then - echo "/* $configure_input */" >"$tmp/config.h" - cat "$ac_result" >>"$tmp/config.h" - if diff $ac_file "$tmp/config.h" >/dev/null 2>&1; then - { echo "$as_me:$LINENO: $ac_file is unchanged" >&5 -echo "$as_me: $ac_file is unchanged" >&6;} + { + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" + } >"$ac_tmp/config.h" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 + if diff "$ac_file" "$ac_tmp/config.h" >/dev/null 2>&1; then + { $as_echo "$as_me:${as_lineno-$LINENO}: $ac_file is unchanged" >&5 +$as_echo "$as_me: $ac_file is unchanged" >&6;} else - rm -f $ac_file - mv "$tmp/config.h" $ac_file + rm -f "$ac_file" + mv "$ac_tmp/config.h" "$ac_file" \ + || as_fn_error $? "could not create $ac_file" "$LINENO" 5 fi else - echo "/* $configure_input */" - cat "$ac_result" + $as_echo "/* $configure_input */" \ + && eval '$AWK -f "$ac_tmp/defines.awk"' "$ac_file_inputs" \ + || as_fn_error $? "could not create -" "$LINENO" 5 fi - rm -f "$tmp/out12" -# Compute $ac_file's index in $config_headers. +# Compute "$ac_file"'s index in $config_headers. +_am_arg="$ac_file" _am_stamp_count=1 for _am_header in $config_headers :; do case $_am_header in - $ac_file | $ac_file:* ) + $_am_arg | $_am_arg:* ) break ;; * ) _am_stamp_count=`expr $_am_stamp_count + 1` ;; esac done -echo "timestamp for $ac_file" >`$as_dirname -- $ac_file || -$as_expr X$ac_file : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X$ac_file : 'X\(//\)[^/]' \| \ - X$ac_file : 'X\(//\)$' \| \ - X$ac_file : 'X\(/\)' \| . 2>/dev/null || -echo X$ac_file | +echo "timestamp for $_am_arg" >`$as_dirname -- "$_am_arg" || +$as_expr X"$_am_arg" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ + X"$_am_arg" : 'X\(//\)[^/]' \| \ + X"$_am_arg" : 'X\(//\)$' \| \ + X"$_am_arg" : 'X\(/\)' \| . 2>/dev/null || +$as_echo X"$_am_arg" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -25036,30 +26385,40 @@ echo X$ac_file | s/.*/./; q'`/stamp-h$_am_stamp_count ;; - :C) { echo "$as_me:$LINENO: executing $ac_file commands" >&5 -echo "$as_me: executing $ac_file commands" >&6;} + :C) { $as_echo "$as_me:${as_lineno-$LINENO}: executing $ac_file commands" >&5 +$as_echo "$as_me: executing $ac_file commands" >&6;} ;; esac case $ac_file$ac_mode in - "depfiles":C) test x"$AMDEP_TRUE" != x"" || for mf in $CONFIG_FILES; do - # Strip MF so we end up with the name of the file. - mf=`echo "$mf" | sed -e 's/:.*$//'` - # Check whether this is an Automake generated Makefile or not. - # We used to match only the files named `Makefile.in', but - # some people rename them; so instead we look at the file content. - # Grep'ing the first line is not enough: some people post-process - # each Makefile.in and add a new line on top of each file to say so. - # Grep'ing the whole file is not good either: AIX grep has a line - # limit of 2048, but all sed's we know have understand at least 4000. - if sed 10q "$mf" | grep '^#.*generated by automake' > /dev/null 2>&1; then - dirpart=`$as_dirname -- "$mf" || + "depfiles":C) test x"$AMDEP_TRUE" != x"" || { + # Older Autoconf quotes --file arguments for eval, but not when files + # are listed without --file. Let's play safe and only enable the eval + # if we detect the quoting. + case $CONFIG_FILES in + *\'*) eval set x "$CONFIG_FILES" ;; + *) set x $CONFIG_FILES ;; + esac + shift + for mf + do + # Strip MF so we end up with the name of the file. + mf=`echo "$mf" | sed -e 's/:.*$//'` + # Check whether this is an Automake generated Makefile or not. + # We used to match only the files named 'Makefile.in', but + # some people rename them; so instead we look at the file content. + # Grep'ing the first line is not enough: some people post-process + # each Makefile.in and add a new line on top of each file to say so. + # Grep'ing the whole file is not good either: AIX grep has a line + # limit of 2048, but all sed's we know have understand at least 4000. + if sed -n 's,^#.*generated by automake.*,X,p' "$mf" | grep X >/dev/null 2>&1; then + dirpart=`$as_dirname -- "$mf" || $as_expr X"$mf" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$mf" : 'X\(//\)[^/]' \| \ X"$mf" : 'X\(//\)$' \| \ X"$mf" : 'X\(/\)' \| . 2>/dev/null || -echo X"$mf" | +$as_echo X"$mf" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -25077,68 +26436,31 @@ echo X"$mf" | q } s/.*/./; q'` - else - continue - fi - # Extract the definition of DEPDIR, am__include, and am__quote - # from the Makefile without running `make'. - DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` - test -z "$DEPDIR" && continue - am__include=`sed -n 's/^am__include = //p' < "$mf"` - test -z "am__include" && continue - am__quote=`sed -n 's/^am__quote = //p' < "$mf"` - # When using ansi2knr, U may be empty or an underscore; expand it - U=`sed -n 's/^U = //p' < "$mf"` - # Find all dependency output files, they are included files with - # $(DEPDIR) in their names. We invoke sed twice because it is the - # simplest approach to changing $(DEPDIR) to its actual value in the - # expansion. - for file in `sed -n " - s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ - sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g' -e 's/\$U/'"$U"'/g'`; do - # Make sure the directory exists. - test -f "$dirpart/$file" && continue - fdir=`$as_dirname -- "$file" || + else + continue + fi + # Extract the definition of DEPDIR, am__include, and am__quote + # from the Makefile without running 'make'. + DEPDIR=`sed -n 's/^DEPDIR = //p' < "$mf"` + test -z "$DEPDIR" && continue + am__include=`sed -n 's/^am__include = //p' < "$mf"` + test -z "$am__include" && continue + am__quote=`sed -n 's/^am__quote = //p' < "$mf"` + # Find all dependency output files, they are included files with + # $(DEPDIR) in their names. We invoke sed twice because it is the + # simplest approach to changing $(DEPDIR) to its actual value in the + # expansion. + for file in `sed -n " + s/^$am__include $am__quote\(.*(DEPDIR).*\)$am__quote"'$/\1/p' <"$mf" | \ + sed -e 's/\$(DEPDIR)/'"$DEPDIR"'/g'`; do + # Make sure the directory exists. + test -f "$dirpart/$file" && continue + fdir=`$as_dirname -- "$file" || $as_expr X"$file" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ X"$file" : 'X\(//\)[^/]' \| \ X"$file" : 'X\(//\)$' \| \ X"$file" : 'X\(/\)' \| . 2>/dev/null || -echo X"$file" | - sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ - s//\1/ - q - } - /^X\(\/\/\)[^/].*/{ - s//\1/ - q - } - /^X\(\/\/\)$/{ - s//\1/ - q - } - /^X\(\/\).*/{ - s//\1/ - q - } - s/.*/./; q'` - { as_dir=$dirpart/$fdir - case $as_dir in #( - -*) as_dir=./$as_dir;; - esac - test -d "$as_dir" || { $as_mkdir_p && mkdir -p "$as_dir"; } || { - as_dirs= - while :; do - case $as_dir in #( - *\'*) as_qdir=`echo "$as_dir" | sed "s/'/'\\\\\\\\''/g"`;; #( - *) as_qdir=$as_dir;; - esac - as_dirs="'$as_qdir' $as_dirs" - as_dir=`$as_dirname -- "$as_dir" || -$as_expr X"$as_dir" : 'X\(.*[^/]\)//*[^/][^/]*/*$' \| \ - X"$as_dir" : 'X\(//\)[^/]' \| \ - X"$as_dir" : 'X\(//\)$' \| \ - X"$as_dir" : 'X\(/\)' \| . 2>/dev/null || -echo X"$as_dir" | +$as_echo X"$file" | sed '/^X\(.*[^/]\)\/\/*[^/][^/]*\/*$/{ s//\1/ q @@ -25156,16 +26478,12 @@ echo X"$as_dir" | q } s/.*/./; q'` - test -d "$as_dir" && break + as_dir=$dirpart/$fdir; as_fn_mkdir_p + # echo "creating $dirpart/$file" + echo '# dummy' > "$dirpart/$file" done - test -z "$as_dirs" || eval "mkdir $as_dirs" - } || test -d "$as_dir" || { { echo "$as_me:$LINENO: error: cannot create directory $as_dir" >&5 -echo "$as_me: error: cannot create directory $as_dir" >&2;} - { (exit 1); exit 1; }; }; } - # echo "creating $dirpart/$file" - echo '# dummy' > "$dirpart/$file" done -done +} ;; "libtool":C) @@ -25176,8 +26494,8 @@ done fi cfgfile="${ofile}T" - trap "$RM -f \"$cfgfile\"; exit 1" 1 2 15 - $RM -f "$cfgfile" + trap "$RM \"$cfgfile\"; exit 1" 1 2 15 + $RM "$cfgfile" cat <<_LT_EOF >> "$cfgfile" #! $SHELL @@ -25188,8 +26506,8 @@ done # NOTE: Changes made to this file will be lost: look at ltmain.sh. # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, -# Inc. +# 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is part of GNU Libtool. @@ -25225,21 +26543,12 @@ available_tags="CXX " macro_version=$macro_version macro_revision=$macro_revision -# Assembler program. -AS=$lt_AS - -# DLL creation program. -DLLTOOL=$lt_DLLTOOL - -# Object dumper program. -OBJDUMP=$lt_OBJDUMP +# Whether or not to build static libraries. +build_old_libs=$enable_static # Whether or not to build shared libraries. build_libtool_libs=$enable_shared -# Whether or not to build static libraries. -build_old_libs=$enable_static - # What type of objects to build. pic_mode=$pic_mode @@ -25252,6 +26561,9 @@ SHELL=$lt_SHELL # An echo program that protects backslashes. ECHO=$lt_ECHO +# The PATH separator for the build system. +PATH_SEPARATOR=$lt_PATH_SEPARATOR + # The host system. host_alias=$host_alias host=$host @@ -25301,16 +26613,42 @@ SP2NL=$lt_lt_SP2NL # turn newlines into spaces. NL2SP=$lt_lt_NL2SP +# convert \$build file names to \$host format. +to_host_file_cmd=$lt_cv_to_host_file_cmd + +# convert \$build files to toolchain format. +to_tool_file_cmd=$lt_cv_to_tool_file_cmd + +# An object symbol dumper. +OBJDUMP=$lt_OBJDUMP + # Method to check whether dependent libraries are shared objects. deplibs_check_method=$lt_deplibs_check_method -# Command to use when deplibs_check_method == "file_magic". +# Command to use when deplibs_check_method = "file_magic". file_magic_cmd=$lt_file_magic_cmd +# How to find potential files when deplibs_check_method = "file_magic". +file_magic_glob=$lt_file_magic_glob + +# Find potential files using nocaseglob when deplibs_check_method = "file_magic". +want_nocaseglob=$lt_want_nocaseglob + +# DLL creation program. +DLLTOOL=$lt_DLLTOOL + +# Command to associate shared and link libraries. +sharedlib_from_linklib_cmd=$lt_sharedlib_from_linklib_cmd + # The archiver. AR=$lt_AR + +# Flags to create an archive. AR_FLAGS=$lt_AR_FLAGS +# How to feed a file listing to the archiver. +archiver_list_spec=$lt_archiver_list_spec + # A symbol stripping program. STRIP=$lt_STRIP @@ -25340,6 +26678,12 @@ global_symbol_to_c_name_address=$lt_lt_cv_sys_global_symbol_to_c_name_address # Transform the output of nm in a C name address pair when lib prefix is needed. global_symbol_to_c_name_address_lib_prefix=$lt_lt_cv_sys_global_symbol_to_c_name_address_lib_prefix +# Specify filename containing input files for \$NM. +nm_file_list_spec=$lt_nm_file_list_spec + +# The root where to search for dependent libraries,and in which our libraries should be installed. +lt_sysroot=$lt_sysroot + # The name of the directory that contains temporary libtool files. objdir=$objdir @@ -25349,6 +26693,9 @@ MAGIC_CMD=$MAGIC_CMD # Must we lock files when doing compilation? need_locks=$lt_need_locks +# Manifest tool. +MANIFEST_TOOL=$lt_MANIFEST_TOOL + # Tool to manipulate archived DWARF debug symbol files on Mac OS X. DSYMUTIL=$lt_DSYMUTIL @@ -25463,12 +26810,12 @@ with_gcc=$GCC # Compiler flag to turn off builtin functions. no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl - # Additional compiler flags for building library objects. pic_flag=$lt_lt_prog_compiler_pic +# How to pass a linker flag through the compiler. +wl=$lt_lt_prog_compiler_wl + # Compiler flag to prevent dynamic linking. link_static_flag=$lt_lt_prog_compiler_static @@ -25518,10 +26865,6 @@ no_undefined_flag=$lt_no_undefined_flag # This must work even if \$libdir does not exist hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec -# If ld is used when linking, flag to hardcode \$libdir into a binary -# during linking. This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld - # Whether we need a single "-rpath" flag with a separated argument. hardcode_libdir_separator=$lt_hardcode_libdir_separator @@ -25555,9 +26898,6 @@ inherit_rpath=$inherit_rpath # Whether libtool must link a program against all its dependency libraries. link_all_deplibs=$link_all_deplibs -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path=$lt_fix_srcfile_path - # Set to "yes" if exported symbols are required. always_export_symbols=$always_export_symbols @@ -25573,6 +26913,9 @@ include_expsyms=$lt_include_expsyms # Commands necessary for linking programs (against libraries) with templates. prelink_cmds=$lt_prelink_cmds +# Commands necessary for finishing linking programs. +postlink_cmds=$lt_postlink_cmds + # Specify filename containing input files. file_list_spec=$lt_file_list_spec @@ -25619,210 +26962,169 @@ ltmain="$ac_aux_dir/ltmain.sh" # if finds mixed CR/LF and LF-only lines. Since sed operates in # text mode, it properly converts lines to CR/LF. This bash problem # is reportedly fixed, but why not run on old versions too? - sed '/^# Generated shell functions inserted here/q' "$ltmain" >> "$cfgfile" \ - || (rm -f "$cfgfile"; exit 1) - - case $xsi_shell in - yes) - cat << \_LT_EOF >> "$cfgfile" - -# func_dirname file append nondir_replacement -# Compute the dirname of FILE. If nonempty, add APPEND to the result, -# otherwise set result to NONDIR_REPLACEMENT. -func_dirname () -{ - case ${1} in - */*) func_dirname_result="${1%/*}${2}" ;; - * ) func_dirname_result="${3}" ;; - esac -} - -# func_basename file -func_basename () -{ - func_basename_result="${1##*/}" -} - -# func_dirname_and_basename file append nondir_replacement -# perform func_basename and func_dirname in a single function -# call: -# dirname: Compute the dirname of FILE. If nonempty, -# add APPEND to the result, otherwise set result -# to NONDIR_REPLACEMENT. -# value returned in "$func_dirname_result" -# basename: Compute filename of FILE. -# value retuned in "$func_basename_result" -# Implementation must be kept synchronized with func_dirname -# and func_basename. For efficiency, we do not delegate to -# those functions but instead duplicate the functionality here. -func_dirname_and_basename () -{ - case ${1} in - */*) func_dirname_result="${1%/*}${2}" ;; - * ) func_dirname_result="${3}" ;; - esac - func_basename_result="${1##*/}" -} - -# func_stripname prefix suffix name -# strip PREFIX and SUFFIX off of NAME. -# PREFIX and SUFFIX must not contain globbing or regex special -# characters, hashes, percent signs, but SUFFIX may contain a leading -# dot (in which case that matches only a dot). -func_stripname () -{ - # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are - # positional parameters, so assign one to ordinary parameter first. - func_stripname_result=${3} - func_stripname_result=${func_stripname_result#"${1}"} - func_stripname_result=${func_stripname_result%"${2}"} -} - -# func_opt_split -func_opt_split () -{ - func_opt_split_opt=${1%%=*} - func_opt_split_arg=${1#*=} -} - -# func_lo2o object -func_lo2o () -{ - case ${1} in - *.lo) func_lo2o_result=${1%.lo}.${objext} ;; - *) func_lo2o_result=${1} ;; - esac -} - -# func_xform libobj-or-source -func_xform () -{ - func_xform_result=${1%.*}.lo -} - -# func_arith arithmetic-term... -func_arith () -{ - func_arith_result=$(( $* )) -} - -# func_len string -# STRING may not start with a hyphen. -func_len () -{ - func_len_result=${#1} -} - -_LT_EOF - ;; - *) # Bourne compatible functions. - cat << \_LT_EOF >> "$cfgfile" - -# func_dirname file append nondir_replacement -# Compute the dirname of FILE. If nonempty, add APPEND to the result, -# otherwise set result to NONDIR_REPLACEMENT. -func_dirname () -{ - # Extract subdirectory from the argument. - func_dirname_result=`$ECHO "${1}" | $SED "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi -} - -# func_basename file -func_basename () -{ - func_basename_result=`$ECHO "${1}" | $SED "$basename"` -} - - -# func_stripname prefix suffix name -# strip PREFIX and SUFFIX off of NAME. -# PREFIX and SUFFIX must not contain globbing or regex special -# characters, hashes, percent signs, but SUFFIX may contain a leading -# dot (in which case that matches only a dot). -# func_strip_suffix prefix name -func_stripname () -{ - case ${2} in - .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; - *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; - esac -} - -# sed scripts: -my_sed_long_opt='1s/^\(-[^=]*\)=.*/\1/;q' -my_sed_long_arg='1s/^-[^=]*=//' - -# func_opt_split -func_opt_split () -{ - func_opt_split_opt=`$ECHO "${1}" | $SED "$my_sed_long_opt"` - func_opt_split_arg=`$ECHO "${1}" | $SED "$my_sed_long_arg"` -} - -# func_lo2o object -func_lo2o () -{ - func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"` -} - -# func_xform libobj-or-source -func_xform () -{ - func_xform_result=`$ECHO "${1}" | $SED 's/\.[^.]*$/.lo/'` -} - -# func_arith arithmetic-term... -func_arith () -{ - func_arith_result=`expr "$@"` -} - -# func_len string -# STRING may not start with a hyphen. -func_len () -{ - func_len_result=`expr "$1" : ".*" 2>/dev/null || echo $max_cmd_len` -} - -_LT_EOF -esac - -case $lt_shell_append in - yes) - cat << \_LT_EOF >> "$cfgfile" - -# func_append var value -# Append VALUE to the end of shell variable VAR. -func_append () -{ - eval "$1+=\$2" -} -_LT_EOF - ;; - *) - cat << \_LT_EOF >> "$cfgfile" - -# func_append var value -# Append VALUE to the end of shell variable VAR. -func_append () -{ - eval "$1=\$$1\$2" -} - -_LT_EOF - ;; - esac - - - sed -n '/^# Generated shell functions inserted here/,$p' "$ltmain" >> "$cfgfile" \ - || (rm -f "$cfgfile"; exit 1) - - mv -f "$cfgfile" "$ofile" || + sed '$q' "$ltmain" >> "$cfgfile" \ + || (rm -f "$cfgfile"; exit 1) + + if test x"$xsi_shell" = xyes; then + sed -e '/^func_dirname ()$/,/^} # func_dirname /c\ +func_dirname ()\ +{\ +\ case ${1} in\ +\ */*) func_dirname_result="${1%/*}${2}" ;;\ +\ * ) func_dirname_result="${3}" ;;\ +\ esac\ +} # Extended-shell func_dirname implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_basename ()$/,/^} # func_basename /c\ +func_basename ()\ +{\ +\ func_basename_result="${1##*/}"\ +} # Extended-shell func_basename implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_dirname_and_basename ()$/,/^} # func_dirname_and_basename /c\ +func_dirname_and_basename ()\ +{\ +\ case ${1} in\ +\ */*) func_dirname_result="${1%/*}${2}" ;;\ +\ * ) func_dirname_result="${3}" ;;\ +\ esac\ +\ func_basename_result="${1##*/}"\ +} # Extended-shell func_dirname_and_basename implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_stripname ()$/,/^} # func_stripname /c\ +func_stripname ()\ +{\ +\ # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are\ +\ # positional parameters, so assign one to ordinary parameter first.\ +\ func_stripname_result=${3}\ +\ func_stripname_result=${func_stripname_result#"${1}"}\ +\ func_stripname_result=${func_stripname_result%"${2}"}\ +} # Extended-shell func_stripname implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_split_long_opt ()$/,/^} # func_split_long_opt /c\ +func_split_long_opt ()\ +{\ +\ func_split_long_opt_name=${1%%=*}\ +\ func_split_long_opt_arg=${1#*=}\ +} # Extended-shell func_split_long_opt implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_split_short_opt ()$/,/^} # func_split_short_opt /c\ +func_split_short_opt ()\ +{\ +\ func_split_short_opt_arg=${1#??}\ +\ func_split_short_opt_name=${1%"$func_split_short_opt_arg"}\ +} # Extended-shell func_split_short_opt implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_lo2o ()$/,/^} # func_lo2o /c\ +func_lo2o ()\ +{\ +\ case ${1} in\ +\ *.lo) func_lo2o_result=${1%.lo}.${objext} ;;\ +\ *) func_lo2o_result=${1} ;;\ +\ esac\ +} # Extended-shell func_lo2o implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_xform ()$/,/^} # func_xform /c\ +func_xform ()\ +{\ + func_xform_result=${1%.*}.lo\ +} # Extended-shell func_xform implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_arith ()$/,/^} # func_arith /c\ +func_arith ()\ +{\ + func_arith_result=$(( $* ))\ +} # Extended-shell func_arith implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_len ()$/,/^} # func_len /c\ +func_len ()\ +{\ + func_len_result=${#1}\ +} # Extended-shell func_len implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + +fi + +if test x"$lt_shell_append" = xyes; then + sed -e '/^func_append ()$/,/^} # func_append /c\ +func_append ()\ +{\ + eval "${1}+=\\${2}"\ +} # Extended-shell func_append implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + sed -e '/^func_append_quoted ()$/,/^} # func_append_quoted /c\ +func_append_quoted ()\ +{\ +\ func_quote_for_eval "${2}"\ +\ eval "${1}+=\\\\ \\$func_quote_for_eval_result"\ +} # Extended-shell func_append_quoted implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: + + + # Save a `func_append' function call where possible by direct use of '+=' + sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +else + # Save a `func_append' function call even when '+=' is not available + sed -e 's%func_append \([a-zA-Z_]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +fi + +if test x"$_lt_function_replace_fail" = x":"; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: Unable to substitute extended shell functions in $ofile" >&5 +$as_echo "$as_me: WARNING: Unable to substitute extended shell functions in $ofile" >&2;} +fi + + + mv -f "$cfgfile" "$ofile" || (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") chmod +x "$ofile" @@ -25850,12 +27152,12 @@ with_gcc=$GCC_CXX # Compiler flag to turn off builtin functions. no_builtin_flag=$lt_lt_prog_compiler_no_builtin_flag_CXX -# How to pass a linker flag through the compiler. -wl=$lt_lt_prog_compiler_wl_CXX - # Additional compiler flags for building library objects. pic_flag=$lt_lt_prog_compiler_pic_CXX +# How to pass a linker flag through the compiler. +wl=$lt_lt_prog_compiler_wl_CXX + # Compiler flag to prevent dynamic linking. link_static_flag=$lt_lt_prog_compiler_static_CXX @@ -25905,10 +27207,6 @@ no_undefined_flag=$lt_no_undefined_flag_CXX # This must work even if \$libdir does not exist hardcode_libdir_flag_spec=$lt_hardcode_libdir_flag_spec_CXX -# If ld is used when linking, flag to hardcode \$libdir into a binary -# during linking. This must work even if \$libdir does not exist. -hardcode_libdir_flag_spec_ld=$lt_hardcode_libdir_flag_spec_ld_CXX - # Whether we need a single "-rpath" flag with a separated argument. hardcode_libdir_separator=$lt_hardcode_libdir_separator_CXX @@ -25942,9 +27240,6 @@ inherit_rpath=$inherit_rpath_CXX # Whether libtool must link a program against all its dependency libraries. link_all_deplibs=$link_all_deplibs_CXX -# Fix the shell variable \$srcfile for the compiler. -fix_srcfile_path=$lt_fix_srcfile_path_CXX - # Set to "yes" if exported symbols are required. always_export_symbols=$always_export_symbols_CXX @@ -25960,6 +27255,9 @@ include_expsyms=$lt_include_expsyms_CXX # Commands necessary for linking programs (against libraries) with templates. prelink_cmds=$lt_prelink_cmds_CXX +# Commands necessary for finishing linking programs. +postlink_cmds=$lt_postlink_cmds_CXX + # Specify filename containing input files. file_list_spec=$lt_file_list_spec_CXX @@ -25990,11 +27288,13 @@ _LT_EOF done # for ac_tag -{ (exit 0); exit 0; } +as_fn_exit 0 _ACEOF -chmod +x $CONFIG_STATUS ac_clean_files=$ac_clean_files_save +test $ac_write_fail = 0 || + as_fn_error $? "write failure creating $CONFIG_STATUS" "$LINENO" 5 + # configure is writing to config.log, and then calls config.status. # config.status does its own redirection, appending to config.log. @@ -26014,7 +27314,150 @@ if test "$no_create" != yes; then exec 5>>config.log # Use ||, not &&, to avoid exiting from the if with $? = 1, which # would make configure fail if this is the last instruction. - $ac_cs_success || { (exit 1); exit 1; } -fi + $ac_cs_success || as_fn_exit 1 +fi +if test -n "$ac_unrecognized_opts" && test "$enable_option_checking" != no; then + { $as_echo "$as_me:${as_lineno-$LINENO}: WARNING: unrecognized options: $ac_unrecognized_opts" >&5 +$as_echo "$as_me: WARNING: unrecognized options: $ac_unrecognized_opts" >&2;} +fi + + + +# force make clean +echo "---" +echo "Running make clean..." +make clean >/dev/null 2>&1 +# Touch files that may not be in repository +echo "Touching File..." +touch ctaocrypt/src/fips.c +touch ctaocrypt/src/fips_test.c +echo + +# generate user options header +echo "---" +echo "Generating user options header..." +OPTION_FILE="cyassl/options.h" +rm -f $OPTION_FILE + +echo "/* cyassl options.h" > $OPTION_FILE +echo " * generated from configure options" >> $OPTION_FILE +echo " *" >> $OPTION_FILE +echo " * Copyright (C) 2006-2014 wolfSSL Inc." >> $OPTION_FILE +echo " *" >> $OPTION_FILE +echo " * This file is part of CyaSSL." >> $OPTION_FILE +echo " *" >> $OPTION_FILE +echo " */" >> $OPTION_FILE + +echo "" >> $OPTION_FILE +echo "#pragma once" >> $OPTION_FILE +echo "" >> $OPTION_FILE +echo "#ifdef __cplusplus" >> $OPTION_FILE +echo "extern \"C\" {" >> $OPTION_FILE +echo "#endif" >> $OPTION_FILE +echo "" >> $OPTION_FILE + +for option in $OPTION_FLAGS; do + defonly=`echo $option | sed 's/-D//'` + if test "$defonly" != "$option" + then + noequalsign=`echo $defonly | sed 's/=/ /'` + echo "#undef $noequalsign" >> $OPTION_FILE + echo "#define $noequalsign" >> $OPTION_FILE + echo "" >> $OPTION_FILE + else + echo "option w/o begin -D is $option, not saving to $OPTION_FILE" + fi +done +echo "" >> $OPTION_FILE +echo "#ifdef __cplusplus" >> $OPTION_FILE +echo "}" >> $OPTION_FILE +echo "#endif" >> $OPTION_FILE +echo "" >> $OPTION_FILE +echo + +# output config summary +echo "---" +echo "Configuration summary for $PACKAGE_NAME version $VERSION" +echo "" +echo " * Installation prefix: $prefix" +echo " * System type: $host_vendor-$host_os" +echo " * Host CPU: $host_cpu" +echo " * C Compiler: $CC" +echo " * C Flags: $CFLAGS" +echo " * C++ Compiler: $CXX" +echo " * C++ Flags: $CXXFLAGS" +echo " * CPP Flags: $CPPFLAGS" +echo " * LIB Flags: $LIB" +echo " * Debug enabled: $ax_enable_debug" +echo " * Warnings as failure: $ac_cv_warnings_as_errors" +echo " * make -j: $enable_jobserver" +echo " * VCS checkout: $ac_cv_vcs_checkout" +echo +echo " Features " +echo " * Single threaded: $ENABLED_SINGLETHREADED" +echo " * Filesystem: $ENABLED_FILESYSTEM" +echo " * OpenSSL Extra API: $ENABLED_OPENSSLEXTRA" +echo " * fastmath: $ENABLED_FASTMATH" +echo " * sniffer: $ENABLED_SNIFFER" +echo " * snifftest: $ENABLED_SNIFFTEST" +echo " * ARC4: $ENABLED_ARC4" +echo " * AES: $ENABLED_AES" +echo " * AES-NI: $ENABLED_AESNI" +echo " * AES-GCM: $ENABLED_AESGCM" +echo " * AES-CCM: $ENABLED_AESCCM" +echo " * DES3: $ENABLED_DES3" +echo " * Camellia: $ENABLED_CAMELLIA" +echo " * NULL Cipher: $ENABLED_NULL_CIPHER" +echo " * MD5: $ENABLED_MD5" +echo " * RIPEMD: $ENABLED_RIPEMD" +echo " * SHA: $ENABLED_SHA" +echo " * SHA-512: $ENABLED_SHA512" +echo " * BLAKE2: $ENABLED_BLAKE2" +echo " * keygen: $ENABLED_KEYGEN" +echo " * certgen: $ENABLED_CERTGEN" +echo " * certreq: $ENABLED_CERTREQ" +echo " * HC-128: $ENABLED_HC128" +echo " * RABBIT: $ENABLED_RABBIT" +echo " * Hash DRBG: $ENABLED_HASHDRBG" +echo " * PWDBASED: $ENABLED_PWDBASED" +echo " * HKDF: $ENABLED_HKDF" +echo " * MD4: $ENABLED_MD4" +echo " * PSK: $ENABLED_PSK" +echo " * LEANPSK: $ENABLED_LEANPSK" +echo " * RSA: $ENABLED_RSA" +echo " * DSA: $ENABLED_DSA" +echo " * DH: $ENABLED_DH" +echo " * ECC: $ENABLED_ECC" +echo " * FPECC: $ENABLED_FPECC" +echo " * ECC_ENCRYPT: $ENABLED_ECC_ENCRYPT" +echo " * ASN: $ENABLED_ASN" +echo " * CODING: $ENABLED_CODING" +echo " * MEMORY: $ENABLED_MEMORY" +echo " * I/O POOL: $ENABLED_IOPOOL" +echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS" +echo " * DTLS: $ENABLED_DTLS" +echo " * Old TLS Versions: $ENABLED_OLD_TLS" +echo " * OCSP: $ENABLED_OCSP" +echo " * CRL: $ENABLED_CRL" +echo " * CRL-MONITOR: $ENABLED_CRL_MONITOR" +echo " * Persistent session cache: $ENABLED_SAVESESSION" +echo " * Persistent cert cache: $ENABLED_SAVECERT" +echo " * Atomic User Record Layer: $ENABLED_ATOMICUSER" +echo " * Public Key Callbacks: $ENABLED_PKCALLBACKS" +echo " * NTRU: $ENABLED_NTRU" +echo " * SNI: $ENABLED_SNI" +echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT" +echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC" +echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION" +echo " * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES" +echo " * All TLS Extensions: $ENABLED_TLSX" +echo " * PKCS#7 $ENABLED_PKCS7" +echo " * wolfSCEP $ENABLED_WOLFSCEP" +echo " * Small Stack: $ENABLED_SMALL_STACK" +echo " * valgrind unit tests: $ENABLED_VALGRIND" +echo " * LIBZ: $ENABLED_LIBZ" +echo " * Examples: $ENABLED_EXAMPLES" +echo "" +echo "---" diff --git a/FreeRTOS-Plus/Source/CyaSSL/configure.ac b/FreeRTOS-Plus/Source/CyaSSL/configure.ac index 88a368dec..7b36bbcf6 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/configure.ac +++ b/FreeRTOS-Plus/Source/CyaSSL/configure.ac @@ -1,31 +1,37 @@ # configure.ac # -# Copyright (C) 2006-2012 Sawtooth Consulting Ltd. +# Copyright (C) 2006-2014 wolfSSL Inc. # # This file is part of CyaSSL. # # -AC_INIT([cyassl],[2.3.0],[http://www.yassl.com]) +AC_INIT([cyassl],[3.1.0],[https://github.com/cyassl/cyassl/issues],[cyassl],[http://www.wolfssl.com]) -AC_CONFIG_AUX_DIR(config) - -AC_CANONICAL_TARGET - -AM_INIT_AUTOMAKE(-Wall -Werror -Wno-portability foreign tar-ustar subdir-objects) +AC_CONFIG_AUX_DIR([build-aux]) AC_CANONICAL_HOST AC_CANONICAL_BUILD -AC_PREREQ([2.61]) +AM_INIT_AUTOMAKE([1.11 -Wall -Werror -Wno-portability foreign tar-ustar subdir-objects no-define color-tests]) +AC_PREREQ([2.63]) -AC_CONFIG_MACRO_DIR(m4) +AC_ARG_PROGRAM +AC_DEFUN([PROTECT_AC_USE_SYSTEM_EXTENSIONS], + [AX_SAVE_FLAGS + AC_LANG_PUSH([C]) + AC_USE_SYSTEM_EXTENSIONS + AC_LANG_POP([C]) + AX_RESTORE_FLAGS + ]) +#PROTECT_AC_USE_SYSTEM_EXTENSIONS -AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS. +AC_CONFIG_MACRO_DIR([m4]) +AC_CONFIG_HEADERS([config.h:config.in])dnl Keep filename to 8.3 for MS-DOS. #shared library versioning -CYASSL_LIBRARY_VERSION=3:1:0 +CYASSL_LIBRARY_VERSION=5:6:0 # | | | # +------+ | +---+ # | | | @@ -37,19 +43,27 @@ CYASSL_LIBRARY_VERSION=3:1:0 # | +- increment if source code has changed # | set to zero if current is incremented # +- increment if interfaces have been added, removed or changed -AC_SUBST(CYASSL_LIBRARY_VERSION) +AC_SUBST([CYASSL_LIBRARY_VERSION]) -# Make sure configure doesn't add to CFLAGS -CFLAGS="$CFLAGS $C_EXTRA_FLAGS" +# capture user C_EXTRA_FLAGS from ./configure line, CFLAGS may hold -g -O2 even +# if user doesn't override, no way to tell +USER_C_EXTRA_FLAGS="$C_EXTRA_FLAGS" -LT_INIT([win32-dll]) +LT_PREREQ([2.2]) +LT_INIT([disable-static],[win32-dll]) LT_LANG([C++]) LT_LANG([C]) + gl_VISIBILITY +AS_IF([ test -n "$CFLAG_VISIBILITY" ], [ + AM_CPPFLAGS="$AM_CPPFLAGS $CFLAG_VISIBILITY" + CPPFLAGS="$CPPFLAGS $CFLAG_VISIBILITY" + ]) m4_ifdef([AM_SILENT_RULES],[AM_SILENT_RULES([yes])]) AC_CHECK_FUNCS([gethostbyname]) +AC_CHECK_FUNCS([getaddrinfo]) AC_CHECK_FUNCS([gettimeofday]) AC_CHECK_FUNCS([inet_ntoa]) AC_CHECK_FUNCS([memset]) @@ -63,22 +77,20 @@ AC_CHECK_HEADERS([stddef.h]) AC_CHECK_HEADERS([sys/ioctl.h]) AC_CHECK_HEADERS([sys/socket.h]) AC_CHECK_HEADERS([sys/time.h]) -AC_CHECK_HEADERS(errno.h) +AC_CHECK_HEADERS([errno.h]) AC_CHECK_LIB(network,socket) AC_CHECK_SIZEOF(long long, 8) AC_CHECK_SIZEOF(long, 4) +AC_CHECK_TYPES(__uint128_t) AC_C_BIGENDIAN -AC_DISABLE_STATIC -AC_DISABLE_STATIC -AC_FUNC_MALLOC -AC_FUNC_MKTIME -AC_FUNC_REALLOC +# mktime check takes forever on some systems, if time supported it would be +# highly unusual for mktime to be missing +#AC_FUNC_MKTIME AC_PROG_CC AC_PROG_CC_C_O AC_PROG_CXX AC_PROG_INSTALL -LT_INIT AC_TYPE_SIZE_T AC_TYPE_UINT8_T AM_PROG_AS @@ -86,57 +98,46 @@ AM_PROG_CC_C_O LT_LIB_M OPTIMIZE_CFLAGS="-Os -fomit-frame-pointer" -OPTIMIZE_FAST_CFLAGS="-O3 -fomit-frame-pointer" -OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET" +OPTIMIZE_FAST_CFLAGS="-O2 -fomit-frame-pointer" +OPTIMIZE_HUGE_CFLAGS="-funroll-loops -DTFM_SMALL_SET -DTFM_HUGE_SET" DEBUG_CFLAGS="-g -DDEBUG -DDEBUG_CYASSL" - -# DEBUG -AC_ARG_ENABLE(debug, - [ --enable-debug Enable CyaSSL debugging support (default: disabled)], - [ ENABLED_DEBUG=$enableval ], - [ ENABLED_DEBUG=no ] - ) -if test "$ENABLED_DEBUG" = "yes" -then - # Full debug. Very slow in some cases - AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS" -else - # Optimized version. No debug - AM_CFLAGS="$AM_CFLAGS -DNDEBUG" -fi +thread_ls_on=no +# Thread local storage +AX_TLS([ + [AM_CFLAGS="$AM_CFLAGS -DHAVE_THREAD_LS"] + [thread_ls_on=yes] + ] , [:]) -# SMALL BUILD -AC_ARG_ENABLE(small, - [ --enable-small Enable smallest build (default: disabled)], - [ ENABLED_SMALL=$enableval ], - [ ENABLED_SMALL=no ] - ) -if test "$ENABLED_SMALL" = "yes" -then - # make small no tls build with smallest cipher - # if you only want server or client you can define NO_CYASSL_SERVER or - # NO_CYASSL_CLIENT but then some of the examples and testsuite won't build - # note that TLS needs HMAC - AM_CFLAGS="-DNO_TLS -DNO_HMAC -DNO_AES -DNO_DES3 -DNO_SHA256 -DNO_ERROR_STRINGS -DNO_RABBIT -DNO_PSK -DNO_DSA -DNO_DH -DNO_PWDBASED $AM_CFLAGS" -fi +# DEBUG +AX_DEBUG +AS_IF([test "$ax_enable_debug" = "yes"], + [AM_CFLAGS="$DEBUG_CFLAGS $AM_CFLAGS"], + [AM_CFLAGS="$AM_CFLAGS -DNDEBUG"]) # SINGLE THREADED -AC_ARG_ENABLE(singleThreaded, - [ --enable-singleThreaded Enable CyaSSL single threaded (default: disabled)], +AC_ARG_ENABLE([singlethreaded], + [ --enable-singlethreaded Enable CyaSSL single threaded (default: disabled)], [ ENABLED_SINGLETHREADED=$enableval ], - [ ENABLED_SINGLETHREADED=no ] - ) -if test "$ENABLED_SINGLETHREADED" = "yes" -then - AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" -fi + [ ENABLED_SINGLETHREADED=no ]) + +AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xno" ],[ + AX_PTHREAD([ + AC_DEFINE([HAVE_PTHREAD], [1], [Define if you have POSIX threads libraries and header files.]) + AM_CFLAGS="-D_POSIX_THREADS $AM_CFLAGS $PTHREAD_CFLAGS" + LIBS="$LIBS $PTHREAD_LIBS" + ],[ + ENABLED_SINGLETHREADED=yes + ]) + ]) + +AS_IF([ test "x$ENABLED_SINGLETHREADED" = "xyes" ],[ AM_CFLAGS="-DSINGLE_THREADED $AM_CFLAGS" ]) # DTLS -AC_ARG_ENABLE(dtls, +AC_ARG_ENABLE([dtls], [ --enable-dtls Enable CyaSSL DTLS (default: disabled)], [ ENABLED_DTLS=$enableval ], [ ENABLED_DTLS=no ] @@ -148,8 +149,8 @@ fi # OPENSSL Extra Compatibility -AC_ARG_ENABLE(opensslExtra, - [ --enable-opensslExtra Enable extra OpenSSL API, size+ (default: disabled)], +AC_ARG_ENABLE([opensslextra], + [ --enable-opensslextra Enable extra OpenSSL API, size+ (default: disabled)], [ ENABLED_OPENSSLEXTRA=$enableval ], [ ENABLED_OPENSSLEXTRA=no ] ) @@ -160,12 +161,12 @@ fi if test "$ENABLED_OPENSSLEXTRA" = "yes" && test "$ENABLED_SMALL" = "yes" then - AC_MSG_ERROR([cannot enable small and opensslExtra, only one or the other.]) + AC_MSG_ERROR([cannot enable small and opensslextra, only one or the other.]) fi # IPv6 Test Apps -AC_ARG_ENABLE(ipv6, +AC_ARG_ENABLE([ipv6], [ --enable-ipv6 Enable testing of IPV6 (default: disabled)], [ ENABLED_IPV6=$enableval ], [ ENABLED_IPV6=no ] @@ -178,7 +179,7 @@ fi # Fortress build -AC_ARG_ENABLE(fortress, +AC_ARG_ENABLE([fortress], [ --enable-fortress Enable SSL fortress build (default: disabled)], [ ENABLED_FORTRESS=$enableval ], [ ENABLED_FORTRESS=no ] @@ -186,12 +187,12 @@ AC_ARG_ENABLE(fortress, if test "$ENABLED_FORTRESS" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DOPENSSL_EXTRA -DCYASSL_DES_ECB -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DCYASSL_DER_LOAD -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_KEY_GEN" + AM_CFLAGS="$AM_CFLAGS -DFORTRESS -DCYASSL_ALWAYS_VERIFY_CB -DOPENSSL_EXTRA -DCYASSL_DES_ECB -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT -DCYASSL_DER_LOAD -DCYASSL_SHA512 -DCYASSL_SHA384 -DCYASSL_KEY_GEN" fi # ssl bump build -AC_ARG_ENABLE(bump, +AC_ARG_ENABLE([bump], [ --enable-bump Enable SSL Bump build (default: disabled)], [ ENABLED_BUMP=$enableval ], [ ENABLED_BUMP=no ] @@ -202,42 +203,27 @@ then AM_CFLAGS="$AM_CFLAGS -DLARGE_STATIC_BUFFERS -DCYASSL_CERT_GEN -DCYASSL_KEY_GEN -DHUGE_SESSION_CACHE -DOPENSSL_EXTRA -DFP_MAX_BITS=8192 -DCYASSL_DER_LOAD -DCYASSL_ALT_NAMES -DCYASSL_TEST_CERT" fi -# fastmath -AC_ARG_ENABLE(fastmath, - [ --enable-fastmath Enable fast math for BigInts (default: disabled)], - [ ENABLED_FASTMATH=$enableval ], - [ ENABLED_FASTMATH=no ] - ) - -if test "x$ENABLED_FASTMATH" = "xyes" -then - AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH" -fi - +ENABLED_SLOWMATH="yes" -# fast HUGE math -AC_ARG_ENABLE(fasthugemath, - [ --enable-fasthugemath Enable fast math + huge code (default: disabled)], - [ ENABLED_FASTHUGEMATH=$enableval ], - [ ENABLED_FASTHUGEMATH=no ] +# lean psk build +AC_ARG_ENABLE([leanpsk], + [ --enable-leanpsk Enable Lean PSK build (default: disabled)], + [ ENABLED_LEANPSK=$enableval ], + [ ENABLED_LEANPSK=no ] ) -if test "$ENABLED_BUMP" = "yes" -then - ENABLED_FASTHUGEMATH="yes" -fi - -if test "$ENABLED_FASTHUGEMATH" = "yes" +if test "$ENABLED_LEANPSK" = "yes" then - ENABLED_FASTMATH="yes" - AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_LEANPSK -DHAVE_NULL_CIPHER -DSINGLE_THREADED -DNO_AES -DNO_FILESYSTEM -DNO_RABBIT -DNO_RSA -DNO_DSA -DNO_DH -DNO_CERTS -DNO_PWDBASED -DNO_DES3 -DNO_MD4 -DNO_MD5 -DNO_ERROR_STRINGS -DNO_OLD_TLS -DNO_RC4 -DNO_WRITEV -DNO_SESSION_CACHE -DNO_DEV_RANDOM -DCYASSL_USER_IO -DNO_SHA -DUSE_SLOW_SHA" + ENABLED_SLOWMATH="no" + ENABLED_SINGLETHREADED="yes" fi -AM_CONDITIONAL([BUILD_FASTMATH], [test "x$ENABLED_FASTMATH" = "xyes"]) +AM_CONDITIONAL([BUILD_LEANPSK], [test "x$ENABLED_LEANPSK" = "xyes"]) # big cache -AC_ARG_ENABLE(bigcache, +AC_ARG_ENABLE([bigcache], [ --enable-bigcache Enable big session cache (default: disabled)], [ ENABLED_BIGCACHE=$enableval ], [ ENABLED_BIGCACHE=no ] @@ -250,7 +236,7 @@ fi # HUGE cache -AC_ARG_ENABLE(hugecache, +AC_ARG_ENABLE([hugecache], [ --enable-hugecache Enable huge session cache (default: disabled)], [ ENABLED_HUGECACHE=$enableval ], [ ENABLED_HUGECACHE=no ] @@ -263,7 +249,7 @@ fi # SMALL cache -AC_ARG_ENABLE(smallcache, +AC_ARG_ENABLE([smallcache], [ --enable-smallcache Enable small session cache (default: disabled)], [ ENABLED_SMALLCACHE=$enableval ], [ ENABLED_SMALLCACHE=no ] @@ -275,22 +261,76 @@ then fi -# SNIFFER -AC_ARG_ENABLE(sniffer, - [ --enable-sniffer Enable CyaSSL sniffer support (default: disabled)], - [ ENABLED_SNIFFER=$enableval ], - [ ENABLED_SNIFFER=no ] +# Persistent session cache +AC_ARG_ENABLE([savesession], + [ --enable-savesession Enable persistent session cache (default: disabled)], + [ ENABLED_SAVESESSION=$enableval ], + [ ENABLED_SAVESESSION=no ] + ) + +if test "$ENABLED_SAVESESSION" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DPERSIST_SESSION_CACHE" +fi + + +# Persistent cert cache +AC_ARG_ENABLE([savecert], + [ --enable-savecert Enable persistent cert cache (default: disabled)], + [ ENABLED_SAVECERT=$enableval ], + [ ENABLED_SAVECERT=no ] + ) + +if test "$ENABLED_SAVECERT" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DPERSIST_CERT_CACHE" +fi + + +# Atomic User Record Layer +AC_ARG_ENABLE([atomicuser], + [ --enable-atomicuser Enable Atomic User Record Layer (default: disabled)], + [ ENABLED_ATOMICUSER=$enableval ], + [ ENABLED_ATOMICUSER=no ] + ) + +if test "$ENABLED_ATOMICUSER" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DATOMIC_USER" +fi + + +# Public Key Callbacks +AC_ARG_ENABLE([pkcallbacks], + [ --enable-pkcallbacks Enable Public Key Callbacks (default: disabled)], + [ ENABLED_PKCALLBACKS=$enableval ], + [ ENABLED_PKCALLBACKS=no ] ) -if test "$ENABLED_SNIFFER" = "yes" +if test "$ENABLED_PKCALLBACKS" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" + AM_CFLAGS="$AM_CFLAGS -DHAVE_PK_CALLBACKS" fi -AM_CONDITIONAL([BUILD_SNIFFER], [test "x$ENABLED_SNIFFER" = "xyes"]) + +# SNIFFER +ENABLED_SNIFFTEST=no +AC_ARG_ENABLE([sniffer], + [AS_HELP_STRING([--enable-sniffer],[ Enable CyaSSL sniffer support (default: disabled) ])],[ + ENABLED_SNIFFER=yes + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SNIFFER -DOPENSSL_EXTRA" + AS_IF([ test "x$enableval" = "xyes" ],[ AC_CHECK_HEADERS([pcap/pcap.h],[ + ENABLED_SNIFFTEST=yes + ],[ AC_MSG_WARN([cannot enable sniffer test without having libpcap available.]) ]) ]) + ],[ + ENABLED_SNIFFER=no + ]) + +AM_CONDITIONAL([BUILD_SNIFFER], [ test "x$ENABLED_SNIFFER" = "xyes" ]) +AM_CONDITIONAL([BUILD_SNIFFTEST], [ test "x$ENABLED_SNIFFTEST" = "xyes" ]) # AES-GCM -AC_ARG_ENABLE(aesgcm, +AC_ARG_ENABLE([aesgcm], [ --enable-aesgcm Enable CyaSSL AES-GCM support (default: disabled)], [ ENABLED_AESGCM=$enableval ], [ ENABLED_AESGCM=no ] @@ -316,13 +356,29 @@ fi if test "$ENABLED_AESGCM" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM -DCYASSL_SHA384 -DCYASSL_SHA512" + AM_CFLAGS="$AM_CFLAGS -DHAVE_AESGCM" fi AM_CONDITIONAL([BUILD_AESGCM], [test "x$ENABLED_AESGCM" = "xyes"]) + +# AES-CCM +AC_ARG_ENABLE([aesccm], + [ --enable-aesccm Enable CyaSSL AES-CCM support (default: disabled)], + [ ENABLED_AESCCM=$enableval ], + [ ENABLED_AESCCM=no ] + ) + +if test "$ENABLED_AESCCM" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_AESCCM" +fi + +AM_CONDITIONAL([BUILD_AESCCM], [test "x$ENABLED_AESCCM" = "xyes"]) + + # AES-NI -AC_ARG_ENABLE(aesni, +AC_ARG_ENABLE([aesni], [ --enable-aesni Enable CyaSSL AES-NI support (default: disabled)], [ ENABLED_AESNI=$enableval ], [ ENABLED_AESNI=no ] @@ -334,15 +390,34 @@ then if test "$GCC" = "yes" then # GCC needs these flags, icc doesn't - AM_CFLAGS="$AM_CFLAGS -maes -msse4" + # opt levels greater than 2 may cause problems on systems w/o aesni + if test "$CC" != "icc" + then + AM_CFLAGS="$AM_CFLAGS -maes -msse4" + fi fi fi AM_CONDITIONAL([BUILD_AESNI], [test "x$ENABLED_AESNI" = "xyes"]) +# Camellia +AC_ARG_ENABLE([camellia], + [ --enable-camellia Enable CyaSSL Camellia support (default: disabled)], + [ ENABLED_CAMELLIA=$enableval ], + [ ENABLED_CAMELLIA=no ] + ) + +if test "$ENABLED_CAMELLIA" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_CAMELLIA" +fi + +AM_CONDITIONAL([BUILD_CAMELLIA], [test "x$ENABLED_CAMELLIA" = "xyes"]) + + # MD2 -AC_ARG_ENABLE(md2, +AC_ARG_ENABLE([md2], [ --enable-md2 Enable CyaSSL MD2 support (default: disabled)], [ ENABLED_MD2=$enableval ], [ ENABLED_MD2=no ] @@ -361,8 +436,20 @@ fi AM_CONDITIONAL([BUILD_MD2], [test "x$ENABLED_MD2" = "xyes"]) +# NULL CIPHER +AC_ARG_ENABLE([nullcipher], + [ --enable-nullcipher Enable CyaSSL NULL cipher support (default: disabled)], + [ ENABLED_NULL_CIPHER=$enableval ], + [ ENABLED_NULL_CIPHER=no ] + ) + +if test "$ENABLED_NULL_CIPHER" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_NULL_CIPHER" +fi + # RIPEMD -AC_ARG_ENABLE(ripemd, +AC_ARG_ENABLE([ripemd], [ --enable-ripemd Enable CyaSSL RIPEMD-160 support (default: disabled)], [ ENABLED_RIPEMD=$enableval ], [ ENABLED_RIPEMD=no ] @@ -376,8 +463,23 @@ fi AM_CONDITIONAL([BUILD_RIPEMD], [test "x$ENABLED_RIPEMD" = "xyes"]) +# BLAKE2 +AC_ARG_ENABLE([blake2], + [ --enable-blake2 Enable CyaSSL BLAKE2 support (default: disabled)], + [ ENABLED_BLAKE2=$enableval ], + [ ENABLED_BLAKE2=no ] + ) + +if test "$ENABLED_BLAKE2" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_BLAKE2" +fi + +AM_CONDITIONAL([BUILD_BLAKE2], [test "x$ENABLED_BLAKE2" = "xyes"]) + + # SHA512 -AC_ARG_ENABLE(sha512, +AC_ARG_ENABLE([sha512], [ --enable-sha512 Enable CyaSSL SHA-512 support (default: disabled)], [ ENABLED_SHA512=$enableval ], [ ENABLED_SHA512=no ] @@ -385,7 +487,7 @@ AC_ARG_ENABLE(sha512, if test "$ENABLED_SHA512" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_SHA512" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SHA512 -DCYASSL_SHA384" fi if test "$ENABLED_FORTRESS" = "yes" @@ -393,17 +495,12 @@ then ENABLED_SHA512="yes" fi -if test "$ENABLED_AESGCM" = "yes" -then - ENABLED_SHA512="yes" -fi - AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"]) # SESSION CERTS -AC_ARG_ENABLE(sessioncerts, +AC_ARG_ENABLE([sessioncerts], [ --enable-sessioncerts Enable session cert storing (default: disabled)], [ ENABLED_SESSIONCERTS=$enableval ], [ ENABLED_SESSIONCERTS=no ] @@ -416,7 +513,7 @@ fi # KEY GENERATION -AC_ARG_ENABLE(keygen, +AC_ARG_ENABLE([keygen], [ --enable-keygen Enable key generation (default: disabled)], [ ENABLED_KEYGEN=$enableval ], [ ENABLED_KEYGEN=no ] @@ -429,7 +526,7 @@ fi # CERT GENERATION -AC_ARG_ENABLE(certgen, +AC_ARG_ENABLE([certgen], [ --enable-certgen Enable cert generation (default: disabled)], [ ENABLED_CERTGEN=$enableval ], [ ENABLED_CERTGEN=no ] @@ -441,79 +538,64 @@ then fi -# HC128 -AC_ARG_ENABLE(hc128, - [ --enable-hc128 Enable HC-128 (default: disabled)], - [ ENABLED_HC128=$enableval ], - [ ENABLED_HC128=no ] - ) - -if test "$ENABLED_HC128" = "no" -then - AM_CFLAGS="$AM_CFLAGS -DNO_HC128" -else - AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128" -fi - -AM_CONDITIONAL([BUILD_HC128], [test "x$ENABLED_HC128" = "xyes"]) - - -# PSK -AC_ARG_ENABLE(psk, - [ --enable-psk Enable PSK (default: disabled)], - [ ENABLED_PSK=$enableval ], - [ ENABLED_PSK=no ] +# CERT REQUEST GENERATION +AC_ARG_ENABLE([certreq], + [ --enable-certreq Enable cert request generation (default: disabled)], + [ ENABLED_CERTREQ=$enableval ], + [ ENABLED_CERTREQ=no ] ) -if test "$ENABLED_PSK" = "no" +if test "$ENABLED_CERTREQ" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DNO_PSK" + if test "$ENABLED_CERTGEN" = "no" + then + AC_MSG_ERROR([cannot enable certreq without enabling certgen.]) + fi + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ" fi -# Web Server Build -AC_ARG_ENABLE(webServer, - [ --enable-webServer Enable Web Server (default: disabled)], - [ ENABLED_WEBSERVER=$enableval ], - [ ENABLED_WEBSERVER=no ] +# SEP +AC_ARG_ENABLE([sep], + [ --enable-sep Enable sep extensions (default: disabled)], + [ ENABLED_SEP=$enableval ], + [ ENABLED_SEP=no ] ) - -if test "$ENABLED_WEBSERVER" = "yes" +if test "$ENABLED_SEP" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER" + AM_CFLAGS="-DCYASSL_SEP -DKEEP_PEER_CERT $AM_CFLAGS" fi -# No Filesystem Build -AC_ARG_ENABLE(noFilesystem, - [ --enable-noFilesystem Enable No Filesystem (default: disabled)], - [ ENABLED_NOFILESYSTEM=$enableval ], - [ ENABLED_NOFILESYSTEM=no ] +# HKDF +AC_ARG_ENABLE([hkdf], + [ --enable-hkdf Enable HKDF (HMAC-KDF) support (default: disabled)], + [ ENABLED_HKDF=$enableval ], + [ ENABLED_HKDF=no ] ) - -if test "$ENABLED_NOFILESYSTEM" = "yes" +if test "$ENABLED_HKDF" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM" + AM_CFLAGS="$AM_CFLAGS -DHAVE_HKDF" fi -# No inline Build -AC_ARG_ENABLE(noInline, - [ --enable-noInline Enable No inline (default: disabled)], - [ ENABLED_NOINLINE=$enableval ], - [ ENABLED_NOINLINE=no ] +# DSA +AC_ARG_ENABLE([dsa], + [ --enable-dsa Enable DSA (default: disabled)], + [ ENABLED_DSA=$enableval ], + [ ENABLED_DSA=no ] ) -if test "$ENABLED_NOINLINE" = "yes" +if test "$ENABLED_DSA" = "no" then - AM_CFLAGS="$AM_CFLAGS -DNO_INLINE" + AM_CFLAGS="$AM_CFLAGS -DNO_DSA" fi -AM_CONDITIONAL([BUILD_NOINLINE], [test "x$ENABLED_NOINLINE" = "xyes"]) +AM_CONDITIONAL([BUILD_DSA], [test "x$ENABLED_DSA" = "xyes"]) # ECC -AC_ARG_ENABLE(ecc, +AC_ARG_ENABLE([ecc], [ --enable-ecc Enable ECC (default: disabled)], [ ENABLED_ECC=$enableval ], [ ENABLED_ECC=no ] @@ -521,7 +603,7 @@ AC_ARG_ENABLE(ecc, if test "$ENABLED_ECC" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC" + AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR" fi AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"]) @@ -533,204 +615,1227 @@ then fi -# OCSP -AC_ARG_ENABLE(ocsp, - [ --enable-ocsp Enable OCSP (default: disabled)], - [ ENABLED_OCSP=$enableval ], - [ ENABLED_OCSP=no ], +# FP ECC, Fixed Point cache ECC +AC_ARG_ENABLE([fpecc], + [ --enable-fpecc Enable Fixed Point cache ECC (default: disabled)], + [ ENABLED_FPECC=$enableval ], + [ ENABLED_FPECC=no ] ) -if test "$ENABLED_OCSP" = "yes" +if test "$ENABLED_FPECC" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP" + if test "$ENABLED_ECC" = "no" + then + AC_MSG_ERROR([cannot enable fpecc without enabling ecc.]) + fi + AM_CFLAGS="$AM_CFLAGS -DFP_ECC" fi -AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"]) - -# CRL -AC_ARG_ENABLE(crl, - [ --enable-crl Enable CRL (default: disabled)], - [ ENABLED_CRL=$enableval ], - [ ENABLED_CRL=no ], +# ECC encrypt +AC_ARG_ENABLE([eccencrypt], + [ --enable-eccencrypt Enable ECC encrypt (default: disabled)], + [ ENABLED_ECC_ENCRYPT=$enableval ], + [ ENABLED_ECC_ENCRYPT=no ] ) -if test "$ENABLED_CRL" = "yes" +if test "$ENABLED_ECC_ENCRYPT" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL" + if test "$ENABLED_ECC" = "no" + then + AC_MSG_ERROR([cannot enable eccencrypt without enabling ecc.]) + fi + if test "$ENABLED_HKDF" = "no" + then + AC_MSG_ERROR([cannot enable eccencrypt without enabling hkdf.]) + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC_ENCRYPT" fi -AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"]) - -# CRL Monitor -AC_ARG_ENABLE(crl-monitor, - [ --enable-crl-monitor Enable CRL Monitor (default: disabled)], - [ ENABLED_CRL_MONITOR=$enableval ], - [ ENABLED_CRL_MONITOR=no ], +# PSK +AC_ARG_ENABLE([psk], + [ --enable-psk Enable PSK (default: disabled)], + [ ENABLED_PSK=$enableval ], + [ ENABLED_PSK=no ] ) -if test "$ENABLED_CRL_MONITOR" = "yes" +if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "no" then - AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" + AM_CFLAGS="$AM_CFLAGS -DNO_PSK" fi -AM_CONDITIONAL([BUILD_CRL_MONITOR], [test "x$ENABLED_CRL_MONITOR" = "xyes"]) +if test "$ENABLED_PSK" = "no" && test "$ENABLED_LEANPSK" = "yes" +then + ENABLED_PSK=yes +fi -# NTRU -ntruHome=`pwd`/NTRU_algorithm -ntruInclude=$ntruHome/cryptolib -ntruLib=$ntruHome -AC_ARG_ENABLE(ntru, - [ --enable-ntru Enable NTRU (default: disabled)], - [ ENABLED_NTRU=$enableval ], - [ ENABLED_NTRU=no ] +# ERROR STRINGS +AC_ARG_ENABLE([errorstrings], + [ --enable-errorstrings Enable error strings table (default: enabled)], + [ ENABLED_ERROR_STRINGS=$enableval ], + [ ENABLED_ERROR_STRINGS=yes ] ) -if test "$ENABLED_NTRU" = "yes" +if test "$ENABLED_ERROR_STRINGS" = "no" then - AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU -I$ntruInclude" - AM_LDFLAGS="$AM_LDFLAGS -L$ntruLib" - LIBS="$LIBS -lntru_encrypt" + AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS" +else + # turn off error strings if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_ERROR_STRINGS" + ENABLED_ERROR_STRINGS=no + fi fi -AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"]) -if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes" +# OLD TLS +AC_ARG_ENABLE([oldtls], + [ --enable-oldtls Enable old TLS versions < 1.2 (default: enabled)], + [ ENABLED_OLD_TLS=$enableval ], + [ ENABLED_OLD_TLS=yes ] + ) + +if test "$ENABLED_OLD_TLS" = "no" then - AC_MSG_ERROR([cannot enable ntru and small, ntru requires TLS which small turns off.]) + AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS" +else + # turn off old if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_OLD_TLS" + ENABLED_OLD_TLS=no + fi fi -# Test certs, use internal cert functions for extra testing -AC_ARG_ENABLE(testcert, - [ --enable-testcert Enable Test Cert (default: disabled)], - [ ENABLED_TESTCERT=$enableval ], - [ ENABLED_TESTCERT=no ] +# STACK SIZE info for examples +AC_ARG_ENABLE([stacksize], + [ --enable-stacksize Enable stack size info on examples (default: disabled)], + [ ENABLED_STACKSIZE=$enableval ], + [ ENABLED_STACKSIZE=no ] ) -if test "$ENABLED_TESTCERT" = "yes" +if test "$ENABLED_STACKSIZE" = "yes" then - AM_CFLAGS="$AM_CFLAGS -DCYASSL_TEST_CERT" + AC_CHECK_FUNC([posix_memalign], [], [AC_MSG_ERROR(stacksize needs posix_memalign)]) + AC_CHECK_FUNC([pthread_attr_setstack], [], AC_CHECK_LIB([pthread],[pthread_attr_setstack])) + AM_CFLAGS="$AM_CFLAGS -DHAVE_STACK_SIZE -DCYASSL_LOW_MEMORY" fi -# LIBZ -trylibzdir="" -AC_ARG_WITH(libz, - [ --with-libz=PATH PATH to libz install (default /usr/) ], - [ - AC_MSG_CHECKING([for libz]) - CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ" - LIBS="$LIBS -lz" +# MEMORY +AC_ARG_ENABLE([memory], + [ --enable-memory Enable memory callbacks (default: enabled)], + [ ENABLED_MEMORY=$enableval ], + [ ENABLED_MEMORY=yes ] + ) - AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ]) +if test "$ENABLED_MEMORY" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_CYASSL_MEMORY" +else + # turn off memory cb if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + # but don't turn on NO_CYASSL_MEMORY because using own + ENABLED_MEMORY=no + fi +fi - if test "x$libz_linked" == "xno" ; then - if test "x$withval" != "xno" ; then - trylibzdir=$withval - fi - if test "x$withval" == "xyes" ; then - trylibzdir="/usr" - fi +AM_CONDITIONAL([BUILD_MEMORY], [test "x$ENABLED_MEMORY" = "xyes"]) - AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib" - CPPFLAGS="$CPPFLAGS -I$trylibzdir/include" - AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ]) +# RSA +AC_ARG_ENABLE([rsa], + [ --enable-rsa Enable RSA (default: enabled)], + [ ENABLED_RSA=$enableval ], + [ ENABLED_RSA=yes ] + ) - if test "x$libz_linked" == "xno" ; then - AC_MSG_ERROR([libz isn't found. - If it's already installed, specify its path using --with-libz=/dir/]) - fi - AC_MSG_RESULT([yes]) - else - AC_MSG_RESULT([yes]) - fi +if test "$ENABLED_RSA" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_RSA" +else + # turn off RSA if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_RSA" + ENABLED_RSA=no + fi +fi - ] -) +AM_CONDITIONAL([BUILD_RSA], [test "x$ENABLED_RSA" = "xyes"]) -# OPTIMIZE FLAGS -if test "$GCC" = "yes" +# DH +AC_ARG_ENABLE([dh], + [ --enable-dh Enable DH (default: disabled)], + [ ENABLED_DH=$enableval ], + [ ENABLED_DH=no ] + ) + +if test "$ENABLED_DH" = "no" then - AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused" - if test "$ENABLED_DEBUG" = "no" + AM_CFLAGS="$AM_CFLAGS -DNO_DH" +else + # turn off DH if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" then - if test "$ENABLED_FASTMATH" = "yes" - then - AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS" - if test "$ENABLED_FASTHUGEMATH" = "yes" - then - AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS" - fi - else - AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS" - fi + AM_CFLAGS="$AM_CFLAGS -DNO_DH" + ENABLED_DH=no fi fi -AX_PTHREAD([ - AC_DEFINE([HAVE_PTHREAD], [1], [Define if you have POSIX threads libraries and header files.]) - ], - [ - AC_DEFINE([HAVE_PTHREAD], [0], [Define if you have POSIX threads libraries and header files.]) - ]) +AM_CONDITIONAL([BUILD_DH], [test "x$ENABLED_DH" = "xyes"]) -LIB_SOCKET_NSL -dnl Various GCC warnings that should never fire for release quality code -GCCWARNINGS="-Wall -fno-strict-aliasing -W -Wfloat-equal -Wundef \ - -Wpointer-arith -Wstrict-prototypes -Wmissing-prototypes \ - -Wwrite-strings -Wredundant-decls -Wchar-subscripts -Wcomment \ - -Wformat=2 -Wwrite-strings -Wmissing-declarations -Wredundant-decls \ - -Wnested-externs -Wbad-function-cast -Wswitch-enum -Winit-self \ - -Wmissing-field-initializers -Wdeclaration-after-statement \ - -Wold-style-definition -Waddress -Wmissing-noreturn -Wnormalized=id \ - -Woverride-init -Wstrict-overflow=1 -Wextra -Wstack-protector -Wformat \ - -Wformat-security -Wpointer-sign -Wshadow -Wswitch-default" - -case "$host_os" in - *linux*) -GCCWARNINGS="$GCCWARNINGS -Warray-bounds" - ;; -esac +# ASN +# turn off asn, which means no certs, no rsa, no dh, no dsa, no ecc, +# and no big int, use this to disable all public key stuff +AC_ARG_ENABLE([asn], + [ --enable-asn Enable ASN (default: enabled)], + [ ENABLED_ASN=$enableval ], + [ ENABLED_ASN=yes ] + ) -AC_ARG_ENABLE(gcc-lots-o-warnings, -AS_HELP_STRING(--enable-gcc-lots-o-warnings, Enable lots of gcc warnings (default: disabled)), -[if test x$enableval = xyes; then - AM_CFLAGS="$AM_CFLAGS $GCCWARNINGS" -fi]) - -AC_ARG_ENABLE(gcc-hardening, -AS_HELP_STRING(--enable-gcc-hardening, Enable compiler security checks (default: disabled)), -[if test x$enableval = xyes; then - AM_CFLAGS="$AM_CFLAGS -D_FORTIFY_SOURCE=2 -fstack-protector-all" - AM_CFLAGS="$AM_CFLAGS -fwrapv -fPIE -Wstack-protector" - AM_CFLAGS="$AM_CFLAGS --param ssp-buffer-size=1" - LDFLAGS="$LDFLAGS -pie" -fi]) - -dnl Linker hardening options -dnl Currently these options are ELF specific - you can't use this with MacOSX -AC_ARG_ENABLE(linker-hardening, -AS_HELP_STRING(--enable-linker-hardening, Enable linker security fixups (default: disabled)), -[if test x$enableval = xyes; then - LDFLAGS="$LDFLAGS -z relro -z now" -fi]) +if test "$ENABLED_ASN" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT" +else + # turn off ASN if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_ASN -DNO_CERTS -DNO_BIG_INT" + ENABLED_ASN=no + fi +fi -CREATE_HEX_VERSION -AM_CFLAGS="$AM_CFLAGS $CFLAG_VISIBILITY" -AC_SUBST(AM_CFLAGS) -AC_SUBST(AM_LDFLAGS) +if test "$ENABLED_RSA" = "yes" && test "$ENABLED_ASN" = "no" +then + AC_MSG_ERROR([please disable rsa if disabling asn.]) +fi -# FINAL -AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h]) -AC_CONFIG_FILES([Makefile]) -AC_CONFIG_FILES([cyassl/version.h]) -AC_CONFIG_FILES([support/libcyassl.pc]) +if test "$ENABLED_DSA" = "yes" && test "$ENABLED_ASN" = "no" +then + AC_MSG_ERROR([please disable dsa if disabling asn.]) +fi -AC_OUTPUT +if test "$ENABLED_DH" = "yes" && test "$ENABLED_ASN" = "no" +then + AC_MSG_ERROR([please disable dh if disabling asn.]) +fi + +if test "$ENABLED_ECC" = "yes" && test "$ENABLED_ASN" = "no" +then + AC_MSG_ERROR([please disable ecc if disabling asn.]) +fi + +if test "$ENABLED_PSK" = "no" && test "$ENABLED_ASN" = "no" +then + AC_MSG_ERROR([please enable psk if disabling asn.]) +fi + +if test "$ENABLED_ASN" = "no" +then + ENABLED_FASTMATH=no + ENABLED_SLOWMATH=no +fi + +AM_CONDITIONAL([BUILD_ASN], [test "x$ENABLED_ASN" = "xyes"]) + + +# AES +AC_ARG_ENABLE([aes], + [ --enable-aes Enable AES (default: enabled)], + [ ENABLED_AES=$enableval ], + [ ENABLED_AES=yes ] + ) + +if test "$ENABLED_AES" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_AES" +else + # turn off AES if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_AES" + ENABLED_AES=no + fi +fi + +AM_CONDITIONAL([BUILD_AES], [test "x$ENABLED_AES" = "xyes"]) + + +# CODING +AC_ARG_ENABLE([coding], + [ --enable-coding Enable Coding base 16/64 (default: enabled)], + [ ENABLED_CODING=$enableval ], + [ ENABLED_CODING=yes ] + ) + +if test "$ENABLED_CODING" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_CODING" +else + # turn off CODING if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_CODING" + ENABLED_CODING=no + fi +fi + +AM_CONDITIONAL([BUILD_CODING], [test "x$ENABLED_CODING" = "xyes"]) + + +# DES3 +AC_ARG_ENABLE([des3], + [ --enable-des3 Enable DES3 (default: enabled)], + [ ENABLED_DES3=$enableval ], + [ ENABLED_DES3=yes ] + ) + +if test "$ENABLED_DES3" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_DES3" +else + # turn off DES3 if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_DES3" + ENABLED_DES3=no + fi +fi + +AM_CONDITIONAL([BUILD_DES3], [test "x$ENABLED_DES3" = "xyes"]) + + +# ARC4 +AC_ARG_ENABLE([arc4], + [ --enable-arc4 Enable ARC4 (default: enabled)], + [ ENABLED_ARC4=$enableval ], + [ ENABLED_ARC4=yes ] + ) + +if test "$ENABLED_ARC4" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_RC4" +else + # turn off ARC4 if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_RC4" + ENABLED_ARC4=no + fi +fi + +AM_CONDITIONAL([BUILD_RC4], [test "x$ENABLED_ARC4" = "xyes"]) + + +# MD5 +AC_ARG_ENABLE([md5], + [ --enable-md5 Enable MD5 (default: enabled)], + [ ENABLED_MD5=$enableval ], + [ ENABLED_MD5=yes ] + ) + +if test "$ENABLED_MD5" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS" +else + # turn off MD5 if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_MD5 -DNO_OLD_TLS" + ENABLED_MD5=no + fi +fi + +AM_CONDITIONAL([BUILD_MD5], [test "x$ENABLED_MD5" = "xyes"]) + + +# SHA +AC_ARG_ENABLE([sha], + [ --enable-sha Enable SHA (default: enabled)], + [ ENABLED_SHA=$enableval ], + [ ENABLED_SHA=yes ] + ) + +if test "$ENABLED_SHA" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS" +else + # turn off SHA if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_SHA -DNO_OLD_TLS" + ENABLED_SHA=no + fi +fi + +AM_CONDITIONAL([BUILD_SHA], [test "x$ENABLED_SHA" = "xyes"]) + + +# MD4 +AC_ARG_ENABLE([md4], + [ --enable-md4 Enable MD4 (default: disabled)], + [ ENABLED_MD4=$enableval ], + [ ENABLED_MD4=no ] + ) + +if test "$ENABLED_MD4" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_MD4" +fi + +AM_CONDITIONAL([BUILD_MD4], [test "x$ENABLED_MD4" = "xyes"]) + + +# Web Server Build +AC_ARG_ENABLE([webserver], + [ --enable-webserver Enable Web Server (default: disabled)], + [ ENABLED_WEBSERVER=$enableval ], + [ ENABLED_WEBSERVER=no ] + ) + +if test "$ENABLED_WEBSERVER" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_WEBSERVER" +fi + + +# PWDBASED +AC_ARG_ENABLE([pwdbased], + [ --enable-pwdbased Enable PWDBASED (default: disabled)], + [ ENABLED_PWDBASED=$enableval ], + [ ENABLED_PWDBASED=no ] + ) + +if test "$ENABLED_PWDBASED" = "no" +then + if test "$ENABLED_OPENSSLEXTRA" = "yes" || test "$ENABLED_WEBSERVER" = "yes" + then + # opensslextra and webserver needs pwdbased + ENABLED_PWDBASED=yes + else + AM_CFLAGS="$AM_CFLAGS -DNO_PWDBASED" + fi +fi + +AM_CONDITIONAL([BUILD_PWDBASED], [test "x$ENABLED_PWDBASED" = "xyes"]) + + +# HC128 +AC_ARG_ENABLE([hc128], + [ --enable-hc128 Enable HC-128 (default: disabled)], + [ ENABLED_HC128=$enableval ], + [ ENABLED_HC128=no ] + ) + +if test "$ENABLED_HC128" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_HC128" +else + AM_CFLAGS="$AM_CFLAGS -DHAVE_HC128" +fi + +AM_CONDITIONAL([BUILD_HC128], [test "x$ENABLED_HC128" = "xyes"]) + + +# RABBIT +AC_ARG_ENABLE([rabbit], + [ --enable-rabbit Enable RABBIT (default: disabled)], + [ ENABLED_RABBIT=$enableval ], + [ ENABLED_RABBIT=no ] + ) + +if test "$ENABLED_RABBIT" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_RABBIT" +else + AM_CFLAGS="$AM_CFLAGS -DHAVE_RABBIT" +fi + +AM_CONDITIONAL([BUILD_RABBIT], [test "x$ENABLED_RABBIT" = "xyes"]) + + +# FIPS +AC_ARG_ENABLE([fips], + [ --enable-fips Enable FIPS 140-2 (default: disabled)], + [ ENABLED_FIPS=$enableval ], + [ ENABLED_FIPS=no ] + ) + +if test "x$ENABLED_FIPS" = "xyes" +then + # requires thread local storage + if test "$thread_ls_on" = "no" + then + AC_MSG_ERROR([FIPS requires Thread Local Storage]) + fi + # requires SHA512 + if test "x$ENABLED_SHA512" = "xno" + then + ENABLED_SHA512="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SHA512 -DCYASSL_SHA384" + AM_CONDITIONAL([BUILD_SHA512], [test "x$ENABLED_SHA512" = "xyes"]) + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_FIPS" +fi + +AM_CONDITIONAL([BUILD_FIPS], [test "x$ENABLED_FIPS" = "xyes"]) + + +# Hash DRBG +AC_ARG_ENABLE([hashdrbg], + [ --enable-hashdrbg Enable Hash DRBG support (default: disabled)], + [ ENABLED_HASHDRBG=$enableval ], + [ ENABLED_HASHDRBG=no ] + ) + +if test "x$ENABLED_HASHDRBG" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG" +else + # turn on Hash DRBG if FIPS is on or ARC4 is off + if test "x$ENABLED_FIPS" = "xyes" || test "x$ENABLED_ARC4" = "xno" + then + AM_CFLAGS="$AM_CFLAGS -DHAVE_HASHDRBG" + ENABLED_HASHDRBG=yes + fi +fi + + +# Filesystem Build +AC_ARG_ENABLE([filesystem], + [ --enable-filesystem Enable Filesystem support (default: enabled)], + [ ENABLED_FILESYSTEM=$enableval ], + [ ENABLED_FILESYSTEM=yes ] + ) + +if test "$ENABLED_FILESYSTEM" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM" +else + # turn off filesystem if leanpsk on + if test "$ENABLED_LEANPSK" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DNO_FILESYSTEM" + ENABLED_FILESYSTEM=no + fi +fi + + +# inline Build +AC_ARG_ENABLE([inline], + [ --enable-inline Enable inline functions (default: enabled)], + [ ENABLED_INLINE=$enableval ], + [ ENABLED_INLINE=yes ] + ) + +if test "$ENABLED_INLINE" = "no" +then + AM_CFLAGS="$AM_CFLAGS -DNO_INLINE" +fi + +AM_CONDITIONAL([BUILD_INLINE], [test "x$ENABLED_INLINE" = "xyes"]) + + +# OCSP +AC_ARG_ENABLE([ocsp], + [ --enable-ocsp Enable OCSP (default: disabled)], + [ ENABLED_OCSP=$enableval ], + [ ENABLED_OCSP=no ], + ) + +if test "$ENABLED_OCSP" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_OCSP" +fi + +AM_CONDITIONAL([BUILD_OCSP], [test "x$ENABLED_OCSP" = "xyes"]) + + +if test "$ENABLED_OCSP" = "yes" +then + # check openssl command tool for testing ocsp + AC_CHECK_PROG([HAVE_OPENSSL_CMD],[openssl],[yes],[no]) + + if test "$HAVE_OPENSSL_CMD" = "yes" + then + AM_CFLAGS="$AM_CFLAGS -DHAVE_OPENSSL_CMD" + else + AC_MSG_WARN([openssl command line tool not available for testing ocsp]) + fi +fi + + +# CRL +AC_ARG_ENABLE([crl], + [ --enable-crl Enable CRL (default: disabled)], + [ ENABLED_CRL=$enableval ], + [ ENABLED_CRL=no ], + ) + +if test "$ENABLED_CRL" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL" +fi + +AM_CONDITIONAL([BUILD_CRL], [test "x$ENABLED_CRL" = "xyes"]) + + +# CRL Monitor +AC_ARG_ENABLE([crl-monitor], + [ --enable-crl-monitor Enable CRL Monitor (default: disabled)], + [ ENABLED_CRL_MONITOR=$enableval ], + [ ENABLED_CRL_MONITOR=no ], + ) + +if test "$ENABLED_CRL_MONITOR" = "yes" +then + case $host_os in + *linux* | *darwin* | *freebsd*) + AM_CFLAGS="$AM_CFLAGS -DHAVE_CRL_MONITOR" ;; + *) + AC_MSG_ERROR([crl monitor only allowed on linux, OS X, or freebsd]) ;; + esac +fi + +AM_CONDITIONAL([BUILD_CRL_MONITOR], [test "x$ENABLED_CRL_MONITOR" = "xyes"]) + + +# NTRU +ENABLED_NTRU="no" +tryntrudir="" +AC_ARG_WITH([ntru], + [ --with-ntru=PATH Path to NTRU install (default /usr/) ], + [ + AC_MSG_CHECKING([for NTRU]) + CPPFLAGS="$CPPFLAGS -DHAVE_NTRU" + LIBS="$LIBS -lNTRUEncrypt" + + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ]) + + if test "x$ntru_linked" == "xno" ; then + if test "x$withval" != "xno" ; then + tryntrudir=$withval + fi + if test "x$withval" == "xyes" ; then + tryntrudir="/usr" + fi + + LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib" + CPPFLAGS="$CPPFLAGS -I$tryntrudir/include" + + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ ntru_crypto_drbg_instantiate(0, 0, 0, 0, 0); ]])], [ ntru_linked=yes ],[ ntru_linked=no ]) + + if test "x$ntru_linked" == "xno" ; then + AC_MSG_ERROR([NTRU isn't found. + If it's already installed, specify its path using --with-ntru=/dir/]) + fi + AC_MSG_RESULT([yes]) + AM_LDFLAGS="$AM_LDFLAGS -L$tryntrudir/lib" + else + AC_MSG_RESULT([yes]) + fi + + AM_CFLAGS="$AM_CFLAGS -DHAVE_NTRU" + ENABLED_NTRU="yes" + ] +) + +AM_CONDITIONAL([BUILD_NTRU], [test "x$ENABLED_NTRU" = "xyes"]) + +if test "$ENABLED_NTRU" = "yes" && test "$ENABLED_SMALL" = "yes" +then + AC_MSG_ERROR([cannot enable ntru and small, ntru requires TLS which small turns off.]) +fi + +# SNI +AC_ARG_ENABLE([sni], + [ --enable-sni Enable SNI (default: disabled)], + [ ENABLED_SNI=$enableval ], + [ ENABLED_SNI=no ] + ) + +if test "x$ENABLED_SNI" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI" +fi + +# Maximum Fragment Length +AC_ARG_ENABLE([maxfragment], + [ --enable-maxfragment Enable Maximum Fragment Length (default: disabled)], + [ ENABLED_MAX_FRAGMENT=$enableval ], + [ ENABLED_MAX_FRAGMENT=no ] + ) + +if test "x$ENABLED_MAX_FRAGMENT" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_MAX_FRAGMENT" +fi + +# Truncated HMAC +AC_ARG_ENABLE([truncatedhmac], + [ --enable-truncatedhmac Enable Truncated HMAC (default: disabled)], + [ ENABLED_TRUNCATED_HMAC=$enableval ], + [ ENABLED_TRUNCATED_HMAC=no ] + ) + +if test "x$ENABLED_TRUNCATED_HMAC" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_TRUNCATED_HMAC" +fi + +# Renegotiation Indication +AC_ARG_ENABLE([renegotiation-indication], + [ --enable-renegotiation-indication Enable Renegotiation Indication (default: disabled)], + [ ENABLED_RENEGOTIATION_INDICATION=$enableval ], + [ ENABLED_RENEGOTIATION_INDICATION=no ] + ) + +if test "x$ENABLED_RENEGOTIATION_INDICATION" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_RENEGOTIATION_INDICATION" +fi + +# Supported Elliptic Curves Extensions +AC_ARG_ENABLE([supportedcurves], + [ --enable-supportedcurves Enable Supported Elliptic Curves (default: disabled)], + [ ENABLED_SUPPORTED_CURVES=$enableval ], + [ ENABLED_SUPPORTED_CURVES=no ] + ) + +if test "x$ENABLED_SUPPORTED_CURVES" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SUPPORTED_CURVES" +fi + +# TLS Extensions +AC_ARG_ENABLE([tlsx], + [ --enable-tlsx Enable all TLS Extensions (default: disabled)], + [ ENABLED_TLSX=$enableval ], + [ ENABLED_TLSX=no ] + ) + +if test "x$ENABLED_TLSX" = "xyes" +then + ENABLED_SNI=yes + ENABLED_MAX_FRAGMENT=yes + ENABLED_TRUNCATED_HMAC=yes + ENABLED_RENEGOTIATION_INDICATION=yes + ENABLED_SUPPORTED_CURVES=yes + AM_CFLAGS="$AM_CFLAGS -DHAVE_TLS_EXTENSIONS -DHAVE_SNI -DHAVE_MAX_FRAGMENT -DHAVE_TRUNCATED_HMAC -DHAVE_RENEGOTIATION_INDICATION -DHAVE_SUPPORTED_CURVES" +fi + +# PKCS7 +AC_ARG_ENABLE([pkcs7], + [ --enable-pkcs7 Enable PKCS7 (default: disabled)], + [ ENABLED_PKCS7=$enableval ], + [ ENABLED_PKCS7=no ], + ) + +if test "$ENABLED_PKCS7" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7" +fi + +AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"]) + + +# Simple Certificate Enrollment Protocol (SCEP) +AC_ARG_ENABLE([scep], + [ --enable-scep Enable wolfSCEP (default: disabled)], + [ ENABLED_WOLFSCEP=$enableval ], + [ ENABLED_WOLFSCEP=no ] + ) +if test "$ENABLED_WOLFSCEP" = "yes" +then + # Enable prereqs if not already enabled + if test "x$ENABLED_KEYGEN" = "xno" + then + ENABLED_KEYGEN="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_KEY_GEN" + fi + if test "x$ENABLED_CERTGEN" = "xno" + then + ENABLED_CERTGEN="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN" + fi + if test "x$ENABLED_CERTREQ" = "xno" + then + ENABLED_CERTREQ="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_REQ" + fi + if test "x$ENABLED_PKCS7" = "xno" + then + ENABLED_PKCS7="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_PKCS7" + AM_CONDITIONAL([BUILD_PKCS7], [test "x$ENABLED_PKCS7" = "xyes"]) + fi + AM_CFLAGS="$AM_CFLAGS -DCYASSL_HAVE_WOLFSCEP" +fi + + +# Small Stack +AC_ARG_ENABLE([smallstack], + [ --enable-smallstack Enable Small Stack Usage (default: disabled)], + [ ENABLED_SMALL_STACK=$enableval ], + [ ENABLED_SMALL_STACK=no ] + ) + +if test "x$ENABLED_SMALL_STACK" = "xyes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_SMALL_STACK" +fi + + +#valgrind +AC_ARG_ENABLE([valgrind], + [ --enable-valgrind Enable valgrind for unit tests (default: disabled)], + [ ENABLED_VALGRIND=$enableval ], + [ ENABLED_VALGRIND=no ] + ) + +if test "$ENABLED_VALGRIND" = "yes" +then + AC_CHECK_PROG([HAVE_VALGRIND],[valgrind],[yes],[no]) + + if test "$HAVE_VALGRIND" = "no" + then + AC_MSG_ERROR([Valgrind not found.]) + fi + enable_shared=no + enable_static=yes + AM_CFLAGS="$AM_CFLAGS -DHAVE_VALGRIND" +fi + +AM_CONDITIONAL([USE_VALGRIND], [test "x$ENABLED_VALGRIND" = "xyes"]) + + +# Test certs, use internal cert functions for extra testing +AC_ARG_ENABLE([testcert], + [ --enable-testcert Enable Test Cert (default: disabled)], + [ ENABLED_TESTCERT=$enableval ], + [ ENABLED_TESTCERT=no ] + ) + +if test "$ENABLED_TESTCERT" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DCYASSL_TEST_CERT" +fi + + +# I/O Pool, an example to show user how to override memory handler and use +# a pool for the input/output buffer requests +AC_ARG_ENABLE([iopool], + [ --enable-iopool Enable I/O Pool example (default: disabled)], + [ ENABLED_IOPOOL=$enableval ], + [ ENABLED_IOPOOL=no ] + ) + +if test "$ENABLED_IOPOOL" = "yes" +then + if test "$thread_ls_on" = "no" + then + AC_MSG_ERROR([I/O Pool example requires Thread Local Storage]) + fi + AM_CFLAGS="$AM_CFLAGS -DHAVE_IO_POOL -DXMALLOC_USER" +fi + + +# Certificate Service Support +AC_ARG_ENABLE([certservice], + [ --enable-certservice Enable cert service (default: disabled)], + [ ENABLED_CERT_SERVICE=$enableval ], + [ ENABLED_CERT_SERVICE=no ] + ) +if test "$ENABLED_CERT_SERVICE" = "yes" +then + # Requires ecc,certgen, and opensslextra make sure on + if test "x$ENABLED_CERTGEN" = "xno" + then + ENABLED_CERTGEN="yes" + AM_CFLAGS="$AM_CFLAGS -DCYASSL_CERT_GEN" + fi + if test "x$ENABLED_ECC" = "xno" + then + ENABLED_ECC="yes" + AM_CFLAGS="$AM_CFLAGS -DHAVE_ECC -DTFM_ECC256 -DECC_SHAMIR" + AM_CONDITIONAL([BUILD_ECC], [test "x$ENABLED_ECC" = "xyes"]) + fi + if test "x$ENABLED_OPENSSLEXTRA" = "xno" + then + ENABLED_OPENSSLEXTRA="yes" + AM_CFLAGS="-DOPENSSL_EXTRA $AM_CFLAGS" + fi + AM_CFLAGS="$AM_CFLAGS -DCYASSL_HAVE_CERT_SERVICE" +fi + + +# set fastmath default +FASTMATH_DEFAULT=no + +if test "$host_cpu" = "x86_64" +then +FASTMATH_DEFAULT=yes +fi + +# fastmath +AC_ARG_ENABLE([fastmath], + [ --enable-fastmath Enable fast math ops (default: enabled on x86_64)], + [ ENABLED_FASTMATH=$enableval ], + [ ENABLED_FASTMATH=$FASTMATH_DEFAULT] + ) + +if test "x$ENABLED_FASTMATH" = "xyes" +then + # turn off fastmth if leanpsk on or asn off + if test "$ENABLED_LEANPSK" = "yes" || test "$ENABLED_ASN" = "no" + then + ENABLED_FASTMATH=no + else + AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH" + ENABLED_SLOWMATH="no" + fi +fi + + +# fast HUGE math +AC_ARG_ENABLE([fasthugemath], + [ --enable-fasthugemath Enable fast math + huge code (default: disabled)], + [ ENABLED_FASTHUGEMATH=$enableval ], + [ ENABLED_FASTHUGEMATH=no ] + ) + +if test "$ENABLED_BUMP" = "yes" +then + ENABLED_FASTHUGEMATH="yes" +fi + +if test "$ENABLED_FASTHUGEMATH" = "yes" +then + ENABLED_FASTMATH="yes" + AM_CFLAGS="$AM_CFLAGS -DUSE_FAST_MATH" + ENABLED_SLOWMATH="no" +fi + +AM_CONDITIONAL([BUILD_FASTMATH], [test "x$ENABLED_FASTMATH" = "xyes"]) +AM_CONDITIONAL([BUILD_SLOWMATH], [test "x$ENABLED_SLOWMATH" = "xyes"]) + + +# Enable Examples, used to disable examples +AC_ARG_ENABLE([examples], + [ --enable-examples Enable Examples (default: enabled)], + [ ENABLED_EXAMPLES=$enableval ], + [ ENABLED_EXAMPLES=yes ] + ) + +AS_IF([test "x$ENABLED_FILESYSTEM" = "xno"], [ENABLED_EXAMPLES="no"]) +AS_IF([test "x$ENABLED_INLINE" = "xno"], [ENABLED_EXAMPLES="no"]) +# certs still have sha signatures for now +AS_IF([test "x$ENABLED_SHA" = "xno"], [ENABLED_EXAMPLES="no"]) +AM_CONDITIONAL([BUILD_EXAMPLES], [test "x$ENABLED_EXAMPLES" = "xyes"]) + + +# LIBZ +ENABLED_LIBZ="no" +trylibzdir="" +AC_ARG_WITH([libz], + [ --with-libz=PATH PATH to libz install (default /usr/) ], + [ + AC_MSG_CHECKING([for libz]) + CPPFLAGS="$CPPFLAGS -DHAVE_LIBZ" + LIBS="$LIBS -lz" + + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ]) + + if test "x$libz_linked" == "xno" ; then + if test "x$withval" != "xno" ; then + trylibzdir=$withval + fi + if test "x$withval" == "xyes" ; then + trylibzdir="/usr" + fi + + AM_LDFLAGS="$AM_LDFLAGS -L$trylibzdir/lib" + CPPFLAGS="$CPPFLAGS -I$trylibzdir/include" + + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include ]], [[ deflateInit(0, 8); ]])],[ libz_linked=yes ],[ libz_linked=no ]) + + if test "x$libz_linked" == "xno" ; then + AC_MSG_ERROR([libz isn't found. + If it's already installed, specify its path using --with-libz=/dir/]) + fi + AC_MSG_RESULT([yes]) + else + AC_MSG_RESULT([yes]) + fi + ENABLED_LIBZ="yes" + ] +) +AM_CONDITIONAL([BUILD_LIBZ], [test "x$ENABLED_LIBZ" = "xyes"]) + + +# cavium +trycaviumdir="" +AC_ARG_WITH([cavium], + [ --with-cavium=PATH PATH to cavium/software dir ], + [ + AC_MSG_CHECKING([for cavium]) + CPPFLAGS="$CPPFLAGS -DHAVE_CAVIUM" + + if test "x$withval" == "xyes" ; then + AC_MSG_ERROR([need a PATH for --with-cavium]) + fi + if test "x$withval" != "xno" ; then + trycaviumdir=$withval + fi + + LDFLAGS="$AM_LDFLAGS $trycaviumdir/api/cavium_common.o" + CPPFLAGS="$CPPFLAGS -I$trycaviumdir/include" + + AC_LINK_IFELSE([AC_LANG_PROGRAM([[#include "cavium_common.h"]], [[ CspShutdown(CAVIUM_DEV_ID); ]])],[ cavium_linked=yes ],[ cavium_linked=no ]) + + if test "x$cavium_linked" == "xno" ; then + AC_MSG_ERROR([cavium isn't found. + If it's already installed, specify its path using --with-cavium=/dir/]) + fi + AC_MSG_RESULT([yes]) + enable_shared=no + enable_static=yes + ] +) + + +# microchip api +AC_ARG_ENABLE([mcapi], + [ --enable-mcapi Enable Microchip API (default: disabled)], + [ ENABLED_MCAPI=$enableval ], + [ ENABLED_MCAPI=no ] + ) + +if test "$ENABLED_MCAPI" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -DHAVE_MCAPI -DCYASSL_AES_COUNTER -DCYASSL_AES_DIRECT" +fi + +if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_SHA512" = "no" +then + AC_MSG_ERROR([please enable sha512 if enabling mcapi.]) +fi + +if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_ECC" = "no" +then + AC_MSG_ERROR([please enable ecc if enabling mcapi.]) +fi + +if test "$ENABLED_MCAPI" = "yes" && test "$ENABLED_LIBZ" = "no" +then + AC_MSG_ERROR([please use --with-libz if enabling mcapi.]) +fi + +AM_CONDITIONAL([BUILD_MCAPI], [test "x$ENABLED_MCAPI" = "xyes"]) + + + +# OPTIMIZE FLAGS +if test "$GCC" = "yes" +then + AM_CFLAGS="$AM_CFLAGS -Wall -Wno-unused" + if test "$ax_enable_debug" = "no" + then + if test "$ENABLED_FASTMATH" = "yes" + then + AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_FAST_CFLAGS" + if test "$ENABLED_FASTHUGEMATH" = "yes" + then + AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_HUGE_CFLAGS" + fi + else + AM_CFLAGS="$AM_CFLAGS $OPTIMIZE_CFLAGS" + fi + fi +fi + +# ICC command line warning for non supported warning flags +if test "$CC" = "icc" +then + AM_CFLAGS="$AM_CFLAGS -wd10006" +fi + + +LIB_SOCKET_NSL +AX_HARDEN_CC_COMPILER_FLAGS + +# link to ws2_32 if on mingw +case $host_os in + *mingw32) + LDFLAGS="$LDFLAGS -lws2_32" ;; +esac + +# add user C_EXTRA_FLAGS back +CFLAGS="$CFLAGS $USER_C_EXTRA_FLAGS" +OPTION_FLAGS="$USER_C_EXTRA_FLAGS $AM_CFLAGS" + +CREATE_HEX_VERSION +AC_SUBST([AM_CPPFLAGS]) +AC_SUBST([AM_CFLAGS]) +AC_SUBST([AM_LDFLAGS]) + +# FINAL +AC_CONFIG_FILES([stamp-h], [echo timestamp > stamp-h]) +AC_CONFIG_FILES([Makefile]) +AC_CONFIG_FILES([cyassl/version.h]) +AC_CONFIG_FILES([cyassl/options.h]) +AC_CONFIG_FILES([support/cyassl.pc]) +AC_CONFIG_FILES([rpm/spec]) + +AX_CREATE_GENERIC_CONFIG +AX_AM_JOBSERVER([yes]) + +AC_OUTPUT + + +# force make clean +echo "---" +echo "Running make clean..." +make clean >/dev/null 2>&1 +# Touch files that may not be in repository +echo "Touching File..." +touch ctaocrypt/src/fips.c +touch ctaocrypt/src/fips_test.c +echo + +# generate user options header +echo "---" +echo "Generating user options header..." +OPTION_FILE="cyassl/options.h" +rm -f $OPTION_FILE + +echo "/* cyassl options.h" > $OPTION_FILE +echo " * generated from configure options" >> $OPTION_FILE +echo " *" >> $OPTION_FILE +echo " * Copyright (C) 2006-2014 wolfSSL Inc." >> $OPTION_FILE +echo " *" >> $OPTION_FILE +echo " * This file is part of CyaSSL." >> $OPTION_FILE +echo " *" >> $OPTION_FILE +echo " */" >> $OPTION_FILE + +echo "" >> $OPTION_FILE +echo "#pragma once" >> $OPTION_FILE +echo "" >> $OPTION_FILE +echo "#ifdef __cplusplus" >> $OPTION_FILE +echo "extern \"C\" {" >> $OPTION_FILE +echo "#endif" >> $OPTION_FILE +echo "" >> $OPTION_FILE + +for option in $OPTION_FLAGS; do + defonly=`echo $option | sed 's/-D//'` + if test "$defonly" != "$option" + then + noequalsign=`echo $defonly | sed 's/=/ /'` + echo "#undef $noequalsign" >> $OPTION_FILE + echo "#define $noequalsign" >> $OPTION_FILE + echo "" >> $OPTION_FILE + else + echo "option w/o begin -D is $option, not saving to $OPTION_FILE" + fi +done + +echo "" >> $OPTION_FILE +echo "#ifdef __cplusplus" >> $OPTION_FILE +echo "}" >> $OPTION_FILE +echo "#endif" >> $OPTION_FILE +echo "" >> $OPTION_FILE +echo + +# output config summary +echo "---" +echo "Configuration summary for $PACKAGE_NAME version $VERSION" +echo "" +echo " * Installation prefix: $prefix" +echo " * System type: $host_vendor-$host_os" +echo " * Host CPU: $host_cpu" +echo " * C Compiler: $CC" +echo " * C Flags: $CFLAGS" +echo " * C++ Compiler: $CXX" +echo " * C++ Flags: $CXXFLAGS" +echo " * CPP Flags: $CPPFLAGS" +echo " * LIB Flags: $LIB" +echo " * Debug enabled: $ax_enable_debug" +echo " * Warnings as failure: $ac_cv_warnings_as_errors" +echo " * make -j: $enable_jobserver" +echo " * VCS checkout: $ac_cv_vcs_checkout" +echo +echo " Features " +echo " * Single threaded: $ENABLED_SINGLETHREADED" +echo " * Filesystem: $ENABLED_FILESYSTEM" +echo " * OpenSSL Extra API: $ENABLED_OPENSSLEXTRA" +echo " * fastmath: $ENABLED_FASTMATH" +echo " * sniffer: $ENABLED_SNIFFER" +echo " * snifftest: $ENABLED_SNIFFTEST" +echo " * ARC4: $ENABLED_ARC4" +echo " * AES: $ENABLED_AES" +echo " * AES-NI: $ENABLED_AESNI" +echo " * AES-GCM: $ENABLED_AESGCM" +echo " * AES-CCM: $ENABLED_AESCCM" +echo " * DES3: $ENABLED_DES3" +echo " * Camellia: $ENABLED_CAMELLIA" +echo " * NULL Cipher: $ENABLED_NULL_CIPHER" +echo " * MD5: $ENABLED_MD5" +echo " * RIPEMD: $ENABLED_RIPEMD" +echo " * SHA: $ENABLED_SHA" +echo " * SHA-512: $ENABLED_SHA512" +echo " * BLAKE2: $ENABLED_BLAKE2" +echo " * keygen: $ENABLED_KEYGEN" +echo " * certgen: $ENABLED_CERTGEN" +echo " * certreq: $ENABLED_CERTREQ" +echo " * HC-128: $ENABLED_HC128" +echo " * RABBIT: $ENABLED_RABBIT" +echo " * Hash DRBG: $ENABLED_HASHDRBG" +echo " * PWDBASED: $ENABLED_PWDBASED" +echo " * HKDF: $ENABLED_HKDF" +echo " * MD4: $ENABLED_MD4" +echo " * PSK: $ENABLED_PSK" +echo " * LEANPSK: $ENABLED_LEANPSK" +echo " * RSA: $ENABLED_RSA" +echo " * DSA: $ENABLED_DSA" +echo " * DH: $ENABLED_DH" +echo " * ECC: $ENABLED_ECC" +echo " * FPECC: $ENABLED_FPECC" +echo " * ECC_ENCRYPT: $ENABLED_ECC_ENCRYPT" +echo " * ASN: $ENABLED_ASN" +echo " * CODING: $ENABLED_CODING" +echo " * MEMORY: $ENABLED_MEMORY" +echo " * I/O POOL: $ENABLED_IOPOOL" +echo " * ERROR_STRINGS: $ENABLED_ERROR_STRINGS" +echo " * DTLS: $ENABLED_DTLS" +echo " * Old TLS Versions: $ENABLED_OLD_TLS" +echo " * OCSP: $ENABLED_OCSP" +echo " * CRL: $ENABLED_CRL" +echo " * CRL-MONITOR: $ENABLED_CRL_MONITOR" +echo " * Persistent session cache: $ENABLED_SAVESESSION" +echo " * Persistent cert cache: $ENABLED_SAVECERT" +echo " * Atomic User Record Layer: $ENABLED_ATOMICUSER" +echo " * Public Key Callbacks: $ENABLED_PKCALLBACKS" +echo " * NTRU: $ENABLED_NTRU" +echo " * SNI: $ENABLED_SNI" +echo " * Maximum Fragment Length: $ENABLED_MAX_FRAGMENT" +echo " * Truncated HMAC: $ENABLED_TRUNCATED_HMAC" +echo " * Renegotiation Indication: $ENABLED_RENEGOTIATION_INDICATION" +echo " * Supported Elliptic Curves: $ENABLED_SUPPORTED_CURVES" +echo " * All TLS Extensions: $ENABLED_TLSX" +echo " * PKCS#7 $ENABLED_PKCS7" +echo " * wolfSCEP $ENABLED_WOLFSCEP" +echo " * Small Stack: $ENABLED_SMALL_STACK" +echo " * valgrind unit tests: $ENABLED_VALGRIND" +echo " * LIBZ: $ENABLED_LIBZ" +echo " * Examples: $ENABLED_EXAMPLES" +echo "" +echo "---" diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/benchmark.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/benchmark.c index b1e662034..b2517f084 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/benchmark.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/benchmark.c @@ -1,6 +1,6 @@ /* benchmark.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ /* CTaoCrypt benchmark */ @@ -25,6 +25,8 @@ #include #endif +#include + #include #include @@ -33,6 +35,7 @@ #include #include #include +#include #include #include #include @@ -43,39 +46,122 @@ #include #include +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif +#ifdef HAVE_NTRU + #include "ntru_crypto.h" +#endif + +#if defined(CYASSL_MDK_ARM) + extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; + #define fopen CyaSSL_fopen +#endif + +#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) + /* include test cert and key buffers for use with NO_FILESYSTEM */ + #if defined(CYASSL_MDK_ARM) + #include "cert_data.h" /* use certs_test.c for initial data, + so other commands can share the data. */ + #else + #include + #endif +#endif + + +#ifdef HAVE_BLAKE2 + #include + void bench_blake2(void); +#endif #ifdef _MSC_VER /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ #pragma warning(disable: 4996) #endif -void bench_des(); -void bench_arc4(); -void bench_hc128(); -void bench_rabbit(); +void bench_des(void); +void bench_arc4(void); +void bench_hc128(void); +void bench_rabbit(void); void bench_aes(int); -void bench_aesgcm(); - -void bench_md5(); -void bench_sha(); -void bench_sha256(); -void bench_sha512(); -void bench_ripemd(); - -void bench_rsa(); -void bench_rsaKeyGen(); -void bench_dh(); +void bench_aesgcm(void); +void bench_aesccm(void); +void bench_aesctr(void); +void bench_camellia(void); + +void bench_md5(void); +void bench_sha(void); +void bench_sha256(void); +void bench_sha512(void); +void bench_ripemd(void); + +void bench_rsa(void); +void bench_rsaKeyGen(void); +void bench_dh(void); #ifdef HAVE_ECC -void bench_eccKeyGen(); -void bench_eccKeyAgree(); +void bench_eccKeyGen(void); +void bench_eccKeyAgree(void); +#endif +#ifdef HAVE_NTRU +void bench_ntruKeyGen(void); #endif -double current_time(); +double current_time(int); +#ifdef HAVE_CAVIUM + +static int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif + +#if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND) + CYASSL_API int CyaSSL_Debugging_ON(); +#endif + +/* so embedded projects can pull in tests on their own */ +#if !defined(NO_MAIN_DRIVER) int main(int argc, char** argv) + +{ + (void)argc; + (void)argv; +#else +int benchmark_test(void *args) { +#endif + + #if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND) + CyaSSL_Debugging_ON(); + #endif + + #ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) { + printf("Cavium OpenNitroxDevice failed\n"); + exit(-1); + } +#endif /* HAVE_CAVIUM */ #ifndef NO_AES bench_aes(0); bench_aes(1); @@ -83,7 +169,20 @@ int main(int argc, char** argv) #ifdef HAVE_AESGCM bench_aesgcm(); #endif + +#ifdef CYASSL_AES_COUNTER + bench_aesctr(); +#endif + +#ifdef HAVE_AESCCM + bench_aesccm(); +#endif +#ifdef HAVE_CAMELLIA + bench_camellia(); +#endif +#ifndef NO_RC4 bench_arc4(); +#endif #ifdef HAVE_HC128 bench_hc128(); #endif @@ -96,8 +195,12 @@ int main(int argc, char** argv) printf("\n"); +#ifndef NO_MD5 bench_md5(); +#endif +#ifndef NO_SHA bench_sha(); +#endif #ifndef NO_SHA256 bench_sha256(); #endif @@ -107,19 +210,28 @@ int main(int argc, char** argv) #ifdef CYASSL_RIPEMD bench_ripemd(); #endif +#ifdef HAVE_BLAKE2 + bench_blake2(); +#endif printf("\n"); - + +#ifndef NO_RSA bench_rsa(); +#endif #ifndef NO_DH bench_dh(); #endif -#ifdef CYASSL_KEY_GEN +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) bench_rsaKeyGen(); #endif +#ifdef HAVE_NTRU + bench_ntruKeyGen(); +#endif + #ifdef HAVE_ECC bench_eccKeyGen(); bench_eccKeyAgree(); @@ -128,17 +240,33 @@ int main(int argc, char** argv) return 0; } -const int megs = 5; /* how many megs to test (en/de)cryption */ -const int times = 100; /* public key iterations */ -const byte key[] = +#ifdef BENCH_EMBEDDED +enum BenchmarkBounds { + numBlocks = 25, /* how many kB to test (en/de)cryption */ + ntimes = 1, + genTimes = 5, /* public key iterations */ + agreeTimes = 5 +}; +static const char blockType[] = "kB"; /* used in printf output */ +#else +enum BenchmarkBounds { + numBlocks = 5, /* how many megs to test (en/de)cryption */ + ntimes = 100, + genTimes = 100, + agreeTimes = 100 +}; +static const char blockType[] = "megs"; /* used in printf output */ +#endif + +static const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; -const byte iv[] = +static const byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, @@ -147,8 +275,14 @@ const byte iv[] = }; -byte plain [1024*1024]; -byte cipher[1024*1024]; +/* use kB instead of mB for embedded benchmarking */ +#ifdef BENCH_EMBEDDED +static byte plain [1024]; +static byte cipher[1024]; +#else +static byte plain [1024*1024]; +static byte cipher[1024*1024]; +#endif #ifndef NO_AES @@ -157,140 +291,289 @@ void bench_aes(int show) Aes enc; double start, total, persec; int i; + int ret; - AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); - start = current_time(); +#ifdef HAVE_CAVIUM + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) { + printf("aes init cavium failed\n"); + return; + } +#endif + + ret = AesSetKey(&enc, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("AesSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); - for(i = 0; i < megs; i++) + for(i = 0; i < numBlocks; i++) AesCbcEncrypt(&enc, plain, cipher, sizeof(plain)); - total = current_time() - start; + total = current_time(0) - start; - persec = 1 / total * megs; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif if (show) - printf("AES %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("AES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + AesFreeCavium(&enc); +#endif } #endif -byte additional[13]; -byte tag[16]; +#if defined(HAVE_AESGCM) || defined(HAVE_AESCCM) + static byte additional[13]; + static byte tag[16]; +#endif #ifdef HAVE_AESGCM -void bench_aesgcm() +void bench_aesgcm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesGcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesGcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, + tag, 16, additional, 13); + + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-GCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + +#ifdef CYASSL_AES_COUNTER +void bench_aesctr(void) { Aes enc; double start, total, persec; int i; - AesGcmSetKey(&enc, key, 16, iv); - AesGcmSetExpIV(&enc, iv+4); - start = current_time(); + AesSetKeyDirect(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCtrEncrypt(&enc, plain, cipher, sizeof(plain)); - for(i = 0; i < megs; i++) - AesGcmEncrypt(&enc, cipher, plain, sizeof(plain), + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CTR %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + + +#ifdef HAVE_AESCCM +void bench_aesccm(void) +{ + Aes enc; + double start, total, persec; + int i; + + AesCcmSetKey(&enc, key, 16); + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + AesCcmEncrypt(&enc, cipher, plain, sizeof(plain), iv, 12, tag, 16, additional, 13); - total = current_time() - start; + total = current_time(0) - start; + + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("AES-CCM %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#ifdef HAVE_CAMELLIA +void bench_camellia(void) +{ + Camellia cam; + double start, total, persec; + int i, ret; + + ret = CamelliaSetKey(&cam, key, 16, iv); + if (ret != 0) { + printf("CamelliaSetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) + CamelliaCbcEncrypt(&cam, plain, cipher, sizeof(plain)); + + total = current_time(0) - start; - persec = 1 / total * megs; - printf("AES-GCM %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("Camellia %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); } #endif #ifndef NO_DES3 -void bench_des() +void bench_des(void) { Des3 enc; double start, total, persec; - int i; + int i, ret; - Des3_SetKey(&enc, key, iv, DES_ENCRYPTION); - start = current_time(); +#ifdef HAVE_CAVIUM + if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("des3 init cavium failed\n"); +#endif + ret = Des3_SetKey(&enc, key, iv, DES_ENCRYPTION); + if (ret != 0) { + printf("Des3_SetKey failed, ret = %d\n", ret); + return; + } + start = current_time(1); - for(i = 0; i < megs; i++) + for(i = 0; i < numBlocks; i++) Des3_CbcEncrypt(&enc, plain, cipher, sizeof(plain)); - total = current_time() - start; + total = current_time(0) - start; - persec = 1 / total * megs; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif - printf("3DES %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("3DES %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Des3_FreeCavium(&enc); +#endif } #endif -void bench_arc4() +#ifndef NO_RC4 +void bench_arc4(void) { Arc4 enc; double start, total, persec; int i; +#ifdef HAVE_CAVIUM + if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) + printf("arc4 init cavium failed\n"); +#endif + Arc4SetKey(&enc, key, 16); - start = current_time(); + start = current_time(1); - for(i = 0; i < megs; i++) + for(i = 0; i < numBlocks; i++) Arc4Process(&enc, cipher, plain, sizeof(plain)); - total = current_time() - start; - persec = 1 / total * megs; + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif - printf("ARC4 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("ARC4 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +#ifdef HAVE_CAVIUM + Arc4FreeCavium(&enc); +#endif } +#endif #ifdef HAVE_HC128 -void bench_hc128() +void bench_hc128(void) { HC128 enc; double start, total, persec; int i; Hc128_SetKey(&enc, key, iv); - start = current_time(); + start = current_time(1); - for(i = 0; i < megs; i++) + for(i = 0; i < numBlocks; i++) Hc128_Process(&enc, cipher, plain, sizeof(plain)); - total = current_time() - start; - persec = 1 / total * megs; + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif - printf("HC128 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("HC128 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); } #endif /* HAVE_HC128 */ #ifndef NO_RABBIT -void bench_rabbit() +void bench_rabbit(void) { Rabbit enc; double start, total, persec; int i; RabbitSetKey(&enc, key, iv); - start = current_time(); + start = current_time(1); - for(i = 0; i < megs; i++) + for(i = 0; i < numBlocks; i++) RabbitProcess(&enc, cipher, plain, sizeof(plain)); - total = current_time() - start; - persec = 1 / total * megs; + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif - printf("RABBIT %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("RABBIT %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); } #endif /* NO_RABBIT */ -void bench_md5() +#ifndef NO_MD5 +void bench_md5(void) { Md5 hash; byte digest[MD5_DIGEST_SIZE]; @@ -298,94 +581,143 @@ void bench_md5() int i; InitMd5(&hash); - start = current_time(); + start = current_time(1); - for(i = 0; i < megs; i++) + for(i = 0; i < numBlocks; i++) Md5Update(&hash, plain, sizeof(plain)); Md5Final(&hash, digest); - total = current_time() - start; - persec = 1 / total * megs; + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif - printf("MD5 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("MD5 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); } +#endif /* NO_MD5 */ -void bench_sha() +#ifndef NO_SHA +void bench_sha(void) { Sha hash; byte digest[SHA_DIGEST_SIZE]; double start, total, persec; - int i; + int i, ret; - InitSha(&hash); - start = current_time(); + ret = InitSha(&hash); + if (ret != 0) { + printf("InitSha failed, ret = %d\n", ret); + return; + } + start = current_time(1); - for(i = 0; i < megs; i++) + for(i = 0; i < numBlocks; i++) ShaUpdate(&hash, plain, sizeof(plain)); ShaFinal(&hash, digest); - total = current_time() - start; - persec = 1 / total * megs; + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif - printf("SHA %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("SHA %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); } +#endif /* NO_SHA */ #ifndef NO_SHA256 -void bench_sha256() +void bench_sha256(void) { Sha256 hash; byte digest[SHA256_DIGEST_SIZE]; double start, total, persec; - int i; + int i, ret; - InitSha256(&hash); - start = current_time(); + ret = InitSha256(&hash); + if (ret != 0) { + printf("InitSha256 failed, ret = %d\n", ret); + return; + } + start = current_time(1); - for(i = 0; i < megs; i++) - Sha256Update(&hash, plain, sizeof(plain)); + for(i = 0; i < numBlocks; i++) { + ret = Sha256Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha256Update failed, ret = %d\n", ret); + return; + } + } - Sha256Final(&hash, digest); + ret = Sha256Final(&hash, digest); + if (ret != 0) { + printf("Sha256Final failed, ret = %d\n", ret); + return; + } - total = current_time() - start; - persec = 1 / total * megs; + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif - printf("SHA-256 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("SHA-256 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); } #endif #ifdef CYASSL_SHA512 -void bench_sha512() +void bench_sha512(void) { Sha512 hash; byte digest[SHA512_DIGEST_SIZE]; double start, total, persec; - int i; + int i, ret; - InitSha512(&hash); - start = current_time(); + ret = InitSha512(&hash); + if (ret != 0) { + printf("InitSha512 failed, ret = %d\n", ret); + return; + } + start = current_time(1); - for(i = 0; i < megs; i++) - Sha512Update(&hash, plain, sizeof(plain)); - - Sha512Final(&hash, digest); + for(i = 0; i < numBlocks; i++) { + ret = Sha512Update(&hash, plain, sizeof(plain)); + if (ret != 0) { + printf("Sha512Update failed, ret = %d\n", ret); + return; + } + } - total = current_time() - start; - persec = 1 / total * megs; + ret = Sha512Final(&hash, digest); + if (ret != 0) { + printf("Sha512Final failed, ret = %d\n", ret); + return; + } - printf("SHA-512 %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("SHA-512 %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); } #endif #ifdef CYASSL_RIPEMD -void bench_ripemd() +void bench_ripemd(void) { RipeMd hash; byte digest[RIPEMD_DIGEST_SIZE]; @@ -393,87 +725,199 @@ void bench_ripemd() int i; InitRipeMd(&hash); - start = current_time(); + start = current_time(1); - for(i = 0; i < megs; i++) + for(i = 0; i < numBlocks; i++) RipeMdUpdate(&hash, plain, sizeof(plain)); RipeMdFinal(&hash, digest); - total = current_time() - start; - persec = 1 / total * megs; + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif - printf("RIPEMD %d megs took %5.3f seconds, %6.2f MB/s\n", megs, total, - persec); + printf("RIPEMD %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); } #endif -RNG rng; +#ifdef HAVE_BLAKE2 +void bench_blake2(void) +{ + Blake2b b2b; + byte digest[64]; + double start, total, persec; + int i, ret; + + ret = InitBlake2b(&b2b, 64); + if (ret != 0) { + printf("InitBlake2b failed, ret = %d\n", ret); + return; + } + start = current_time(1); + + for(i = 0; i < numBlocks; i++) { + ret = Blake2bUpdate(&b2b, plain, sizeof(plain)); + if (ret != 0) { + printf("Blake2bUpdate failed, ret = %d\n", ret); + return; + } + } + + ret = Blake2bFinal(&b2b, digest, 64); + if (ret != 0) { + printf("Blake2bFinal failed, ret = %d\n", ret); + return; + } -void bench_rsa() + total = current_time(0) - start; + persec = 1 / total * numBlocks; +#ifdef BENCH_EMBEDDED + /* since using kB, convert to MB/s */ + persec = persec / 1024; +#endif + + printf("BLAKE2b %d %s took %5.3f seconds, %7.3f MB/s\n", numBlocks, + blockType, total, persec); +} +#endif + + +#if !defined(NO_RSA) || !defined(NO_DH) \ + || defined(CYASSL_KEYGEN) || defined(HAVE_ECC) +static RNG rng; +#endif + +#ifndef NO_RSA + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #if defined(CYASSL_MDK_SHELL) + static char *certRSAname = "certs/rsa2048.der"; + /* set by shell command */ + static void set_Bench_RSA_File(char * cert) { certRSAname = cert ; } + #else + static const char *certRSAname = "certs/rsa2048.der"; + #endif +#endif + +void bench_rsa(void) { int i; - byte tmp[4096]; + int ret; + byte tmp[3072]; size_t bytes; word32 idx = 0; byte message[] = "Everyone gets Friday off."; - byte cipher[512]; /* for up to 4096 bit */ - byte* output; + byte enc[512]; /* for up to 4096 bit */ const int len = (int)strlen((char*)message); double start, total, each, milliEach; - RsaKey key; - FILE* file = fopen("./certs/rsa2048.der", "rb"); + RsaKey rsaKey; + int rsaKeySz = 2048; /* used in printf */ + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, rsa_key_der_1024, sizeof_rsa_key_der_1024); + bytes = sizeof_rsa_key_der_1024; + rsaKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, rsa_key_der_2048, sizeof_rsa_key_der_2048); + bytes = sizeof_rsa_key_der_2048; +#else + FILE* file = fopen(certRSAname, "rb"); if (!file) { - printf("can't find ./certs/rsa2048.der, " - "Please run from CyaSSL home dir\n"); + printf("can't find %s, Please run from CyaSSL home dir\n", certRSAname); return; } - - InitRng(&rng); + bytes = fread(tmp, 1, sizeof(tmp), file); - InitRsaKey(&key, 0); - bytes = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + +#ifdef HAVE_CAVIUM + if (RsaInitCavium(&rsaKey, CAVIUM_DEV_ID) != 0) + printf("RSA init cavium failed\n"); +#endif + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + ret = InitRsaKey(&rsaKey, 0); + if (ret < 0) { + printf("InitRsaKey failed\n"); + return; + } + ret = RsaPrivateKeyDecode(tmp, &idx, &rsaKey, (word32)bytes); - start = current_time(); + start = current_time(1); - for (i = 0; i < times; i++) - bytes = RsaPublicEncrypt(message,len,cipher,sizeof(cipher), &key, &rng); + for (i = 0; i < ntimes; i++) + ret = RsaPublicEncrypt(message,len,enc,sizeof(enc), &rsaKey, &rng); - total = current_time() - start; - each = total / times; /* per second */ + total = current_time(0) - start; + each = total / ntimes; /* per second */ milliEach = each * 1000; /* milliseconds */ - printf("RSA 2048 encryption took %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); + printf("RSA %d encryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); - start = current_time(); + if (ret < 0) { + printf("Rsa Public Encrypt failed\n"); + return; + } - for (i = 0; i < times; i++) - RsaPrivateDecryptInline(cipher, (word32)bytes, &output, &key); + start = current_time(1); - total = current_time() - start; - each = total / times; /* per second */ + for (i = 0; i < ntimes; i++) { + byte out[512]; /* for up to 4096 bit */ + RsaPrivateDecrypt(enc, (word32)ret, out, sizeof(out), &rsaKey); + } + + total = current_time(0) - start; + each = total / ntimes; /* per second */ milliEach = each * 1000; /* milliseconds */ - printf("RSA 2048 decryption took %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); + printf("RSA %d decryption took %6.3f milliseconds, avg over %d" + " iterations\n", rsaKeySz, milliEach, ntimes); - fclose(file); - FreeRsaKey(&key); + FreeRsaKey(&rsaKey); +#ifdef HAVE_CAVIUM + RsaFreeCavium(&rsaKey); +#endif } +#endif #ifndef NO_DH -void bench_dh() + + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #if defined(CYASSL_MDK_SHELL) + static char *certDHname = "certs/dh2048.der"; + /* set by shell command */ + void set_Bench_DH_File(char * cert) { certDHname = cert ; } + #else + static const char *certDHname = "certs/dh2048.der"; + #endif +#endif + +void bench_dh(void) { - int i; +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + int ret; +#endif + int i ; byte tmp[1024]; size_t bytes; - word32 idx = 0, pubSz, privSz, pubSz2, privSz2, agreeSz; + word32 idx = 0, pubSz, privSz = 0, pubSz2, privSz2, agreeSz; byte pub[256]; /* for 2048 bit */ byte priv[256]; /* for 2048 bit */ @@ -482,59 +926,85 @@ void bench_dh() byte agree[256]; /* for 2048 bit */ double start, total, each, milliEach; - DhKey key; - FILE* file = fopen("./certs/dh2048.der", "rb"); + DhKey dhKey; + int dhKeySz = 2048; /* used in printf */ + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); + bytes = sizeof_dh_key_der_1024; + dhKeySz = 1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); + bytes = sizeof_dh_key_der_2048; +#else + FILE* file = fopen(certDHname, "rb"); if (!file) { - printf("can't find ./certs/dh2048.der, " - "Please run from CyaSSL home dir\n"); + printf("can't find %s, Please run from CyaSSL home dir\n", certDHname); return; } + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } bytes = fread(tmp, 1, sizeof(tmp), file); - InitDhKey(&key); - bytes = DhKeyDecode(tmp, &idx, &key, (word32)bytes); +#endif /* USE_CERT_BUFFERS */ + + + InitDhKey(&dhKey); + bytes = DhKeyDecode(tmp, &idx, &dhKey, (word32)bytes); + if (bytes != 0) { + printf("dhekydecode failed, can't benchmark\n"); + #if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + fclose(file); + #endif + return; + } - start = current_time(); + start = current_time(1); - for (i = 0; i < times; i++) - DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz); + for (i = 0; i < ntimes; i++) + DhGenerateKeyPair(&dhKey, &rng, priv, &privSz, pub, &pubSz); - total = current_time() - start; - each = total / times; /* per second */ + total = current_time(0) - start; + each = total / ntimes; /* per second */ milliEach = each * 1000; /* milliseconds */ - printf("DH 2048 key generation %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); + printf("DH %d key generation %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); - DhGenerateKeyPair(&key, &rng, priv2, &privSz2, pub2, &pubSz2); - start = current_time(); + DhGenerateKeyPair(&dhKey, &rng, priv2, &privSz2, pub2, &pubSz2); + start = current_time(1); - for (i = 0; i < times; i++) - DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2); + for (i = 0; i < ntimes; i++) + DhAgree(&dhKey, agree, &agreeSz, priv, privSz, pub2, pubSz2); - total = current_time() - start; - each = total / times; /* per second */ + total = current_time(0) - start; + each = total / ntimes; /* per second */ milliEach = each * 1000; /* milliseconds */ - printf("DH 2048 key agreement %6.2f milliseconds, avg over %d" - " iterations\n", milliEach, times); + printf("DH %d key agreement %6.3f milliseconds, avg over %d" + " iterations\n", dhKeySz, milliEach, ntimes); +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) fclose(file); - FreeDhKey(&key); +#endif + FreeDhKey(&dhKey); } #endif -#ifdef CYASSL_KEY_GEN -void bench_rsaKeyGen() +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) +void bench_rsaKeyGen(void) { RsaKey genKey; double start, total, each, milliEach; int i; - const int genTimes = 5; /* 1024 bit */ - start = current_time(); + start = current_time(1); for(i = 0; i < genTimes; i++) { InitRsaKey(&genKey, 0); @@ -542,15 +1012,15 @@ void bench_rsaKeyGen() FreeRsaKey(&genKey); } - total = current_time() - start; + total = current_time(0) - start; each = total / genTimes; /* per second */ milliEach = each * 1000; /* millisconds */ printf("\n"); - printf("RSA 1024 key generation %6.2f milliseconds, avg over %d" + printf("RSA 1024 key generation %6.3f milliseconds, avg over %d" " iterations\n", milliEach, genTimes); /* 2048 bit */ - start = current_time(); + start = current_time(1); for(i = 0; i < genTimes; i++) { InitRsaKey(&genKey, 0); @@ -558,83 +1028,196 @@ void bench_rsaKeyGen() FreeRsaKey(&genKey); } - total = current_time() - start; + total = current_time(0) - start; each = total / genTimes; /* per second */ milliEach = each * 1000; /* millisconds */ - printf("RSA 2048 key generation %6.2f milliseconds, avg over %d" + printf("RSA 2048 key generation %6.3f milliseconds, avg over %d" " iterations\n", milliEach, genTimes); } #endif /* CYASSL_KEY_GEN */ +#ifdef HAVE_NTRU +byte GetEntropy(ENTROPY_CMD cmd, byte* out); + +byte GetEntropy(ENTROPY_CMD cmd, byte* out) +{ + if (cmd == INIT) + return (InitRng(&rng) == 0) ? 1 : 0; + + if (out == NULL) + return 0; + + if (cmd == GET_BYTE_OF_ENTROPY) + return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0; + + if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) { + *out = 1; + return 1; + } + + return 0; +} +void bench_ntruKeyGen(void) +{ + double start, total, each, milliEach; + int i; + + byte public_key[557]; /* 2048 key equivalent to rsa */ + word16 public_key_len = sizeof(public_key); + byte private_key[607]; + word16 private_key_len = sizeof(private_key); + + DRBG_HANDLE drbg; + static uint8_t const pers_str[] = { + 'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't' + }; + + word32 rc = ntru_crypto_drbg_instantiate(112, pers_str, sizeof(pers_str), + GetEntropy, &drbg); + if(rc != DRBG_OK) { + printf("NTRU drbg instantiate failed\n"); + return; + } + + start = current_time(1); + + for(i = 0; i < genTimes; i++) { + ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len, + public_key, &private_key_len, private_key); + } + + total = current_time(0) - start; + + rc = ntru_crypto_drbg_uninstantiate(drbg); + + if (rc != NTRU_OK) { + printf("NTRU drbg uninstantiate failed\n"); + return; + } + + each = total / genTimes; + milliEach = each * 1000; + + printf("\n"); + printf("NTRU 112 key generation %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, genTimes); + +} +#endif #ifdef HAVE_ECC -void bench_eccKeyGen() +void bench_eccKeyGen(void) { ecc_key genKey; double start, total, each, milliEach; - int i; - const int genTimes = 5; + int i, ret; + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } /* 256 bit */ - start = current_time(); + start = current_time(1); for(i = 0; i < genTimes; i++) { - int ret = ecc_make_key(&rng, 32, &genKey); + ecc_make_key(&rng, 32, &genKey); ecc_free(&genKey); } - total = current_time() - start; + total = current_time(0) - start; each = total / genTimes; /* per second */ milliEach = each * 1000; /* millisconds */ printf("\n"); - printf("ECC 256 key generation %6.2f milliseconds, avg over %d" + printf("ECC 256 key generation %6.3f milliseconds, avg over %d" " iterations\n", milliEach, genTimes); } -void bench_eccKeyAgree() +void bench_eccKeyAgree(void) { ecc_key genKey, genKey2; double start, total, each, milliEach; - int i; - const int agreeTimes = 5; + int i, ret; byte shared[1024]; byte sig[1024]; byte digest[32]; - word32 x; - - ecc_make_key(&rng, 32, &genKey); - ecc_make_key(&rng, 32, &genKey2); + word32 x = 0; + + ecc_init(&genKey); + ecc_init(&genKey2); + + ret = InitRng(&rng); + if (ret < 0) { + printf("InitRNG failed\n"); + return; + } + + ret = ecc_make_key(&rng, 32, &genKey); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } + ret = ecc_make_key(&rng, 32, &genKey2); + if (ret != 0) { + printf("ecc_make_key failed\n"); + return; + } /* 256 bit */ - start = current_time(); + start = current_time(1); for(i = 0; i < agreeTimes; i++) { x = sizeof(shared); - ecc_shared_secret(&genKey, &genKey2, shared, &x); + ret = ecc_shared_secret(&genKey, &genKey2, shared, &x); + if (ret != 0) { + printf("ecc_shared_secret failed\n"); + return; + } } - total = current_time() - start; + total = current_time(0) - start; each = total / agreeTimes; /* per second */ milliEach = each * 1000; /* millisconds */ - printf("EC-DHE key agreement %6.2f milliseconds, avg over %d" + printf("EC-DHE key agreement %6.3f milliseconds, avg over %d" " iterations\n", milliEach, agreeTimes); /* make dummy digest */ - for (i = 0; i < sizeof(digest); i++) - digest[i] = i; + for (i = 0; i < (int)sizeof(digest); i++) + digest[i] = (byte)i; - start = current_time(); + start = current_time(1); for(i = 0; i < agreeTimes; i++) { x = sizeof(sig); - ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &genKey); + ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &genKey); + if (ret != 0) { + printf("ecc_sign_hash failed\n"); + return; + } } - total = current_time() - start; + total = current_time(0) - start; each = total / agreeTimes; /* per second */ milliEach = each * 1000; /* millisconds */ - printf("EC-DSA sign time %6.2f milliseconds, avg over %d" + printf("EC-DSA sign time %6.3f milliseconds, avg over %d" + " iterations\n", milliEach, agreeTimes); + + start = current_time(1); + + for(i = 0; i < agreeTimes; i++) { + int verify = 0; + ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &genKey); + if (ret != 0) { + printf("ecc_verify_hash failed\n"); + return; + } + } + + total = current_time(0) - start; + each = total / agreeTimes; /* per second */ + milliEach = each * 1000; /* millisconds */ + printf("EC-DSA verify time %6.3f milliseconds, avg over %d" " iterations\n", milliEach, agreeTimes); ecc_free(&genKey2); @@ -642,19 +1225,20 @@ void bench_eccKeyAgree() } #endif /* HAVE_ECC */ - #ifdef _WIN32 #define WIN32_LEAN_AND_MEAN #include - double current_time() + double current_time(int reset) { static int init = 0; static LARGE_INTEGER freq; LARGE_INTEGER count; + (void)reset; + if (!init) { QueryPerformanceFrequency(&freq); init = 1; @@ -665,17 +1249,59 @@ void bench_eccKeyAgree() return (double)count.QuadPart / freq.QuadPart; } +#elif defined MICROCHIP_PIC32 + #if defined(CYASSL_MICROCHIP_PIC32MZ) + #define CLOCK 80000000.0 + #else + #include + #define CLOCK 40000000.0 + #endif + + double current_time(int reset) + { + unsigned int ns; + + if (reset) { + WriteCoreTimer(0); + } + + /* get timer in ns */ + ns = ReadCoreTimer(); + + /* return seconds as a double */ + return ( ns / CLOCK * 2.0); + } + +#elif defined(CYASSL_IAR_ARM) || defined (CYASSL_MDK_ARM) + #warning "Write your current_time()" + double current_time(int reset) { return 0.0 ; } + +#elif defined FREERTOS + + double current_time(int reset) + { + (void) reset; + + portTickType tickCount; + + /* tick count == ms, if configTICK_RATE_HZ is set to 1000 */ + tickCount = xTaskGetTickCount(); + return (double)tickCount / 1000; + } + #else #include - double current_time() + double current_time(int reset) { struct timeval tv; + + (void)reset; + gettimeofday(&tv, 0); return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; } #endif /* _WIN32 */ - diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/include.am b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/include.am index 8d4895bcb..47e7bf0c5 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/benchmark/include.am @@ -7,3 +7,4 @@ ctaocrypt_benchmark_benchmark_LDADD = src/libcyassl.la ctaocrypt_benchmark_benchmark_DEPENDENCIES = src/libcyassl.la EXTRA_DIST += ctaocrypt/benchmark/benchmark.sln EXTRA_DIST += ctaocrypt/benchmark/benchmark.vcproj +DISTCLEANFILES+= ctaocrypt/benchmark/.libs/benchmark diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes.c index 9d2102488..e25b5d873 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes.c @@ -1,6 +1,6 @@ /* aes.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,23 +16,33 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifndef NO_AES +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif + #include -#include +#include #include #ifdef NO_INLINE #include #else #include #endif +#ifdef DEBUG_AESNI + #include +#endif #ifdef _MSC_VER @@ -41,6 +51,824 @@ #endif + +#ifdef HAVE_CAVIUM + static int AesCaviumSetKey(Aes* aes, const byte* key, word32 length, + const byte* iv); + static int AesCaviumCbcEncrypt(Aes* aes, byte* out, const byte* in, + word32 length); + static int AesCaviumCbcDecrypt(Aes* aes, byte* out, const byte* in, + word32 length); +#endif + +#if defined(CYASSL_PIC32MZ_CRYPT) + +#include "cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h" +#define DEBUG_CYASSL + + /* core hardware crypt engine driver */ + static void AesCrypt(Aes *aes, byte* out, const byte* in, word32 sz, + int dir, int algo, int cryptoalgo) + { + securityAssociation *sa_p ; + bufferDescriptor *bd_p ; + + volatile securityAssociation sa __attribute__((aligned (8))); + volatile bufferDescriptor bd __attribute__((aligned (8))); + volatile int k ; + + /* get uncached address */ + sa_p = KVA0_TO_KVA1(&sa) ; + bd_p = KVA0_TO_KVA1(&bd) ; + + /* Sync cache and physical memory */ + if(PIC32MZ_IF_RAM(in)) { + XMEMCPY((void *)KVA0_TO_KVA1(in), (void *)in, sz); + } + XMEMSET((void *)KVA0_TO_KVA1(out), 0, sz); + /* Set up the Security Association */ + XMEMSET((byte *)KVA0_TO_KVA1(&sa), 0, sizeof(sa)); + sa_p->SA_CTRL.ALGO = algo ; /* AES */ + sa_p->SA_CTRL.LNC = 1; + sa_p->SA_CTRL.LOADIV = 1; + sa_p->SA_CTRL.FB = 1; + sa_p->SA_CTRL.ENCTYPE = dir ; /* Encryption/Decryption */ + sa_p->SA_CTRL.CRYPTOALGO = cryptoalgo; + + if(cryptoalgo == PIC32_CRYPTOALGO_AES_GCM){ + switch(aes->keylen) { + case 32: + sa_p->SA_CTRL.KEYSIZE = PIC32_AES_KEYSIZE_256 ; + break ; + case 24: + sa_p->SA_CTRL.KEYSIZE = PIC32_AES_KEYSIZE_192 ; + break ; + case 16: + sa_p->SA_CTRL.KEYSIZE = PIC32_AES_KEYSIZE_128 ; + break ; + } + } else + sa_p->SA_CTRL.KEYSIZE = PIC32_AES_KEYSIZE_128 ; + + ByteReverseWords( + (word32 *)KVA0_TO_KVA1(sa.SA_ENCKEY + 8 - aes->keylen/sizeof(word32)), + (word32 *)aes->key_ce, aes->keylen); + ByteReverseWords( + (word32*)KVA0_TO_KVA1(sa.SA_ENCIV), (word32 *)aes->iv_ce, 16); + + XMEMSET((byte *)KVA0_TO_KVA1(&bd), 0, sizeof(bd)); + /* Set up the Buffer Descriptor */ + bd_p->BD_CTRL.BUFLEN = sz; + if(cryptoalgo == PIC32_CRYPTOALGO_AES_GCM) { + if(sz % 0x10) + bd_p->BD_CTRL.BUFLEN = (sz/0x10 + 1) * 0x10 ; + } + bd_p->BD_CTRL.LIFM = 1; + bd_p->BD_CTRL.SA_FETCH_EN = 1; + bd_p->BD_CTRL.LAST_BD = 1; + bd_p->BD_CTRL.DESC_EN = 1; + + bd_p->SA_ADDR = (unsigned int)KVA_TO_PA(&sa) ; + bd_p->SRCADDR = (unsigned int)KVA_TO_PA(in) ; + bd_p->DSTADDR = (unsigned int)KVA_TO_PA(out); + bd_p->MSGLEN = sz ; + + CECON = 1 << 6; + while (CECON); + + /* Run the engine */ + CEBDPADDR = (unsigned int)KVA_TO_PA(&bd) ; + CEINTEN = 0x07; + CECON = 0x27; + + WAIT_ENGINE ; + + if((cryptoalgo == PIC32_CRYPTOALGO_CBC) || + (cryptoalgo == PIC32_CRYPTOALGO_TCBC)|| + (cryptoalgo == PIC32_CRYPTOALGO_RCBC)) { + /* set iv for the next call */ + if(dir == PIC32_ENCRYPTION) { + XMEMCPY((void *)aes->iv_ce, + (void*)KVA0_TO_KVA1(out + sz - AES_BLOCK_SIZE), + AES_BLOCK_SIZE) ; + } else { + ByteReverseWords((word32*)aes->iv_ce, + (word32 *)KVA0_TO_KVA1(in + sz - AES_BLOCK_SIZE), + AES_BLOCK_SIZE); + } + } + XMEMCPY((byte *)out, (byte *)KVA0_TO_KVA1(out), sz) ; + ByteReverseWords((word32*)out, (word32 *)out, sz); + } + + int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + AesCrypt(aes, out, in, sz, PIC32_ENCRYPTION, PIC32_ALGO_AES, + PIC32_CRYPTOALGO_RCBC ); + return 0 ; + } + + int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + AesCrypt(aes, out, in, sz, PIC32_DECRYPTION, PIC32_ALGO_AES, + PIC32_CRYPTOALGO_RCBC); + return 0 ; + } + + #if defined(CYASSL_AES_COUNTER) + void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + int i ; + char out_block[AES_BLOCK_SIZE] ; + int odd ; + int even ; + char *tmp ; /* (char *)aes->tmp, for short */ + + tmp = (char *)aes->tmp ; + if(aes->left) { + if((aes->left + sz) >= AES_BLOCK_SIZE){ + odd = AES_BLOCK_SIZE - aes->left ; + } else { + odd = sz ; + } + XMEMCPY(tmp+aes->left, in, odd) ; + if((odd+aes->left) == AES_BLOCK_SIZE){ + AesCrypt(aes, out_block, tmp, AES_BLOCK_SIZE, + PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_RCTR); + XMEMCPY(out, out_block+aes->left, odd) ; + aes->left = 0 ; + XMEMSET(tmp, 0x0, AES_BLOCK_SIZE) ; + /* Increment IV */ + for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) { + if (++((byte *)aes->iv_ce)[i]) + break ; + } + } + in += odd ; + out+= odd ; + sz -= odd ; + } + odd = sz % AES_BLOCK_SIZE ; /* if there is tail flagment */ + if(sz / AES_BLOCK_SIZE) { + even = (sz/AES_BLOCK_SIZE)*AES_BLOCK_SIZE ; + AesCrypt(aes, out, in, even, PIC32_ENCRYPTION, PIC32_ALGO_AES, + PIC32_CRYPTOALGO_RCTR); + out += even ; + in += even ; + do { /* Increment IV */ + for (i = AES_BLOCK_SIZE - 1; i >= 0; i--) { + if (++((byte *)aes->iv_ce)[i]) + break ; + } + even -= AES_BLOCK_SIZE ; + } while((int)even > 0) ; + } + if(odd) { + XMEMSET(tmp+aes->left, 0x0, AES_BLOCK_SIZE - aes->left) ; + XMEMCPY(tmp+aes->left, in, odd) ; + AesCrypt(aes, out_block, tmp, AES_BLOCK_SIZE, + PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_RCTR); + XMEMCPY(out, out_block+aes->left,odd) ; + aes->left += odd ; + } + } + #endif /* CYASSL_AES_COUNTER */ + + #ifdef HAVE_AESGCM + #define HAVE_AES_ENGINE + /* Hardware AESGCM borows most of the software AESGCM, GMAC */ + #endif + +#endif /* CYASSL_PIC32MZ_CRYPT */ + +#ifdef STM32F2_CRYPTO + /* + * STM32F2 hardware AES support through the STM32F2 standard peripheral + * library. Documentation located in STM32F2xx Standard Peripheral Library + * document (See note in README). + */ + #include "stm32f2xx.h" + #include "stm32f2xx_cryp.h" + + int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, + int dir) + { + word32 *rk = aes->key; + + if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) + return BAD_FUNC_ARG; + + aes->rounds = keylen/4 + 6; + XMEMCPY(rk, userKey, keylen); + ByteReverseWords(rk, rk, keylen); + + return AesSetIV(aes, iv); + } + + int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + word32 *enc_key, *iv; + CRYP_InitTypeDef AES_CRYP_InitStructure; + CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure; + CRYP_IVInitTypeDef AES_CRYP_IVInitStructure; + + enc_key = aes->key; + iv = aes->reg; + + /* crypto structure initialization */ + CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure); + CRYP_StructInit(&AES_CRYP_InitStructure); + CRYP_IVStructInit(&AES_CRYP_IVInitStructure); + + /* reset registers to their default values */ + CRYP_DeInit(); + + /* load key into correct registers */ + switch(aes->rounds) + { + case 10: /* 128-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[3]; + break; + + case 12: /* 192-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b; + AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[3]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[4]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[5]; + break; + + case 14: /* 256-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b; + AES_CRYP_KeyInitStructure.CRYP_Key0Left = enc_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key0Right = enc_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[3]; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[4]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[5]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[6]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[7]; + break; + + default: + break; + } + CRYP_KeyInit(&AES_CRYP_KeyInitStructure); + + /* set iv */ + ByteReverseWords(iv, iv, AES_BLOCK_SIZE); + AES_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; + AES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; + AES_CRYP_IVInitStructure.CRYP_IV1Left = iv[2]; + AES_CRYP_IVInitStructure.CRYP_IV1Right = iv[3]; + CRYP_IVInit(&AES_CRYP_IVInitStructure); + + /* set direction, mode, and datatype */ + AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt; + AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC; + AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; + CRYP_Init(&AES_CRYP_InitStructure); + + /* enable crypto processor */ + CRYP_Cmd(ENABLE); + + while (sz > 0) + { + /* flush IN/OUT FIFOs */ + CRYP_FIFOFlush(); + + CRYP_DataIn(*(uint32_t*)&in[0]); + CRYP_DataIn(*(uint32_t*)&in[4]); + CRYP_DataIn(*(uint32_t*)&in[8]); + CRYP_DataIn(*(uint32_t*)&in[12]); + + /* wait until the complete message has been processed */ + while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} + + *(uint32_t*)&out[0] = CRYP_DataOut(); + *(uint32_t*)&out[4] = CRYP_DataOut(); + *(uint32_t*)&out[8] = CRYP_DataOut(); + *(uint32_t*)&out[12] = CRYP_DataOut(); + + /* store iv for next call */ + XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + + sz -= 16; + in += 16; + out += 16; + } + + /* disable crypto processor */ + CRYP_Cmd(DISABLE); + + return 0; + } + + int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + word32 *dec_key, *iv; + CRYP_InitTypeDef AES_CRYP_InitStructure; + CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure; + CRYP_IVInitTypeDef AES_CRYP_IVInitStructure; + + dec_key = aes->key; + iv = aes->reg; + + /* crypto structure initialization */ + CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure); + CRYP_StructInit(&AES_CRYP_InitStructure); + CRYP_IVStructInit(&AES_CRYP_IVInitStructure); + + /* if input and output same will overwrite input iv */ + XMEMCPY(aes->tmp, in + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + + /* reset registers to their default values */ + CRYP_DeInit(); + + /* load key into correct registers */ + switch(aes->rounds) + { + case 10: /* 128-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = dec_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = dec_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[3]; + break; + + case 12: /* 192-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b; + AES_CRYP_KeyInitStructure.CRYP_Key1Left = dec_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key1Right = dec_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = dec_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[3]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = dec_key[4]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[5]; + break; + + case 14: /* 256-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b; + AES_CRYP_KeyInitStructure.CRYP_Key0Left = dec_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key0Right = dec_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key1Left = dec_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key1Right = dec_key[3]; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = dec_key[4]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = dec_key[5]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = dec_key[6]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = dec_key[7]; + break; + + default: + break; + } + + /* set direction, mode, and datatype for key preparation */ + AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt; + AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_Key; + AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_32b; + CRYP_Init(&AES_CRYP_InitStructure); + CRYP_KeyInit(&AES_CRYP_KeyInitStructure); + + /* enable crypto processor */ + CRYP_Cmd(ENABLE); + + /* wait until key has been prepared */ + while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} + + /* set direction, mode, and datatype for decryption */ + AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt; + AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CBC; + AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; + CRYP_Init(&AES_CRYP_InitStructure); + + /* set iv */ + ByteReverseWords(iv, iv, AES_BLOCK_SIZE); + + AES_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; + AES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; + AES_CRYP_IVInitStructure.CRYP_IV1Left = iv[2]; + AES_CRYP_IVInitStructure.CRYP_IV1Right = iv[3]; + CRYP_IVInit(&AES_CRYP_IVInitStructure); + + /* enable crypto processor */ + CRYP_Cmd(ENABLE); + + while (sz > 0) + { + /* flush IN/OUT FIFOs */ + CRYP_FIFOFlush(); + + CRYP_DataIn(*(uint32_t*)&in[0]); + CRYP_DataIn(*(uint32_t*)&in[4]); + CRYP_DataIn(*(uint32_t*)&in[8]); + CRYP_DataIn(*(uint32_t*)&in[12]); + + /* wait until the complete message has been processed */ + while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} + + *(uint32_t*)&out[0] = CRYP_DataOut(); + *(uint32_t*)&out[4] = CRYP_DataOut(); + *(uint32_t*)&out[8] = CRYP_DataOut(); + *(uint32_t*)&out[12] = CRYP_DataOut(); + + /* store iv for next call */ + XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE); + + sz -= 16; + in += 16; + out += 16; + } + + /* disable crypto processor */ + CRYP_Cmd(DISABLE); + + return 0; + } + + #ifdef CYASSL_AES_COUNTER + + /* AES-CTR calls this for key setup */ + int AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen, + const byte* iv, int dir) + { + return AesSetKey(aes, userKey, keylen, iv, dir); + } + + void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + word32 *enc_key, *iv; + CRYP_InitTypeDef AES_CRYP_InitStructure; + CRYP_KeyInitTypeDef AES_CRYP_KeyInitStructure; + CRYP_IVInitTypeDef AES_CRYP_IVInitStructure; + + enc_key = aes->key; + iv = aes->reg; + + /* crypto structure initialization */ + CRYP_KeyStructInit(&AES_CRYP_KeyInitStructure); + CRYP_StructInit(&AES_CRYP_InitStructure); + CRYP_IVStructInit(&AES_CRYP_IVInitStructure); + + /* reset registers to their default values */ + CRYP_DeInit(); + + /* load key into correct registers */ + switch(aes->rounds) + { + case 10: /* 128-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_128b; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[3]; + break; + + case 12: /* 192-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_192b; + AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[3]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[4]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[5]; + break; + + case 14: /* 256-bit key */ + AES_CRYP_InitStructure.CRYP_KeySize = CRYP_KeySize_256b; + AES_CRYP_KeyInitStructure.CRYP_Key0Left = enc_key[0]; + AES_CRYP_KeyInitStructure.CRYP_Key0Right = enc_key[1]; + AES_CRYP_KeyInitStructure.CRYP_Key1Left = enc_key[2]; + AES_CRYP_KeyInitStructure.CRYP_Key1Right = enc_key[3]; + AES_CRYP_KeyInitStructure.CRYP_Key2Left = enc_key[4]; + AES_CRYP_KeyInitStructure.CRYP_Key2Right = enc_key[5]; + AES_CRYP_KeyInitStructure.CRYP_Key3Left = enc_key[6]; + AES_CRYP_KeyInitStructure.CRYP_Key3Right = enc_key[7]; + break; + + default: + break; + } + CRYP_KeyInit(&AES_CRYP_KeyInitStructure); + + /* set iv */ + ByteReverseWords(iv, iv, AES_BLOCK_SIZE); + AES_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; + AES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; + AES_CRYP_IVInitStructure.CRYP_IV1Left = iv[2]; + AES_CRYP_IVInitStructure.CRYP_IV1Right = iv[3]; + CRYP_IVInit(&AES_CRYP_IVInitStructure); + + /* set direction, mode, and datatype */ + AES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt; + AES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_AES_CTR; + AES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; + CRYP_Init(&AES_CRYP_InitStructure); + + /* enable crypto processor */ + CRYP_Cmd(ENABLE); + + while (sz > 0) + { + /* flush IN/OUT FIFOs */ + CRYP_FIFOFlush(); + + CRYP_DataIn(*(uint32_t*)&in[0]); + CRYP_DataIn(*(uint32_t*)&in[4]); + CRYP_DataIn(*(uint32_t*)&in[8]); + CRYP_DataIn(*(uint32_t*)&in[12]); + + /* wait until the complete message has been processed */ + while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} + + *(uint32_t*)&out[0] = CRYP_DataOut(); + *(uint32_t*)&out[4] = CRYP_DataOut(); + *(uint32_t*)&out[8] = CRYP_DataOut(); + *(uint32_t*)&out[12] = CRYP_DataOut(); + + /* store iv for next call */ + XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + + sz -= 16; + in += 16; + out += 16; + } + + /* disable crypto processor */ + CRYP_Cmd(DISABLE); + } + + #endif /* CYASSL_AES_COUNTER */ + +#elif defined(HAVE_COLDFIRE_SEC) + +#include + +#include "sec.h" +#include "mcf5475_sec.h" +#include "mcf5475_siu.h" + +#if defined (HAVE_THREADX) +#include "memory_pools.h" +extern TX_BYTE_POOL mp_ncached; /* Non Cached memory pool */ +#endif + +#define AES_BUFFER_SIZE (AES_BLOCK_SIZE * 64) +static unsigned char *AESBuffIn = NULL ; +static unsigned char *AESBuffOut = NULL ; +static byte *secReg ; +static byte *secKey ; +static volatile SECdescriptorType *secDesc ; + +static CyaSSL_Mutex Mutex_AesSEC ; + +#define SEC_DESC_AES_CBC_ENCRYPT 0x60300010 +#define SEC_DESC_AES_CBC_DECRYPT 0x60200010 + +extern volatile unsigned char __MBAR[]; + +static int AesCbcCrypt(Aes* aes, byte* po, const byte* pi, word32 sz, word32 descHeader) +{ + #ifdef DEBUG_CYASSL + int i ; int stat1, stat2 ; int ret ; + #endif + + int size ; + volatile int v ; + + if((pi == NULL) || (po == NULL)) + return BAD_FUNC_ARG;/*wrong pointer*/ + + LockMutex(&Mutex_AesSEC) ; + + /* Set descriptor for SEC */ + secDesc->length1 = 0x0; + secDesc->pointer1 = NULL; + + secDesc->length2 = AES_BLOCK_SIZE; + secDesc->pointer2 = (byte *)secReg ; /* Initial Vector */ + + switch(aes->rounds) { + case 10: secDesc->length3 = 16 ; break ; + case 12: secDesc->length3 = 24 ; break ; + case 14: secDesc->length3 = 32 ; break ; + } + XMEMCPY(secKey, aes->key, secDesc->length3) ; + + secDesc->pointer3 = (byte *)secKey; + secDesc->pointer4 = AESBuffIn ; + secDesc->pointer5 = AESBuffOut ; + secDesc->length6 = 0x0; + secDesc->pointer6 = NULL; + secDesc->length7 = 0x0; + secDesc->pointer7 = NULL; + secDesc->nextDescriptorPtr = NULL; + + while(sz) { + secDesc->header = descHeader ; + XMEMCPY(secReg, aes->reg, AES_BLOCK_SIZE) ; + if((sz%AES_BUFFER_SIZE) == sz) { + size = sz ; + sz = 0 ; + } else { + size = AES_BUFFER_SIZE ; + sz -= AES_BUFFER_SIZE ; + } + secDesc->length4 = size; + secDesc->length5 = size; + + XMEMCPY(AESBuffIn, pi, size) ; + if(descHeader == SEC_DESC_AES_CBC_DECRYPT) { + XMEMCPY((void*)aes->tmp, (void*)&(pi[size-AES_BLOCK_SIZE]), AES_BLOCK_SIZE) ; + } + + /* Point SEC to the location of the descriptor */ + MCF_SEC_FR0 = (uint32)secDesc; + /* Initialize SEC and wait for encryption to complete */ + MCF_SEC_CCCR0 = 0x0000001a; + /* poll SISR to determine when channel is complete */ + v=0 ; + while((secDesc->header>> 24) != 0xff)v++ ; + +#ifdef DEBUG_CYASSL + ret = MCF_SEC_SISRH; + stat1 = MCF_SEC_AESSR ; + stat2 = MCF_SEC_AESISR ; + if(ret & 0xe0000000) + { + db_printf("Aes_Cbc(i=%d):ISRH=%08x, AESSR=%08x, AESISR=%08x\n", i, ret, stat1, stat2) ; + } +#endif + + XMEMCPY(po, AESBuffOut, size) ; + + if(descHeader == SEC_DESC_AES_CBC_ENCRYPT) { + XMEMCPY((void*)aes->reg, (void*)&(po[size-AES_BLOCK_SIZE]), AES_BLOCK_SIZE) ; + } else { + XMEMCPY((void*)aes->reg, (void*)aes->tmp, AES_BLOCK_SIZE) ; + } + + pi += size ; + po += size ; + } + UnLockMutex(&Mutex_AesSEC) ; + return 0 ; +} + +int AesCbcEncrypt(Aes* aes, byte* po, const byte* pi, word32 sz) +{ + return(AesCbcCrypt(aes, po, pi, sz, SEC_DESC_AES_CBC_ENCRYPT)) ; +} + +int AesCbcDecrypt(Aes* aes, byte* po, const byte* pi, word32 sz) +{ + return(AesCbcCrypt(aes, po, pi, sz, SEC_DESC_AES_CBC_DECRYPT)) ; +} + +int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, + int dir) +{ + + if(AESBuffIn == NULL) { + #if defined (HAVE_THREADX) + int s1, s2, s3, s4, s5 ; + s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc, sizeof(SECdescriptorType), TX_NO_WAIT); + s1 = tx_byte_allocate(&mp_ncached,(void *)&AESBuffIn, AES_BUFFER_SIZE, TX_NO_WAIT); + s2 = tx_byte_allocate(&mp_ncached,(void *)&AESBuffOut, AES_BUFFER_SIZE, TX_NO_WAIT); + s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey, AES_BLOCK_SIZE*2,TX_NO_WAIT); + s4 = tx_byte_allocate(&mp_ncached,(void *)&secReg, AES_BLOCK_SIZE, TX_NO_WAIT); + + if(s1 || s2 || s3 || s4 || s5) + return BAD_FUNC_ARG; + + #else + #warning "Allocate non-Cache buffers" + #endif + + InitMutex(&Mutex_AesSEC) ; + } + + if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) + return BAD_FUNC_ARG; + if (aes == NULL) + return BAD_FUNC_ARG; + + aes->rounds = keylen/4 + 6; + + XMEMCPY(aes->key, userKey, keylen); + if (iv) + XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE); + + return 0; +} + +#elif defined FREESCALE_MMCAU + /* + * Freescale mmCAU hardware AES support through the CAU/mmCAU library. + * Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU + * Software Library User Guide (See note in README). + */ + #include "cau_api.h" + + int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, + int dir) + { + byte *rk = (byte*)aes->key; + + if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) + return BAD_FUNC_ARG; + + if (rk == NULL) + return BAD_FUNC_ARG; + + aes->rounds = keylen/4 + 6; + cau_aes_set_key(userKey, keylen*8, rk); + + return AesSetIV(aes, iv); + } + + int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + + byte *iv, *enc_key; + byte temp_block[AES_BLOCK_SIZE]; + + iv = (byte*)aes->reg; + enc_key = (byte*)aes->key; + + if ((word)out % CYASSL_MMCAU_ALIGNMENT) { + CYASSL_MSG("Bad cau_aes_encrypt alignment"); + return BAD_ALIGN_E; + } + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE); + + /* XOR block with IV for CBC */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + temp_block[i] ^= iv[i]; + + cau_aes_encrypt(temp_block, enc_key, aes->rounds, out + offset); + + len -= AES_BLOCK_SIZE; + offset += AES_BLOCK_SIZE; + + /* store IV for next block */ + XMEMCPY(iv, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + } + + return 0; + } + + int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + + byte* iv, *dec_key; + byte temp_block[AES_BLOCK_SIZE]; + + iv = (byte*)aes->reg; + dec_key = (byte*)aes->key; + + if ((word)out % CYASSL_MMCAU_ALIGNMENT) { + CYASSL_MSG("Bad cau_aes_decrypt alignment"); + return BAD_ALIGN_E; + } + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, AES_BLOCK_SIZE); + + cau_aes_decrypt(in + offset, dec_key, aes->rounds, out + offset); + + /* XOR block with IV for CBC */ + for (i = 0; i < AES_BLOCK_SIZE; i++) + (out + offset)[i] ^= iv[i]; + + /* store IV for next block */ + XMEMCPY(iv, temp_block, AES_BLOCK_SIZE); + + len -= AES_BLOCK_SIZE; + offset += AES_BLOCK_SIZE; + } + + return 0; + } + + +#else /* CTaoCrypt software implementation */ + static const word32 rcon[] = { 0x01000000, 0x02000000, 0x04000000, 0x08000000, 0x10000000, 0x20000000, 0x40000000, 0x80000000, @@ -718,37 +1546,39 @@ static const word32 Td[5][256] = { }; - #define GETBYTE(x, y) (word32)((byte)((x) >> (8 * (y)))) #ifdef CYASSL_AESNI +/* Each platform needs to query info type 1 from cpuid to see if aesni is + * supported. Also, let's setup a macro for proper linkage w/o ABI conflicts + */ + #ifndef _MSC_VER - #define cpuid(func,ax,bx,cx,dx)\ + #define cpuid(reg, func)\ __asm__ __volatile__ ("cpuid":\ - "=a" (ax), "=b" (bx), "=c" (cx), "=d" (dx) : "a" (func)); + "=a" (reg[0]), "=b" (reg[1]), "=c" (reg[2]), "=d" (reg[3]) :\ + "a" (func)); + #define XASM_LINK(f) asm(f) #else - #define cpuid(func,ax,bx,cx,dx)\ - __asm mov eax, func \ - __asm cpuid \ - __asm mov ax, eax \ - __asm mov bx, ebx \ - __asm mov cx, ecx \ - __asm mov dx, edx + #include + #define cpuid(a,b) __cpuid((int*)a,b) + + #define XASM_LINK(f) #endif /* _MSC_VER */ -static int Check_CPU_support_AES() +static int Check_CPU_support_AES(void) { - unsigned int a,b,c,d; - cpuid(1,a,b,c,d); + unsigned int reg[4]; /* put a,b,c,d into 0,1,2,3 */ + cpuid(reg, 1); /* query info 1 */ - if (c & 0x2000000) + if (reg[2] & 0x2000000) return 1; return 0; @@ -758,27 +1588,43 @@ static int checkAESNI = 0; static int haveAESNI = 0; +/* tell C compiler these are asm functions in case any mix up of ABI underscore + prefix between clang/gcc/llvm etc */ void AES_CBC_encrypt(const unsigned char* in, unsigned char* out, unsigned char* ivec, unsigned long length, - const unsigned char* KS, int nr); + const unsigned char* KS, int nr) + XASM_LINK("AES_CBC_encrypt"); void AES_CBC_decrypt(const unsigned char* in, unsigned char* out, unsigned char* ivec, unsigned long length, - const unsigned char* KS, int nr); + const unsigned char* KS, int nr) + XASM_LINK("AES_CBC_decrypt"); + +void AES_ECB_encrypt(const unsigned char* in, unsigned char* out, + unsigned long length, const unsigned char* KS, int nr) + XASM_LINK("AES_ECB_encrypt"); + + +void AES_ECB_decrypt(const unsigned char* in, unsigned char* out, + unsigned long length, const unsigned char* KS, int nr) + XASM_LINK("AES_ECB_decrypt"); void AES_128_Key_Expansion(const unsigned char* userkey, - unsigned char* key_schedule); + unsigned char* key_schedule) + XASM_LINK("AES_128_Key_Expansion"); void AES_192_Key_Expansion(const unsigned char* userkey, - unsigned char* key_schedule); + unsigned char* key_schedule) + XASM_LINK("AES_192_Key_Expansion"); void AES_256_Key_Expansion(const unsigned char* userkey, - unsigned char* key_schedule); + unsigned char* key_schedule) + XASM_LINK("AES_256_Key_Expansion"); -int AES_set_encrypt_key (const unsigned char *userKey, const int bits, - Aes* aes) +static int AES_set_encrypt_key(const unsigned char *userKey, const int bits, + Aes* aes) { if (!userKey || !aes) return BAD_FUNC_ARG; @@ -799,8 +1645,8 @@ int AES_set_encrypt_key (const unsigned char *userKey, const int bits, } -int AES_set_decrypt_key (const unsigned char* userKey, const int bits, - Aes* aes) +static int AES_set_decrypt_key(const unsigned char* userKey, const int bits, + Aes* aes) { int nr; Aes temp_key; @@ -847,41 +1693,18 @@ int AES_set_decrypt_key (const unsigned char* userKey, const int bits, #endif /* CYASSL_AESNI */ -int AesSetIV(Aes* aes, const byte* iv) -{ - if (aes == NULL) - return BAD_FUNC_ARG; - - if (iv) - XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE); - - return 0; -} - - -int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, - int dir) +static int AesSetKeyLocal(Aes* aes, const byte* userKey, word32 keylen, + const byte* iv, int dir) { word32 temp, *rk = aes->key; unsigned int i = 0; - if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) - return BAD_FUNC_ARG; - -#ifdef CYASSL_AESNI - if (checkAESNI == 0) { - haveAESNI = Check_CPU_support_AES(); - checkAESNI = 1; - } - if (haveAESNI) { - if (iv) - XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE); - if (dir == AES_ENCRYPTION) - return AES_set_encrypt_key(userKey, keylen * 8, aes); - else - return AES_set_decrypt_key(userKey, keylen * 8, aes); - } -#endif /* CYASSL_AESNI */ + #ifdef CYASSL_AESNI + aes->use_aesni = 0; + #endif /* CYASSL_AESNI */ + #ifdef CYASSL_AES_COUNTER + aes->left = 0; + #endif /* CYASSL_AES_COUNTER */ aes->rounds = keylen/4 + 6; @@ -890,6 +1713,19 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, ByteReverseWords(rk, rk, keylen); #endif +#ifdef CYASSL_PIC32MZ_CRYPT + { + word32 *akey1 = aes->key_ce; + word32 *areg = aes->iv_ce ; + aes->keylen = keylen ; + XMEMCPY(akey1, userKey, keylen); + if (iv) + XMEMCPY(areg, iv, AES_BLOCK_SIZE); + else + XMEMSET(areg, 0, AES_BLOCK_SIZE); + } +#endif + switch(keylen) { case 16: @@ -1004,7 +1840,39 @@ int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, } } - return AesSetIV(aes, iv); + return AesSetIV(aes, iv); +} + + +int AesSetKey(Aes* aes, const byte* userKey, word32 keylen, const byte* iv, + int dir) +{ + + if (!((keylen == 16) || (keylen == 24) || (keylen == 32))) + return BAD_FUNC_ARG; + +#ifdef HAVE_CAVIUM + if (aes->magic == CYASSL_AES_CAVIUM_MAGIC) + return AesCaviumSetKey(aes, userKey, keylen, iv); +#endif + +#ifdef CYASSL_AESNI + if (checkAESNI == 0) { + haveAESNI = Check_CPU_support_AES(); + checkAESNI = 1; + } + if (haveAESNI) { + aes->use_aesni = 1; + if (iv) + XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE); + if (dir == AES_ENCRYPTION) + return AES_set_encrypt_key(userKey, keylen * 8, aes); + else + return AES_set_decrypt_key(userKey, keylen * 8, aes); + } +#endif /* CYASSL_AESNI */ + + return AesSetKeyLocal(aes, userKey, keylen, iv, dir); } @@ -1019,6 +1887,48 @@ static void AesEncrypt(Aes* aes, const byte* inBlock, byte* outBlock) CYASSL_MSG("AesEncrypt encountered improper key, set it up"); return; /* stop instead of segfaulting, set up your keys! */ } +#ifdef CYASSL_AESNI + if (haveAESNI && aes->use_aesni) { + #ifdef DEBUG_AESNI + printf("about to aes encrypt\n"); + printf("in = %p\n", inBlock); + printf("out = %p\n", outBlock); + printf("aes->key = %p\n", aes->key); + printf("aes->rounds = %d\n", aes->rounds); + printf("sz = %d\n", AES_BLOCK_SIZE); + #endif + + /* check alignment, decrypt doesn't need alignment */ + if ((word)inBlock % 16) { + #ifndef NO_CYASSL_ALLOC_ALIGN + byte* tmp = (byte*)XMALLOC(AES_BLOCK_SIZE, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (tmp == NULL) return; + + XMEMCPY(tmp, inBlock, AES_BLOCK_SIZE); + AES_ECB_encrypt(tmp, tmp, AES_BLOCK_SIZE, (byte*)aes->key, + aes->rounds); + XMEMCPY(outBlock, tmp, AES_BLOCK_SIZE); + XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return; + #else + CYASSL_MSG("AES-ECB encrypt with bad alignment"); + return; + #endif + } + + AES_ECB_encrypt(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key, + aes->rounds); + + return; + } + else { + #ifdef DEBUG_AESNI + printf("Skipping AES-NI\n"); + #endif + } +#endif + /* * map byte array block to cipher state * and add initial round key: @@ -1157,6 +2067,30 @@ static void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) CYASSL_MSG("AesDecrypt encountered improper key, set it up"); return; /* stop instead of segfaulting, set up your keys! */ } +#ifdef CYASSL_AESNI + if (haveAESNI && aes->use_aesni) { + #ifdef DEBUG_AESNI + printf("about to aes decrypt\n"); + printf("in = %p\n", inBlock); + printf("out = %p\n", outBlock); + printf("aes->key = %p\n", aes->key); + printf("aes->rounds = %d\n", aes->rounds); + printf("sz = %d\n", AES_BLOCK_SIZE); + #endif + + /* if input and output same will overwrite input iv */ + XMEMCPY(aes->tmp, inBlock, AES_BLOCK_SIZE); + AES_ECB_decrypt(inBlock, outBlock, AES_BLOCK_SIZE, (byte*)aes->key, + aes->rounds); + return; + } + else { + #ifdef DEBUG_AESNI + printf("Skipping AES-NI\n"); + #endif + } +#endif + /* * map byte array block to cipher state * and add initial round key: @@ -1281,11 +2215,16 @@ static void AesDecrypt(Aes* aes, const byte* inBlock, byte* outBlock) XMEMCPY(outBlock + 3 * sizeof(s0), &s3, sizeof(s3)); } - -void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) +#ifndef HAVE_AES_ENGINE +int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { word32 blocks = sz / AES_BLOCK_SIZE; +#ifdef HAVE_CAVIUM + if (aes->magic == CYASSL_AES_CAVIUM_MAGIC) + return AesCaviumCbcEncrypt(aes, out, in, sz); +#endif + #ifdef CYASSL_AESNI if (haveAESNI) { #ifdef DEBUG_AESNI @@ -1297,11 +2236,34 @@ void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) printf("aes->rounds = %d\n", aes->rounds); printf("sz = %d\n", sz); #endif + + /* check alignment, decrypt doesn't need alignment */ + if ((word)in % 16) { + #ifndef NO_CYASSL_ALLOC_ALIGN + byte* tmp = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + CYASSL_MSG("AES-CBC encrypt with bad alignment"); + if (tmp == NULL) return MEMORY_E; + + XMEMCPY(tmp, in, sz); + AES_CBC_encrypt(tmp, tmp, (byte*)aes->reg, sz, (byte*)aes->key, + aes->rounds); + /* store iv for next call */ + XMEMCPY(aes->reg, tmp + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + + XMEMCPY(out, tmp, sz); + XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return 0; + #else + return BAD_ALIGN_E; + #endif + } + AES_CBC_encrypt(in, out, (byte*)aes->reg, sz, (byte*)aes->key, aes->rounds); /* store iv for next call */ XMEMCPY(aes->reg, out + sz - AES_BLOCK_SIZE, AES_BLOCK_SIZE); - return; + + return 0; } #endif @@ -1313,13 +2275,20 @@ void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) out += AES_BLOCK_SIZE; in += AES_BLOCK_SIZE; } + + return 0; } -void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) +int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) { word32 blocks = sz / AES_BLOCK_SIZE; +#ifdef HAVE_CAVIUM + if (aes->magic == CYASSL_AES_CAVIUM_MAGIC) + return AesCaviumCbcDecrypt(aes, out, in, sz); +#endif + #ifdef CYASSL_AESNI if (haveAESNI) { #ifdef DEBUG_AESNI @@ -1338,7 +2307,7 @@ void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) aes->rounds); /* store iv for next call */ XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE); - return; + return 0; } #endif @@ -1351,8 +2320,10 @@ void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz) out += AES_BLOCK_SIZE; in += AES_BLOCK_SIZE; } -} + return 0; +} +#endif #ifdef CYASSL_AES_DIRECT @@ -1373,7 +2344,19 @@ void AesDecryptDirect(Aes* aes, byte* out, const byte* in) #endif /* CYASSL_AES_DIRECT */ -#ifdef CYASSL_AES_COUNTER +#if defined(CYASSL_AES_DIRECT) || defined(CYASSL_AES_COUNTER) + +/* AES-CTR and AES-DIRECT need to use this for key setup, no aesni yet */ +int AesSetKeyDirect(Aes* aes, const byte* userKey, word32 keylen, + const byte* iv, int dir) +{ + return AesSetKeyLocal(aes, userKey, keylen, iv, dir); +} + +#endif /* CYASSL_AES_DIRECT || CYASSL_AES_COUNTER */ + + +#if defined(CYASSL_AES_COUNTER) && !defined(HAVE_AES_ENGINE) /* Increment AES counter */ static INLINE void IncrementAesCounter(byte* inOutCtr) @@ -1390,15 +2373,39 @@ static INLINE void IncrementAesCounter(byte* inOutCtr) void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) { - word32 blocks = sz / AES_BLOCK_SIZE; + byte* tmp = (byte*)aes->tmp + AES_BLOCK_SIZE - aes->left; - while (blocks--) { + /* consume any unused bytes left in aes->tmp */ + while (aes->left && sz) { + *(out++) = *(in++) ^ *(tmp++); + aes->left--; + sz--; + } + + /* do as many block size ops as possible */ + while (sz >= AES_BLOCK_SIZE) { AesEncrypt(aes, (byte*)aes->reg, out); IncrementAesCounter((byte*)aes->reg); xorbuf(out, in, AES_BLOCK_SIZE); out += AES_BLOCK_SIZE; - in += AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + sz -= AES_BLOCK_SIZE; + aes->left = 0; + } + + /* handle non block size remaining and sotre unused byte count in left */ + if (sz) { + AesEncrypt(aes, (byte*)aes->reg, (byte*)aes->tmp); + IncrementAesCounter((byte*)aes->reg); + + aes->left = AES_BLOCK_SIZE; + tmp = (byte*)aes->tmp; + + while (sz--) { + *(out++) = *(in++) ^ *(tmp++); + aes->left--; + } } } @@ -1420,8 +2427,6 @@ void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz) */ enum { - IMPLICIT_IV_SZ = 4, - EXPLICIT_IV_SZ = 8, CTR_SZ = 4 }; @@ -1447,36 +2452,6 @@ static INLINE void IncrementGcmCounter(byte* inOutCtr) } -/* - * The explicit IV is set by the caller. A common practice is to treat it as - * a sequence number seeded with a random number. The caller manages - * incrementing the explicit IV when appropriate. - */ - -void AesGcmSetExpIV(Aes* aes, const byte* iv) -{ - XMEMCPY((byte*)aes->reg + IMPLICIT_IV_SZ, iv, EXPLICIT_IV_SZ); -} - - -void AesGcmGetExpIV(Aes* aes, byte* iv) -{ - XMEMCPY(iv, (byte*)aes->reg + IMPLICIT_IV_SZ, EXPLICIT_IV_SZ); -} - - -void AesGcmIncExpIV(Aes* aes) -{ - int i; - byte* iv = (byte*)aes->reg + IMPLICIT_IV_SZ; - - for (i = EXPLICIT_IV_SZ - 1; i >= 0; i--) { - if (++iv[i]) - return; - } -} - - #if defined(GCM_SMALL) || defined(GCM_TABLE) static INLINE void FlattenSzInBits(byte* buf, word32 sz) @@ -1542,17 +2517,17 @@ static void GenerateM0(Aes* aes) #endif /* GCM_TABLE */ -void AesGcmSetKey(Aes* aes, const byte* key, word32 len, - const byte* implicitIV) +void AesGcmSetKey(Aes* aes, const byte* key, word32 len) { - byte fullIV[AES_BLOCK_SIZE]; + byte iv[AES_BLOCK_SIZE]; + + if (!((len == 16) || (len == 24) || (len == 32))) + return; - XMEMSET(fullIV, 0, AES_BLOCK_SIZE); - XMEMCPY(fullIV, implicitIV, IMPLICIT_IV_SZ); - AesSetKey(aes, key, len, fullIV, AES_ENCRYPTION); + XMEMSET(iv, 0, AES_BLOCK_SIZE); + AesSetKey(aes, key, len, iv, AES_ENCRYPTION); - XMEMSET(fullIV, 0, AES_BLOCK_SIZE); - AesEncrypt(aes, fullIV, aes->H); + AesEncrypt(aes, iv, aes->H); #ifdef GCM_TABLE GenerateM0(aes); #endif /* GCM_TABLE */ @@ -1794,8 +2769,9 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz, static void GMULT(word64* X, word64* Y) { word64 Z[2] = {0,0}; - word64 V[2] = {X[0], X[1]}; + word64 V[2] ; int i, j; + V[0] = X[0] ; V[1] = X[1] ; for (i = 0; i < 2; i++) { @@ -1894,7 +2870,8 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz, /* Hash in the lengths in bits of A and C */ { - word64 len[2] = {aSz, cSz}; + word64 len[2] ; + len[0] = aSz ; len[1] = cSz; /* Lengths are in bytes. Convert to bits. */ len[0] *= 8; @@ -1916,9 +2893,11 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz, static void GMULT(word32* X, word32* Y) { word32 Z[4] = {0,0,0,0}; - word32 V[4] = {X[0], X[1], X[2], X[3]}; + word32 V[4] ; int i, j; + V[0] = X[0]; V[1] = X[1]; V[2] = X[2]; V[3] = X[3]; + for (i = 0; i < 4; i++) { word32 y = Y[i]; @@ -2059,6 +3038,7 @@ static void GHASH(Aes* aes, const byte* a, word32 aSz, void AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, + const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz) { @@ -2066,39 +3046,56 @@ void AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, word32 partial = sz % AES_BLOCK_SIZE; const byte* p = in; byte* c = out; - byte ctr[AES_BLOCK_SIZE]; + byte counter[AES_BLOCK_SIZE]; + byte *ctr ; byte scratch[AES_BLOCK_SIZE]; CYASSL_ENTER("AesGcmEncrypt"); - /* Initialize the counter with the MS 96 bits of IV, and the counter - * portion set to "1". */ - XMEMCPY(ctr, aes->reg, AES_BLOCK_SIZE); +#ifdef CYASSL_PIC32MZ_CRYPT + ctr = (char *)aes->iv_ce ; +#else + ctr = counter ; +#endif + + XMEMSET(ctr, 0, AES_BLOCK_SIZE); + XMEMCPY(ctr, iv, ivSz); InitGcmCounter(ctr); +#ifdef CYASSL_PIC32MZ_CRYPT + if(blocks) + AesCrypt(aes, out, in, blocks*AES_BLOCK_SIZE, + PIC32_ENCRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_AES_GCM ); +#endif while (blocks--) { IncrementGcmCounter(ctr); + #ifndef CYASSL_PIC32MZ_CRYPT AesEncrypt(aes, ctr, scratch); xorbuf(scratch, p, AES_BLOCK_SIZE); XMEMCPY(c, scratch, AES_BLOCK_SIZE); - + #endif p += AES_BLOCK_SIZE; c += AES_BLOCK_SIZE; } + if (partial != 0) { IncrementGcmCounter(ctr); AesEncrypt(aes, ctr, scratch); xorbuf(scratch, p, partial); XMEMCPY(c, scratch, partial); + } + GHASH(aes, authIn, authInSz, out, sz, authTag, authTagSz); InitGcmCounter(ctr); AesEncrypt(aes, ctr, scratch); xorbuf(authTag, scratch, authTagSz); + } int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, + const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz) { @@ -2106,14 +3103,20 @@ int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, word32 partial = sz % AES_BLOCK_SIZE; const byte* c = in; byte* p = out; - byte ctr[AES_BLOCK_SIZE]; + byte counter[AES_BLOCK_SIZE]; + byte *ctr ; byte scratch[AES_BLOCK_SIZE]; CYASSL_ENTER("AesGcmDecrypt"); - /* Initialize the counter with the MS 96 bits of IV, and the counter - * portion set to "1". */ - XMEMCPY(ctr, aes->reg, AES_BLOCK_SIZE); +#ifdef CYASSL_PIC32MZ_CRYPT + ctr = (char *)aes->iv_ce ; +#else + ctr = counter ; +#endif + + XMEMSET(ctr, 0, AES_BLOCK_SIZE); + XMEMCPY(ctr, iv, ivSz); InitGcmCounter(ctr); /* Calculate the authTag again using the received auth data and the @@ -2125,17 +3128,25 @@ int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, GHASH(aes, authIn, authInSz, in, sz, Tprime, sizeof(Tprime)); AesEncrypt(aes, ctr, EKY0); xorbuf(Tprime, EKY0, sizeof(Tprime)); + if (XMEMCMP(authTag, Tprime, authTagSz) != 0) { return AES_GCM_AUTH_E; } } + +#ifdef CYASSL_PIC32MZ_CRYPT + if(blocks) + AesCrypt(aes, out, in, blocks*AES_BLOCK_SIZE, + PIC32_DECRYPTION, PIC32_ALGO_AES, PIC32_CRYPTOALGO_AES_GCM ); +#endif while (blocks--) { IncrementGcmCounter(ctr); + #ifndef CYASSL_PIC32MZ_CRYPT AesEncrypt(aes, ctr, scratch); xorbuf(scratch, c, AES_BLOCK_SIZE); XMEMCPY(p, scratch, AES_BLOCK_SIZE); - + #endif p += AES_BLOCK_SIZE; c += AES_BLOCK_SIZE; } @@ -2145,12 +3156,387 @@ int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, xorbuf(scratch, c, partial); XMEMCPY(p, scratch, partial); } - return 0; } + + +CYASSL_API void GmacSetKey(Gmac* gmac, const byte* key, word32 len) +{ + AesGcmSetKey(&gmac->aes, key, len); +} + + +CYASSL_API void GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz, + const byte* authIn, word32 authInSz, + byte* authTag, word32 authTagSz) +{ + AesGcmEncrypt(&gmac->aes, NULL, NULL, 0, iv, ivSz, + authTag, authTagSz, authIn, authInSz); +} + #endif /* HAVE_AESGCM */ +#ifdef HAVE_AESCCM + +void AesCcmSetKey(Aes* aes, const byte* key, word32 keySz) +{ + byte nonce[AES_BLOCK_SIZE]; + + if (!((keySz == 16) || (keySz == 24) || (keySz == 32))) + return; + + XMEMSET(nonce, 0, sizeof(nonce)); + AesSetKey(aes, key, keySz, nonce, AES_ENCRYPTION); +} + + +static void roll_x(Aes* aes, const byte* in, word32 inSz, byte* out) +{ + /* process the bulk of the data */ + while (inSz >= AES_BLOCK_SIZE) { + xorbuf(out, in, AES_BLOCK_SIZE); + in += AES_BLOCK_SIZE; + inSz -= AES_BLOCK_SIZE; + + AesEncrypt(aes, out, out); + } + + /* process remainder of the data */ + if (inSz > 0) { + xorbuf(out, in, inSz); + AesEncrypt(aes, out, out); + } +} + + +static void roll_auth(Aes* aes, const byte* in, word32 inSz, byte* out) +{ + word32 authLenSz; + word32 remainder; + + /* encode the length in */ + if (inSz <= 0xFEFF) { + authLenSz = 2; + out[0] ^= ((inSz & 0xFF00) >> 8); + out[1] ^= (inSz & 0x00FF); + } + else if (inSz <= 0xFFFFFFFF) { + authLenSz = 6; + out[0] ^= 0xFF; out[1] ^= 0xFE; + out[2] ^= ((inSz & 0xFF000000) >> 24); + out[3] ^= ((inSz & 0x00FF0000) >> 16); + out[4] ^= ((inSz & 0x0000FF00) >> 8); + out[5] ^= (inSz & 0x000000FF); + } + /* Note, the protocol handles auth data up to 2^64, but we are + * using 32-bit sizes right now, so the bigger data isn't handled + * else if (inSz <= 0xFFFFFFFFFFFFFFFF) {} */ + else + return; + + /* start fill out the rest of the first block */ + remainder = AES_BLOCK_SIZE - authLenSz; + if (inSz >= remainder) { + /* plenty of bulk data to fill the remainder of this block */ + xorbuf(out + authLenSz, in, remainder); + inSz -= remainder; + in += remainder; + } + else { + /* not enough bulk data, copy what is available, and pad zero */ + xorbuf(out + authLenSz, in, inSz); + inSz = 0; + } + AesEncrypt(aes, out, out); + + if (inSz > 0) + roll_x(aes, in, inSz, out); +} + + +static INLINE void AesCcmCtrInc(byte* B, word32 lenSz) +{ + word32 i; + + for (i = 0; i < lenSz; i++) { + if (++B[AES_BLOCK_SIZE - 1 - i] != 0) return; + } +} + + +void AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz, + const byte* nonce, word32 nonceSz, + byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz) +{ + byte A[AES_BLOCK_SIZE]; + byte B[AES_BLOCK_SIZE]; + byte lenSz; + word32 i; + + XMEMCPY(B+1, nonce, nonceSz); + lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz; + B[0] = (authInSz > 0 ? 64 : 0) + + (8 * (((byte)authTagSz - 2) / 2)) + + (lenSz - 1); + for (i = 0; i < lenSz; i++) + B[AES_BLOCK_SIZE - 1 - i] = (inSz >> (8 * i)) & 0xFF; + + AesEncrypt(aes, B, A); + if (authInSz > 0) + roll_auth(aes, authIn, authInSz, A); + if (inSz > 0) + roll_x(aes, in, inSz, A); + XMEMCPY(authTag, A, authTagSz); + + B[0] = lenSz - 1; + for (i = 0; i < lenSz; i++) + B[AES_BLOCK_SIZE - 1 - i] = 0; + AesEncrypt(aes, B, A); + xorbuf(authTag, A, authTagSz); + + B[15] = 1; + while (inSz >= AES_BLOCK_SIZE) { + AesEncrypt(aes, B, A); + xorbuf(A, in, AES_BLOCK_SIZE); + XMEMCPY(out, A, AES_BLOCK_SIZE); + + AesCcmCtrInc(B, lenSz); + inSz -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + out += AES_BLOCK_SIZE; + } + if (inSz > 0) { + AesEncrypt(aes, B, A); + xorbuf(A, in, inSz); + XMEMCPY(out, A, inSz); + } + + XMEMSET(A, 0, AES_BLOCK_SIZE); + XMEMSET(B, 0, AES_BLOCK_SIZE); +} + + +int AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, + const byte* nonce, word32 nonceSz, + const byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz) +{ + byte A[AES_BLOCK_SIZE]; + byte B[AES_BLOCK_SIZE]; + byte* o; + byte lenSz; + word32 i, oSz; + int result = 0; + + o = out; + oSz = inSz; + XMEMCPY(B+1, nonce, nonceSz); + lenSz = AES_BLOCK_SIZE - 1 - (byte)nonceSz; + + B[0] = lenSz - 1; + for (i = 0; i < lenSz; i++) + B[AES_BLOCK_SIZE - 1 - i] = 0; + B[15] = 1; + + while (oSz >= AES_BLOCK_SIZE) { + AesEncrypt(aes, B, A); + xorbuf(A, in, AES_BLOCK_SIZE); + XMEMCPY(o, A, AES_BLOCK_SIZE); + + AesCcmCtrInc(B, lenSz); + oSz -= AES_BLOCK_SIZE; + in += AES_BLOCK_SIZE; + o += AES_BLOCK_SIZE; + } + if (inSz > 0) { + AesEncrypt(aes, B, A); + xorbuf(A, in, oSz); + XMEMCPY(o, A, oSz); + } + + for (i = 0; i < lenSz; i++) + B[AES_BLOCK_SIZE - 1 - i] = 0; + AesEncrypt(aes, B, A); + + o = out; + oSz = inSz; + + B[0] = (authInSz > 0 ? 64 : 0) + + (8 * (((byte)authTagSz - 2) / 2)) + + (lenSz - 1); + for (i = 0; i < lenSz; i++) + B[AES_BLOCK_SIZE - 1 - i] = (inSz >> (8 * i)) & 0xFF; + + AesEncrypt(aes, B, A); + if (authInSz > 0) + roll_auth(aes, authIn, authInSz, A); + if (inSz > 0) + roll_x(aes, o, oSz, A); + + B[0] = lenSz - 1; + for (i = 0; i < lenSz; i++) + B[AES_BLOCK_SIZE - 1 - i] = 0; + AesEncrypt(aes, B, B); + xorbuf(A, B, authTagSz); + + if (XMEMCMP(A, authTag, authTagSz) != 0) { + /* If the authTag check fails, don't keep the decrypted data. + * Unfortunately, you need the decrypted data to calculate the + * check value. */ + XMEMSET(out, 0, inSz); + result = AES_CCM_AUTH_E; + } + + XMEMSET(A, 0, AES_BLOCK_SIZE); + XMEMSET(B, 0, AES_BLOCK_SIZE); + o = NULL; + + return result; +} + +#endif + +#endif /* STM32F2_CRYPTO */ + +int AesSetIV(Aes* aes, const byte* iv) +{ + if (aes == NULL) + return BAD_FUNC_ARG; + + if (iv) + XMEMCPY(aes->reg, iv, AES_BLOCK_SIZE); + else + XMEMSET(aes->reg, 0, AES_BLOCK_SIZE); + + return 0; +} + + +#ifdef HAVE_CAVIUM + +#include +#include "cavium_common.h" + +/* Initiliaze Aes for use with Nitrox device */ +int AesInitCavium(Aes* aes, int devId) +{ + if (aes == NULL) + return -1; + + if (CspAllocContext(CONTEXT_SSL, &aes->contextHandle, devId) != 0) + return -1; + + aes->devId = devId; + aes->magic = CYASSL_AES_CAVIUM_MAGIC; + + return 0; +} + + +/* Free Aes from use with Nitrox device */ +void AesFreeCavium(Aes* aes) +{ + if (aes == NULL) + return; + + if (aes->magic != CYASSL_AES_CAVIUM_MAGIC) + return; + + CspFreeContext(CONTEXT_SSL, aes->contextHandle, aes->devId); + aes->magic = 0; +} + + +static int AesCaviumSetKey(Aes* aes, const byte* key, word32 length, + const byte* iv) +{ + if (aes == NULL) + return -1; + + XMEMCPY(aes->key, key, length); /* key still holds key, iv still in reg */ + if (length == 16) + aes->type = AES_128; + else if (length == 24) + aes->type = AES_192; + else if (length == 32) + aes->type = AES_256; + + return AesSetIV(aes, iv); +} + + +static int AesCaviumCbcEncrypt(Aes* aes, byte* out, const byte* in, + word32 length) +{ + word offset = 0; + word32 requestId; + + while (length > CYASSL_MAX_16BIT) { + word16 slen = (word16)CYASSL_MAX_16BIT; + if (CspEncryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE, + aes->type, slen, (byte*)in + offset, out + offset, + (byte*)aes->reg, (byte*)aes->key, &requestId, + aes->devId) != 0) { + CYASSL_MSG("Bad Cavium Aes Encrypt"); + return -1; + } + length -= CYASSL_MAX_16BIT; + offset += CYASSL_MAX_16BIT; + XMEMCPY(aes->reg, out + offset - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + } + if (length) { + word16 slen = (word16)length; + if (CspEncryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE, + aes->type, slen, (byte*)in + offset, out + offset, + (byte*)aes->reg, (byte*)aes->key, &requestId, + aes->devId) != 0) { + CYASSL_MSG("Bad Cavium Aes Encrypt"); + return -1; + } + XMEMCPY(aes->reg, out + offset+length - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + } + return 0; +} + +static int AesCaviumCbcDecrypt(Aes* aes, byte* out, const byte* in, + word32 length) +{ + word32 requestId; + word offset = 0; + + while (length > CYASSL_MAX_16BIT) { + word16 slen = (word16)CYASSL_MAX_16BIT; + XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + if (CspDecryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE, + aes->type, slen, (byte*)in + offset, out + offset, + (byte*)aes->reg, (byte*)aes->key, &requestId, + aes->devId) != 0) { + CYASSL_MSG("Bad Cavium Aes Decrypt"); + return -1; + } + length -= CYASSL_MAX_16BIT; + offset += CYASSL_MAX_16BIT; + XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE); + } + if (length) { + word16 slen = (word16)length; + XMEMCPY(aes->tmp, in + offset + slen - AES_BLOCK_SIZE, AES_BLOCK_SIZE); + if (CspDecryptAes(CAVIUM_BLOCKING, aes->contextHandle, CAVIUM_NO_UPDATE, + aes->type, slen, (byte*)in + offset, out + offset, + (byte*)aes->reg, (byte*)aes->key, &requestId, + aes->devId) != 0) { + CYASSL_MSG("Bad Cavium Aes Decrypt"); + return -1; + } + XMEMCPY(aes->reg, aes->tmp, AES_BLOCK_SIZE); + } + return 0; +} + +#endif /* HAVE_CAVIUM */ #endif /* NO_AES */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.asm b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.asm new file mode 100644 index 000000000..c02d46133 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.asm @@ -0,0 +1,972 @@ +; /*aes_asm . asm +; * +; *Copyright[C]2006 -2014 wolfSSL Inc . +; * +; *This file is part of CyaSSL . +; * +; *CyaSSL is free software/ you can redistribute it and/or modify +; *it under the terms of the GNU General Public License as published by +; *the Free Software Foundation/ either version 2 of the License, or +; *[at your option]any later version . +; * +; *CyaSSL ,is distributed in the hope that it will be useful +; *but WITHOUT ANY WARRANTY/ without even the implied warranty of +; *MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the +; *GNU General Public License for more details . +; * +; *You should have received a copy of the GNU General Public License +; *along with this program/ if not, write to the Free Software +; *Foundation,Inc .,51 Franklin Street,Fifth Floor,Boston,MA 02110-1301,USA +; */ +; +; +; /*See IntelA dvanced Encryption Standard[AES]Instructions Set White Paper +; *by Israel,Intel Mobility Group Development Center,Israel Shay Gueron +; */ +; +; /* This file is in intel asm syntax, see .s for at&t syntax */ +; +; /* +; AES_CBC_encrypt[const ,unsigned char*in +; unsigned ,char*out +; unsigned ,char ivec+16 +; unsigned ,long length +; const ,unsigned char*KS +; int nr] +; */ +_text SEGMENT +AES_CBC_encrypt PROC +;# parameter 1: rdi +;# parameter 2: rsi +;# parameter 3: rdx +;# parameter 4: rcx +;# parameter 5: r8 +;# parameter 6: r9d + +; save rdi and rsi to rax and r11, restore before ret + mov rax,rdi + mov r11,rsi + +; convert to what we had for att&t convention + mov rdi,rcx + mov rsi,rdx + mov rdx,r8 + mov rcx,r9 + mov r8,[rsp+40] + mov r9d,[rsp+48] + + mov r10,rcx + shr rcx,4 + shl r10,60 + je NO_PARTS + add rcx,1 +NO_PARTS: + sub rsi,16 + movdqa xmm1,[rdx] +LOOP_1: + pxor xmm1,[rdi] + pxor xmm1,[r8] + add rsi,16 + add rdi,16 + cmp r9d,12 + aesenc xmm1,16[r8] + aesenc xmm1,32[r8] + aesenc xmm1,48[r8] + aesenc xmm1,64[r8] + aesenc xmm1,80[r8] + aesenc xmm1,96[r8] + aesenc xmm1,112[r8] + aesenc xmm1,128[r8] + aesenc xmm1,144[r8] + movdqa xmm2,160[r8] + jb LAST + cmp r9d,14 + + aesenc xmm1,160[r8] + aesenc xmm1,176[r8] + movdqa xmm2,192[r8] + jb LAST + aesenc xmm1,192[r8] + aesenc xmm1,208[r8] + movdqa xmm2,224[r8] +LAST: + dec rcx + aesenclast xmm1,xmm2 + movdqu [rsi],xmm1 + jne LOOP_1 + ; restore non volatile rdi,rsi + mov rdi,rax + mov rsi,r11 + ret +AES_CBC_encrypt ENDP + + + +; /* +; AES_CBC_decrypt[const ,unsigned char*in +; unsigned ,char*out +; unsigned ,char ivec+16 +; unsigned ,long length +; const ,unsigned char*KS +; int nr] +; */ +; . globl AES_CBC_decrypt +AES_CBC_decrypt PROC +;# parameter 1: rdi +;# parameter 2: rsi +;# parameter 3: rdx +;# parameter 4: rcx +;# parameter 5: r8 +;# parameter 6: r9d + +; save rdi and rsi to rax and r11, restore before ret + mov rax,rdi + mov r11,rsi + +; convert to what we had for att&t convention + mov rdi,rcx + mov rsi,rdx + mov rdx,r8 + mov rcx,r9 + mov r8,[rsp+40] + mov r9d,[rsp+48] + +; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end + sub rsp,8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each + movdqa [rsp+0], xmm6 + movdqa [rsp+16], xmm7 + movdqa [rsp+32], xmm8 + movdqa [rsp+48], xmm9 + movdqa [rsp+64], xmm10 + movdqa [rsp+80], xmm11 + movdqa [rsp+96], xmm12 + movdqa [rsp+112], xmm15 + + mov r10,rcx + shr rcx,4 + shl r10,60 + je DNO_PARTS_4 + add rcx,1 +DNO_PARTS_4: + mov r10,rcx + shl r10,62 + shr r10,62 + shr rcx,2 + movdqu xmm5,[rdx] + je DREMAINDER_4 + sub rsi,64 +DLOOP_4: + movdqu xmm1,[rdi] + movdqu xmm2,16[rdi] + movdqu xmm3,32[rdi] + movdqu xmm4,48[rdi] + movdqa xmm6,xmm1 + movdqa xmm7,xmm2 + movdqa xmm8,xmm3 + movdqa xmm15,xmm4 + movdqa xmm9,[r8] + movdqa xmm10,16[r8] + movdqa xmm11,32[r8] + movdqa xmm12,48[r8] + pxor xmm1,xmm9 + pxor xmm2,xmm9 + pxor xmm3,xmm9 + + pxor xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 + aesdec xmm1,xmm11 + aesdec xmm2,xmm11 + aesdec xmm3,xmm11 + aesdec xmm4,xmm11 + aesdec xmm1,xmm12 + aesdec xmm2,xmm12 + aesdec xmm3,xmm12 + aesdec xmm4,xmm12 + movdqa xmm9,64[r8] + movdqa xmm10,80[r8] + movdqa xmm11,96[r8] + movdqa xmm12,112[r8] + aesdec xmm1,xmm9 + aesdec xmm2,xmm9 + aesdec xmm3,xmm9 + aesdec xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 + aesdec xmm1,xmm11 + aesdec xmm2,xmm11 + aesdec xmm3,xmm11 + aesdec xmm4,xmm11 + aesdec xmm1,xmm12 + aesdec xmm2,xmm12 + aesdec xmm3,xmm12 + aesdec xmm4,xmm12 + movdqa xmm9,128[r8] + movdqa xmm10,144[r8] + movdqa xmm11,160[r8] + cmp r9d,12 + aesdec xmm1,xmm9 + aesdec xmm2,xmm9 + aesdec xmm3,xmm9 + aesdec xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 + jb DLAST_4 + movdqa xmm9,160[r8] + movdqa xmm10,176[r8] + movdqa xmm11,192[r8] + cmp r9d,14 + aesdec xmm1,xmm9 + aesdec xmm2,xmm9 + aesdec xmm3,xmm9 + aesdec xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 + jb DLAST_4 + + movdqa xmm9,192[r8] + movdqa xmm10,208[r8] + movdqa xmm11,224[r8] + aesdec xmm1,xmm9 + aesdec xmm2,xmm9 + aesdec xmm3,xmm9 + aesdec xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 +DLAST_4: + add rdi,64 + add rsi,64 + dec rcx + aesdeclast xmm1,xmm11 + aesdeclast xmm2,xmm11 + aesdeclast xmm3,xmm11 + aesdeclast xmm4,xmm11 + pxor xmm1,xmm5 + pxor xmm2,xmm6 + pxor xmm3,xmm7 + pxor xmm4,xmm8 + movdqu [rsi],xmm1 + movdqu 16[rsi],xmm2 + movdqu 32[rsi],xmm3 + movdqu 48[rsi],xmm4 + movdqa xmm5,xmm15 + jne DLOOP_4 + add rsi,64 +DREMAINDER_4: + cmp r10,0 + je DEND_4 +DLOOP_4_2: + movdqu xmm1,[rdi] + movdqa xmm15,xmm1 + add rdi,16 + pxor xmm1,[r8] + movdqu xmm2,160[r8] + cmp r9d,12 + aesdec xmm1,16[r8] + aesdec xmm1,32[r8] + aesdec xmm1,48[r8] + aesdec xmm1,64[r8] + aesdec xmm1,80[r8] + aesdec xmm1,96[r8] + aesdec xmm1,112[r8] + aesdec xmm1,128[r8] + aesdec xmm1,144[r8] + jb DLAST_4_2 + movdqu xmm2,192[r8] + cmp r9d,14 + aesdec xmm1,160[r8] + aesdec xmm1,176[r8] + jb DLAST_4_2 + movdqu xmm2,224[r8] + aesdec xmm1,192[r8] + aesdec xmm1,208[r8] +DLAST_4_2: + aesdeclast xmm1,xmm2 + pxor xmm1,xmm5 + movdqa xmm5,xmm15 + movdqu [rsi],xmm1 + + add rsi,16 + dec r10 + jne DLOOP_4_2 +DEND_4: + ; restore non volatile rdi,rsi + mov rdi,rax + mov rsi,r11 + ; restore non volatile xmms from stack + movdqa xmm6, [rsp+0] + movdqa xmm7, [rsp+16] + movdqa xmm8, [rsp+32] + movdqa xmm9, [rsp+48] + movdqa xmm10, [rsp+64] + movdqa xmm11, [rsp+80] + movdqa xmm12, [rsp+96] + movdqa xmm15, [rsp+112] + add rsp,8+8*16 ; 8 = align stack , 8 xmm6-12,15 16 bytes each + ret +AES_CBC_decrypt ENDP + +; /* +; AES_ECB_encrypt[const ,unsigned char*in +; unsigned ,char*out +; unsigned ,long length +; const ,unsigned char*KS +; int nr] +; */ +; . globl AES_ECB_encrypt +AES_ECB_encrypt PROC +;# parameter 1: rdi +;# parameter 2: rsi +;# parameter 3: rdx +;# parameter 4: rcx +;# parameter 5: r8d + +; save rdi and rsi to rax and r11, restore before ret + mov rax,rdi + mov r11,rsi + +; convert to what we had for att&t convention + mov rdi,rcx + mov rsi,rdx + mov rdx,r8 + mov rcx,r9 + mov r8d,[rsp+40] + +; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end + sub rsp,8+4*16 ; 8 = align stack , 4 xmm9-12, 16 bytes each + movdqa [rsp+0], xmm9 + movdqa [rsp+16], xmm10 + movdqa [rsp+32], xmm11 + movdqa [rsp+48], xmm12 + + + mov r10,rdx + shr rdx,4 + shl r10,60 + je EECB_NO_PARTS_4 + add rdx,1 +EECB_NO_PARTS_4: + mov r10,rdx + shl r10,62 + shr r10,62 + shr rdx,2 + je EECB_REMAINDER_4 + sub rsi,64 +EECB_LOOP_4: + movdqu xmm1,[rdi] + movdqu xmm2,16[rdi] + movdqu xmm3,32[rdi] + movdqu xmm4,48[rdi] + movdqa xmm9,[rcx] + movdqa xmm10,16[rcx] + movdqa xmm11,32[rcx] + movdqa xmm12,48[rcx] + pxor xmm1,xmm9 + pxor xmm2,xmm9 + pxor xmm3,xmm9 + pxor xmm4,xmm9 + aesenc xmm1,xmm10 + aesenc xmm2,xmm10 + aesenc xmm3,xmm10 + aesenc xmm4,xmm10 + aesenc xmm1,xmm11 + aesenc xmm2,xmm11 + aesenc xmm3,xmm11 + aesenc xmm4,xmm11 + aesenc xmm1,xmm12 + aesenc xmm2,xmm12 + aesenc xmm3,xmm12 + aesenc xmm4,xmm12 + movdqa xmm9,64[rcx] + movdqa xmm10,80[rcx] + movdqa xmm11,96[rcx] + movdqa xmm12,112[rcx] + aesenc xmm1,xmm9 + aesenc xmm2,xmm9 + aesenc xmm3,xmm9 + aesenc xmm4,xmm9 + aesenc xmm1,xmm10 + aesenc xmm2,xmm10 + aesenc xmm3,xmm10 + aesenc xmm4,xmm10 + aesenc xmm1,xmm11 + aesenc xmm2,xmm11 + aesenc xmm3,xmm11 + aesenc xmm4,xmm11 + aesenc xmm1,xmm12 + aesenc xmm2,xmm12 + aesenc xmm3,xmm12 + aesenc xmm4,xmm12 + movdqa xmm9,128[rcx] + movdqa xmm10,144[rcx] + movdqa xmm11,160[rcx] + cmp r8d,12 + aesenc xmm1,xmm9 + aesenc xmm2,xmm9 + aesenc xmm3,xmm9 + aesenc xmm4,xmm9 + aesenc xmm1,xmm10 + aesenc xmm2,xmm10 + aesenc xmm3,xmm10 + aesenc xmm4,xmm10 + jb EECB_LAST_4 + movdqa xmm9,160[rcx] + movdqa xmm10,176[rcx] + movdqa xmm11,192[rcx] + cmp r8d,14 + aesenc xmm1,xmm9 + aesenc xmm2,xmm9 + aesenc xmm3,xmm9 + aesenc xmm4,xmm9 + aesenc xmm1,xmm10 + aesenc xmm2,xmm10 + aesenc xmm3,xmm10 + aesenc xmm4,xmm10 + jb EECB_LAST_4 + movdqa xmm9,192[rcx] + movdqa xmm10,208[rcx] + movdqa xmm11,224[rcx] + aesenc xmm1,xmm9 + aesenc xmm2,xmm9 + aesenc xmm3,xmm9 + aesenc xmm4,xmm9 + aesenc xmm1,xmm10 + aesenc xmm2,xmm10 + aesenc xmm3,xmm10 + aesenc xmm4,xmm10 +EECB_LAST_4: + add rdi,64 + add rsi,64 + dec rdx + aesenclast xmm1,xmm11 + aesenclast xmm2,xmm11 + aesenclast xmm3,xmm11 + aesenclast xmm4,xmm11 + movdqu [rsi],xmm1 + movdqu 16[rsi],xmm2 + movdqu 32[rsi],xmm3 + movdqu 48[rsi],xmm4 + jne EECB_LOOP_4 + add rsi,64 +EECB_REMAINDER_4: + cmp r10,0 + je EECB_END_4 +EECB_LOOP_4_2: + movdqu xmm1,[rdi] + add rdi,16 + pxor xmm1,[rcx] + movdqu xmm2,160[rcx] + aesenc xmm1,16[rcx] + aesenc xmm1,32[rcx] + aesenc xmm1,48[rcx] + aesenc xmm1,64[rcx] + aesenc xmm1,80[rcx] + aesenc xmm1,96[rcx] + aesenc xmm1,112[rcx] + aesenc xmm1,128[rcx] + aesenc xmm1,144[rcx] + cmp r8d,12 + jb EECB_LAST_4_2 + movdqu xmm2,192[rcx] + aesenc xmm1,160[rcx] + aesenc xmm1,176[rcx] + cmp r8d,14 + jb EECB_LAST_4_2 + movdqu xmm2,224[rcx] + aesenc xmm1,192[rcx] + aesenc xmm1,208[rcx] +EECB_LAST_4_2: + aesenclast xmm1,xmm2 + movdqu [rsi],xmm1 + add rsi,16 + dec r10 + jne EECB_LOOP_4_2 +EECB_END_4: + ; restore non volatile rdi,rsi + mov rdi,rax + mov rsi,r11 + ; restore non volatile xmms from stack + movdqa xmm9, [rsp+0] + movdqa xmm10, [rsp+16] + movdqa xmm11, [rsp+32] + movdqa xmm12, [rsp+48] + add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each + ret +AES_ECB_encrypt ENDP + +; /* +; AES_ECB_decrypt[const ,unsigned char*in +; unsigned ,char*out +; unsigned ,long length +; const ,unsigned char*KS +; int nr] +; */ +; . globl AES_ECB_decrypt +AES_ECB_decrypt PROC +;# parameter 1: rdi +;# parameter 2: rsi +;# parameter 3: rdx +;# parameter 4: rcx +;# parameter 5: r8d + +; save rdi and rsi to rax and r11, restore before ret + mov rax,rdi + mov r11,rsi + +; convert to what we had for att&t convention + mov rdi,rcx + mov rsi,rdx + mov rdx,r8 + mov rcx,r9 + mov r8d,[rsp+40] + +; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end + sub rsp,8+4*16 ; 8 = align stack , 4 xmm9-12, 16 bytes each + movdqa [rsp+0], xmm9 + movdqa [rsp+16], xmm10 + movdqa [rsp+32], xmm11 + movdqa [rsp+48], xmm12 + + mov r10,rdx + shr rdx,4 + shl r10,60 + je DECB_NO_PARTS_4 + add rdx,1 +DECB_NO_PARTS_4: + mov r10,rdx + shl r10,62 + shr r10,62 + shr rdx,2 + je DECB_REMAINDER_4 + sub rsi,64 +DECB_LOOP_4: + movdqu xmm1,[rdi] + movdqu xmm2,16[rdi] + movdqu xmm3,32[rdi] + movdqu xmm4,48[rdi] + movdqa xmm9,[rcx] + movdqa xmm10,16[rcx] + movdqa xmm11,32[rcx] + movdqa xmm12,48[rcx] + pxor xmm1,xmm9 + pxor xmm2,xmm9 + pxor xmm3,xmm9 + pxor xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 + aesdec xmm1,xmm11 + aesdec xmm2,xmm11 + aesdec xmm3,xmm11 + aesdec xmm4,xmm11 + aesdec xmm1,xmm12 + aesdec xmm2,xmm12 + aesdec xmm3,xmm12 + aesdec xmm4,xmm12 + movdqa xmm9,64[rcx] + movdqa xmm10,80[rcx] + movdqa xmm11,96[rcx] + movdqa xmm12,112[rcx] + aesdec xmm1,xmm9 + aesdec xmm2,xmm9 + aesdec xmm3,xmm9 + aesdec xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 + aesdec xmm1,xmm11 + aesdec xmm2,xmm11 + aesdec xmm3,xmm11 + aesdec xmm4,xmm11 + aesdec xmm1,xmm12 + aesdec xmm2,xmm12 + aesdec xmm3,xmm12 + aesdec xmm4,xmm12 + movdqa xmm9,128[rcx] + movdqa xmm10,144[rcx] + movdqa xmm11,160[rcx] + cmp r8d,12 + aesdec xmm1,xmm9 + aesdec xmm2,xmm9 + aesdec xmm3,xmm9 + aesdec xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 + jb DECB_LAST_4 + movdqa xmm9,160[rcx] + movdqa xmm10,176[rcx] + movdqa xmm11,192[rcx] + cmp r8d,14 + aesdec xmm1,xmm9 + aesdec xmm2,xmm9 + aesdec xmm3,xmm9 + aesdec xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 + jb DECB_LAST_4 + movdqa xmm9,192[rcx] + movdqa xmm10,208[rcx] + movdqa xmm11,224[rcx] + aesdec xmm1,xmm9 + aesdec xmm2,xmm9 + aesdec xmm3,xmm9 + aesdec xmm4,xmm9 + aesdec xmm1,xmm10 + aesdec xmm2,xmm10 + aesdec xmm3,xmm10 + aesdec xmm4,xmm10 +DECB_LAST_4: + add rdi,64 + add rsi,64 + dec rdx + aesdeclast xmm1,xmm11 + aesdeclast xmm2,xmm11 + aesdeclast xmm3,xmm11 + aesdeclast xmm4,xmm11 + movdqu [rsi],xmm1 + movdqu 16[rsi],xmm2 + movdqu 32[rsi],xmm3 + movdqu 48[rsi],xmm4 + jne DECB_LOOP_4 + add rsi,64 +DECB_REMAINDER_4: + cmp r10,0 + je DECB_END_4 +DECB_LOOP_4_2: + movdqu xmm1,[rdi] + add rdi,16 + pxor xmm1,[rcx] + movdqu xmm2,160[rcx] + cmp r8d,12 + aesdec xmm1,16[rcx] + aesdec xmm1,32[rcx] + aesdec xmm1,48[rcx] + aesdec xmm1,64[rcx] + aesdec xmm1,80[rcx] + aesdec xmm1,96[rcx] + aesdec xmm1,112[rcx] + aesdec xmm1,128[rcx] + aesdec xmm1,144[rcx] + jb DECB_LAST_4_2 + cmp r8d,14 + movdqu xmm2,192[rcx] + aesdec xmm1,160[rcx] + aesdec xmm1,176[rcx] + jb DECB_LAST_4_2 + movdqu xmm2,224[rcx] + aesdec xmm1,192[rcx] + aesdec xmm1,208[rcx] +DECB_LAST_4_2: + aesdeclast xmm1,xmm2 + movdqu [rsi],xmm1 + add rsi,16 + dec r10 + jne DECB_LOOP_4_2 +DECB_END_4: + ; restore non volatile rdi,rsi + mov rdi,rax + mov rsi,r11 + ; restore non volatile xmms from stack + movdqa xmm9, [rsp+0] + movdqa xmm10, [rsp+16] + movdqa xmm11, [rsp+32] + movdqa xmm12, [rsp+48] + add rsp,8+4*16 ; 8 = align stack , 4 xmm9-12 16 bytes each + ret +AES_ECB_decrypt ENDP + + + +; /* +; void ,AES_128_Key_Expansion[const unsigned char*userkey +; unsigned char*key_schedule]/ +; */ +; . align 16,0x90 +; . globl AES_128_Key_Expansion +AES_128_Key_Expansion PROC +;# parameter 1: rdi +;# parameter 2: rsi + +; save rdi and rsi to rax and r11, restore before ret + mov rax,rdi + mov r11,rsi + +; convert to what we had for att&t convention + mov rdi,rcx + mov rsi,rdx + + mov dword ptr 240[rsi],10 + + movdqu xmm1,[rdi] + movdqa [rsi],xmm1 + + +ASSISTS: + aeskeygenassist xmm2,xmm1,1 + call PREPARE_ROUNDKEY_128 + movdqa 16[rsi],xmm1 + + aeskeygenassist xmm2,xmm1,2 + call PREPARE_ROUNDKEY_128 + movdqa 32[rsi],xmm1 + + aeskeygenassist xmm2,xmm1,4 + call PREPARE_ROUNDKEY_128 + movdqa 48[rsi],xmm1 + + aeskeygenassist xmm2,xmm1,8 + call PREPARE_ROUNDKEY_128 + movdqa 64[rsi],xmm1 + + aeskeygenassist xmm2,xmm1,16 + call PREPARE_ROUNDKEY_128 + movdqa 80[rsi],xmm1 + + aeskeygenassist xmm2,xmm1,32 + call PREPARE_ROUNDKEY_128 + movdqa 96[rsi],xmm1 + + aeskeygenassist xmm2,xmm1,64 + call PREPARE_ROUNDKEY_128 + movdqa 112[rsi],xmm1 + aeskeygenassist xmm2,xmm1,80h + call PREPARE_ROUNDKEY_128 + movdqa 128[rsi],xmm1 + aeskeygenassist xmm2,xmm1,1bh + call PREPARE_ROUNDKEY_128 + movdqa 144[rsi],xmm1 + aeskeygenassist xmm2,xmm1,36h + call PREPARE_ROUNDKEY_128 + movdqa 160[rsi],xmm1 + ; restore non volatile rdi,rsi + mov rdi,rax + mov rsi,r11 + ret + +PREPARE_ROUNDKEY_128: + pshufd xmm2,xmm2,255 + movdqa xmm3,xmm1 + pslldq xmm3,4 + pxor xmm1,xmm3 + pslldq xmm3,4 + pxor xmm1,xmm3 + pslldq xmm3,4 + pxor xmm1,xmm3 + pxor xmm1,xmm2 + ret +AES_128_Key_Expansion ENDP + +; /* +; void ,AES_192_Key_Expansion[const unsigned char*userkey +; unsigned char*key] +; */ +; . globl AES_192_Key_Expansion +AES_192_Key_Expansion PROC +;# parameter 1: rdi +;# parameter 2: rsi + +; save rdi and rsi to rax and r11, restore before ret + mov rax,rdi + mov r11,rsi + +; convert to what we had for att&t convention + mov rdi,rcx + mov rsi,rdx + +; on microsoft xmm6-xmm15 are non volaitle, let's save on stack and restore at end + sub rsp,8+1*16 ; 8 = align stack , 1 xmm6, 16 bytes each + movdqa [rsp+0], xmm6 + + movdqu xmm1,[rdi] + movdqu xmm3,16[rdi] + movdqa [rsi],xmm1 + movdqa xmm5,xmm3 + + aeskeygenassist xmm2,xmm3,1h + call PREPARE_ROUNDKEY_192 + shufpd xmm5,xmm1,0 + movdqa 16[rsi],xmm5 + movdqa xmm6,xmm1 + shufpd xmm6,xmm3,1 + movdqa 32[rsi],xmm6 + + aeskeygenassist xmm2,xmm3,2h + call PREPARE_ROUNDKEY_192 + movdqa 48[rsi],xmm1 + movdqa xmm5,xmm3 + + aeskeygenassist xmm2,xmm3,4h + call PREPARE_ROUNDKEY_192 + shufpd xmm5,xmm1,0 + movdqa 64[rsi],xmm5 + movdqa xmm6,xmm1 + shufpd xmm6,xmm3,1 + movdqa 80[rsi],xmm6 + + aeskeygenassist xmm2,xmm3,8h + call PREPARE_ROUNDKEY_192 + movdqa 96[rsi],xmm1 + movdqa xmm5,xmm3 + + aeskeygenassist xmm2,xmm3,10h + call PREPARE_ROUNDKEY_192 + shufpd xmm5,xmm1,0 + movdqa 112[rsi],xmm5 + movdqa xmm6,xmm1 + shufpd xmm6,xmm3,1 + movdqa 128[rsi],xmm6 + + aeskeygenassist xmm2,xmm3,20h + call PREPARE_ROUNDKEY_192 + movdqa 144[rsi],xmm1 + movdqa xmm5,xmm3 + + aeskeygenassist xmm2,xmm3,40h + call PREPARE_ROUNDKEY_192 + shufpd xmm5,xmm1,0 + movdqa 160[rsi],xmm5 + movdqa xmm6,xmm1 + shufpd xmm6,xmm3,1 + movdqa 176[rsi],xmm6 + + aeskeygenassist xmm2,xmm3,80h + call PREPARE_ROUNDKEY_192 + movdqa 192[rsi],xmm1 + movdqa 208[rsi],xmm3 + ; restore non volatile rdi,rsi + mov rdi,rax + mov rsi,r11 +; restore non volatile xmms from stack + movdqa xmm6, [rsp+0] + add rsp,8+1*16 ; 8 = align stack , 1 xmm6 16 bytes each + ret + +PREPARE_ROUNDKEY_192: + pshufd xmm2,xmm2,55h + movdqu xmm4,xmm1 + pslldq xmm4,4 + pxor xmm1,xmm4 + + pslldq xmm4,4 + pxor xmm1,xmm4 + pslldq xmm4,4 + pxor xmm1,xmm4 + pxor xmm1,xmm2 + pshufd xmm2,xmm1,0ffh + movdqu xmm4,xmm3 + pslldq xmm4,4 + pxor xmm3,xmm4 + pxor xmm3,xmm2 + ret +AES_192_Key_Expansion ENDP + +; /* +; void ,AES_256_Key_Expansion[const unsigned char*userkey +; unsigned char*key] +; */ +; . globl AES_256_Key_Expansion +AES_256_Key_Expansion PROC +;# parameter 1: rdi +;# parameter 2: rsi + +; save rdi and rsi to rax and r11, restore before ret + mov rax,rdi + mov r11,rsi + +; convert to what we had for att&t convention + mov rdi,rcx + mov rsi,rdx + + movdqu xmm1,[rdi] + movdqu xmm3,16[rdi] + movdqa [rsi],xmm1 + movdqa 16[rsi],xmm3 + + aeskeygenassist xmm2,xmm3,1h + call MAKE_RK256_a + movdqa 32[rsi],xmm1 + aeskeygenassist xmm2,xmm1,0h + call MAKE_RK256_b + movdqa 48[rsi],xmm3 + aeskeygenassist xmm2,xmm3,2h + call MAKE_RK256_a + movdqa 64[rsi],xmm1 + aeskeygenassist xmm2,xmm1,0h + call MAKE_RK256_b + movdqa 80[rsi],xmm3 + aeskeygenassist xmm2,xmm3,4h + call MAKE_RK256_a + movdqa 96[rsi],xmm1 + aeskeygenassist xmm2,xmm1,0h + call MAKE_RK256_b + movdqa 112[rsi],xmm3 + aeskeygenassist xmm2,xmm3,8h + call MAKE_RK256_a + movdqa 128[rsi],xmm1 + aeskeygenassist xmm2,xmm1,0h + call MAKE_RK256_b + movdqa 144[rsi],xmm3 + aeskeygenassist xmm2,xmm3,10h + call MAKE_RK256_a + movdqa 160[rsi],xmm1 + aeskeygenassist xmm2,xmm1,0h + call MAKE_RK256_b + movdqa 176[rsi],xmm3 + aeskeygenassist xmm2,xmm3,20h + call MAKE_RK256_a + movdqa 192[rsi],xmm1 + + aeskeygenassist xmm2,xmm1,0h + call MAKE_RK256_b + movdqa 208[rsi],xmm3 + aeskeygenassist xmm2,xmm3,40h + call MAKE_RK256_a + movdqa 224[rsi],xmm1 + + ; restore non volatile rdi,rsi + mov rdi,rax + mov rsi,r11 + ret +AES_256_Key_Expansion ENDP + +MAKE_RK256_a: + pshufd xmm2,xmm2,0ffh + movdqa xmm4,xmm1 + pslldq xmm4,4 + pxor xmm1,xmm4 + pslldq xmm4,4 + pxor xmm1,xmm4 + pslldq xmm4,4 + pxor xmm1,xmm4 + pxor xmm1,xmm2 + ret + +MAKE_RK256_b: + pshufd xmm2,xmm2,0aah + movdqa xmm4,xmm3 + pslldq xmm4,4 + pxor xmm3,xmm4 + pslldq xmm4,4 + pxor xmm3,xmm4 + pslldq xmm4,4 + pxor xmm3,xmm4 + pxor xmm3,xmm2 + ret + +END diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.s b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.s index 4aa358619..b5f5bc9c1 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.s +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/aes_asm.s @@ -1,6 +1,6 @@ /* aes_asm.s * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,13 +24,17 @@ * by Intel Mobility Group, Israel Development Center, Israel Shay Gueron */ +/* This file is in at&t asm syntax, see .asm for intel syntax */ -//AES_CBC_encrypt (const unsigned char *in, -// unsigned char *out, -// unsigned char ivec[16], -// unsigned long length, -// const unsigned char *KS, -// int nr) + +/* +AES_CBC_encrypt (const unsigned char *in, + unsigned char *out, + unsigned char ivec[16], + unsigned long length, + const unsigned char *KS, + int nr) +*/ .globl AES_CBC_encrypt AES_CBC_encrypt: # parameter 1: %rdi @@ -82,12 +86,15 @@ ret -//AES_CBC_decrypt (const unsigned char *in, -// unsigned char *out, -// unsigned char ivec[16], -// unsigned long length, -// const unsigned char *KS, -// int nr) + +/* +AES_CBC_decrypt (const unsigned char *in, + unsigned char *out, + unsigned char ivec[16], + unsigned long length, + const unsigned char *KS, + int nr) +*/ .globl AES_CBC_decrypt AES_CBC_decrypt: # parameter 1: %rdi @@ -258,10 +265,331 @@ DEND_4: ret - - -//void AES_128_Key_Expansion(const unsigned char* userkey, -// unsigned char* key_schedule); +/* +AES_ECB_encrypt (const unsigned char *in, + unsigned char *out, + unsigned long length, + const unsigned char *KS, + int nr) +*/ +.globl AES_ECB_encrypt +AES_ECB_encrypt: +# parameter 1: %rdi +# parameter 2: %rsi +# parameter 3: %rdx +# parameter 4: %rcx +# parameter 5: %r8d + movq %rdx, %r10 + shrq $4, %rdx + shlq $60, %r10 + je EECB_NO_PARTS_4 + addq $1, %rdx +EECB_NO_PARTS_4: + movq %rdx, %r10 + shlq $62, %r10 + shrq $62, %r10 + shrq $2, %rdx + je EECB_REMAINDER_4 + subq $64, %rsi +EECB_LOOP_4: + movdqu (%rdi), %xmm1 + movdqu 16(%rdi), %xmm2 + movdqu 32(%rdi), %xmm3 + movdqu 48(%rdi), %xmm4 + movdqa (%rcx), %xmm9 + movdqa 16(%rcx), %xmm10 + movdqa 32(%rcx), %xmm11 + movdqa 48(%rcx), %xmm12 + pxor %xmm9, %xmm1 + pxor %xmm9, %xmm2 + pxor %xmm9, %xmm3 + pxor %xmm9, %xmm4 + aesenc %xmm10, %xmm1 + aesenc %xmm10, %xmm2 + aesenc %xmm10, %xmm3 + aesenc %xmm10, %xmm4 + aesenc %xmm11, %xmm1 + aesenc %xmm11, %xmm2 + aesenc %xmm11, %xmm3 + aesenc %xmm11, %xmm4 + aesenc %xmm12, %xmm1 + aesenc %xmm12, %xmm2 + aesenc %xmm12, %xmm3 + aesenc %xmm12, %xmm4 + movdqa 64(%rcx), %xmm9 + movdqa 80(%rcx), %xmm10 + movdqa 96(%rcx), %xmm11 + movdqa 112(%rcx), %xmm12 + aesenc %xmm9, %xmm1 + aesenc %xmm9, %xmm2 + aesenc %xmm9, %xmm3 + aesenc %xmm9, %xmm4 + aesenc %xmm10, %xmm1 + aesenc %xmm10, %xmm2 + aesenc %xmm10, %xmm3 + aesenc %xmm10, %xmm4 + aesenc %xmm11, %xmm1 + aesenc %xmm11, %xmm2 + aesenc %xmm11, %xmm3 + aesenc %xmm11, %xmm4 + aesenc %xmm12, %xmm1 + aesenc %xmm12, %xmm2 + aesenc %xmm12, %xmm3 + aesenc %xmm12, %xmm4 + movdqa 128(%rcx), %xmm9 + movdqa 144(%rcx), %xmm10 + movdqa 160(%rcx), %xmm11 + cmpl $12, %r8d + aesenc %xmm9, %xmm1 + aesenc %xmm9, %xmm2 + aesenc %xmm9, %xmm3 + aesenc %xmm9, %xmm4 + aesenc %xmm10, %xmm1 + aesenc %xmm10, %xmm2 + aesenc %xmm10, %xmm3 + aesenc %xmm10, %xmm4 + jb EECB_LAST_4 + movdqa 160(%rcx), %xmm9 + movdqa 176(%rcx), %xmm10 + movdqa 192(%rcx), %xmm11 + cmpl $14, %r8d + aesenc %xmm9, %xmm1 + aesenc %xmm9, %xmm2 + aesenc %xmm9, %xmm3 + aesenc %xmm9, %xmm4 + aesenc %xmm10, %xmm1 + aesenc %xmm10, %xmm2 + aesenc %xmm10, %xmm3 + aesenc %xmm10, %xmm4 + jb EECB_LAST_4 + movdqa 192(%rcx), %xmm9 + movdqa 208(%rcx), %xmm10 + movdqa 224(%rcx), %xmm11 + aesenc %xmm9, %xmm1 + aesenc %xmm9, %xmm2 + aesenc %xmm9, %xmm3 + aesenc %xmm9, %xmm4 + aesenc %xmm10, %xmm1 + aesenc %xmm10, %xmm2 + aesenc %xmm10, %xmm3 + aesenc %xmm10, %xmm4 +EECB_LAST_4: + addq $64, %rdi + addq $64, %rsi + decq %rdx + aesenclast %xmm11, %xmm1 + aesenclast %xmm11, %xmm2 + aesenclast %xmm11, %xmm3 + aesenclast %xmm11, %xmm4 + movdqu %xmm1, (%rsi) + movdqu %xmm2, 16(%rsi) + movdqu %xmm3, 32(%rsi) + movdqu %xmm4, 48(%rsi) + jne EECB_LOOP_4 + addq $64, %rsi +EECB_REMAINDER_4: + cmpq $0, %r10 + je EECB_END_4 +EECB_LOOP_4_2: + movdqu (%rdi), %xmm1 + addq $16, %rdi + pxor (%rcx), %xmm1 + movdqu 160(%rcx), %xmm2 + aesenc 16(%rcx), %xmm1 + aesenc 32(%rcx), %xmm1 + aesenc 48(%rcx), %xmm1 + aesenc 64(%rcx), %xmm1 + aesenc 80(%rcx), %xmm1 + aesenc 96(%rcx), %xmm1 + aesenc 112(%rcx), %xmm1 + aesenc 128(%rcx), %xmm1 + aesenc 144(%rcx), %xmm1 + cmpl $12, %r8d + jb EECB_LAST_4_2 + movdqu 192(%rcx), %xmm2 + aesenc 160(%rcx), %xmm1 + aesenc 176(%rcx), %xmm1 + cmpl $14, %r8d + jb EECB_LAST_4_2 + movdqu 224(%rcx), %xmm2 + aesenc 192(%rcx), %xmm1 + aesenc 208(%rcx), %xmm1 +EECB_LAST_4_2: + aesenclast %xmm2, %xmm1 + movdqu %xmm1, (%rsi) + addq $16, %rsi + decq %r10 + jne EECB_LOOP_4_2 +EECB_END_4: + ret + + +/* +AES_ECB_decrypt (const unsigned char *in, + unsigned char *out, + unsigned long length, + const unsigned char *KS, + int nr) +*/ +.globl AES_ECB_decrypt +AES_ECB_decrypt: +# parameter 1: %rdi +# parameter 2: %rsi +# parameter 3: %rdx +# parameter 4: %rcx +# parameter 5: %r8d + + movq %rdx, %r10 + shrq $4, %rdx + shlq $60, %r10 + je DECB_NO_PARTS_4 + addq $1, %rdx +DECB_NO_PARTS_4: + movq %rdx, %r10 + shlq $62, %r10 + shrq $62, %r10 + shrq $2, %rdx + je DECB_REMAINDER_4 + subq $64, %rsi +DECB_LOOP_4: + movdqu (%rdi), %xmm1 + movdqu 16(%rdi), %xmm2 + movdqu 32(%rdi), %xmm3 + movdqu 48(%rdi), %xmm4 + movdqa (%rcx), %xmm9 + movdqa 16(%rcx), %xmm10 + movdqa 32(%rcx), %xmm11 + movdqa 48(%rcx), %xmm12 + pxor %xmm9, %xmm1 + pxor %xmm9, %xmm2 + pxor %xmm9, %xmm3 + pxor %xmm9, %xmm4 + aesdec %xmm10, %xmm1 + aesdec %xmm10, %xmm2 + aesdec %xmm10, %xmm3 + aesdec %xmm10, %xmm4 + aesdec %xmm11, %xmm1 + aesdec %xmm11, %xmm2 + aesdec %xmm11, %xmm3 + aesdec %xmm11, %xmm4 + aesdec %xmm12, %xmm1 + aesdec %xmm12, %xmm2 + aesdec %xmm12, %xmm3 + aesdec %xmm12, %xmm4 + movdqa 64(%rcx), %xmm9 + movdqa 80(%rcx), %xmm10 + movdqa 96(%rcx), %xmm11 + movdqa 112(%rcx), %xmm12 + aesdec %xmm9, %xmm1 + aesdec %xmm9, %xmm2 + aesdec %xmm9, %xmm3 + aesdec %xmm9, %xmm4 + aesdec %xmm10, %xmm1 + aesdec %xmm10, %xmm2 + aesdec %xmm10, %xmm3 + aesdec %xmm10, %xmm4 + aesdec %xmm11, %xmm1 + aesdec %xmm11, %xmm2 + aesdec %xmm11, %xmm3 + aesdec %xmm11, %xmm4 + aesdec %xmm12, %xmm1 + aesdec %xmm12, %xmm2 + aesdec %xmm12, %xmm3 + aesdec %xmm12, %xmm4 + movdqa 128(%rcx), %xmm9 + movdqa 144(%rcx), %xmm10 + movdqa 160(%rcx), %xmm11 + cmpl $12, %r8d + aesdec %xmm9, %xmm1 + aesdec %xmm9, %xmm2 + aesdec %xmm9, %xmm3 + aesdec %xmm9, %xmm4 + aesdec %xmm10, %xmm1 + aesdec %xmm10, %xmm2 + aesdec %xmm10, %xmm3 + aesdec %xmm10, %xmm4 + jb DECB_LAST_4 + movdqa 160(%rcx), %xmm9 + movdqa 176(%rcx), %xmm10 + movdqa 192(%rcx), %xmm11 + cmpl $14, %r8d + aesdec %xmm9, %xmm1 + aesdec %xmm9, %xmm2 + aesdec %xmm9, %xmm3 + aesdec %xmm9, %xmm4 + aesdec %xmm10, %xmm1 + aesdec %xmm10, %xmm2 + aesdec %xmm10, %xmm3 + aesdec %xmm10, %xmm4 + jb DECB_LAST_4 + movdqa 192(%rcx), %xmm9 + movdqa 208(%rcx), %xmm10 + movdqa 224(%rcx), %xmm11 + aesdec %xmm9, %xmm1 + aesdec %xmm9, %xmm2 + aesdec %xmm9, %xmm3 + aesdec %xmm9, %xmm4 + aesdec %xmm10, %xmm1 + aesdec %xmm10, %xmm2 + aesdec %xmm10, %xmm3 + aesdec %xmm10, %xmm4 +DECB_LAST_4: + addq $64, %rdi + addq $64, %rsi + decq %rdx + aesdeclast %xmm11, %xmm1 + aesdeclast %xmm11, %xmm2 + aesdeclast %xmm11, %xmm3 + aesdeclast %xmm11, %xmm4 + movdqu %xmm1, (%rsi) + movdqu %xmm2, 16(%rsi) + movdqu %xmm3, 32(%rsi) + movdqu %xmm4, 48(%rsi) + jne DECB_LOOP_4 + addq $64, %rsi +DECB_REMAINDER_4: + cmpq $0, %r10 + je DECB_END_4 +DECB_LOOP_4_2: + movdqu (%rdi), %xmm1 + addq $16, %rdi + pxor (%rcx), %xmm1 + movdqu 160(%rcx), %xmm2 + cmpl $12, %r8d + aesdec 16(%rcx), %xmm1 + aesdec 32(%rcx), %xmm1 + aesdec 48(%rcx), %xmm1 + aesdec 64(%rcx), %xmm1 + aesdec 80(%rcx), %xmm1 + aesdec 96(%rcx), %xmm1 + aesdec 112(%rcx), %xmm1 + aesdec 128(%rcx), %xmm1 + aesdec 144(%rcx), %xmm1 + jb DECB_LAST_4_2 + cmpl $14, %r8d + movdqu 192(%rcx), %xmm2 + aesdec 160(%rcx), %xmm1 + aesdec 176(%rcx), %xmm1 + jb DECB_LAST_4_2 + movdqu 224(%rcx), %xmm2 + aesdec 192(%rcx), %xmm1 + aesdec 208(%rcx), %xmm1 +DECB_LAST_4_2: + aesdeclast %xmm2, %xmm1 + movdqu %xmm1, (%rsi) + addq $16, %rsi + decq %r10 + jne DECB_LOOP_4_2 +DECB_END_4: + ret + + + + +/* +void AES_128_Key_Expansion(const unsigned char* userkey, + unsigned char* key_schedule); +*/ .align 16,0x90 .globl AES_128_Key_Expansion AES_128_Key_Expansion: @@ -319,8 +647,10 @@ pxor %xmm2, %xmm1 ret -//void AES_192_Key_Expansion (const unsigned char *userkey, -// unsigned char *key) +/* +void AES_192_Key_Expansion (const unsigned char *userkey, + unsigned char *key) +*/ .globl AES_192_Key_Expansion AES_192_Key_Expansion: # parameter 1: %rdi @@ -403,8 +733,10 @@ pxor %xmm2, %xmm3 ret -//void AES_256_Key_Expansion (const unsigned char *userkey, -// unsigned char *key) +/* +void AES_256_Key_Expansion (const unsigned char *userkey, + unsigned char *key) +*/ .globl AES_256_Key_Expansion AES_256_Key_Expansion: # parameter 1: %rdi diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/arc4.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/arc4.c index cbb132da8..01cc7a197 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/arc4.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/arc4.c @@ -1,6 +1,6 @@ /* arc4.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,21 +16,37 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + +#ifndef NO_RC4 + #include +#ifdef HAVE_CAVIUM + static void Arc4CaviumSetKey(Arc4* arc4, const byte* key, word32 length); + static void Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in, + word32 length); +#endif + + void Arc4SetKey(Arc4* arc4, const byte* key, word32 length) { word32 i; word32 keyIndex = 0, stateIndex = 0; +#ifdef HAVE_CAVIUM + if (arc4->magic == CYASSL_ARC4_CAVIUM_MAGIC) + return Arc4CaviumSetKey(arc4, key, length); +#endif + arc4->x = 1; arc4->y = 0; @@ -66,8 +82,16 @@ static INLINE byte MakeByte(word32* x, word32* y, byte* s) void Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length) { - word32 x = arc4->x; - word32 y = arc4->y; + word32 x; + word32 y; + +#ifdef HAVE_CAVIUM + if (arc4->magic == CYASSL_ARC4_CAVIUM_MAGIC) + return Arc4CaviumProcess(arc4, out, in, length); +#endif + + x = arc4->x; + y = arc4->y; while(length--) *out++ = *in++ ^ MakeByte(&x, &y, arc4->state); @@ -76,3 +100,80 @@ void Arc4Process(Arc4* arc4, byte* out, const byte* in, word32 length) arc4->y = (byte)y; } + +#ifdef HAVE_CAVIUM + +#include +#include "cavium_common.h" + +/* Initiliaze Arc4 for use with Nitrox device */ +int Arc4InitCavium(Arc4* arc4, int devId) +{ + if (arc4 == NULL) + return -1; + + if (CspAllocContext(CONTEXT_SSL, &arc4->contextHandle, devId) != 0) + return -1; + + arc4->devId = devId; + arc4->magic = CYASSL_ARC4_CAVIUM_MAGIC; + + return 0; +} + + +/* Free Arc4 from use with Nitrox device */ +void Arc4FreeCavium(Arc4* arc4) +{ + if (arc4 == NULL) + return; + + if (arc4->magic != CYASSL_ARC4_CAVIUM_MAGIC) + return; + + CspFreeContext(CONTEXT_SSL, arc4->contextHandle, arc4->devId); + arc4->magic = 0; +} + + +static void Arc4CaviumSetKey(Arc4* arc4, const byte* key, word32 length) +{ + word32 requestId; + + if (CspInitializeRc4(CAVIUM_BLOCKING, arc4->contextHandle, length, + (byte*)key, &requestId, arc4->devId) != 0) { + CYASSL_MSG("Bad Cavium Arc4 Init"); + } +} + + +static void Arc4CaviumProcess(Arc4* arc4, byte* out, const byte* in, + word32 length) +{ + word offset = 0; + word32 requestId; + + while (length > CYASSL_MAX_16BIT) { + word16 slen = (word16)CYASSL_MAX_16BIT; + if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE, + slen, (byte*)in + offset, out + offset, &requestId, + arc4->devId) != 0) { + CYASSL_MSG("Bad Cavium Arc4 Encrypt"); + } + length -= CYASSL_MAX_16BIT; + offset += CYASSL_MAX_16BIT; + } + if (length) { + word16 slen = (word16)length; + if (CspEncryptRc4(CAVIUM_BLOCKING, arc4->contextHandle,CAVIUM_UPDATE, + slen, (byte*)in + offset, out + offset, &requestId, + arc4->devId) != 0) { + CYASSL_MSG("Bad Cavium Arc4 Encrypt"); + } + } +} + +#endif /* HAVE_CAVIUM */ + +#endif /* NO_ARC4 */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asm.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asm.c index 008322e90..2924cddc2 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asm.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asm.c @@ -1,6 +1,6 @@ /* asm.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,13 +16,15 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + /* * Based on public domain TomsFastMath 0.10 by Tom St Denis, tomstdenis@iahu.ca, * http://math.libtomcrypt.com @@ -41,7 +43,7 @@ mu = c[x] * mp #define INNERMUL \ -asm( \ +__asm__( \ "movl %5,%%eax \n\t" \ "mull %4 \n\t" \ "addl %1,%%eax \n\t" \ @@ -51,16 +53,16 @@ asm( \ "movl %%edx,%1 \n\t" \ :"=g"(_c[LO]), "=r"(cy) \ :"0"(_c[LO]), "1"(cy), "g"(mu), "g"(*tmpm++) \ -: "%eax", "%edx", "%cc") +: "%eax", "%edx", "cc") #define PROPCARRY \ -asm( \ +__asm__( \ "addl %1,%0 \n\t" \ "setb %%al \n\t" \ "movzbl %%al,%1 \n\t" \ :"=g"(_c[LO]), "=r"(cy) \ :"0"(_c[LO]), "1"(cy) \ -: "%eax", "%cc") +: "%eax", "cc") /******************************************************************/ #elif defined(TFM_X86_64) @@ -73,7 +75,7 @@ asm( \ mu = c[x] * mp #define INNERMUL \ -asm( \ +__asm__( \ "movq %5,%%rax \n\t" \ "mulq %4 \n\t" \ "addq %1,%%rax \n\t" \ @@ -83,10 +85,10 @@ asm( \ "movq %%rdx,%1 \n\t" \ :"=g"(_c[LO]), "=r"(cy) \ :"0"(_c[LO]), "1"(cy), "r"(mu), "r"(*tmpm++) \ -: "%rax", "%rdx", "%cc") +: "%rax", "%rdx", "cc") #define INNERMUL8 \ - asm( \ + __asm__( \ "movq 0(%5),%%rax \n\t" \ "movq 0(%2),%%r10 \n\t" \ "movq 0x8(%5),%%r11 \n\t" \ @@ -176,17 +178,17 @@ asm( \ \ :"=r"(_c), "=r"(cy) \ : "0"(_c), "1"(cy), "g"(mu), "r"(tmpm)\ -: "%rax", "%rdx", "%r10", "%r11", "%cc") +: "%rax", "%rdx", "%r10", "%r11", "cc") #define PROPCARRY \ -asm( \ +__asm__( \ "addq %1,%0 \n\t" \ "setb %%al \n\t" \ "movzbq %%al,%1 \n\t" \ :"=g"(_c[LO]), "=r"(cy) \ :"0"(_c[LO]), "1"(cy) \ -: "%rax", "%cc") +: "%rax", "cc") /******************************************************************/ #elif defined(TFM_SSE2) @@ -200,13 +202,13 @@ asm( \ */ #define MONT_START \ - asm("movd %0,%%mm2"::"g"(mp)) + __asm__("movd %0,%%mm2"::"g"(mp)) #define MONT_FINI \ - asm("emms") + __asm__("emms") #define LOOP_START \ -asm( \ +__asm__( \ "movd %0,%%mm1 \n\t" \ "pxor %%mm3,%%mm3 \n\t" \ "pmuludq %%mm2,%%mm1 \n\t" \ @@ -214,7 +216,7 @@ asm( \ /* pmuludq on mmx registers does a 32x32->64 multiply. */ #define INNERMUL \ -asm( \ +__asm__( \ "movd %1,%%mm4 \n\t" \ "movd %2,%%mm0 \n\t" \ "paddq %%mm4,%%mm3 \n\t" \ @@ -225,7 +227,7 @@ asm( \ :"=g"(_c[LO]) : "0"(_c[LO]), "g"(*tmpm++) ); #define INNERMUL8 \ -asm( \ +__asm__( \ "movd 0(%1),%%mm4 \n\t" \ "movd 0(%2),%%mm0 \n\t" \ "paddq %%mm4,%%mm3 \n\t" \ @@ -295,16 +297,16 @@ asm( \ pointer */ #define LOOP_END \ -asm( "movd %%mm3,%0 \n" :"=r"(cy)) +__asm__( "movd %%mm3,%0 \n" :"=r"(cy)) #define PROPCARRY \ -asm( \ +__asm__( \ "addl %1,%0 \n\t" \ "setb %%al \n\t" \ "movzbl %%al,%1 \n\t" \ :"=g"(_c[LO]), "=r"(cy) \ :"0"(_c[LO]), "1"(cy) \ -: "%eax", "%cc") +: "%eax", "cc") /******************************************************************/ #elif defined(TFM_ARM) @@ -316,24 +318,56 @@ asm( \ #define LOOP_START \ mu = c[x] * mp + +#ifdef __thumb__ + +#define INNERMUL \ +__asm__( \ + " LDR r0,%1 \n\t" \ + " ADDS r0,r0,%0 \n\t" \ + " ITE CS \n\t" \ + " MOVCS %0,#1 \n\t" \ + " MOVCC %0,#0 \n\t" \ + " UMLAL r0,%0,%3,%4 \n\t" \ + " STR r0,%1 \n\t" \ +:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"m"(_c[0]):"r0","cc"); + +#define PROPCARRY \ +__asm__( \ + " LDR r0,%1 \n\t" \ + " ADDS r0,r0,%0 \n\t" \ + " STR r0,%1 \n\t" \ + " ITE CS \n\t" \ + " MOVCS %0,#1 \n\t" \ + " MOVCC %0,#0 \n\t" \ +:"=r"(cy),"=m"(_c[0]):"0"(cy),"m"(_c[0]):"r0","cc"); + + +/* TAO thumb mode uses ite (if then else) to detect carry directly + * fixed unmatched constraint warning by changing 1 to m */ + +#else /* __thumb__ */ + #define INNERMUL \ -asm( \ +__asm__( \ " LDR r0,%1 \n\t" \ " ADDS r0,r0,%0 \n\t" \ " MOVCS %0,#1 \n\t" \ " MOVCC %0,#0 \n\t" \ " UMLAL r0,%0,%3,%4 \n\t" \ " STR r0,%1 \n\t" \ -:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c[0]):"r0","%cc"); +:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c[0]):"r0","cc"); #define PROPCARRY \ -asm( \ +__asm__( \ " LDR r0,%1 \n\t" \ " ADDS r0,r0,%0 \n\t" \ " STR r0,%1 \n\t" \ " MOVCS %0,#1 \n\t" \ " MOVCC %0,#0 \n\t" \ -:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"r0","%cc"); +:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"r0","cc"); + +#endif /* __thumb__ */ #elif defined(TFM_PPC32) @@ -345,7 +379,7 @@ asm( \ mu = c[x] * mp #define INNERMUL \ -asm( \ +__asm__( \ " mullw 16,%3,%4 \n\t" \ " mulhwu 17,%3,%4 \n\t" \ " addc 16,16,%0 \n\t" \ @@ -354,16 +388,16 @@ asm( \ " addc 16,16,18 \n\t" \ " addze %0,17 \n\t" \ " stw 16,%1 \n\t" \ -:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","%cc"); ++tmpm; +:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","cc"); ++tmpm; #define PROPCARRY \ -asm( \ +__asm__( \ " lwz 16,%1 \n\t" \ " addc 16,16,%0 \n\t" \ " stw 16,%1 \n\t" \ " xor %0,%0,%0 \n\t" \ " addze %0,%0 \n\t" \ -:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","%cc"); +:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","cc"); #elif defined(TFM_PPC64) @@ -375,7 +409,7 @@ asm( \ mu = c[x] * mp #define INNERMUL \ -asm( \ +__asm__( \ " mulld 16,%3,%4 \n\t" \ " mulhdu 17,%3,%4 \n\t" \ " addc 16,16,%0 \n\t" \ @@ -384,16 +418,16 @@ asm( \ " addc 16,16,18 \n\t" \ " addze %0,17 \n\t" \ " sdx 16,0,%1 \n\t" \ -:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","%cc"); ++tmpm; +:"=r"(cy),"=m"(_c[0]):"0"(cy),"r"(mu),"r"(tmpm[0]),"1"(_c[0]):"16", "17", "18","cc"); ++tmpm; #define PROPCARRY \ -asm( \ +__asm__( \ " ldx 16,0,%1 \n\t" \ " addc 16,16,%0 \n\t" \ " sdx 16,0,%1 \n\t" \ " xor %0,%0,%0 \n\t" \ " addze %0,%0 \n\t" \ -:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","%cc"); +:"=r"(cy),"=m"(_c[0]):"0"(cy),"1"(_c[0]):"16","cc"); /******************************************************************/ @@ -407,7 +441,7 @@ asm( \ mu = c[x] * mp #define INNERMUL \ -asm( \ +__asm__( \ " ld.w r2,%1 \n\t" \ " add r2,%0 \n\t" \ " eor r3,r3 \n\t" \ @@ -418,13 +452,13 @@ asm( \ :"=r"(cy),"=r"(_c):"0"(cy),"r"(mu),"r"(*tmpm++),"1"(_c):"r2","r3"); #define PROPCARRY \ -asm( \ +__asm__( \ " ld.w r2,%1 \n\t" \ " add r2,%0 \n\t" \ " st.w %1,r2 \n\t" \ " eor %0,%0 \n\t" \ " acr %0 \n\t" \ -:"=r"(cy),"=r"(&_c[0]):"0"(cy),"1"(&_c[0]):"r2","%cc"); +:"=r"(cy),"=r"(&_c[0]):"0"(cy),"1"(&_c[0]):"r2","cc"); #else @@ -437,9 +471,10 @@ asm( \ #define INNERMUL \ do { fp_word t; \ - _c[0] = t = ((fp_word)_c[0] + (fp_word)cy) + \ + t = ((fp_word)_c[0] + (fp_word)cy) + \ (((fp_word)mu) * ((fp_word)*tmpm++)); \ - cy = (t >> DIGIT_BIT); \ + _c[0] = (fp_digit)t; \ + cy = (fp_digit)(t >> DIGIT_BIT); \ } while (0) #define PROPCARRY \ @@ -475,16 +510,16 @@ asm( \ #define COMBA_FINI #define SQRADD(i, j) \ -asm( \ +__asm__( \ "movl %6,%%eax \n\t" \ "mull %%eax \n\t" \ "addl %%eax,%0 \n\t" \ "adcl %%edx,%1 \n\t" \ "adcl $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%edx","%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%edx","cc"); #define SQRADD2(i, j) \ -asm( \ +__asm__( \ "movl %6,%%eax \n\t" \ "mull %7 \n\t" \ "addl %%eax,%0 \n\t" \ @@ -493,37 +528,37 @@ asm( \ "addl %%eax,%0 \n\t" \ "adcl %%edx,%1 \n\t" \ "adcl $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx", "%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx", "cc"); #define SQRADDSC(i, j) \ -asm( \ +__asm__( \ "movl %3,%%eax \n\t" \ "mull %4 \n\t" \ "movl %%eax,%0 \n\t" \ "movl %%edx,%1 \n\t" \ "xorl %2,%2 \n\t" \ - :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%eax","%edx","%cc"); + :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%eax","%edx","cc"); /* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */ #define SQRADDAC(i, j) \ -asm( \ +__asm__( \ "movl %6,%%eax \n\t" \ "mull %7 \n\t" \ "addl %%eax,%0 \n\t" \ "adcl %%edx,%1 \n\t" \ "adcl $0,%2 \n\t" \ - :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%eax","%edx","%cc"); + :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%eax","%edx","cc"); #define SQRADDDB \ -asm( \ +__asm__( \ "addl %6,%0 \n\t" \ "adcl %7,%1 \n\t" \ "adcl %8,%2 \n\t" \ "addl %6,%0 \n\t" \ "adcl %7,%1 \n\t" \ "adcl %8,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc"); #elif defined(TFM_X86_64) /* x86-64 optimized */ @@ -545,16 +580,16 @@ asm( \ #define COMBA_FINI #define SQRADD(i, j) \ -asm( \ +__asm__( \ "movq %6,%%rax \n\t" \ "mulq %%rax \n\t" \ "addq %%rax,%0 \n\t" \ "adcq %%rdx,%1 \n\t" \ "adcq $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i) :"%rax","%rdx","%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i) :"%rax","%rdx","cc"); #define SQRADD2(i, j) \ -asm( \ +__asm__( \ "movq %6,%%rax \n\t" \ "mulq %7 \n\t" \ "addq %%rax,%0 \n\t" \ @@ -563,37 +598,37 @@ asm( \ "addq %%rax,%0 \n\t" \ "adcq %%rdx,%1 \n\t" \ "adcq $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) :"%rax","%rdx","%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) :"%rax","%rdx","cc"); #define SQRADDSC(i, j) \ -asm( \ +__asm__( \ "movq %3,%%rax \n\t" \ "mulq %4 \n\t" \ "movq %%rax,%0 \n\t" \ "movq %%rdx,%1 \n\t" \ "xorq %2,%2 \n\t" \ - :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%rax","%rdx","%cc"); + :"=r"(sc0), "=r"(sc1), "=r"(sc2): "g"(i), "g"(j) :"%rax","%rdx","cc"); /* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */ #define SQRADDAC(i, j) \ -asm( \ +__asm__( \ "movq %6,%%rax \n\t" \ "mulq %7 \n\t" \ "addq %%rax,%0 \n\t" \ "adcq %%rdx,%1 \n\t" \ "adcq $0,%2 \n\t" \ - :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%rax","%rdx","%cc"); + :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "g"(i), "g"(j) :"%rax","%rdx","cc"); #define SQRADDDB \ -asm( \ +__asm__( \ "addq %6,%0 \n\t" \ "adcq %7,%1 \n\t" \ "adcq %8,%2 \n\t" \ "addq %6,%0 \n\t" \ "adcq %7,%1 \n\t" \ "adcq %8,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc"); #elif defined(TFM_SSE2) @@ -613,10 +648,10 @@ asm( \ do { c0 = c1; c1 = c2; c2 = 0; } while (0); #define COMBA_FINI \ - asm("emms"); + __asm__("emms"); #define SQRADD(i, j) \ -asm( \ +__asm__( \ "movd %6,%%mm0 \n\t" \ "pmuludq %%mm0,%%mm0\n\t" \ "movd %%mm0,%%eax \n\t" \ @@ -625,10 +660,10 @@ asm( \ "movd %%mm0,%%eax \n\t" \ "adcl %%eax,%1 \n\t" \ "adcl $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i) :"%eax","cc"); #define SQRADD2(i, j) \ -asm( \ +__asm__( \ "movd %6,%%mm0 \n\t" \ "movd %7,%%mm1 \n\t" \ "pmuludq %%mm1,%%mm0\n\t" \ @@ -641,10 +676,10 @@ asm( \ "addl %%eax,%0 \n\t" \ "adcl %%edx,%1 \n\t" \ "adcl $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx","%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx","cc"); #define SQRADDSC(i, j) \ -asm( \ +__asm__( \ "movd %3,%%mm0 \n\t" \ "movd %4,%%mm1 \n\t" \ "pmuludq %%mm1,%%mm0\n\t" \ @@ -657,7 +692,7 @@ asm( \ /* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */ #define SQRADDAC(i, j) \ -asm( \ +__asm__( \ "movd %6,%%mm0 \n\t" \ "movd %7,%%mm1 \n\t" \ "pmuludq %%mm1,%%mm0\n\t" \ @@ -667,17 +702,17 @@ asm( \ "addl %%eax,%0 \n\t" \ "adcl %%edx,%1 \n\t" \ "adcl $0,%2 \n\t" \ - :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "m"(i), "m"(j) :"%eax","%edx","%cc"); + :"=r"(sc0), "=r"(sc1), "=r"(sc2): "0"(sc0), "1"(sc1), "2"(sc2), "m"(i), "m"(j) :"%eax","%edx","cc"); #define SQRADDDB \ -asm( \ +__asm__( \ "addl %6,%0 \n\t" \ "adcl %7,%1 \n\t" \ "adcl %8,%2 \n\t" \ "addl %6,%0 \n\t" \ "adcl %7,%1 \n\t" \ "adcl %8,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(sc0), "r"(sc1), "r"(sc2) : "cc"); #elif defined(TFM_ARM) @@ -701,16 +736,16 @@ asm( \ /* multiplies point i and j, updates carry "c1" and digit c2 */ #define SQRADD(i, j) \ -asm( \ +__asm__( \ " UMULL r0,r1,%6,%6 \n\t" \ " ADDS %0,%0,r0 \n\t" \ " ADCS %1,%1,r1 \n\t" \ " ADC %2,%2,#0 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i) : "r0", "r1", "%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i) : "r0", "r1", "cc"); /* for squaring some of the terms are doubled... */ #define SQRADD2(i, j) \ -asm( \ +__asm__( \ " UMULL r0,r1,%6,%7 \n\t" \ " ADDS %0,%0,r0 \n\t" \ " ADCS %1,%1,r1 \n\t" \ @@ -718,31 +753,33 @@ asm( \ " ADDS %0,%0,r0 \n\t" \ " ADCS %1,%1,r1 \n\t" \ " ADC %2,%2,#0 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "cc"); #define SQRADDSC(i, j) \ -asm( \ -" UMULL %0,%1,%6,%7 \n\t" \ +__asm__( \ +" UMULL %0,%1,%3,%4 \n\t" \ " SUB %2,%2,%2 \n\t" \ -:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j) : "%cc"); +:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "r"(i), "r"(j) : "cc"); + +/* TAO removed sc0,1,2 as input to remove warning so %6,%7 become %3,%4 */ #define SQRADDAC(i, j) \ -asm( \ +__asm__( \ " UMULL r0,r1,%6,%7 \n\t" \ " ADDS %0,%0,r0 \n\t" \ " ADCS %1,%1,r1 \n\t" \ " ADC %2,%2,#0 \n\t" \ -:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j) : "r0", "r1", "%cc"); +:"=r"(sc0), "=r"(sc1), "=r"(sc2) : "0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j) : "r0", "r1", "cc"); #define SQRADDDB \ -asm( \ +__asm__( \ " ADDS %0,%0,%3 \n\t" \ " ADCS %1,%1,%4 \n\t" \ " ADC %2,%2,%5 \n\t" \ " ADDS %0,%0,%3 \n\t" \ " ADCS %1,%1,%4 \n\t" \ " ADC %2,%2,%5 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc"); #elif defined(TFM_PPC32) @@ -766,17 +803,17 @@ asm( \ /* multiplies point i and j, updates carry "c1" and digit c2 */ #define SQRADD(i, j) \ -asm( \ +__asm__( \ " mullw 16,%6,%6 \n\t" \ " addc %0,%0,16 \n\t" \ " mulhwu 16,%6,%6 \n\t" \ " adde %1,%1,16 \n\t" \ " addze %2,%2 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","cc"); /* for squaring some of the terms are doubled... */ #define SQRADD2(i, j) \ -asm( \ +__asm__( \ " mullw 16,%6,%7 \n\t" \ " mulhwu 17,%6,%7 \n\t" \ " addc %0,%0,16 \n\t" \ @@ -785,33 +822,33 @@ asm( \ " addc %0,%0,16 \n\t" \ " adde %1,%1,17 \n\t" \ " addze %2,%2 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","cc"); #define SQRADDSC(i, j) \ -asm( \ +__asm__( \ " mullw %0,%6,%7 \n\t" \ " mulhwu %1,%6,%7 \n\t" \ " xor %2,%2,%2 \n\t" \ -:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "%cc"); +:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc"); #define SQRADDAC(i, j) \ -asm( \ +__asm__( \ " mullw 16,%6,%7 \n\t" \ " addc %0,%0,16 \n\t" \ " mulhwu 16,%6,%7 \n\t" \ " adde %1,%1,16 \n\t" \ " addze %2,%2 \n\t" \ -:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "%cc"); +:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "cc"); #define SQRADDDB \ -asm( \ +__asm__( \ " addc %0,%0,%3 \n\t" \ " adde %1,%1,%4 \n\t" \ " adde %2,%2,%5 \n\t" \ " addc %0,%0,%3 \n\t" \ " adde %1,%1,%4 \n\t" \ " adde %2,%2,%5 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc"); #elif defined(TFM_PPC64) /* PPC64 */ @@ -834,17 +871,17 @@ asm( \ /* multiplies point i and j, updates carry "c1" and digit c2 */ #define SQRADD(i, j) \ -asm( \ +__asm__( \ " mulld 16,%6,%6 \n\t" \ " addc %0,%0,16 \n\t" \ " mulhdu 16,%6,%6 \n\t" \ " adde %1,%1,16 \n\t" \ " addze %2,%2 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i):"16","cc"); /* for squaring some of the terms are doubled... */ #define SQRADD2(i, j) \ -asm( \ +__asm__( \ " mulld 16,%6,%7 \n\t" \ " mulhdu 17,%6,%7 \n\t" \ " addc %0,%0,16 \n\t" \ @@ -853,33 +890,33 @@ asm( \ " addc %0,%0,16 \n\t" \ " adde %1,%1,17 \n\t" \ " addze %2,%2 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"16", "17","cc"); #define SQRADDSC(i, j) \ -asm( \ +__asm__( \ " mulld %0,%6,%7 \n\t" \ " mulhdu %1,%6,%7 \n\t" \ " xor %2,%2,%2 \n\t" \ -:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "%cc"); +:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "cc"); #define SQRADDAC(i, j) \ -asm( \ +__asm__( \ " mulld 16,%6,%7 \n\t" \ " addc %0,%0,16 \n\t" \ " mulhdu 16,%6,%7 \n\t" \ " adde %1,%1,16 \n\t" \ " addze %2,%2 \n\t" \ -:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "%cc"); +:"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"16", "cc"); #define SQRADDDB \ -asm( \ +__asm__( \ " addc %0,%0,%3 \n\t" \ " adde %1,%1,%4 \n\t" \ " adde %2,%2,%5 \n\t" \ " addc %0,%0,%3 \n\t" \ " adde %1,%1,%4 \n\t" \ " adde %2,%2,%5 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc"); #elif defined(TFM_AVR32) @@ -904,7 +941,7 @@ asm( \ /* multiplies point i and j, updates carry "c1" and digit c2 */ #define SQRADD(i, j) \ -asm( \ +__asm__( \ " mulu.d r2,%6,%6 \n\t" \ " add %0,%0,r2 \n\t" \ " adc %1,%1,r3 \n\t" \ @@ -913,7 +950,7 @@ asm( \ /* for squaring some of the terms are doubled... */ #define SQRADD2(i, j) \ -asm( \ +__asm__( \ " mulu.d r2,%6,%7 \n\t" \ " add %0,%0,r2 \n\t" \ " adc %1,%1,r3 \n\t" \ @@ -924,7 +961,7 @@ asm( \ :"=r"(c0), "=r"(c1), "=r"(c2):"0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j):"r2", "r3"); #define SQRADDSC(i, j) \ -asm( \ +__asm__( \ " mulu.d r2,%6,%7 \n\t" \ " mov %0,r2 \n\t" \ " mov %1,r3 \n\t" \ @@ -932,7 +969,7 @@ asm( \ :"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i),"r"(j) : "r2", "r3"); #define SQRADDAC(i, j) \ -asm( \ +__asm__( \ " mulu.d r2,%6,%7 \n\t" \ " add %0,%0,r2 \n\t" \ " adc %1,%1,r3 \n\t" \ @@ -940,14 +977,14 @@ asm( \ :"=r"(sc0), "=r"(sc1), "=r"(sc2):"0"(sc0), "1"(sc1), "2"(sc2), "r"(i), "r"(j):"r2", "r3"); #define SQRADDDB \ -asm( \ +__asm__( \ " add %0,%0,%3 \n\t" \ " adc %1,%1,%4 \n\t" \ " adc %2,%2,%5 \n\t" \ " add %0,%0,%3 \n\t" \ " adc %1,%1,%4 \n\t" \ " adc %2,%2,%5 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2) : "r"(sc0), "r"(sc1), "r"(sc2), "0"(c0), "1"(c1), "2"(c2) : "cc"); #else @@ -975,8 +1012,9 @@ asm( \ /* multiplies point i and j, updates carry "c1" and digit c2 */ #define SQRADD(i, j) \ do { fp_word t; \ - t = c0 + ((fp_word)i) * ((fp_word)j); c0 = t; \ - t = c1 + (t >> DIGIT_BIT); c1 = t; c2 += t >> DIGIT_BIT; \ + t = c0 + ((fp_word)i) * ((fp_word)j); c0 = (fp_digit)t; \ + t = c1 + (t >> DIGIT_BIT); c1 = (fp_digit)t; \ + c2 +=(fp_digit) (t >> DIGIT_BIT); \ } while (0); @@ -984,10 +1022,12 @@ asm( \ #define SQRADD2(i, j) \ do { fp_word t; \ t = ((fp_word)i) * ((fp_word)j); \ - tt = (fp_word)c0 + t; c0 = tt; \ - tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = tt; c2 += tt >> DIGIT_BIT; \ - tt = (fp_word)c0 + t; c0 = tt; \ - tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = tt; c2 += tt >> DIGIT_BIT; \ + tt = (fp_word)c0 + t; c0 = (fp_digit)tt; \ + tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = (fp_digit)tt; \ + c2 +=(fp_digit)( tt >> DIGIT_BIT); \ + tt = (fp_word)c0 + t; c0 = (fp_digit)tt; \ + tt = (fp_word)c1 + (tt >> DIGIT_BIT); c1 = (fp_digit)tt; \ + c2 +=(fp_digit) (tt >> DIGIT_BIT); \ } while (0); #define SQRADDSC(i, j) \ @@ -998,35 +1038,66 @@ asm( \ #define SQRADDAC(i, j) \ do { fp_word t; \ - t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = t; \ - t = sc1 + (t >> DIGIT_BIT); sc1 = t; sc2 += t >> DIGIT_BIT; \ + t = sc0 + ((fp_word)i) * ((fp_word)j); sc0 = (fp_digit)t; \ + t = sc1 + (t >> DIGIT_BIT); sc1 = (fp_digit)t; \ + sc2 += (fp_digit)(t >> DIGIT_BIT); \ } while (0); #define SQRADDDB \ do { fp_word t; \ - t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = t; \ - t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); c1 = t; \ - c2 = c2 + ((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT); \ + t = ((fp_word)sc0) + ((fp_word)sc0) + c0; c0 = (fp_digit)t; \ + t = ((fp_word)sc1) + ((fp_word)sc1) + c1 + (t >> DIGIT_BIT); \ + c1 = (fp_digit)t; \ + c2 = c2 + (fp_digit)(((fp_word)sc2) + ((fp_word)sc2) + (t >> DIGIT_BIT)); \ } while (0); #endif #ifdef TFM_SMALL_SET -#include "fp_sqr_comba_small_set.i" -#include "fp_sqr_comba_3.i" -#include "fp_sqr_comba_4.i" -#include "fp_sqr_comba_6.i" -#include "fp_sqr_comba_7.i" -#include "fp_sqr_comba_8.i" -#include "fp_sqr_comba_9.i" -#include "fp_sqr_comba_12.i" -#include "fp_sqr_comba_17.i" -#include "fp_sqr_comba_20.i" -#include "fp_sqr_comba_24.i" -#include "fp_sqr_comba_28.i" -#include "fp_sqr_comba_32.i" -#include "fp_sqr_comba_48.i" -#include "fp_sqr_comba_64.i" + #include "fp_sqr_comba_small_set.i" +#endif + +#if defined(TFM_SQR3) + #include "fp_sqr_comba_3.i" +#endif +#if defined(TFM_SQR4) + #include "fp_sqr_comba_4.i" +#endif +#if defined(TFM_SQR6) + #include "fp_sqr_comba_6.i" +#endif +#if defined(TFM_SQR7) + #include "fp_sqr_comba_7.i" +#endif +#if defined(TFM_SQR8) + #include "fp_sqr_comba_8.i" +#endif +#if defined(TFM_SQR9) + #include "fp_sqr_comba_9.i" +#endif +#if defined(TFM_SQR12) + #include "fp_sqr_comba_12.i" +#endif +#if defined(TFM_SQR17) + #include "fp_sqr_comba_17.i" +#endif +#if defined(TFM_SQR20) + #include "fp_sqr_comba_20.i" +#endif +#if defined(TFM_SQR24) + #include "fp_sqr_comba_24.i" +#endif +#if defined(TFM_SQR28) + #include "fp_sqr_comba_28.i" +#endif +#if defined(TFM_SQR32) + #include "fp_sqr_comba_32.i" +#endif +#if defined(TFM_SQR48) + #include "fp_sqr_comba_48.i" +#endif +#if defined(TFM_SQR64) + #include "fp_sqr_comba_64.i" #endif /* end fp_sqr_comba.c asm */ @@ -1059,13 +1130,13 @@ asm( \ /* this should multiply i and j */ #define MULADD(i, j) \ -asm( \ +__asm__( \ "movl %6,%%eax \n\t" \ "mull %7 \n\t" \ "addl %%eax,%0 \n\t" \ "adcl %%edx,%1 \n\t" \ "adcl $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx","%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%edx","cc"); #elif defined(TFM_X86_64) /* x86-64 optimized */ @@ -1094,13 +1165,13 @@ asm( \ /* this should multiply i and j */ #define MULADD(i, j) \ -asm ( \ +__asm__ ( \ "movq %6,%%rax \n\t" \ "mulq %7 \n\t" \ "addq %%rax,%0 \n\t" \ "adcq %%rdx,%1 \n\t" \ "adcq $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) :"%rax","%rdx","%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "g"(i), "g"(j) :"%rax","%rdx","cc"); #elif defined(TFM_SSE2) /* use SSE2 optimizations */ @@ -1126,11 +1197,11 @@ asm ( \ /* anything you need at the end */ #define COMBA_FINI \ - asm("emms"); + __asm__("emms"); /* this should multiply i and j */ #define MULADD(i, j) \ -asm( \ +__asm__( \ "movd %6,%%mm0 \n\t" \ "movd %7,%%mm1 \n\t" \ "pmuludq %%mm1,%%mm0\n\t" \ @@ -1140,7 +1211,7 @@ asm( \ "movd %%mm0,%%eax \n\t" \ "adcl %%eax,%1 \n\t" \ "adcl $0,%2 \n\t" \ - :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","%cc"); + :"=r"(c0), "=r"(c1), "=r"(c2): "0"(c0), "1"(c1), "2"(c2), "m"(i), "m"(j) :"%eax","cc"); #elif defined(TFM_ARM) /* ARM code */ @@ -1162,12 +1233,12 @@ asm( \ #define COMBA_FINI #define MULADD(i, j) \ -asm( \ +__asm__( \ " UMULL r0,r1,%6,%7 \n\t" \ " ADDS %0,%0,r0 \n\t" \ " ADCS %1,%1,r1 \n\t" \ " ADC %2,%2,#0 \n\t" \ -:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "%cc"); +:"=r"(c0), "=r"(c1), "=r"(c2) : "0"(c0), "1"(c1), "2"(c2), "r"(i), "r"(j) : "r0", "r1", "cc"); #elif defined(TFM_PPC32) /* For 32-bit PPC */ @@ -1190,7 +1261,7 @@ asm( \ /* untested: will mulhwu change the flags? Docs say no */ #define MULADD(i, j) \ -asm( \ +__asm__( \ " mullw 16,%6,%7 \n\t" \ " addc %0,%0,16 \n\t" \ " mulhwu 16,%6,%7 \n\t" \ @@ -1219,7 +1290,7 @@ asm( \ /* untested: will mulhwu change the flags? Docs say no */ #define MULADD(i, j) \ -asm( \ +____asm__( \ " mulld 16,%6,%7 \n\t" \ " addc %0,%0,16 \n\t" \ " mulhdu 16,%6,%7 \n\t" \ @@ -1248,7 +1319,7 @@ asm( \ #define COMBA_FINI #define MULADD(i, j) \ -asm( \ +____asm__( \ " mulu.d r2,%6,%7 \n\t"\ " add %0,r2 \n\t"\ " adc %1,%1,r3 \n\t"\ @@ -1274,31 +1345,61 @@ asm( \ #define COMBA_FINI -#define MULADD(i, j) \ - do { fp_word t; \ - t = (fp_word)c0 + ((fp_word)i) * ((fp_word)j); c0 = t; \ - t = (fp_word)c1 + (t >> DIGIT_BIT); c1 = t; c2 += t >> DIGIT_BIT; \ +#define MULADD(i, j) \ + do { fp_word t; \ + t = (fp_word)c0 + ((fp_word)i) * ((fp_word)j); c0 = (fp_digit)t; \ + t = (fp_word)c1 + (t >> DIGIT_BIT); \ + c1 = (fp_digit)t; c2 += (fp_digit)(t >> DIGIT_BIT); \ } while (0); #endif #ifdef TFM_SMALL_SET -#include "fp_mul_comba_small_set.i" -#include "fp_mul_comba_3.i" -#include "fp_mul_comba_4.i" -#include "fp_mul_comba_6.i" -#include "fp_mul_comba_7.i" -#include "fp_mul_comba_8.i" -#include "fp_mul_comba_9.i" -#include "fp_mul_comba_12.i" -#include "fp_mul_comba_17.i" -#include "fp_mul_comba_20.i" -#include "fp_mul_comba_24.i" -#include "fp_mul_comba_28.i" -#include "fp_mul_comba_32.i" -#include "fp_mul_comba_48.i" -#include "fp_mul_comba_64.i" + #include "fp_mul_comba_small_set.i" +#endif + +#if defined(TFM_MUL3) + #include "fp_mul_comba_3.i" +#endif +#if defined(TFM_MUL4) + #include "fp_mul_comba_4.i" +#endif +#if defined(TFM_MUL6) + #include "fp_mul_comba_6.i" +#endif +#if defined(TFM_MUL7) + #include "fp_mul_comba_7.i" +#endif +#if defined(TFM_MUL8) + #include "fp_mul_comba_8.i" +#endif +#if defined(TFM_MUL9) + #include "fp_mul_comba_9.i" +#endif +#if defined(TFM_MUL12) + #include "fp_mul_comba_12.i" +#endif +#if defined(TFM_MUL17) + #include "fp_mul_comba_17.i" +#endif +#if defined(TFM_MUL20) + #include "fp_mul_comba_20.i" +#endif +#if defined(TFM_MUL24) + #include "fp_mul_comba_24.i" +#endif +#if defined(TFM_MUL28) + #include "fp_mul_comba_28.i" +#endif +#if defined(TFM_MUL32) + #include "fp_mul_comba_32.i" +#endif +#if defined(TFM_MUL48) + #include "fp_mul_comba_48.i" +#endif +#if defined(TFM_MUL64) + #include "fp_mul_comba_64.i" #endif /* end fp_mul_comba.c asm */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asn.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asn.c index 87ece4bf4..6d2d962e1 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asn.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/asn.c @@ -1,6 +1,6 @@ /* asn.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,39 +16,54 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif -#ifdef THREADX +#include + +#ifndef NO_ASN + +#ifdef HAVE_RTP_SYS #include "os.h" /* dc_rtc_api needs */ #include "dc_rtc_api.h" /* to get current time */ #endif +#include #include #include -#include -#include #include -#include +#include +#include #include #include -#include -#include #include + #include + +#ifndef NO_RC4 + #include +#endif + #ifdef HAVE_NTRU - #include "crypto_ntru.h" + #include "ntru_crypto.h" #endif #ifdef HAVE_ECC #include #endif +#ifdef CYASSL_DEBUG_ENCODING + #ifdef FREESCALE_MQX + #include + #else + #include + #endif +#endif #ifdef _MSC_VER /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */ @@ -57,24 +72,14 @@ #ifndef TRUE -enum { - FALSE = 0, - TRUE = 1 -}; + #define TRUE 1 +#endif +#ifndef FALSE + #define FALSE 0 #endif -#ifndef min - - static INLINE word32 min(word32 a, word32 b) - { - return a > b ? b : a; - } - -#endif /* min */ - - -#ifdef THREADX +#ifdef HAVE_RTP_SYS /* uses parital structures */ #define XTIME(tl) (0) #define XGMTIME(c) my_gmtime((c)) @@ -87,17 +92,68 @@ enum { #endif #define NO_TIME_H /* since Micrium not defining XTIME or XGMTIME, CERT_GEN not available */ +#elif defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP) + #include + #define XTIME(t1) pic32_time((t1)) + #define XGMTIME(c) gmtime((c)) + #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) +#elif defined(FREESCALE_MQX) + #include + #define XTIME(t1) mqx_time((t1)) + #define XGMTIME(c) gmtime((c)) + #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) +#elif defined(CYASSL_MDK_ARM) + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #else + #include + #endif + #undef RNG + #include "cyassl_MDK_ARM.h" + #undef RNG + #define RNG CyaSSL_RNG /*for avoiding name conflict in "stm32f2xx.h" */ + #define XTIME(tl) (0) + #define XGMTIME(c) Cyassl_MDK_gmtime((c)) + #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) #elif defined(USER_TIME) - /* no structures used */ - #define NO_TIME_H /* user time, and gmtime compatible functions, there is a gmtime implementation here that WINCE uses, so really just need some ticks since the EPOCH */ + + struct tm { + int tm_sec; /* seconds after the minute [0-60] */ + int tm_min; /* minutes after the hour [0-59] */ + int tm_hour; /* hours since midnight [0-23] */ + int tm_mday; /* day of the month [1-31] */ + int tm_mon; /* months since January [0-11] */ + int tm_year; /* years since 1900 */ + int tm_wday; /* days since Sunday [0-6] */ + int tm_yday; /* days since January 1 [0-365] */ + int tm_isdst; /* Daylight Savings Time flag */ + long tm_gmtoff; /* offset from CUT in seconds */ + char *tm_zone; /* timezone abbreviation */ + }; + typedef long time_t; + + /* forward declaration */ + struct tm* gmtime(const time_t* timer); + extern time_t XTIME(time_t * timer); + + #define XGMTIME(c) gmtime((c)) + #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) + + #ifdef STACK_TRAP + /* for stack trap tracking, don't call os gmtime on OS X/linux, + uses a lot of stack spce */ + extern time_t time(time_t * timer); + #define XTIME(tl) time((tl)) + #endif /* STACK_TRAP */ + #else /* default */ /* uses complete facility */ - #include + #include #define XTIME(tl) time((tl)) #define XGMTIME(c) gmtime((c)) #define XVALIDATE_DATE(d, f, t) ValidateDate((d), (f), (t)) @@ -133,7 +189,8 @@ time_t time(time_t* timer) return *timer; } - +#endif /* _WIN32_WCE */ +#if defined( _WIN32_WCE ) || defined( USER_TIME ) struct tm* gmtime(const time_t* timer) { @@ -151,17 +208,17 @@ struct tm* gmtime(const time_t* timer) static struct tm st_time; struct tm* ret = &st_time; - time_t time = *timer; + time_t secs = *timer; unsigned long dayclock, dayno; int year = EPOCH_YEAR; - dayclock = (unsigned long)time % SECS_DAY; - dayno = (unsigned long)time / SECS_DAY; + dayclock = (unsigned long)secs % SECS_DAY; + dayno = (unsigned long)secs / SECS_DAY; - ret->tm_sec = dayclock % 60; - ret->tm_min = (dayclock % 3600) / 60; - ret->tm_hour = dayclock / 3600; - ret->tm_wday = (dayno + 4) % 7; /* day 0 a Thursday */ + ret->tm_sec = (int) dayclock % 60; + ret->tm_min = (int)(dayclock % 3600) / 60; + ret->tm_hour = (int) dayclock / 3600; + ret->tm_wday = (int) (dayno + 4) % 7; /* day 0 a Thursday */ while(dayno >= (unsigned long)YEARSIZE(year)) { dayno -= YEARSIZE(year); @@ -169,7 +226,7 @@ struct tm* gmtime(const time_t* timer) } ret->tm_year = year - YEAR0; - ret->tm_yday = dayno; + ret->tm_yday = (int)dayno; ret->tm_mon = 0; while(dayno >= (unsigned long)_ytab[LEAPYEAR(year)][ret->tm_mon]) { @@ -177,16 +234,16 @@ struct tm* gmtime(const time_t* timer) ret->tm_mon++; } - ret->tm_mday = ++dayno; + ret->tm_mday = (int)++dayno; ret->tm_isdst = 0; return ret; } -#endif /* _WIN32_WCE */ +#endif /* _WIN32_WCE || USER_TIME */ -#ifdef THREADX +#ifdef HAVE_RTP_SYS #define YEAR0 1900 @@ -208,7 +265,57 @@ struct tm* my_gmtime(const time_t* timer) /* has a gmtime() but hangs */ return ret; } -#endif /* THREADX */ +#endif /* HAVE_RTP_SYS */ + + +#if defined(MICROCHIP_TCPIP_V5) || defined(MICROCHIP_TCPIP) + +/* + * time() is just a stub in Microchip libraries. We need our own + * implementation. Use SNTP client to get seconds since epoch. + */ +time_t pic32_time(time_t* timer) +{ +#ifdef MICROCHIP_TCPIP_V5 + DWORD sec = 0; +#else + uint32_t sec = 0; +#endif + time_t localTime; + + if (timer == NULL) + timer = &localTime; + +#ifdef MICROCHIP_MPLAB_HARMONY + sec = TCPIP_SNTP_UTCSecondsGet(); +#else + sec = SNTPGetUTCSeconds(); +#endif + *timer = (time_t) sec; + + return *timer; +} + +#endif /* MICROCHIP_TCPIP */ + + +#ifdef FREESCALE_MQX + +time_t mqx_time(time_t* timer) +{ + time_t localTime; + TIME_STRUCT time_s; + + if (timer == NULL) + timer = &localTime; + + _time_get(&time_s); + *timer = (time_t) time_s.SECONDS; + + return *timer; +} + +#endif /* FREESCALE_MQX */ static INLINE word32 btoi(byte b) @@ -288,8 +395,8 @@ CPU_INT32S NetSecure_ValidateDateHandler(CPU_INT08U *date, CPU_INT08U format, #endif /* MICRIUM */ -static int GetLength(const byte* input, word32* inOutIdx, int* len, - word32 maxIdx) +CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx) { int length = 0; word32 i = *inOutIdx; @@ -329,8 +436,8 @@ static int GetLength(const byte* input, word32* inOutIdx, int* len, } -static int GetSequence(const byte* input, word32* inOutIdx, int* len, - word32 maxIdx) +CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx) { int length = -1; word32 idx = *inOutIdx; @@ -346,7 +453,8 @@ static int GetSequence(const byte* input, word32* inOutIdx, int* len, } -static int GetSet(const byte* input, word32* inOutIdx, int* len, word32 maxIdx) +CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx) { int length = -1; word32 idx = *inOutIdx; @@ -363,7 +471,7 @@ static int GetSet(const byte* input, word32* inOutIdx, int* len, word32 maxIdx) /* winodws header clash for WinCE using GetVersion */ -static int GetMyVersion(const byte* input, word32* inOutIdx, int* version) +CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx, int* version) { word32 idx = *inOutIdx; @@ -382,6 +490,7 @@ static int GetMyVersion(const byte* input, word32* inOutIdx, int* version) } +#ifndef NO_PWDBASED /* Get small count integer, 32 bits or less */ static int GetShortInt(const byte* input, word32* inOutIdx, int* number) { @@ -405,6 +514,7 @@ static int GetShortInt(const byte* input, word32* inOutIdx, int* number) return *number; } +#endif /* !NO_PWDBASED */ /* May not have one, not an error */ @@ -425,7 +535,7 @@ static int GetExplicitVersion(const byte* input, word32* inOutIdx, int* version) } -static int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, +CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, word32 maxIdx) { word32 i = *inOutIdx; @@ -443,7 +553,9 @@ static int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, else i--; - mp_init(mpi); + if (mp_init(mpi) != MP_OKAY) + return MP_INIT_E; + if (mp_read_unsigned_bin(mpi, (byte*)input + i, length) != 0) { mp_clear(mpi); return ASN_GETINT_E; @@ -479,7 +591,7 @@ static int GetObjectId(const byte* input, word32* inOutIdx, word32* oid, } -static int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, +CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, word32 maxIdx) { int length; @@ -499,8 +611,11 @@ static int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, if (GetLength(input, &i, &length, maxIdx) < 0) return ASN_PARSE_E; - while(length--) - *oid += input[i++]; + while(length--) { + /* odd HC08 compiler behavior here when input[i++] */ + *oid += input[i]; + i++; + } /* just sum it up for now */ /* could have NULL tag and 0 terminator, but may not */ @@ -508,7 +623,7 @@ static int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, if (b == ASN_TAG_NULL) { b = input[i++]; - if (b != 0) + if (b != 0) return ASN_EXPECT_0_E; } else @@ -520,12 +635,80 @@ static int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, return 0; } +#ifndef NO_RSA + + +#ifdef HAVE_CAVIUM + +static int GetCaviumInt(byte** buff, word16* buffSz, const byte* input, + word32* inOutIdx, word32 maxIdx, void* heap) +{ + word32 i = *inOutIdx; + byte b = input[i++]; + int length; + + if (b != ASN_INTEGER) + return ASN_PARSE_E; + + if (GetLength(input, &i, &length, maxIdx) < 0) + return ASN_PARSE_E; + + if ( (b = input[i++]) == 0x00) + length--; + else + i--; + + *buffSz = (word16)length; + *buff = XMALLOC(*buffSz, heap, DYNAMIC_TYPE_CAVIUM_RSA); + if (*buff == NULL) + return MEMORY_E; + + XMEMCPY(*buff, input + i, *buffSz); + + *inOutIdx = i + length; + return 0; +} + +static int CaviumRsaPrivateKeyDecode(const byte* input, word32* inOutIdx, + RsaKey* key, word32 inSz) +{ + int version, length; + void* h = key->heap; + + if (GetSequence(input, inOutIdx, &length, inSz) < 0) + return ASN_PARSE_E; + + if (GetMyVersion(input, inOutIdx, &version) < 0) + return ASN_PARSE_E; + + key->type = RSA_PRIVATE; + + if (GetCaviumInt(&key->c_n, &key->c_nSz, input, inOutIdx, inSz, h) < 0 || + GetCaviumInt(&key->c_e, &key->c_eSz, input, inOutIdx, inSz, h) < 0 || + GetCaviumInt(&key->c_d, &key->c_dSz, input, inOutIdx, inSz, h) < 0 || + GetCaviumInt(&key->c_p, &key->c_pSz, input, inOutIdx, inSz, h) < 0 || + GetCaviumInt(&key->c_q, &key->c_qSz, input, inOutIdx, inSz, h) < 0 || + GetCaviumInt(&key->c_dP, &key->c_dP_Sz, input, inOutIdx, inSz, h) < 0 || + GetCaviumInt(&key->c_dQ, &key->c_dQ_Sz, input, inOutIdx, inSz, h) < 0 || + GetCaviumInt(&key->c_u, &key->c_uSz, input, inOutIdx, inSz, h) < 0 ) + return ASN_RSA_KEY_E; + + return 0; +} + + +#endif /* HAVE_CAVIUM */ int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, word32 inSz) { int version, length; +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) + return CaviumRsaPrivateKeyDecode(input, inOutIdx, key, inSz); +#endif + if (GetSequence(input, inOutIdx, &length, inSz) < 0) return ASN_PARSE_E; @@ -546,6 +729,7 @@ int RsaPrivateKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, return 0; } +#endif /* NO_RSA */ /* Remove PKCS8 header, move beginning of traditional to beginning of input */ int ToTraditional(byte* input, word32 sz) @@ -578,7 +762,7 @@ int ToTraditional(byte* input, word32 sz) XMEMMOVE(input, input + inOutIdx, length); - return 0; + return length; } @@ -651,11 +835,15 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, int saltSz, int iterations, int id, byte* input, int length, int version, byte* cbcIv) { - byte key[MAX_KEY_SIZE]; - int typeH; - int derivedLen; - int decryptionType; - int ret = 0; + int typeH; + int derivedLen; + int decryptionType; + int ret = 0; +#ifdef CYASSL_SMALL_STACK + byte* key; +#else + byte key[MAX_KEY_SIZE]; +#endif switch (id) { case PBE_MD5_DES: @@ -686,6 +874,12 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, return ALGO_ID_E; } +#ifdef CYASSL_SMALL_STACK + key = (byte*)XMALLOC(MAX_KEY_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (key == NULL) + return MEMORY_E; +#endif + if (version == PKCS5v2) ret = PBKDF2(key, (byte*)password, passwordSz, salt, saltSz, iterations, derivedLen, typeH); @@ -696,8 +890,12 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, int i, idx = 0; byte unicodePasswd[MAX_UNICODE_SZ]; - if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) + if ( (passwordSz * 2 + 2) > (int)sizeof(unicodePasswd)) { +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return UNICODE_SIZE_E; + } for (i = 0; i < passwordSz; i++) { unicodePasswd[idx++] = 0x00; @@ -713,9 +911,19 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, ret += PKCS12_PBKDF(cbcIv, unicodePasswd, idx, salt, saltSz, iterations, 8, typeH, 2); } + else { +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ALGO_ID_E; + } - if (ret != 0) + if (ret != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ret; + } switch (decryptionType) { #ifndef NO_DES3 @@ -726,7 +934,15 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, if (version == PKCS5v2 || version == PKCS12) desIv = cbcIv; - Des_SetKey(&dec, key, desIv, DES_DECRYPTION); + + ret = Des_SetKey(&dec, key, desIv, DES_DECRYPTION); + if (ret != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + Des_CbcDecrypt(&dec, input, input, length); break; } @@ -738,11 +954,24 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, if (version == PKCS5v2 || version == PKCS12) desIv = cbcIv; - Des3_SetKey(&dec, key, desIv, DES_DECRYPTION); - Des3_CbcDecrypt(&dec, input, input, length); + ret = Des3_SetKey(&dec, key, desIv, DES_DECRYPTION); + if (ret != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + ret = Des3_CbcDecrypt(&dec, input, input, length); + if (ret != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } break; } #endif +#ifndef NO_RC4 case RC4_TYPE: { Arc4 dec; @@ -751,11 +980,19 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, Arc4Process(&dec, input, input, length); break; } +#endif default: +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ALGO_ID_E; } +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return 0; } @@ -765,10 +1002,15 @@ static int DecryptKey(const char* password, int passwordSz, byte* salt, int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz) { word32 inOutIdx = 0, oid; - int first, second, length, iterations, saltSz, id; - int version; + int first, second, length, version, saltSz, id; + int iterations = 0; +#ifdef CYASSL_SMALL_STACK + byte* salt = NULL; + byte* cbcIv = NULL; +#else byte salt[MAX_SALT_SIZE]; byte cbcIv[MAX_IV_SIZE]; +#endif if (GetSequence(input, &inOutIdx, &length, sz) < 0) return ASN_PARSE_E; @@ -806,39 +1048,97 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz) if (saltSz > MAX_SALT_SIZE) return ASN_PARSE_E; +#ifdef CYASSL_SMALL_STACK + salt = (byte*)XMALLOC(MAX_SALT_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (salt == NULL) + return MEMORY_E; +#endif + XMEMCPY(salt, &input[inOutIdx], saltSz); inOutIdx += saltSz; - if (GetShortInt(input, &inOutIdx, &iterations) < 0) + if (GetShortInt(input, &inOutIdx, &iterations) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_PARSE_E; + } + +#ifdef CYASSL_SMALL_STACK + cbcIv = (byte*)XMALLOC(MAX_IV_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (cbcIv == NULL) { + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif if (version == PKCS5v2) { /* get encryption algo */ - if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0) + if (GetAlgoId(input, &inOutIdx, &oid, sz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_PARSE_E; + } - if (CheckAlgoV2(oid, &id) < 0) + if (CheckAlgoV2(oid, &id) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_PARSE_E; /* PKCS v2 algo id error */ + } - if (input[inOutIdx++] != ASN_OCTET_STRING) + if (input[inOutIdx++] != ASN_OCTET_STRING) { +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_PARSE_E; + } - if (GetLength(input, &inOutIdx, &length, sz) < 0) + if (GetLength(input, &inOutIdx, &length, sz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_PARSE_E; + } XMEMCPY(cbcIv, &input[inOutIdx], length); inOutIdx += length; } - if (input[inOutIdx++] != ASN_OCTET_STRING) + if (input[inOutIdx++] != ASN_OCTET_STRING) { +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_PARSE_E; - - if (GetLength(input, &inOutIdx, &length, sz) < 0) + } + + if (GetLength(input, &inOutIdx, &length, sz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_PARSE_E; + } if (DecryptKey(password, passwordSz, salt, saltSz, iterations, id, - input + inOutIdx, length, version, cbcIv) < 0) + input + inOutIdx, length, version, cbcIv) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_INPUT_E; /* decrypt failure */ + } + +#ifdef CYASSL_SMALL_STACK + XFREE(salt, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(cbcIv, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif XMEMMOVE(input, input + inOutIdx, length); return ToTraditional(input, length); @@ -846,6 +1146,7 @@ int ToTraditionalEnc(byte* input, word32 sz,const char* password,int passwordSz) #endif /* NO_PWDBASED */ +#ifndef NO_RSA int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, word32 inSz) @@ -857,7 +1158,7 @@ int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, key->type = RSA_PUBLIC; -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(RSA_DECODE_EXTRA) { byte b = input[*inOutIdx]; if (b != ASN_INTEGER) { @@ -911,6 +1212,7 @@ int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey* key, return 0; } +#endif #ifndef NO_DH @@ -929,6 +1231,9 @@ int DhKeyDecode(const byte* input, word32* inOutIdx, DhKey* key, word32 inSz) int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz) { + if (key == NULL || p == NULL || g == NULL || pSz == 0 || gSz == 0) + return BAD_FUNC_ARG; + /* may have leading 0 */ if (p[0] == 0) { pSz--; p++; @@ -938,14 +1243,19 @@ int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz) gSz--; g++; } - mp_init(&key->p); + if (mp_init(&key->p) != MP_OKAY) + return MP_INIT_E; if (mp_read_unsigned_bin(&key->p, p, pSz) != 0) { mp_clear(&key->p); return ASN_DH_KEY_E; } - mp_init(&key->g); + if (mp_init(&key->g) != MP_OKAY) { + mp_clear(&key->p); + return MP_INIT_E; + } if (mp_read_unsigned_bin(&key->g, g, gSz) != 0) { + mp_clear(&key->g); mp_clear(&key->p); return ASN_DH_KEY_E; } @@ -954,8 +1264,6 @@ int DhSetKey(DhKey* key, const byte* p, word32 pSz, const byte* g, word32 gSz) } -#ifdef OPENSSL_EXTRA - int DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz, byte* g, word32* gInOutSz) { @@ -1004,7 +1312,6 @@ int DhParamsLoad(const byte* input, word32 inSz, byte* p, word32* pInOutSz, return 0; } -#endif /* OPENSSL_EXTRA */ #endif /* NO_DH */ @@ -1055,12 +1362,20 @@ int DsaPrivateKeyDecode(const byte* input, word32* inOutIdx, DsaKey* key, void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) { cert->publicKey = 0; + cert->pubKeySize = 0; cert->pubKeyStored = 0; + cert->version = 0; cert->signature = 0; cert->subjectCN = 0; cert->subjectCNLen = 0; + cert->subjectCNEnc = CTC_UTF8; cert->subjectCNStored = 0; cert->altNames = NULL; +#ifndef IGNORE_NAME_CONSTRAINTS + cert->altEmailNames = NULL; + cert->permittedNames = NULL; + cert->excludedNames = NULL; +#endif /* IGNORE_NAME_CONSTRAINTS */ cert->issuer[0] = '\0'; cert->subject[0] = '\0'; cert->source = source; /* don't own */ @@ -1076,27 +1391,84 @@ void InitDecodedCert(DecodedCert* cert, byte* source, word32 inSz, void* heap) cert->extAuthInfoSz = 0; cert->extCrlInfo = NULL; cert->extCrlInfoSz = 0; + XMEMSET(cert->extSubjKeyId, 0, SHA_SIZE); + cert->extSubjKeyIdSet = 0; + XMEMSET(cert->extAuthKeyId, 0, SHA_SIZE); + cert->extAuthKeyIdSet = 0; + cert->extKeyUsageSet = 0; + cert->extKeyUsage = 0; + cert->extExtKeyUsageSet = 0; + cert->extExtKeyUsage = 0; cert->isCA = 0; +#ifdef HAVE_PKCS7 + cert->issuerRaw = NULL; + cert->issuerRawLen = 0; +#endif #ifdef CYASSL_CERT_GEN cert->subjectSN = 0; cert->subjectSNLen = 0; + cert->subjectSNEnc = CTC_UTF8; cert->subjectC = 0; cert->subjectCLen = 0; + cert->subjectCEnc = CTC_PRINTABLE; cert->subjectL = 0; cert->subjectLLen = 0; + cert->subjectLEnc = CTC_UTF8; cert->subjectST = 0; cert->subjectSTLen = 0; + cert->subjectSTEnc = CTC_UTF8; cert->subjectO = 0; cert->subjectOLen = 0; + cert->subjectOEnc = CTC_UTF8; cert->subjectOU = 0; cert->subjectOULen = 0; + cert->subjectOUEnc = CTC_UTF8; cert->subjectEmail = 0; cert->subjectEmailLen = 0; - cert->beforeDate = 0; +#endif /* CYASSL_CERT_GEN */ + cert->beforeDate = NULL; cert->beforeDateLen = 0; - cert->afterDate = 0; + cert->afterDate = NULL; cert->afterDateLen = 0; -#endif /* CYASSL_CERT_GEN */ +#ifdef OPENSSL_EXTRA + XMEMSET(&cert->issuerName, 0, sizeof(DecodedName)); + XMEMSET(&cert->subjectName, 0, sizeof(DecodedName)); + cert->extBasicConstSet = 0; + cert->extBasicConstCrit = 0; + cert->extBasicConstPlSet = 0; + cert->pathLength = 0; + cert->extSubjAltNameSet = 0; + cert->extSubjAltNameCrit = 0; + cert->extAuthKeyIdCrit = 0; + cert->extSubjKeyIdCrit = 0; + cert->extKeyUsageCrit = 0; + cert->extExtKeyUsageCrit = 0; + cert->extExtKeyUsageSrc = NULL; + cert->extExtKeyUsageSz = 0; + cert->extExtKeyUsageCount = 0; + cert->extAuthKeyIdSrc = NULL; + cert->extAuthKeyIdSz = 0; + cert->extSubjKeyIdSrc = NULL; + cert->extSubjKeyIdSz = 0; +#endif /* OPENSSL_EXTRA */ +#if defined(OPENSSL_EXTRA) || !defined(IGNORE_NAME_CONSTRAINTS) + cert->extNameConstraintSet = 0; +#endif /* OPENSSL_EXTRA || !IGNORE_NAME_CONSTRAINTS */ +#ifdef HAVE_ECC + cert->pkCurveOID = 0; +#endif /* HAVE_ECC */ +#ifdef CYASSL_SEP + cert->deviceTypeSz = 0; + cert->deviceType = NULL; + cert->hwTypeSz = 0; + cert->hwType = NULL; + cert->hwSerialNumSz = 0; + cert->hwSerialNum = NULL; + #ifdef OPENSSL_EXTRA + cert->extCertPolicySet = 0; + cert->extCertPolicyCrit = 0; + #endif /* OPENSSL_EXTRA */ +#endif /* CYASSL_SEP */ } @@ -1113,6 +1485,22 @@ void FreeAltNames(DNS_entry* altNames, void* heap) } } +#ifndef IGNORE_NAME_CONSTRAINTS + +void FreeNameSubtrees(Base_entry* names, void* heap) +{ + (void)heap; + + while (names) { + Base_entry* tmp = names->next; + + XFREE(names->name, heap, DYNAMIC_TYPE_ALTNAME); + XFREE(names, heap, DYNAMIC_TYPE_ALTNAME); + names = tmp; + } +} + +#endif /* IGNORE_NAME_CONSTRAINTS */ void FreeDecodedCert(DecodedCert* cert) { @@ -1122,14 +1510,38 @@ void FreeDecodedCert(DecodedCert* cert) XFREE(cert->publicKey, cert->heap, DYNAMIC_TYPE_PUBLIC_KEY); if (cert->altNames) FreeAltNames(cert->altNames, cert->heap); +#ifndef IGNORE_NAME_CONSTRAINTS + if (cert->altEmailNames) + FreeAltNames(cert->altEmailNames, cert->heap); + if (cert->permittedNames) + FreeNameSubtrees(cert->permittedNames, cert->heap); + if (cert->excludedNames) + FreeNameSubtrees(cert->excludedNames, cert->heap); +#endif /* IGNORE_NAME_CONSTRAINTS */ +#ifdef CYASSL_SEP + XFREE(cert->deviceType, cert->heap, 0); + XFREE(cert->hwType, cert->heap, 0); + XFREE(cert->hwSerialNum, cert->heap, 0); +#endif /* CYASSL_SEP */ +#ifdef OPENSSL_EXTRA + if (cert->issuerName.fullName != NULL) + XFREE(cert->issuerName.fullName, NULL, DYNAMIC_TYPE_X509); + if (cert->subjectName.fullName != NULL) + XFREE(cert->subjectName.fullName, NULL, DYNAMIC_TYPE_X509); +#endif /* OPENSSL_EXTRA */ } static int GetCertHeader(DecodedCert* cert) { - int ret = 0, version, len; - byte serialTmp[EXTERNAL_SERIAL_SIZE]; - mp_int mpi; + int ret = 0, len; + byte serialTmp[EXTERNAL_SERIAL_SIZE]; +#if defined(CYASSL_SMALL_STACK) && defined(USE_FAST_MATH) + mp_int* mpi = NULL; +#else + mp_int stack_mpi; + mp_int* mpi = &stack_mpi; +#endif if (GetSequence(cert->source, &cert->srcIdx, &len, cert->maxIdx) < 0) return ASN_PARSE_E; @@ -1140,39 +1552,52 @@ static int GetCertHeader(DecodedCert* cert) return ASN_PARSE_E; cert->sigIndex = len + cert->srcIdx; - if (GetExplicitVersion(cert->source, &cert->srcIdx, &version) < 0) + if (GetExplicitVersion(cert->source, &cert->srcIdx, &cert->version) < 0) return ASN_PARSE_E; - if (GetInt(&mpi, cert->source, &cert->srcIdx, cert->maxIdx) < 0) +#if defined(CYASSL_SMALL_STACK) && defined(USE_FAST_MATH) + mpi = (mp_int*)XMALLOC(sizeof(mp_int), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (mpi == NULL) + return MEMORY_E; +#endif + + if (GetInt(mpi, cert->source, &cert->srcIdx, cert->maxIdx) < 0) { +#if defined(CYASSL_SMALL_STACK) && defined(USE_FAST_MATH) + XFREE(mpi, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return ASN_PARSE_E; + } - len = mp_unsigned_bin_size(&mpi); + len = mp_unsigned_bin_size(mpi); if (len < (int)sizeof(serialTmp)) { - if (mp_to_unsigned_bin(&mpi, serialTmp) == MP_OKAY) { - if (len > EXTERNAL_SERIAL_SIZE) - len = EXTERNAL_SERIAL_SIZE; + if ( (ret = mp_to_unsigned_bin(mpi, serialTmp)) == MP_OKAY) { XMEMCPY(cert->serial, serialTmp, len); cert->serialSz = len; } } - mp_clear(&mpi); + mp_clear(mpi); + +#if defined(CYASSL_SMALL_STACK) && defined(USE_FAST_MATH) + XFREE(mpi, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; } - +#if !defined(NO_RSA) /* Store Rsa Key, may save later, Dsa could use in future */ static int StoreRsaKey(DecodedCert* cert) { int length; - word32 read = cert->srcIdx; + word32 recvd = cert->srcIdx; if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) return ASN_PARSE_E; - read = cert->srcIdx - read; - length += read; + recvd = cert->srcIdx - recvd; + length += recvd; - while (read--) + while (recvd--) cert->srcIdx--; cert->pubKeySize = length; @@ -1181,6 +1606,7 @@ static int StoreRsaKey(DecodedCert* cert) return 0; } +#endif #ifdef HAVE_ECC @@ -1207,116 +1633,158 @@ static int GetKey(DecodedCert* cert) if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) return ASN_PARSE_E; - + if (GetAlgoId(cert->source, &cert->srcIdx, &cert->keyOID, cert->maxIdx) < 0) return ASN_PARSE_E; - if (cert->keyOID == RSAk) { - byte b = cert->source[cert->srcIdx++]; - if (b != ASN_BIT_STRING) - return ASN_BITSTR_E; + switch (cert->keyOID) { + #ifndef NO_RSA + case RSAk: + { + byte b = cert->source[cert->srcIdx++]; + if (b != ASN_BIT_STRING) + return ASN_BITSTR_E; - if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) - return ASN_PARSE_E; - b = cert->source[cert->srcIdx++]; - if (b != 0x00) - return ASN_EXPECT_0_E; - } - else if (cert->keyOID == DSAk ) - ; /* do nothing */ -#ifdef HAVE_NTRU - else if (cert->keyOID == NTRUk ) { - const byte* key = &cert->source[tmpIdx]; - byte* next = (byte*)key; - word16 keyLen; - byte keyBlob[MAX_NTRU_KEY_SZ]; + if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0) + return ASN_PARSE_E; + b = cert->source[cert->srcIdx++]; + if (b != 0x00) + return ASN_EXPECT_0_E; + + return StoreRsaKey(cert); + } - word32 rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key, - &keyLen, NULL, &next); + #endif /* NO_RSA */ + #ifdef HAVE_NTRU + case NTRUk: + { + const byte* key = &cert->source[tmpIdx]; + byte* next = (byte*)key; + word16 keyLen; + word32 rc; + word32 remaining = cert->maxIdx - cert->srcIdx; +#ifdef CYASSL_SMALL_STACK + byte* keyBlob = NULL; +#else + byte keyBlob[MAX_NTRU_KEY_SZ]; +#endif + rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key, + &keyLen, NULL, &next, &remaining); + if (rc != NTRU_OK) + return ASN_NTRU_KEY_E; + if (keyLen > MAX_NTRU_KEY_SZ) + return ASN_NTRU_KEY_E; + +#ifdef CYASSL_SMALL_STACK + keyBlob = (byte*)XMALLOC(MAX_NTRU_KEY_SZ, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (keyBlob == NULL) + return MEMORY_E; +#endif - if (rc != NTRU_OK) - return ASN_NTRU_KEY_E; - if (keyLen > sizeof(keyBlob)) - return ASN_NTRU_KEY_E; + rc = ntru_crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key, + &keyLen, keyBlob, &next, &remaining); + if (rc != NTRU_OK) { +#ifdef CYASSL_SMALL_STACK + XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_NTRU_KEY_E; + } - rc = crypto_ntru_encrypt_subjectPublicKeyInfo2PublicKey(key, &keyLen, - keyBlob, &next); - if (rc != NTRU_OK) - return ASN_NTRU_KEY_E; + if ( (next - key) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_NTRU_KEY_E; + } - if ( (next - key) < 0) - return ASN_NTRU_KEY_E; + cert->srcIdx = tmpIdx + (int)(next - key); - cert->srcIdx = tmpIdx + (next - key); + cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + if (cert->publicKey == NULL) { +#ifdef CYASSL_SMALL_STACK + XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return MEMORY_E; + } + XMEMCPY(cert->publicKey, keyBlob, keyLen); + cert->pubKeyStored = 1; + cert->pubKeySize = keyLen; - cert->publicKey = (byte*) XMALLOC(keyLen, cert->heap, - DYNAMIC_TYPE_PUBLIC_KEY); - if (cert->publicKey == NULL) - return MEMORY_E; - XMEMCPY(cert->publicKey, keyBlob, keyLen); - cert->pubKeyStored = 1; - cert->pubKeySize = keyLen; - } -#endif /* HAVE_NTRU */ -#ifdef HAVE_ECC - else if (cert->keyOID == ECDSAk ) { - word32 oid = 0; - int oidSz = 0; - byte b = cert->source[cert->srcIdx++]; - - if (b != ASN_OBJECT_ID) - return ASN_OBJECT_ID_E; +#ifdef CYASSL_SMALL_STACK + XFREE(keyBlob, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif - if (GetLength(cert->source, &cert->srcIdx, &oidSz, cert->maxIdx) < 0) - return ASN_PARSE_E; + return 0; + } + #endif /* HAVE_NTRU */ + #ifdef HAVE_ECC + case ECDSAk: + { + int oidSz = 0; + byte b = cert->source[cert->srcIdx++]; + + if (b != ASN_OBJECT_ID) + return ASN_OBJECT_ID_E; - while(oidSz--) - oid += cert->source[cert->srcIdx++]; - if (CheckCurve(oid) < 0) - return ECC_CURVE_OID_E; + if (GetLength(cert->source,&cert->srcIdx,&oidSz,cert->maxIdx) < 0) + return ASN_PARSE_E; - /* key header */ - b = cert->source[cert->srcIdx++]; - if (b != ASN_BIT_STRING) - return ASN_BITSTR_E; + while(oidSz--) + cert->pkCurveOID += cert->source[cert->srcIdx++]; - if (GetLength(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) - return ASN_PARSE_E; - b = cert->source[cert->srcIdx++]; - if (b != 0x00) - return ASN_EXPECT_0_E; + if (CheckCurve(cert->pkCurveOID) < 0) + return ECC_CURVE_OID_E; - /* actual key, use length - 1 since ate preceding 0 */ - length -= 1; + /* key header */ + b = cert->source[cert->srcIdx++]; + if (b != ASN_BIT_STRING) + return ASN_BITSTR_E; - cert->publicKey = (byte*) XMALLOC(length, cert->heap, - DYNAMIC_TYPE_PUBLIC_KEY); - if (cert->publicKey == NULL) - return MEMORY_E; - XMEMCPY(cert->publicKey, &cert->source[cert->srcIdx], length); - cert->pubKeyStored = 1; - cert->pubKeySize = length; + if (GetLength(cert->source,&cert->srcIdx,&length,cert->maxIdx) < 0) + return ASN_PARSE_E; + b = cert->source[cert->srcIdx++]; + if (b != 0x00) + return ASN_EXPECT_0_E; - cert->srcIdx += length; + /* actual key, use length - 1 since ate preceding 0 */ + length -= 1; + + cert->publicKey = (byte*) XMALLOC(length, cert->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + if (cert->publicKey == NULL) + return MEMORY_E; + XMEMCPY(cert->publicKey, &cert->source[cert->srcIdx], length); + cert->pubKeyStored = 1; + cert->pubKeySize = length; + + cert->srcIdx += length; + + return 0; + } + #endif /* HAVE_ECC */ + default: + return ASN_UNKNOWN_OID_E; } -#endif /* HAVE_ECC */ - else - return ASN_UNKNOWN_OID_E; - - if (cert->keyOID == RSAk) - return StoreRsaKey(cert); - return 0; } /* process NAME, either issuer or subject */ static int GetName(DecodedCert* cert, int nameType) { - Sha sha; + Sha sha; /* MUST have SHA-1 hash for cert names */ int length; /* length of all distinguished names */ int dummy; + int ret; char* full = (nameType == ISSUER) ? cert->issuer : cert->subject; word32 idx; + #ifdef OPENSSL_EXTRA + DecodedName* dName = + (nameType == ISSUER) ? &cert->issuerName : &cert->subjectName; + #endif /* OPENSSL_EXTRA */ + + CYASSL_MSG("Getting Cert Name"); if (cert->source[cert->srcIdx] == ASN_OBJECT_ID) { CYASSL_MSG("Trying optional prefix..."); @@ -1335,7 +1803,9 @@ static int GetName(DecodedCert* cert, int nameType) if (GetSequence(cert->source, &cert->srcIdx, &length, cert->maxIdx) < 0) return ASN_PARSE_E; - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + return ret; ShaUpdate(&sha, &cert->source[idx], length + cert->srcIdx - idx); if (nameType == ISSUER) ShaFinal(&sha, cert->issuerHash); @@ -1345,13 +1815,27 @@ static int GetName(DecodedCert* cert, int nameType) length += cert->srcIdx; idx = 0; +#ifdef HAVE_PKCS7 + /* store pointer to raw issuer */ + if (nameType == ISSUER) { + cert->issuerRaw = &cert->source[cert->srcIdx]; + cert->issuerRawLen = length - cert->srcIdx; + } +#endif +#ifndef IGNORE_NAME_CONSTRAINTS + if (nameType == SUBJECT) { + cert->subjectRaw = &cert->source[cert->srcIdx]; + cert->subjectRawLen = length - cert->srcIdx; + } +#endif + while (cert->srcIdx < (word32)length) { byte b; byte joint[2]; + byte tooBig = FALSE; int oidSz; if (GetSet(cert->source, &cert->srcIdx, &dummy, cert->maxIdx) < 0) { - (void)b; /* empty body warning w/o messages enabled */ CYASSL_MSG("Cert name lacks set header, trying sequence"); } @@ -1375,96 +1859,156 @@ static int GetName(DecodedCert* cert, int nameType) cert->srcIdx += 2; id = cert->source[cert->srcIdx++]; - b = cert->source[cert->srcIdx++]; /* strType */ + b = cert->source[cert->srcIdx++]; /* encoding */ if (GetLength(cert->source, &cert->srcIdx, &strLen, cert->maxIdx) < 0) return ASN_PARSE_E; - if (strLen > (int)(ASN_NAME_MAX - idx)) - return ASN_PARSE_E; - - if (4 > (ASN_NAME_MAX - idx)) /* make sure room for biggest */ - return ASN_PARSE_E; /* pre fix header too "/CN=" */ + if ( (strLen + 14) > (int)(ASN_NAME_MAX - idx)) { + /* include biggest pre fix header too 4 = "/serialNumber=" */ + CYASSL_MSG("ASN Name too big, skipping"); + tooBig = TRUE; + } if (id == ASN_COMMON_NAME) { if (nameType == SUBJECT) { cert->subjectCN = (char *)&cert->source[cert->srcIdx]; cert->subjectCNLen = strLen; + cert->subjectCNEnc = b; } - XMEMCPY(&full[idx], "/CN=", 4); - idx += 4; - copy = TRUE; + if (!tooBig) { + XMEMCPY(&full[idx], "/CN=", 4); + idx += 4; + copy = TRUE; + } + #ifdef OPENSSL_EXTRA + dName->cnIdx = cert->srcIdx; + dName->cnLen = strLen; + #endif /* OPENSSL_EXTRA */ } else if (id == ASN_SUR_NAME) { - XMEMCPY(&full[idx], "/SN=", 4); - idx += 4; - copy = TRUE; -#ifdef CYASSL_CERT_GEN - if (nameType == SUBJECT) { - cert->subjectSN = (char*)&cert->source[cert->srcIdx]; - cert->subjectSNLen = strLen; + if (!tooBig) { + XMEMCPY(&full[idx], "/SN=", 4); + idx += 4; + copy = TRUE; } -#endif /* CYASSL_CERT_GEN */ + #ifdef CYASSL_CERT_GEN + if (nameType == SUBJECT) { + cert->subjectSN = (char*)&cert->source[cert->srcIdx]; + cert->subjectSNLen = strLen; + cert->subjectSNEnc = b; + } + #endif /* CYASSL_CERT_GEN */ + #ifdef OPENSSL_EXTRA + dName->snIdx = cert->srcIdx; + dName->snLen = strLen; + #endif /* OPENSSL_EXTRA */ } else if (id == ASN_COUNTRY_NAME) { - XMEMCPY(&full[idx], "/C=", 3); - idx += 3; - copy = TRUE; -#ifdef CYASSL_CERT_GEN - if (nameType == SUBJECT) { - cert->subjectC = (char*)&cert->source[cert->srcIdx]; - cert->subjectCLen = strLen; + if (!tooBig) { + XMEMCPY(&full[idx], "/C=", 3); + idx += 3; + copy = TRUE; } -#endif /* CYASSL_CERT_GEN */ + #ifdef CYASSL_CERT_GEN + if (nameType == SUBJECT) { + cert->subjectC = (char*)&cert->source[cert->srcIdx]; + cert->subjectCLen = strLen; + cert->subjectCEnc = b; + } + #endif /* CYASSL_CERT_GEN */ + #ifdef OPENSSL_EXTRA + dName->cIdx = cert->srcIdx; + dName->cLen = strLen; + #endif /* OPENSSL_EXTRA */ } else if (id == ASN_LOCALITY_NAME) { - XMEMCPY(&full[idx], "/L=", 3); - idx += 3; - copy = TRUE; -#ifdef CYASSL_CERT_GEN - if (nameType == SUBJECT) { - cert->subjectL = (char*)&cert->source[cert->srcIdx]; - cert->subjectLLen = strLen; + if (!tooBig) { + XMEMCPY(&full[idx], "/L=", 3); + idx += 3; + copy = TRUE; } -#endif /* CYASSL_CERT_GEN */ + #ifdef CYASSL_CERT_GEN + if (nameType == SUBJECT) { + cert->subjectL = (char*)&cert->source[cert->srcIdx]; + cert->subjectLLen = strLen; + cert->subjectLEnc = b; + } + #endif /* CYASSL_CERT_GEN */ + #ifdef OPENSSL_EXTRA + dName->lIdx = cert->srcIdx; + dName->lLen = strLen; + #endif /* OPENSSL_EXTRA */ } else if (id == ASN_STATE_NAME) { - XMEMCPY(&full[idx], "/ST=", 4); - idx += 4; - copy = TRUE; -#ifdef CYASSL_CERT_GEN - if (nameType == SUBJECT) { - cert->subjectST = (char*)&cert->source[cert->srcIdx]; - cert->subjectSTLen = strLen; + if (!tooBig) { + XMEMCPY(&full[idx], "/ST=", 4); + idx += 4; + copy = TRUE; } -#endif /* CYASSL_CERT_GEN */ + #ifdef CYASSL_CERT_GEN + if (nameType == SUBJECT) { + cert->subjectST = (char*)&cert->source[cert->srcIdx]; + cert->subjectSTLen = strLen; + cert->subjectSTEnc = b; + } + #endif /* CYASSL_CERT_GEN */ + #ifdef OPENSSL_EXTRA + dName->stIdx = cert->srcIdx; + dName->stLen = strLen; + #endif /* OPENSSL_EXTRA */ } else if (id == ASN_ORG_NAME) { - XMEMCPY(&full[idx], "/O=", 3); - idx += 3; - copy = TRUE; -#ifdef CYASSL_CERT_GEN - if (nameType == SUBJECT) { - cert->subjectO = (char*)&cert->source[cert->srcIdx]; - cert->subjectOLen = strLen; + if (!tooBig) { + XMEMCPY(&full[idx], "/O=", 3); + idx += 3; + copy = TRUE; } -#endif /* CYASSL_CERT_GEN */ + #ifdef CYASSL_CERT_GEN + if (nameType == SUBJECT) { + cert->subjectO = (char*)&cert->source[cert->srcIdx]; + cert->subjectOLen = strLen; + cert->subjectOEnc = b; + } + #endif /* CYASSL_CERT_GEN */ + #ifdef OPENSSL_EXTRA + dName->oIdx = cert->srcIdx; + dName->oLen = strLen; + #endif /* OPENSSL_EXTRA */ } else if (id == ASN_ORGUNIT_NAME) { - XMEMCPY(&full[idx], "/OU=", 4); - idx += 4; - copy = TRUE; -#ifdef CYASSL_CERT_GEN - if (nameType == SUBJECT) { - cert->subjectOU = (char*)&cert->source[cert->srcIdx]; - cert->subjectOULen = strLen; + if (!tooBig) { + XMEMCPY(&full[idx], "/OU=", 4); + idx += 4; + copy = TRUE; } -#endif /* CYASSL_CERT_GEN */ + #ifdef CYASSL_CERT_GEN + if (nameType == SUBJECT) { + cert->subjectOU = (char*)&cert->source[cert->srcIdx]; + cert->subjectOULen = strLen; + cert->subjectOUEnc = b; + } + #endif /* CYASSL_CERT_GEN */ + #ifdef OPENSSL_EXTRA + dName->ouIdx = cert->srcIdx; + dName->ouLen = strLen; + #endif /* OPENSSL_EXTRA */ + } + else if (id == ASN_SERIAL_NUMBER) { + if (!tooBig) { + XMEMCPY(&full[idx], "/serialNumber=", 14); + idx += 14; + copy = TRUE; + } + #ifdef OPENSSL_EXTRA + dName->snIdx = cert->srcIdx; + dName->snLen = strLen; + #endif /* OPENSSL_EXTRA */ } - if (copy) { + if (copy && !tooBig) { XMEMCPY(&full[idx], &cert->source[cert->srcIdx], strLen); idx += strLen; } @@ -1488,34 +2032,77 @@ static int GetName(DecodedCert* cert, int nameType) if (GetLength(cert->source, &cert->srcIdx, &adv, cert->maxIdx) < 0) return ASN_PARSE_E; - if (adv > (int)(ASN_NAME_MAX - idx)) - return ASN_PARSE_E; + if (adv > (int)(ASN_NAME_MAX - idx)) { + CYASSL_MSG("ASN name too big, skipping"); + tooBig = TRUE; + } if (email) { - if (14 > (ASN_NAME_MAX - idx)) - return ASN_PARSE_E; - XMEMCPY(&full[idx], "/emailAddress=", 14); - idx += 14; - -#ifdef CYASSL_CERT_GEN - if (nameType == SUBJECT) { - cert->subjectEmail = (char*)&cert->source[cert->srcIdx]; - cert->subjectEmailLen = adv; + if ( (14 + adv) > (int)(ASN_NAME_MAX - idx)) { + CYASSL_MSG("ASN name too big, skipping"); + tooBig = TRUE; + } + if (!tooBig) { + XMEMCPY(&full[idx], "/emailAddress=", 14); + idx += 14; } -#endif /* CYASSL_CERT_GEN */ - XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv); - idx += adv; + #ifdef CYASSL_CERT_GEN + if (nameType == SUBJECT) { + cert->subjectEmail = (char*)&cert->source[cert->srcIdx]; + cert->subjectEmailLen = adv; + } + #endif /* CYASSL_CERT_GEN */ + #ifdef OPENSSL_EXTRA + dName->emailIdx = cert->srcIdx; + dName->emailLen = adv; + #endif /* OPENSSL_EXTRA */ + #ifndef IGNORE_NAME_CONSTRAINTS + { + DNS_entry* emailName = NULL; + + emailName = (DNS_entry*)XMALLOC(sizeof(DNS_entry), + cert->heap, DYNAMIC_TYPE_ALTNAME); + if (emailName == NULL) { + CYASSL_MSG("\tOut of Memory"); + return MEMORY_E; + } + emailName->name = (char*)XMALLOC(adv + 1, + cert->heap, DYNAMIC_TYPE_ALTNAME); + if (emailName->name == NULL) { + CYASSL_MSG("\tOut of Memory"); + return MEMORY_E; + } + XMEMCPY(emailName->name, + &cert->source[cert->srcIdx], adv); + emailName->name[adv] = 0; + + emailName->next = cert->altEmailNames; + cert->altEmailNames = emailName; + } + #endif /* IGNORE_NAME_CONSTRAINTS */ + if (!tooBig) { + XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv); + idx += adv; + } } if (uid) { - if (5 > (ASN_NAME_MAX - idx)) - return ASN_PARSE_E; - XMEMCPY(&full[idx], "/UID=", 5); - idx += 5; + if ( (5 + adv) > (int)(ASN_NAME_MAX - idx)) { + CYASSL_MSG("ASN name too big, skipping"); + tooBig = TRUE; + } + if (!tooBig) { + XMEMCPY(&full[idx], "/UID=", 5); + idx += 5; - XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv); - idx += adv; + XMEMCPY(&full[idx], &cert->source[cert->srcIdx], adv); + idx += adv; + } + #ifdef OPENSSL_EXTRA + dName->uidIdx = cert->srcIdx; + dName->uidLen = adv; + #endif /* OPENSSL_EXTRA */ } cert->srcIdx += adv; @@ -1523,6 +2110,131 @@ static int GetName(DecodedCert* cert, int nameType) } full[idx++] = 0; + #ifdef OPENSSL_EXTRA + { + int totalLen = 0; + + if (dName->cnLen != 0) + totalLen += dName->cnLen + 4; + if (dName->snLen != 0) + totalLen += dName->snLen + 4; + if (dName->cLen != 0) + totalLen += dName->cLen + 3; + if (dName->lLen != 0) + totalLen += dName->lLen + 3; + if (dName->stLen != 0) + totalLen += dName->stLen + 4; + if (dName->oLen != 0) + totalLen += dName->oLen + 3; + if (dName->ouLen != 0) + totalLen += dName->ouLen + 4; + if (dName->emailLen != 0) + totalLen += dName->emailLen + 14; + if (dName->uidLen != 0) + totalLen += dName->uidLen + 5; + if (dName->serialLen != 0) + totalLen += dName->serialLen + 14; + + dName->fullName = (char*)XMALLOC(totalLen + 1, NULL, DYNAMIC_TYPE_X509); + if (dName->fullName != NULL) { + idx = 0; + + if (dName->cnLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/CN=", 4); + idx += 4; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->cnIdx], dName->cnLen); + dName->cnIdx = idx; + idx += dName->cnLen; + } + if (dName->snLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/SN=", 4); + idx += 4; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->snIdx], dName->snLen); + dName->snIdx = idx; + idx += dName->snLen; + } + if (dName->cLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/C=", 3); + idx += 3; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->cIdx], dName->cLen); + dName->cIdx = idx; + idx += dName->cLen; + } + if (dName->lLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/L=", 3); + idx += 3; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->lIdx], dName->lLen); + dName->lIdx = idx; + idx += dName->lLen; + } + if (dName->stLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/ST=", 4); + idx += 4; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->stIdx], dName->stLen); + dName->stIdx = idx; + idx += dName->stLen; + } + if (dName->oLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/O=", 3); + idx += 3; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->oIdx], dName->oLen); + dName->oIdx = idx; + idx += dName->oLen; + } + if (dName->ouLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/OU=", 4); + idx += 4; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->ouIdx], dName->ouLen); + dName->ouIdx = idx; + idx += dName->ouLen; + } + if (dName->emailLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/emailAddress=", 14); + idx += 14; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->emailIdx], dName->emailLen); + dName->emailIdx = idx; + idx += dName->emailLen; + } + if (dName->uidLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/UID=", 5); + idx += 5; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->uidIdx], dName->uidLen); + dName->uidIdx = idx; + idx += dName->uidLen; + } + if (dName->serialLen != 0) { + dName->entryCount++; + XMEMCPY(&dName->fullName[idx], "/serialNumber=", 14); + idx += 14; + XMEMCPY(&dName->fullName[idx], + &cert->source[dName->serialIdx], dName->serialLen); + dName->serialIdx = idx; + idx += dName->serialLen; + } + dName->fullName[idx] = '\0'; + dName->fullNameLen = totalLen; + } + } + #endif /* OPENSSL_EXTRA */ + return 0; } @@ -1562,7 +2274,7 @@ static int DateGreaterThan(const struct tm* a, const struct tm* b) static INLINE int DateLessThan(const struct tm* a, const struct tm* b) { - return !DateGreaterThan(a,b); + return DateGreaterThan(b,a); } @@ -1595,8 +2307,8 @@ int ValidateDate(const byte* date, byte format, int dateType) GetTime(&certTime.tm_hour, date, &i); GetTime(&certTime.tm_min, date, &i); GetTime(&certTime.tm_sec, date, &i); - - if (date[i] != 'Z') { /* only Zulu supported for this profile */ + + if (date[i] != 'Z') { /* only Zulu supported for this profile */ CYASSL_MSG("Only Zulu time supported for this profile"); return 0; } @@ -1622,15 +2334,13 @@ static int GetDate(DecodedCert* cert, int dateType) int length; byte date[MAX_DATE_SIZE]; byte b; - -#ifdef CYASSL_CERT_GEN word32 startIdx = 0; + if (dateType == BEFORE) cert->beforeDate = &cert->source[cert->srcIdx]; else cert->afterDate = &cert->source[cert->srcIdx]; startIdx = cert->srcIdx; -#endif b = cert->source[cert->srcIdx++]; if (b != ASN_UTC_TIME && b != ASN_GENERALIZED_TIME) @@ -1645,12 +2355,10 @@ static int GetDate(DecodedCert* cert, int dateType) XMEMCPY(date, &cert->source[cert->srcIdx], length); cert->srcIdx += length; -#ifdef CYASSL_CERT_GEN if (dateType == BEFORE) cert->beforeDateLen = cert->srcIdx - startIdx; else cert->afterDateLen = cert->srcIdx - startIdx; -#endif if (!XVALIDATE_DATE(date, b, dateType)) { if (dateType == BEFORE) @@ -1692,10 +2400,14 @@ int DecodeToKey(DecodedCert* cert, int verify) if ( (ret = GetCertHeader(cert)) < 0) return ret; + CYASSL_MSG("Got Cert Header"); + if ( (ret = GetAlgoId(cert->source, &cert->srcIdx, &cert->signatureOID, cert->maxIdx)) < 0) return ret; + CYASSL_MSG("Got Algo ID"); + if ( (ret = GetName(cert, ISSUER)) < 0) return ret; @@ -1705,9 +2417,13 @@ int DecodeToKey(DecodedCert* cert, int verify) if ( (ret = GetName(cert, SUBJECT)) < 0) return ret; + CYASSL_MSG("Got Subject Name"); + if ( (ret = GetKey(cert)) < 0) return ret; + CYASSL_MSG("Got Key"); + if (badDate != 0) return badDate; @@ -1754,14 +2470,14 @@ static word32 BytePrecision(word32 value) { word32 i; for (i = sizeof(value); i; --i) - if (value >> (i - 1) * 8) + if (value >> ((i - 1) * CYASSL_BIT_SIZE)) break; return i; } -static word32 SetLength(word32 length, byte* output) +CYASSL_LOCAL word32 SetLength(word32 length, byte* output) { word32 i = 0, j; @@ -1771,7 +2487,7 @@ static word32 SetLength(word32 length, byte* output) output[i++] = (byte)(BytePrecision(length) | ASN_LONG_LENGTH); for (j = BytePrecision(length); j; --j) { - output[i] = (byte)(length >> (j - 1) * 8); + output[i] = (byte)(length >> ((j - 1) * CYASSL_BIT_SIZE)); i++; } } @@ -1780,14 +2496,114 @@ static word32 SetLength(word32 length, byte* output) } -static word32 SetSequence(word32 len, byte* output) +CYASSL_LOCAL word32 SetSequence(word32 len, byte* output) { output[0] = ASN_SEQUENCE | ASN_CONSTRUCTED; return SetLength(len, output + 1) + 1; } +CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output) +{ + output[0] = ASN_OCTET_STRING; + return SetLength(len, output + 1) + 1; +} + +/* Write a set header to output */ +CYASSL_LOCAL word32 SetSet(word32 len, byte* output) +{ + output[0] = ASN_SET | ASN_CONSTRUCTED; + return SetLength(len, output + 1) + 1; +} + +CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len, byte* output) +{ + + output[0] = ((tag == ASN_SEQUENCE || tag == ASN_SET) ? ASN_CONSTRUCTED : 0) + | ASN_CONTEXT_SPECIFIC | number; + return SetLength(len, output + 1) + 1; +} + +CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output) +{ + output[0] = ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | number; + return SetLength(len, output + 1) + 1; +} + + +#if defined(HAVE_ECC) && defined(CYASSL_CERT_GEN) + +static word32 SetCurve(ecc_key* key, byte* output) +{ + + /* curve types */ + static const byte ECC_192v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x03, 0x01, 0x01}; + static const byte ECC_256v1_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x03, 0x01, 0x07}; + static const byte ECC_160r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, + 0x02}; + static const byte ECC_224r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, + 0x21}; + static const byte ECC_384r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, + 0x22}; + static const byte ECC_521r1_AlgoID[] = { 0x2b, 0x81, 0x04, 0x00, + 0x23}; + + int oidSz = 0; + int idx = 0; + int lenSz = 0; + const byte* oid = 0; + + output[0] = ASN_OBJECT_ID; + idx++; + + switch (key->dp->size) { + case 20: + oidSz = sizeof(ECC_160r1_AlgoID); + oid = ECC_160r1_AlgoID; + break; + + case 24: + oidSz = sizeof(ECC_192v1_AlgoID); + oid = ECC_192v1_AlgoID; + break; + + case 28: + oidSz = sizeof(ECC_224r1_AlgoID); + oid = ECC_224r1_AlgoID; + break; + + case 32: + oidSz = sizeof(ECC_256v1_AlgoID); + oid = ECC_256v1_AlgoID; + break; + + case 48: + oidSz = sizeof(ECC_384r1_AlgoID); + oid = ECC_384r1_AlgoID; + break; + + case 66: + oidSz = sizeof(ECC_521r1_AlgoID); + oid = ECC_521r1_AlgoID; + break; + + default: + return ASN_UNKNOWN_OID_E; + } + lenSz = SetLength(oidSz, output+idx); + idx += lenSz; + + XMEMCPY(output+idx, oid, oidSz); + idx += oidSz; + + return idx; +} + +#endif /* HAVE_ECC && CYASSL_CERT_GEN */ -static word32 SetAlgoID(int algoOID, byte* output, int type) + +CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz) { /* adding TAG_NULL and 0 to end */ @@ -1804,21 +2620,53 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) 0x02, 0x05, 0x05, 0x00 }; static const byte md2AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x02, 0x02, 0x05, 0x00}; - /* sigTypes */ - static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x04, 0x05, 0x00}; - static const byte shawRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x05, 0x05, 0x00}; - static const byte sha256wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, + + /* blkTypes, no NULL tags because IV is there instead */ + static const byte desCbcAlgoID[] = { 0x2B, 0x0E, 0x03, 0x02, 0x07 }; + static const byte des3CbcAlgoID[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x03, 0x07 }; + + /* RSA sigTypes */ + #ifndef NO_RSA + static const byte md5wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, + 0x0d, 0x01, 0x01, 0x04, 0x05, 0x00}; + static const byte shawRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, + 0x0d, 0x01, 0x01, 0x05, 0x05, 0x00}; + static const byte sha256wRSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0b, 0x05, 0x00}; - static const byte sha384wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, + static const byte sha384wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0c, 0x05, 0x00}; - static const byte sha512wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, + static const byte sha512wRSA_AlgoID[] = {0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x0d, 0x05, 0x00}; - /* keyTypes */ - static const byte RSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, - 0x01, 0x01, 0x01, 0x05, 0x00}; + #endif /* NO_RSA */ + + /* ECDSA sigTypes */ + #ifdef HAVE_ECC + static const byte shawECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x04, 0x01, 0x05, 0x00}; + static const byte sha256wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, + 0x04, 0x03, 0x02, 0x05, 0x00}; + static const byte sha384wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, + 0x04, 0x03, 0x03, 0x05, 0x00}; + static const byte sha512wECDSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE,0x3d, + 0x04, 0x03, 0x04, 0x05, 0x00}; + #endif /* HAVE_ECC */ + + /* RSA keyType */ + #ifndef NO_RSA + static const byte RSA_AlgoID[] = { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, + 0x01, 0x01, 0x01, 0x05, 0x00}; + #endif /* NO_RSA */ + + #ifdef HAVE_ECC + /* ECC keyType */ + /* no tags, so set tagSz smaller later */ + static const byte ECC_AlgoID[] = { 0x2a, 0x86, 0x48, 0xCE, 0x3d, + 0x02, 0x01}; + #endif /* HAVE_ECC */ + int algoSz = 0; + int tagSz = 2; /* tag null and terminator */ word32 idSz, seqSz; const byte* algoName = 0; byte ID_Length[MAX_LENGTH_SZ]; @@ -1861,33 +2709,72 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) return 0; /* UNKOWN_HASH_E; */ } } - else if (type == sigType) { /* sigType */ + else if (type == blkType) { switch (algoOID) { - case CTC_MD5wRSA: - algoSz = sizeof(md5wRSA_AlgoID); - algoName = md5wRSA_AlgoID; + case DESb: + algoSz = sizeof(desCbcAlgoID); + algoName = desCbcAlgoID; + tagSz = 0; break; - - case CTC_SHAwRSA: - algoSz = sizeof(shawRSA_AlgoID); - algoName = shawRSA_AlgoID; + case DES3b: + algoSz = sizeof(des3CbcAlgoID); + algoName = des3CbcAlgoID; + tagSz = 0; break; + default: + CYASSL_MSG("Unknown Block Algo"); + return 0; + } + } + else if (type == sigType) { /* sigType */ + switch (algoOID) { + #ifndef NO_RSA + case CTC_MD5wRSA: + algoSz = sizeof(md5wRSA_AlgoID); + algoName = md5wRSA_AlgoID; + break; - case CTC_SHA256wRSA: - algoSz = sizeof(sha256wRSA_AlgoID); - algoName = sha256wRSA_AlgoID; - break; + case CTC_SHAwRSA: + algoSz = sizeof(shawRSA_AlgoID); + algoName = shawRSA_AlgoID; + break; - case CTC_SHA384wRSA: - algoSz = sizeof(sha384wRSA_AlgoID); - algoName = sha384wRSA_AlgoID; - break; + case CTC_SHA256wRSA: + algoSz = sizeof(sha256wRSA_AlgoID); + algoName = sha256wRSA_AlgoID; + break; - case CTC_SHA512wRSA: - algoSz = sizeof(sha512wRSA_AlgoID); - algoName = sha512wRSA_AlgoID; - break; + case CTC_SHA384wRSA: + algoSz = sizeof(sha384wRSA_AlgoID); + algoName = sha384wRSA_AlgoID; + break; + + case CTC_SHA512wRSA: + algoSz = sizeof(sha512wRSA_AlgoID); + algoName = sha512wRSA_AlgoID; + break; + #endif /* NO_RSA */ + #ifdef HAVE_ECC + case CTC_SHAwECDSA: + algoSz = sizeof(shawECDSA_AlgoID); + algoName = shawECDSA_AlgoID; + break; + + case CTC_SHA256wECDSA: + algoSz = sizeof(sha256wECDSA_AlgoID); + algoName = sha256wECDSA_AlgoID; + break; + + case CTC_SHA384wECDSA: + algoSz = sizeof(sha384wECDSA_AlgoID); + algoName = sha384wECDSA_AlgoID; + break; + case CTC_SHA512wECDSA: + algoSz = sizeof(sha512wECDSA_AlgoID); + algoName = sha512wECDSA_AlgoID; + break; + #endif /* HAVE_ECC */ default: CYASSL_MSG("Unknown Signature Algo"); return 0; @@ -1895,11 +2782,19 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) } else if (type == keyType) { /* keyType */ switch (algoOID) { - case RSAk: - algoSz = sizeof(RSA_AlgoID); - algoName = RSA_AlgoID; - break; - + #ifndef NO_RSA + case RSAk: + algoSz = sizeof(RSA_AlgoID); + algoName = RSA_AlgoID; + break; + #endif /* NO_RSA */ + #ifdef HAVE_ECC + case ECDSAk: + algoSz = sizeof(ECC_AlgoID); + algoName = ECC_AlgoID; + tagSz = 0; + break; + #endif /* HAVE_ECC */ default: CYASSL_MSG("Unknown Key Algo"); return 0; @@ -1910,8 +2805,9 @@ static word32 SetAlgoID(int algoOID, byte* output, int type) return 0; } - idSz = SetLength(algoSz - 2, ID_Length); /* don't include TAG_NULL/0 */ - seqSz = SetSequence(idSz + algoSz + 1, seqArray); + idSz = SetLength(algoSz - tagSz, ID_Length); /* don't include tags */ + seqSz = SetSequence(idSz + algoSz + 1 + curveSz, seqArray); + /* +1 for object id, curveID of curveSz follows for ecc */ seqArray[seqSz++] = ASN_OBJECT_ID; XMEMCPY(output, seqArray, seqSz); @@ -1931,7 +2827,7 @@ word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID) word32 encDigSz, algoSz, seqSz; encDigSz = SetDigest(digest, digSz, digArray); - algoSz = SetAlgoID(hashOID, algoArray, hashType); + algoSz = SetAlgoID(hashOID, algoArray, hashType, 0); seqSz = SetSequence(encDigSz + algoSz, seqArray); XMEMCPY(out, seqArray, seqSz); @@ -1940,177 +2836,423 @@ word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID) return encDigSz + algoSz + seqSz; } - -#include -/* return true (1) for Confirmation */ + + +/* return true (1) or false (0) for Confirmation */ static int ConfirmSignature(const byte* buf, word32 bufSz, const byte* key, word32 keySz, word32 keyOID, const byte* sig, word32 sigSz, word32 sigOID, void* heap) { -#ifdef CYASSL_SHA512 - byte digest[SHA512_DIGEST_SIZE]; /* max size */ -#elif !defined(NO_SHA256) - byte digest[SHA256_DIGEST_SIZE]; /* max size */ + int typeH = 0, digestSz = 0, ret = 0; +#ifdef CYASSL_SMALL_STACK + byte* digest; #else - byte digest[SHA_DIGEST_SIZE]; /* max size */ -#endif - int typeH, digestSz, ret; - - if (sigOID == CTC_MD5wRSA) { - Md5 md5; - InitMd5(&md5); - Md5Update(&md5, buf, bufSz); - Md5Final(&md5, digest); - typeH = MD5h; - digestSz = MD5_DIGEST_SIZE; - } -#ifdef CYASSL_MD2 - else if (sigOID == CTC_MD2wRSA) { - Md2 md2; - InitMd2(&md2); - Md2Update(&md2, buf, bufSz); - Md2Final(&md2, digest); - typeH = MD2h; - digestSz = MD2_DIGEST_SIZE; - } -#endif - else if (sigOID == CTC_SHAwRSA || - sigOID == CTC_SHAwDSA || - sigOID == CTC_SHAwECDSA) { - Sha sha; - InitSha(&sha); - ShaUpdate(&sha, buf, bufSz); - ShaFinal(&sha, digest); - typeH = SHAh; - digestSz = SHA_DIGEST_SIZE; - } -#ifndef NO_SHA256 - else if (sigOID == CTC_SHA256wRSA || - sigOID == CTC_SHA256wECDSA) { - Sha256 sha256; - InitSha256(&sha256); - Sha256Update(&sha256, buf, bufSz); - Sha256Final(&sha256, digest); - typeH = SHA256h; - digestSz = SHA256_DIGEST_SIZE; - } -#endif -#ifdef CYASSL_SHA512 - else if (sigOID == CTC_SHA512wRSA || - sigOID == CTC_SHA512wECDSA) { - Sha512 sha512; - InitSha512(&sha512); - Sha512Update(&sha512, buf, bufSz); - Sha512Final(&sha512, digest); - typeH = SHA512h; - digestSz = SHA512_DIGEST_SIZE; - } -#endif -#ifdef CYASSL_SHA384 - else if (sigOID == CTC_SHA384wRSA || - sigOID == CTC_SHA384wECDSA) { - Sha384 sha384; - InitSha384(&sha384); - Sha384Update(&sha384, buf, bufSz); - Sha384Final(&sha384, digest); - typeH = SHA384h; - digestSz = SHA384_DIGEST_SIZE; + byte digest[MAX_DIGEST_SIZE]; +#endif + +#ifdef CYASSL_SMALL_STACK + digest = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (digest == NULL) + return 0; /* not confirmed */ +#endif + + (void)key; + (void)keySz; + (void)sig; + (void)sigSz; + (void)heap; + + switch (sigOID) { + #ifndef NO_MD5 + case CTC_MD5wRSA: + if (Md5Hash(buf, bufSz, digest) == 0) { + typeH = MD5h; + digestSz = MD5_DIGEST_SIZE; + } + break; + #endif + #if defined(CYASSL_MD2) + case CTC_MD2wRSA: + if (Md2Hash(buf, bufSz, digest) == 0) { + typeH = MD2h; + digestSz = MD2_DIGEST_SIZE; + } + break; + #endif + #ifndef NO_SHA + case CTC_SHAwRSA: + case CTC_SHAwDSA: + case CTC_SHAwECDSA: + if (ShaHash(buf, bufSz, digest) == 0) { + typeH = SHAh; + digestSz = SHA_DIGEST_SIZE; + } + break; + #endif + #ifndef NO_SHA256 + case CTC_SHA256wRSA: + case CTC_SHA256wECDSA: + if (Sha256Hash(buf, bufSz, digest) == 0) { + typeH = SHA256h; + digestSz = SHA256_DIGEST_SIZE; + } + break; + #endif + #ifdef CYASSL_SHA512 + case CTC_SHA512wRSA: + case CTC_SHA512wECDSA: + if (Sha512Hash(buf, bufSz, digest) == 0) { + typeH = SHA512h; + digestSz = SHA512_DIGEST_SIZE; + } + break; + #endif + #ifdef CYASSL_SHA384 + case CTC_SHA384wRSA: + case CTC_SHA384wECDSA: + if (Sha384Hash(buf, bufSz, digest) == 0) { + typeH = SHA384h; + digestSz = SHA384_DIGEST_SIZE; + } + break; + #endif + default: + CYASSL_MSG("Verify Signautre has unsupported type"); } + + if (typeH == 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER); #endif - else { - CYASSL_MSG("Verify Signautre has unsupported type"); - return 0; + return 0; /* not confirmed */ } - if (keyOID == RSAk) { - RsaKey pubKey; - byte encodedSig[MAX_ENCODED_SIG_SZ]; - byte plain[MAX_ENCODED_SIG_SZ]; - word32 idx = 0; - int encodedSigSz, verifySz; - byte* out; + switch (keyOID) { + #ifndef NO_RSA + case RSAk: + { + word32 idx = 0; + int encodedSigSz, verifySz; + byte* out; +#ifdef CYASSL_SMALL_STACK + RsaKey* pubKey; + byte* plain; + byte* encodedSig; +#else + RsaKey pubKey[1]; + byte plain[MAX_ENCODED_SIG_SZ]; + byte encodedSig[MAX_ENCODED_SIG_SZ]; +#endif - if (sigSz > MAX_ENCODED_SIG_SZ) { - CYASSL_MSG("Verify Signautre is too big"); - return 0; - } +#ifdef CYASSL_SMALL_STACK + pubKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + plain = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + encodedSig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL, + DYNAMIC_TYPE_TMP_BUFFER); - InitRsaKey(&pubKey, heap); - if (RsaPublicKeyDecode(key, &idx, &pubKey, keySz) < 0) { - CYASSL_MSG("ASN Key decode error RSA"); - ret = 0; - } - else { - XMEMCPY(plain, sig, sigSz); - if ( (verifySz = RsaSSL_VerifyInline(plain, sigSz, &out, - &pubKey)) < 0) { - CYASSL_MSG("Rsa SSL verify error"); - ret = 0; + if (pubKey == NULL || plain == NULL || encodedSig == NULL) { + CYASSL_MSG("Failed to allocate memory at ConfirmSignature"); + + if (pubKey) + XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (plain) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (encodedSig) + XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + break; /* not confirmed */ + } +#endif + + if (sigSz > MAX_ENCODED_SIG_SZ) { + CYASSL_MSG("Verify Signautre is too big"); + } + else if (InitRsaKey(pubKey, heap) != 0) { + CYASSL_MSG("InitRsaKey failed"); + } + else if (RsaPublicKeyDecode(key, &idx, pubKey, keySz) < 0) { + CYASSL_MSG("ASN Key decode error RSA"); } else { - /* make sure we're right justified */ - encodedSigSz = + XMEMCPY(plain, sig, sigSz); + + if ((verifySz = RsaSSL_VerifyInline(plain, sigSz, &out, + pubKey)) < 0) { + CYASSL_MSG("Rsa SSL verify error"); + } + else { + /* make sure we're right justified */ + encodedSigSz = EncodeSignature(encodedSig, digest, digestSz, typeH); - if (encodedSigSz != verifySz || + if (encodedSigSz != verifySz || XMEMCMP(out, encodedSig, encodedSigSz) != 0) { - CYASSL_MSG("Rsa SSL verify match encode error"); - ret = 0; - } - else - ret = 1; /* match */ - -#ifdef CYASSL_DEBUG_ENCODING - { - int x; - printf("cyassl encodedSig:\n"); - for (x = 0; x < encodedSigSz; x++) { - printf("%02x ", encodedSig[x]); - if ( (x % 16) == 15) + CYASSL_MSG("Rsa SSL verify match encode error"); + } + else + ret = 1; /* match */ + + #ifdef CYASSL_DEBUG_ENCODING + { + int x; + + printf("cyassl encodedSig:\n"); + + for (x = 0; x < encodedSigSz; x++) { + printf("%02x ", encodedSig[x]); + if ( (x % 16) == 15) + printf("\n"); + } + printf("\n"); - } - printf("\n"); - printf("actual digest:\n"); - for (x = 0; x < verifySz; x++) { - printf("%02x ", out[x]); - if ( (x % 16) == 15) + printf("actual digest:\n"); + + for (x = 0; x < verifySz; x++) { + printf("%02x ", out[x]); + if ( (x % 16) == 15) + printf("\n"); + } + printf("\n"); + } + #endif /* CYASSL_DEBUG_ENCODING */ + } - printf("\n"); + + } + + FreeRsaKey(pubKey); + +#ifdef CYASSL_SMALL_STACK + XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(encodedSig, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + } + + #endif /* NO_RSA */ + #ifdef HAVE_ECC + case ECDSAk: + { + int verify = 0; +#ifdef CYASSL_SMALL_STACK + ecc_key* pubKey; +#else + ecc_key pubKey[1]; +#endif + +#ifdef CYASSL_SMALL_STACK + pubKey = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (pubKey == NULL) { + CYASSL_MSG("Failed to allocate pubKey"); + break; /* not confirmed */ + } +#endif + + if (ecc_import_x963(key, keySz, pubKey) < 0) { + CYASSL_MSG("ASN Key import error ECC"); + } + else { + if (ecc_verify_hash(sig, sigSz, digest, digestSz, &verify, + pubKey) != 0) { + CYASSL_MSG("ECC verify hash error"); } -#endif /* CYASSL_DEBUG_ENCODING */ + else if (1 != verify) { + CYASSL_MSG("ECC Verify didn't match"); + } else + ret = 1; /* match */ + + ecc_free(pubKey); } +#ifdef CYASSL_SMALL_STACK + XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif } - FreeRsaKey(&pubKey); - return ret; + #endif /* HAVE_ECC */ + default: + CYASSL_MSG("Verify Key type unknown"); } -#ifdef HAVE_ECC - else if (keyOID == ECDSAk) { - ecc_key pubKey; - int verify = 0; - - if (ecc_import_x963(key, keySz, &pubKey) < 0) { - CYASSL_MSG("ASN Key import error ECC"); - return 0; - } - ret = ecc_verify_hash(sig, sigSz, digest, digestSz, &verify, &pubKey); - ecc_free(&pubKey); - if (ret == 0 && verify == 1) - return 1; /* match */ +#ifdef CYASSL_SMALL_STACK + XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif - CYASSL_MSG("ECC Verify didn't match"); + return ret; +} + + +#ifndef IGNORE_NAME_CONSTRAINTS + +static int MatchBaseName(int type, const char* name, int nameSz, + const char* base, int baseSz) +{ + if (base == NULL || baseSz <= 0 || name == NULL || nameSz <= 0 || + name[0] == '.' || nameSz < baseSz || + (type != ASN_RFC822_TYPE && type != ASN_DNS_TYPE)) return 0; + + /* If an email type, handle special cases where the base is only + * a domain, or is an email address itself. */ + if (type == ASN_RFC822_TYPE) { + const char* p = NULL; + int count = 0; + + if (base[0] != '.') { + p = base; + count = 0; + + /* find the '@' in the base */ + while (*p != '@' && count < baseSz) { + count++; + p++; + } + + /* No '@' in base, reset p to NULL */ + if (count >= baseSz) + p = NULL; + } + + if (p == NULL) { + /* Base isn't an email address, it is a domain name, + * wind the name forward one character past its '@'. */ + p = name; + count = 0; + while (*p != '@' && count < baseSz) { + count++; + p++; + } + + if (count < baseSz && *p == '@') { + name = p + 1; + nameSz -= count + 1; + } + } } -#endif /* HAVE_ECC */ - else { - CYASSL_MSG("Verify Key type unknown"); + + if ((type == ASN_DNS_TYPE || type == ASN_RFC822_TYPE) && base[0] == '.') { + int szAdjust = nameSz - baseSz; + name += szAdjust; + nameSz -= szAdjust; + } + + while (nameSz > 0) { + if (XTOLOWER(*name++) != XTOLOWER(*base++)) + return 0; + nameSz--; + } + + return 1; +} + + +static int ConfirmNameConstraints(Signer* signer, DecodedCert* cert) +{ + if (signer == NULL || cert == NULL) return 0; + + /* Check against the excluded list */ + if (signer->excludedNames) { + Base_entry* base = signer->excludedNames; + + while (base != NULL) { + if (base->type == ASN_DNS_TYPE) { + DNS_entry* name = cert->altNames; + while (name != NULL) { + if (MatchBaseName(ASN_DNS_TYPE, + name->name, (int)XSTRLEN(name->name), + base->name, base->nameSz)) + return 0; + name = name->next; + } + } + else if (base->type == ASN_RFC822_TYPE) { + DNS_entry* name = cert->altEmailNames; + while (name != NULL) { + if (MatchBaseName(ASN_RFC822_TYPE, + name->name, (int)XSTRLEN(name->name), + base->name, base->nameSz)) + return 0; + + name = name->next; + } + } + else if (base->type == ASN_DIR_TYPE) { + if (cert->subjectRawLen == base->nameSz && + XMEMCMP(cert->subjectRaw, base->name, base->nameSz) == 0) { + + return 0; + } + } + base = base->next; + } + } + + /* Check against the permitted list */ + if (signer->permittedNames != NULL) { + int needDns = 0; + int matchDns = 0; + int needEmail = 0; + int matchEmail = 0; + int needDir = 0; + int matchDir = 0; + Base_entry* base = signer->permittedNames; + + while (base != NULL) { + if (base->type == ASN_DNS_TYPE) { + DNS_entry* name = cert->altNames; + + if (name != NULL) + needDns = 1; + + while (name != NULL) { + matchDns = MatchBaseName(ASN_DNS_TYPE, + name->name, (int)XSTRLEN(name->name), + base->name, base->nameSz); + name = name->next; + } + } + else if (base->type == ASN_RFC822_TYPE) { + DNS_entry* name = cert->altEmailNames; + + if (name != NULL) + needEmail = 1; + + while (name != NULL) { + matchEmail = MatchBaseName(ASN_DNS_TYPE, + name->name, (int)XSTRLEN(name->name), + base->name, base->nameSz); + name = name->next; + } + } + else if (base->type == ASN_DIR_TYPE) { + needDir = 1; + if (cert->subjectRaw != NULL && + cert->subjectRawLen == base->nameSz && + XMEMCMP(cert->subjectRaw, base->name, base->nameSz) == 0) { + + matchDir = 1; + } + } + base = base->next; + } + + if ((needDns && !matchDns) || (needEmail && !matchEmail) || + (needDir && !matchDir)) { + + return 0; + } } + + return 1; } +#endif /* IGNORE_NAME_CONSTRAINTS */ + -static void DecodeAltNames(byte* input, int sz, DecodedCert* cert) +static int DecodeAltNames(byte* input, int sz, DecodedCert* cert) { word32 idx = 0; int length = 0; @@ -2119,79 +3261,240 @@ static void DecodeAltNames(byte* input, int sz, DecodedCert* cert) if (GetSequence(input, &idx, &length, sz) < 0) { CYASSL_MSG("\tBad Sequence"); - return; + return ASN_PARSE_E; } while (length > 0) { - DNS_entry* entry; - int strLen; byte b = input[idx++]; length--; - if (b != (ASN_CONTEXT_SPECIFIC | ASN_DNS_TYPE)) { - CYASSL_MSG("\tNot DNS type"); - return; - } + /* Save DNS Type names in the altNames list. */ + /* Save Other Type names in the cert's OidMap */ + if (b == (ASN_CONTEXT_SPECIFIC | ASN_DNS_TYPE)) { + DNS_entry* dnsEntry; + int strLen; + word32 lenStartIdx = idx; - if (GetLength(input, &idx, &strLen, sz) < 0) { - CYASSL_MSG("\tfail: str length"); - return; - } + if (GetLength(input, &idx, &strLen, sz) < 0) { + CYASSL_MSG("\tfail: str length"); + return ASN_PARSE_E; + } + length -= (idx - lenStartIdx); + + dnsEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap, + DYNAMIC_TYPE_ALTNAME); + if (dnsEntry == NULL) { + CYASSL_MSG("\tOut of Memory"); + return ASN_PARSE_E; + } + + dnsEntry->name = (char*)XMALLOC(strLen + 1, cert->heap, + DYNAMIC_TYPE_ALTNAME); + if (dnsEntry->name == NULL) { + CYASSL_MSG("\tOut of Memory"); + XFREE(dnsEntry, cert->heap, DYNAMIC_TYPE_ALTNAME); + return ASN_PARSE_E; + } + + XMEMCPY(dnsEntry->name, &input[idx], strLen); + dnsEntry->name[strLen] = '\0'; - entry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap, - DYNAMIC_TYPE_ALTNAME); - if (entry == NULL) { - CYASSL_MSG("\tOut of Memory"); - return; + dnsEntry->next = cert->altNames; + cert->altNames = dnsEntry; + + length -= strLen; + idx += strLen; } +#ifndef IGNORE_NAME_CONSTRAINTS + else if (b == (ASN_CONTEXT_SPECIFIC | ASN_RFC822_TYPE)) { + DNS_entry* emailEntry; + int strLen; + word32 lenStartIdx = idx; + + if (GetLength(input, &idx, &strLen, sz) < 0) { + CYASSL_MSG("\tfail: str length"); + return ASN_PARSE_E; + } + length -= (idx - lenStartIdx); + + emailEntry = (DNS_entry*)XMALLOC(sizeof(DNS_entry), cert->heap, + DYNAMIC_TYPE_ALTNAME); + if (emailEntry == NULL) { + CYASSL_MSG("\tOut of Memory"); + return ASN_PARSE_E; + } + + emailEntry->name = (char*)XMALLOC(strLen + 1, cert->heap, + DYNAMIC_TYPE_ALTNAME); + if (emailEntry->name == NULL) { + CYASSL_MSG("\tOut of Memory"); + XFREE(emailEntry, cert->heap, DYNAMIC_TYPE_ALTNAME); + return ASN_PARSE_E; + } + + XMEMCPY(emailEntry->name, &input[idx], strLen); + emailEntry->name[strLen] = '\0'; - entry->name = (char*)XMALLOC(strLen + 1, cert->heap, - DYNAMIC_TYPE_ALTNAME); - if (entry->name == NULL) { - CYASSL_MSG("\tOut of Memory"); - XFREE(entry, cert->heap, DYNAMIC_TYPE_ALTNAME); - return; + emailEntry->next = cert->altEmailNames; + cert->altEmailNames = emailEntry; + + length -= strLen; + idx += strLen; } +#endif /* IGNORE_NAME_CONSTRAINTS */ +#ifdef CYASSL_SEP + else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_OTHER_TYPE)) + { + int strLen; + word32 lenStartIdx = idx; + word32 oid = 0; + + if (GetLength(input, &idx, &strLen, sz) < 0) { + CYASSL_MSG("\tfail: other name length"); + return ASN_PARSE_E; + } + /* Consume the rest of this sequence. */ + length -= (strLen + idx - lenStartIdx); + + if (GetObjectId(input, &idx, &oid, sz) < 0) { + CYASSL_MSG("\tbad OID"); + return ASN_PARSE_E; + } + + if (oid != HW_NAME_OID) { + CYASSL_MSG("\tincorrect OID"); + return ASN_PARSE_E; + } + + if (input[idx++] != (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED)) { + CYASSL_MSG("\twrong type"); + return ASN_PARSE_E; + } + + if (GetLength(input, &idx, &strLen, sz) < 0) { + CYASSL_MSG("\tfail: str len"); + return ASN_PARSE_E; + } + + if (GetSequence(input, &idx, &strLen, sz) < 0) { + CYASSL_MSG("\tBad Sequence"); + return ASN_PARSE_E; + } + + if (input[idx++] != ASN_OBJECT_ID) { + CYASSL_MSG("\texpected OID"); + return ASN_PARSE_E; + } + + if (GetLength(input, &idx, &strLen, sz) < 0) { + CYASSL_MSG("\tfailed: str len"); + return ASN_PARSE_E; + } + + cert->hwType = (byte*)XMALLOC(strLen, cert->heap, 0); + if (cert->hwType == NULL) { + CYASSL_MSG("\tOut of Memory"); + return MEMORY_E; + } + + XMEMCPY(cert->hwType, &input[idx], strLen); + cert->hwTypeSz = strLen; + idx += strLen; + + if (input[idx++] != ASN_OCTET_STRING) { + CYASSL_MSG("\texpected Octet String"); + return ASN_PARSE_E; + } + + if (GetLength(input, &idx, &strLen, sz) < 0) { + CYASSL_MSG("\tfailed: str len"); + return ASN_PARSE_E; + } - XMEMCPY(entry->name, &input[idx], strLen); - entry->name[strLen] = '\0'; + cert->hwSerialNum = (byte*)XMALLOC(strLen + 1, cert->heap, 0); + if (cert->hwSerialNum == NULL) { + CYASSL_MSG("\tOut of Memory"); + return MEMORY_E; + } + + XMEMCPY(cert->hwSerialNum, &input[idx], strLen); + cert->hwSerialNum[strLen] = '\0'; + cert->hwSerialNumSz = strLen; + idx += strLen; + } +#endif /* CYASSL_SEP */ + else { + int strLen; + word32 lenStartIdx = idx; - entry->next = cert->altNames; - cert->altNames = entry; + CYASSL_MSG("\tUnsupported name type, skipping"); - length -= strLen; - idx += strLen; - } + if (GetLength(input, &idx, &strLen, sz) < 0) { + CYASSL_MSG("\tfail: unsupported name length"); + return ASN_PARSE_E; + } + length -= (strLen + idx - lenStartIdx); + idx += strLen; + } + } + return 0; } -static void DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert) +static int DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert) { word32 idx = 0; int length = 0; CYASSL_ENTER("DecodeBasicCaConstraint"); - if (GetSequence(input, &idx, &length, sz) < 0) return; + if (GetSequence(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: bad SEQUENCE"); + return ASN_PARSE_E; + } + + if (length == 0) + return 0; - if (length == 0) return; /* If the basic ca constraint is false, this extension may be named, but * left empty. So, if the length is 0, just return. */ if (input[idx++] != ASN_BOOLEAN) { CYASSL_MSG("\tfail: constraint not BOOLEAN"); - return; + return ASN_PARSE_E; } if (GetLength(input, &idx, &length, sz) < 0) { CYASSL_MSG("\tfail: length"); - return; + return ASN_PARSE_E; } - if (input[idx]) + if (input[idx++]) cert->isCA = 1; + + #ifdef OPENSSL_EXTRA + /* If there isn't any more data, return. */ + if (idx >= (word32)sz) + return 0; + + /* Anything left should be the optional pathlength */ + if (input[idx++] != ASN_INTEGER) { + CYASSL_MSG("\tfail: pathlen not INTEGER"); + return ASN_PARSE_E; + } + + if (input[idx++] != 1) { + CYASSL_MSG("\tfail: pathlen too long"); + return ASN_PARSE_E; + } + + cert->pathLength = input[idx]; + cert->extBasicConstPlSet = 1; + #endif /* OPENSSL_EXTRA */ + + return 0; } @@ -2200,7 +3503,7 @@ static void DecodeBasicCaConstraint(byte* input, int sz, DecodedCert* cert) #define GENERALNAME_URI 6 /* From RFC3280 SS4.2.1.7, GeneralName */ -static void DecodeCrlDist(byte* input, int sz, DecodedCert* cert) +static int DecodeCrlDist(byte* input, int sz, DecodedCert* cert) { word32 idx = 0; int length = 0; @@ -2208,10 +3511,12 @@ static void DecodeCrlDist(byte* input, int sz, DecodedCert* cert) CYASSL_ENTER("DecodeCrlDist"); /* Unwrap the list of Distribution Points*/ - if (GetSequence(input, &idx, &length, sz) < 0) return; + if (GetSequence(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; /* Unwrap a single Distribution Point */ - if (GetSequence(input, &idx, &length, sz) < 0) return; + if (GetSequence(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; /* The Distribution Point has three explicit optional members * First check for a DistributionPointName @@ -2219,18 +3524,21 @@ static void DecodeCrlDist(byte* input, int sz, DecodedCert* cert) if (input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { idx++; - if (GetLength(input, &idx, &length, sz) < 0) return; + if (GetLength(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; if (input[idx] == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CRLDP_FULL_NAME)) { idx++; - if (GetLength(input, &idx, &length, sz) < 0) return; + if (GetLength(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; if (input[idx] == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI)) { idx++; - if (GetLength(input, &idx, &length, sz) < 0) return; + if (GetLength(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; cert->extCrlInfoSz = length; cert->extCrlInfo = input + idx; @@ -2250,7 +3558,8 @@ static void DecodeCrlDist(byte* input, int sz, DecodedCert* cert) input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) { idx++; - if (GetLength(input, &idx, &length, sz) < 0) return; + if (GetLength(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; idx += length; } @@ -2259,7 +3568,8 @@ static void DecodeCrlDist(byte* input, int sz, DecodedCert* cert) input[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 2)) { idx++; - if (GetLength(input, &idx, &length, sz) < 0) return; + if (GetLength(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; idx += length; } @@ -2269,11 +3579,11 @@ static void DecodeCrlDist(byte* input, int sz, DecodedCert* cert) "but we only use the first one."); } - return; + return 0; } -static void DecodeAuthInfo(byte* input, int sz, DecodedCert* cert) +static int DecodeAuthInfo(byte* input, int sz, DecodedCert* cert) /* * Read the first of the Authority Information Access records. If there are * any issues, return without saving the record. @@ -2281,524 +3591,740 @@ static void DecodeAuthInfo(byte* input, int sz, DecodedCert* cert) { word32 idx = 0; int length = 0; + byte b; word32 oid; + CYASSL_ENTER("DecodeAuthInfo"); + /* Unwrap the list of AIAs */ - if (GetSequence(input, &idx, &length, sz) < 0) return; + if (GetSequence(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; - /* Unwrap a single AIA */ - if (GetSequence(input, &idx, &length, sz) < 0) return; + while (idx < (word32)sz) { + /* Unwrap a single AIA */ + if (GetSequence(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; - oid = 0; - if (GetObjectId(input, &idx, &oid, sz) < 0) return; + oid = 0; + if (GetObjectId(input, &idx, &oid, sz) < 0) + return ASN_PARSE_E; - /* Only supporting URIs right now. */ - if (input[idx] == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI)) - { - idx++; - if (GetLength(input, &idx, &length, sz) < 0) return; + /* Only supporting URIs right now. */ + b = input[idx++]; + if (GetLength(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; - cert->extAuthInfoSz = length; - cert->extAuthInfo = input + idx; - idx += length; - } - else - { - /* Skip anything else. */ - idx++; - if (GetLength(input, &idx, &length, sz) < 0) return; + if (b == (ASN_CONTEXT_SPECIFIC | GENERALNAME_URI) && + oid == AIA_OCSP_OID) + { + cert->extAuthInfoSz = length; + cert->extAuthInfo = input + idx; + break; + } idx += length; } - if (idx < (word32)sz) - { - CYASSL_MSG("\tThere are more Authority Information Access records, " - "but we only use first one."); - } - - return; + return 0; } -static void DecodeCertExtensions(DecodedCert* cert) -/* - * Processing the Certificate Extensions. This does not modify the current - * index. It is works starting with the recorded extensions pointer. - */ +static int DecodeAuthKeyId(byte* input, int sz, DecodedCert* cert) { word32 idx = 0; - int sz = cert->extensionsSz; - byte* input = cert->extensions; - int length; - word32 oid; + int length = 0, ret = 0; - CYASSL_ENTER("DecodeCertExtensions"); + CYASSL_ENTER("DecodeAuthKeyId"); - if (input == NULL || sz == 0) return; + if (GetSequence(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: should be a SEQUENCE\n"); + return ASN_PARSE_E; + } - if (input[idx++] != ASN_EXTENSIONS) return; + if (input[idx++] != (ASN_CONTEXT_SPECIFIC | 0)) { + CYASSL_MSG("\tinfo: OPTIONAL item 0, not available\n"); + return 0; + } - if (GetLength(input, &idx, &length, sz) < 0) return; + if (GetLength(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: extension data length"); + return ASN_PARSE_E; + } - if (GetSequence(input, &idx, &length, sz) < 0) return; - - while (idx < (word32)sz) { - if (GetSequence(input, &idx, &length, sz) < 0) { - CYASSL_MSG("\tfail: should be a SEQUENCE"); - return; - } + #ifdef OPENSSL_EXTRA + cert->extAuthKeyIdSrc = &input[idx]; + cert->extAuthKeyIdSz = length; + #endif /* OPENSSL_EXTRA */ - oid = 0; - if (GetObjectId(input, &idx, &oid, sz) < 0) { - CYASSL_MSG("\tfail: OBJECT ID"); - return; - } + if (length == SHA_SIZE) { + XMEMCPY(cert->extAuthKeyId, input + idx, length); + } + else { + Sha sha; + ret = InitSha(&sha); + if (ret != 0) + return ret; + ShaUpdate(&sha, input + idx, length); + ShaFinal(&sha, cert->extAuthKeyId); + } - /* check for critical flag */ - if (input[idx] == ASN_BOOLEAN) { - CYASSL_MSG("\tfound optional critical flag, moving past"); - idx += (ASN_BOOL_SIZE + 1); - } + return 0; +} - /* process the extension based on the OID */ - if (input[idx++] != ASN_OCTET_STRING) { - CYASSL_MSG("\tfail: should be an OCTET STRING"); - return; - } - if (GetLength(input, &idx, &length, sz) < 0) { - CYASSL_MSG("\tfail: extension data length"); - return; - } +static int DecodeSubjKeyId(byte* input, int sz, DecodedCert* cert) +{ + word32 idx = 0; + int length = 0, ret = 0; - switch (oid) { - case BASIC_CA_OID: - DecodeBasicCaConstraint(&input[idx], length, cert); - break; + CYASSL_ENTER("DecodeSubjKeyId"); - case CRL_DIST_OID: - DecodeCrlDist(&input[idx], length, cert); - break; + if (input[idx++] != ASN_OCTET_STRING) { + CYASSL_MSG("\tfail: should be an OCTET STRING"); + return ASN_PARSE_E; + } - case AUTH_INFO_OID: - DecodeAuthInfo(&input[idx], length, cert); - break; + if (GetLength(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: extension data length"); + return ASN_PARSE_E; + } - case ALT_NAMES_OID: - DecodeAltNames(&input[idx], length, cert); + #ifdef OPENSSL_EXTRA + cert->extSubjKeyIdSrc = &input[idx]; + cert->extSubjKeyIdSz = length; + #endif /* OPENSSL_EXTRA */ - default: - CYASSL_MSG("\tExtension type not handled, skipping"); - break; - } - idx += length; + if (length == SIGNER_DIGEST_SIZE) { + XMEMCPY(cert->extSubjKeyId, input + idx, length); + } + else { + Sha sha; + ret = InitSha(&sha); + if (ret != 0) + return ret; + ShaUpdate(&sha, input + idx, length); + ShaFinal(&sha, cert->extSubjKeyId); } - return; + return ret; } -int ParseCert(DecodedCert* cert, int type, int verify, void* cm) +static int DecodeKeyUsage(byte* input, int sz, DecodedCert* cert) { - int ret; - char* ptr; - - ret = ParseCertRelative(cert, type, verify, cm); - if (ret < 0) - return ret; + word32 idx = 0; + int length; + byte unusedBits; + CYASSL_ENTER("DecodeKeyUsage"); - if (cert->subjectCNLen > 0) { - ptr = (char*) XMALLOC(cert->subjectCNLen + 1, cert->heap, - DYNAMIC_TYPE_SUBJECT_CN); - if (ptr == NULL) - return MEMORY_E; - XMEMCPY(ptr, cert->subjectCN, cert->subjectCNLen); - ptr[cert->subjectCNLen] = '\0'; - cert->subjectCN = ptr; - cert->subjectCNStored = 1; + if (input[idx++] != ASN_BIT_STRING) { + CYASSL_MSG("\tfail: key usage expected bit string"); + return ASN_PARSE_E; } - if (cert->keyOID == RSAk && cert->pubKeySize > 0) { - ptr = (char*) XMALLOC(cert->pubKeySize, cert->heap, - DYNAMIC_TYPE_PUBLIC_KEY); - if (ptr == NULL) - return MEMORY_E; - XMEMCPY(ptr, cert->publicKey, cert->pubKeySize); - cert->publicKey = (byte *)ptr; - cert->pubKeyStored = 1; + if (GetLength(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: key usage bad length"); + return ASN_PARSE_E; } - return ret; -} + unusedBits = input[idx++]; + length--; + if (length == 2) { + cert->extKeyUsage = (word16)((input[idx] << 8) | input[idx+1]); + cert->extKeyUsage >>= unusedBits; + } + else if (length == 1) + cert->extKeyUsage = (word16)(input[idx] << 1); -/* from SSL proper, for locking can't do find here anymore */ -#ifdef __cplusplus - extern "C" { -#endif - CYASSL_LOCAL Signer* GetCA(void* signers, byte* hash); -#ifdef __cplusplus - } -#endif + return 0; +} -int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) +static int DecodeExtKeyUsage(byte* input, int sz, DecodedCert* cert) { - word32 confirmOID; - int ret; - int badDate = 0; + word32 idx = 0, oid; + int length; - if ((ret = DecodeToKey(cert, verify)) < 0) { - if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) - badDate = ret; - else - return ret; + CYASSL_ENTER("DecodeExtKeyUsage"); + + if (GetSequence(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: should be a SEQUENCE"); + return ASN_PARSE_E; } - if (cert->srcIdx != cert->sigIndex) { - if (cert->srcIdx < cert->sigIndex) { - /* save extensions */ - cert->extensions = &cert->source[cert->srcIdx]; - cert->extensionsSz = cert->sigIndex - cert->srcIdx; - cert->extensionsIdx = cert->srcIdx; /* for potential later use */ + #ifdef OPENSSL_EXTRA + cert->extExtKeyUsageSrc = input + idx; + cert->extExtKeyUsageSz = length; + #endif + + while (idx < (word32)sz) { + if (GetObjectId(input, &idx, &oid, sz) < 0) + return ASN_PARSE_E; + + switch (oid) { + case EKU_ANY_OID: + cert->extExtKeyUsage |= EXTKEYUSE_ANY; + break; + case EKU_SERVER_AUTH_OID: + cert->extExtKeyUsage |= EXTKEYUSE_SERVER_AUTH; + break; + case EKU_CLIENT_AUTH_OID: + cert->extExtKeyUsage |= EXTKEYUSE_CLIENT_AUTH; + break; + case EKU_OCSP_SIGN_OID: + cert->extExtKeyUsage |= EXTKEYUSE_OCSP_SIGN; + break; } - DecodeCertExtensions(cert); - /* advance past extensions */ - cert->srcIdx = cert->sigIndex; + + #ifdef OPENSSL_EXTRA + cert->extExtKeyUsageCount++; + #endif } - if ((ret = GetAlgoId(cert->source, &cert->srcIdx, &confirmOID, - cert->maxIdx)) < 0) - return ret; + return 0; +} - if ((ret = GetSignature(cert)) < 0) - return ret; - if (confirmOID != cert->signatureOID) - return ASN_SIG_OID_E; +#ifndef IGNORE_NAME_CONSTRAINTS +static int DecodeSubtree(byte* input, int sz, Base_entry** head, void* heap) +{ + word32 idx = 0; - if (verify && type != CA_TYPE) { - Signer* ca = GetCA(cm, cert->issuerHash); - CYASSL_MSG("About to verify certificate signature"); - - if (ca) { -#ifdef HAVE_OCSP - /* Need the ca's public key hash for OCSP */ - { - Sha sha; - InitSha(&sha); - ShaUpdate(&sha, ca->publicKey, ca->pubKeySize); - ShaFinal(&sha, cert->issuerKeyHash); + (void)heap; + + while (idx < (word32)sz) { + int seqLength, strLength; + word32 nameIdx; + byte b; + + if (GetSequence(input, &idx, &seqLength, sz) < 0) { + CYASSL_MSG("\tfail: should be a SEQUENCE"); + return ASN_PARSE_E; + } + + nameIdx = idx; + b = input[nameIdx++]; + if (GetLength(input, &nameIdx, &strLength, sz) <= 0) { + CYASSL_MSG("\tinvalid length"); + return ASN_PARSE_E; + } + + if (b == (ASN_CONTEXT_SPECIFIC | ASN_DNS_TYPE) || + b == (ASN_CONTEXT_SPECIFIC | ASN_RFC822_TYPE) || + b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | ASN_DIR_TYPE)) { + + Base_entry* entry = (Base_entry*)XMALLOC(sizeof(Base_entry), + heap, DYNAMIC_TYPE_ALTNAME); + + if (entry == NULL) { + CYASSL_MSG("allocate error"); + return MEMORY_E; } -#endif /* HAVE_OCSP */ - /* try to confirm/verify signature */ - if (!ConfirmSignature(cert->source + cert->certBegin, - cert->sigIndex - cert->certBegin, - ca->publicKey, ca->pubKeySize, ca->keyOID, - cert->signature, cert->sigLength, cert->signatureOID, - cert->heap)) { - CYASSL_MSG("Confirm signature failed"); - return ASN_SIG_CONFIRM_E; + + entry->name = (char*)XMALLOC(strLength, heap, DYNAMIC_TYPE_ALTNAME); + if (entry->name == NULL) { + CYASSL_MSG("allocate error"); + return MEMORY_E; } + + XMEMCPY(entry->name, &input[nameIdx], strLength); + entry->nameSz = strLength; + entry->type = b & 0x0F; + + entry->next = *head; + *head = entry; } - else { - /* no signer */ - CYASSL_MSG("No CA signer to verify with"); - return ASN_SIG_CONFIRM_E; - } - } - if (badDate != 0) - return badDate; + idx += seqLength; + } return 0; } -Signer* MakeSigner(void* heap) +static int DecodeNameConstraints(byte* input, int sz, DecodedCert* cert) { - Signer* signer = (Signer*) XMALLOC(sizeof(Signer), heap, - DYNAMIC_TYPE_SIGNER); - if (signer) { - signer->name = 0; - signer->publicKey = 0; - signer->next = 0; + word32 idx = 0; + int length = 0; + + CYASSL_ENTER("DecodeNameConstraints"); + + if (GetSequence(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: should be a SEQUENCE"); + return ASN_PARSE_E; } - (void)heap; - return signer; -} + while (idx < (word32)sz) { + byte b = input[idx++]; + Base_entry** subtree = NULL; + if (GetLength(input, &idx, &length, sz) <= 0) { + CYASSL_MSG("\tinvalid length"); + return ASN_PARSE_E; + } -void FreeSigners(Signer* signer, void* heap) -{ - while (signer) { - Signer* next = signer->next; + if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 0)) + subtree = &cert->permittedNames; + else if (b == (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | 1)) + subtree = &cert->excludedNames; + else { + CYASSL_MSG("\tinvalid subtree"); + return ASN_PARSE_E; + } - XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN); - XFREE(signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY); - XFREE(signer, heap, DYNAMIC_TYPE_SIGNER); + DecodeSubtree(input + idx, length, subtree, cert->heap); - signer = next; + idx += length; } - (void)heap; + + return 0; } +#endif /* IGNORE_NAME_CONSTRAINTS */ -void CTaoCryptErrorString(int error, char* buffer) -{ - const int max = MAX_ERROR_SZ; /* shorthand */ +#ifdef CYASSL_SEP + static int DecodeCertPolicy(byte* input, int sz, DecodedCert* cert) + { + word32 idx = 0; + int length = 0; -#ifdef NO_ERROR_STRINGS + CYASSL_ENTER("DecodeCertPolicy"); - XSTRNCPY(buffer, "no support for error strings built in", max); + /* Unwrap certificatePolicies */ + if (GetSequence(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tdeviceType isn't OID"); + return ASN_PARSE_E; + } -#else + if (GetSequence(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tdeviceType isn't OID"); + return ASN_PARSE_E; + } - switch (error) { + if (input[idx++] != ASN_OBJECT_ID) { + CYASSL_MSG("\tdeviceType isn't OID"); + return ASN_PARSE_E; + } - case OPEN_RAN_E : - XSTRNCPY(buffer, "opening random device error", max); - break; + if (GetLength(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tCouldn't read length of deviceType"); + return ASN_PARSE_E; + } - case READ_RAN_E : - XSTRNCPY(buffer, "reading random device error", max); - break; + if (length > 0) { + cert->deviceType = (byte*)XMALLOC(length, cert->heap, 0); + if (cert->deviceType == NULL) { + CYASSL_MSG("\tCouldn't alloc memory for deviceType"); + return MEMORY_E; + } + cert->deviceTypeSz = length; + XMEMCPY(cert->deviceType, input + idx, length); + } - case WINCRYPT_E : - XSTRNCPY(buffer, "windows crypt init error", max); - break; + CYASSL_LEAVE("DecodeCertPolicy", 0); + return 0; + } +#endif /* CYASSL_SEP */ - case CRYPTGEN_E : - XSTRNCPY(buffer, "windows crypt generation error", max); - break; - case RAN_BLOCK_E : - XSTRNCPY(buffer, "random device read would block error", max); - break; +static int DecodeCertExtensions(DecodedCert* cert) +/* + * Processing the Certificate Extensions. This does not modify the current + * index. It is works starting with the recorded extensions pointer. + */ +{ + word32 idx = 0; + int sz = cert->extensionsSz; + byte* input = cert->extensions; + int length; + word32 oid; + byte critical = 0; + byte criticalFail = 0; - case MP_INIT_E : - XSTRNCPY(buffer, "mp_init error state", max); - break; + CYASSL_ENTER("DecodeCertExtensions"); - case MP_READ_E : - XSTRNCPY(buffer, "mp_read error state", max); - break; + if (input == NULL || sz == 0) + return BAD_FUNC_ARG; - case MP_EXPTMOD_E : - XSTRNCPY(buffer, "mp_exptmod error state", max); - break; + if (input[idx++] != ASN_EXTENSIONS) + return ASN_PARSE_E; - case MP_TO_E : - XSTRNCPY(buffer, "mp_to_xxx error state, can't convert", max); - break; + if (GetLength(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; - case MP_SUB_E : - XSTRNCPY(buffer, "mp_sub error state, can't subtract", max); - break; + if (GetSequence(input, &idx, &length, sz) < 0) + return ASN_PARSE_E; + + while (idx < (word32)sz) { + if (GetSequence(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: should be a SEQUENCE"); + return ASN_PARSE_E; + } - case MP_ADD_E : - XSTRNCPY(buffer, "mp_add error state, can't add", max); - break; + oid = 0; + if (GetObjectId(input, &idx, &oid, sz) < 0) { + CYASSL_MSG("\tfail: OBJECT ID"); + return ASN_PARSE_E; + } - case MP_MUL_E : - XSTRNCPY(buffer, "mp_mul error state, can't multiply", max); - break; + /* check for critical flag */ + critical = 0; + if (input[idx] == ASN_BOOLEAN) { + int boolLength = 0; + idx++; + if (GetLength(input, &idx, &boolLength, sz) < 0) { + CYASSL_MSG("\tfail: critical boolean length"); + return ASN_PARSE_E; + } + if (input[idx++]) + critical = 1; + } - case MP_MULMOD_E : - XSTRNCPY(buffer, "mp_mulmod error state, can't multiply mod", max); - break; + /* process the extension based on the OID */ + if (input[idx++] != ASN_OCTET_STRING) { + CYASSL_MSG("\tfail: should be an OCTET STRING"); + return ASN_PARSE_E; + } - case MP_MOD_E : - XSTRNCPY(buffer, "mp_mod error state, can't mod", max); - break; + if (GetLength(input, &idx, &length, sz) < 0) { + CYASSL_MSG("\tfail: extension data length"); + return ASN_PARSE_E; + } - case MP_INVMOD_E : - XSTRNCPY(buffer, "mp_invmod error state, can't inv mod", max); - break; - - case MP_CMP_E : - XSTRNCPY(buffer, "mp_cmp error state", max); - break; - - case MP_ZERO_E : - XSTRNCPY(buffer, "mp zero result, not expected", max); - break; - - case MEMORY_E : - XSTRNCPY(buffer, "out of memory error", max); - break; + switch (oid) { + case BASIC_CA_OID: + #ifdef OPENSSL_EXTRA + cert->extBasicConstSet = 1; + cert->extBasicConstCrit = critical; + #endif + if (DecodeBasicCaConstraint(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; - case RSA_WRONG_TYPE_E : - XSTRNCPY(buffer, "RSA wrong block type for RSA function", max); - break; + case CRL_DIST_OID: + if (DecodeCrlDist(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; - case RSA_BUFFER_E : - XSTRNCPY(buffer, "RSA buffer error, output too small or input too big", - max); - break; + case AUTH_INFO_OID: + if (DecodeAuthInfo(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; - case BUFFER_E : - XSTRNCPY(buffer, "Buffer error, output too small or input too big",max); - break; + case ALT_NAMES_OID: + #ifdef OPENSSL_EXTRA + cert->extSubjAltNameSet = 1; + cert->extSubjAltNameCrit = critical; + #endif + if (DecodeAltNames(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; - case ALGO_ID_E : - XSTRNCPY(buffer, "Setting Cert AlogID error", max); - break; + case AUTH_KEY_OID: + cert->extAuthKeyIdSet = 1; + #ifdef OPENSSL_EXTRA + cert->extAuthKeyIdCrit = critical; + #endif + if (DecodeAuthKeyId(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; - case PUBLIC_KEY_E : - XSTRNCPY(buffer, "Setting Cert Public Key error", max); - break; + case SUBJ_KEY_OID: + cert->extSubjKeyIdSet = 1; + #ifdef OPENSSL_EXTRA + cert->extSubjKeyIdCrit = critical; + #endif + if (DecodeSubjKeyId(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; - case DATE_E : - XSTRNCPY(buffer, "Setting Cert Date validity error", max); - break; + case CERT_POLICY_OID: + CYASSL_MSG("Certificate Policy extension not supported yet."); + #ifdef CYASSL_SEP + #ifdef OPENSSL_EXTRA + cert->extCertPolicySet = 1; + cert->extCertPolicyCrit = critical; + #endif + if (DecodeCertPolicy(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + #endif + break; - case SUBJECT_E : - XSTRNCPY(buffer, "Setting Cert Subject name error", max); - break; + case KEY_USAGE_OID: + cert->extKeyUsageSet = 1; + #ifdef OPENSSL_EXTRA + cert->extKeyUsageCrit = critical; + #endif + if (DecodeKeyUsage(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; - case ISSUER_E : - XSTRNCPY(buffer, "Setting Cert Issuer name error", max); - break; + case EXT_KEY_USAGE_OID: + cert->extExtKeyUsageSet = 1; + #ifdef OPENSSL_EXTRA + cert->extExtKeyUsageCrit = critical; + #endif + if (DecodeExtKeyUsage(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; - case CA_TRUE_E : - XSTRNCPY(buffer, "Setting basic constraint CA true error", max); - break; + #ifndef IGNORE_NAME_CONSTRAINTS + case NAME_CONS_OID: + cert->extNameConstraintSet = 1; + #ifdef OPENSSL_EXTRA + cert->extNameConstraintCrit = critical; + #endif + if (DecodeNameConstraints(&input[idx], length, cert) < 0) + return ASN_PARSE_E; + break; + #endif /* IGNORE_NAME_CONSTRAINTS */ - case EXTENSIONS_E : - XSTRNCPY(buffer, "Setting extensions error", max); - break; + case INHIBIT_ANY_OID: + CYASSL_MSG("Inhibit anyPolicy extension not supported yet."); + break; - case ASN_PARSE_E : - XSTRNCPY(buffer, "ASN parsing error, invalid input", max); - break; + default: + /* While it is a failure to not support critical extensions, + * still parse the certificate ignoring the unsupported + * extention to allow caller to accept it with the verify + * callback. */ + if (critical) + criticalFail = 1; + break; + } + idx += length; + } - case ASN_VERSION_E : - XSTRNCPY(buffer, "ASN version error, invalid number", max); - break; + return criticalFail ? ASN_CRIT_EXT_E : 0; +} - case ASN_GETINT_E : - XSTRNCPY(buffer, "ASN get big int error, invalid data", max); - break; - case ASN_RSA_KEY_E : - XSTRNCPY(buffer, "ASN key init error, invalid input", max); - break; +int ParseCert(DecodedCert* cert, int type, int verify, void* cm) +{ + int ret; + char* ptr; - case ASN_OBJECT_ID_E : - XSTRNCPY(buffer, "ASN object id error, invalid id", max); - break; + ret = ParseCertRelative(cert, type, verify, cm); + if (ret < 0) + return ret; - case ASN_TAG_NULL_E : - XSTRNCPY(buffer, "ASN tag error, not null", max); - break; + if (cert->subjectCNLen > 0) { + ptr = (char*) XMALLOC(cert->subjectCNLen + 1, cert->heap, + DYNAMIC_TYPE_SUBJECT_CN); + if (ptr == NULL) + return MEMORY_E; + XMEMCPY(ptr, cert->subjectCN, cert->subjectCNLen); + ptr[cert->subjectCNLen] = '\0'; + cert->subjectCN = ptr; + cert->subjectCNStored = 1; + } - case ASN_EXPECT_0_E : - XSTRNCPY(buffer, "ASN expect error, not zero", max); - break; + if (cert->keyOID == RSAk && + cert->publicKey != NULL && cert->pubKeySize > 0) { + ptr = (char*) XMALLOC(cert->pubKeySize, cert->heap, + DYNAMIC_TYPE_PUBLIC_KEY); + if (ptr == NULL) + return MEMORY_E; + XMEMCPY(ptr, cert->publicKey, cert->pubKeySize); + cert->publicKey = (byte *)ptr; + cert->pubKeyStored = 1; + } - case ASN_BITSTR_E : - XSTRNCPY(buffer, "ASN bit string error, wrong id", max); - break; + return ret; +} - case ASN_UNKNOWN_OID_E : - XSTRNCPY(buffer, "ASN oid error, unknown sum id", max); - break; - case ASN_DATE_SZ_E : - XSTRNCPY(buffer, "ASN date error, bad size", max); - break; +/* from SSL proper, for locking can't do find here anymore */ +#ifdef __cplusplus + extern "C" { +#endif + CYASSL_LOCAL Signer* GetCA(void* signers, byte* hash); + #ifndef NO_SKID + CYASSL_LOCAL Signer* GetCAByName(void* signers, byte* hash); + #endif +#ifdef __cplusplus + } +#endif - case ASN_BEFORE_DATE_E : - XSTRNCPY(buffer, "ASN date error, current date before", max); - break; - case ASN_AFTER_DATE_E : - XSTRNCPY(buffer, "ASN date error, current date after", max); - break; +int ParseCertRelative(DecodedCert* cert, int type, int verify, void* cm) +{ + word32 confirmOID; + int ret; + int badDate = 0; + int criticalExt = 0; - case ASN_SIG_OID_E : - XSTRNCPY(buffer, "ASN signature error, mismatched oid", max); - break; + if ((ret = DecodeToKey(cert, verify)) < 0) { + if (ret == ASN_BEFORE_DATE_E || ret == ASN_AFTER_DATE_E) + badDate = ret; + else + return ret; + } - case ASN_TIME_E : - XSTRNCPY(buffer, "ASN time error, unkown time type", max); - break; + CYASSL_MSG("Parsed Past Key"); - case ASN_INPUT_E : - XSTRNCPY(buffer, "ASN input error, not enough data", max); - break; + if (cert->srcIdx < cert->sigIndex) { + #ifndef ALLOW_V1_EXTENSIONS + if (cert->version < 2) { + CYASSL_MSG(" v1 and v2 certs not allowed extensions"); + return ASN_VERSION_E; + } + #endif + /* save extensions */ + cert->extensions = &cert->source[cert->srcIdx]; + cert->extensionsSz = cert->sigIndex - cert->srcIdx; + cert->extensionsIdx = cert->srcIdx; /* for potential later use */ + + if ((ret = DecodeCertExtensions(cert)) < 0) { + if (ret == ASN_CRIT_EXT_E) + criticalExt = ret; + else + return ret; + } - case ASN_SIG_CONFIRM_E : - XSTRNCPY(buffer, "ASN sig error, confirm failure", max); - break; + /* advance past extensions */ + cert->srcIdx = cert->sigIndex; + } - case ASN_SIG_HASH_E : - XSTRNCPY(buffer, "ASN sig error, unsupported hash type", max); - break; + if ((ret = GetAlgoId(cert->source, &cert->srcIdx, &confirmOID, + cert->maxIdx)) < 0) + return ret; - case ASN_SIG_KEY_E : - XSTRNCPY(buffer, "ASN sig error, unsupported key type", max); - break; + if ((ret = GetSignature(cert)) < 0) + return ret; - case ASN_DH_KEY_E : - XSTRNCPY(buffer, "ASN key init error, invalid input", max); - break; + if (confirmOID != cert->signatureOID) + return ASN_SIG_OID_E; + + #ifndef NO_SKID + if (cert->extSubjKeyIdSet == 0 + && cert->publicKey != NULL && cert->pubKeySize > 0) { + Sha sha; + ret = InitSha(&sha); + if (ret != 0) + return ret; + ShaUpdate(&sha, cert->publicKey, cert->pubKeySize); + ShaFinal(&sha, cert->extSubjKeyId); + } + #endif + + if (verify && type != CA_TYPE) { + Signer* ca = NULL; + #ifndef NO_SKID + if (cert->extAuthKeyIdSet) + ca = GetCA(cm, cert->extAuthKeyId); + if (ca == NULL) + ca = GetCAByName(cm, cert->issuerHash); + #else /* NO_SKID */ + ca = GetCA(cm, cert->issuerHash); + #endif /* NO SKID */ + CYASSL_MSG("About to verify certificate signature"); + + if (ca) { +#ifdef HAVE_OCSP + /* Need the ca's public key hash for OCSP */ + { + Sha sha; + ret = InitSha(&sha); + if (ret != 0) + return ret; + ShaUpdate(&sha, ca->publicKey, ca->pubKeySize); + ShaFinal(&sha, cert->issuerKeyHash); + } +#endif /* HAVE_OCSP */ + /* try to confirm/verify signature */ + if (!ConfirmSignature(cert->source + cert->certBegin, + cert->sigIndex - cert->certBegin, + ca->publicKey, ca->pubKeySize, ca->keyOID, + cert->signature, cert->sigLength, cert->signatureOID, + cert->heap)) { + CYASSL_MSG("Confirm signature failed"); + return ASN_SIG_CONFIRM_E; + } +#ifndef IGNORE_NAME_CONSTRAINTS + /* check that this cert's name is permitted by the signer's + * name constraints */ + if (!ConfirmNameConstraints(ca, cert)) { + CYASSL_MSG("Confirm name constraint failed"); + return ASN_NAME_INVALID_E; + } +#endif /* IGNORE_NAME_CONSTRAINTS */ + } + else { + /* no signer */ + CYASSL_MSG("No CA signer to verify with"); + return ASN_NO_SIGNER_E; + } + } - case ASN_NTRU_KEY_E : - XSTRNCPY(buffer, "ASN NTRU key decode error, invalid input", max); - break; + if (badDate != 0) + return badDate; - case ECC_BAD_ARG_E : - XSTRNCPY(buffer, "ECC input argument wrong type, invalid input", max); - break; + if (criticalExt != 0) + return criticalExt; - case ASN_ECC_KEY_E : - XSTRNCPY(buffer, "ECC ASN1 bad key data, invalid input", max); - break; + return 0; +} - case ECC_CURVE_OID_E : - XSTRNCPY(buffer, "ECC curve sum OID unsupported, invalid input", max); - break; - case BAD_FUNC_ARG : - XSTRNCPY(buffer, "Bad function argument", max); - break; +/* Create and init an new signer */ +Signer* MakeSigner(void* heap) +{ + Signer* signer = (Signer*) XMALLOC(sizeof(Signer), heap, + DYNAMIC_TYPE_SIGNER); + if (signer) { + signer->pubKeySize = 0; + signer->keyOID = 0; + signer->publicKey = NULL; + signer->nameLen = 0; + signer->name = NULL; + #ifndef IGNORE_NAME_CONSTRAINTS + signer->permittedNames = NULL; + signer->excludedNames = NULL; + #endif /* IGNORE_NAME_CONSTRAINTS */ + signer->next = NULL; + } + (void)heap; - case NOT_COMPILED_IN : - XSTRNCPY(buffer, "Feature not compiled in", max); - break; + return signer; +} - case UNICODE_SIZE_E : - XSTRNCPY(buffer, "Unicode password too big", max); - break; - case NO_PASSWORD : - XSTRNCPY(buffer, "No password provided by user", max); - break; +/* Free an individual signer */ +void FreeSigner(Signer* signer, void* heap) +{ + XFREE(signer->name, heap, DYNAMIC_TYPE_SUBJECT_CN); + XFREE(signer->publicKey, heap, DYNAMIC_TYPE_PUBLIC_KEY); + #ifndef IGNORE_NAME_CONSTRAINTS + if (signer->permittedNames) + FreeNameSubtrees(signer->permittedNames, heap); + if (signer->excludedNames) + FreeNameSubtrees(signer->excludedNames, heap); + #endif + XFREE(signer, heap, DYNAMIC_TYPE_SIGNER); - case ALT_NAME_E : - XSTRNCPY(buffer, "Alt Name problem, too big", max); - break; + (void)heap; +} - case AES_GCM_AUTH_E: - XSTRNCPY(buffer, "AES-GCM Authentication check fail", max); - break; - default: - XSTRNCPY(buffer, "unknown error number", max); +/* Free the whole singer table with number of rows */ +void FreeSignerTable(Signer** table, int rows, void* heap) +{ + int i; + for (i = 0; i < rows; i++) { + Signer* signer = table[i]; + while (signer) { + Signer* next = signer->next; + FreeSigner(signer, heap); + signer = next; + } + table[i] = NULL; } - -#endif /* NO_ERROR_STRINGS */ - } -#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) - -static int SetMyVersion(word32 version, byte* output, int header) +CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header) { int i = 0; @@ -2814,51 +4340,152 @@ static int SetMyVersion(word32 version, byte* output, int header) } +CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output) +{ + int result = 0; + + CYASSL_ENTER("SetSerialNumber"); + + if (snSz <= EXTERNAL_SERIAL_SIZE) { + output[0] = ASN_INTEGER; + /* The serial number is always positive. When encoding the + * INTEGER, if the MSB is 1, add a padding zero to keep the + * number positive. */ + if (sn[0] & 0x80) { + output[1] = (byte)snSz + 1; + output[2] = 0; + XMEMCPY(&output[3], sn, snSz); + result = snSz + 3; + } + else { + output[1] = (byte)snSz; + XMEMCPY(&output[2], sn, snSz); + result = snSz + 2; + } + } + return result; +} + + + + +#if defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) + +/* convert der buffer to pem into output, can't do inplace, der and output + need to be different */ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz, int type) { +#ifdef CYASSL_SMALL_STACK + char* header = NULL; + char* footer = NULL; +#else char header[80]; char footer[80]; +#endif - int headerLen; - int footerLen; + int headerLen = 80; + int footerLen = 80; int i; int err; int outLen; /* return length or error */ + if (der == output) /* no in place conversion */ + return BAD_FUNC_ARG; + +#ifdef CYASSL_SMALL_STACK + header = (char*)XMALLOC(headerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (header == NULL) + return MEMORY_E; + + footer = (char*)XMALLOC(footerLen, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (footer == NULL) { + XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + if (type == CERT_TYPE) { - XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", sizeof(header)); - XSTRNCPY(footer, "-----END CERTIFICATE-----\n", sizeof(footer)); - } else { - XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----\n", sizeof(header)); - XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----\n", sizeof(footer)); + XSTRNCPY(header, "-----BEGIN CERTIFICATE-----\n", headerLen); + XSTRNCPY(footer, "-----END CERTIFICATE-----\n", footerLen); + } + else if (type == PRIVATEKEY_TYPE) { + XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----\n", headerLen); + XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----\n", footerLen); + } + #ifdef HAVE_ECC + else if (type == ECC_PRIVATEKEY_TYPE) { + XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----\n", headerLen); + XSTRNCPY(footer, "-----END EC PRIVATE KEY-----\n", footerLen); + } + #endif + #ifdef CYASSL_CERT_REQ + else if (type == CERTREQ_TYPE) + { + XSTRNCPY(header, + "-----BEGIN CERTIFICATE REQUEST-----\n", headerLen); + XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----\n", footerLen); + } + #endif + else { +#ifdef CYASSL_SMALL_STACK + XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return BAD_FUNC_ARG; } - headerLen = XSTRLEN(header); - footerLen = XSTRLEN(footer); + headerLen = (int)XSTRLEN(header); + footerLen = (int)XSTRLEN(footer); - if (!der || !output) + if (!der || !output) { +#ifdef CYASSL_SMALL_STACK + XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return BAD_FUNC_ARG; + } /* don't even try if outSz too short */ - if (outSz < headerLen + footerLen + derSz) + if (outSz < headerLen + footerLen + derSz) { +#ifdef CYASSL_SMALL_STACK + XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return BAD_FUNC_ARG; + } /* header */ XMEMCPY(output, header, headerLen); i = headerLen; +#ifdef CYASSL_SMALL_STACK + XFREE(header, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + /* body */ - outLen = outSz; /* input to Base64_Encode */ - if ( (err = Base64_Encode(der, derSz, output + i, (word32*)&outLen)) < 0) + outLen = outSz - (headerLen + footerLen); /* input to Base64_Encode */ + if ( (err = Base64_Encode(der, derSz, output + i, (word32*)&outLen)) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return err; + } i += outLen; /* footer */ - if ( (i + footerLen) > (int)outSz) + if ( (i + footerLen) > (int)outSz) { +#ifdef CYASSL_SMALL_STACK + XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return BAD_FUNC_ARG; + } XMEMCPY(output + i, footer, footerLen); +#ifdef CYASSL_SMALL_STACK + XFREE(footer, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return outLen + headerLen + footerLen; } @@ -2866,7 +4493,7 @@ int DerToPem(const byte* der, word32 derSz, byte* output, word32 outSz, #endif /* CYASSL_KEY_GEN || CYASSL_CERT_GEN */ -#ifdef CYASSL_KEY_GEN +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) static mp_int* GetRsaInt(RsaKey* key, int idx) @@ -2892,17 +4519,29 @@ static mp_int* GetRsaInt(RsaKey* key, int idx) } +/* Release Tmp RSA resources */ +static INLINE void FreeTmpRsas(byte** tmps, void* heap) +{ + int i; + + (void)heap; + + for (i = 0; i < RSA_INTS; i++) + XFREE(tmps[i], heap, DYNAMIC_TYPE_RSA); +} + + /* Convert RsaKey key to DER format, write to output (inLen), return bytes written */ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) { word32 seqSz, verSz, rawLen, intTotalLen = 0; word32 sizes[RSA_INTS]; - int i, j, outLen; + int i, j, outLen, ret = 0; - byte seq[MAX_SEQ_SZ]; - byte ver[MAX_VERSION_SZ]; - byte tmps[RSA_INTS][MAX_RSA_INT_SZ]; + byte seq[MAX_SEQ_SZ]; + byte ver[MAX_VERSION_SZ]; + byte* tmps[RSA_INTS]; if (!key || !output) return BAD_FUNC_ARG; @@ -2910,25 +4549,43 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) if (key->type != RSA_PRIVATE) return BAD_FUNC_ARG; + for (i = 0; i < RSA_INTS; i++) + tmps[i] = NULL; + /* write all big ints from key to DER tmps */ for (i = 0; i < RSA_INTS; i++) { mp_int* keyInt = GetRsaInt(key, i); rawLen = mp_unsigned_bin_size(keyInt); + tmps[i] = (byte*)XMALLOC(rawLen + MAX_SEQ_SZ, key->heap, + DYNAMIC_TYPE_RSA); + if (tmps[i] == NULL) { + ret = MEMORY_E; + break; + } tmps[i][0] = ASN_INTEGER; sizes[i] = SetLength(rawLen, tmps[i] + 1) + 1; /* int tag */ - if ( (sizes[i] + rawLen) < sizeof(tmps[i])) { + if (sizes[i] <= MAX_SEQ_SZ) { int err = mp_to_unsigned_bin(keyInt, tmps[i] + sizes[i]); if (err == MP_OKAY) { sizes[i] += rawLen; intTotalLen += sizes[i]; } - else - return err; + else { + ret = err; + break; + } } - else - return ASN_INPUT_E; + else { + ret = ASN_INPUT_E; + break; + } + } + + if (ret != 0) { + FreeTmpRsas(tmps, key->heap); + return ret; } /* make headers */ @@ -2949,14 +4606,26 @@ int RsaKeyToDer(RsaKey* key, byte* output, word32 inLen) XMEMCPY(output + j, tmps[i], sizes[i]); j += sizes[i]; } + FreeTmpRsas(tmps, key->heap); return outLen; } -#endif /* CYASSL_KEY_GEN */ +#endif /* CYASSL_KEY_GEN && !NO_RSA */ -#ifdef CYASSL_CERT_GEN +#if defined(CYASSL_CERT_GEN) && !defined(NO_RSA) + + +#ifndef min + + static INLINE word32 min(word32 a, word32 b) + { + return a > b ? b : a; + } + +#endif /* min */ + /* Initialize and Set Certficate defaults: version = 3 (0x2) @@ -2984,22 +4653,40 @@ void InitCert(Cert* cert) XMEMSET(cert->serial, 0, CTC_SERIAL_SIZE); cert->issuer.country[0] = '\0'; + cert->issuer.countryEnc = CTC_PRINTABLE; cert->issuer.state[0] = '\0'; + cert->issuer.stateEnc = CTC_UTF8; cert->issuer.locality[0] = '\0'; + cert->issuer.localityEnc = CTC_UTF8; cert->issuer.sur[0] = '\0'; + cert->issuer.surEnc = CTC_UTF8; cert->issuer.org[0] = '\0'; + cert->issuer.orgEnc = CTC_UTF8; cert->issuer.unit[0] = '\0'; + cert->issuer.unitEnc = CTC_UTF8; cert->issuer.commonName[0] = '\0'; + cert->issuer.commonNameEnc = CTC_UTF8; cert->issuer.email[0] = '\0'; cert->subject.country[0] = '\0'; + cert->subject.countryEnc = CTC_PRINTABLE; cert->subject.state[0] = '\0'; + cert->subject.stateEnc = CTC_UTF8; cert->subject.locality[0] = '\0'; + cert->subject.localityEnc = CTC_UTF8; cert->subject.sur[0] = '\0'; + cert->subject.surEnc = CTC_UTF8; cert->subject.org[0] = '\0'; + cert->subject.orgEnc = CTC_UTF8; cert->subject.unit[0] = '\0'; + cert->subject.unitEnc = CTC_UTF8; cert->subject.commonName[0] = '\0'; + cert->subject.commonNameEnc = CTC_UTF8; cert->subject.email[0] = '\0'; + +#ifdef CYASSL_CERT_REQ + cert->challengePw[0] ='\0'; +#endif } @@ -3015,6 +4702,9 @@ typedef struct DerCert { byte publicKey[MAX_PUBLIC_KEY_SZ]; /* rsa / ntru public key encoded */ byte ca[MAX_CA_SZ]; /* basic constraint CA true size */ byte extensions[MAX_EXTENSIONS_SZ]; /* all extensions */ +#ifdef CYASSL_CERT_REQ + byte attrib[MAX_ATTRIB_SZ]; /* Cert req attributes encoded */ +#endif int sizeSz; /* encoded size length */ int versionSz; /* encoded version length */ int serialSz; /* encoded serial length */ @@ -3026,16 +4716,23 @@ typedef struct DerCert { int caSz; /* encoded CA extension length */ int extensionsSz; /* encoded extensions total length */ int total; /* total encoded lengths */ +#ifdef CYASSL_CERT_REQ + int attribSz; +#endif } DerCert; +#ifdef CYASSL_CERT_REQ + /* Write a set header to output */ -static word32 SetSet(word32 len, byte* output) +static word32 SetUTF8String(word32 len, byte* output) { - output[0] = ASN_SET | ASN_CONSTRUCTED; + output[0] = ASN_UTF8STRING; return SetLength(len, output + 1) + 1; } +#endif /* CYASSL_CERT_REQ */ + /* Write a serial number to output */ static int SetSerial(const byte* serial, byte* output) @@ -3050,12 +4747,115 @@ static int SetSerial(const byte* serial, byte* output) } +#ifdef HAVE_ECC + +/* Write a public ECC key to output */ +static int SetEccPublicKey(byte* output, ecc_key* key) +{ + byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */ + int algoSz; + int curveSz; + int lenSz; + int idx; + word32 pubSz = ECC_BUFSIZE; +#ifdef CYASSL_SMALL_STACK + byte* algo = NULL; + byte* curve = NULL; + byte* pub = NULL; +#else + byte algo[MAX_ALGO_SZ]; + byte curve[MAX_ALGO_SZ]; + byte pub[ECC_BUFSIZE]; +#endif + +#ifdef CYASSL_SMALL_STACK + pub = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (pub == NULL) + return MEMORY_E; +#endif + + int ret = ecc_export_x963(key, pub, &pubSz); + if (ret != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + +#ifdef CYASSL_SMALL_STACK + curve = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (curve == NULL) { + XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + /* headers */ + curveSz = SetCurve(key, curve); + if (curveSz <= 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return curveSz; + } + +#ifdef CYASSL_SMALL_STACK + algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (algo == NULL) { + XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + algoSz = SetAlgoID(ECDSAk, algo, keyType, curveSz); + lenSz = SetLength(pubSz + 1, len); + len[lenSz++] = 0; /* trailing 0 */ + + /* write */ + idx = SetSequence(pubSz + curveSz + lenSz + 1 + algoSz, output); + /* 1 is for ASN_BIT_STRING */ + /* algo */ + XMEMCPY(output + idx, algo, algoSz); + idx += algoSz; + /* curve */ + XMEMCPY(output + idx, curve, curveSz); + idx += curveSz; + /* bit string */ + output[idx++] = ASN_BIT_STRING; + /* length */ + XMEMCPY(output + idx, len, lenSz); + idx += lenSz; + /* pub */ + XMEMCPY(output + idx, pub, pubSz); + idx += pubSz; + +#ifdef CYASSL_SMALL_STACK + XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(curve, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return idx; +} + + +#endif /* HAVE_ECC */ + + /* Write a public RSA key to output */ -static int SetPublicKey(byte* output, RsaKey* key) +static int SetRsaPublicKey(byte* output, RsaKey* key) { +#ifdef CYASSL_SMALL_STACK + byte* n = NULL; + byte* e = NULL; + byte* algo = NULL; +#else byte n[MAX_RSA_INT_SZ]; byte e[MAX_RSA_E_SZ]; byte algo[MAX_ALGO_SZ]; +#endif byte seq[MAX_SEQ_SZ]; byte len[MAX_LENGTH_SZ + 1]; /* trailing 0 */ int nSz; @@ -3065,39 +4865,90 @@ static int SetPublicKey(byte* output, RsaKey* key) int lenSz; int idx; int rawLen; + int leadingBit; + int err; /* n */ - rawLen = mp_unsigned_bin_size(&key->n); +#ifdef CYASSL_SMALL_STACK + n = (byte*)XMALLOC(MAX_RSA_INT_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (n == NULL) + return MEMORY_E; +#endif + + leadingBit = mp_leading_bit(&key->n); + rawLen = mp_unsigned_bin_size(&key->n) + leadingBit; n[0] = ASN_INTEGER; nSz = SetLength(rawLen, n + 1) + 1; /* int tag */ - if ( (nSz + rawLen) < (int)sizeof(n)) { - int err = mp_to_unsigned_bin(&key->n, n + nSz); + if ( (nSz + rawLen) < MAX_RSA_INT_SZ) { + if (leadingBit) + n[nSz] = 0; + err = mp_to_unsigned_bin(&key->n, n + nSz + leadingBit); if (err == MP_OKAY) nSz += rawLen; - else + else { +#ifdef CYASSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return MP_TO_E; + } } - else + else { +#ifdef CYASSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return BUFFER_E; + } /* e */ - rawLen = mp_unsigned_bin_size(&key->e); +#ifdef CYASSL_SMALL_STACK + e = (byte*)XMALLOC(MAX_RSA_E_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (e == NULL) { +#ifdef CYASSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return MEMORY_E; + } +#endif + + leadingBit = mp_leading_bit(&key->e); + rawLen = mp_unsigned_bin_size(&key->e) + leadingBit; e[0] = ASN_INTEGER; eSz = SetLength(rawLen, e + 1) + 1; /* int tag */ - if ( (eSz + rawLen) < (int)sizeof(e)) { - int err = mp_to_unsigned_bin(&key->e, e + eSz); + if ( (eSz + rawLen) < MAX_RSA_E_SZ) { + if (leadingBit) + e[eSz] = 0; + err = mp_to_unsigned_bin(&key->e, e + eSz + leadingBit); if (err == MP_OKAY) eSz += rawLen; - else + else { +#ifdef CYASSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return MP_TO_E; + } } - else + else { +#ifdef CYASSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return BUFFER_E; + } + +#ifdef CYASSL_SMALL_STACK + algo = (byte*)XMALLOC(MAX_ALGO_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (algo == NULL) { + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif /* headers */ - algoSz = SetAlgoID(RSAk, algo, keyType); + algoSz = SetAlgoID(RSAk, algo, keyType, 0); seqSz = SetSequence(nSz + eSz, seq); lenSz = SetLength(seqSz + nSz + eSz + 1, len); len[lenSz++] = 0; /* trailing 0 */ @@ -3123,6 +4974,12 @@ static int SetPublicKey(byte* output, RsaKey* key) XMEMCPY(output + idx, e, eSz); idx += eSz; +#ifdef CYASSL_SMALL_STACK + XFREE(n, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(e, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(algo, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return idx; } @@ -3250,34 +5107,65 @@ typedef struct EncodedName { } EncodedName; -/* Get Which Name from index */ -static const char* GetOneName(CertName* name, int idx) +/* Get Which Name from index */ +static const char* GetOneName(CertName* name, int idx) +{ + switch (idx) { + case 0: + return name->country; + + case 1: + return name->state; + + case 2: + return name->locality; + + case 3: + return name->sur; + + case 4: + return name->org; + + case 5: + return name->unit; + + case 6: + return name->commonName; + + case 7: + return name->email; + + default: + return 0; + } +} + + +/* Get Which Name Encoding from index */ +static char GetNameType(CertName* name, int idx) { switch (idx) { case 0: - return name->country; - break; + return name->countryEnc; + case 1: - return name->state; - break; + return name->stateEnc; + case 2: - return name->locality; - break; + return name->localityEnc; + case 3: - return name->sur; - break; + return name->surEnc; + case 4: - return name->org; - break; + return name->orgEnc; + case 5: - return name->unit; - break; + return name->unitEnc; + case 6: - return name->commonName; - break; - case 7: - return name->email; - break; + return name->commonNameEnc; + default: return 0; } @@ -3290,29 +5178,29 @@ static byte GetNameId(int idx) switch (idx) { case 0: return ASN_COUNTRY_NAME; - break; + case 1: return ASN_STATE_NAME; - break; + case 2: return ASN_LOCALITY_NAME; - break; + case 3: return ASN_SUR_NAME; - break; + case 4: return ASN_ORG_NAME; - break; + case 5: return ASN_ORGUNIT_NAME; - break; + case 6: return ASN_COMMON_NAME; - break; + case 7: /* email uses different id type */ return 0; - break; + default: return 0; } @@ -3320,19 +5208,21 @@ static byte GetNameId(int idx) /* encode all extensions, return total bytes written */ -static int SetExtensions(byte* output, const byte* ext, int extSz) +static int SetExtensions(byte* output, const byte* ext, int extSz, int header) { byte sequence[MAX_SEQ_SZ]; byte len[MAX_LENGTH_SZ]; int sz = 0; int seqSz = SetSequence(extSz, sequence); - int lenSz = SetLength(seqSz + extSz, len); - output[0] = ASN_EXTENSIONS; /* extensions id */ - sz++; - XMEMCPY(&output[sz], len, lenSz); /* length */ - sz += lenSz; + if (header) { + int lenSz = SetLength(seqSz + extSz, len); + output[0] = ASN_EXTENSIONS; /* extensions id */ + sz++; + XMEMCPY(&output[sz], len, lenSz); /* length */ + sz += lenSz; + } XMEMCPY(&output[sz], sequence, seqSz); /* sequence */ sz += seqSz; XMEMCPY(&output[sz], ext, extSz); /* extensions */ @@ -3357,8 +5247,19 @@ static int SetCa(byte* output) /* encode CertName into output, return total bytes written */ static int SetName(byte* output, CertName* name) { - int totalBytes = 0, i, idx; - EncodedName names[NAME_ENTRIES]; + int totalBytes = 0, i, idx; +#ifdef CYASSL_SMALL_STACK + EncodedName* names = NULL; +#else + EncodedName names[NAME_ENTRIES]; +#endif + +#ifdef CYASSL_SMALL_STACK + names = (EncodedName*)XMALLOC(sizeof(EncodedName) * NAME_ENTRIES, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (names == NULL) + return MEMORY_E; +#endif for (i = 0; i < NAME_ENTRIES; i++) { const char* nameStr = GetOneName(name, i); @@ -3370,7 +5271,7 @@ static int SetName(byte* output, CertName* name) byte set[MAX_SET_SZ]; int email = i == (NAME_ENTRIES - 1) ? 1 : 0; - int strLen = XSTRLEN(nameStr); + int strLen = (int)XSTRLEN(nameStr); int thisLen = strLen; int firstSz, secondSz, seqSz, setSz; @@ -3400,8 +5301,12 @@ static int SetName(byte* output, CertName* name) setSz = SetSet(thisLen, set); thisLen += setSz; - if (thisLen > (int)sizeof(names[i].encoded)) + if (thisLen > (int)sizeof(names[i].encoded)) { +#ifdef CYASSL_SMALL_STACK + XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return BUFFER_E; + } /* store it */ idx = 0; @@ -3421,16 +5326,17 @@ static int SetName(byte* output, CertName* name) 0x01, 0x09, 0x01, 0x16 }; /* email joint id */ XMEMCPY(names[i].encoded + idx, EMAIL_OID, sizeof(EMAIL_OID)); - idx += sizeof(EMAIL_OID); + idx += (int)sizeof(EMAIL_OID); } else { /* joint id */ + byte bType = GetNameId(i); names[i].encoded[idx++] = 0x55; names[i].encoded[idx++] = 0x04; /* id type */ - names[i].encoded[idx++] = GetNameId(i); + names[i].encoded[idx++] = bType; /* str type */ - names[i].encoded[idx++] = 0x13; + names[i].encoded[idx++] = GetNameType(name, i); } /* second length */ XMEMCPY(names[i].encoded + idx, secondLen, secondSz); @@ -3450,8 +5356,12 @@ static int SetName(byte* output, CertName* name) /* header */ idx = SetSequence(totalBytes, output); totalBytes += idx; - if (totalBytes > ASN_NAME_MAX) + if (totalBytes > ASN_NAME_MAX) { +#ifdef CYASSL_SMALL_STACK + XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif return BUFFER_E; + } for (i = 0; i < NAME_ENTRIES; i++) { if (names[i].used) { @@ -3459,55 +5369,82 @@ static int SetName(byte* output, CertName* name) idx += names[i].totalLen; } } + +#ifdef CYASSL_SMALL_STACK + XFREE(names, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return totalBytes; } - -/* encode info from cert into DER enocder format */ -static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng, - const byte* ntruKey, word16 ntruSz) +/* encode info from cert into DER encoded format */ +static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, ecc_key* eccKey, + RNG* rng, const byte* ntruKey, word16 ntruSz) { + int ret; + + (void)eccKey; (void)ntruKey; (void)ntruSz; + + /* init */ + XMEMSET(der, 0, sizeof(DerCert)); + /* version */ der->versionSz = SetMyVersion(cert->version, der->version, TRUE); /* serial number */ - RNG_GenerateBlock(rng, cert->serial, CTC_SERIAL_SIZE); + ret = RNG_GenerateBlock(rng, cert->serial, CTC_SERIAL_SIZE); + if (ret != 0) + return ret; + cert->serial[0] = 0x01; /* ensure positive */ der->serialSz = SetSerial(cert->serial, der->serial); /* signature algo */ - der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, sigType); + der->sigAlgoSz = SetAlgoID(cert->sigType, der->sigAlgo, sigType, 0); if (der->sigAlgoSz == 0) return ALGO_ID_E; /* public key */ if (cert->keyType == RSA_KEY) { - der->publicKeySz = SetPublicKey(der->publicKey, rsaKey); - if (der->publicKeySz == 0) + if (rsaKey == NULL) + return PUBLIC_KEY_E; + der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey); + if (der->publicKeySz <= 0) return PUBLIC_KEY_E; } - else { + +#ifdef HAVE_ECC + if (cert->keyType == ECC_KEY) { + if (eccKey == NULL) + return PUBLIC_KEY_E; + der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey); + if (der->publicKeySz <= 0) + return PUBLIC_KEY_E; + } +#endif /* HAVE_ECC */ + #ifdef HAVE_NTRU + if (cert->keyType == NTRU_KEY) { word32 rc; word16 encodedSz; - rc = crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz, - ntruKey, &encodedSz, NULL); + rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz, + ntruKey, &encodedSz, NULL); if (rc != NTRU_OK) return PUBLIC_KEY_E; if (encodedSz > MAX_PUBLIC_KEY_SZ) return PUBLIC_KEY_E; - rc = crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz, - ntruKey, &encodedSz, der->publicKey); + rc = ntru_crypto_ntru_encrypt_publicKey2SubjectPublicKeyInfo( ntruSz, + ntruKey, &encodedSz, der->publicKey); if (rc != NTRU_OK) return PUBLIC_KEY_E; der->publicKeySz = encodedSz; -#endif } +#endif /* HAVE_NTRU */ der->validitySz = 0; #ifdef CYASSL_ALT_NAMES @@ -3548,7 +5485,8 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng, /* extensions, just CA now */ if (cert->isCA) { - der->extensionsSz = SetExtensions(der->extensions, der->ca, der->caSz); + der->extensionsSz = SetExtensions(der->extensions, + der->ca, der->caSz, TRUE); if (der->extensionsSz == 0) return EXTENSIONS_E; } @@ -3558,7 +5496,7 @@ static int EncodeCert(Cert* cert, DerCert* der, RsaKey* rsaKey, RNG* rng, #ifdef CYASSL_ALT_NAMES if (der->extensionsSz == 0 && cert->altNamesSz) { der->extensionsSz = SetExtensions(der->extensions, cert->altNames, - cert->altNamesSz); + cert->altNamesSz, TRUE); if (der->extensionsSz == 0) return EXTENSIONS_E; } @@ -3613,42 +5551,98 @@ static int WriteCertBody(DerCert* der, byte* buffer) /* Make RSA signature from buffer (sz), write to sig (sigSz) */ static int MakeSignature(const byte* buffer, int sz, byte* sig, int sigSz, - RsaKey* key, RNG* rng, int sigAlgoType) -{ - byte digest[SHA256_DIGEST_SIZE]; /* max size */ - byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ]; - int encSigSz, digestSz, typeH; - - if (sigAlgoType == CTC_MD5wRSA) { - Md5 md5; - InitMd5(&md5); - Md5Update(&md5, buffer, sz); - Md5Final(&md5, digest); - digestSz = MD5_DIGEST_SIZE; - typeH = MD5h; - } - else if (sigAlgoType == CTC_SHAwRSA) { - Sha sha; - InitSha(&sha); - ShaUpdate(&sha, buffer, sz); - ShaFinal(&sha, digest); - digestSz = SHA_DIGEST_SIZE; - typeH = SHAh; - } - else if (sigAlgoType == CTC_SHA256wRSA) { - Sha256 sha256; - InitSha256(&sha256); - Sha256Update(&sha256, buffer, sz); - Sha256Final(&sha256, digest); - digestSz = SHA256_DIGEST_SIZE; - typeH = SHA256h; + RsaKey* rsaKey, ecc_key* eccKey, RNG* rng, + int sigAlgoType) +{ + int encSigSz, digestSz, typeH = 0, ret = 0; + byte digest[SHA256_DIGEST_SIZE]; /* max size */ +#ifdef CYASSL_SMALL_STACK + byte* encSig; +#else + byte encSig[MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ]; +#endif + + (void)digest; + (void)digestSz; + (void)encSig; + (void)encSigSz; + (void)typeH; + + (void)buffer; + (void)sz; + (void)sig; + (void)sigSz; + (void)rsaKey; + (void)eccKey; + (void)rng; + + switch (sigAlgoType) { + #ifndef NO_MD5 + case CTC_MD5wRSA: + if ((ret = Md5Hash(buffer, sz, digest)) == 0) { + typeH = MD5h; + digestSz = MD5_DIGEST_SIZE; + } + break; + #endif + #ifndef NO_SHA + case CTC_SHAwRSA: + case CTC_SHAwECDSA: + if ((ret = ShaHash(buffer, sz, digest)) == 0) { + typeH = SHAh; + digestSz = SHA_DIGEST_SIZE; + } + break; + #endif + #ifndef NO_SHA256 + case CTC_SHA256wRSA: + case CTC_SHA256wECDSA: + if ((ret = Sha256Hash(buffer, sz, digest)) == 0) { + typeH = SHA256h; + digestSz = SHA256_DIGEST_SIZE; + } + break; + #endif + default: + CYASSL_MSG("MakeSignautre called with unsupported type"); + ret = ALGO_ID_E; } - else - return ALGO_ID_E; + + if (ret != 0) + return ret; + +#ifdef CYASSL_SMALL_STACK + encSig = (byte*)XMALLOC(MAX_ENCODED_DIG_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ, + NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (encSig == NULL) + return MEMORY_E; +#endif + + ret = ALGO_ID_E; + +#ifndef NO_RSA + if (rsaKey) { + /* signature */ + encSigSz = EncodeSignature(encSig, digest, digestSz, typeH); + ret = RsaSSL_Sign(encSig, encSigSz, sig, sigSz, rsaKey, rng); + } +#endif + +#ifdef HAVE_ECC + if (!rsaKey && eccKey) { + word32 outSz = sigSz; + ret = ecc_sign_hash(digest, digestSz, sig, &outSz, rng, eccKey); - /* signature */ - encSigSz = EncodeSignature(encSig, digest, digestSz, typeH); - return RsaSSL_Sign(encSig, encSigSz, sig, sigSz, key, rng); + if (ret == 0) + ret = outSz; + } +#endif + +#ifdef CYASSL_SMALL_STACK + XFREE(encSig, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; } @@ -3661,7 +5655,7 @@ static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz, int idx = bodySz, seqSz; /* algo */ - idx += SetAlgoID(sigAlgoType, buffer + idx, sigType); + idx += SetAlgoID(sigAlgoType, buffer + idx, sigType, 0); /* bit string */ buffer[idx++] = ASN_BIT_STRING; /* length */ @@ -3682,27 +5676,46 @@ static int AddSignature(byte* buffer, int bodySz, const byte* sig, int sigSz, /* Make an x509 Certificate v3 any key type from cert input, write to buffer */ static int MakeAnyCert(Cert* cert, byte* derBuffer, word32 derSz, - RsaKey* rsaKey, RNG* rng, const byte* ntruKey, word16 ntruSz) + RsaKey* rsaKey, ecc_key* eccKey, RNG* rng, + const byte* ntruKey, word16 ntruSz) { - DerCert der; - int ret; + int ret; +#ifdef CYASSL_SMALL_STACK + DerCert* der; +#else + DerCert der[1]; +#endif - cert->keyType = rsaKey ? RSA_KEY : NTRU_KEY; - ret = EncodeCert(cert, &der, rsaKey, rng, ntruKey, ntruSz); - if (ret != 0) - return ret; + cert->keyType = eccKey ? ECC_KEY : (rsaKey ? RSA_KEY : NTRU_KEY); - if (der.total + MAX_SEQ_SZ * 2 > (int)derSz) - return BUFFER_E; +#ifdef CYASSL_SMALL_STACK + der = (DerCert*)XMALLOC(sizeof(DerCert), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (der == NULL) + return MEMORY_E; +#endif + + ret = EncodeCert(cert, der, rsaKey, eccKey, rng, ntruKey, ntruSz); + + if (ret == 0) { + if (der->total + MAX_SEQ_SZ * 2 > (int)derSz) + ret = BUFFER_E; + else + ret = cert->bodySz = WriteCertBody(der, derBuffer); + } + +#ifdef CYASSL_SMALL_STACK + XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif - return cert->bodySz = WriteCertBody(&der, derBuffer); + return ret; } -/* Make an x509 Certificate v3 RSA from cert input, write to buffer */ -int MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,RNG* rng) +/* Make an x509 Certificate v3 RSA or ECC from cert input, write to buffer */ +int MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey, + ecc_key* eccKey, RNG* rng) { - return MakeAnyCert(cert, derBuffer, derSz, rsaKey, rng, NULL, 0); + return MakeAnyCert(cert, derBuffer, derSz, rsaKey, eccKey, rng, NULL, 0); } @@ -3711,41 +5724,264 @@ int MakeCert(Cert* cert, byte* derBuffer, word32 derSz, RsaKey* rsaKey,RNG* rng) int MakeNtruCert(Cert* cert, byte* derBuffer, word32 derSz, const byte* ntruKey, word16 keySz, RNG* rng) { - return MakeAnyCert(cert, derBuffer, derSz, NULL, rng, ntruKey, keySz); + return MakeAnyCert(cert, derBuffer, derSz, NULL, NULL, rng, ntruKey, keySz); } #endif /* HAVE_NTRU */ -int SignCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng) +#ifdef CYASSL_CERT_REQ + +static int SetReqAttrib(byte* output, char* pw, int extSz) +{ + static const byte cpOid[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x09, 0x07 }; + static const byte erOid[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x09, 0x0e }; + + int sz = 0; /* overall size */ + int cpSz = 0; /* Challenge Password section size */ + int cpSeqSz = 0; + int cpSetSz = 0; + int cpStrSz = 0; + int pwSz = 0; + int erSz = 0; /* Extension Request section size */ + int erSeqSz = 0; + int erSetSz = 0; + byte cpSeq[MAX_SEQ_SZ]; + byte cpSet[MAX_SET_SZ]; + byte cpStr[MAX_PRSTR_SZ]; + byte erSeq[MAX_SEQ_SZ]; + byte erSet[MAX_SET_SZ]; + + output[0] = 0xa0; + sz++; + + if (pw && pw[0]) { + pwSz = (int)XSTRLEN(pw); + cpStrSz = SetUTF8String(pwSz, cpStr); + cpSetSz = SetSet(cpStrSz + pwSz, cpSet); + cpSeqSz = SetSequence(sizeof(cpOid) + cpSetSz + cpStrSz + pwSz, cpSeq); + cpSz = cpSeqSz + sizeof(cpOid) + cpSetSz + cpStrSz + pwSz; + } + + if (extSz) { + erSetSz = SetSet(extSz, erSet); + erSeqSz = SetSequence(erSetSz + sizeof(erOid) + extSz, erSeq); + erSz = extSz + erSetSz + erSeqSz + sizeof(erOid); + } + + /* Put the pieces together. */ + sz += SetLength(cpSz + erSz, &output[sz]); + + if (cpSz) { + XMEMCPY(&output[sz], cpSeq, cpSeqSz); + sz += cpSeqSz; + XMEMCPY(&output[sz], cpOid, sizeof(cpOid)); + sz += sizeof(cpOid); + XMEMCPY(&output[sz], cpSet, cpSetSz); + sz += cpSetSz; + XMEMCPY(&output[sz], cpStr, cpStrSz); + sz += cpStrSz; + XMEMCPY(&output[sz], pw, pwSz); + sz += pwSz; + } + + if (erSz) { + XMEMCPY(&output[sz], erSeq, erSeqSz); + sz += erSeqSz; + XMEMCPY(&output[sz], erOid, sizeof(erOid)); + sz += sizeof(erOid); + XMEMCPY(&output[sz], erSet, erSetSz); + sz += erSetSz; + /* The actual extension data will be tacked onto the output later. */ + } + + return sz; +} + + +/* encode info from cert into DER encoded format */ +static int EncodeCertReq(Cert* cert, DerCert* der, + RsaKey* rsaKey, ecc_key* eccKey) +{ + (void)eccKey; + + /* init */ + XMEMSET(der, 0, sizeof(DerCert)); + + /* version */ + der->versionSz = SetMyVersion(cert->version, der->version, FALSE); + + /* subject name */ + der->subjectSz = SetName(der->subject, &cert->subject); + if (der->subjectSz == 0) + return SUBJECT_E; + + /* public key */ + if (cert->keyType == RSA_KEY) { + if (rsaKey == NULL) + return PUBLIC_KEY_E; + der->publicKeySz = SetRsaPublicKey(der->publicKey, rsaKey); + if (der->publicKeySz <= 0) + return PUBLIC_KEY_E; + } + +#ifdef HAVE_ECC + if (cert->keyType == ECC_KEY) { + if (eccKey == NULL) + return PUBLIC_KEY_E; + der->publicKeySz = SetEccPublicKey(der->publicKey, eccKey); + if (der->publicKeySz <= 0) + return PUBLIC_KEY_E; + } +#endif /* HAVE_ECC */ + + /* CA */ + if (cert->isCA) { + der->caSz = SetCa(der->ca); + if (der->caSz == 0) + return CA_TRUE_E; + } + else + der->caSz = 0; + + /* extensions, just CA now */ + if (cert->isCA) { + der->extensionsSz = SetExtensions(der->extensions, + der->ca, der->caSz, FALSE); + if (der->extensionsSz == 0) + return EXTENSIONS_E; + } + else + der->extensionsSz = 0; + + der->attribSz = SetReqAttrib(der->attrib, + cert->challengePw, der->extensionsSz); + if (der->attribSz == 0) + return REQ_ATTRIBUTE_E; + + der->total = der->versionSz + der->subjectSz + der->publicKeySz + + der->extensionsSz + der->attribSz; + + return 0; +} + + +/* write DER encoded cert req to buffer, size already checked */ +static int WriteCertReqBody(DerCert* der, byte* buffer) +{ + int idx; + + /* signed part header */ + idx = SetSequence(der->total, buffer); + /* version */ + XMEMCPY(buffer + idx, der->version, der->versionSz); + idx += der->versionSz; + /* subject */ + XMEMCPY(buffer + idx, der->subject, der->subjectSz); + idx += der->subjectSz; + /* public key */ + XMEMCPY(buffer + idx, der->publicKey, der->publicKeySz); + idx += der->publicKeySz; + /* attributes */ + XMEMCPY(buffer + idx, der->attrib, der->attribSz); + idx += der->attribSz; + /* extensions */ + if (der->extensionsSz) { + XMEMCPY(buffer + idx, der->extensions, min(der->extensionsSz, + sizeof(der->extensions))); + idx += der->extensionsSz; + } + + return idx; +} + + +int MakeCertReq(Cert* cert, byte* derBuffer, word32 derSz, + RsaKey* rsaKey, ecc_key* eccKey) +{ + int ret; +#ifdef CYASSL_SMALL_STACK + DerCert* der; +#else + DerCert der[1]; +#endif + + cert->keyType = eccKey ? ECC_KEY : RSA_KEY; + +#ifdef CYASSL_SMALL_STACK + der = (DerCert*)XMALLOC(sizeof(DerCert), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (der == NULL) + return MEMORY_E; +#endif + + ret = EncodeCertReq(cert, der, rsaKey, eccKey); + + if (ret == 0) { + if (der->total + MAX_SEQ_SZ * 2 > (int)derSz) + ret = BUFFER_E; + else + ret = cert->bodySz = WriteCertReqBody(der, derBuffer); + } + +#ifdef CYASSL_SMALL_STACK + XFREE(der, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; +} + +#endif /* CYASSL_CERT_REQ */ + + +int SignCert(int requestSz, int sType, byte* buffer, word32 buffSz, + RsaKey* rsaKey, ecc_key* eccKey, RNG* rng) { - byte sig[MAX_ENCODED_SIG_SZ]; - int sigSz; - int bodySz = cert->bodySz; + int sigSz; +#ifdef CYASSL_SMALL_STACK + byte* sig; +#else + byte sig[MAX_ENCODED_SIG_SZ]; +#endif - if (bodySz < 0) - return bodySz; + if (requestSz < 0) + return requestSz; + +#ifdef CYASSL_SMALL_STACK + sig = (byte*)XMALLOC(MAX_ENCODED_SIG_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (sig == NULL) + return MEMORY_E; +#endif - sigSz = MakeSignature(buffer, bodySz, sig, sizeof(sig), key, rng, - cert->sigType); - if (sigSz < 0) - return sigSz; + sigSz = MakeSignature(buffer, requestSz, sig, MAX_ENCODED_SIG_SZ, rsaKey, + eccKey, rng, sType); - if (bodySz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz) - return BUFFER_E; + if (sigSz >= 0) { + if (requestSz + MAX_SEQ_SZ * 2 + sigSz > (int)buffSz) + sigSz = BUFFER_E; + else + sigSz = AddSignature(buffer, requestSz, sig, sigSz, sType); + } + +#ifdef CYASSL_SMALL_STACK + XFREE(sig, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif - return AddSignature(buffer, bodySz, sig, sigSz, cert->sigType); + return sigSz; } int MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng) { - int ret = MakeCert(cert, buffer, buffSz, key, rng); + int ret = MakeCert(cert, buffer, buffSz, key, NULL, rng); if (ret < 0) return ret; - return SignCert(cert, buffer, buffSz, key, rng); + return SignCert(cert->bodySz, cert->sigType, buffer, buffSz, key, NULL,rng); } @@ -3754,201 +5990,246 @@ int MakeSelfCert(Cert* cert, byte* buffer, word32 buffSz, RsaKey* key, RNG* rng) /* Set Alt Names from der cert, return 0 on success */ static int SetAltNamesFromCert(Cert* cert, const byte* der, int derSz) { - DecodedCert decoded; - int ret; + int ret; +#ifdef CYASSL_SMALL_STACK + DecodedCert* decoded; +#else + DecodedCert decoded[1]; +#endif if (derSz < 0) return derSz; - InitDecodedCert(&decoded, (byte*)der, derSz, 0); - ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0); +#ifdef CYASSL_SMALL_STACK + decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (decoded == NULL) + return MEMORY_E; +#endif + + InitDecodedCert(decoded, (byte*)der, derSz, 0); + ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0); if (ret < 0) { - FreeDecodedCert(&decoded); - return ret; + CYASSL_MSG("ParseCertRelative error"); } - - if (decoded.extensions) { + else if (decoded->extensions) { byte b; int length; word32 maxExtensionsIdx; - decoded.srcIdx = decoded.extensionsIdx; - b = decoded.source[decoded.srcIdx++]; + decoded->srcIdx = decoded->extensionsIdx; + b = decoded->source[decoded->srcIdx++]; + if (b != ASN_EXTENSIONS) { - FreeDecodedCert(&decoded); - return ASN_PARSE_E; - } - - if (GetLength(decoded.source, &decoded.srcIdx, &length, - decoded.maxIdx) < 0) { - FreeDecodedCert(&decoded); - return ASN_PARSE_E; + ret = ASN_PARSE_E; } - - if (GetSequence(decoded.source, &decoded.srcIdx, &length, - decoded.maxIdx) < 0) { - FreeDecodedCert(&decoded); - return ASN_PARSE_E; + else if (GetLength(decoded->source, &decoded->srcIdx, &length, + decoded->maxIdx) < 0) { + ret = ASN_PARSE_E; } + else if (GetSequence(decoded->source, &decoded->srcIdx, &length, + decoded->maxIdx) < 0) { + ret = ASN_PARSE_E; + } + else { + maxExtensionsIdx = decoded->srcIdx + length; - maxExtensionsIdx = decoded.srcIdx + length; - - while (decoded.srcIdx < maxExtensionsIdx) { - word32 oid; - word32 startIdx = decoded.srcIdx; - word32 tmpIdx; - - if (GetSequence(decoded.source, &decoded.srcIdx, &length, - decoded.maxIdx) < 0) { - FreeDecodedCert(&decoded); - return ASN_PARSE_E; - } + while (decoded->srcIdx < maxExtensionsIdx) { + word32 oid; + word32 startIdx = decoded->srcIdx; + word32 tmpIdx; - tmpIdx = decoded.srcIdx; - decoded.srcIdx = startIdx; + if (GetSequence(decoded->source, &decoded->srcIdx, &length, + decoded->maxIdx) < 0) { + ret = ASN_PARSE_E; + break; + } - if (GetAlgoId(decoded.source, &decoded.srcIdx, &oid, - decoded.maxIdx) < 0) { - FreeDecodedCert(&decoded); - return ASN_PARSE_E; - } + tmpIdx = decoded->srcIdx; + decoded->srcIdx = startIdx; - if (oid == ALT_NAMES_OID) { - cert->altNamesSz = length + (tmpIdx - startIdx); + if (GetAlgoId(decoded->source, &decoded->srcIdx, &oid, + decoded->maxIdx) < 0) { + ret = ASN_PARSE_E; + break; + } - if (cert->altNamesSz < (int)sizeof(cert->altNames)) - XMEMCPY(cert->altNames, &decoded.source[startIdx], - cert->altNamesSz); - else { - cert->altNamesSz = 0; - CYASSL_MSG("AltNames extensions too big"); - FreeDecodedCert(&decoded); - return ALT_NAME_E; + if (oid == ALT_NAMES_OID) { + cert->altNamesSz = length + (tmpIdx - startIdx); + + if (cert->altNamesSz < (int)sizeof(cert->altNames)) + XMEMCPY(cert->altNames, &decoded->source[startIdx], + cert->altNamesSz); + else { + cert->altNamesSz = 0; + CYASSL_MSG("AltNames extensions too big"); + ret = ALT_NAME_E; + break; + } } + decoded->srcIdx = tmpIdx + length; } - decoded.srcIdx = tmpIdx + length; } } - FreeDecodedCert(&decoded); - return 0; + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret < 0 ? ret : 0; } /* Set Dates from der cert, return 0 on success */ static int SetDatesFromCert(Cert* cert, const byte* der, int derSz) { - DecodedCert decoded; - int ret; + int ret; +#ifdef CYASSL_SMALL_STACK + DecodedCert* decoded; +#else + DecodedCert decoded[1]; +#endif CYASSL_ENTER("SetDatesFromCert"); if (derSz < 0) return derSz; + +#ifdef CYASSL_SMALL_STACK + decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (decoded == NULL) + return MEMORY_E; +#endif - InitDecodedCert(&decoded, (byte*)der, derSz, 0); - ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0); + InitDecodedCert(decoded, (byte*)der, derSz, 0); + ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0); if (ret < 0) { CYASSL_MSG("ParseCertRelative error"); - FreeDecodedCert(&decoded); - return ret; } - - if (decoded.beforeDate == NULL || decoded.afterDate == NULL) { + else if (decoded->beforeDate == NULL || decoded->afterDate == NULL) { CYASSL_MSG("Couldn't extract dates"); - FreeDecodedCert(&decoded); - return -1; + ret = -1; } - - if (decoded.beforeDateLen > MAX_DATE_SIZE || decoded.afterDateLen > - MAX_DATE_SIZE) { + else if (decoded->beforeDateLen > MAX_DATE_SIZE || + decoded->afterDateLen > MAX_DATE_SIZE) { CYASSL_MSG("Bad date size"); - FreeDecodedCert(&decoded); - return -1; + ret = -1; } + else { + XMEMCPY(cert->beforeDate, decoded->beforeDate, decoded->beforeDateLen); + XMEMCPY(cert->afterDate, decoded->afterDate, decoded->afterDateLen); - XMEMCPY(cert->beforeDate, decoded.beforeDate, decoded.beforeDateLen); - XMEMCPY(cert->afterDate, decoded.afterDate, decoded.afterDateLen); + cert->beforeDateSz = decoded->beforeDateLen; + cert->afterDateSz = decoded->afterDateLen; + } - cert->beforeDateSz = decoded.beforeDateLen; - cert->afterDateSz = decoded.afterDateLen; + FreeDecodedCert(decoded); - return 0; +#ifdef CYASSL_SMALL_STACK + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret < 0 ? ret : 0; } -#endif /* CYASSL_ALT_NAMES */ +#endif /* CYASSL_ALT_NAMES && !NO_RSA */ /* Set cn name from der buffer, return 0 on success */ static int SetNameFromCert(CertName* cn, const byte* der, int derSz) { - DecodedCert decoded; - int ret; - int sz; + int ret, sz; +#ifdef CYASSL_SMALL_STACK + DecodedCert* decoded; +#else + DecodedCert decoded[1]; +#endif if (derSz < 0) return derSz; - InitDecodedCert(&decoded, (byte*)der, derSz, 0); - ret = ParseCertRelative(&decoded, CA_TYPE, NO_VERIFY, 0); +#ifdef CYASSL_SMALL_STACK + decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (decoded == NULL) + return MEMORY_E; +#endif - if (ret < 0) - return ret; + InitDecodedCert(decoded, (byte*)der, derSz, 0); + ret = ParseCertRelative(decoded, CA_TYPE, NO_VERIFY, 0); + + if (ret < 0) { + CYASSL_MSG("ParseCertRelative error"); + } + else { + if (decoded->subjectCN) { + sz = (decoded->subjectCNLen < CTC_NAME_SIZE) ? decoded->subjectCNLen + : CTC_NAME_SIZE - 1; + strncpy(cn->commonName, decoded->subjectCN, CTC_NAME_SIZE); + cn->commonName[sz] = 0; + cn->commonNameEnc = decoded->subjectCNEnc; + } + if (decoded->subjectC) { + sz = (decoded->subjectCLen < CTC_NAME_SIZE) ? decoded->subjectCLen + : CTC_NAME_SIZE - 1; + strncpy(cn->country, decoded->subjectC, CTC_NAME_SIZE); + cn->country[sz] = 0; + cn->countryEnc = decoded->subjectCEnc; + } + if (decoded->subjectST) { + sz = (decoded->subjectSTLen < CTC_NAME_SIZE) ? decoded->subjectSTLen + : CTC_NAME_SIZE - 1; + strncpy(cn->state, decoded->subjectST, CTC_NAME_SIZE); + cn->state[sz] = 0; + cn->stateEnc = decoded->subjectSTEnc; + } + if (decoded->subjectL) { + sz = (decoded->subjectLLen < CTC_NAME_SIZE) ? decoded->subjectLLen + : CTC_NAME_SIZE - 1; + strncpy(cn->locality, decoded->subjectL, CTC_NAME_SIZE); + cn->locality[sz] = 0; + cn->localityEnc = decoded->subjectLEnc; + } + if (decoded->subjectO) { + sz = (decoded->subjectOLen < CTC_NAME_SIZE) ? decoded->subjectOLen + : CTC_NAME_SIZE - 1; + strncpy(cn->org, decoded->subjectO, CTC_NAME_SIZE); + cn->org[sz] = 0; + cn->orgEnc = decoded->subjectOEnc; + } + if (decoded->subjectOU) { + sz = (decoded->subjectOULen < CTC_NAME_SIZE) ? decoded->subjectOULen + : CTC_NAME_SIZE - 1; + strncpy(cn->unit, decoded->subjectOU, CTC_NAME_SIZE); + cn->unit[sz] = 0; + cn->unitEnc = decoded->subjectOUEnc; + } + if (decoded->subjectSN) { + sz = (decoded->subjectSNLen < CTC_NAME_SIZE) ? decoded->subjectSNLen + : CTC_NAME_SIZE - 1; + strncpy(cn->sur, decoded->subjectSN, CTC_NAME_SIZE); + cn->sur[sz] = 0; + cn->surEnc = decoded->subjectSNEnc; + } + if (decoded->subjectEmail) { + sz = (decoded->subjectEmailLen < CTC_NAME_SIZE) + ? decoded->subjectEmailLen : CTC_NAME_SIZE - 1; + strncpy(cn->email, decoded->subjectEmail, CTC_NAME_SIZE); + cn->email[sz] = 0; + } + } - if (decoded.subjectCN) { - sz = (decoded.subjectCNLen < CTC_NAME_SIZE) ? decoded.subjectCNLen : - CTC_NAME_SIZE - 1; - strncpy(cn->commonName, decoded.subjectCN, CTC_NAME_SIZE); - cn->commonName[sz] = 0; - } - if (decoded.subjectC) { - sz = (decoded.subjectCLen < CTC_NAME_SIZE) ? decoded.subjectCLen : - CTC_NAME_SIZE - 1; - strncpy(cn->country, decoded.subjectC, CTC_NAME_SIZE); - cn->country[sz] = 0; - } - if (decoded.subjectST) { - sz = (decoded.subjectSTLen < CTC_NAME_SIZE) ? decoded.subjectSTLen : - CTC_NAME_SIZE - 1; - strncpy(cn->state, decoded.subjectST, CTC_NAME_SIZE); - cn->state[sz] = 0; - } - if (decoded.subjectL) { - sz = (decoded.subjectLLen < CTC_NAME_SIZE) ? decoded.subjectLLen : - CTC_NAME_SIZE - 1; - strncpy(cn->locality, decoded.subjectL, CTC_NAME_SIZE); - cn->locality[sz] = 0; - } - if (decoded.subjectO) { - sz = (decoded.subjectOLen < CTC_NAME_SIZE) ? decoded.subjectOLen : - CTC_NAME_SIZE - 1; - strncpy(cn->org, decoded.subjectO, CTC_NAME_SIZE); - cn->org[sz] = 0; - } - if (decoded.subjectOU) { - sz = (decoded.subjectOULen < CTC_NAME_SIZE) ? decoded.subjectOULen : - CTC_NAME_SIZE - 1; - strncpy(cn->unit, decoded.subjectOU, CTC_NAME_SIZE); - cn->unit[sz] = 0; - } - if (decoded.subjectSN) { - sz = (decoded.subjectSNLen < CTC_NAME_SIZE) ? decoded.subjectSNLen : - CTC_NAME_SIZE - 1; - strncpy(cn->sur, decoded.subjectSN, CTC_NAME_SIZE); - cn->sur[sz] = 0; - } - if (decoded.subjectEmail) { - sz = (decoded.subjectEmailLen < CTC_NAME_SIZE) ? - decoded.subjectEmailLen : CTC_NAME_SIZE - 1; - strncpy(cn->email, decoded.subjectEmail, CTC_NAME_SIZE); - cn->email[sz] = 0; - } - - FreeDecodedCert(&decoded); + FreeDecodedCert(decoded); - return 0; +#ifdef CYASSL_SMALL_STACK + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret < 0 ? ret : 0; } @@ -3960,21 +6241,39 @@ int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz); /* Set cert issuer from issuerFile in PEM */ int SetIssuer(Cert* cert, const char* issuerFile) { - byte der[8192]; - int derSz = CyaSSL_PemCertToDer(issuerFile, der, sizeof(der)); + int ret; + int derSz; + byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT); + if (der == NULL) { + CYASSL_MSG("SetIssuer OOF Problem"); + return MEMORY_E; + } + derSz = CyaSSL_PemCertToDer(issuerFile, der, EIGHTK_BUF); cert->selfSigned = 0; - return SetNameFromCert(&cert->issuer, der, derSz); + ret = SetNameFromCert(&cert->issuer, der, derSz); + XFREE(der, NULL, DYNAMIC_TYPE_CERT); + + return ret; } /* Set cert subject from subjectFile in PEM */ int SetSubject(Cert* cert, const char* subjectFile) { - byte der[8192]; - int derSz = CyaSSL_PemCertToDer(subjectFile, der, sizeof(der)); + int ret; + int derSz; + byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT); - return SetNameFromCert(&cert->subject, der, derSz); + if (der == NULL) { + CYASSL_MSG("SetSubject OOF Problem"); + return MEMORY_E; + } + derSz = CyaSSL_PemCertToDer(subjectFile, der, EIGHTK_BUF); + ret = SetNameFromCert(&cert->subject, der, derSz); + XFREE(der, NULL, DYNAMIC_TYPE_CERT); + + return ret; } @@ -3983,10 +6282,19 @@ int SetSubject(Cert* cert, const char* subjectFile) /* Set atl names from file in PEM */ int SetAltNames(Cert* cert, const char* file) { - byte der[8192]; - int derSz = CyaSSL_PemCertToDer(file, der, sizeof(der)); + int ret; + int derSz; + byte* der = (byte*)XMALLOC(EIGHTK_BUF, NULL, DYNAMIC_TYPE_CERT); - return SetAltNamesFromCert(cert, der, derSz); + if (der == NULL) { + CYASSL_MSG("SetAltNames OOF Problem"); + return MEMORY_E; + } + derSz = CyaSSL_PemCertToDer(file, der, EIGHTK_BUF); + ret = SetAltNamesFromCert(cert, der, derSz); + XFREE(der, NULL, DYNAMIC_TYPE_CERT); + + return ret; } #endif /* CYASSL_ALT_NAMES */ @@ -4037,27 +6345,35 @@ int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s) word32 sSz; word32 headerSz = 4; /* 2*ASN_TAG + 2*LEN(ENUM) */ + /* If the leading bit on the INTEGER is a 1, add a leading zero */ + int rLeadingZero = mp_leading_bit(r); + int sLeadingZero = mp_leading_bit(s); int rLen = mp_unsigned_bin_size(r); /* big int size */ int sLen = mp_unsigned_bin_size(s); int err; - if (*outLen < (rLen + sLen + headerSz + 2)) /* SEQ_TAG + LEN(ENUM) */ + if (*outLen < (rLen + rLeadingZero + sLen + sLeadingZero + + headerSz + 2)) /* SEQ_TAG + LEN(ENUM) */ return BAD_FUNC_ARG; - idx = SetSequence(rLen + sLen + headerSz, out); + idx = SetSequence(rLen+rLeadingZero+sLen+sLeadingZero+headerSz, out); /* store r */ out[idx++] = ASN_INTEGER; - rSz = SetLength(rLen, &out[idx]); + rSz = SetLength(rLen + rLeadingZero, &out[idx]); idx += rSz; + if (rLeadingZero) + out[idx++] = 0; err = mp_to_unsigned_bin(r, &out[idx]); if (err != MP_OKAY) return err; idx += rLen; /* store s */ out[idx++] = ASN_INTEGER; - sSz = SetLength(sLen, &out[idx]); + sSz = SetLength(sLen + sLeadingZero, &out[idx]); idx += sSz; + if (sLeadingZero) + out[idx++] = 0; err = mp_to_unsigned_bin(s, &out[idx]); if (err != MP_OKAY) return err; idx += sLen; @@ -4097,8 +6413,17 @@ int EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, int version, length; int privSz, pubSz; byte b; - byte priv[ECC_MAXSIZE]; - byte pub[ECC_MAXSIZE * 2 + 1]; /* public key has two parts plus header */ + int ret = 0; +#ifdef CYASSL_SMALL_STACK + byte* priv; + byte* pub; +#else + byte priv[ECC_MAXSIZE]; + byte pub[ECC_MAXSIZE * 2 + 1]; /* public key has two parts plus header */ +#endif + + if (input == NULL || inOutIdx == NULL || key == NULL || inSz == 0) + return BAD_FUNC_ARG; if (GetSequence(input, inOutIdx, &length, inSz) < 0) return ASN_PARSE_E; @@ -4116,6 +6441,18 @@ int EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, if (GetLength(input, inOutIdx, &length, inSz) < 0) return ASN_PARSE_E; +#ifdef CYASSL_SMALL_STACK + priv = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (priv == NULL) + return MEMORY_E; + + pub = (byte*)XMALLOC(ECC_MAXSIZE * 2 + 1, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (pub == NULL) { + XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + /* priv key */ privSz = length; XMEMCPY(priv, &input[*inOutIdx], privSz); @@ -4127,54 +6464,77 @@ int EccPrivateKeyDecode(const byte* input, word32* inOutIdx, ecc_key* key, *inOutIdx += 1; if (GetLength(input, inOutIdx, &length, inSz) < 0) - return ASN_PARSE_E; + ret = ASN_PARSE_E; + else { + /* object id */ + b = input[*inOutIdx]; + *inOutIdx += 1; + + if (b != ASN_OBJECT_ID) { + ret = ASN_OBJECT_ID_E; + } + else if (GetLength(input, inOutIdx, &length, inSz) < 0) { + ret = ASN_PARSE_E; + } + else { + while(length--) { + oid += input[*inOutIdx]; + *inOutIdx += 1; + } + if (CheckCurve(oid) < 0) + ret = ECC_CURVE_OID_E; + } + } + } - /* object id */ + if (ret == 0) { + /* prefix 1 */ b = input[*inOutIdx]; *inOutIdx += 1; - - if (b != ASN_OBJECT_ID) - return ASN_OBJECT_ID_E; - if (GetLength(input, inOutIdx, &length, inSz) < 0) - return ASN_PARSE_E; - - while(length--) { - oid += input[*inOutIdx]; - *inOutIdx += 1; + if (b != ECC_PREFIX_1) { + ret = ASN_ECC_KEY_E; } - if (CheckCurve(oid) < 0) - return ECC_CURVE_OID_E; - } - - /* prefix 1 */ - b = input[*inOutIdx]; - *inOutIdx += 1; - if (b != ECC_PREFIX_1) - return ASN_ECC_KEY_E; + else if (GetLength(input, inOutIdx, &length, inSz) < 0) { + ret = ASN_PARSE_E; + } + else { + /* key header */ + b = input[*inOutIdx]; + *inOutIdx += 1; + + if (b != ASN_BIT_STRING) { + ret = ASN_BITSTR_E; + } + else if (GetLength(input, inOutIdx, &length, inSz) < 0) { + ret = ASN_PARSE_E; + } + else { + b = input[*inOutIdx]; + *inOutIdx += 1; - if (GetLength(input, inOutIdx, &length, inSz) < 0) - return ASN_PARSE_E; + if (b != 0x00) { + ret = ASN_EXPECT_0_E; + } + else { + /* pub key */ + pubSz = length - 1; /* null prefix */ + XMEMCPY(pub, &input[*inOutIdx], pubSz); - /* key header */ - b = input[*inOutIdx]; - *inOutIdx += 1; - if (b != ASN_BIT_STRING) - return ASN_BITSTR_E; + *inOutIdx += length; - if (GetLength(input, inOutIdx, &length, inSz) < 0) - return ASN_PARSE_E; - b = input[*inOutIdx]; - *inOutIdx += 1; - if (b != 0x00) - return ASN_EXPECT_0_E; + ret = ecc_import_private_key(priv, privSz, pub, pubSz, key); + } + } + } + } - pubSz = length - 1; /* null prefix */ - XMEMCPY(pub, &input[*inOutIdx], pubSz); +#ifdef CYASSL_SMALL_STACK + XFREE(priv, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(pub, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif - *inOutIdx += length; - - return ecc_import_private_key(priv, privSz, pub, pubSz, key); + return ret; } #endif /* HAVE_ECC */ @@ -4241,118 +6601,119 @@ static int GetEnumerated(const byte* input, word32* inOutIdx, int *value) static int DecodeSingleResponse(byte* source, word32* ioIndex, OcspResponse* resp, word32 size) { - word32 index = *ioIndex, prevIndex, oid; + word32 idx = *ioIndex, prevIndex, oid; int length, wrapperSz; CertStatus* cs = resp->status; CYASSL_ENTER("DecodeSingleResponse"); /* Outer wrapper of the SEQUENCE OF Single Responses. */ - if (GetSequence(source, &index, &wrapperSz, size) < 0) + if (GetSequence(source, &idx, &wrapperSz, size) < 0) return ASN_PARSE_E; - prevIndex = index; + prevIndex = idx; /* When making a request, we only request one status on one certificate * at a time. There should only be one SingleResponse */ /* Wrapper around the Single Response */ - if (GetSequence(source, &index, &length, size) < 0) + if (GetSequence(source, &idx, &length, size) < 0) return ASN_PARSE_E; /* Wrapper around the CertID */ - if (GetSequence(source, &index, &length, size) < 0) + if (GetSequence(source, &idx, &length, size) < 0) return ASN_PARSE_E; /* Skip the hash algorithm */ - if (GetAlgoId(source, &index, &oid, size) < 0) + if (GetAlgoId(source, &idx, &oid, size) < 0) return ASN_PARSE_E; /* Save reference to the hash of CN */ - if (source[index++] != ASN_OCTET_STRING) + if (source[idx++] != ASN_OCTET_STRING) return ASN_PARSE_E; - if (GetLength(source, &index, &length, size) < 0) + if (GetLength(source, &idx, &length, size) < 0) return ASN_PARSE_E; - resp->issuerHash = source + index; - index += length; + resp->issuerHash = source + idx; + idx += length; /* Save reference to the hash of the issuer public key */ - if (source[index++] != ASN_OCTET_STRING) + if (source[idx++] != ASN_OCTET_STRING) return ASN_PARSE_E; - if (GetLength(source, &index, &length, size) < 0) + if (GetLength(source, &idx, &length, size) < 0) return ASN_PARSE_E; - resp->issuerKeyHash = source + index; - index += length; + resp->issuerKeyHash = source + idx; + idx += length; /* Read the serial number, it is handled as a string, not as a * proper number. Just XMEMCPY the data over, rather than load it * as an mp_int. */ - if (source[index++] != ASN_INTEGER) + if (source[idx++] != ASN_INTEGER) return ASN_PARSE_E; - if (GetLength(source, &index, &length, size) < 0) + if (GetLength(source, &idx, &length, size) < 0) return ASN_PARSE_E; if (length <= EXTERNAL_SERIAL_SIZE) { - if (source[index] == 0) + if (source[idx] == 0) { - index++; + idx++; length--; } - XMEMCPY(cs->serial, source + index, length); + XMEMCPY(cs->serial, source + idx, length); cs->serialSz = length; } else { return ASN_GETINT_E; } - index += length; + idx += length; /* CertStatus */ - switch (source[index++]) + switch (source[idx++]) { case (ASN_CONTEXT_SPECIFIC | CERT_GOOD): cs->status = CERT_GOOD; - index++; + idx++; break; case (ASN_CONTEXT_SPECIFIC | ASN_CONSTRUCTED | CERT_REVOKED): cs->status = CERT_REVOKED; - GetLength(source, &index, &length, size); - index += length; + if (GetLength(source, &idx, &length, size) < 0) + return ASN_PARSE_E; + idx += length; break; case (ASN_CONTEXT_SPECIFIC | CERT_UNKNOWN): cs->status = CERT_UNKNOWN; - index++; + idx++; break; default: return ASN_PARSE_E; } - if (GetBasicDate(source, &index, cs->thisDate, + if (GetBasicDate(source, &idx, cs->thisDate, &cs->thisDateFormat, size) < 0) return ASN_PARSE_E; - if (!ValidateDate(cs->thisDate, cs->thisDateFormat, BEFORE)) + if (!XVALIDATE_DATE(cs->thisDate, cs->thisDateFormat, BEFORE)) return ASN_BEFORE_DATE_E; /* The following items are optional. Only check for them if there is more * unprocessed data in the singleResponse wrapper. */ - if ((index - prevIndex < wrapperSz) && - (source[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))) + if (((int)(idx - prevIndex) < wrapperSz) && + (source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0))) { - index++; - if (GetLength(source, &index, &length, size) < 0) + idx++; + if (GetLength(source, &idx, &length, size) < 0) return ASN_PARSE_E; - if (GetBasicDate(source, &index, cs->nextDate, + if (GetBasicDate(source, &idx, cs->nextDate, &cs->nextDateFormat, size) < 0) return ASN_PARSE_E; } - if ((index - prevIndex < wrapperSz) && - (source[index] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))) + if (((int)(idx - prevIndex) < wrapperSz) && + (source[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1))) { - index++; - if (GetLength(source, &index, &length, size) < 0) + idx++; + if (GetLength(source, &idx, &length, size) < 0) return ASN_PARSE_E; - index += length; + idx += length; } - *ioIndex = index; + *ioIndex = idx; return 0; } @@ -4461,9 +6822,6 @@ static int DecodeResponseData(byte* source, if (GetBasicDate(source, &idx, resp->producedDate, &resp->producedDateFormat, size) < 0) return ASN_PARSE_E; - if (!ValidateDate(resp->producedDate, resp->producedDateFormat, BEFORE)) - return ASN_BEFORE_DATE_E; - idx += length; if (DecodeSingleResponse(source, &idx, resp, size) < 0) return ASN_PARSE_E; @@ -4560,8 +6918,8 @@ static int DecodeBasicOcspResponse(byte* source, if (ret == 0) { - CYASSL_MSG("\tConfirm signature failed"); - return ASN_SIG_CONFIRM_E; + CYASSL_MSG("\tOCSP Confirm signature failed"); + return ASN_OCSP_CONFIRM_E; } } @@ -4643,23 +7001,6 @@ int OcspResponseDecode(OcspResponse* resp) } -static int SetSerialNumber(const byte* sn, word32 snSz, byte* output) -{ - int result = 0; - - CYASSL_ENTER("SetSerialNumber"); - - if (snSz <= EXTERNAL_SERIAL_SIZE) { - output[0] = ASN_INTEGER; - output[1] = snSz + 1; - output[2] = 0; - XMEMCPY(&output[3], sn, snSz); - result = snSz + 3; - } - return result; -} - - static word32 SetOcspReqExtensions(word32 extSz, byte* output, const byte* nonce, word32 nonceSz) { @@ -4678,7 +7019,7 @@ static word32 SetOcspReqExtensions(word32 extSz, byte* output, seqArray[1][0] = ASN_OBJECT_ID; seqSz[1] = 1 + SetLength(sizeof(NonceObjId), &seqArray[1][1]); - totalSz = seqSz[0] + seqSz[1] + nonceSz + sizeof(NonceObjId); + totalSz = seqSz[0] + seqSz[1] + nonceSz + (word32)sizeof(NonceObjId); seqSz[2] = SetSequence(totalSz, seqArray[2]); totalSz += seqSz[2]; @@ -4702,7 +7043,7 @@ static word32 SetOcspReqExtensions(word32 extSz, byte* output, XMEMCPY(output + totalSz, seqArray[1], seqSz[1]); totalSz += seqSz[1]; XMEMCPY(output + totalSz, NonceObjId, sizeof(NonceObjId)); - totalSz += sizeof(NonceObjId); + totalSz += (word32)sizeof(NonceObjId); XMEMCPY(output + totalSz, seqArray[0], seqSz[0]); totalSz += seqSz[0]; XMEMCPY(output + totalSz, nonce, nonceSz); @@ -4723,14 +7064,12 @@ int EncodeOcspRequest(OcspRequest* req) byte snArray[MAX_SN_SZ]; byte extArray[MAX_OCSP_EXT_SZ]; byte* output = req->dest; - word32 outputSz = req->destSz; - RNG rng; word32 seqSz[5], algoSz, issuerSz, issuerKeySz, snSz, extSz, totalSz; int i; CYASSL_ENTER("EncodeOcspRequest"); - algoSz = SetAlgoID(SHAh, algoArray, hashType); + algoSz = SetAlgoID(SHAh, algoArray, hashType, 0); req->issuerHash = req->cert->issuerHash; issuerSz = SetDigest(req->cert->issuerHash, SHA_SIZE, issuerArray); @@ -4742,14 +7081,20 @@ int EncodeOcspRequest(OcspRequest* req) req->serialSz = req->cert->serialSz; snSz = SetSerialNumber(req->cert->serial, req->cert->serialSz, snArray); - if (InitRng(&rng) != 0) { - CYASSL_MSG("\tCannot initialize RNG. Skipping the OSCP Nonce."); - extSz = 0; - } else { - req->nonceSz = MAX_OCSP_NONCE_SZ; - RNG_GenerateBlock(&rng, req->nonce, req->nonceSz); - extSz = SetOcspReqExtensions(MAX_OCSP_EXT_SZ, extArray, - req->nonce, req->nonceSz); + extSz = 0; + if (req->useNonce) { + RNG rng; + if (InitRng(&rng) != 0) { + CYASSL_MSG("\tCannot initialize RNG. Skipping the OSCP Nonce."); + } else { + if (RNG_GenerateBlock(&rng, req->nonce, MAX_OCSP_NONCE_SZ) != 0) + CYASSL_MSG("\tCannot run RNG. Skipping the OSCP Nonce."); + else { + req->nonceSz = MAX_OCSP_NONCE_SZ; + extSz = SetOcspReqExtensions(MAX_OCSP_EXT_SZ, extArray, + req->nonce, req->nonceSz); + } + } } totalSz = algoSz + issuerSz + issuerKeySz + snSz; @@ -4781,12 +7126,13 @@ int EncodeOcspRequest(OcspRequest* req) } -void InitOcspRequest(OcspRequest* req, DecodedCert* cert, +void InitOcspRequest(OcspRequest* req, DecodedCert* cert, byte useNonce, byte* dest, word32 destSz) { CYASSL_ENTER("InitOcspRequest"); req->cert = cert; + req->useNonce = useNonce; req->nonceSz = 0; req->issuerHash = NULL; req->issuerKeyHash = NULL; @@ -4814,18 +7160,22 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp) return 1; } - cmp = req->nonceSz - resp->nonceSz; - if (cmp != 0) - { - CYASSL_MSG("\tnonceSz mismatch"); - return cmp; - } - - cmp = XMEMCMP(req->nonce, resp->nonce, req->nonceSz); - if (cmp != 0) - { - CYASSL_MSG("\tnonce mismatch"); - return cmp; + /* Nonces are not critical. The responder may not necessarily add + * the nonce to the response. */ + if (req->useNonce && resp->nonceSz != 0) { + cmp = req->nonceSz - resp->nonceSz; + if (cmp != 0) + { + CYASSL_MSG("\tnonceSz mismatch"); + return cmp; + } + + cmp = XMEMCMP(req->nonce, resp->nonce, req->nonceSz); + if (cmp != 0) + { + CYASSL_MSG("\tnonce mismatch"); + return cmp; + } } cmp = XMEMCMP(req->issuerHash, resp->issuerHash, SHA_DIGEST_SIZE); @@ -4862,42 +7212,13 @@ int CompareOcspReqResp(OcspRequest* req, OcspResponse* resp) #endif -#ifdef HAVE_CRL - -/* initialize decoded CRL */ -void InitDecodedCRL(DecodedCRL* dcrl) -{ - CYASSL_MSG("InitDecodedCRL"); - - dcrl->certBegin = 0; - dcrl->sigIndex = 0; - dcrl->sigLength = 0; - dcrl->signatureOID = 0; - dcrl->certs = NULL; - dcrl->totalCerts = 0; -} - - -/* free decoded CRL resources */ -void FreeDecodedCRL(DecodedCRL* dcrl) -{ - RevokedCert* tmp = dcrl->certs; - - CYASSL_MSG("FreeDecodedCRL"); - - while(tmp) { - RevokedCert* next = tmp->next; - XFREE(tmp, NULL, DYNAMIC_TYPE_REVOKED); - tmp = next; - } -} - - /* store SHA1 hash of NAME */ -static int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx) +CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash, + int maxIdx) { Sha sha; int length; /* length of all distinguished names */ + int ret = 0; word32 dummy; CYASSL_ENTER("GetNameHash"); @@ -4919,7 +7240,9 @@ static int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx) if (GetSequence(source, idx, &length, maxIdx) < 0) return ASN_PARSE_E; - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + return ret; ShaUpdate(&sha, source + dummy, length + *idx - dummy); ShaFinal(&sha, hash); @@ -4929,6 +7252,37 @@ static int GetNameHash(const byte* source, word32* idx, byte* hash, int maxIdx) } +#ifdef HAVE_CRL + +/* initialize decoded CRL */ +void InitDecodedCRL(DecodedCRL* dcrl) +{ + CYASSL_MSG("InitDecodedCRL"); + + dcrl->certBegin = 0; + dcrl->sigIndex = 0; + dcrl->sigLength = 0; + dcrl->signatureOID = 0; + dcrl->certs = NULL; + dcrl->totalCerts = 0; +} + + +/* free decoded CRL resources */ +void FreeDecodedCRL(DecodedCRL* dcrl) +{ + RevokedCert* tmp = dcrl->certs; + + CYASSL_MSG("FreeDecodedCRL"); + + while(tmp) { + RevokedCert* next = tmp->next; + XFREE(tmp, NULL, DYNAMIC_TYPE_REVOKED); + tmp = next; + } +} + + /* Get Revoked Cert list, 0 on success */ static int GetRevoked(const byte* buff, word32* idx, DecodedCRL* dcrl, int maxIdx) @@ -5034,19 +7388,20 @@ static int GetCRL_Signature(const byte* source, word32* idx, DecodedCRL* dcrl, /* prase crl buffer into decoded state, 0 on success */ -int ParseCRL(DecodedCRL* dcrl, const byte* buff, long sz, void* cm) +int ParseCRL(DecodedCRL* dcrl, const byte* buff, word32 sz, void* cm) { int version, len; word32 oid, idx = 0; - Md5 md5; - Signer* ca; + Signer* ca = NULL; CYASSL_MSG("ParseCRL"); /* raw crl hash */ - InitMd5(&md5); - Md5Update(&md5, buff, sz); - Md5Final(&md5, dcrl->crlHash); + /* hash here if needed for optimized comparisons + * Sha sha; + * InitSha(&sha); + * ShaUpdate(&sha, buff, sz); + * ShaFinal(&sha, dcrl->crlHash); */ if (GetSequence(buff, &idx, &len, sz) < 0) return ASN_PARSE_E; @@ -5101,26 +7456,49 @@ int ParseCRL(DecodedCRL* dcrl, const byte* buff, long sz, void* cm) if (GetCRL_Signature(buff, &idx, dcrl, sz) < 0) return ASN_PARSE_E; - ca = GetCA(cm, dcrl->issuerHash); + /* openssl doesn't add skid by default for CRLs cause firefox chokes + we're not assuming it's available yet */ + #if !defined(NO_SKID) && defined(CRL_SKID_READY) + if (dcrl->extAuthKeyIdSet) + ca = GetCA(cm, dcrl->extAuthKeyId); + if (ca == NULL) + ca = GetCAByName(cm, dcrl->issuerHash); + #else /* NO_SKID */ + ca = GetCA(cm, dcrl->issuerHash); + #endif /* NO_SKID */ CYASSL_MSG("About to verify CRL signature"); if (ca) { CYASSL_MSG("Found CRL issuer CA"); /* try to confirm/verify signature */ + #ifndef IGNORE_KEY_EXTENSIONS + if ((ca->keyUsage & KEYUSE_CRL_SIGN) == 0) { + CYASSL_MSG("CA cannot sign CRLs"); + return ASN_CRL_NO_SIGNER_E; + } + #endif /* IGNORE_KEY_EXTENSIONS */ if (!ConfirmSignature(buff + dcrl->certBegin, dcrl->sigIndex - dcrl->certBegin, ca->publicKey, ca->pubKeySize, ca->keyOID, dcrl->signature, dcrl->sigLength, dcrl->signatureOID, NULL)) { CYASSL_MSG("CRL Confirm signature failed"); - return ASN_SIG_CONFIRM_E; + return ASN_CRL_CONFIRM_E; } } else { CYASSL_MSG("Did NOT find CRL issuer CA"); - return ASN_SIG_CONFIRM_E; + return ASN_CRL_NO_SIGNER_E; } return 0; } #endif /* HAVE_CRL */ +#endif + +#ifdef CYASSL_SEP + + + +#endif /* CYASSL_SEP */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/blake2b.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/blake2b.c new file mode 100644 index 000000000..a9d1753ac --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/blake2b.c @@ -0,0 +1,433 @@ +/* + BLAKE2 reference source code package - reference C implementations + + Written in 2012 by Samuel Neves + + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + + You should have received a copy of the CC0 Public Domain Dedication along with + this software. If not, see . +*/ +/* blake2b.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#ifdef HAVE_BLAKE2 + +#include +#include + + +static const word64 blake2b_IV[8] = +{ + 0x6a09e667f3bcc908ULL, 0xbb67ae8584caa73bULL, + 0x3c6ef372fe94f82bULL, 0xa54ff53a5f1d36f1ULL, + 0x510e527fade682d1ULL, 0x9b05688c2b3e6c1fULL, + 0x1f83d9abfb41bd6bULL, 0x5be0cd19137e2179ULL +}; + +static const byte blake2b_sigma[12][16] = +{ + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } , + { 11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4 } , + { 7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8 } , + { 9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13 } , + { 2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9 } , + { 12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11 } , + { 13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10 } , + { 6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5 } , + { 10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13 , 0 } , + { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15 } , + { 14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3 } +}; + + +static INLINE int blake2b_set_lastnode( blake2b_state *S ) +{ + S->f[1] = ~0ULL; + return 0; +} + +/* Some helper functions, not necessarily useful */ +static INLINE int blake2b_set_lastblock( blake2b_state *S ) +{ + if( S->last_node ) blake2b_set_lastnode( S ); + + S->f[0] = ~0ULL; + return 0; +} + +static INLINE int blake2b_increment_counter( blake2b_state *S, const word64 + inc ) +{ + S->t[0] += inc; + S->t[1] += ( S->t[0] < inc ); + return 0; +} + +static INLINE int blake2b_init0( blake2b_state *S ) +{ + int i; + XMEMSET( S, 0, sizeof( blake2b_state ) ); + + for( i = 0; i < 8; ++i ) S->h[i] = blake2b_IV[i]; + + return 0; +} + +/* init xors IV with input parameter block */ +int blake2b_init_param( blake2b_state *S, const blake2b_param *P ) +{ + word32 i; + blake2b_init0( S ); + byte *p = ( byte * )( P ); + + /* IV XOR ParamBlock */ + for( i = 0; i < 8; ++i ) + S->h[i] ^= load64( p + sizeof( S->h[i] ) * i ); + + return 0; +} + + + +int blake2b_init( blake2b_state *S, const byte outlen ) +{ + blake2b_param P[1]; + + if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1; + + P->digest_length = outlen; + P->key_length = 0; + P->fanout = 1; + P->depth = 1; + store32( &P->leaf_length, 0 ); + store64( &P->node_offset, 0 ); + P->node_depth = 0; + P->inner_length = 0; + XMEMSET( P->reserved, 0, sizeof( P->reserved ) ); + XMEMSET( P->salt, 0, sizeof( P->salt ) ); + XMEMSET( P->personal, 0, sizeof( P->personal ) ); + return blake2b_init_param( S, P ); +} + + +int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, + const byte keylen ) +{ + blake2b_param P[1]; + + if ( ( !outlen ) || ( outlen > BLAKE2B_OUTBYTES ) ) return -1; + + if ( !key || !keylen || keylen > BLAKE2B_KEYBYTES ) return -1; + + P->digest_length = outlen; + P->key_length = keylen; + P->fanout = 1; + P->depth = 1; + store32( &P->leaf_length, 0 ); + store64( &P->node_offset, 0 ); + P->node_depth = 0; + P->inner_length = 0; + XMEMSET( P->reserved, 0, sizeof( P->reserved ) ); + XMEMSET( P->salt, 0, sizeof( P->salt ) ); + XMEMSET( P->personal, 0, sizeof( P->personal ) ); + + if( blake2b_init_param( S, P ) < 0 ) return -1; + + { +#ifdef CYASSL_SMALL_STACK + byte* block; + + block = (byte*)XMALLOC(BLAKE2B_BLOCKBYTES, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if ( block == NULL ) return -1; +#else + byte block[BLAKE2B_BLOCKBYTES]; +#endif + + XMEMSET( block, 0, BLAKE2B_BLOCKBYTES ); + XMEMCPY( block, key, keylen ); + blake2b_update( S, block, BLAKE2B_BLOCKBYTES ); + secure_zero_memory( block, BLAKE2B_BLOCKBYTES ); /* Burn the key from */ + /* memory */ + +#ifdef CYASSL_SMALL_STACK + XFREE(block, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + } + return 0; +} + +static int blake2b_compress( blake2b_state *S, + const byte block[BLAKE2B_BLOCKBYTES] ) +{ + int i; + +#ifdef CYASSL_SMALL_STACK + word64* m; + word64* v; + + m = (word64*)XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if ( m == NULL ) return -1; + + v = (word64*)XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if ( v == NULL ) + { + XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return -1; + } +#else + word64 m[16]; + word64 v[16]; +#endif + + for( i = 0; i < 16; ++i ) + m[i] = load64( block + i * sizeof( m[i] ) ); + + for( i = 0; i < 8; ++i ) + v[i] = S->h[i]; + + v[ 8] = blake2b_IV[0]; + v[ 9] = blake2b_IV[1]; + v[10] = blake2b_IV[2]; + v[11] = blake2b_IV[3]; + v[12] = S->t[0] ^ blake2b_IV[4]; + v[13] = S->t[1] ^ blake2b_IV[5]; + v[14] = S->f[0] ^ blake2b_IV[6]; + v[15] = S->f[1] ^ blake2b_IV[7]; +#define G(r,i,a,b,c,d) \ + do { \ + a = a + b + m[blake2b_sigma[r][2*i+0]]; \ + d = rotr64(d ^ a, 32); \ + c = c + d; \ + b = rotr64(b ^ c, 24); \ + a = a + b + m[blake2b_sigma[r][2*i+1]]; \ + d = rotr64(d ^ a, 16); \ + c = c + d; \ + b = rotr64(b ^ c, 63); \ + } while(0) +#define ROUND(r) \ + do { \ + G(r,0,v[ 0],v[ 4],v[ 8],v[12]); \ + G(r,1,v[ 1],v[ 5],v[ 9],v[13]); \ + G(r,2,v[ 2],v[ 6],v[10],v[14]); \ + G(r,3,v[ 3],v[ 7],v[11],v[15]); \ + G(r,4,v[ 0],v[ 5],v[10],v[15]); \ + G(r,5,v[ 1],v[ 6],v[11],v[12]); \ + G(r,6,v[ 2],v[ 7],v[ 8],v[13]); \ + G(r,7,v[ 3],v[ 4],v[ 9],v[14]); \ + } while(0) + ROUND( 0 ); + ROUND( 1 ); + ROUND( 2 ); + ROUND( 3 ); + ROUND( 4 ); + ROUND( 5 ); + ROUND( 6 ); + ROUND( 7 ); + ROUND( 8 ); + ROUND( 9 ); + ROUND( 10 ); + ROUND( 11 ); + + for( i = 0; i < 8; ++i ) + S->h[i] = S->h[i] ^ v[i] ^ v[i + 8]; + +#undef G +#undef ROUND + +#ifdef CYASSL_SMALL_STACK + XFREE(m, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(v, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return 0; +} + +/* inlen now in bytes */ +int blake2b_update( blake2b_state *S, const byte *in, word64 inlen ) +{ + while( inlen > 0 ) + { + word64 left = S->buflen; + word64 fill = 2 * BLAKE2B_BLOCKBYTES - left; + + if( inlen > fill ) + { + XMEMCPY( S->buf + left, in, (word)fill ); /* Fill buffer */ + S->buflen += fill; + blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); + + if ( blake2b_compress( S, S->buf ) < 0 ) return -1; /* Compress */ + + XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, BLAKE2B_BLOCKBYTES ); + /* Shift buffer left */ + S->buflen -= BLAKE2B_BLOCKBYTES; + in += fill; + inlen -= fill; + } + else /* inlen <= fill */ + { + XMEMCPY( S->buf + left, in, (word)inlen ); + S->buflen += inlen; /* Be lazy, do not compress */ + in += inlen; + inlen -= inlen; + } + } + + return 0; +} + +/* Is this correct? */ +int blake2b_final( blake2b_state *S, byte *out, byte outlen ) +{ + byte buffer[BLAKE2B_OUTBYTES]; + int i; + + if( S->buflen > BLAKE2B_BLOCKBYTES ) + { + blake2b_increment_counter( S, BLAKE2B_BLOCKBYTES ); + + if ( blake2b_compress( S, S->buf ) < 0 ) return -1; + + S->buflen -= BLAKE2B_BLOCKBYTES; + XMEMCPY( S->buf, S->buf + BLAKE2B_BLOCKBYTES, (word)S->buflen ); + } + + blake2b_increment_counter( S, S->buflen ); + blake2b_set_lastblock( S ); + XMEMSET( S->buf + S->buflen, 0, (word)(2 * BLAKE2B_BLOCKBYTES - S->buflen) ); + /* Padding */ + if ( blake2b_compress( S, S->buf ) < 0 ) return -1; + + for( i = 0; i < 8; ++i ) /* Output full hash to temp buffer */ + store64( buffer + sizeof( S->h[i] ) * i, S->h[i] ); + + XMEMCPY( out, buffer, outlen ); + return 0; +} + +/* inlen, at least, should be word64. Others can be size_t. */ +int blake2b( byte *out, const void *in, const void *key, const byte outlen, + const word64 inlen, byte keylen ) +{ + blake2b_state S[1]; + + /* Verify parameters */ + if ( NULL == in ) return -1; + + if ( NULL == out ) return -1; + + if( NULL == key ) keylen = 0; + + if( keylen > 0 ) + { + if( blake2b_init_key( S, outlen, key, keylen ) < 0 ) return -1; + } + else + { + if( blake2b_init( S, outlen ) < 0 ) return -1; + } + + if ( blake2b_update( S, ( byte * )in, inlen ) < 0) return -1; + + return blake2b_final( S, out, outlen ); +} + +#if defined(BLAKE2B_SELFTEST) +#include +#include "blake2-kat.h" +int main( int argc, char **argv ) +{ + byte key[BLAKE2B_KEYBYTES]; + byte buf[KAT_LENGTH]; + + for( word32 i = 0; i < BLAKE2B_KEYBYTES; ++i ) + key[i] = ( byte )i; + + for( word32 i = 0; i < KAT_LENGTH; ++i ) + buf[i] = ( byte )i; + + for( word32 i = 0; i < KAT_LENGTH; ++i ) + { + byte hash[BLAKE2B_OUTBYTES]; + if ( blake2b( hash, buf, key, BLAKE2B_OUTBYTES, i, BLAKE2B_KEYBYTES ) < 0 ) + { + puts( "error" ); + return -1; + } + + if( 0 != memcmp( hash, blake2b_keyed_kat[i], BLAKE2B_OUTBYTES ) ) + { + puts( "error" ); + return -1; + } + } + + puts( "ok" ); + return 0; +} +#endif + + +/* CTaoCrypt API */ + +/* Init Blake2b digest, track size incase final doesn't want to "remember" */ +int InitBlake2b(Blake2b* b2b, word32 digestSz) +{ + b2b->digestSz = digestSz; + + return blake2b_init(b2b->S, (byte)digestSz); +} + + +/* Blake2b Update */ +int Blake2bUpdate(Blake2b* b2b, const byte* data, word32 sz) +{ + return blake2b_update(b2b->S, data, sz); +} + + +/* Blake2b Final, if pass in zero size we use init digestSz */ +int Blake2bFinal(Blake2b* b2b, byte* final, word32 requestSz) +{ + word32 sz = requestSz ? requestSz : b2b->digestSz; + + return blake2b_final(b2b->S, final, (byte)sz); +} + + +/* end CTaoCrypt API */ + +#endif /* HAVE_BLAKE2 */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/camellia.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/camellia.c new file mode 100644 index 000000000..eaed4c90b --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/camellia.c @@ -0,0 +1,1621 @@ +/* camellia.c ver 1.2.0 + * + * Copyright (c) 2006,2007 + * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer as + * the first lines of this file unmodified. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* camellia.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* + * Algorithm Specification + * http://info.isl.ntt.co.jp/crypt/eng/camellia/specifications.html + */ + + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#ifdef HAVE_CAMELLIA + +#include +#include +#include +#ifdef NO_INLINE + #include +#else + #include +#endif + + +/* u32 must be 32bit word */ +typedef unsigned int u32; +typedef unsigned char u8; + +/* key constants */ + +#define CAMELLIA_SIGMA1L ((u32)0xA09E667FL) +#define CAMELLIA_SIGMA1R ((u32)0x3BCC908BL) +#define CAMELLIA_SIGMA2L ((u32)0xB67AE858L) +#define CAMELLIA_SIGMA2R ((u32)0x4CAA73B2L) +#define CAMELLIA_SIGMA3L ((u32)0xC6EF372FL) +#define CAMELLIA_SIGMA3R ((u32)0xE94F82BEL) +#define CAMELLIA_SIGMA4L ((u32)0x54FF53A5L) +#define CAMELLIA_SIGMA4R ((u32)0xF1D36F1CL) +#define CAMELLIA_SIGMA5L ((u32)0x10E527FAL) +#define CAMELLIA_SIGMA5R ((u32)0xDE682D1DL) +#define CAMELLIA_SIGMA6L ((u32)0xB05688C2L) +#define CAMELLIA_SIGMA6R ((u32)0xB3E6C1FDL) + +/* + * macros + */ + + +#if defined(_MSC_VER) + +# define SWAP(x) (_lrotl(x, 8) & 0x00ff00ff | _lrotr(x, 8) & 0xff00ff00) +# define GETU32(p) SWAP(*((u32 *)(p))) +# define PUTU32(ct, st) {*((u32 *)(ct)) = SWAP((st));} + +#else /* not MS-VC */ + +# define GETU32(pt) \ + (((u32)(pt)[0] << 24) \ + ^ ((u32)(pt)[1] << 16) \ + ^ ((u32)(pt)[2] << 8) \ + ^ ((u32)(pt)[3])) + +# define PUTU32(ct, st) { \ + (ct)[0] = (u8)((st) >> 24); \ + (ct)[1] = (u8)((st) >> 16); \ + (ct)[2] = (u8)((st) >> 8); \ + (ct)[3] = (u8)(st); } + +#endif + +#define CamelliaSubkeyL(INDEX) (subkey[(INDEX)*2]) +#define CamelliaSubkeyR(INDEX) (subkey[(INDEX)*2 + 1]) + +/* rotation right shift 1byte */ +#define CAMELLIA_RR8(x) (((x) >> 8) + ((x) << 24)) +/* rotation left shift 1bit */ +#define CAMELLIA_RL1(x) (((x) << 1) + ((x) >> 31)) +/* rotation left shift 1byte */ +#define CAMELLIA_RL8(x) (((x) << 8) + ((x) >> 24)) + +#define CAMELLIA_ROLDQ(ll, lr, rl, rr, w0, w1, bits) \ + do { \ + w0 = ll; \ + ll = (ll << bits) + (lr >> (32 - bits)); \ + lr = (lr << bits) + (rl >> (32 - bits)); \ + rl = (rl << bits) + (rr >> (32 - bits)); \ + rr = (rr << bits) + (w0 >> (32 - bits)); \ + } while(0) + +#define CAMELLIA_ROLDQo32(ll, lr, rl, rr, w0, w1, bits) \ + do { \ + w0 = ll; \ + w1 = lr; \ + ll = (lr << (bits - 32)) + (rl >> (64 - bits)); \ + lr = (rl << (bits - 32)) + (rr >> (64 - bits)); \ + rl = (rr << (bits - 32)) + (w0 >> (64 - bits)); \ + rr = (w0 << (bits - 32)) + (w1 >> (64 - bits)); \ + } while(0) + +#define CAMELLIA_SP1110(INDEX) (camellia_sp1110[(INDEX)]) +#define CAMELLIA_SP0222(INDEX) (camellia_sp0222[(INDEX)]) +#define CAMELLIA_SP3033(INDEX) (camellia_sp3033[(INDEX)]) +#define CAMELLIA_SP4404(INDEX) (camellia_sp4404[(INDEX)]) + +#define CAMELLIA_F(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ + do { \ + il = xl ^ kl; \ + ir = xr ^ kr; \ + t0 = il >> 16; \ + t1 = ir >> 16; \ + yl = CAMELLIA_SP1110(ir & 0xff) \ + ^ CAMELLIA_SP0222((t1 >> 8) & 0xff) \ + ^ CAMELLIA_SP3033(t1 & 0xff) \ + ^ CAMELLIA_SP4404((ir >> 8) & 0xff); \ + yr = CAMELLIA_SP1110((t0 >> 8) & 0xff) \ + ^ CAMELLIA_SP0222(t0 & 0xff) \ + ^ CAMELLIA_SP3033((il >> 8) & 0xff) \ + ^ CAMELLIA_SP4404(il & 0xff); \ + yl ^= yr; \ + yr = CAMELLIA_RR8(yr); \ + yr ^= yl; \ + } while(0) + + +/* + * for speed up + * + */ +#define CAMELLIA_FLS(ll, lr, rl, rr, kll, klr, krl, krr, t0, t1, t2, t3) \ + do { \ + t0 = kll; \ + t0 &= ll; \ + lr ^= CAMELLIA_RL1(t0); \ + t1 = klr; \ + t1 |= lr; \ + ll ^= t1; \ + \ + t2 = krr; \ + t2 |= rr; \ + rl ^= t2; \ + t3 = krl; \ + t3 &= rl; \ + rr ^= CAMELLIA_RL1(t3); \ + } while(0) + +#define CAMELLIA_ROUNDSM(xl, xr, kl, kr, yl, yr, il, ir, t0, t1) \ + do { \ + ir = CAMELLIA_SP1110(xr & 0xff) \ + ^ CAMELLIA_SP0222((xr >> 24) & 0xff) \ + ^ CAMELLIA_SP3033((xr >> 16) & 0xff) \ + ^ CAMELLIA_SP4404((xr >> 8) & 0xff); \ + il = CAMELLIA_SP1110((xl >> 24) & 0xff) \ + ^ CAMELLIA_SP0222((xl >> 16) & 0xff) \ + ^ CAMELLIA_SP3033((xl >> 8) & 0xff) \ + ^ CAMELLIA_SP4404(xl & 0xff); \ + il ^= kl; \ + ir ^= kr; \ + ir ^= il; \ + il = CAMELLIA_RR8(il); \ + il ^= ir; \ + yl ^= ir; \ + yr ^= il; \ + } while(0) + + +static const u32 camellia_sp1110[256] = { + 0x70707000,0x82828200,0x2c2c2c00,0xececec00, + 0xb3b3b300,0x27272700,0xc0c0c000,0xe5e5e500, + 0xe4e4e400,0x85858500,0x57575700,0x35353500, + 0xeaeaea00,0x0c0c0c00,0xaeaeae00,0x41414100, + 0x23232300,0xefefef00,0x6b6b6b00,0x93939300, + 0x45454500,0x19191900,0xa5a5a500,0x21212100, + 0xededed00,0x0e0e0e00,0x4f4f4f00,0x4e4e4e00, + 0x1d1d1d00,0x65656500,0x92929200,0xbdbdbd00, + 0x86868600,0xb8b8b800,0xafafaf00,0x8f8f8f00, + 0x7c7c7c00,0xebebeb00,0x1f1f1f00,0xcecece00, + 0x3e3e3e00,0x30303000,0xdcdcdc00,0x5f5f5f00, + 0x5e5e5e00,0xc5c5c500,0x0b0b0b00,0x1a1a1a00, + 0xa6a6a600,0xe1e1e100,0x39393900,0xcacaca00, + 0xd5d5d500,0x47474700,0x5d5d5d00,0x3d3d3d00, + 0xd9d9d900,0x01010100,0x5a5a5a00,0xd6d6d600, + 0x51515100,0x56565600,0x6c6c6c00,0x4d4d4d00, + 0x8b8b8b00,0x0d0d0d00,0x9a9a9a00,0x66666600, + 0xfbfbfb00,0xcccccc00,0xb0b0b000,0x2d2d2d00, + 0x74747400,0x12121200,0x2b2b2b00,0x20202000, + 0xf0f0f000,0xb1b1b100,0x84848400,0x99999900, + 0xdfdfdf00,0x4c4c4c00,0xcbcbcb00,0xc2c2c200, + 0x34343400,0x7e7e7e00,0x76767600,0x05050500, + 0x6d6d6d00,0xb7b7b700,0xa9a9a900,0x31313100, + 0xd1d1d100,0x17171700,0x04040400,0xd7d7d700, + 0x14141400,0x58585800,0x3a3a3a00,0x61616100, + 0xdedede00,0x1b1b1b00,0x11111100,0x1c1c1c00, + 0x32323200,0x0f0f0f00,0x9c9c9c00,0x16161600, + 0x53535300,0x18181800,0xf2f2f200,0x22222200, + 0xfefefe00,0x44444400,0xcfcfcf00,0xb2b2b200, + 0xc3c3c300,0xb5b5b500,0x7a7a7a00,0x91919100, + 0x24242400,0x08080800,0xe8e8e800,0xa8a8a800, + 0x60606000,0xfcfcfc00,0x69696900,0x50505000, + 0xaaaaaa00,0xd0d0d000,0xa0a0a000,0x7d7d7d00, + 0xa1a1a100,0x89898900,0x62626200,0x97979700, + 0x54545400,0x5b5b5b00,0x1e1e1e00,0x95959500, + 0xe0e0e000,0xffffff00,0x64646400,0xd2d2d200, + 0x10101000,0xc4c4c400,0x00000000,0x48484800, + 0xa3a3a300,0xf7f7f700,0x75757500,0xdbdbdb00, + 0x8a8a8a00,0x03030300,0xe6e6e600,0xdadada00, + 0x09090900,0x3f3f3f00,0xdddddd00,0x94949400, + 0x87878700,0x5c5c5c00,0x83838300,0x02020200, + 0xcdcdcd00,0x4a4a4a00,0x90909000,0x33333300, + 0x73737300,0x67676700,0xf6f6f600,0xf3f3f300, + 0x9d9d9d00,0x7f7f7f00,0xbfbfbf00,0xe2e2e200, + 0x52525200,0x9b9b9b00,0xd8d8d800,0x26262600, + 0xc8c8c800,0x37373700,0xc6c6c600,0x3b3b3b00, + 0x81818100,0x96969600,0x6f6f6f00,0x4b4b4b00, + 0x13131300,0xbebebe00,0x63636300,0x2e2e2e00, + 0xe9e9e900,0x79797900,0xa7a7a700,0x8c8c8c00, + 0x9f9f9f00,0x6e6e6e00,0xbcbcbc00,0x8e8e8e00, + 0x29292900,0xf5f5f500,0xf9f9f900,0xb6b6b600, + 0x2f2f2f00,0xfdfdfd00,0xb4b4b400,0x59595900, + 0x78787800,0x98989800,0x06060600,0x6a6a6a00, + 0xe7e7e700,0x46464600,0x71717100,0xbababa00, + 0xd4d4d400,0x25252500,0xababab00,0x42424200, + 0x88888800,0xa2a2a200,0x8d8d8d00,0xfafafa00, + 0x72727200,0x07070700,0xb9b9b900,0x55555500, + 0xf8f8f800,0xeeeeee00,0xacacac00,0x0a0a0a00, + 0x36363600,0x49494900,0x2a2a2a00,0x68686800, + 0x3c3c3c00,0x38383800,0xf1f1f100,0xa4a4a400, + 0x40404000,0x28282800,0xd3d3d300,0x7b7b7b00, + 0xbbbbbb00,0xc9c9c900,0x43434300,0xc1c1c100, + 0x15151500,0xe3e3e300,0xadadad00,0xf4f4f400, + 0x77777700,0xc7c7c700,0x80808000,0x9e9e9e00, +}; + +static const u32 camellia_sp0222[256] = { + 0x00e0e0e0,0x00050505,0x00585858,0x00d9d9d9, + 0x00676767,0x004e4e4e,0x00818181,0x00cbcbcb, + 0x00c9c9c9,0x000b0b0b,0x00aeaeae,0x006a6a6a, + 0x00d5d5d5,0x00181818,0x005d5d5d,0x00828282, + 0x00464646,0x00dfdfdf,0x00d6d6d6,0x00272727, + 0x008a8a8a,0x00323232,0x004b4b4b,0x00424242, + 0x00dbdbdb,0x001c1c1c,0x009e9e9e,0x009c9c9c, + 0x003a3a3a,0x00cacaca,0x00252525,0x007b7b7b, + 0x000d0d0d,0x00717171,0x005f5f5f,0x001f1f1f, + 0x00f8f8f8,0x00d7d7d7,0x003e3e3e,0x009d9d9d, + 0x007c7c7c,0x00606060,0x00b9b9b9,0x00bebebe, + 0x00bcbcbc,0x008b8b8b,0x00161616,0x00343434, + 0x004d4d4d,0x00c3c3c3,0x00727272,0x00959595, + 0x00ababab,0x008e8e8e,0x00bababa,0x007a7a7a, + 0x00b3b3b3,0x00020202,0x00b4b4b4,0x00adadad, + 0x00a2a2a2,0x00acacac,0x00d8d8d8,0x009a9a9a, + 0x00171717,0x001a1a1a,0x00353535,0x00cccccc, + 0x00f7f7f7,0x00999999,0x00616161,0x005a5a5a, + 0x00e8e8e8,0x00242424,0x00565656,0x00404040, + 0x00e1e1e1,0x00636363,0x00090909,0x00333333, + 0x00bfbfbf,0x00989898,0x00979797,0x00858585, + 0x00686868,0x00fcfcfc,0x00ececec,0x000a0a0a, + 0x00dadada,0x006f6f6f,0x00535353,0x00626262, + 0x00a3a3a3,0x002e2e2e,0x00080808,0x00afafaf, + 0x00282828,0x00b0b0b0,0x00747474,0x00c2c2c2, + 0x00bdbdbd,0x00363636,0x00222222,0x00383838, + 0x00646464,0x001e1e1e,0x00393939,0x002c2c2c, + 0x00a6a6a6,0x00303030,0x00e5e5e5,0x00444444, + 0x00fdfdfd,0x00888888,0x009f9f9f,0x00656565, + 0x00878787,0x006b6b6b,0x00f4f4f4,0x00232323, + 0x00484848,0x00101010,0x00d1d1d1,0x00515151, + 0x00c0c0c0,0x00f9f9f9,0x00d2d2d2,0x00a0a0a0, + 0x00555555,0x00a1a1a1,0x00414141,0x00fafafa, + 0x00434343,0x00131313,0x00c4c4c4,0x002f2f2f, + 0x00a8a8a8,0x00b6b6b6,0x003c3c3c,0x002b2b2b, + 0x00c1c1c1,0x00ffffff,0x00c8c8c8,0x00a5a5a5, + 0x00202020,0x00898989,0x00000000,0x00909090, + 0x00474747,0x00efefef,0x00eaeaea,0x00b7b7b7, + 0x00151515,0x00060606,0x00cdcdcd,0x00b5b5b5, + 0x00121212,0x007e7e7e,0x00bbbbbb,0x00292929, + 0x000f0f0f,0x00b8b8b8,0x00070707,0x00040404, + 0x009b9b9b,0x00949494,0x00212121,0x00666666, + 0x00e6e6e6,0x00cecece,0x00ededed,0x00e7e7e7, + 0x003b3b3b,0x00fefefe,0x007f7f7f,0x00c5c5c5, + 0x00a4a4a4,0x00373737,0x00b1b1b1,0x004c4c4c, + 0x00919191,0x006e6e6e,0x008d8d8d,0x00767676, + 0x00030303,0x002d2d2d,0x00dedede,0x00969696, + 0x00262626,0x007d7d7d,0x00c6c6c6,0x005c5c5c, + 0x00d3d3d3,0x00f2f2f2,0x004f4f4f,0x00191919, + 0x003f3f3f,0x00dcdcdc,0x00797979,0x001d1d1d, + 0x00525252,0x00ebebeb,0x00f3f3f3,0x006d6d6d, + 0x005e5e5e,0x00fbfbfb,0x00696969,0x00b2b2b2, + 0x00f0f0f0,0x00313131,0x000c0c0c,0x00d4d4d4, + 0x00cfcfcf,0x008c8c8c,0x00e2e2e2,0x00757575, + 0x00a9a9a9,0x004a4a4a,0x00575757,0x00848484, + 0x00111111,0x00454545,0x001b1b1b,0x00f5f5f5, + 0x00e4e4e4,0x000e0e0e,0x00737373,0x00aaaaaa, + 0x00f1f1f1,0x00dddddd,0x00595959,0x00141414, + 0x006c6c6c,0x00929292,0x00545454,0x00d0d0d0, + 0x00787878,0x00707070,0x00e3e3e3,0x00494949, + 0x00808080,0x00505050,0x00a7a7a7,0x00f6f6f6, + 0x00777777,0x00939393,0x00868686,0x00838383, + 0x002a2a2a,0x00c7c7c7,0x005b5b5b,0x00e9e9e9, + 0x00eeeeee,0x008f8f8f,0x00010101,0x003d3d3d, +}; + +static const u32 camellia_sp3033[256] = { + 0x38003838,0x41004141,0x16001616,0x76007676, + 0xd900d9d9,0x93009393,0x60006060,0xf200f2f2, + 0x72007272,0xc200c2c2,0xab00abab,0x9a009a9a, + 0x75007575,0x06000606,0x57005757,0xa000a0a0, + 0x91009191,0xf700f7f7,0xb500b5b5,0xc900c9c9, + 0xa200a2a2,0x8c008c8c,0xd200d2d2,0x90009090, + 0xf600f6f6,0x07000707,0xa700a7a7,0x27002727, + 0x8e008e8e,0xb200b2b2,0x49004949,0xde00dede, + 0x43004343,0x5c005c5c,0xd700d7d7,0xc700c7c7, + 0x3e003e3e,0xf500f5f5,0x8f008f8f,0x67006767, + 0x1f001f1f,0x18001818,0x6e006e6e,0xaf00afaf, + 0x2f002f2f,0xe200e2e2,0x85008585,0x0d000d0d, + 0x53005353,0xf000f0f0,0x9c009c9c,0x65006565, + 0xea00eaea,0xa300a3a3,0xae00aeae,0x9e009e9e, + 0xec00ecec,0x80008080,0x2d002d2d,0x6b006b6b, + 0xa800a8a8,0x2b002b2b,0x36003636,0xa600a6a6, + 0xc500c5c5,0x86008686,0x4d004d4d,0x33003333, + 0xfd00fdfd,0x66006666,0x58005858,0x96009696, + 0x3a003a3a,0x09000909,0x95009595,0x10001010, + 0x78007878,0xd800d8d8,0x42004242,0xcc00cccc, + 0xef00efef,0x26002626,0xe500e5e5,0x61006161, + 0x1a001a1a,0x3f003f3f,0x3b003b3b,0x82008282, + 0xb600b6b6,0xdb00dbdb,0xd400d4d4,0x98009898, + 0xe800e8e8,0x8b008b8b,0x02000202,0xeb00ebeb, + 0x0a000a0a,0x2c002c2c,0x1d001d1d,0xb000b0b0, + 0x6f006f6f,0x8d008d8d,0x88008888,0x0e000e0e, + 0x19001919,0x87008787,0x4e004e4e,0x0b000b0b, + 0xa900a9a9,0x0c000c0c,0x79007979,0x11001111, + 0x7f007f7f,0x22002222,0xe700e7e7,0x59005959, + 0xe100e1e1,0xda00dada,0x3d003d3d,0xc800c8c8, + 0x12001212,0x04000404,0x74007474,0x54005454, + 0x30003030,0x7e007e7e,0xb400b4b4,0x28002828, + 0x55005555,0x68006868,0x50005050,0xbe00bebe, + 0xd000d0d0,0xc400c4c4,0x31003131,0xcb00cbcb, + 0x2a002a2a,0xad00adad,0x0f000f0f,0xca00caca, + 0x70007070,0xff00ffff,0x32003232,0x69006969, + 0x08000808,0x62006262,0x00000000,0x24002424, + 0xd100d1d1,0xfb00fbfb,0xba00baba,0xed00eded, + 0x45004545,0x81008181,0x73007373,0x6d006d6d, + 0x84008484,0x9f009f9f,0xee00eeee,0x4a004a4a, + 0xc300c3c3,0x2e002e2e,0xc100c1c1,0x01000101, + 0xe600e6e6,0x25002525,0x48004848,0x99009999, + 0xb900b9b9,0xb300b3b3,0x7b007b7b,0xf900f9f9, + 0xce00cece,0xbf00bfbf,0xdf00dfdf,0x71007171, + 0x29002929,0xcd00cdcd,0x6c006c6c,0x13001313, + 0x64006464,0x9b009b9b,0x63006363,0x9d009d9d, + 0xc000c0c0,0x4b004b4b,0xb700b7b7,0xa500a5a5, + 0x89008989,0x5f005f5f,0xb100b1b1,0x17001717, + 0xf400f4f4,0xbc00bcbc,0xd300d3d3,0x46004646, + 0xcf00cfcf,0x37003737,0x5e005e5e,0x47004747, + 0x94009494,0xfa00fafa,0xfc00fcfc,0x5b005b5b, + 0x97009797,0xfe00fefe,0x5a005a5a,0xac00acac, + 0x3c003c3c,0x4c004c4c,0x03000303,0x35003535, + 0xf300f3f3,0x23002323,0xb800b8b8,0x5d005d5d, + 0x6a006a6a,0x92009292,0xd500d5d5,0x21002121, + 0x44004444,0x51005151,0xc600c6c6,0x7d007d7d, + 0x39003939,0x83008383,0xdc00dcdc,0xaa00aaaa, + 0x7c007c7c,0x77007777,0x56005656,0x05000505, + 0x1b001b1b,0xa400a4a4,0x15001515,0x34003434, + 0x1e001e1e,0x1c001c1c,0xf800f8f8,0x52005252, + 0x20002020,0x14001414,0xe900e9e9,0xbd00bdbd, + 0xdd00dddd,0xe400e4e4,0xa100a1a1,0xe000e0e0, + 0x8a008a8a,0xf100f1f1,0xd600d6d6,0x7a007a7a, + 0xbb00bbbb,0xe300e3e3,0x40004040,0x4f004f4f, +}; + +static const u32 camellia_sp4404[256] = { + 0x70700070,0x2c2c002c,0xb3b300b3,0xc0c000c0, + 0xe4e400e4,0x57570057,0xeaea00ea,0xaeae00ae, + 0x23230023,0x6b6b006b,0x45450045,0xa5a500a5, + 0xeded00ed,0x4f4f004f,0x1d1d001d,0x92920092, + 0x86860086,0xafaf00af,0x7c7c007c,0x1f1f001f, + 0x3e3e003e,0xdcdc00dc,0x5e5e005e,0x0b0b000b, + 0xa6a600a6,0x39390039,0xd5d500d5,0x5d5d005d, + 0xd9d900d9,0x5a5a005a,0x51510051,0x6c6c006c, + 0x8b8b008b,0x9a9a009a,0xfbfb00fb,0xb0b000b0, + 0x74740074,0x2b2b002b,0xf0f000f0,0x84840084, + 0xdfdf00df,0xcbcb00cb,0x34340034,0x76760076, + 0x6d6d006d,0xa9a900a9,0xd1d100d1,0x04040004, + 0x14140014,0x3a3a003a,0xdede00de,0x11110011, + 0x32320032,0x9c9c009c,0x53530053,0xf2f200f2, + 0xfefe00fe,0xcfcf00cf,0xc3c300c3,0x7a7a007a, + 0x24240024,0xe8e800e8,0x60600060,0x69690069, + 0xaaaa00aa,0xa0a000a0,0xa1a100a1,0x62620062, + 0x54540054,0x1e1e001e,0xe0e000e0,0x64640064, + 0x10100010,0x00000000,0xa3a300a3,0x75750075, + 0x8a8a008a,0xe6e600e6,0x09090009,0xdddd00dd, + 0x87870087,0x83830083,0xcdcd00cd,0x90900090, + 0x73730073,0xf6f600f6,0x9d9d009d,0xbfbf00bf, + 0x52520052,0xd8d800d8,0xc8c800c8,0xc6c600c6, + 0x81810081,0x6f6f006f,0x13130013,0x63630063, + 0xe9e900e9,0xa7a700a7,0x9f9f009f,0xbcbc00bc, + 0x29290029,0xf9f900f9,0x2f2f002f,0xb4b400b4, + 0x78780078,0x06060006,0xe7e700e7,0x71710071, + 0xd4d400d4,0xabab00ab,0x88880088,0x8d8d008d, + 0x72720072,0xb9b900b9,0xf8f800f8,0xacac00ac, + 0x36360036,0x2a2a002a,0x3c3c003c,0xf1f100f1, + 0x40400040,0xd3d300d3,0xbbbb00bb,0x43430043, + 0x15150015,0xadad00ad,0x77770077,0x80800080, + 0x82820082,0xecec00ec,0x27270027,0xe5e500e5, + 0x85850085,0x35350035,0x0c0c000c,0x41410041, + 0xefef00ef,0x93930093,0x19190019,0x21210021, + 0x0e0e000e,0x4e4e004e,0x65650065,0xbdbd00bd, + 0xb8b800b8,0x8f8f008f,0xebeb00eb,0xcece00ce, + 0x30300030,0x5f5f005f,0xc5c500c5,0x1a1a001a, + 0xe1e100e1,0xcaca00ca,0x47470047,0x3d3d003d, + 0x01010001,0xd6d600d6,0x56560056,0x4d4d004d, + 0x0d0d000d,0x66660066,0xcccc00cc,0x2d2d002d, + 0x12120012,0x20200020,0xb1b100b1,0x99990099, + 0x4c4c004c,0xc2c200c2,0x7e7e007e,0x05050005, + 0xb7b700b7,0x31310031,0x17170017,0xd7d700d7, + 0x58580058,0x61610061,0x1b1b001b,0x1c1c001c, + 0x0f0f000f,0x16160016,0x18180018,0x22220022, + 0x44440044,0xb2b200b2,0xb5b500b5,0x91910091, + 0x08080008,0xa8a800a8,0xfcfc00fc,0x50500050, + 0xd0d000d0,0x7d7d007d,0x89890089,0x97970097, + 0x5b5b005b,0x95950095,0xffff00ff,0xd2d200d2, + 0xc4c400c4,0x48480048,0xf7f700f7,0xdbdb00db, + 0x03030003,0xdada00da,0x3f3f003f,0x94940094, + 0x5c5c005c,0x02020002,0x4a4a004a,0x33330033, + 0x67670067,0xf3f300f3,0x7f7f007f,0xe2e200e2, + 0x9b9b009b,0x26260026,0x37370037,0x3b3b003b, + 0x96960096,0x4b4b004b,0xbebe00be,0x2e2e002e, + 0x79790079,0x8c8c008c,0x6e6e006e,0x8e8e008e, + 0xf5f500f5,0xb6b600b6,0xfdfd00fd,0x59590059, + 0x98980098,0x6a6a006a,0x46460046,0xbaba00ba, + 0x25250025,0x42420042,0xa2a200a2,0xfafa00fa, + 0x07070007,0x55550055,0xeeee00ee,0x0a0a000a, + 0x49490049,0x68680068,0x38380038,0xa4a400a4, + 0x28280028,0x7b7b007b,0xc9c900c9,0xc1c100c1, + 0xe3e300e3,0xf4f400f4,0xc7c700c7,0x9e9e009e, +}; + + +/** + * Stuff related to the Camellia key schedule + */ +#define subl(x) subL[(x)] +#define subr(x) subR[(x)] + +static int camellia_setup128(const unsigned char *key, u32 *subkey) +{ + u32 kll, klr, krl, krr; + u32 il, ir, t0, t1, w0, w1; + u32 kw4l, kw4r, dw, tl, tr; + +#ifdef CYASSL_SMALL_STACK + u32* subL; + u32* subR; + + subL = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (subL == NULL) + return MEMORY_E; + + subR = (u32*) XMALLOC(sizeof(u32) * 26, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (subR == NULL) { + XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#else + u32 subL[26]; + u32 subR[26]; +#endif + + /** + * k == kll || klr || krl || krr (|| is concatination) + */ + kll = GETU32(key ); + klr = GETU32(key + 4); + krl = GETU32(key + 8); + krr = GETU32(key + 12); + /** + * generate KL dependent subkeys + */ + subl(0) = kll; subr(0) = klr; + subl(1) = krl; subr(1) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(4) = kll; subr(4) = klr; + subl(5) = krl; subr(5) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); + subl(10) = kll; subr(10) = klr; + subl(11) = krl; subr(11) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(13) = krl; subr(13) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(16) = kll; subr(16) = klr; + subl(17) = krl; subr(17) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(18) = kll; subr(18) = klr; + subl(19) = krl; subr(19) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(22) = kll; subr(22) = klr; + subl(23) = krl; subr(23) = krr; + + /* generate KA */ + kll = subl(0); klr = subr(0); + krl = subl(1); krr = subr(1); + CAMELLIA_F(kll, klr, + CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, + w0, w1, il, ir, t0, t1); + krl ^= w0; krr ^= w1; + CAMELLIA_F(krl, krr, + CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, + kll, klr, il, ir, t0, t1); + CAMELLIA_F(kll, klr, + CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, + krl, krr, il, ir, t0, t1); + krl ^= w0; krr ^= w1; + CAMELLIA_F(krl, krr, + CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, + w0, w1, il, ir, t0, t1); + kll ^= w0; klr ^= w1; + + /* generate KA dependent subkeys */ + subl(2) = kll; subr(2) = klr; + subl(3) = krl; subr(3) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(6) = kll; subr(6) = klr; + subl(7) = krl; subr(7) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(8) = kll; subr(8) = klr; + subl(9) = krl; subr(9) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(12) = kll; subr(12) = klr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(14) = kll; subr(14) = klr; + subl(15) = krl; subr(15) = krr; + CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); + subl(20) = kll; subr(20) = klr; + subl(21) = krl; subr(21) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(24) = kll; subr(24) = klr; + subl(25) = krl; subr(25) = krr; + + + /* absorb kw2 to other subkeys */ + subl(3) ^= subl(1); subr(3) ^= subr(1); + subl(5) ^= subl(1); subr(5) ^= subr(1); + subl(7) ^= subl(1); subr(7) ^= subr(1); + subl(1) ^= subr(1) & ~subr(9); + dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); + subl(11) ^= subl(1); subr(11) ^= subr(1); + subl(13) ^= subl(1); subr(13) ^= subr(1); + subl(15) ^= subl(1); subr(15) ^= subr(1); + subl(1) ^= subr(1) & ~subr(17); + dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); + subl(19) ^= subl(1); subr(19) ^= subr(1); + subl(21) ^= subl(1); subr(21) ^= subr(1); + subl(23) ^= subl(1); subr(23) ^= subr(1); + subl(24) ^= subl(1); subr(24) ^= subr(1); + + /* absorb kw4 to other subkeys */ + kw4l = subl(25); kw4r = subr(25); + subl(22) ^= kw4l; subr(22) ^= kw4r; + subl(20) ^= kw4l; subr(20) ^= kw4r; + subl(18) ^= kw4l; subr(18) ^= kw4r; + kw4l ^= kw4r & ~subr(16); + dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); + subl(14) ^= kw4l; subr(14) ^= kw4r; + subl(12) ^= kw4l; subr(12) ^= kw4r; + subl(10) ^= kw4l; subr(10) ^= kw4r; + kw4l ^= kw4r & ~subr(8); + dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); + subl(6) ^= kw4l; subr(6) ^= kw4r; + subl(4) ^= kw4l; subr(4) ^= kw4r; + subl(2) ^= kw4l; subr(2) ^= kw4r; + subl(0) ^= kw4l; subr(0) ^= kw4r; + + /* key XOR is end of F-function */ + CamelliaSubkeyL(0) = subl(0) ^ subl(2); + CamelliaSubkeyR(0) = subr(0) ^ subr(2); + CamelliaSubkeyL(2) = subl(3); + CamelliaSubkeyR(2) = subr(3); + CamelliaSubkeyL(3) = subl(2) ^ subl(4); + CamelliaSubkeyR(3) = subr(2) ^ subr(4); + CamelliaSubkeyL(4) = subl(3) ^ subl(5); + CamelliaSubkeyR(4) = subr(3) ^ subr(5); + CamelliaSubkeyL(5) = subl(4) ^ subl(6); + CamelliaSubkeyR(5) = subr(4) ^ subr(6); + CamelliaSubkeyL(6) = subl(5) ^ subl(7); + CamelliaSubkeyR(6) = subr(5) ^ subr(7); + tl = subl(10) ^ (subr(10) & ~subr(8)); + dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(7) = subl(6) ^ tl; + CamelliaSubkeyR(7) = subr(6) ^ tr; + CamelliaSubkeyL(8) = subl(8); + CamelliaSubkeyR(8) = subr(8); + CamelliaSubkeyL(9) = subl(9); + CamelliaSubkeyR(9) = subr(9); + tl = subl(7) ^ (subr(7) & ~subr(9)); + dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(10) = tl ^ subl(11); + CamelliaSubkeyR(10) = tr ^ subr(11); + CamelliaSubkeyL(11) = subl(10) ^ subl(12); + CamelliaSubkeyR(11) = subr(10) ^ subr(12); + CamelliaSubkeyL(12) = subl(11) ^ subl(13); + CamelliaSubkeyR(12) = subr(11) ^ subr(13); + CamelliaSubkeyL(13) = subl(12) ^ subl(14); + CamelliaSubkeyR(13) = subr(12) ^ subr(14); + CamelliaSubkeyL(14) = subl(13) ^ subl(15); + CamelliaSubkeyR(14) = subr(13) ^ subr(15); + tl = subl(18) ^ (subr(18) & ~subr(16)); + dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(15) = subl(14) ^ tl; + CamelliaSubkeyR(15) = subr(14) ^ tr; + CamelliaSubkeyL(16) = subl(16); + CamelliaSubkeyR(16) = subr(16); + CamelliaSubkeyL(17) = subl(17); + CamelliaSubkeyR(17) = subr(17); + tl = subl(15) ^ (subr(15) & ~subr(17)); + dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(18) = tl ^ subl(19); + CamelliaSubkeyR(18) = tr ^ subr(19); + CamelliaSubkeyL(19) = subl(18) ^ subl(20); + CamelliaSubkeyR(19) = subr(18) ^ subr(20); + CamelliaSubkeyL(20) = subl(19) ^ subl(21); + CamelliaSubkeyR(20) = subr(19) ^ subr(21); + CamelliaSubkeyL(21) = subl(20) ^ subl(22); + CamelliaSubkeyR(21) = subr(20) ^ subr(22); + CamelliaSubkeyL(22) = subl(21) ^ subl(23); + CamelliaSubkeyR(22) = subr(21) ^ subr(23); + CamelliaSubkeyL(23) = subl(22); + CamelliaSubkeyR(23) = subr(22); + CamelliaSubkeyL(24) = subl(24) ^ subl(23); + CamelliaSubkeyR(24) = subr(24) ^ subr(23); + + /* apply the inverse of the last half of P-function */ + dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; + dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; + dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; + dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; + dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; + dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; + dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; + dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; + dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; + dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; + dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; + dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; + dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; + dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; + dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; + dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; + dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; + dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; + +#ifdef CYASSL_SMALL_STACK + XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return 0; +} + +static int camellia_setup256(const unsigned char *key, u32 *subkey) +{ + u32 kll,klr,krl,krr; /* left half of key */ + u32 krll,krlr,krrl,krrr; /* right half of key */ + u32 il, ir, t0, t1, w0, w1; /* temporary variables */ + u32 kw4l, kw4r, dw, tl, tr; + +#ifdef CYASSL_SMALL_STACK + u32* subL; + u32* subR; + + subL = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (subL == NULL) + return MEMORY_E; + + subR = (u32*) XMALLOC(sizeof(u32) * 34, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (subR == NULL) { + XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#else + u32 subL[34]; + u32 subR[34]; +#endif + + /** + * key = (kll || klr || krl || krr || krll || krlr || krrl || krrr) + * (|| is concatination) + */ + + kll = GETU32(key ); + klr = GETU32(key + 4); + krl = GETU32(key + 8); + krr = GETU32(key + 12); + krll = GETU32(key + 16); + krlr = GETU32(key + 20); + krrl = GETU32(key + 24); + krrr = GETU32(key + 28); + + /* generate KL dependent subkeys */ + subl(0) = kll; subr(0) = klr; + subl(1) = krl; subr(1) = krr; + CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 45); + subl(12) = kll; subr(12) = klr; + subl(13) = krl; subr(13) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(16) = kll; subr(16) = klr; + subl(17) = krl; subr(17) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 17); + subl(22) = kll; subr(22) = klr; + subl(23) = krl; subr(23) = krr; + CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 34); + subl(30) = kll; subr(30) = klr; + subl(31) = krl; subr(31) = krr; + + /* generate KR dependent subkeys */ + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); + subl(4) = krll; subr(4) = krlr; + subl(5) = krrl; subr(5) = krrr; + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 15); + subl(8) = krll; subr(8) = krlr; + subl(9) = krrl; subr(9) = krrr; + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); + subl(18) = krll; subr(18) = krlr; + subl(19) = krrl; subr(19) = krrr; + CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); + subl(26) = krll; subr(26) = krlr; + subl(27) = krrl; subr(27) = krrr; + CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 34); + + /* generate KA */ + kll = subl(0) ^ krll; klr = subr(0) ^ krlr; + krl = subl(1) ^ krrl; krr = subr(1) ^ krrr; + CAMELLIA_F(kll, klr, + CAMELLIA_SIGMA1L, CAMELLIA_SIGMA1R, + w0, w1, il, ir, t0, t1); + krl ^= w0; krr ^= w1; + CAMELLIA_F(krl, krr, + CAMELLIA_SIGMA2L, CAMELLIA_SIGMA2R, + kll, klr, il, ir, t0, t1); + kll ^= krll; klr ^= krlr; + CAMELLIA_F(kll, klr, + CAMELLIA_SIGMA3L, CAMELLIA_SIGMA3R, + krl, krr, il, ir, t0, t1); + krl ^= w0 ^ krrl; krr ^= w1 ^ krrr; + CAMELLIA_F(krl, krr, + CAMELLIA_SIGMA4L, CAMELLIA_SIGMA4R, + w0, w1, il, ir, t0, t1); + kll ^= w0; klr ^= w1; + + /* generate KB */ + krll ^= kll; krlr ^= klr; + krrl ^= krl; krrr ^= krr; + CAMELLIA_F(krll, krlr, + CAMELLIA_SIGMA5L, CAMELLIA_SIGMA5R, + w0, w1, il, ir, t0, t1); + krrl ^= w0; krrr ^= w1; + CAMELLIA_F(krrl, krrr, + CAMELLIA_SIGMA6L, CAMELLIA_SIGMA6R, + w0, w1, il, ir, t0, t1); + krll ^= w0; krlr ^= w1; + + /* generate KA dependent subkeys */ + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 15); + subl(6) = kll; subr(6) = klr; + subl(7) = krl; subr(7) = krr; + CAMELLIA_ROLDQ(kll, klr, krl, krr, w0, w1, 30); + subl(14) = kll; subr(14) = klr; + subl(15) = krl; subr(15) = krr; + subl(24) = klr; subr(24) = krl; + subl(25) = krr; subr(25) = kll; + CAMELLIA_ROLDQo32(kll, klr, krl, krr, w0, w1, 49); + subl(28) = kll; subr(28) = klr; + subl(29) = krl; subr(29) = krr; + + /* generate KB dependent subkeys */ + subl(2) = krll; subr(2) = krlr; + subl(3) = krrl; subr(3) = krrr; + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); + subl(10) = krll; subr(10) = krlr; + subl(11) = krrl; subr(11) = krrr; + CAMELLIA_ROLDQ(krll, krlr, krrl, krrr, w0, w1, 30); + subl(20) = krll; subr(20) = krlr; + subl(21) = krrl; subr(21) = krrr; + CAMELLIA_ROLDQo32(krll, krlr, krrl, krrr, w0, w1, 51); + subl(32) = krll; subr(32) = krlr; + subl(33) = krrl; subr(33) = krrr; + + /* absorb kw2 to other subkeys */ + subl(3) ^= subl(1); subr(3) ^= subr(1); + subl(5) ^= subl(1); subr(5) ^= subr(1); + subl(7) ^= subl(1); subr(7) ^= subr(1); + subl(1) ^= subr(1) & ~subr(9); + dw = subl(1) & subl(9), subr(1) ^= CAMELLIA_RL1(dw); + subl(11) ^= subl(1); subr(11) ^= subr(1); + subl(13) ^= subl(1); subr(13) ^= subr(1); + subl(15) ^= subl(1); subr(15) ^= subr(1); + subl(1) ^= subr(1) & ~subr(17); + dw = subl(1) & subl(17), subr(1) ^= CAMELLIA_RL1(dw); + subl(19) ^= subl(1); subr(19) ^= subr(1); + subl(21) ^= subl(1); subr(21) ^= subr(1); + subl(23) ^= subl(1); subr(23) ^= subr(1); + subl(1) ^= subr(1) & ~subr(25); + dw = subl(1) & subl(25), subr(1) ^= CAMELLIA_RL1(dw); + subl(27) ^= subl(1); subr(27) ^= subr(1); + subl(29) ^= subl(1); subr(29) ^= subr(1); + subl(31) ^= subl(1); subr(31) ^= subr(1); + subl(32) ^= subl(1); subr(32) ^= subr(1); + + /* absorb kw4 to other subkeys */ + kw4l = subl(33); kw4r = subr(33); + subl(30) ^= kw4l; subr(30) ^= kw4r; + subl(28) ^= kw4l; subr(28) ^= kw4r; + subl(26) ^= kw4l; subr(26) ^= kw4r; + kw4l ^= kw4r & ~subr(24); + dw = kw4l & subl(24), kw4r ^= CAMELLIA_RL1(dw); + subl(22) ^= kw4l; subr(22) ^= kw4r; + subl(20) ^= kw4l; subr(20) ^= kw4r; + subl(18) ^= kw4l; subr(18) ^= kw4r; + kw4l ^= kw4r & ~subr(16); + dw = kw4l & subl(16), kw4r ^= CAMELLIA_RL1(dw); + subl(14) ^= kw4l; subr(14) ^= kw4r; + subl(12) ^= kw4l; subr(12) ^= kw4r; + subl(10) ^= kw4l; subr(10) ^= kw4r; + kw4l ^= kw4r & ~subr(8); + dw = kw4l & subl(8), kw4r ^= CAMELLIA_RL1(dw); + subl(6) ^= kw4l; subr(6) ^= kw4r; + subl(4) ^= kw4l; subr(4) ^= kw4r; + subl(2) ^= kw4l; subr(2) ^= kw4r; + subl(0) ^= kw4l; subr(0) ^= kw4r; + + /* key XOR is end of F-function */ + CamelliaSubkeyL(0) = subl(0) ^ subl(2); + CamelliaSubkeyR(0) = subr(0) ^ subr(2); + CamelliaSubkeyL(2) = subl(3); + CamelliaSubkeyR(2) = subr(3); + CamelliaSubkeyL(3) = subl(2) ^ subl(4); + CamelliaSubkeyR(3) = subr(2) ^ subr(4); + CamelliaSubkeyL(4) = subl(3) ^ subl(5); + CamelliaSubkeyR(4) = subr(3) ^ subr(5); + CamelliaSubkeyL(5) = subl(4) ^ subl(6); + CamelliaSubkeyR(5) = subr(4) ^ subr(6); + CamelliaSubkeyL(6) = subl(5) ^ subl(7); + CamelliaSubkeyR(6) = subr(5) ^ subr(7); + tl = subl(10) ^ (subr(10) & ~subr(8)); + dw = tl & subl(8), tr = subr(10) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(7) = subl(6) ^ tl; + CamelliaSubkeyR(7) = subr(6) ^ tr; + CamelliaSubkeyL(8) = subl(8); + CamelliaSubkeyR(8) = subr(8); + CamelliaSubkeyL(9) = subl(9); + CamelliaSubkeyR(9) = subr(9); + tl = subl(7) ^ (subr(7) & ~subr(9)); + dw = tl & subl(9), tr = subr(7) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(10) = tl ^ subl(11); + CamelliaSubkeyR(10) = tr ^ subr(11); + CamelliaSubkeyL(11) = subl(10) ^ subl(12); + CamelliaSubkeyR(11) = subr(10) ^ subr(12); + CamelliaSubkeyL(12) = subl(11) ^ subl(13); + CamelliaSubkeyR(12) = subr(11) ^ subr(13); + CamelliaSubkeyL(13) = subl(12) ^ subl(14); + CamelliaSubkeyR(13) = subr(12) ^ subr(14); + CamelliaSubkeyL(14) = subl(13) ^ subl(15); + CamelliaSubkeyR(14) = subr(13) ^ subr(15); + tl = subl(18) ^ (subr(18) & ~subr(16)); + dw = tl & subl(16), tr = subr(18) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(15) = subl(14) ^ tl; + CamelliaSubkeyR(15) = subr(14) ^ tr; + CamelliaSubkeyL(16) = subl(16); + CamelliaSubkeyR(16) = subr(16); + CamelliaSubkeyL(17) = subl(17); + CamelliaSubkeyR(17) = subr(17); + tl = subl(15) ^ (subr(15) & ~subr(17)); + dw = tl & subl(17), tr = subr(15) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(18) = tl ^ subl(19); + CamelliaSubkeyR(18) = tr ^ subr(19); + CamelliaSubkeyL(19) = subl(18) ^ subl(20); + CamelliaSubkeyR(19) = subr(18) ^ subr(20); + CamelliaSubkeyL(20) = subl(19) ^ subl(21); + CamelliaSubkeyR(20) = subr(19) ^ subr(21); + CamelliaSubkeyL(21) = subl(20) ^ subl(22); + CamelliaSubkeyR(21) = subr(20) ^ subr(22); + CamelliaSubkeyL(22) = subl(21) ^ subl(23); + CamelliaSubkeyR(22) = subr(21) ^ subr(23); + tl = subl(26) ^ (subr(26) & ~subr(24)); + dw = tl & subl(24), tr = subr(26) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(23) = subl(22) ^ tl; + CamelliaSubkeyR(23) = subr(22) ^ tr; + CamelliaSubkeyL(24) = subl(24); + CamelliaSubkeyR(24) = subr(24); + CamelliaSubkeyL(25) = subl(25); + CamelliaSubkeyR(25) = subr(25); + tl = subl(23) ^ (subr(23) & ~subr(25)); + dw = tl & subl(25), tr = subr(23) ^ CAMELLIA_RL1(dw); + CamelliaSubkeyL(26) = tl ^ subl(27); + CamelliaSubkeyR(26) = tr ^ subr(27); + CamelliaSubkeyL(27) = subl(26) ^ subl(28); + CamelliaSubkeyR(27) = subr(26) ^ subr(28); + CamelliaSubkeyL(28) = subl(27) ^ subl(29); + CamelliaSubkeyR(28) = subr(27) ^ subr(29); + CamelliaSubkeyL(29) = subl(28) ^ subl(30); + CamelliaSubkeyR(29) = subr(28) ^ subr(30); + CamelliaSubkeyL(30) = subl(29) ^ subl(31); + CamelliaSubkeyR(30) = subr(29) ^ subr(31); + CamelliaSubkeyL(31) = subl(30); + CamelliaSubkeyR(31) = subr(30); + CamelliaSubkeyL(32) = subl(32) ^ subl(31); + CamelliaSubkeyR(32) = subr(32) ^ subr(31); + + /* apply the inverse of the last half of P-function */ + dw = CamelliaSubkeyL(2) ^ CamelliaSubkeyR(2), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(2) = CamelliaSubkeyL(2) ^ dw, CamelliaSubkeyL(2) = dw; + dw = CamelliaSubkeyL(3) ^ CamelliaSubkeyR(3), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(3) = CamelliaSubkeyL(3) ^ dw, CamelliaSubkeyL(3) = dw; + dw = CamelliaSubkeyL(4) ^ CamelliaSubkeyR(4), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(4) = CamelliaSubkeyL(4) ^ dw, CamelliaSubkeyL(4) = dw; + dw = CamelliaSubkeyL(5) ^ CamelliaSubkeyR(5), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(5) = CamelliaSubkeyL(5) ^ dw, CamelliaSubkeyL(5) = dw; + dw = CamelliaSubkeyL(6) ^ CamelliaSubkeyR(6), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(6) = CamelliaSubkeyL(6) ^ dw, CamelliaSubkeyL(6) = dw; + dw = CamelliaSubkeyL(7) ^ CamelliaSubkeyR(7), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(7) = CamelliaSubkeyL(7) ^ dw, CamelliaSubkeyL(7) = dw; + dw = CamelliaSubkeyL(10) ^ CamelliaSubkeyR(10), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(10) = CamelliaSubkeyL(10) ^ dw, CamelliaSubkeyL(10) = dw; + dw = CamelliaSubkeyL(11) ^ CamelliaSubkeyR(11), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(11) = CamelliaSubkeyL(11) ^ dw, CamelliaSubkeyL(11) = dw; + dw = CamelliaSubkeyL(12) ^ CamelliaSubkeyR(12), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(12) = CamelliaSubkeyL(12) ^ dw, CamelliaSubkeyL(12) = dw; + dw = CamelliaSubkeyL(13) ^ CamelliaSubkeyR(13), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(13) = CamelliaSubkeyL(13) ^ dw, CamelliaSubkeyL(13) = dw; + dw = CamelliaSubkeyL(14) ^ CamelliaSubkeyR(14), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(14) = CamelliaSubkeyL(14) ^ dw, CamelliaSubkeyL(14) = dw; + dw = CamelliaSubkeyL(15) ^ CamelliaSubkeyR(15), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(15) = CamelliaSubkeyL(15) ^ dw, CamelliaSubkeyL(15) = dw; + dw = CamelliaSubkeyL(18) ^ CamelliaSubkeyR(18), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(18) = CamelliaSubkeyL(18) ^ dw, CamelliaSubkeyL(18) = dw; + dw = CamelliaSubkeyL(19) ^ CamelliaSubkeyR(19), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(19) = CamelliaSubkeyL(19) ^ dw, CamelliaSubkeyL(19) = dw; + dw = CamelliaSubkeyL(20) ^ CamelliaSubkeyR(20), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(20) = CamelliaSubkeyL(20) ^ dw, CamelliaSubkeyL(20) = dw; + dw = CamelliaSubkeyL(21) ^ CamelliaSubkeyR(21), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(21) = CamelliaSubkeyL(21) ^ dw, CamelliaSubkeyL(21) = dw; + dw = CamelliaSubkeyL(22) ^ CamelliaSubkeyR(22), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(22) = CamelliaSubkeyL(22) ^ dw, CamelliaSubkeyL(22) = dw; + dw = CamelliaSubkeyL(23) ^ CamelliaSubkeyR(23), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(23) = CamelliaSubkeyL(23) ^ dw, CamelliaSubkeyL(23) = dw; + dw = CamelliaSubkeyL(26) ^ CamelliaSubkeyR(26), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(26) = CamelliaSubkeyL(26) ^ dw, CamelliaSubkeyL(26) = dw; + dw = CamelliaSubkeyL(27) ^ CamelliaSubkeyR(27), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(27) = CamelliaSubkeyL(27) ^ dw, CamelliaSubkeyL(27) = dw; + dw = CamelliaSubkeyL(28) ^ CamelliaSubkeyR(28), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(28) = CamelliaSubkeyL(28) ^ dw, CamelliaSubkeyL(28) = dw; + dw = CamelliaSubkeyL(29) ^ CamelliaSubkeyR(29), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(29) = CamelliaSubkeyL(29) ^ dw, CamelliaSubkeyL(29) = dw; + dw = CamelliaSubkeyL(30) ^ CamelliaSubkeyR(30), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(30) = CamelliaSubkeyL(30) ^ dw, CamelliaSubkeyL(30) = dw; + dw = CamelliaSubkeyL(31) ^ CamelliaSubkeyR(31), dw = CAMELLIA_RL8(dw); + CamelliaSubkeyR(31) = CamelliaSubkeyL(31) ^ dw,CamelliaSubkeyL(31) = dw; + +#ifdef CYASSL_SMALL_STACK + XFREE(subL, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(subR, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return 0; +} + +static int camellia_setup192(const unsigned char *key, u32 *subkey) +{ + unsigned char kk[32]; + u32 krll, krlr, krrl,krrr; + + memcpy(kk, key, 24); + memcpy((unsigned char *)&krll, key+16,4); + memcpy((unsigned char *)&krlr, key+20,4); + krrl = ~krll; + krrr = ~krlr; + memcpy(kk+24, (unsigned char *)&krrl, 4); + memcpy(kk+28, (unsigned char *)&krrr, 4); + + return camellia_setup256(kk, subkey); +} + + +/** + * Stuff related to camellia encryption/decryption + * + * "io" must be 4byte aligned and big-endian data. + */ +static void camellia_encrypt128(const u32 *subkey, u32 *io) +{ + u32 il, ir, t0, t1; + + /* pre whitening but absorb kw2*/ + io[0] ^= CamelliaSubkeyL(0); + io[1] ^= CamelliaSubkeyR(0); + /* main iteration */ + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(2),CamelliaSubkeyR(2), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(3),CamelliaSubkeyR(3), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(4),CamelliaSubkeyR(4), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(5),CamelliaSubkeyR(5), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(6),CamelliaSubkeyR(6), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(7),CamelliaSubkeyR(7), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(8),CamelliaSubkeyR(8), + CamelliaSubkeyL(9),CamelliaSubkeyR(9), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(10),CamelliaSubkeyR(10), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(11),CamelliaSubkeyR(11), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(12),CamelliaSubkeyR(12), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(13),CamelliaSubkeyR(13), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(14),CamelliaSubkeyR(14), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(15),CamelliaSubkeyR(15), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(16),CamelliaSubkeyR(16), + CamelliaSubkeyL(17),CamelliaSubkeyR(17), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(18),CamelliaSubkeyR(18), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(19),CamelliaSubkeyR(19), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(20),CamelliaSubkeyR(20), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(21),CamelliaSubkeyR(21), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(22),CamelliaSubkeyR(22), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(23),CamelliaSubkeyR(23), + io[0],io[1],il,ir,t0,t1); + + /* post whitening but kw4 */ + io[2] ^= CamelliaSubkeyL(24); + io[3] ^= CamelliaSubkeyR(24); + + t0 = io[0]; + t1 = io[1]; + io[0] = io[2]; + io[1] = io[3]; + io[2] = t0; + io[3] = t1; + + return; +} + +static void camellia_decrypt128(const u32 *subkey, u32 *io) +{ + u32 il,ir,t0,t1; /* temporary valiables */ + + /* pre whitening but absorb kw2*/ + io[0] ^= CamelliaSubkeyL(24); + io[1] ^= CamelliaSubkeyR(24); + + /* main iteration */ + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(23),CamelliaSubkeyR(23), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(22),CamelliaSubkeyR(22), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(21),CamelliaSubkeyR(21), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(20),CamelliaSubkeyR(20), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(19),CamelliaSubkeyR(19), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(18),CamelliaSubkeyR(18), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(17),CamelliaSubkeyR(17), + CamelliaSubkeyL(16),CamelliaSubkeyR(16), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(15),CamelliaSubkeyR(15), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(14),CamelliaSubkeyR(14), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(13),CamelliaSubkeyR(13), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(12),CamelliaSubkeyR(12), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(11),CamelliaSubkeyR(11), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(10),CamelliaSubkeyR(10), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(9),CamelliaSubkeyR(9), + CamelliaSubkeyL(8),CamelliaSubkeyR(8), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(7),CamelliaSubkeyR(7), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(6),CamelliaSubkeyR(6), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(5),CamelliaSubkeyR(5), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(4),CamelliaSubkeyR(4), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(3),CamelliaSubkeyR(3), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(2),CamelliaSubkeyR(2), + io[0],io[1],il,ir,t0,t1); + + /* post whitening but kw4 */ + io[2] ^= CamelliaSubkeyL(0); + io[3] ^= CamelliaSubkeyR(0); + + t0 = io[0]; + t1 = io[1]; + io[0] = io[2]; + io[1] = io[3]; + io[2] = t0; + io[3] = t1; + + return; +} + +/** + * stuff for 192 and 256bit encryption/decryption + */ +static void camellia_encrypt256(const u32 *subkey, u32 *io) +{ + u32 il,ir,t0,t1; /* temporary valiables */ + + /* pre whitening but absorb kw2*/ + io[0] ^= CamelliaSubkeyL(0); + io[1] ^= CamelliaSubkeyR(0); + + /* main iteration */ + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(2),CamelliaSubkeyR(2), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(3),CamelliaSubkeyR(3), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(4),CamelliaSubkeyR(4), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(5),CamelliaSubkeyR(5), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(6),CamelliaSubkeyR(6), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(7),CamelliaSubkeyR(7), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(8),CamelliaSubkeyR(8), + CamelliaSubkeyL(9),CamelliaSubkeyR(9), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(10),CamelliaSubkeyR(10), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(11),CamelliaSubkeyR(11), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(12),CamelliaSubkeyR(12), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(13),CamelliaSubkeyR(13), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(14),CamelliaSubkeyR(14), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(15),CamelliaSubkeyR(15), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(16),CamelliaSubkeyR(16), + CamelliaSubkeyL(17),CamelliaSubkeyR(17), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(18),CamelliaSubkeyR(18), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(19),CamelliaSubkeyR(19), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(20),CamelliaSubkeyR(20), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(21),CamelliaSubkeyR(21), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(22),CamelliaSubkeyR(22), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(23),CamelliaSubkeyR(23), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(24),CamelliaSubkeyR(24), + CamelliaSubkeyL(25),CamelliaSubkeyR(25), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(26),CamelliaSubkeyR(26), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(27),CamelliaSubkeyR(27), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(28),CamelliaSubkeyR(28), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(29),CamelliaSubkeyR(29), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(30),CamelliaSubkeyR(30), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(31),CamelliaSubkeyR(31), + io[0],io[1],il,ir,t0,t1); + + /* post whitening but kw4 */ + io[2] ^= CamelliaSubkeyL(32); + io[3] ^= CamelliaSubkeyR(32); + + t0 = io[0]; + t1 = io[1]; + io[0] = io[2]; + io[1] = io[3]; + io[2] = t0; + io[3] = t1; + + return; +} + +static void camellia_decrypt256(const u32 *subkey, u32 *io) +{ + u32 il,ir,t0,t1; /* temporary valiables */ + + /* pre whitening but absorb kw2*/ + io[0] ^= CamelliaSubkeyL(32); + io[1] ^= CamelliaSubkeyR(32); + + /* main iteration */ + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(31),CamelliaSubkeyR(31), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(30),CamelliaSubkeyR(30), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(29),CamelliaSubkeyR(29), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(28),CamelliaSubkeyR(28), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(27),CamelliaSubkeyR(27), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(26),CamelliaSubkeyR(26), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(25),CamelliaSubkeyR(25), + CamelliaSubkeyL(24),CamelliaSubkeyR(24), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(23),CamelliaSubkeyR(23), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(22),CamelliaSubkeyR(22), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(21),CamelliaSubkeyR(21), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(20),CamelliaSubkeyR(20), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(19),CamelliaSubkeyR(19), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(18),CamelliaSubkeyR(18), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(17),CamelliaSubkeyR(17), + CamelliaSubkeyL(16),CamelliaSubkeyR(16), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(15),CamelliaSubkeyR(15), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(14),CamelliaSubkeyR(14), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(13),CamelliaSubkeyR(13), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(12),CamelliaSubkeyR(12), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(11),CamelliaSubkeyR(11), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(10),CamelliaSubkeyR(10), + io[0],io[1],il,ir,t0,t1); + + CAMELLIA_FLS(io[0],io[1],io[2],io[3], + CamelliaSubkeyL(9),CamelliaSubkeyR(9), + CamelliaSubkeyL(8),CamelliaSubkeyR(8), + t0,t1,il,ir); + + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(7),CamelliaSubkeyR(7), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(6),CamelliaSubkeyR(6), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(5),CamelliaSubkeyR(5), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(4),CamelliaSubkeyR(4), + io[0],io[1],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[0],io[1], + CamelliaSubkeyL(3),CamelliaSubkeyR(3), + io[2],io[3],il,ir,t0,t1); + CAMELLIA_ROUNDSM(io[2],io[3], + CamelliaSubkeyL(2),CamelliaSubkeyR(2), + io[0],io[1],il,ir,t0,t1); + + /* post whitening but kw4 */ + io[2] ^= CamelliaSubkeyL(0); + io[3] ^= CamelliaSubkeyR(0); + + t0 = io[0]; + t1 = io[1]; + io[0] = io[2]; + io[1] = io[3]; + io[2] = t0; + io[3] = t1; + + return; +} + +/*** + * + * API for compatibility + */ + +static void Camellia_EncryptBlock(const int keyBitLength, + const unsigned char *plaintext, + const KEY_TABLE_TYPE keyTable, + unsigned char *ciphertext) +{ + u32 tmp[4]; + + tmp[0] = GETU32(plaintext); + tmp[1] = GETU32(plaintext + 4); + tmp[2] = GETU32(plaintext + 8); + tmp[3] = GETU32(plaintext + 12); + + switch (keyBitLength) { + case 128: + camellia_encrypt128(keyTable, tmp); + break; + case 192: + /* fall through */ + case 256: + camellia_encrypt256(keyTable, tmp); + break; + default: + break; + } + + PUTU32(ciphertext, tmp[0]); + PUTU32(ciphertext + 4, tmp[1]); + PUTU32(ciphertext + 8, tmp[2]); + PUTU32(ciphertext + 12, tmp[3]); +} + +static void Camellia_DecryptBlock(const int keyBitLength, + const unsigned char *ciphertext, + const KEY_TABLE_TYPE keyTable, + unsigned char *plaintext) +{ + u32 tmp[4]; + + tmp[0] = GETU32(ciphertext); + tmp[1] = GETU32(ciphertext + 4); + tmp[2] = GETU32(ciphertext + 8); + tmp[3] = GETU32(ciphertext + 12); + + switch (keyBitLength) { + case 128: + camellia_decrypt128(keyTable, tmp); + break; + case 192: + /* fall through */ + case 256: + camellia_decrypt256(keyTable, tmp); + break; + default: + break; + } + PUTU32(plaintext, tmp[0]); + PUTU32(plaintext + 4, tmp[1]); + PUTU32(plaintext + 8, tmp[2]); + PUTU32(plaintext + 12, tmp[3]); +} + + + +/* CTaoCrypt wrappers to the Camellia code */ + +int CamelliaSetKey(Camellia* cam, const byte* key, word32 len, const byte* iv) +{ + int ret = 0; + + if (cam == NULL) return BAD_FUNC_ARG; + + XMEMSET(cam->key, 0, sizeof(KEY_TABLE_TYPE)); + + switch (len) { + case 16: + ret = camellia_setup128(key, cam->key); + break; + case 24: + ret = camellia_setup192(key, cam->key); + break; + case 32: + ret = camellia_setup256(key, cam->key); + break; + default: + return BAD_FUNC_ARG; + } + + if (ret != 0) + return ret; + + cam->keySz = len * 8; + + return CamelliaSetIV(cam, iv); +} + + +int CamelliaSetIV(Camellia* cam, const byte* iv) +{ + if (cam == NULL) + return BAD_FUNC_ARG; + + if (iv) + XMEMCPY(cam->reg, iv, CAMELLIA_BLOCK_SIZE); + else + XMEMSET(cam->reg, 0, CAMELLIA_BLOCK_SIZE); + + return 0; +} + + +void CamelliaEncryptDirect(Camellia* cam, byte* out, const byte* in) +{ + Camellia_EncryptBlock(cam->keySz, in, cam->key, out); +} + + +void CamelliaDecryptDirect(Camellia* cam, byte* out, const byte* in) +{ + Camellia_DecryptBlock(cam->keySz, in, cam->key, out); +} + + +void CamelliaCbcEncrypt(Camellia* cam, byte* out, const byte* in, word32 sz) +{ + word32 blocks = sz / CAMELLIA_BLOCK_SIZE; + + while (blocks--) { + xorbuf((byte*)cam->reg, in, CAMELLIA_BLOCK_SIZE); + Camellia_EncryptBlock(cam->keySz, (byte*)cam->reg, + cam->key, (byte*)cam->reg); + XMEMCPY(out, cam->reg, CAMELLIA_BLOCK_SIZE); + + out += CAMELLIA_BLOCK_SIZE; + in += CAMELLIA_BLOCK_SIZE; + } +} + + +void CamelliaCbcDecrypt(Camellia* cam, byte* out, const byte* in, word32 sz) +{ + word32 blocks = sz / CAMELLIA_BLOCK_SIZE; + + while (blocks--) { + XMEMCPY(cam->tmp, in, CAMELLIA_BLOCK_SIZE); + Camellia_DecryptBlock(cam->keySz, (byte*)cam->tmp, cam->key, out); + xorbuf(out, (byte*)cam->reg, CAMELLIA_BLOCK_SIZE); + XMEMCPY(cam->reg, cam->tmp, CAMELLIA_BLOCK_SIZE); + + out += CAMELLIA_BLOCK_SIZE; + in += CAMELLIA_BLOCK_SIZE; + } +} + + +#endif /* HAVE_CAMELLIA */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/coding.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/coding.c index 63edc6a66..cdad0f5ca 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/coding.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/coding.c @@ -1,6 +1,6 @@ /* coding.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,15 +16,19 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + +#ifndef NO_CODING + #include -#include +#include #include @@ -91,9 +95,9 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) e3 = (e3 == PAD) ? 0 : base64Decode[e3 - 0x2B]; e4 = (e4 == PAD) ? 0 : base64Decode[e4 - 0x2B]; - b1 = (e1 << 2) | (e2 >> 4); - b2 = ((e2 & 0xF) << 4) | (e3 >> 2); - b3 = ((e3 & 0x3) << 6) | e4; + b1 = (byte)((e1 << 2) | (e2 >> 4)); + b2 = (byte)(((e2 & 0xF) << 4) | (e3 >> 2)); + b3 = (byte)(((e3 & 0x3) << 6) | e4); out[i++] = b1; if (!pad3) @@ -104,16 +108,18 @@ int Base64_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) break; inLen -= 4; - if (in[j] == ' ' || in[j] == '\r' || in[j] == '\n') { + if (inLen && (in[j] == ' ' || in[j] == '\r' || in[j] == '\n')) { byte endLine = in[j++]; inLen--; - while (endLine == ' ') { /* allow trailing whitespace */ + while (inLen && endLine == ' ') { /* allow trailing whitespace */ endLine = in[j++]; inLen--; } if (endLine == '\r') { - endLine = in[j++]; - inLen--; + if (inLen) { + endLine = in[j++]; + inLen--; + } } if (endLine != '\n') { CYASSL_MSG("Bad end of line in Base64 Decode"); @@ -141,16 +147,101 @@ const byte base64Encode[] = { 'A', 'B', 'C', 'D', 'E', 'F', 'G', 'H', 'I', 'J', }; -/* porting assistance from yaSSL by Raphael HUCK */ -int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) +/* make sure *i (idx) won't exceed max, store and possibly escape to out, + * raw means use e w/o decode, 0 on success */ +static int CEscape(int escaped, byte e, byte* out, word32* i, word32 max, + int raw) { + int doEscape = 0; + word32 needed = 1; + word32 idx = *i; + + byte basic; + byte plus = 0; + byte equals = 0; + byte newline = 0; + + if (raw) + basic = e; + else + basic = base64Encode[e]; + + /* check whether to escape */ + if (escaped) { + switch ((char)basic) { + case '+' : + plus = 1; + doEscape = 1; + needed += 2; + break; + case '=' : + equals = 1; + doEscape = 1; + needed += 2; + break; + case '\n' : + newline = 1; + doEscape = 1; + needed += 2; + break; + default: + /* do nothing */ + break; + } + } + + /* check size */ + if ( (idx+needed) > max) { + CYASSL_MSG("Escape buffer max too small"); + return BUFFER_E; + } + + /* store it */ + if (doEscape == 0) { + out[idx++] = basic; + } + else { + out[idx++] = '%'; /* start escape */ + + if (plus) { + out[idx++] = '2'; + out[idx++] = 'B'; + } + else if (equals) { + out[idx++] = '3'; + out[idx++] = 'D'; + } + else if (newline) { + out[idx++] = '0'; + out[idx++] = 'A'; + } + + } + *i = idx; + + return 0; +} + + +/* internal worker, handles both escaped and normal line endings */ +static int DoBase64_Encode(const byte* in, word32 inLen, byte* out, + word32* outLen, int escaped) +{ + int ret = 0; word32 i = 0, j = 0, n = 0; /* new line counter */ word32 outSz = (inLen + 3 - 1) / 3 * 4; - outSz += (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */ + word32 addSz = (outSz + PEM_LINE_SZ - 1) / PEM_LINE_SZ; /* new lines */ + + if (escaped) + addSz *= 3; /* instead of just \n, we're doing %0A triplet */ + + outSz += addSz; + /* if escaped we can't predetermine size for one pass encoding, but + * make sure we have enough if no escapes are in input */ if (outSz > *outLen) return BAD_FUNC_ARG; while (inLen > 2) { @@ -160,52 +251,93 @@ int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) /* encoded idx */ byte e1 = b1 >> 2; - byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); - byte e3 = ((b2 & 0xF) << 2) | (b3 >> 6); + byte e2 = (byte)(((b1 & 0x3) << 4) | (b2 >> 4)); + byte e3 = (byte)(((b2 & 0xF) << 2) | (b3 >> 6)); byte e4 = b3 & 0x3F; /* store */ - out[i++] = base64Encode[e1]; - out[i++] = base64Encode[e2]; - out[i++] = base64Encode[e3]; - out[i++] = base64Encode[e4]; + ret = CEscape(escaped, e1, out, &i, *outLen, 0); + if (ret != 0) break; + ret = CEscape(escaped, e2, out, &i, *outLen, 0); + if (ret != 0) break; + ret = CEscape(escaped, e3, out, &i, *outLen, 0); + if (ret != 0) break; + ret = CEscape(escaped, e4, out, &i, *outLen, 0); + if (ret != 0) break; inLen -= 3; - if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) - out[i++] = '\n'; + if ((++n % (PEM_LINE_SZ / 4)) == 0 && inLen) { + ret = CEscape(escaped, '\n', out, &i, *outLen, 1); + if (ret != 0) break; + } } /* last integral */ - if (inLen) { + if (inLen && ret == 0) { int twoBytes = (inLen == 2); byte b1 = in[j++]; byte b2 = (twoBytes) ? in[j++] : 0; byte e1 = b1 >> 2; - byte e2 = ((b1 & 0x3) << 4) | (b2 >> 4); - byte e3 = (b2 & 0xF) << 2; - - out[i++] = base64Encode[e1]; - out[i++] = base64Encode[e2]; - out[i++] = (twoBytes) ? base64Encode[e3] : PAD; - out[i++] = PAD; + byte e2 = (byte)(((b1 & 0x3) << 4) | (b2 >> 4)); + byte e3 = (byte)((b2 & 0xF) << 2); + + ret = CEscape(escaped, e1, out, &i, *outLen, 0); + if (ret == 0) + ret = CEscape(escaped, e2, out, &i, *outLen, 0); + if (ret == 0) { + /* third */ + if (twoBytes) + ret = CEscape(escaped, e3, out, &i, *outLen, 0); + else + ret = CEscape(escaped, '=', out, &i, *outLen, 1); + } + /* fourth always pad */ + if (ret == 0) + ret = CEscape(escaped, '=', out, &i, *outLen, 1); } - out[i++] = '\n'; - if (i != outSz) + if (ret == 0) + ret = CEscape(escaped, '\n', out, &i, *outLen, 1); + + if (i != outSz && escaped == 0 && ret == 0) return ASN_INPUT_E; - *outLen = outSz; - return 0; + *outLen = i; + return ret; } +/* Base64 Encode, PEM style, with \n line endings */ +int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen) +{ + return DoBase64_Encode(in, inLen, out, outLen, 0); +} + + +/* Base64 Encode, with %0A esacped line endings instead of \n */ +int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, word32* outLen) +{ + return DoBase64_Encode(in, inLen, out, outLen, 1); +} + + +#endif /* defined(OPENSSL_EXTRA) || defined (SESSION_CERTS) || defined(CYASSL_KEY_GEN) || defined(CYASSL_CERT_GEN) || defined(HAVE_WEBSERVER) */ + + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS) + static const byte hexDecode[] = { 0, 1, 2, 3, 4, 5, 6, 7, 8, 9, BAD, BAD, BAD, BAD, BAD, BAD, BAD, - 10, 11, 12, 13, 14, 15 + 10, 11, 12, 13, 14, 15, /* upper case A-F */ + BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, + BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, + BAD, BAD, BAD, BAD, BAD, BAD, BAD, BAD, + BAD, BAD, /* G - ` */ + 10, 11, 12, 13, 14, 15 /* lower case a-f */ }; /* A starts at 0x41 not 0x3A */ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) @@ -253,7 +385,7 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) if (b == BAD || b2 == BAD) return ASN_INPUT_E; - out[outIdx++] = (b << 4) | b2; + out[outIdx++] = (byte)((b << 4) | b2); inLen -= 2; } @@ -262,4 +394,6 @@ int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen) } -#endif /* OPENSSL_EXTRA */ +#endif /* (OPENSSL_EXTRA) || (HAVE_WEBSERVER) || (HAVE_FIPS) */ + +#endif /* NO_CODING */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/compress.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/compress.c new file mode 100644 index 000000000..faebd2ad0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/compress.c @@ -0,0 +1,169 @@ +/* compress.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#ifdef HAVE_LIBZ + + +#include +#include +#include +#ifdef NO_INLINE + #include +#else + #include +#endif + +#include + + +/* alloc user allocs to work with zlib */ +static void* myAlloc(void* opaque, unsigned int item, unsigned int size) +{ + (void)opaque; + return XMALLOC(item * size, opaque, DYNAMIC_TYPE_LIBZ); +} + + +static void myFree(void* opaque, void* memory) +{ + (void)opaque; + XFREE(memory, opaque, DYNAMIC_TYPE_LIBZ); +} + + +#ifdef HAVE_MCAPI + #define DEFLATE_DEFAULT_WINDOWBITS 11 + #define DEFLATE_DEFAULT_MEMLEVEL 1 +#else + #define DEFLATE_DEFAULT_WINDOWBITS 15 + #define DEFLATE_DEFAULT_MEMLEVEL 8 +#endif + + +int Compress(byte* out, word32 outSz, const byte* in, word32 inSz, word32 flags) +/* + * out - pointer to destination buffer + * outSz - size of destination buffer + * in - pointer to source buffer to compress + * inSz - size of source to compress + * flags - flags to control how compress operates + * + * return: + * negative - error code + * positive - bytes stored in out buffer + * + * Note, the output buffer still needs to be larger than the input buffer. + * The right chunk of data won't compress at all, and the lookup table will + * add to the size of the output. The libz code says the compressed + * buffer should be srcSz + 0.1% + 12. + */ +{ + z_stream stream; + int result = 0; + + stream.next_in = (Bytef*)in; + stream.avail_in = (uInt)inSz; +#ifdef MAXSEG_64K + /* Check for source > 64K on 16-bit machine: */ + if ((uLong)stream.avail_in != inSz) return COMPRESS_INIT_E; +#endif + stream.next_out = out; + stream.avail_out = (uInt)outSz; + if ((uLong)stream.avail_out != outSz) return COMPRESS_INIT_E; + + stream.zalloc = (alloc_func)myAlloc; + stream.zfree = (free_func)myFree; + stream.opaque = (voidpf)0; + + if (deflateInit2(&stream, Z_DEFAULT_COMPRESSION, Z_DEFLATED, + DEFLATE_DEFAULT_WINDOWBITS, DEFLATE_DEFAULT_MEMLEVEL, + flags ? Z_FIXED : Z_DEFAULT_STRATEGY) != Z_OK) + return COMPRESS_INIT_E; + + if (deflate(&stream, Z_FINISH) != Z_STREAM_END) { + deflateEnd(&stream); + return COMPRESS_E; + } + + result = (int)stream.total_out; + + if (deflateEnd(&stream) != Z_OK) + result = COMPRESS_E; + + return result; +} + + +int DeCompress(byte* out, word32 outSz, const byte* in, word32 inSz) +/* + * out - pointer to destination buffer + * outSz - size of destination buffer + * in - pointer to source buffer to compress + * inSz - size of source to compress + * flags - flags to control how compress operates + * + * return: + * negative - error code + * positive - bytes stored in out buffer + */ +{ + z_stream stream; + int result = 0; + + stream.next_in = (Bytef*)in; + stream.avail_in = (uInt)inSz; + /* Check for source > 64K on 16-bit machine: */ + if ((uLong)stream.avail_in != inSz) return DECOMPRESS_INIT_E; + + stream.next_out = out; + stream.avail_out = (uInt)outSz; + if ((uLong)stream.avail_out != outSz) return DECOMPRESS_INIT_E; + + stream.zalloc = (alloc_func)myAlloc; + stream.zfree = (free_func)myFree; + stream.opaque = (voidpf)0; + + if (inflateInit2(&stream, DEFLATE_DEFAULT_WINDOWBITS) != Z_OK) + return DECOMPRESS_INIT_E; + + if (inflate(&stream, Z_FINISH) != Z_STREAM_END) { + inflateEnd(&stream); + return DECOMPRESS_E; + } + + result = (int)stream.total_out; + + if (inflateEnd(&stream) != Z_OK) + result = DECOMPRESS_E; + + return result; +} + + +#endif /* HAVE_LIBZ */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/des3.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/des3.c index 77a20b022..4cd2a63ca 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/des3.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/des3.c @@ -1,6 +1,6 @@ /* des3.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,16 +16,25 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifndef NO_DES3 +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif + #include +#include +#include #ifdef NO_INLINE #include @@ -34,6 +43,812 @@ #endif +#ifdef HAVE_CAVIUM + static int Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv); + static int Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in, + word32 length); + static int Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in, + word32 length); +#endif + + + + +#ifdef STM32F2_CRYPTO + /* + * STM32F2 hardware DES/3DES support through the STM32F2 standard + * peripheral library. Documentation located in STM32F2xx Standard + * Peripheral Library document (See note in README). + */ + #include "stm32f2xx.h" + #include "stm32f2xx_cryp.h" + + int Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) + { + word32 *dkey = des->key; + + XMEMCPY(dkey, key, 8); + ByteReverseWords(dkey, dkey, 8); + + Des_SetIV(des, iv); + + return 0; + } + + int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) + { + word32 *dkey1 = des->key[0]; + word32 *dkey2 = des->key[1]; + word32 *dkey3 = des->key[2]; + + XMEMCPY(dkey1, key, 8); /* set key 1 */ + XMEMCPY(dkey2, key + 8, 8); /* set key 2 */ + XMEMCPY(dkey3, key + 16, 8); /* set key 3 */ + + ByteReverseWords(dkey1, dkey1, 8); + ByteReverseWords(dkey2, dkey2, 8); + ByteReverseWords(dkey3, dkey3, 8); + + return Des3_SetIV(des, iv); + } + + void DesCrypt(Des* des, byte* out, const byte* in, word32 sz, + int dir, int mode) + { + word32 *dkey, *iv; + CRYP_InitTypeDef DES_CRYP_InitStructure; + CRYP_KeyInitTypeDef DES_CRYP_KeyInitStructure; + CRYP_IVInitTypeDef DES_CRYP_IVInitStructure; + + dkey = des->key; + iv = des->reg; + + /* crypto structure initialization */ + CRYP_KeyStructInit(&DES_CRYP_KeyInitStructure); + CRYP_StructInit(&DES_CRYP_InitStructure); + CRYP_IVStructInit(&DES_CRYP_IVInitStructure); + + /* reset registers to their default values */ + CRYP_DeInit(); + + /* set direction, mode, and datatype */ + if (dir == DES_ENCRYPTION) { + DES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt; + } else { /* DES_DECRYPTION */ + DES_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt; + } + + if (mode == DES_CBC) { + DES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_DES_CBC; + } else { /* DES_ECB */ + DES_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_DES_ECB; + } + + DES_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; + CRYP_Init(&DES_CRYP_InitStructure); + + /* load key into correct registers */ + DES_CRYP_KeyInitStructure.CRYP_Key1Left = dkey[0]; + DES_CRYP_KeyInitStructure.CRYP_Key1Right = dkey[1]; + CRYP_KeyInit(&DES_CRYP_KeyInitStructure); + + /* set iv */ + ByteReverseWords(iv, iv, DES_BLOCK_SIZE); + DES_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; + DES_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; + CRYP_IVInit(&DES_CRYP_IVInitStructure); + + /* enable crypto processor */ + CRYP_Cmd(ENABLE); + + while (sz > 0) + { + /* flush IN/OUT FIFOs */ + CRYP_FIFOFlush(); + + /* if input and output same will overwrite input iv */ + XMEMCPY(des->tmp, in + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + + CRYP_DataIn(*(uint32_t*)&in[0]); + CRYP_DataIn(*(uint32_t*)&in[4]); + + /* wait until the complete message has been processed */ + while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} + + *(uint32_t*)&out[0] = CRYP_DataOut(); + *(uint32_t*)&out[4] = CRYP_DataOut(); + + /* store iv for next call */ + XMEMCPY(des->reg, des->tmp, DES_BLOCK_SIZE); + + sz -= DES_BLOCK_SIZE; + in += DES_BLOCK_SIZE; + out += DES_BLOCK_SIZE; + } + + /* disable crypto processor */ + CRYP_Cmd(DISABLE); + } + + int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz) + { + DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_CBC); + return 0; + } + + int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) + { + DesCrypt(des, out, in, sz, DES_DECRYPTION, DES_CBC); + return 0; + } + + int Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz) + { + DesCrypt(des, out, in, sz, DES_ENCRYPTION, DES_ECB); + return 0; + } + + void Des3Crypt(Des3* des, byte* out, const byte* in, word32 sz, + int dir) + { + word32 *dkey1, *dkey2, *dkey3, *iv; + CRYP_InitTypeDef DES3_CRYP_InitStructure; + CRYP_KeyInitTypeDef DES3_CRYP_KeyInitStructure; + CRYP_IVInitTypeDef DES3_CRYP_IVInitStructure; + + dkey1 = des->key[0]; + dkey2 = des->key[1]; + dkey3 = des->key[2]; + iv = des->reg; + + /* crypto structure initialization */ + CRYP_KeyStructInit(&DES3_CRYP_KeyInitStructure); + CRYP_StructInit(&DES3_CRYP_InitStructure); + CRYP_IVStructInit(&DES3_CRYP_IVInitStructure); + + /* reset registers to their default values */ + CRYP_DeInit(); + + /* set direction, mode, and datatype */ + if (dir == DES_ENCRYPTION) { + DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Encrypt; + } else { + DES3_CRYP_InitStructure.CRYP_AlgoDir = CRYP_AlgoDir_Decrypt; + } + + DES3_CRYP_InitStructure.CRYP_AlgoMode = CRYP_AlgoMode_TDES_CBC; + DES3_CRYP_InitStructure.CRYP_DataType = CRYP_DataType_8b; + CRYP_Init(&DES3_CRYP_InitStructure); + + /* load key into correct registers */ + DES3_CRYP_KeyInitStructure.CRYP_Key1Left = dkey1[0]; + DES3_CRYP_KeyInitStructure.CRYP_Key1Right = dkey1[1]; + DES3_CRYP_KeyInitStructure.CRYP_Key2Left = dkey2[0]; + DES3_CRYP_KeyInitStructure.CRYP_Key2Right = dkey2[1]; + DES3_CRYP_KeyInitStructure.CRYP_Key3Left = dkey3[0]; + DES3_CRYP_KeyInitStructure.CRYP_Key3Right = dkey3[1]; + CRYP_KeyInit(&DES3_CRYP_KeyInitStructure); + + /* set iv */ + ByteReverseWords(iv, iv, DES_BLOCK_SIZE); + DES3_CRYP_IVInitStructure.CRYP_IV0Left = iv[0]; + DES3_CRYP_IVInitStructure.CRYP_IV0Right = iv[1]; + CRYP_IVInit(&DES3_CRYP_IVInitStructure); + + /* enable crypto processor */ + CRYP_Cmd(ENABLE); + + while (sz > 0) + { + /* flush IN/OUT FIFOs */ + CRYP_FIFOFlush(); + + CRYP_DataIn(*(uint32_t*)&in[0]); + CRYP_DataIn(*(uint32_t*)&in[4]); + + /* wait until the complete message has been processed */ + while(CRYP_GetFlagStatus(CRYP_FLAG_BUSY) != RESET) {} + + *(uint32_t*)&out[0] = CRYP_DataOut(); + *(uint32_t*)&out[4] = CRYP_DataOut(); + + /* store iv for next call */ + XMEMCPY(des->reg, out + sz - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + + sz -= DES_BLOCK_SIZE; + in += DES_BLOCK_SIZE; + out += DES_BLOCK_SIZE; + } + + /* disable crypto processor */ + CRYP_Cmd(DISABLE); + + } + + int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) + { + Des3Crypt(des, out, in, sz, DES_ENCRYPTION); + return 0; + } + + int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) + { + Des3Crypt(des, out, in, sz, DES_DECRYPTION); + return 0; + } + +#elif defined(HAVE_COLDFIRE_SEC) + +#include + +#include "sec.h" +#include "mcf5475_sec.h" +#include "mcf5475_siu.h" + +#if defined (HAVE_THREADX) +#include "memory_pools.h" +extern TX_BYTE_POOL mp_ncached; /* Non Cached memory pool */ +#endif + +#define DES_BUFFER_SIZE (DES_BLOCK_SIZE * 64) +static unsigned char *desBuffIn = NULL ; +static unsigned char *desBuffOut = NULL ; +static byte *secIV ; +static byte *secKey ; +static volatile SECdescriptorType *secDesc ; + +static CyaSSL_Mutex Mutex_DesSEC ; + +#define SEC_DESC_DES_CBC_ENCRYPT 0x20500010 +#define SEC_DESC_DES_CBC_DECRYPT 0x20400010 +#define SEC_DESC_DES3_CBC_ENCRYPT 0x20700010 +#define SEC_DESC_DES3_CBC_DECRYPT 0x20600010 + +#define DES_IVLEN 8 +#define DES_KEYLEN 8 +#define DES3_IVLEN 8 +#define DES3_KEYLEN 24 + +extern volatile unsigned char __MBAR[]; + +static void Des_Cbc(byte* out, const byte* in, word32 sz, + byte *key, byte *iv, word32 desc) +{ + #ifdef DEBUG_CYASSL + int ret ; int stat1,stat2 ; + #endif + int size ; + volatile int v ; + + LockMutex(&Mutex_DesSEC) ; + + secDesc->length1 = 0x0; + secDesc->pointer1 = NULL; + if((desc==SEC_DESC_DES_CBC_ENCRYPT)||(desc==SEC_DESC_DES_CBC_DECRYPT)){ + secDesc->length2 = DES_IVLEN ; + secDesc->length3 = DES_KEYLEN ; + } else { + secDesc->length2 = DES3_IVLEN ; + secDesc->length3 = DES3_KEYLEN ; + } + secDesc->pointer2 = secIV ; + secDesc->pointer3 = secKey; + secDesc->pointer4 = desBuffIn ; + secDesc->pointer5 = desBuffOut ; + secDesc->length6 = 0; + secDesc->pointer6 = NULL; + secDesc->length7 = 0x0; + secDesc->pointer7 = NULL; + secDesc->nextDescriptorPtr = NULL ; + + while(sz) { + XMEMCPY(secIV, iv, secDesc->length2) ; + if((sz%DES_BUFFER_SIZE) == sz) { + size = sz ; + sz = 0 ; + } else { + size = DES_BUFFER_SIZE ; + sz -= DES_BUFFER_SIZE ; + } + + XMEMCPY(desBuffIn, in, size) ; + XMEMCPY(secKey, key, secDesc->length3) ; + + secDesc->header = desc ; + secDesc->length4 = size; + secDesc->length5 = size; + /* Point SEC to the location of the descriptor */ + MCF_SEC_FR0 = (uint32)secDesc; + /* Initialize SEC and wait for encryption to complete */ + MCF_SEC_CCCR0 = 0x0000001a; + /* poll SISR to determine when channel is complete */ + v=0 ; + while((secDesc->header>> 24) != 0xff) { + if(v++ > 1000)break ; + } + +#ifdef DEBUG_CYASSL + ret = MCF_SEC_SISRH; + stat1 = MCF_SEC_DSR ; + stat2 = MCF_SEC_DISR ; + if(ret & 0xe0000000) { + /* db_printf("Des_Cbc(%x):ISRH=%08x, DSR=%08x, DISR=%08x\n", desc, ret, stat1, stat2) ; */ + } +#endif + + XMEMCPY(out, desBuffOut, size) ; + + if((desc==SEC_DESC_DES3_CBC_ENCRYPT)||(desc==SEC_DESC_DES_CBC_ENCRYPT)) { + XMEMCPY((void*)iv, (void*)&(out[size-secDesc->length2]), secDesc->length2) ; + } else { + XMEMCPY((void*)iv, (void*)&(in[size-secDesc->length2]), secDesc->length2) ; + } + + in += size ; + out += size ; + + } + UnLockMutex(&Mutex_DesSEC) ; + +} + + +int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz) +{ + Des_Cbc(out, in, sz, (byte *)des->key, (byte *)des->reg, SEC_DESC_DES_CBC_ENCRYPT) ; + return 0; +} + +int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) +{ + Des_Cbc(out, in, sz, (byte *)des->key, (byte *)des->reg, SEC_DESC_DES_CBC_DECRYPT) ; + return 0; +} + +int Des3_CbcEncrypt(Des3* des3, byte* out, const byte* in, word32 sz) +{ + Des_Cbc(out, in, sz, (byte *)des3->key, (byte *)des3->reg, SEC_DESC_DES3_CBC_ENCRYPT) ; + return 0; +} + + +int Des3_CbcDecrypt(Des3* des3, byte* out, const byte* in, word32 sz) +{ + Des_Cbc(out, in, sz, (byte *)des3->key, (byte *)des3->reg, SEC_DESC_DES3_CBC_DECRYPT) ; + return 0; +} + +static void setParity(byte *buf, int len) +{ + int i, j ; + byte v ; + int bits ; + + for(i=0; i> 1 ; + buf[i] = v << 1 ; + bits = 0 ; + for(j=0; j<7; j++) + { + bits += (v&0x1) ; + v = v >> 1 ; + } + buf[i] |= (1 - (bits&0x1)) ; + } + +} + + +int Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) +{ + if(desBuffIn == NULL) { + #if defined (HAVE_THREADX) + int s1, s2, s3, s4, s5 ; + s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc, + sizeof(SECdescriptorType), TX_NO_WAIT); + s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn, DES_BUFFER_SIZE, TX_NO_WAIT); + s2 = tx_byte_allocate(&mp_ncached,(void *)&desBuffOut, DES_BUFFER_SIZE, TX_NO_WAIT); + /* Don't know des or des3 to be used. Allocate larger buffers */ + s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey, DES3_KEYLEN,TX_NO_WAIT); + s4 = tx_byte_allocate(&mp_ncached,(void *)&secIV, DES3_IVLEN, TX_NO_WAIT); + #else + #warning "Allocate non-Cache buffers" + #endif + + InitMutex(&Mutex_DesSEC) ; + } + + XMEMCPY(des->key, key, DES_KEYLEN); + setParity((byte *)des->key, DES_KEYLEN) ; + + if (iv) { + XMEMCPY(des->reg, iv, DES_IVLEN); + } else { + XMEMSET(des->reg, 0x0, DES_IVLEN) ; + } + return 0; +} + +int Des3_SetKey(Des3* des3, const byte* key, const byte* iv, int dir) +{ + + if(desBuffIn == NULL) { + #if defined (HAVE_THREADX) + int s1, s2, s3, s4, s5 ; + s5 = tx_byte_allocate(&mp_ncached,(void *)&secDesc, + sizeof(SECdescriptorType), TX_NO_WAIT); + s1 = tx_byte_allocate(&mp_ncached,(void *)&desBuffIn, DES_BUFFER_SIZE, TX_NO_WAIT); + s2 = tx_byte_allocate(&mp_ncached,(void *)&desBuffOut, DES_BUFFER_SIZE, TX_NO_WAIT); + s3 = tx_byte_allocate(&mp_ncached,(void *)&secKey, DES3_KEYLEN,TX_NO_WAIT); + s4 = tx_byte_allocate(&mp_ncached,(void *)&secIV, DES3_IVLEN, TX_NO_WAIT); + #else + #warning "Allocate non-Cache buffers" + #endif + + InitMutex(&Mutex_DesSEC) ; + } + + XMEMCPY(des3->key[0], key, DES3_KEYLEN); + setParity((byte *)des3->key[0], DES3_KEYLEN) ; + + if (iv) { + XMEMCPY(des3->reg, iv, DES3_IVLEN); + } else { + XMEMSET(des3->reg, 0x0, DES3_IVLEN) ; + } + return 0; + +} + +#elif defined FREESCALE_MMCAU + /* + * Freescale mmCAU hardware DES/3DES support through the CAU/mmCAU library. + * Documentation located in ColdFire/ColdFire+ CAU and Kinetis mmCAU + * Software Library User Guide (See note in README). + */ + #include "cau_api.h" + + const unsigned char parityLookup[128] = + { + 1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0, + 0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1, + 0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0,1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1, + 1,0,0,1,0,1,1,0,0,1,1,0,1,0,0,1,0,1,1,0,1,0,0,1,1,0,0,1,0,1,1,0 + }; + + int Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) + { + int i = 0; + byte* dkey = (byte*)des->key; + + XMEMCPY(dkey, key, 8); + + Des_SetIV(des, iv); + + /* fix key parity, if needed */ + for (i = 0; i < 8; i++) { + dkey[i] = ((dkey[i] & 0xFE) | parityLookup[dkey[i] >> 1]); + } + + return 0; + } + + int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) + { + int i = 0, ret = 0; + byte* dkey1 = (byte*)des->key[0]; + byte* dkey2 = (byte*)des->key[1]; + byte* dkey3 = (byte*)des->key[2]; + + XMEMCPY(dkey1, key, 8); /* set key 1 */ + XMEMCPY(dkey2, key + 8, 8); /* set key 2 */ + XMEMCPY(dkey3, key + 16, 8); /* set key 3 */ + + ret = Des3_SetIV(des, iv); + if (ret != 0) + return ret; + + /* fix key parity if needed */ + for (i = 0; i < 8; i++) + dkey1[i] = ((dkey1[i] & 0xFE) | parityLookup[dkey1[i] >> 1]); + + for (i = 0; i < 8; i++) + dkey2[i] = ((dkey2[i] & 0xFE) | parityLookup[dkey2[i] >> 1]); + + for (i = 0; i < 8; i++) + dkey3[i] = ((dkey3[i] & 0xFE) | parityLookup[dkey3[i] >> 1]); + + return ret; + } + + int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + byte *iv; + byte temp_block[DES_BLOCK_SIZE]; + + iv = (byte*)des->reg; + + if ((word)out % CYASSL_MMCAU_ALIGNMENT) { + CYASSL_MSG("Bad cau_des_encrypt alignment"); + return BAD_ALIGN_E; + } + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE); + + /* XOR block with IV for CBC */ + for (i = 0; i < DES_BLOCK_SIZE; i++) + temp_block[i] ^= iv[i]; + + cau_des_encrypt(temp_block, (byte*)des->key, out + offset); + + len -= DES_BLOCK_SIZE; + offset += DES_BLOCK_SIZE; + + /* store IV for next block */ + XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + } + + return 0; + } + + int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + byte* iv; + byte temp_block[DES_BLOCK_SIZE]; + + iv = (byte*)des->reg; + + if ((word)out % CYASSL_MMCAU_ALIGNMENT) { + CYASSL_MSG("Bad cau_des_decrypt alignment"); + return BAD_ALIGN_E; + } + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE); + + cau_des_decrypt(in + offset, (byte*)des->key, out + offset); + + /* XOR block with IV for CBC */ + for (i = 0; i < DES_BLOCK_SIZE; i++) + (out + offset)[i] ^= iv[i]; + + /* store IV for next block */ + XMEMCPY(iv, temp_block, DES_BLOCK_SIZE); + + len -= DES_BLOCK_SIZE; + offset += DES_BLOCK_SIZE; + } + + return 0; + } + + int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + + byte *iv; + byte temp_block[DES_BLOCK_SIZE]; + + iv = (byte*)des->reg; + + if ((word)out % CYASSL_MMCAU_ALIGNMENT) { + CYASSL_MSG("Bad 3ede cau_des_encrypt alignment"); + return BAD_ALIGN_E; + } + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE); + + /* XOR block with IV for CBC */ + for (i = 0; i < DES_BLOCK_SIZE; i++) + temp_block[i] ^= iv[i]; + + cau_des_encrypt(temp_block , (byte*)des->key[0], out + offset); + cau_des_decrypt(out + offset, (byte*)des->key[1], out + offset); + cau_des_encrypt(out + offset, (byte*)des->key[2], out + offset); + + len -= DES_BLOCK_SIZE; + offset += DES_BLOCK_SIZE; + + /* store IV for next block */ + XMEMCPY(iv, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + } + + return 0; + } + + int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) + { + int i; + int offset = 0; + int len = sz; + + byte* iv; + byte temp_block[DES_BLOCK_SIZE]; + + iv = (byte*)des->reg; + + if ((word)out % CYASSL_MMCAU_ALIGNMENT) { + CYASSL_MSG("Bad 3ede cau_des_decrypt alignment"); + return BAD_ALIGN_E; + } + + while (len > 0) + { + XMEMCPY(temp_block, in + offset, DES_BLOCK_SIZE); + + cau_des_decrypt(in + offset , (byte*)des->key[2], out + offset); + cau_des_encrypt(out + offset, (byte*)des->key[1], out + offset); + cau_des_decrypt(out + offset, (byte*)des->key[0], out + offset); + + /* XOR block with IV for CBC */ + for (i = 0; i < DES_BLOCK_SIZE; i++) + (out + offset)[i] ^= iv[i]; + + /* store IV for next block */ + XMEMCPY(iv, temp_block, DES_BLOCK_SIZE); + + len -= DES_BLOCK_SIZE; + offset += DES_BLOCK_SIZE; + } + + return 0; + } + + +#elif defined(CYASSL_PIC32MZ_CRYPT) + + #include "cyassl/ctaocrypt/port/pic32/pic32mz-crypt.h" + +void Des_SetIV(Des* des, const byte* iv); +int Des3_SetIV(Des3* des, const byte* iv); + + int Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) + { + word32 *dkey = des->key ; + word32 *dreg = des->reg ; + + XMEMCPY((byte *)dkey, (byte *)key, 8); + ByteReverseWords(dkey, dkey, 8); + XMEMCPY((byte *)dreg, (byte *)iv, 8); + ByteReverseWords(dreg, dreg, 8); + + return 0; + } + + int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) + { + word32 *dkey1 = des->key[0]; + word32 *dreg = des->reg ; + + XMEMCPY(dkey1, key, 24); + ByteReverseWords(dkey1, dkey1, 24); + XMEMCPY(dreg, iv, 8); + ByteReverseWords(dreg, dreg, 8) ; + + return 0; + } + + void DesCrypt(word32 *key, word32 *iv, byte* out, const byte* in, word32 sz, + int dir, int algo, int cryptoalgo) + { + securityAssociation *sa_p ; + bufferDescriptor *bd_p ; + const byte *in_p, *in_l ; + byte *out_p, *out_l ; + volatile securityAssociation sa __attribute__((aligned (8))); + volatile bufferDescriptor bd __attribute__((aligned (8))); + volatile int k ; + + /* get uncached address */ + + in_l = in; + out_l = out ; + sa_p = KVA0_TO_KVA1(&sa) ; + bd_p = KVA0_TO_KVA1(&bd) ; + in_p = KVA0_TO_KVA1(in_l) ; + out_p= KVA0_TO_KVA1(out_l); + + if(PIC32MZ_IF_RAM(in_p)) + XMEMCPY((void *)in_p, (void *)in, sz); + XMEMSET((void *)out_p, 0, sz); + + /* Set up the Security Association */ + XMEMSET((byte *)KVA0_TO_KVA1(&sa), 0, sizeof(sa)); + sa_p->SA_CTRL.ALGO = algo ; + sa_p->SA_CTRL.LNC = 1; + sa_p->SA_CTRL.LOADIV = 1; + sa_p->SA_CTRL.FB = 1; + sa_p->SA_CTRL.ENCTYPE = dir ; /* Encryption/Decryption */ + sa_p->SA_CTRL.CRYPTOALGO = cryptoalgo; + sa_p->SA_CTRL.KEYSIZE = 1 ; /* KEY is 192 bits */ + XMEMCPY((byte *)KVA0_TO_KVA1(&sa.SA_ENCKEY[algo==PIC32_ALGO_TDES ? 2 : 6]), + (byte *)key, algo==PIC32_ALGO_TDES ? 24 : 8); + XMEMCPY((byte *)KVA0_TO_KVA1(&sa.SA_ENCIV[2]), (byte *)iv, 8); + + XMEMSET((byte *)KVA0_TO_KVA1(&bd), 0, sizeof(bd)); + /* Set up the Buffer Descriptor */ + bd_p->BD_CTRL.BUFLEN = sz; + bd_p->BD_CTRL.LIFM = 1; + bd_p->BD_CTRL.SA_FETCH_EN = 1; + bd_p->BD_CTRL.LAST_BD = 1; + bd_p->BD_CTRL.DESC_EN = 1; + + bd_p->SA_ADDR = (unsigned int)KVA_TO_PA(&sa) ; /* (unsigned int)sa_p; */ + bd_p->SRCADDR = (unsigned int)KVA_TO_PA(in) ; /* (unsigned int)in_p; */ + bd_p->DSTADDR = (unsigned int)KVA_TO_PA(out); /* (unsigned int)out_p; */ + bd_p->NXTPTR = (unsigned int)KVA_TO_PA(&bd); + bd_p->MSGLEN = sz ; + + /* Fire in the hole! */ + CECON = 1 << 6; + while (CECON); + + /* Run the engine */ + CEBDPADDR = (unsigned int)KVA_TO_PA(&bd) ; /* (unsigned int)bd_p ; */ + CEINTEN = 0x07; + CECON = 0x27; + + WAIT_ENGINE ; + + if((cryptoalgo == PIC32_CRYPTOALGO_CBC) || + (cryptoalgo == PIC32_CRYPTOALGO_TCBC)|| + (cryptoalgo == PIC32_CRYPTOALGO_RCBC)) { + /* set iv for the next call */ + if(dir == PIC32_ENCRYPTION) { + XMEMCPY((void *)iv, (void*)&(out_p[sz-DES_IVLEN]), DES_IVLEN) ; + } else { + ByteReverseWords((word32*)iv, (word32 *)&(in_p[sz-DES_IVLEN]), DES_IVLEN); + } + + } + + ByteReverseWords((word32*)out, (word32 *)KVA0_TO_KVA1(out), sz); + } + + int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz) + { + DesCrypt(des->key, des->reg, out, in, sz, + PIC32_ENCRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC ); + return 0; + } + + int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) + { + DesCrypt(des->key, des->reg, out, in, sz, + PIC32_DECRYPTION, PIC32_ALGO_DES, PIC32_CRYPTOALGO_CBC); + return 0; + } + + int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) + { + DesCrypt(des->key[0], des->reg, out, in, sz, + PIC32_ENCRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC); + return 0; + } + + int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) + { + DesCrypt(des->key[0], des->reg, out, in, sz, + PIC32_DECRYPTION, PIC32_ALGO_TDES, PIC32_CRYPTOALGO_TCBC); + return 0; + } + +#else /* CTaoCrypt software implementation */ + /* permuted choice table (key) */ static const byte pc1[] = { 57, 49, 41, 33, 25, 17, 9, @@ -71,7 +886,7 @@ static const int bytebit[] = { 0200,0100,040,020,010,04,02,01 }; -const word32 Spbox[8][64] = { +static const word32 Spbox[8][64] = { { 0x01010400,0x00000000,0x00010000,0x01010404, 0x01010004,0x00010404,0x00000004,0x00010000, @@ -266,58 +1081,78 @@ static INLINE void FPERM(word32* left, word32* right) } -static void DesSetKey(const byte* key, int dir, word32* out) +static int DesSetKey(const byte* key, int dir, word32* out) { +#ifdef CYASSL_SMALL_STACK + byte* buffer = (byte*)XMALLOC(56+56+8, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (buffer == NULL) + return MEMORY_E; +#else byte buffer[56+56+8]; - byte *const pc1m = buffer; /* place to modify pc1 into */ - byte *const pcr = pc1m + 56; /* place to rotate pc1 into */ - byte *const ks = pcr + 56; - register int i,j,l; - int m; - - for (j = 0; j < 56; j++) { /* convert pc1 to bits of key */ - l = pc1[j] - 1; /* integer bit location */ - m = l & 07; /* find bit */ - pc1m[j] = (key[l >> 3] & /* find which key byte l is in */ - bytebit[m]) /* and which bit of that byte */ - ? 1 : 0; /* and store 1-bit result */ - } - for (i = 0; i < 16; i++) { /* key chunk for each iteration */ - XMEMSET(ks, 0, 8); /* Clear key schedule */ - for (j = 0; j < 56; j++) /* rotate pc1 the right amount */ - pcr[j] = pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l: l-28]; - /* rotate left and right halves independently */ - for (j = 0; j < 48; j++){ /* select bits individually */ - /* check bit that goes to ks[j] */ - if (pcr[pc2[j] - 1]){ - /* mask it in if it's there */ - l= j % 6; - ks[j/6] |= bytebit[l] >> 2; +#endif + + { + byte* const pc1m = buffer; /* place to modify pc1 into */ + byte* const pcr = pc1m + 56; /* place to rotate pc1 into */ + byte* const ks = pcr + 56; + register int i, j, l; + int m; + + for (j = 0; j < 56; j++) { /* convert pc1 to bits of key */ + l = pc1[j] - 1; /* integer bit location */ + m = l & 07; /* find bit */ + pc1m[j] = (key[l >> 3] & /* find which key byte l is in */ + bytebit[m]) /* and which bit of that byte */ + ? 1 : 0; /* and store 1-bit result */ + } + + for (i = 0; i < 16; i++) { /* key chunk for each iteration */ + XMEMSET(ks, 0, 8); /* Clear key schedule */ + + for (j = 0; j < 56; j++) /* rotate pc1 the right amount */ + pcr[j] = + pc1m[(l = j + totrot[i]) < (j < 28 ? 28 : 56) ? l : l-28]; + + /* rotate left and right halves independently */ + for (j = 0; j < 48; j++) { /* select bits individually */ + if (pcr[pc2[j] - 1]) { /* check bit that goes to ks[j] */ + l= j % 6; /* mask it in if it's there */ + ks[j/6] |= bytebit[l] >> 2; + } } + + /* Now convert to odd/even interleaved form for use in F */ + out[2*i] = ((word32) ks[0] << 24) + | ((word32) ks[2] << 16) + | ((word32) ks[4] << 8) + | ((word32) ks[6]); + + out[2*i + 1] = ((word32) ks[1] << 24) + | ((word32) ks[3] << 16) + | ((word32) ks[5] << 8) + | ((word32) ks[7]); } - /* Now convert to odd/even interleaved form for use in F */ - out[2*i] = ((word32)ks[0] << 24) - | ((word32)ks[2] << 16) - | ((word32)ks[4] << 8) - | ((word32)ks[6]); - out[2*i + 1] = ((word32)ks[1] << 24) - | ((word32)ks[3] << 16) - | ((word32)ks[5] << 8) - | ((word32)ks[7]); - } + + /* reverse key schedule order */ + if (dir == DES_DECRYPTION) { + for (i = 0; i < 16; i += 2) { + word32 swap = out[i]; + out[i] = out[DES_KS_SIZE - 2 - i]; + out[DES_KS_SIZE - 2 - i] = swap; - /* reverse key schedule order */ - if (dir == DES_DECRYPTION) - for (i = 0; i < 16; i += 2) { - word32 swap = out[i]; - out[i] = out[DES_KS_SIZE - 2 - i]; - out[DES_KS_SIZE - 2 - i] = swap; - - swap = out[i + 1]; - out[i + 1] = out[DES_KS_SIZE - 1 - i]; - out[DES_KS_SIZE - 1 - i] = swap; + swap = out[i + 1]; + out[i + 1] = out[DES_KS_SIZE - 1 - i]; + out[DES_KS_SIZE - 1 - i] = swap; + } } - + +#ifdef CYASSL_SMALL_STACK + XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + } + + return 0; } @@ -327,35 +1162,36 @@ static INLINE int Reverse(int dir) } -void Des_SetIV(Des* des, const byte* iv) +int Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) { - if (des && iv) - XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); -} - + Des_SetIV(des, iv); -void Des3_SetIV(Des3* des, const byte* iv) -{ - if (des && iv) - XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); + return DesSetKey(key, dir, des->key); } -void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir) +int Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) { - DesSetKey(key, dir, des->key); + int ret; - Des_SetIV(des, iv); -} +#ifdef HAVE_CAVIUM + if (des->magic == CYASSL_3DES_CAVIUM_MAGIC) + return Des3_CaviumSetKey(des, key, iv); +#endif + ret = DesSetKey(key + (dir == DES_ENCRYPTION ? 0:16), dir, des->key[0]); + if (ret != 0) + return ret; -void Des3_SetKey(Des3* des, const byte* key, const byte* iv, int dir) -{ - DesSetKey(key + (dir == DES_ENCRYPTION ? 0 : 16), dir, des->key[0]); - DesSetKey(key + 8, Reverse(dir), des->key[1]); - DesSetKey(key + (dir == DES_DECRYPTION ? 0 : 16), dir, des->key[2]); + ret = DesSetKey(key + 8, Reverse(dir), des->key[1]); + if (ret != 0) + return ret; - Des3_SetIV(des, iv); + ret = DesSetKey(key + (dir == DES_DECRYPTION ? 0:16), dir, des->key[2]); + if (ret != 0) + return ret; + + return Des3_SetIV(des, iv); } @@ -442,7 +1278,7 @@ static void Des3ProcessBlock(Des3* des, const byte* in, byte* out) } -void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz) +int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz) { word32 blocks = sz / DES_BLOCK_SIZE; @@ -454,13 +1290,14 @@ void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz) out += DES_BLOCK_SIZE; in += DES_BLOCK_SIZE; } + return 0; } -void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) +int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) { word32 blocks = sz / DES_BLOCK_SIZE; - byte hold[16]; + byte hold[DES_BLOCK_SIZE]; while (blocks--) { XMEMCPY(des->tmp, in, DES_BLOCK_SIZE); @@ -474,13 +1311,20 @@ void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz) out += DES_BLOCK_SIZE; in += DES_BLOCK_SIZE; } + return 0; } -void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) +int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) { - word32 blocks = sz / DES_BLOCK_SIZE; + word32 blocks; +#ifdef HAVE_CAVIUM + if (des->magic == CYASSL_3DES_CAVIUM_MAGIC) + return Des3_CaviumCbcEncrypt(des, out, in, sz); +#endif + + blocks = sz / DES_BLOCK_SIZE; while (blocks--) { xorbuf((byte*)des->reg, in, DES_BLOCK_SIZE); Des3ProcessBlock(des, (byte*)des->reg, (byte*)des->reg); @@ -489,13 +1333,20 @@ void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in, word32 sz) out += DES_BLOCK_SIZE; in += DES_BLOCK_SIZE; } + return 0; } -void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) +int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) { - word32 blocks = sz / DES_BLOCK_SIZE; + word32 blocks; + +#ifdef HAVE_CAVIUM + if (des->magic == CYASSL_3DES_CAVIUM_MAGIC) + return Des3_CaviumCbcDecrypt(des, out, in, sz); +#endif + blocks = sz / DES_BLOCK_SIZE; while (blocks--) { XMEMCPY(des->tmp, in, DES_BLOCK_SIZE); Des3ProcessBlock(des, (byte*)des->tmp, out); @@ -505,12 +1356,13 @@ void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in, word32 sz) out += DES_BLOCK_SIZE; in += DES_BLOCK_SIZE; } + return 0; } #ifdef CYASSL_DES_ECB /* One block, compatibility only */ -void Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz) +int Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz) { word32 blocks = sz / DES_BLOCK_SIZE; @@ -520,9 +1372,148 @@ void Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz) out += DES_BLOCK_SIZE; in += DES_BLOCK_SIZE; } + return 0; } #endif /* CYASSL_DES_ECB */ +#endif /* STM32F2_CRYPTO */ + +void Des_SetIV(Des* des, const byte* iv) +{ + if (des && iv) + XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); + else if (des) + XMEMSET(des->reg, 0, DES_BLOCK_SIZE); +} + + +int Des3_SetIV(Des3* des, const byte* iv) +{ + if (des && iv) + XMEMCPY(des->reg, iv, DES_BLOCK_SIZE); + else if (des) + XMEMSET(des->reg, 0, DES_BLOCK_SIZE); + + return 0; +} + + +#ifdef HAVE_CAVIUM + +#include "cavium_common.h" + +/* Initiliaze Des3 for use with Nitrox device */ +int Des3_InitCavium(Des3* des3, int devId) +{ + if (des3 == NULL) + return -1; + + if (CspAllocContext(CONTEXT_SSL, &des3->contextHandle, devId) != 0) + return -1; + + des3->devId = devId; + des3->magic = CYASSL_3DES_CAVIUM_MAGIC; + + return 0; +} + + +/* Free Des3 from use with Nitrox device */ +void Des3_FreeCavium(Des3* des3) +{ + if (des3 == NULL) + return; + + if (des3->magic != CYASSL_3DES_CAVIUM_MAGIC) + return; + + CspFreeContext(CONTEXT_SSL, des3->contextHandle, des3->devId); + des3->magic = 0; +} + + +static int Des3_CaviumSetKey(Des3* des3, const byte* key, const byte* iv) +{ + if (des3 == NULL) + return -1; + + /* key[0] holds key, iv in reg */ + XMEMCPY(des3->key[0], key, DES_BLOCK_SIZE*3); + + return Des3_SetIV(des3, iv); +} + + +static int Des3_CaviumCbcEncrypt(Des3* des3, byte* out, const byte* in, + word32 length) +{ + word offset = 0; + word32 requestId; + + while (length > CYASSL_MAX_16BIT) { + word16 slen = (word16)CYASSL_MAX_16BIT; + if (CspEncrypt3Des(CAVIUM_BLOCKING, des3->contextHandle, + CAVIUM_NO_UPDATE, slen, (byte*)in + offset, + out + offset, (byte*)des3->reg, (byte*)des3->key[0], + &requestId, des3->devId) != 0) { + CYASSL_MSG("Bad Cavium 3DES Cbc Encrypt"); + return -1; + } + length -= CYASSL_MAX_16BIT; + offset += CYASSL_MAX_16BIT; + XMEMCPY(des3->reg, out + offset - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + } + if (length) { + word16 slen = (word16)length; + + if (CspEncrypt3Des(CAVIUM_BLOCKING, des3->contextHandle, + CAVIUM_NO_UPDATE, slen, (byte*)in + offset, + out + offset, (byte*)des3->reg, (byte*)des3->key[0], + &requestId, des3->devId) != 0) { + CYASSL_MSG("Bad Cavium 3DES Cbc Encrypt"); + return -1; + } + XMEMCPY(des3->reg, out+offset+length - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + } + return 0; +} + +static int Des3_CaviumCbcDecrypt(Des3* des3, byte* out, const byte* in, + word32 length) +{ + word32 requestId; + word offset = 0; + + while (length > CYASSL_MAX_16BIT) { + word16 slen = (word16)CYASSL_MAX_16BIT; + XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE, DES_BLOCK_SIZE); + if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle, + CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset, + (byte*)des3->reg, (byte*)des3->key[0], &requestId, + des3->devId) != 0) { + CYASSL_MSG("Bad Cavium 3Des Decrypt"); + return -1; + } + length -= CYASSL_MAX_16BIT; + offset += CYASSL_MAX_16BIT; + XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE); + } + if (length) { + word16 slen = (word16)length; + XMEMCPY(des3->tmp, in + offset + slen - DES_BLOCK_SIZE,DES_BLOCK_SIZE); + if (CspDecrypt3Des(CAVIUM_BLOCKING, des3->contextHandle, + CAVIUM_NO_UPDATE, slen, (byte*)in+offset, out+offset, + (byte*)des3->reg, (byte*)des3->key[0], &requestId, + des3->devId) != 0) { + CYASSL_MSG("Bad Cavium 3Des Decrypt"); + return -1; + } + XMEMCPY(des3->reg, des3->tmp, DES_BLOCK_SIZE); + } + return 0; +} + +#endif /* HAVE_CAVIUM */ #endif /* NO_DES3 */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dh.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dh.c index e7c6faa03..1e1dd704e 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dh.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dh.c @@ -1,6 +1,6 @@ /* dh.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,17 +16,19 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifndef NO_DH #include -#include +#include #ifndef USER_MATH_LIB #include @@ -80,15 +82,22 @@ static word32 DiscreteLogWorkFactor(word32 n) } -static void GeneratePrivate(DhKey* key, RNG* rng, byte* priv, word32* privSz) +static int GeneratePrivate(DhKey* key, RNG* rng, byte* priv, word32* privSz) { + int ret; word32 sz = mp_unsigned_bin_size(&key->p); - sz = min(sz, 2 * DiscreteLogWorkFactor(sz * BIT_SIZE) / BIT_SIZE + 1); + sz = min(sz, 2 * DiscreteLogWorkFactor(sz * CYASSL_BIT_SIZE) / + CYASSL_BIT_SIZE + 1); + + ret = RNG_GenerateBlock(rng, priv, sz); + if (ret != 0) + return ret; - RNG_GenerateBlock(rng, priv, sz); priv[0] |= 0x0C; *privSz = sz; + + return 0; } @@ -125,9 +134,9 @@ static int GeneratePublic(DhKey* key, const byte* priv, word32 privSz, int DhGenerateKeyPair(DhKey* key, RNG* rng, byte* priv, word32* privSz, byte* pub, word32* pubSz) { - GeneratePrivate(key, rng, priv, privSz); - return GeneratePublic(key, priv, *privSz, pub, pubSz); + int ret = GeneratePrivate(key, rng, priv, privSz); + return (ret != 0) ? ret : GeneratePublic(key, priv, *privSz, pub, pubSz); } int DhAgree(DhKey* key, byte* agree, word32* agreeSz, const byte* priv, diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dsa.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dsa.c index 6aded3e3a..6ee78f72a 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dsa.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/dsa.c @@ -1,6 +1,6 @@ /* dsa.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,19 +16,21 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifndef NO_DSA #include #include #include -#include +#include enum { @@ -81,22 +83,25 @@ void FreeDsaKey(DsaKey* key) int DsaSign(const byte* digest, byte* out, DsaKey* key, RNG* rng) { mp_int k, kInv, r, s, H; - int ret = 0, sz; + int ret, sz; byte buffer[DSA_HALF_SIZE]; - if (mp_init_multi(&k, &kInv, &r, &s, &H, 0) != MP_OKAY) - return MP_INIT_E; - sz = min(sizeof(buffer), mp_unsigned_bin_size(&key->q)); /* generate k */ - RNG_GenerateBlock(rng, buffer, sz); + ret = RNG_GenerateBlock(rng, buffer, sz); + if (ret != 0) + return ret; + buffer[0] |= 0x0C; + if (mp_init_multi(&k, &kInv, &r, &s, &H, 0) != MP_OKAY) + return MP_INIT_E; + if (mp_read_unsigned_bin(&k, buffer, sz) != MP_OKAY) ret = MP_READ_E; - if (mp_cmp_d(&k, 1) != MP_GT) + if (ret == 0 && mp_cmp_d(&k, 1) != MP_GT) ret = MP_CMP_E; /* inverse k mod q */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ecc.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ecc.c index 9f03ed2f2..8904f7289 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ecc.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ecc.c @@ -1 +1,4156 @@ -/* dummy ecc.c for dist */ +/* ecc.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* in case user set HAVE_ECC there */ +#include + +#ifdef HAVE_ECC + +#include +#include +#include + +#ifdef HAVE_ECC_ENCRYPT + #include + #include +#endif + + +/* map + + ptmul -> mulmod + +*/ + +#define ECC112 +#define ECC128 +#define ECC160 +#define ECC192 +#define ECC224 +#define ECC256 +#define ECC384 +#define ECC521 + + + +/* This holds the key settings. ***MUST*** be organized by size from + smallest to largest. */ + +const ecc_set_type ecc_sets[] = { +#ifdef ECC112 +{ + 14, + "SECP112R1", + "DB7C2ABF62E35E668076BEAD208B", + "659EF8BA043916EEDE8911702B22", + "DB7C2ABF62E35E7628DFAC6561C5", + "09487239995A5EE76B55F9C2F098", + "A89CE5AF8724C0A23E0E0FF77500" +}, +#endif +#ifdef ECC128 +{ + 16, + "SECP128R1", + "FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF", + "E87579C11079F43DD824993C2CEE5ED3", + "FFFFFFFE0000000075A30D1B9038A115", + "161FF7528B899B2D0C28607CA52C5B86", + "CF5AC8395BAFEB13C02DA292DDED7A83", +}, +#endif +#ifdef ECC160 +{ + 20, + "SECP160R1", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF", + "1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45", + "0100000000000000000001F4C8F927AED3CA752257", + "4A96B5688EF573284664698968C38BB913CBFC82", + "23A628553168947D59DCC912042351377AC5FB32", +}, +#endif +#ifdef ECC192 +{ + 24, + "ECC-192", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", + "64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1", + "FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831", + "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012", + "7192B95FFC8DA78631011ED6B24CDD573F977A11E794811", +}, +#endif +#ifdef ECC224 +{ + 28, + "ECC-224", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001", + "B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D", + "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21", + "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34", +}, +#endif +#ifdef ECC256 +{ + 32, + "ECC-256", + "FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF", + "5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B", + "FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551", + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296", + "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5", +}, +#endif +#ifdef ECC384 +{ + 48, + "ECC-384", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF", + "B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF", + "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973", + "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7", + "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F", +}, +#endif +#ifdef ECC521 +{ + 66, + "ECC-521", + "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF", + "51953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00", + "1FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409", + "C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66", + "11839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650", +}, +#endif +{ + 0, + NULL, NULL, NULL, NULL, NULL, NULL +} +}; + + +ecc_point* ecc_new_point(void); +void ecc_del_point(ecc_point* p); +int ecc_map(ecc_point*, mp_int*, mp_digit*); +int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R, + mp_int* modulus, mp_digit* mp); +int ecc_projective_dbl_point(ecc_point* P, ecc_point* R, mp_int* modulus, + mp_digit* mp); +static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus, + int map); +#ifdef ECC_SHAMIR +static int ecc_mul2add(ecc_point* A, mp_int* kA, ecc_point* B, mp_int* kB, + ecc_point* C, mp_int* modulus); +#endif + + +/* helper for either lib */ +static int get_digit_count(mp_int* a) +{ + if (a == NULL) + return 0; + + return a->used; +} + +/* helper for either lib */ +static unsigned long get_digit(mp_int* a, int n) +{ + if (a == NULL) + return 0; + + return (n >= a->used || n < 0) ? 0 : a->dp[n]; +} + + +#if defined(USE_FAST_MATH) + +/* fast math accelerated version, but not for fp ecc yet */ + +/** + Add two ECC points + P The point to add + Q The point to add + R [out] The destination of the double + modulus The modulus of the field the ECC curve is in + mp The "b" value from montgomery_setup() + return MP_OKAY on success +*/ +int ecc_projective_add_point(ecc_point *P, ecc_point *Q, ecc_point *R, + mp_int* modulus, mp_digit* mp) +{ + fp_int t1, t2, x, y, z; + int err; + + if (P == NULL || Q == NULL || R == NULL || modulus == NULL || mp == NULL) + return ECC_BAD_ARG_E; + + if ((err = mp_init_multi(&t1, &t2, &x, &y, &z, NULL)) != MP_OKAY) { + return err; + } + + /* should we dbl instead? */ + fp_sub(modulus, &Q->y, &t1); + if ( (fp_cmp(&P->x, &Q->x) == FP_EQ) && + (get_digit_count(&Q->z) && fp_cmp(&P->z, &Q->z) == FP_EQ) && + (fp_cmp(&P->y, &Q->y) == FP_EQ || fp_cmp(&P->y, &t1) == FP_EQ)) { + return ecc_projective_dbl_point(P, R, modulus, mp); + } + + fp_copy(&P->x, &x); + fp_copy(&P->y, &y); + fp_copy(&P->z, &z); + + /* if Z is one then these are no-operations */ + if (get_digit_count(&Q->z)) { + /* T1 = Z' * Z' */ + fp_sqr(&Q->z, &t1); + fp_montgomery_reduce(&t1, modulus, *mp); + /* X = X * T1 */ + fp_mul(&t1, &x, &x); + fp_montgomery_reduce(&x, modulus, *mp); + /* T1 = Z' * T1 */ + fp_mul(&Q->z, &t1, &t1); + fp_montgomery_reduce(&t1, modulus, *mp); + /* Y = Y * T1 */ + fp_mul(&t1, &y, &y); + fp_montgomery_reduce(&y, modulus, *mp); + } + + /* T1 = Z*Z */ + fp_sqr(&z, &t1); + fp_montgomery_reduce(&t1, modulus, *mp); + /* T2 = X' * T1 */ + fp_mul(&Q->x, &t1, &t2); + fp_montgomery_reduce(&t2, modulus, *mp); + /* T1 = Z * T1 */ + fp_mul(&z, &t1, &t1); + fp_montgomery_reduce(&t1, modulus, *mp); + /* T1 = Y' * T1 */ + fp_mul(&Q->y, &t1, &t1); + fp_montgomery_reduce(&t1, modulus, *mp); + + /* Y = Y - T1 */ + fp_sub(&y, &t1, &y); + if (fp_cmp_d(&y, 0) == FP_LT) { + fp_add(&y, modulus, &y); + } + /* T1 = 2T1 */ + fp_add(&t1, &t1, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + /* T1 = Y + T1 */ + fp_add(&t1, &y, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + /* X = X - T2 */ + fp_sub(&x, &t2, &x); + if (fp_cmp_d(&x, 0) == FP_LT) { + fp_add(&x, modulus, &x); + } + /* T2 = 2T2 */ + fp_add(&t2, &t2, &t2); + if (fp_cmp(&t2, modulus) != FP_LT) { + fp_sub(&t2, modulus, &t2); + } + /* T2 = X + T2 */ + fp_add(&t2, &x, &t2); + if (fp_cmp(&t2, modulus) != FP_LT) { + fp_sub(&t2, modulus, &t2); + } + + /* if Z' != 1 */ + if (get_digit_count(&Q->z)) { + /* Z = Z * Z' */ + fp_mul(&z, &Q->z, &z); + fp_montgomery_reduce(&z, modulus, *mp); + } + + /* Z = Z * X */ + fp_mul(&z, &x, &z); + fp_montgomery_reduce(&z, modulus, *mp); + + /* T1 = T1 * X */ + fp_mul(&t1, &x, &t1); + fp_montgomery_reduce(&t1, modulus, *mp); + /* X = X * X */ + fp_sqr(&x, &x); + fp_montgomery_reduce(&x, modulus, *mp); + /* T2 = T2 * x */ + fp_mul(&t2, &x, &t2); + fp_montgomery_reduce(&t2, modulus, *mp); + /* T1 = T1 * X */ + fp_mul(&t1, &x, &t1); + fp_montgomery_reduce(&t1, modulus, *mp); + + /* X = Y*Y */ + fp_sqr(&y, &x); + fp_montgomery_reduce(&x, modulus, *mp); + /* X = X - T2 */ + fp_sub(&x, &t2, &x); + if (fp_cmp_d(&x, 0) == FP_LT) { + fp_add(&x, modulus, &x); + } + + /* T2 = T2 - X */ + fp_sub(&t2, &x, &t2); + if (fp_cmp_d(&t2, 0) == FP_LT) { + fp_add(&t2, modulus, &t2); + } + /* T2 = T2 - X */ + fp_sub(&t2, &x, &t2); + if (fp_cmp_d(&t2, 0) == FP_LT) { + fp_add(&t2, modulus, &t2); + } + /* T2 = T2 * Y */ + fp_mul(&t2, &y, &t2); + fp_montgomery_reduce(&t2, modulus, *mp); + /* Y = T2 - T1 */ + fp_sub(&t2, &t1, &y); + if (fp_cmp_d(&y, 0) == FP_LT) { + fp_add(&y, modulus, &y); + } + /* Y = Y/2 */ + if (fp_isodd(&y)) { + fp_add(&y, modulus, &y); + } + fp_div_2(&y, &y); + + fp_copy(&x, &R->x); + fp_copy(&y, &R->y); + fp_copy(&z, &R->z); + + return MP_OKAY; +} + + +/** + Double an ECC point + P The point to double + R [out] The destination of the double + modulus The modulus of the field the ECC curve is in + mp The "b" value from montgomery_setup() + return MP_OKAY on success +*/ +int ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* modulus, + mp_digit* mp) +{ + fp_int t1, t2; + int err; + + if (P == NULL || R == NULL || modulus == NULL || mp == NULL) + return ECC_BAD_ARG_E; + + if (P != R) { + fp_copy(&P->x, &R->x); + fp_copy(&P->y, &R->y); + fp_copy(&P->z, &R->z); + } + + if ((err = mp_init_multi(&t1, &t2, NULL, NULL, NULL, NULL)) != MP_OKAY) { + return err; + } + + /* t1 = Z * Z */ + fp_sqr(&R->z, &t1); + fp_montgomery_reduce(&t1, modulus, *mp); + /* Z = Y * Z */ + fp_mul(&R->z, &R->y, &R->z); + fp_montgomery_reduce(&R->z, modulus, *mp); + /* Z = 2Z */ + fp_add(&R->z, &R->z, &R->z); + if (fp_cmp(&R->z, modulus) != FP_LT) { + fp_sub(&R->z, modulus, &R->z); + } + + /* &t2 = X - T1 */ + fp_sub(&R->x, &t1, &t2); + if (fp_cmp_d(&t2, 0) == FP_LT) { + fp_add(&t2, modulus, &t2); + } + /* T1 = X + T1 */ + fp_add(&t1, &R->x, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + /* T2 = T1 * T2 */ + fp_mul(&t1, &t2, &t2); + fp_montgomery_reduce(&t2, modulus, *mp); + /* T1 = 2T2 */ + fp_add(&t2, &t2, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + /* T1 = T1 + T2 */ + fp_add(&t1, &t2, &t1); + if (fp_cmp(&t1, modulus) != FP_LT) { + fp_sub(&t1, modulus, &t1); + } + + /* Y = 2Y */ + fp_add(&R->y, &R->y, &R->y); + if (fp_cmp(&R->y, modulus) != FP_LT) { + fp_sub(&R->y, modulus, &R->y); + } + /* Y = Y * Y */ + fp_sqr(&R->y, &R->y); + fp_montgomery_reduce(&R->y, modulus, *mp); + /* T2 = Y * Y */ + fp_sqr(&R->y, &t2); + fp_montgomery_reduce(&t2, modulus, *mp); + /* T2 = T2/2 */ + if (fp_isodd(&t2)) { + fp_add(&t2, modulus, &t2); + } + fp_div_2(&t2, &t2); + /* Y = Y * X */ + fp_mul(&R->y, &R->x, &R->y); + fp_montgomery_reduce(&R->y, modulus, *mp); + + /* X = T1 * T1 */ + fp_sqr(&t1, &R->x); + fp_montgomery_reduce(&R->x, modulus, *mp); + /* X = X - Y */ + fp_sub(&R->x, &R->y, &R->x); + if (fp_cmp_d(&R->x, 0) == FP_LT) { + fp_add(&R->x, modulus, &R->x); + } + /* X = X - Y */ + fp_sub(&R->x, &R->y, &R->x); + if (fp_cmp_d(&R->x, 0) == FP_LT) { + fp_add(&R->x, modulus, &R->x); + } + + /* Y = Y - X */ + fp_sub(&R->y, &R->x, &R->y); + if (fp_cmp_d(&R->y, 0) == FP_LT) { + fp_add(&R->y, modulus, &R->y); + } + /* Y = Y * T1 */ + fp_mul(&R->y, &t1, &R->y); + fp_montgomery_reduce(&R->y, modulus, *mp); + /* Y = Y - T2 */ + fp_sub(&R->y, &t2, &R->y); + if (fp_cmp_d(&R->y, 0) == FP_LT) { + fp_add(&R->y, modulus, &R->y); + } + + return MP_OKAY; +} + +#else /* USE_FAST_MATH */ + +/** + Add two ECC points + P The point to add + Q The point to add + R [out] The destination of the double + modulus The modulus of the field the ECC curve is in + mp The "b" value from montgomery_setup() + return MP_OKAY on success +*/ +int ecc_projective_add_point(ecc_point* P, ecc_point* Q, ecc_point* R, + mp_int* modulus, mp_digit* mp) +{ + mp_int t1; + mp_int t2; + mp_int x; + mp_int y; + mp_int z; + int err; + + if (P == NULL || Q == NULL || R == NULL || modulus == NULL || mp == NULL) + return ECC_BAD_ARG_E; + + if ((err = mp_init_multi(&t1, &t2, &x, &y, &z, NULL)) != MP_OKAY) { + return err; + } + + /* should we dbl instead? */ + err = mp_sub(modulus, &Q->y, &t1); + + if (err == MP_OKAY) { + if ( (mp_cmp(&P->x, &Q->x) == MP_EQ) && + (get_digit_count(&Q->z) && mp_cmp(&P->z, &Q->z) == MP_EQ) && + (mp_cmp(&P->y, &Q->y) == MP_EQ || mp_cmp(&P->y, &t1) == MP_EQ)) { + mp_clear(&t1); + mp_clear(&t2); + mp_clear(&x); + mp_clear(&y); + mp_clear(&z); + + return ecc_projective_dbl_point(P, R, modulus, mp); + } + } + + if (err == MP_OKAY) + err = mp_copy(&P->x, &x); + if (err == MP_OKAY) + err = mp_copy(&P->y, &y); + if (err == MP_OKAY) + err = mp_copy(&P->z, &z); + + /* if Z is one then these are no-operations */ + if (err == MP_OKAY) { + if (get_digit_count(&Q->z)) { + /* T1 = Z' * Z' */ + err = mp_sqr(&Q->z, &t1); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t1, modulus, *mp); + + /* X = X * T1 */ + if (err == MP_OKAY) + err = mp_mul(&t1, &x, &x); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&x, modulus, *mp); + + /* T1 = Z' * T1 */ + if (err == MP_OKAY) + err = mp_mul(&Q->z, &t1, &t1); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t1, modulus, *mp); + + /* Y = Y * T1 */ + if (err == MP_OKAY) + err = mp_mul(&t1, &y, &y); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&y, modulus, *mp); + } + } + + /* T1 = Z*Z */ + if (err == MP_OKAY) + err = mp_sqr(&z, &t1); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t1, modulus, *mp); + + /* T2 = X' * T1 */ + if (err == MP_OKAY) + err = mp_mul(&Q->x, &t1, &t2); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t2, modulus, *mp); + + /* T1 = Z * T1 */ + if (err == MP_OKAY) + err = mp_mul(&z, &t1, &t1); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t1, modulus, *mp); + + /* T1 = Y' * T1 */ + if (err == MP_OKAY) + err = mp_mul(&Q->y, &t1, &t1); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t1, modulus, *mp); + + /* Y = Y - T1 */ + if (err == MP_OKAY) + err = mp_sub(&y, &t1, &y); + if (err == MP_OKAY) { + if (mp_cmp_d(&y, 0) == MP_LT) + err = mp_add(&y, modulus, &y); + } + /* T1 = 2T1 */ + if (err == MP_OKAY) + err = mp_add(&t1, &t1, &t1); + if (err == MP_OKAY) { + if (mp_cmp(&t1, modulus) != MP_LT) + err = mp_sub(&t1, modulus, &t1); + } + /* T1 = Y + T1 */ + if (err == MP_OKAY) + err = mp_add(&t1, &y, &t1); + if (err == MP_OKAY) { + if (mp_cmp(&t1, modulus) != MP_LT) + err = mp_sub(&t1, modulus, &t1); + } + /* X = X - T2 */ + if (err == MP_OKAY) + err = mp_sub(&x, &t2, &x); + if (err == MP_OKAY) { + if (mp_cmp_d(&x, 0) == MP_LT) + err = mp_add(&x, modulus, &x); + } + /* T2 = 2T2 */ + if (err == MP_OKAY) + err = mp_add(&t2, &t2, &t2); + if (err == MP_OKAY) { + if (mp_cmp(&t2, modulus) != MP_LT) + err = mp_sub(&t2, modulus, &t2); + } + /* T2 = X + T2 */ + if (err == MP_OKAY) + err = mp_add(&t2, &x, &t2); + if (err == MP_OKAY) { + if (mp_cmp(&t2, modulus) != MP_LT) + err = mp_sub(&t2, modulus, &t2); + } + + if (err == MP_OKAY) { + if (get_digit_count(&Q->z)) { + /* Z = Z * Z' */ + err = mp_mul(&z, &Q->z, &z); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&z, modulus, *mp); + } + } + + /* Z = Z * X */ + if (err == MP_OKAY) + err = mp_mul(&z, &x, &z); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&z, modulus, *mp); + + /* T1 = T1 * X */ + if (err == MP_OKAY) + err = mp_mul(&t1, &x, &t1); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t1, modulus, *mp); + + /* X = X * X */ + if (err == MP_OKAY) + err = mp_sqr(&x, &x); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&x, modulus, *mp); + + /* T2 = T2 * x */ + if (err == MP_OKAY) + err = mp_mul(&t2, &x, &t2); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t2, modulus, *mp); + + /* T1 = T1 * X */ + if (err == MP_OKAY) + err = mp_mul(&t1, &x, &t1); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t1, modulus, *mp); + + /* X = Y*Y */ + if (err == MP_OKAY) + err = mp_sqr(&y, &x); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&x, modulus, *mp); + + /* X = X - T2 */ + if (err == MP_OKAY) + err = mp_sub(&x, &t2, &x); + if (err == MP_OKAY) { + if (mp_cmp_d(&x, 0) == MP_LT) + err = mp_add(&x, modulus, &x); + } + /* T2 = T2 - X */ + if (err == MP_OKAY) + err = mp_sub(&t2, &x, &t2); + if (err == MP_OKAY) { + if (mp_cmp_d(&t2, 0) == MP_LT) + err = mp_add(&t2, modulus, &t2); + } + /* T2 = T2 - X */ + if (err == MP_OKAY) + err = mp_sub(&t2, &x, &t2); + if (err == MP_OKAY) { + if (mp_cmp_d(&t2, 0) == MP_LT) + err = mp_add(&t2, modulus, &t2); + } + /* T2 = T2 * Y */ + if (err == MP_OKAY) + err = mp_mul(&t2, &y, &t2); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t2, modulus, *mp); + + /* Y = T2 - T1 */ + if (err == MP_OKAY) + err = mp_sub(&t2, &t1, &y); + if (err == MP_OKAY) { + if (mp_cmp_d(&y, 0) == MP_LT) + err = mp_add(&y, modulus, &y); + } + /* Y = Y/2 */ + if (err == MP_OKAY) { + if (mp_isodd(&y)) + err = mp_add(&y, modulus, &y); + } + if (err == MP_OKAY) + err = mp_div_2(&y, &y); + + if (err == MP_OKAY) + err = mp_copy(&x, &R->x); + if (err == MP_OKAY) + err = mp_copy(&y, &R->y); + if (err == MP_OKAY) + err = mp_copy(&z, &R->z); + + /* clean up */ + mp_clear(&t1); + mp_clear(&t2); + mp_clear(&x); + mp_clear(&y); + mp_clear(&z); + + return err; +} + + +/** + Double an ECC point + P The point to double + R [out] The destination of the double + modulus The modulus of the field the ECC curve is in + mp The "b" value from montgomery_setup() + return MP_OKAY on success +*/ +int ecc_projective_dbl_point(ecc_point *P, ecc_point *R, mp_int* modulus, + mp_digit* mp) +{ + mp_int t1; + mp_int t2; + int err; + + if (P == NULL || R == NULL || modulus == NULL || mp == NULL) + return ECC_BAD_ARG_E; + + if ((err = mp_init_multi(&t1, &t2, NULL, NULL, NULL, NULL)) != MP_OKAY) { + return err; + } + + if (P != R) { + err = mp_copy(&P->x, &R->x); + if (err == MP_OKAY) + err = mp_copy(&P->y, &R->y); + if (err == MP_OKAY) + err = mp_copy(&P->z, &R->z); + } + + /* t1 = Z * Z */ + if (err == MP_OKAY) + err = mp_sqr(&R->z, &t1); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t1, modulus, *mp); + + /* Z = Y * Z */ + if (err == MP_OKAY) + err = mp_mul(&R->z, &R->y, &R->z); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&R->z, modulus, *mp); + + /* Z = 2Z */ + if (err == MP_OKAY) + err = mp_add(&R->z, &R->z, &R->z); + if (err == MP_OKAY) { + if (mp_cmp(&R->z, modulus) != MP_LT) + err = mp_sub(&R->z, modulus, &R->z); + } + + /* T2 = X - T1 */ + if (err == MP_OKAY) + err = mp_sub(&R->x, &t1, &t2); + if (err == MP_OKAY) { + if (mp_cmp_d(&t2, 0) == MP_LT) + err = mp_add(&t2, modulus, &t2); + } + /* T1 = X + T1 */ + if (err == MP_OKAY) + err = mp_add(&t1, &R->x, &t1); + if (err == MP_OKAY) { + if (mp_cmp(&t1, modulus) != MP_LT) + err = mp_sub(&t1, modulus, &t1); + } + /* T2 = T1 * T2 */ + if (err == MP_OKAY) + err = mp_mul(&t1, &t2, &t2); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t2, modulus, *mp); + + /* T1 = 2T2 */ + if (err == MP_OKAY) + err = mp_add(&t2, &t2, &t1); + if (err == MP_OKAY) { + if (mp_cmp(&t1, modulus) != MP_LT) + err = mp_sub(&t1, modulus, &t1); + } + /* T1 = T1 + T2 */ + if (err == MP_OKAY) + err = mp_add(&t1, &t2, &t1); + if (err == MP_OKAY) { + if (mp_cmp(&t1, modulus) != MP_LT) + err = mp_sub(&t1, modulus, &t1); + } + /* Y = 2Y */ + if (err == MP_OKAY) + err = mp_add(&R->y, &R->y, &R->y); + if (err == MP_OKAY) { + if (mp_cmp(&R->y, modulus) != MP_LT) + err = mp_sub(&R->y, modulus, &R->y); + } + /* Y = Y * Y */ + if (err == MP_OKAY) + err = mp_sqr(&R->y, &R->y); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&R->y, modulus, *mp); + + /* T2 = Y * Y */ + if (err == MP_OKAY) + err = mp_sqr(&R->y, &t2); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&t2, modulus, *mp); + + /* T2 = T2/2 */ + if (err == MP_OKAY) { + if (mp_isodd(&t2)) + err = mp_add(&t2, modulus, &t2); + } + if (err == MP_OKAY) + err = mp_div_2(&t2, &t2); + + /* Y = Y * X */ + if (err == MP_OKAY) + err = mp_mul(&R->y, &R->x, &R->y); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&R->y, modulus, *mp); + + /* X = T1 * T1 */ + if (err == MP_OKAY) + err = mp_sqr(&t1, &R->x); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&R->x, modulus, *mp); + + /* X = X - Y */ + if (err == MP_OKAY) + err = mp_sub(&R->x, &R->y, &R->x); + if (err == MP_OKAY) { + if (mp_cmp_d(&R->x, 0) == MP_LT) + err = mp_add(&R->x, modulus, &R->x); + } + /* X = X - Y */ + if (err == MP_OKAY) + err = mp_sub(&R->x, &R->y, &R->x); + if (err == MP_OKAY) { + if (mp_cmp_d(&R->x, 0) == MP_LT) + err = mp_add(&R->x, modulus, &R->x); + } + /* Y = Y - X */ + if (err == MP_OKAY) + err = mp_sub(&R->y, &R->x, &R->y); + if (err == MP_OKAY) { + if (mp_cmp_d(&R->y, 0) == MP_LT) + err = mp_add(&R->y, modulus, &R->y); + } + /* Y = Y * T1 */ + if (err == MP_OKAY) + err = mp_mul(&R->y, &t1, &R->y); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&R->y, modulus, *mp); + + /* Y = Y - T2 */ + if (err == MP_OKAY) + err = mp_sub(&R->y, &t2, &R->y); + if (err == MP_OKAY) { + if (mp_cmp_d(&R->y, 0) == MP_LT) + err = mp_add(&R->y, modulus, &R->y); + } + + /* clean up */ + mp_clear(&t1); + mp_clear(&t2); + + return err; +} + +#endif /* USE_FAST_MATH */ + +/** + Map a projective jacbobian point back to affine space + P [in/out] The point to map + modulus The modulus of the field the ECC curve is in + mp The "b" value from montgomery_setup() + return MP_OKAY on success +*/ +int ecc_map(ecc_point* P, mp_int* modulus, mp_digit* mp) +{ + mp_int t1; + mp_int t2; + int err; + + if (P == NULL || mp == NULL || modulus == NULL) + return ECC_BAD_ARG_E; + + if ((err = mp_init_multi(&t1, &t2, NULL, NULL, NULL, NULL)) != MP_OKAY) { + return MEMORY_E; + } + + /* first map z back to normal */ + err = mp_montgomery_reduce(&P->z, modulus, *mp); + + /* get 1/z */ + if (err == MP_OKAY) + err = mp_invmod(&P->z, modulus, &t1); + + /* get 1/z^2 and 1/z^3 */ + if (err == MP_OKAY) + err = mp_sqr(&t1, &t2); + if (err == MP_OKAY) + err = mp_mod(&t2, modulus, &t2); + if (err == MP_OKAY) + err = mp_mul(&t1, &t2, &t1); + if (err == MP_OKAY) + err = mp_mod(&t1, modulus, &t1); + + /* multiply against x/y */ + if (err == MP_OKAY) + err = mp_mul(&P->x, &t2, &P->x); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&P->x, modulus, *mp); + if (err == MP_OKAY) + err = mp_mul(&P->y, &t1, &P->y); + if (err == MP_OKAY) + err = mp_montgomery_reduce(&P->y, modulus, *mp); + + if (err == MP_OKAY) + mp_set(&P->z, 1); + + /* clean up */ + mp_clear(&t1); + mp_clear(&t2); + + return err; +} + + +#ifndef ECC_TIMING_RESISTANT + +/* size of sliding window, don't change this! */ +#define WINSIZE 4 + +/** + Perform a point multiplication + k The scalar to multiply by + G The base point + R [out] Destination for kG + modulus The modulus of the field the ECC curve is in + map Boolean whether to map back to affine or not + (1==map, 0 == leave in projective) + return MP_OKAY on success +*/ +#ifdef FP_ECC +static int normal_ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, + mp_int* modulus, int map) +#else +static int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus, + int map) +#endif +{ + ecc_point *tG, *M[8]; + int i, j, err; + mp_int mu; + mp_digit mp; + unsigned long buf; + int first = 1, bitbuf = 0, bitcpy = 0, bitcnt = 0, mode = 0, + digidx = 0; + + if (k == NULL || G == NULL || R == NULL || modulus == NULL) + return ECC_BAD_ARG_E; + + /* init montgomery reduction */ + if ((err = mp_montgomery_setup(modulus, &mp)) != MP_OKAY) { + return err; + } + if ((err = mp_init(&mu)) != MP_OKAY) { + return err; + } + if ((err = mp_montgomery_calc_normalization(&mu, modulus)) != MP_OKAY) { + mp_clear(&mu); + return err; + } + + /* alloc ram for window temps */ + for (i = 0; i < 8; i++) { + M[i] = ecc_new_point(); + if (M[i] == NULL) { + for (j = 0; j < i; j++) { + ecc_del_point(M[j]); + } + mp_clear(&mu); + return MEMORY_E; + } + } + + /* make a copy of G incase R==G */ + tG = ecc_new_point(); + if (tG == NULL) + err = MEMORY_E; + + /* tG = G and convert to montgomery */ + if (err == MP_OKAY) { + if (mp_cmp_d(&mu, 1) == MP_EQ) { + err = mp_copy(&G->x, &tG->x); + if (err == MP_OKAY) + err = mp_copy(&G->y, &tG->y); + if (err == MP_OKAY) + err = mp_copy(&G->z, &tG->z); + } else { + err = mp_mulmod(&G->x, &mu, modulus, &tG->x); + if (err == MP_OKAY) + err = mp_mulmod(&G->y, &mu, modulus, &tG->y); + if (err == MP_OKAY) + err = mp_mulmod(&G->z, &mu, modulus, &tG->z); + } + } + mp_clear(&mu); + + /* calc the M tab, which holds kG for k==8..15 */ + /* M[0] == 8G */ + if (err == MP_OKAY) + err = ecc_projective_dbl_point(tG, M[0], modulus, &mp); + if (err == MP_OKAY) + err = ecc_projective_dbl_point(M[0], M[0], modulus, &mp); + if (err == MP_OKAY) + err = ecc_projective_dbl_point(M[0], M[0], modulus, &mp); + + /* now find (8+k)G for k=1..7 */ + if (err == MP_OKAY) + for (j = 9; j < 16; j++) { + err = ecc_projective_add_point(M[j-9], tG, M[j-8], modulus, &mp); + if (err != MP_OKAY) break; + } + + /* setup sliding window */ + if (err == MP_OKAY) { + mode = 0; + bitcnt = 1; + buf = 0; + digidx = get_digit_count(k) - 1; + bitcpy = bitbuf = 0; + first = 1; + + /* perform ops */ + for (;;) { + /* grab next digit as required */ + if (--bitcnt == 0) { + if (digidx == -1) { + break; + } + buf = get_digit(k, digidx); + bitcnt = (int) DIGIT_BIT; + --digidx; + } + + /* grab the next msb from the ltiplicand */ + i = (int)(buf >> (DIGIT_BIT - 1)) & 1; + buf <<= 1; + + /* skip leading zero bits */ + if (mode == 0 && i == 0) + continue; + + /* if the bit is zero and mode == 1 then we double */ + if (mode == 1 && i == 0) { + err = ecc_projective_dbl_point(R, R, modulus, &mp); + if (err != MP_OKAY) break; + continue; + } + + /* else we add it to the window */ + bitbuf |= (i << (WINSIZE - ++bitcpy)); + mode = 2; + + if (bitcpy == WINSIZE) { + /* if this is the first window we do a simple copy */ + if (first == 1) { + /* R = kG [k = first window] */ + err = mp_copy(&M[bitbuf-8]->x, &R->x); + if (err != MP_OKAY) break; + + err = mp_copy(&M[bitbuf-8]->y, &R->y); + if (err != MP_OKAY) break; + + err = mp_copy(&M[bitbuf-8]->z, &R->z); + first = 0; + } else { + /* normal window */ + /* ok window is filled so double as required and add */ + /* double first */ + for (j = 0; j < WINSIZE; j++) { + err = ecc_projective_dbl_point(R, R, modulus, &mp); + if (err != MP_OKAY) break; + } + if (err != MP_OKAY) break; /* out of first for(;;) */ + + /* then add, bitbuf will be 8..15 [8..2^WINSIZE] guaranted */ + err = ecc_projective_add_point(R,M[bitbuf-8],R,modulus,&mp); + } + if (err != MP_OKAY) break; + /* empty window and reset */ + bitcpy = bitbuf = 0; + mode = 1; + } + } + } + + /* if bits remain then double/add */ + if (err == MP_OKAY) { + if (mode == 2 && bitcpy > 0) { + /* double then add */ + for (j = 0; j < bitcpy; j++) { + /* only double if we have had at least one add first */ + if (first == 0) { + err = ecc_projective_dbl_point(R, R, modulus, &mp); + if (err != MP_OKAY) break; + } + + bitbuf <<= 1; + if ((bitbuf & (1 << WINSIZE)) != 0) { + if (first == 1) { + /* first add, so copy */ + err = mp_copy(&tG->x, &R->x); + if (err != MP_OKAY) break; + + err = mp_copy(&tG->y, &R->y); + if (err != MP_OKAY) break; + + err = mp_copy(&tG->z, &R->z); + if (err != MP_OKAY) break; + first = 0; + } else { + /* then add */ + err = ecc_projective_add_point(R, tG, R, modulus, &mp); + if (err != MP_OKAY) break; + } + } + } + } + } + + /* map R back from projective space */ + if (err == MP_OKAY && map) + err = ecc_map(R, modulus, &mp); + + mp_clear(&mu); + ecc_del_point(tG); + for (i = 0; i < 8; i++) { + ecc_del_point(M[i]); + } + return err; +} + +#undef WINSIZE +#endif /* ECC_TIMING_RESISTANT */ + + +/** + Allocate a new ECC point + return A newly allocated point or NULL on error +*/ +ecc_point* ecc_new_point(void) +{ + ecc_point* p; + p = (ecc_point*)XMALLOC(sizeof(ecc_point), 0, DYNAMIC_TYPE_BIGINT); + if (p == NULL) { + return NULL; + } + XMEMSET(p, 0, sizeof(ecc_point)); + if (mp_init_multi(&p->x, &p->y, &p->z, NULL, NULL, NULL) != MP_OKAY) { + XFREE(p, 0, DYNAMIC_TYPE_BIGINT); + return NULL; + } + return p; +} + +/** Free an ECC point from memory + p The point to free +*/ +void ecc_del_point(ecc_point* p) +{ + /* prevents free'ing null arguments */ + if (p != NULL) { + mp_clear(&p->x); + mp_clear(&p->y); + mp_clear(&p->z); + XFREE(p, 0, DYNAMIC_TYPE_BIGINT); + } +} + + +/** Returns whether an ECC idx is valid or not + n The idx number to check + return 1 if valid, 0 if not +*/ +static int ecc_is_valid_idx(int n) +{ + int x; + + for (x = 0; ecc_sets[x].size != 0; x++) + ; + /* -1 is a valid index --- indicating that the domain params + were supplied by the user */ + if ((n >= -1) && (n < x)) { + return 1; + } + return 0; +} + + +/** + Create an ECC shared secret between two keys + private_key The private ECC key + public_key The public key + out [out] Destination of the shared secret + Conforms to EC-DH from ANSI X9.63 + outlen [in/out] The max size and resulting size of the shared secret + return MP_OKAY if successful +*/ +int ecc_shared_secret(ecc_key* private_key, ecc_key* public_key, byte* out, + word32* outlen) +{ + word32 x = 0; + ecc_point* result; + mp_int prime; + int err; + + if (private_key == NULL || public_key == NULL || out == NULL || + outlen == NULL) + return BAD_FUNC_ARG; + + /* type valid? */ + if (private_key->type != ECC_PRIVATEKEY) { + return ECC_BAD_ARG_E; + } + + if (ecc_is_valid_idx(private_key->idx) == 0 || + ecc_is_valid_idx(public_key->idx) == 0) + return ECC_BAD_ARG_E; + + if (XSTRNCMP(private_key->dp->name, public_key->dp->name, ECC_MAXNAME) != 0) + return ECC_BAD_ARG_E; + + /* make new point */ + result = ecc_new_point(); + if (result == NULL) { + return MEMORY_E; + } + + if ((err = mp_init(&prime)) != MP_OKAY) { + ecc_del_point(result); + return err; + } + + err = mp_read_radix(&prime, (char *)private_key->dp->prime, 16); + + if (err == MP_OKAY) + err = ecc_mulmod(&private_key->k, &public_key->pubkey, result, &prime,1); + + if (err == MP_OKAY) { + x = mp_unsigned_bin_size(&prime); + if (*outlen < x) + err = BUFFER_E; + } + + if (err == MP_OKAY) { + XMEMSET(out, 0, x); + err = mp_to_unsigned_bin(&result->x,out + (x - + mp_unsigned_bin_size(&result->x))); + *outlen = x; + } + + mp_clear(&prime); + ecc_del_point(result); + + return err; +} + + +int ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp); + +/** + Make a new ECC key + rng An active RNG state + keysize The keysize for the new key (in octets from 20 to 65 bytes) + key [out] Destination of the newly created key + return MP_OKAY if successful, + upon error all allocated memory will be freed +*/ +int ecc_make_key(RNG* rng, int keysize, ecc_key* key) +{ + int x, err; + + if (key == NULL || rng == NULL) + return ECC_BAD_ARG_E; + + /* find key size */ + for (x = 0; (keysize > ecc_sets[x].size) && (ecc_sets[x].size != 0); x++) + ; + keysize = ecc_sets[x].size; + + if (keysize > ECC_MAXSIZE || ecc_sets[x].size == 0) { + return BAD_FUNC_ARG; + } + err = ecc_make_key_ex(rng, key, &ecc_sets[x]); + key->idx = x; + + return err; +} + +int ecc_make_key_ex(RNG* rng, ecc_key* key, const ecc_set_type* dp) +{ + int err; + ecc_point* base; + mp_int prime; + mp_int order; +#ifdef CYASSL_SMALL_STACK + byte* buf; +#else + byte buf[ECC_MAXSIZE]; +#endif + int keysize; + + if (key == NULL || rng == NULL || dp == NULL) + return ECC_BAD_ARG_E; + +#ifdef CYASSL_SMALL_STACK + buf = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (buf == NULL) + return MEMORY_E; +#endif + + key->idx = -1; + key->dp = dp; + keysize = dp->size; + + /* allocate ram */ + base = NULL; + + /* make up random string */ + err = RNG_GenerateBlock(rng, buf, keysize); + if (err == 0) + buf[0] |= 0x0c; + + /* setup the key variables */ + if (err == 0) { + err = mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, + &key->k, &prime, &order); + if (err != MP_OKAY) + err = MEMORY_E; + } + + if (err == MP_OKAY) { + base = ecc_new_point(); + if (base == NULL) + err = MEMORY_E; + } + + /* read in the specs for this key */ + if (err == MP_OKAY) + err = mp_read_radix(&prime, (char *)key->dp->prime, 16); + if (err == MP_OKAY) + err = mp_read_radix(&order, (char *)key->dp->order, 16); + if (err == MP_OKAY) + err = mp_read_radix(&base->x, (char *)key->dp->Gx, 16); + if (err == MP_OKAY) + err = mp_read_radix(&base->y, (char *)key->dp->Gy, 16); + + if (err == MP_OKAY) + mp_set(&base->z, 1); + if (err == MP_OKAY) + err = mp_read_unsigned_bin(&key->k, (byte*)buf, keysize); + + /* the key should be smaller than the order of base point */ + if (err == MP_OKAY) { + if (mp_cmp(&key->k, &order) != MP_LT) + err = mp_mod(&key->k, &order, &key->k); + } + /* make the public key */ + if (err == MP_OKAY) + err = ecc_mulmod(&key->k, base, &key->pubkey, &prime, 1); + if (err == MP_OKAY) + key->type = ECC_PRIVATEKEY; + + if (err != MP_OKAY) { + /* clean up */ + mp_clear(&key->pubkey.x); + mp_clear(&key->pubkey.y); + mp_clear(&key->pubkey.z); + mp_clear(&key->k); + } + ecc_del_point(base); + mp_clear(&prime); + mp_clear(&order); + +#ifdef ECC_CLEAN_STACK + XMEMSET(buf, 0, ECC_MAXSIZE); +#endif + +#ifdef CYASSL_SMALL_STACK + XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return err; +} + + +/* Setup dynamic pointers is using normal math for proper freeing */ +void ecc_init(ecc_key* key) +{ + (void)key; +#ifndef USE_FAST_MATH + key->pubkey.x.dp = NULL; + key->pubkey.y.dp = NULL; + key->pubkey.z.dp = NULL; + + key->k.dp = NULL; +#endif +} + + +/** + Sign a message digest + in The message digest to sign + inlen The length of the digest + out [out] The destination for the signature + outlen [in/out] The max size and resulting size of the signature + key A private ECC key + return MP_OKAY if successful +*/ +int ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, + RNG* rng, ecc_key* key) +{ + mp_int r; + mp_int s; + mp_int e; + mp_int p; + int err; + + if (in == NULL || out == NULL || outlen == NULL || key == NULL || rng ==NULL) + return ECC_BAD_ARG_E; + + /* is this a private key? */ + if (key->type != ECC_PRIVATEKEY) { + return ECC_BAD_ARG_E; + } + + /* is the IDX valid ? */ + if (ecc_is_valid_idx(key->idx) != 1) { + return ECC_BAD_ARG_E; + } + + /* get the hash and load it as a bignum into 'e' */ + /* init the bignums */ + if ((err = mp_init_multi(&r, &s, &p, &e, NULL, NULL)) != MP_OKAY) { + return err; + } + err = mp_read_radix(&p, (char *)key->dp->order, 16); + + if (err == MP_OKAY) { + /* we may need to truncate if hash is longer than key size */ + word32 orderBits = mp_count_bits(&p); + + /* truncate down to byte size, may be all that's needed */ + if ( (CYASSL_BIT_SIZE * inlen) > orderBits) + inlen = (orderBits + CYASSL_BIT_SIZE - 1)/CYASSL_BIT_SIZE; + err = mp_read_unsigned_bin(&e, (byte*)in, inlen); + + /* may still need bit truncation too */ + if (err == MP_OKAY && (CYASSL_BIT_SIZE * inlen) > orderBits) + mp_rshb(&e, CYASSL_BIT_SIZE - (orderBits & 0x7)); + } + + /* make up a key and export the public copy */ + if (err == MP_OKAY) { + ecc_key pubkey; + ecc_init(&pubkey); + for (;;) { + err = ecc_make_key_ex(rng, &pubkey, key->dp); + if (err != MP_OKAY) break; + + /* find r = x1 mod n */ + err = mp_mod(&pubkey.pubkey.x, &p, &r); + if (err != MP_OKAY) break; + + if (mp_iszero(&r) == MP_YES) + ecc_free(&pubkey); + else { + /* find s = (e + xr)/k */ + err = mp_invmod(&pubkey.k, &p, &pubkey.k); + if (err != MP_OKAY) break; + + err = mp_mulmod(&key->k, &r, &p, &s); /* s = xr */ + if (err != MP_OKAY) break; + + err = mp_add(&e, &s, &s); /* s = e + xr */ + if (err != MP_OKAY) break; + + err = mp_mod(&s, &p, &s); /* s = e + xr */ + if (err != MP_OKAY) break; + + err = mp_mulmod(&s, &pubkey.k, &p, &s); /* s = (e + xr)/k */ + if (err != MP_OKAY) break; + + ecc_free(&pubkey); + if (mp_iszero(&s) == MP_NO) + break; + } + } + ecc_free(&pubkey); + } + + /* store as SEQUENCE { r, s -- integer } */ + if (err == MP_OKAY) + err = StoreECC_DSA_Sig(out, outlen, &r, &s); + + mp_clear(&r); + mp_clear(&s); + mp_clear(&p); + mp_clear(&e); + + return err; +} + + +/** + Free an ECC key from memory + key The key you wish to free +*/ +void ecc_free(ecc_key* key) +{ + if (key == NULL) + return; + + mp_clear(&key->pubkey.x); + mp_clear(&key->pubkey.y); + mp_clear(&key->pubkey.z); + mp_clear(&key->k); +} + + +#ifdef USE_FAST_MATH + #define GEN_MEM_ERR FP_MEM +#else + #define GEN_MEM_ERR MP_MEM +#endif + +#ifdef ECC_SHAMIR + +/** Computes kA*A + kB*B = C using Shamir's Trick + A First point to multiply + kA What to multiple A by + B Second point to multiply + kB What to multiple B by + C [out] Destination point (can overlap with A or B) + modulus Modulus for curve + return MP_OKAY on success +*/ +#ifdef FP_ECC +static int normal_ecc_mul2add(ecc_point* A, mp_int* kA, + ecc_point* B, mp_int* kB, + ecc_point* C, mp_int* modulus) +#else +static int ecc_mul2add(ecc_point* A, mp_int* kA, + ecc_point* B, mp_int* kB, + ecc_point* C, mp_int* modulus) +#endif +{ + ecc_point* precomp[16]; + unsigned bitbufA, bitbufB, lenA, lenB, len, x, y, nA, nB, nibble; + unsigned char* tA; + unsigned char* tB; + int err = MP_OKAY, first; + int muInit = 0; + int tableInit = 0; + mp_digit mp; + mp_int mu; + + /* argchks */ + if (A == NULL || kA == NULL || B == NULL || kB == NULL || C == NULL || + modulus == NULL) + return ECC_BAD_ARG_E; + + + /* allocate memory */ + tA = XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (tA == NULL) { + return GEN_MEM_ERR; + } + tB = XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (tB == NULL) { + XFREE(tA, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return GEN_MEM_ERR; + } + XMEMSET(tA, 0, ECC_BUFSIZE); + XMEMSET(tB, 0, ECC_BUFSIZE); + + /* get sizes */ + lenA = mp_unsigned_bin_size(kA); + lenB = mp_unsigned_bin_size(kB); + len = MAX(lenA, lenB); + + /* sanity check */ + if ((lenA > ECC_BUFSIZE) || (lenB > ECC_BUFSIZE)) { + err = BAD_FUNC_ARG; + } + + if (err == MP_OKAY) { + /* extract and justify kA */ + err = mp_to_unsigned_bin(kA, (len - lenA) + tA); + + /* extract and justify kB */ + if (err == MP_OKAY) + err = mp_to_unsigned_bin(kB, (len - lenB) + tB); + + /* allocate the table */ + if (err == MP_OKAY) { + for (x = 0; x < 16; x++) { + precomp[x] = ecc_new_point(); + if (precomp[x] == NULL) { + for (y = 0; y < x; ++y) { + ecc_del_point(precomp[y]); + } + err = GEN_MEM_ERR; + break; + } + } + } + } + + if (err == MP_OKAY) + tableInit = 1; + + if (err == MP_OKAY) + /* init montgomery reduction */ + err = mp_montgomery_setup(modulus, &mp); + + if (err == MP_OKAY) + err = mp_init(&mu); + if (err == MP_OKAY) + muInit = 1; + + if (err == MP_OKAY) + err = mp_montgomery_calc_normalization(&mu, modulus); + + if (err == MP_OKAY) + /* copy ones ... */ + err = mp_mulmod(&A->x, &mu, modulus, &precomp[1]->x); + + if (err == MP_OKAY) + err = mp_mulmod(&A->y, &mu, modulus, &precomp[1]->y); + if (err == MP_OKAY) + err = mp_mulmod(&A->z, &mu, modulus, &precomp[1]->z); + + if (err == MP_OKAY) + err = mp_mulmod(&B->x, &mu, modulus, &precomp[1<<2]->x); + if (err == MP_OKAY) + err = mp_mulmod(&B->y, &mu, modulus, &precomp[1<<2]->y); + if (err == MP_OKAY) + err = mp_mulmod(&B->z, &mu, modulus, &precomp[1<<2]->z); + + if (err == MP_OKAY) + /* precomp [i,0](A + B) table */ + err = ecc_projective_dbl_point(precomp[1], precomp[2], modulus, &mp); + + if (err == MP_OKAY) + err = ecc_projective_add_point(precomp[1], precomp[2], precomp[3], + modulus, &mp); + if (err == MP_OKAY) + /* precomp [0,i](A + B) table */ + err = ecc_projective_dbl_point(precomp[1<<2], precomp[2<<2], modulus, &mp); + + if (err == MP_OKAY) + err = ecc_projective_add_point(precomp[1<<2], precomp[2<<2], precomp[3<<2], + modulus, &mp); + + if (err == MP_OKAY) { + /* precomp [i,j](A + B) table (i != 0, j != 0) */ + for (x = 1; x < 4; x++) { + for (y = 1; y < 4; y++) { + if (err == MP_OKAY) + err = ecc_projective_add_point(precomp[x], precomp[(y<<2)], + precomp[x+(y<<2)], modulus, &mp); + } + } + } + + if (err == MP_OKAY) { + nibble = 3; + first = 1; + bitbufA = tA[0]; + bitbufB = tB[0]; + + /* for every byte of the multiplicands */ + for (x = -1;; ) { + /* grab a nibble */ + if (++nibble == 4) { + ++x; if (x == len) break; + bitbufA = tA[x]; + bitbufB = tB[x]; + nibble = 0; + } + + /* extract two bits from both, shift/update */ + nA = (bitbufA >> 6) & 0x03; + nB = (bitbufB >> 6) & 0x03; + bitbufA = (bitbufA << 2) & 0xFF; + bitbufB = (bitbufB << 2) & 0xFF; + + /* if both zero, if first, continue */ + if ((nA == 0) && (nB == 0) && (first == 1)) { + continue; + } + + /* double twice, only if this isn't the first */ + if (first == 0) { + /* double twice */ + if (err == MP_OKAY) + err = ecc_projective_dbl_point(C, C, modulus, &mp); + if (err == MP_OKAY) + err = ecc_projective_dbl_point(C, C, modulus, &mp); + else + break; + } + + /* if not both zero */ + if ((nA != 0) || (nB != 0)) { + if (first == 1) { + /* if first, copy from table */ + first = 0; + if (err == MP_OKAY) + err = mp_copy(&precomp[nA + (nB<<2)]->x, &C->x); + + if (err == MP_OKAY) + err = mp_copy(&precomp[nA + (nB<<2)]->y, &C->y); + + if (err == MP_OKAY) + err = mp_copy(&precomp[nA + (nB<<2)]->z, &C->z); + else + break; + } else { + /* if not first, add from table */ + if (err == MP_OKAY) + err = ecc_projective_add_point(C, precomp[nA + (nB<<2)], C, + modulus, &mp); + else + break; + } + } + } + } + + if (err == MP_OKAY) + /* reduce to affine */ + err = ecc_map(C, modulus, &mp); + + /* clean up */ + if (muInit) + mp_clear(&mu); + + if (tableInit) { + for (x = 0; x < 16; x++) { + ecc_del_point(precomp[x]); + } + } +#ifdef ECC_CLEAN_STACK + XMEMSET(tA, 0, ECC_BUFSIZE); + XMEMSET(tB, 0, ECC_BUFSIZE); +#endif + XFREE(tA, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(tB, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + return err; +} + + +#endif /* ECC_SHAMIR */ + + + +/* verify + * + * w = s^-1 mod n + * u1 = xw + * u2 = rw + * X = u1*G + u2*Q + * v = X_x1 mod n + * accept if v == r + */ + +/** + Verify an ECC signature + sig The signature to verify + siglen The length of the signature (octets) + hash The hash (message digest) that was signed + hashlen The length of the hash (octets) + stat Result of signature, 1==valid, 0==invalid + key The corresponding public ECC key + return MP_OKAY if successful (even if the signature is not valid) +*/ +int ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, + word32 hashlen, int* stat, ecc_key* key) +{ + ecc_point *mG, *mQ; + mp_int r; + mp_int s; + mp_int v; + mp_int w; + mp_int u1; + mp_int u2; + mp_int e; + mp_int p; + mp_int m; + int err; + + if (sig == NULL || hash == NULL || stat == NULL || key == NULL) + return ECC_BAD_ARG_E; + + /* default to invalid signature */ + *stat = 0; + + /* is the IDX valid ? */ + if (ecc_is_valid_idx(key->idx) != 1) { + return ECC_BAD_ARG_E; + } + + /* allocate ints */ + if ((err = mp_init_multi(&v, &w, &u1, &u2, &p, &e)) != MP_OKAY) { + return MEMORY_E; + } + + if ((err = mp_init(&m)) != MP_OKAY) { + mp_clear(&v); + mp_clear(&w); + mp_clear(&u1); + mp_clear(&u2); + mp_clear(&p); + mp_clear(&e); + return MEMORY_E; + } + + /* allocate points */ + mG = ecc_new_point(); + mQ = ecc_new_point(); + if (mQ == NULL || mG == NULL) + err = MEMORY_E; + + /* Note, DecodeECC_DSA_Sig() calls mp_init() on r and s. + * If either of those don't allocate correctly, none of + * the rest of this function will execute, and everything + * gets cleaned up at the end. */ + XMEMSET(&r, 0, sizeof(r)); + XMEMSET(&s, 0, sizeof(s)); + if (err == MP_OKAY) + err = DecodeECC_DSA_Sig(sig, siglen, &r, &s); + + /* get the order */ + if (err == MP_OKAY) + err = mp_read_radix(&p, (char *)key->dp->order, 16); + + /* get the modulus */ + if (err == MP_OKAY) + err = mp_read_radix(&m, (char *)key->dp->prime, 16); + + /* check for zero */ + if (err == MP_OKAY) { + if (mp_iszero(&r) || mp_iszero(&s) || mp_cmp(&r, &p) != MP_LT || + mp_cmp(&s, &p) != MP_LT) + err = MP_ZERO_E; + } + /* read hash */ + if (err == MP_OKAY) { + /* we may need to truncate if hash is longer than key size */ + unsigned int orderBits = mp_count_bits(&p); + + /* truncate down to byte size, may be all that's needed */ + if ( (CYASSL_BIT_SIZE * hashlen) > orderBits) + hashlen = (orderBits + CYASSL_BIT_SIZE - 1)/CYASSL_BIT_SIZE; + err = mp_read_unsigned_bin(&e, hash, hashlen); + + /* may still need bit truncation too */ + if (err == MP_OKAY && (CYASSL_BIT_SIZE * hashlen) > orderBits) + mp_rshb(&e, CYASSL_BIT_SIZE - (orderBits & 0x7)); + } + + /* w = s^-1 mod n */ + if (err == MP_OKAY) + err = mp_invmod(&s, &p, &w); + + /* u1 = ew */ + if (err == MP_OKAY) + err = mp_mulmod(&e, &w, &p, &u1); + + /* u2 = rw */ + if (err == MP_OKAY) + err = mp_mulmod(&r, &w, &p, &u2); + + /* find mG and mQ */ + if (err == MP_OKAY) + err = mp_read_radix(&mG->x, (char *)key->dp->Gx, 16); + + if (err == MP_OKAY) + err = mp_read_radix(&mG->y, (char *)key->dp->Gy, 16); + if (err == MP_OKAY) + mp_set(&mG->z, 1); + + if (err == MP_OKAY) + err = mp_copy(&key->pubkey.x, &mQ->x); + if (err == MP_OKAY) + err = mp_copy(&key->pubkey.y, &mQ->y); + if (err == MP_OKAY) + err = mp_copy(&key->pubkey.z, &mQ->z); + +#ifndef ECC_SHAMIR + { + mp_digit mp; + + /* compute u1*mG + u2*mQ = mG */ + if (err == MP_OKAY) + err = ecc_mulmod(&u1, mG, mG, &m, 0); + if (err == MP_OKAY) + err = ecc_mulmod(&u2, mQ, mQ, &m, 0); + + /* find the montgomery mp */ + if (err == MP_OKAY) + err = mp_montgomery_setup(&m, &mp); + + /* add them */ + if (err == MP_OKAY) + err = ecc_projective_add_point(mQ, mG, mG, &m, &mp); + + /* reduce */ + if (err == MP_OKAY) + err = ecc_map(mG, &m, &mp); + } +#else + /* use Shamir's trick to compute u1*mG + u2*mQ using half the doubles */ + if (err == MP_OKAY) + err = ecc_mul2add(mG, &u1, mQ, &u2, mG, &m); +#endif /* ECC_SHAMIR */ + + /* v = X_x1 mod n */ + if (err == MP_OKAY) + err = mp_mod(&mG->x, &p, &v); + + /* does v == r */ + if (err == MP_OKAY) { + if (mp_cmp(&v, &r) == MP_EQ) + *stat = 1; + } + + ecc_del_point(mG); + ecc_del_point(mQ); + + mp_clear(&r); + mp_clear(&s); + mp_clear(&v); + mp_clear(&w); + mp_clear(&u1); + mp_clear(&u2); + mp_clear(&p); + mp_clear(&e); + mp_clear(&m); + + return err; +} + + +/* export public ECC key in ANSI X9.63 format */ +int ecc_export_x963(ecc_key* key, byte* out, word32* outLen) +{ +#ifdef CYASSL_SMALL_STACK + byte* buf; +#else + byte buf[ECC_BUFSIZE]; +#endif + word32 numlen; + int ret = MP_OKAY; + + if (key == NULL || out == NULL || outLen == NULL) + return ECC_BAD_ARG_E; + + if (ecc_is_valid_idx(key->idx) == 0) { + return ECC_BAD_ARG_E; + } + numlen = key->dp->size; + + if (*outLen < (1 + 2*numlen)) { + *outLen = 1 + 2*numlen; + return BUFFER_E; + } + + /* store byte 0x04 */ + out[0] = 0x04; + +#ifdef CYASSL_SMALL_STACK + buf = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (buf == NULL) + return MEMORY_E; +#endif + + do { + /* pad and store x */ + XMEMSET(buf, 0, ECC_BUFSIZE); + ret = mp_to_unsigned_bin(&key->pubkey.x, + buf + (numlen - mp_unsigned_bin_size(&key->pubkey.x))); + if (ret != MP_OKAY) + break; + XMEMCPY(out+1, buf, numlen); + + /* pad and store y */ + XMEMSET(buf, 0, ECC_BUFSIZE); + ret = mp_to_unsigned_bin(&key->pubkey.y, + buf + (numlen - mp_unsigned_bin_size(&key->pubkey.y))); + if (ret != MP_OKAY) + break; + XMEMCPY(out+1+numlen, buf, numlen); + + *outLen = 1 + 2*numlen; + } while (0); + +#ifdef CYASSL_SMALL_STACK + XFREE(buf, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; +} + + +/* import public ECC key in ANSI X9.63 format */ +int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key) +{ + int x, err; + + if (in == NULL || key == NULL) + return ECC_BAD_ARG_E; + + /* must be odd */ + if ((inLen & 1) == 0) { + return ECC_BAD_ARG_E; + } + + /* init key */ + if (mp_init_multi(&key->pubkey.x, &key->pubkey.y, &key->pubkey.z, &key->k, + NULL, NULL) != MP_OKAY) { + return MEMORY_E; + } + err = MP_OKAY; + + /* check for 4, 6 or 7 */ + if (in[0] != 4 && in[0] != 6 && in[0] != 7) { + err = ASN_PARSE_E; + } + + /* read data */ + if (err == MP_OKAY) + err = mp_read_unsigned_bin(&key->pubkey.x, (byte*)in+1, (inLen-1)>>1); + + if (err == MP_OKAY) + err = mp_read_unsigned_bin(&key->pubkey.y, (byte*)in+1+((inLen-1)>>1), + (inLen-1)>>1); + + if (err == MP_OKAY) + mp_set(&key->pubkey.z, 1); + + if (err == MP_OKAY) { + /* determine the idx */ + for (x = 0; ecc_sets[x].size != 0; x++) { + if ((unsigned)ecc_sets[x].size >= ((inLen-1)>>1)) { + break; + } + } + if (ecc_sets[x].size == 0) { + err = ASN_PARSE_E; + } else { + /* set the idx */ + key->idx = x; + key->dp = &ecc_sets[x]; + key->type = ECC_PUBLICKEY; + } + } + + if (err != MP_OKAY) { + mp_clear(&key->pubkey.x); + mp_clear(&key->pubkey.y); + mp_clear(&key->pubkey.z); + mp_clear(&key->k); + } + + return err; +} + + +/* export ecc private key only raw, outLen is in/out size + return MP_OKAY on success */ +int ecc_export_private_only(ecc_key* key, byte* out, word32* outLen) +{ + word32 numlen; + + if (key == NULL || out == NULL || outLen == NULL) + return ECC_BAD_ARG_E; + + if (ecc_is_valid_idx(key->idx) == 0) { + return ECC_BAD_ARG_E; + } + numlen = key->dp->size; + + if (*outLen < numlen) { + *outLen = numlen; + return BUFFER_E; + } + *outLen = numlen; + XMEMSET(out, 0, *outLen); + return mp_to_unsigned_bin(&key->k, out + (numlen - + mp_unsigned_bin_size(&key->k))); +} + + +/* ecc private key import, public key in ANSI X9.63 format, private raw */ +int ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, + word32 pubSz, ecc_key* key) +{ + int ret = ecc_import_x963(pub, pubSz, key); + if (ret != 0) + return ret; + + key->type = ECC_PRIVATEKEY; + + return mp_read_unsigned_bin(&key->k, priv, privSz); +} + + +/* key size in octets */ +int ecc_size(ecc_key* key) +{ + if (key == NULL) return 0; + + return key->dp->size; +} + + +/* worst case estimate, check actual return from ecc_sign_hash for actual value + of signature size in octets */ +int ecc_sig_size(ecc_key* key) +{ + int sz = ecc_size(key); + if (sz < 0) + return sz; + + return sz * 2 + SIG_HEADER_SZ + 4; /* (4) worst case estimate */ +} + + +#ifdef FP_ECC + +/* fixed point ECC cache */ +/* number of entries in the cache */ +#ifndef FP_ENTRIES + #define FP_ENTRIES 16 +#endif + +/* number of bits in LUT */ +#ifndef FP_LUT + #define FP_LUT 8U +#endif + +#ifdef ECC_SHAMIR + /* Sharmir requires a bigger LUT, TAO */ + #if (FP_LUT > 12) || (FP_LUT < 4) + #error FP_LUT must be between 4 and 12 inclusively + #endif +#else + #if (FP_LUT > 12) || (FP_LUT < 2) + #error FP_LUT must be between 2 and 12 inclusively + #endif +#endif + + +/** Our FP cache */ +typedef struct { + ecc_point* g; /* cached COPY of base point */ + ecc_point* LUT[1U< 6 + { 1, 0, 0 }, { 2, 1, 64 }, { 2, 2, 64 }, { 3, 3, 64 }, { 2, 4, 64 }, { 3, 5, 64 }, { 3, 6, 64 }, { 4, 7, 64 }, + { 2, 8, 64 }, { 3, 9, 64 }, { 3, 10, 64 }, { 4, 11, 64 }, { 3, 12, 64 }, { 4, 13, 64 }, { 4, 14, 64 }, { 5, 15, 64 }, + { 2, 16, 64 }, { 3, 17, 64 }, { 3, 18, 64 }, { 4, 19, 64 }, { 3, 20, 64 }, { 4, 21, 64 }, { 4, 22, 64 }, { 5, 23, 64 }, + { 3, 24, 64 }, { 4, 25, 64 }, { 4, 26, 64 }, { 5, 27, 64 }, { 4, 28, 64 }, { 5, 29, 64 }, { 5, 30, 64 }, { 6, 31, 64 }, + { 2, 32, 64 }, { 3, 33, 64 }, { 3, 34, 64 }, { 4, 35, 64 }, { 3, 36, 64 }, { 4, 37, 64 }, { 4, 38, 64 }, { 5, 39, 64 }, + { 3, 40, 64 }, { 4, 41, 64 }, { 4, 42, 64 }, { 5, 43, 64 }, { 4, 44, 64 }, { 5, 45, 64 }, { 5, 46, 64 }, { 6, 47, 64 }, + { 3, 48, 64 }, { 4, 49, 64 }, { 4, 50, 64 }, { 5, 51, 64 }, { 4, 52, 64 }, { 5, 53, 64 }, { 5, 54, 64 }, { 6, 55, 64 }, + { 4, 56, 64 }, { 5, 57, 64 }, { 5, 58, 64 }, { 6, 59, 64 }, { 5, 60, 64 }, { 6, 61, 64 }, { 6, 62, 64 }, { 7, 63, 64 }, +#if FP_LUT > 7 + { 1, 0, 0 }, { 2, 1, 128 }, { 2, 2, 128 }, { 3, 3, 128 }, { 2, 4, 128 }, { 3, 5, 128 }, { 3, 6, 128 }, { 4, 7, 128 }, + { 2, 8, 128 }, { 3, 9, 128 }, { 3, 10, 128 }, { 4, 11, 128 }, { 3, 12, 128 }, { 4, 13, 128 }, { 4, 14, 128 }, { 5, 15, 128 }, + { 2, 16, 128 }, { 3, 17, 128 }, { 3, 18, 128 }, { 4, 19, 128 }, { 3, 20, 128 }, { 4, 21, 128 }, { 4, 22, 128 }, { 5, 23, 128 }, + { 3, 24, 128 }, { 4, 25, 128 }, { 4, 26, 128 }, { 5, 27, 128 }, { 4, 28, 128 }, { 5, 29, 128 }, { 5, 30, 128 }, { 6, 31, 128 }, + { 2, 32, 128 }, { 3, 33, 128 }, { 3, 34, 128 }, { 4, 35, 128 }, { 3, 36, 128 }, { 4, 37, 128 }, { 4, 38, 128 }, { 5, 39, 128 }, + { 3, 40, 128 }, { 4, 41, 128 }, { 4, 42, 128 }, { 5, 43, 128 }, { 4, 44, 128 }, { 5, 45, 128 }, { 5, 46, 128 }, { 6, 47, 128 }, + { 3, 48, 128 }, { 4, 49, 128 }, { 4, 50, 128 }, { 5, 51, 128 }, { 4, 52, 128 }, { 5, 53, 128 }, { 5, 54, 128 }, { 6, 55, 128 }, + { 4, 56, 128 }, { 5, 57, 128 }, { 5, 58, 128 }, { 6, 59, 128 }, { 5, 60, 128 }, { 6, 61, 128 }, { 6, 62, 128 }, { 7, 63, 128 }, + { 2, 64, 128 }, { 3, 65, 128 }, { 3, 66, 128 }, { 4, 67, 128 }, { 3, 68, 128 }, { 4, 69, 128 }, { 4, 70, 128 }, { 5, 71, 128 }, + { 3, 72, 128 }, { 4, 73, 128 }, { 4, 74, 128 }, { 5, 75, 128 }, { 4, 76, 128 }, { 5, 77, 128 }, { 5, 78, 128 }, { 6, 79, 128 }, + { 3, 80, 128 }, { 4, 81, 128 }, { 4, 82, 128 }, { 5, 83, 128 }, { 4, 84, 128 }, { 5, 85, 128 }, { 5, 86, 128 }, { 6, 87, 128 }, + { 4, 88, 128 }, { 5, 89, 128 }, { 5, 90, 128 }, { 6, 91, 128 }, { 5, 92, 128 }, { 6, 93, 128 }, { 6, 94, 128 }, { 7, 95, 128 }, + { 3, 96, 128 }, { 4, 97, 128 }, { 4, 98, 128 }, { 5, 99, 128 }, { 4, 100, 128 }, { 5, 101, 128 }, { 5, 102, 128 }, { 6, 103, 128 }, + { 4, 104, 128 }, { 5, 105, 128 }, { 5, 106, 128 }, { 6, 107, 128 }, { 5, 108, 128 }, { 6, 109, 128 }, { 6, 110, 128 }, { 7, 111, 128 }, + { 4, 112, 128 }, { 5, 113, 128 }, { 5, 114, 128 }, { 6, 115, 128 }, { 5, 116, 128 }, { 6, 117, 128 }, { 6, 118, 128 }, { 7, 119, 128 }, + { 5, 120, 128 }, { 6, 121, 128 }, { 6, 122, 128 }, { 7, 123, 128 }, { 6, 124, 128 }, { 7, 125, 128 }, { 7, 126, 128 }, { 8, 127, 128 }, +#if FP_LUT > 8 + { 1, 0, 0 }, { 2, 1, 256 }, { 2, 2, 256 }, { 3, 3, 256 }, { 2, 4, 256 }, { 3, 5, 256 }, { 3, 6, 256 }, { 4, 7, 256 }, + { 2, 8, 256 }, { 3, 9, 256 }, { 3, 10, 256 }, { 4, 11, 256 }, { 3, 12, 256 }, { 4, 13, 256 }, { 4, 14, 256 }, { 5, 15, 256 }, + { 2, 16, 256 }, { 3, 17, 256 }, { 3, 18, 256 }, { 4, 19, 256 }, { 3, 20, 256 }, { 4, 21, 256 }, { 4, 22, 256 }, { 5, 23, 256 }, + { 3, 24, 256 }, { 4, 25, 256 }, { 4, 26, 256 }, { 5, 27, 256 }, { 4, 28, 256 }, { 5, 29, 256 }, { 5, 30, 256 }, { 6, 31, 256 }, + { 2, 32, 256 }, { 3, 33, 256 }, { 3, 34, 256 }, { 4, 35, 256 }, { 3, 36, 256 }, { 4, 37, 256 }, { 4, 38, 256 }, { 5, 39, 256 }, + { 3, 40, 256 }, { 4, 41, 256 }, { 4, 42, 256 }, { 5, 43, 256 }, { 4, 44, 256 }, { 5, 45, 256 }, { 5, 46, 256 }, { 6, 47, 256 }, + { 3, 48, 256 }, { 4, 49, 256 }, { 4, 50, 256 }, { 5, 51, 256 }, { 4, 52, 256 }, { 5, 53, 256 }, { 5, 54, 256 }, { 6, 55, 256 }, + { 4, 56, 256 }, { 5, 57, 256 }, { 5, 58, 256 }, { 6, 59, 256 }, { 5, 60, 256 }, { 6, 61, 256 }, { 6, 62, 256 }, { 7, 63, 256 }, + { 2, 64, 256 }, { 3, 65, 256 }, { 3, 66, 256 }, { 4, 67, 256 }, { 3, 68, 256 }, { 4, 69, 256 }, { 4, 70, 256 }, { 5, 71, 256 }, + { 3, 72, 256 }, { 4, 73, 256 }, { 4, 74, 256 }, { 5, 75, 256 }, { 4, 76, 256 }, { 5, 77, 256 }, { 5, 78, 256 }, { 6, 79, 256 }, + { 3, 80, 256 }, { 4, 81, 256 }, { 4, 82, 256 }, { 5, 83, 256 }, { 4, 84, 256 }, { 5, 85, 256 }, { 5, 86, 256 }, { 6, 87, 256 }, + { 4, 88, 256 }, { 5, 89, 256 }, { 5, 90, 256 }, { 6, 91, 256 }, { 5, 92, 256 }, { 6, 93, 256 }, { 6, 94, 256 }, { 7, 95, 256 }, + { 3, 96, 256 }, { 4, 97, 256 }, { 4, 98, 256 }, { 5, 99, 256 }, { 4, 100, 256 }, { 5, 101, 256 }, { 5, 102, 256 }, { 6, 103, 256 }, + { 4, 104, 256 }, { 5, 105, 256 }, { 5, 106, 256 }, { 6, 107, 256 }, { 5, 108, 256 }, { 6, 109, 256 }, { 6, 110, 256 }, { 7, 111, 256 }, + { 4, 112, 256 }, { 5, 113, 256 }, { 5, 114, 256 }, { 6, 115, 256 }, { 5, 116, 256 }, { 6, 117, 256 }, { 6, 118, 256 }, { 7, 119, 256 }, + { 5, 120, 256 }, { 6, 121, 256 }, { 6, 122, 256 }, { 7, 123, 256 }, { 6, 124, 256 }, { 7, 125, 256 }, { 7, 126, 256 }, { 8, 127, 256 }, + { 2, 128, 256 }, { 3, 129, 256 }, { 3, 130, 256 }, { 4, 131, 256 }, { 3, 132, 256 }, { 4, 133, 256 }, { 4, 134, 256 }, { 5, 135, 256 }, + { 3, 136, 256 }, { 4, 137, 256 }, { 4, 138, 256 }, { 5, 139, 256 }, { 4, 140, 256 }, { 5, 141, 256 }, { 5, 142, 256 }, { 6, 143, 256 }, + { 3, 144, 256 }, { 4, 145, 256 }, { 4, 146, 256 }, { 5, 147, 256 }, { 4, 148, 256 }, { 5, 149, 256 }, { 5, 150, 256 }, { 6, 151, 256 }, + { 4, 152, 256 }, { 5, 153, 256 }, { 5, 154, 256 }, { 6, 155, 256 }, { 5, 156, 256 }, { 6, 157, 256 }, { 6, 158, 256 }, { 7, 159, 256 }, + { 3, 160, 256 }, { 4, 161, 256 }, { 4, 162, 256 }, { 5, 163, 256 }, { 4, 164, 256 }, { 5, 165, 256 }, { 5, 166, 256 }, { 6, 167, 256 }, + { 4, 168, 256 }, { 5, 169, 256 }, { 5, 170, 256 }, { 6, 171, 256 }, { 5, 172, 256 }, { 6, 173, 256 }, { 6, 174, 256 }, { 7, 175, 256 }, + { 4, 176, 256 }, { 5, 177, 256 }, { 5, 178, 256 }, { 6, 179, 256 }, { 5, 180, 256 }, { 6, 181, 256 }, { 6, 182, 256 }, { 7, 183, 256 }, + { 5, 184, 256 }, { 6, 185, 256 }, { 6, 186, 256 }, { 7, 187, 256 }, { 6, 188, 256 }, { 7, 189, 256 }, { 7, 190, 256 }, { 8, 191, 256 }, + { 3, 192, 256 }, { 4, 193, 256 }, { 4, 194, 256 }, { 5, 195, 256 }, { 4, 196, 256 }, { 5, 197, 256 }, { 5, 198, 256 }, { 6, 199, 256 }, + { 4, 200, 256 }, { 5, 201, 256 }, { 5, 202, 256 }, { 6, 203, 256 }, { 5, 204, 256 }, { 6, 205, 256 }, { 6, 206, 256 }, { 7, 207, 256 }, + { 4, 208, 256 }, { 5, 209, 256 }, { 5, 210, 256 }, { 6, 211, 256 }, { 5, 212, 256 }, { 6, 213, 256 }, { 6, 214, 256 }, { 7, 215, 256 }, + { 5, 216, 256 }, { 6, 217, 256 }, { 6, 218, 256 }, { 7, 219, 256 }, { 6, 220, 256 }, { 7, 221, 256 }, { 7, 222, 256 }, { 8, 223, 256 }, + { 4, 224, 256 }, { 5, 225, 256 }, { 5, 226, 256 }, { 6, 227, 256 }, { 5, 228, 256 }, { 6, 229, 256 }, { 6, 230, 256 }, { 7, 231, 256 }, + { 5, 232, 256 }, { 6, 233, 256 }, { 6, 234, 256 }, { 7, 235, 256 }, { 6, 236, 256 }, { 7, 237, 256 }, { 7, 238, 256 }, { 8, 239, 256 }, + { 5, 240, 256 }, { 6, 241, 256 }, { 6, 242, 256 }, { 7, 243, 256 }, { 6, 244, 256 }, { 7, 245, 256 }, { 7, 246, 256 }, { 8, 247, 256 }, + { 6, 248, 256 }, { 7, 249, 256 }, { 7, 250, 256 }, { 8, 251, 256 }, { 7, 252, 256 }, { 8, 253, 256 }, { 8, 254, 256 }, { 9, 255, 256 }, +#if FP_LUT > 9 + { 1, 0, 0 }, { 2, 1, 512 }, { 2, 2, 512 }, { 3, 3, 512 }, { 2, 4, 512 }, { 3, 5, 512 }, { 3, 6, 512 }, { 4, 7, 512 }, + { 2, 8, 512 }, { 3, 9, 512 }, { 3, 10, 512 }, { 4, 11, 512 }, { 3, 12, 512 }, { 4, 13, 512 }, { 4, 14, 512 }, { 5, 15, 512 }, + { 2, 16, 512 }, { 3, 17, 512 }, { 3, 18, 512 }, { 4, 19, 512 }, { 3, 20, 512 }, { 4, 21, 512 }, { 4, 22, 512 }, { 5, 23, 512 }, + { 3, 24, 512 }, { 4, 25, 512 }, { 4, 26, 512 }, { 5, 27, 512 }, { 4, 28, 512 }, { 5, 29, 512 }, { 5, 30, 512 }, { 6, 31, 512 }, + { 2, 32, 512 }, { 3, 33, 512 }, { 3, 34, 512 }, { 4, 35, 512 }, { 3, 36, 512 }, { 4, 37, 512 }, { 4, 38, 512 }, { 5, 39, 512 }, + { 3, 40, 512 }, { 4, 41, 512 }, { 4, 42, 512 }, { 5, 43, 512 }, { 4, 44, 512 }, { 5, 45, 512 }, { 5, 46, 512 }, { 6, 47, 512 }, + { 3, 48, 512 }, { 4, 49, 512 }, { 4, 50, 512 }, { 5, 51, 512 }, { 4, 52, 512 }, { 5, 53, 512 }, { 5, 54, 512 }, { 6, 55, 512 }, + { 4, 56, 512 }, { 5, 57, 512 }, { 5, 58, 512 }, { 6, 59, 512 }, { 5, 60, 512 }, { 6, 61, 512 }, { 6, 62, 512 }, { 7, 63, 512 }, + { 2, 64, 512 }, { 3, 65, 512 }, { 3, 66, 512 }, { 4, 67, 512 }, { 3, 68, 512 }, { 4, 69, 512 }, { 4, 70, 512 }, { 5, 71, 512 }, + { 3, 72, 512 }, { 4, 73, 512 }, { 4, 74, 512 }, { 5, 75, 512 }, { 4, 76, 512 }, { 5, 77, 512 }, { 5, 78, 512 }, { 6, 79, 512 }, + { 3, 80, 512 }, { 4, 81, 512 }, { 4, 82, 512 }, { 5, 83, 512 }, { 4, 84, 512 }, { 5, 85, 512 }, { 5, 86, 512 }, { 6, 87, 512 }, + { 4, 88, 512 }, { 5, 89, 512 }, { 5, 90, 512 }, { 6, 91, 512 }, { 5, 92, 512 }, { 6, 93, 512 }, { 6, 94, 512 }, { 7, 95, 512 }, + { 3, 96, 512 }, { 4, 97, 512 }, { 4, 98, 512 }, { 5, 99, 512 }, { 4, 100, 512 }, { 5, 101, 512 }, { 5, 102, 512 }, { 6, 103, 512 }, + { 4, 104, 512 }, { 5, 105, 512 }, { 5, 106, 512 }, { 6, 107, 512 }, { 5, 108, 512 }, { 6, 109, 512 }, { 6, 110, 512 }, { 7, 111, 512 }, + { 4, 112, 512 }, { 5, 113, 512 }, { 5, 114, 512 }, { 6, 115, 512 }, { 5, 116, 512 }, { 6, 117, 512 }, { 6, 118, 512 }, { 7, 119, 512 }, + { 5, 120, 512 }, { 6, 121, 512 }, { 6, 122, 512 }, { 7, 123, 512 }, { 6, 124, 512 }, { 7, 125, 512 }, { 7, 126, 512 }, { 8, 127, 512 }, + { 2, 128, 512 }, { 3, 129, 512 }, { 3, 130, 512 }, { 4, 131, 512 }, { 3, 132, 512 }, { 4, 133, 512 }, { 4, 134, 512 }, { 5, 135, 512 }, + { 3, 136, 512 }, { 4, 137, 512 }, { 4, 138, 512 }, { 5, 139, 512 }, { 4, 140, 512 }, { 5, 141, 512 }, { 5, 142, 512 }, { 6, 143, 512 }, + { 3, 144, 512 }, { 4, 145, 512 }, { 4, 146, 512 }, { 5, 147, 512 }, { 4, 148, 512 }, { 5, 149, 512 }, { 5, 150, 512 }, { 6, 151, 512 }, + { 4, 152, 512 }, { 5, 153, 512 }, { 5, 154, 512 }, { 6, 155, 512 }, { 5, 156, 512 }, { 6, 157, 512 }, { 6, 158, 512 }, { 7, 159, 512 }, + { 3, 160, 512 }, { 4, 161, 512 }, { 4, 162, 512 }, { 5, 163, 512 }, { 4, 164, 512 }, { 5, 165, 512 }, { 5, 166, 512 }, { 6, 167, 512 }, + { 4, 168, 512 }, { 5, 169, 512 }, { 5, 170, 512 }, { 6, 171, 512 }, { 5, 172, 512 }, { 6, 173, 512 }, { 6, 174, 512 }, { 7, 175, 512 }, + { 4, 176, 512 }, { 5, 177, 512 }, { 5, 178, 512 }, { 6, 179, 512 }, { 5, 180, 512 }, { 6, 181, 512 }, { 6, 182, 512 }, { 7, 183, 512 }, + { 5, 184, 512 }, { 6, 185, 512 }, { 6, 186, 512 }, { 7, 187, 512 }, { 6, 188, 512 }, { 7, 189, 512 }, { 7, 190, 512 }, { 8, 191, 512 }, + { 3, 192, 512 }, { 4, 193, 512 }, { 4, 194, 512 }, { 5, 195, 512 }, { 4, 196, 512 }, { 5, 197, 512 }, { 5, 198, 512 }, { 6, 199, 512 }, + { 4, 200, 512 }, { 5, 201, 512 }, { 5, 202, 512 }, { 6, 203, 512 }, { 5, 204, 512 }, { 6, 205, 512 }, { 6, 206, 512 }, { 7, 207, 512 }, + { 4, 208, 512 }, { 5, 209, 512 }, { 5, 210, 512 }, { 6, 211, 512 }, { 5, 212, 512 }, { 6, 213, 512 }, { 6, 214, 512 }, { 7, 215, 512 }, + { 5, 216, 512 }, { 6, 217, 512 }, { 6, 218, 512 }, { 7, 219, 512 }, { 6, 220, 512 }, { 7, 221, 512 }, { 7, 222, 512 }, { 8, 223, 512 }, + { 4, 224, 512 }, { 5, 225, 512 }, { 5, 226, 512 }, { 6, 227, 512 }, { 5, 228, 512 }, { 6, 229, 512 }, { 6, 230, 512 }, { 7, 231, 512 }, + { 5, 232, 512 }, { 6, 233, 512 }, { 6, 234, 512 }, { 7, 235, 512 }, { 6, 236, 512 }, { 7, 237, 512 }, { 7, 238, 512 }, { 8, 239, 512 }, + { 5, 240, 512 }, { 6, 241, 512 }, { 6, 242, 512 }, { 7, 243, 512 }, { 6, 244, 512 }, { 7, 245, 512 }, { 7, 246, 512 }, { 8, 247, 512 }, + { 6, 248, 512 }, { 7, 249, 512 }, { 7, 250, 512 }, { 8, 251, 512 }, { 7, 252, 512 }, { 8, 253, 512 }, { 8, 254, 512 }, { 9, 255, 512 }, + { 2, 256, 512 }, { 3, 257, 512 }, { 3, 258, 512 }, { 4, 259, 512 }, { 3, 260, 512 }, { 4, 261, 512 }, { 4, 262, 512 }, { 5, 263, 512 }, + { 3, 264, 512 }, { 4, 265, 512 }, { 4, 266, 512 }, { 5, 267, 512 }, { 4, 268, 512 }, { 5, 269, 512 }, { 5, 270, 512 }, { 6, 271, 512 }, + { 3, 272, 512 }, { 4, 273, 512 }, { 4, 274, 512 }, { 5, 275, 512 }, { 4, 276, 512 }, { 5, 277, 512 }, { 5, 278, 512 }, { 6, 279, 512 }, + { 4, 280, 512 }, { 5, 281, 512 }, { 5, 282, 512 }, { 6, 283, 512 }, { 5, 284, 512 }, { 6, 285, 512 }, { 6, 286, 512 }, { 7, 287, 512 }, + { 3, 288, 512 }, { 4, 289, 512 }, { 4, 290, 512 }, { 5, 291, 512 }, { 4, 292, 512 }, { 5, 293, 512 }, { 5, 294, 512 }, { 6, 295, 512 }, + { 4, 296, 512 }, { 5, 297, 512 }, { 5, 298, 512 }, { 6, 299, 512 }, { 5, 300, 512 }, { 6, 301, 512 }, { 6, 302, 512 }, { 7, 303, 512 }, + { 4, 304, 512 }, { 5, 305, 512 }, { 5, 306, 512 }, { 6, 307, 512 }, { 5, 308, 512 }, { 6, 309, 512 }, { 6, 310, 512 }, { 7, 311, 512 }, + { 5, 312, 512 }, { 6, 313, 512 }, { 6, 314, 512 }, { 7, 315, 512 }, { 6, 316, 512 }, { 7, 317, 512 }, { 7, 318, 512 }, { 8, 319, 512 }, + { 3, 320, 512 }, { 4, 321, 512 }, { 4, 322, 512 }, { 5, 323, 512 }, { 4, 324, 512 }, { 5, 325, 512 }, { 5, 326, 512 }, { 6, 327, 512 }, + { 4, 328, 512 }, { 5, 329, 512 }, { 5, 330, 512 }, { 6, 331, 512 }, { 5, 332, 512 }, { 6, 333, 512 }, { 6, 334, 512 }, { 7, 335, 512 }, + { 4, 336, 512 }, { 5, 337, 512 }, { 5, 338, 512 }, { 6, 339, 512 }, { 5, 340, 512 }, { 6, 341, 512 }, { 6, 342, 512 }, { 7, 343, 512 }, + { 5, 344, 512 }, { 6, 345, 512 }, { 6, 346, 512 }, { 7, 347, 512 }, { 6, 348, 512 }, { 7, 349, 512 }, { 7, 350, 512 }, { 8, 351, 512 }, + { 4, 352, 512 }, { 5, 353, 512 }, { 5, 354, 512 }, { 6, 355, 512 }, { 5, 356, 512 }, { 6, 357, 512 }, { 6, 358, 512 }, { 7, 359, 512 }, + { 5, 360, 512 }, { 6, 361, 512 }, { 6, 362, 512 }, { 7, 363, 512 }, { 6, 364, 512 }, { 7, 365, 512 }, { 7, 366, 512 }, { 8, 367, 512 }, + { 5, 368, 512 }, { 6, 369, 512 }, { 6, 370, 512 }, { 7, 371, 512 }, { 6, 372, 512 }, { 7, 373, 512 }, { 7, 374, 512 }, { 8, 375, 512 }, + { 6, 376, 512 }, { 7, 377, 512 }, { 7, 378, 512 }, { 8, 379, 512 }, { 7, 380, 512 }, { 8, 381, 512 }, { 8, 382, 512 }, { 9, 383, 512 }, + { 3, 384, 512 }, { 4, 385, 512 }, { 4, 386, 512 }, { 5, 387, 512 }, { 4, 388, 512 }, { 5, 389, 512 }, { 5, 390, 512 }, { 6, 391, 512 }, + { 4, 392, 512 }, { 5, 393, 512 }, { 5, 394, 512 }, { 6, 395, 512 }, { 5, 396, 512 }, { 6, 397, 512 }, { 6, 398, 512 }, { 7, 399, 512 }, + { 4, 400, 512 }, { 5, 401, 512 }, { 5, 402, 512 }, { 6, 403, 512 }, { 5, 404, 512 }, { 6, 405, 512 }, { 6, 406, 512 }, { 7, 407, 512 }, + { 5, 408, 512 }, { 6, 409, 512 }, { 6, 410, 512 }, { 7, 411, 512 }, { 6, 412, 512 }, { 7, 413, 512 }, { 7, 414, 512 }, { 8, 415, 512 }, + { 4, 416, 512 }, { 5, 417, 512 }, { 5, 418, 512 }, { 6, 419, 512 }, { 5, 420, 512 }, { 6, 421, 512 }, { 6, 422, 512 }, { 7, 423, 512 }, + { 5, 424, 512 }, { 6, 425, 512 }, { 6, 426, 512 }, { 7, 427, 512 }, { 6, 428, 512 }, { 7, 429, 512 }, { 7, 430, 512 }, { 8, 431, 512 }, + { 5, 432, 512 }, { 6, 433, 512 }, { 6, 434, 512 }, { 7, 435, 512 }, { 6, 436, 512 }, { 7, 437, 512 }, { 7, 438, 512 }, { 8, 439, 512 }, + { 6, 440, 512 }, { 7, 441, 512 }, { 7, 442, 512 }, { 8, 443, 512 }, { 7, 444, 512 }, { 8, 445, 512 }, { 8, 446, 512 }, { 9, 447, 512 }, + { 4, 448, 512 }, { 5, 449, 512 }, { 5, 450, 512 }, { 6, 451, 512 }, { 5, 452, 512 }, { 6, 453, 512 }, { 6, 454, 512 }, { 7, 455, 512 }, + { 5, 456, 512 }, { 6, 457, 512 }, { 6, 458, 512 }, { 7, 459, 512 }, { 6, 460, 512 }, { 7, 461, 512 }, { 7, 462, 512 }, { 8, 463, 512 }, + { 5, 464, 512 }, { 6, 465, 512 }, { 6, 466, 512 }, { 7, 467, 512 }, { 6, 468, 512 }, { 7, 469, 512 }, { 7, 470, 512 }, { 8, 471, 512 }, + { 6, 472, 512 }, { 7, 473, 512 }, { 7, 474, 512 }, { 8, 475, 512 }, { 7, 476, 512 }, { 8, 477, 512 }, { 8, 478, 512 }, { 9, 479, 512 }, + { 5, 480, 512 }, { 6, 481, 512 }, { 6, 482, 512 }, { 7, 483, 512 }, { 6, 484, 512 }, { 7, 485, 512 }, { 7, 486, 512 }, { 8, 487, 512 }, + { 6, 488, 512 }, { 7, 489, 512 }, { 7, 490, 512 }, { 8, 491, 512 }, { 7, 492, 512 }, { 8, 493, 512 }, { 8, 494, 512 }, { 9, 495, 512 }, + { 6, 496, 512 }, { 7, 497, 512 }, { 7, 498, 512 }, { 8, 499, 512 }, { 7, 500, 512 }, { 8, 501, 512 }, { 8, 502, 512 }, { 9, 503, 512 }, + { 7, 504, 512 }, { 8, 505, 512 }, { 8, 506, 512 }, { 9, 507, 512 }, { 8, 508, 512 }, { 9, 509, 512 }, { 9, 510, 512 }, { 10, 511, 512 }, +#if FP_LUT > 10 + { 1, 0, 0 }, { 2, 1, 1024 }, { 2, 2, 1024 }, { 3, 3, 1024 }, { 2, 4, 1024 }, { 3, 5, 1024 }, { 3, 6, 1024 }, { 4, 7, 1024 }, + { 2, 8, 1024 }, { 3, 9, 1024 }, { 3, 10, 1024 }, { 4, 11, 1024 }, { 3, 12, 1024 }, { 4, 13, 1024 }, { 4, 14, 1024 }, { 5, 15, 1024 }, + { 2, 16, 1024 }, { 3, 17, 1024 }, { 3, 18, 1024 }, { 4, 19, 1024 }, { 3, 20, 1024 }, { 4, 21, 1024 }, { 4, 22, 1024 }, { 5, 23, 1024 }, + { 3, 24, 1024 }, { 4, 25, 1024 }, { 4, 26, 1024 }, { 5, 27, 1024 }, { 4, 28, 1024 }, { 5, 29, 1024 }, { 5, 30, 1024 }, { 6, 31, 1024 }, + { 2, 32, 1024 }, { 3, 33, 1024 }, { 3, 34, 1024 }, { 4, 35, 1024 }, { 3, 36, 1024 }, { 4, 37, 1024 }, { 4, 38, 1024 }, { 5, 39, 1024 }, + { 3, 40, 1024 }, { 4, 41, 1024 }, { 4, 42, 1024 }, { 5, 43, 1024 }, { 4, 44, 1024 }, { 5, 45, 1024 }, { 5, 46, 1024 }, { 6, 47, 1024 }, + { 3, 48, 1024 }, { 4, 49, 1024 }, { 4, 50, 1024 }, { 5, 51, 1024 }, { 4, 52, 1024 }, { 5, 53, 1024 }, { 5, 54, 1024 }, { 6, 55, 1024 }, + { 4, 56, 1024 }, { 5, 57, 1024 }, { 5, 58, 1024 }, { 6, 59, 1024 }, { 5, 60, 1024 }, { 6, 61, 1024 }, { 6, 62, 1024 }, { 7, 63, 1024 }, + { 2, 64, 1024 }, { 3, 65, 1024 }, { 3, 66, 1024 }, { 4, 67, 1024 }, { 3, 68, 1024 }, { 4, 69, 1024 }, { 4, 70, 1024 }, { 5, 71, 1024 }, + { 3, 72, 1024 }, { 4, 73, 1024 }, { 4, 74, 1024 }, { 5, 75, 1024 }, { 4, 76, 1024 }, { 5, 77, 1024 }, { 5, 78, 1024 }, { 6, 79, 1024 }, + { 3, 80, 1024 }, { 4, 81, 1024 }, { 4, 82, 1024 }, { 5, 83, 1024 }, { 4, 84, 1024 }, { 5, 85, 1024 }, { 5, 86, 1024 }, { 6, 87, 1024 }, + { 4, 88, 1024 }, { 5, 89, 1024 }, { 5, 90, 1024 }, { 6, 91, 1024 }, { 5, 92, 1024 }, { 6, 93, 1024 }, { 6, 94, 1024 }, { 7, 95, 1024 }, + { 3, 96, 1024 }, { 4, 97, 1024 }, { 4, 98, 1024 }, { 5, 99, 1024 }, { 4, 100, 1024 }, { 5, 101, 1024 }, { 5, 102, 1024 }, { 6, 103, 1024 }, + { 4, 104, 1024 }, { 5, 105, 1024 }, { 5, 106, 1024 }, { 6, 107, 1024 }, { 5, 108, 1024 }, { 6, 109, 1024 }, { 6, 110, 1024 }, { 7, 111, 1024 }, + { 4, 112, 1024 }, { 5, 113, 1024 }, { 5, 114, 1024 }, { 6, 115, 1024 }, { 5, 116, 1024 }, { 6, 117, 1024 }, { 6, 118, 1024 }, { 7, 119, 1024 }, + { 5, 120, 1024 }, { 6, 121, 1024 }, { 6, 122, 1024 }, { 7, 123, 1024 }, { 6, 124, 1024 }, { 7, 125, 1024 }, { 7, 126, 1024 }, { 8, 127, 1024 }, + { 2, 128, 1024 }, { 3, 129, 1024 }, { 3, 130, 1024 }, { 4, 131, 1024 }, { 3, 132, 1024 }, { 4, 133, 1024 }, { 4, 134, 1024 }, { 5, 135, 1024 }, + { 3, 136, 1024 }, { 4, 137, 1024 }, { 4, 138, 1024 }, { 5, 139, 1024 }, { 4, 140, 1024 }, { 5, 141, 1024 }, { 5, 142, 1024 }, { 6, 143, 1024 }, + { 3, 144, 1024 }, { 4, 145, 1024 }, { 4, 146, 1024 }, { 5, 147, 1024 }, { 4, 148, 1024 }, { 5, 149, 1024 }, { 5, 150, 1024 }, { 6, 151, 1024 }, + { 4, 152, 1024 }, { 5, 153, 1024 }, { 5, 154, 1024 }, { 6, 155, 1024 }, { 5, 156, 1024 }, { 6, 157, 1024 }, { 6, 158, 1024 }, { 7, 159, 1024 }, + { 3, 160, 1024 }, { 4, 161, 1024 }, { 4, 162, 1024 }, { 5, 163, 1024 }, { 4, 164, 1024 }, { 5, 165, 1024 }, { 5, 166, 1024 }, { 6, 167, 1024 }, + { 4, 168, 1024 }, { 5, 169, 1024 }, { 5, 170, 1024 }, { 6, 171, 1024 }, { 5, 172, 1024 }, { 6, 173, 1024 }, { 6, 174, 1024 }, { 7, 175, 1024 }, + { 4, 176, 1024 }, { 5, 177, 1024 }, { 5, 178, 1024 }, { 6, 179, 1024 }, { 5, 180, 1024 }, { 6, 181, 1024 }, { 6, 182, 1024 }, { 7, 183, 1024 }, + { 5, 184, 1024 }, { 6, 185, 1024 }, { 6, 186, 1024 }, { 7, 187, 1024 }, { 6, 188, 1024 }, { 7, 189, 1024 }, { 7, 190, 1024 }, { 8, 191, 1024 }, + { 3, 192, 1024 }, { 4, 193, 1024 }, { 4, 194, 1024 }, { 5, 195, 1024 }, { 4, 196, 1024 }, { 5, 197, 1024 }, { 5, 198, 1024 }, { 6, 199, 1024 }, + { 4, 200, 1024 }, { 5, 201, 1024 }, { 5, 202, 1024 }, { 6, 203, 1024 }, { 5, 204, 1024 }, { 6, 205, 1024 }, { 6, 206, 1024 }, { 7, 207, 1024 }, + { 4, 208, 1024 }, { 5, 209, 1024 }, { 5, 210, 1024 }, { 6, 211, 1024 }, { 5, 212, 1024 }, { 6, 213, 1024 }, { 6, 214, 1024 }, { 7, 215, 1024 }, + { 5, 216, 1024 }, { 6, 217, 1024 }, { 6, 218, 1024 }, { 7, 219, 1024 }, { 6, 220, 1024 }, { 7, 221, 1024 }, { 7, 222, 1024 }, { 8, 223, 1024 }, + { 4, 224, 1024 }, { 5, 225, 1024 }, { 5, 226, 1024 }, { 6, 227, 1024 }, { 5, 228, 1024 }, { 6, 229, 1024 }, { 6, 230, 1024 }, { 7, 231, 1024 }, + { 5, 232, 1024 }, { 6, 233, 1024 }, { 6, 234, 1024 }, { 7, 235, 1024 }, { 6, 236, 1024 }, { 7, 237, 1024 }, { 7, 238, 1024 }, { 8, 239, 1024 }, + { 5, 240, 1024 }, { 6, 241, 1024 }, { 6, 242, 1024 }, { 7, 243, 1024 }, { 6, 244, 1024 }, { 7, 245, 1024 }, { 7, 246, 1024 }, { 8, 247, 1024 }, + { 6, 248, 1024 }, { 7, 249, 1024 }, { 7, 250, 1024 }, { 8, 251, 1024 }, { 7, 252, 1024 }, { 8, 253, 1024 }, { 8, 254, 1024 }, { 9, 255, 1024 }, + { 2, 256, 1024 }, { 3, 257, 1024 }, { 3, 258, 1024 }, { 4, 259, 1024 }, { 3, 260, 1024 }, { 4, 261, 1024 }, { 4, 262, 1024 }, { 5, 263, 1024 }, + { 3, 264, 1024 }, { 4, 265, 1024 }, { 4, 266, 1024 }, { 5, 267, 1024 }, { 4, 268, 1024 }, { 5, 269, 1024 }, { 5, 270, 1024 }, { 6, 271, 1024 }, + { 3, 272, 1024 }, { 4, 273, 1024 }, { 4, 274, 1024 }, { 5, 275, 1024 }, { 4, 276, 1024 }, { 5, 277, 1024 }, { 5, 278, 1024 }, { 6, 279, 1024 }, + { 4, 280, 1024 }, { 5, 281, 1024 }, { 5, 282, 1024 }, { 6, 283, 1024 }, { 5, 284, 1024 }, { 6, 285, 1024 }, { 6, 286, 1024 }, { 7, 287, 1024 }, + { 3, 288, 1024 }, { 4, 289, 1024 }, { 4, 290, 1024 }, { 5, 291, 1024 }, { 4, 292, 1024 }, { 5, 293, 1024 }, { 5, 294, 1024 }, { 6, 295, 1024 }, + { 4, 296, 1024 }, { 5, 297, 1024 }, { 5, 298, 1024 }, { 6, 299, 1024 }, { 5, 300, 1024 }, { 6, 301, 1024 }, { 6, 302, 1024 }, { 7, 303, 1024 }, + { 4, 304, 1024 }, { 5, 305, 1024 }, { 5, 306, 1024 }, { 6, 307, 1024 }, { 5, 308, 1024 }, { 6, 309, 1024 }, { 6, 310, 1024 }, { 7, 311, 1024 }, + { 5, 312, 1024 }, { 6, 313, 1024 }, { 6, 314, 1024 }, { 7, 315, 1024 }, { 6, 316, 1024 }, { 7, 317, 1024 }, { 7, 318, 1024 }, { 8, 319, 1024 }, + { 3, 320, 1024 }, { 4, 321, 1024 }, { 4, 322, 1024 }, { 5, 323, 1024 }, { 4, 324, 1024 }, { 5, 325, 1024 }, { 5, 326, 1024 }, { 6, 327, 1024 }, + { 4, 328, 1024 }, { 5, 329, 1024 }, { 5, 330, 1024 }, { 6, 331, 1024 }, { 5, 332, 1024 }, { 6, 333, 1024 }, { 6, 334, 1024 }, { 7, 335, 1024 }, + { 4, 336, 1024 }, { 5, 337, 1024 }, { 5, 338, 1024 }, { 6, 339, 1024 }, { 5, 340, 1024 }, { 6, 341, 1024 }, { 6, 342, 1024 }, { 7, 343, 1024 }, + { 5, 344, 1024 }, { 6, 345, 1024 }, { 6, 346, 1024 }, { 7, 347, 1024 }, { 6, 348, 1024 }, { 7, 349, 1024 }, { 7, 350, 1024 }, { 8, 351, 1024 }, + { 4, 352, 1024 }, { 5, 353, 1024 }, { 5, 354, 1024 }, { 6, 355, 1024 }, { 5, 356, 1024 }, { 6, 357, 1024 }, { 6, 358, 1024 }, { 7, 359, 1024 }, + { 5, 360, 1024 }, { 6, 361, 1024 }, { 6, 362, 1024 }, { 7, 363, 1024 }, { 6, 364, 1024 }, { 7, 365, 1024 }, { 7, 366, 1024 }, { 8, 367, 1024 }, + { 5, 368, 1024 }, { 6, 369, 1024 }, { 6, 370, 1024 }, { 7, 371, 1024 }, { 6, 372, 1024 }, { 7, 373, 1024 }, { 7, 374, 1024 }, { 8, 375, 1024 }, + { 6, 376, 1024 }, { 7, 377, 1024 }, { 7, 378, 1024 }, { 8, 379, 1024 }, { 7, 380, 1024 }, { 8, 381, 1024 }, { 8, 382, 1024 }, { 9, 383, 1024 }, + { 3, 384, 1024 }, { 4, 385, 1024 }, { 4, 386, 1024 }, { 5, 387, 1024 }, { 4, 388, 1024 }, { 5, 389, 1024 }, { 5, 390, 1024 }, { 6, 391, 1024 }, + { 4, 392, 1024 }, { 5, 393, 1024 }, { 5, 394, 1024 }, { 6, 395, 1024 }, { 5, 396, 1024 }, { 6, 397, 1024 }, { 6, 398, 1024 }, { 7, 399, 1024 }, + { 4, 400, 1024 }, { 5, 401, 1024 }, { 5, 402, 1024 }, { 6, 403, 1024 }, { 5, 404, 1024 }, { 6, 405, 1024 }, { 6, 406, 1024 }, { 7, 407, 1024 }, + { 5, 408, 1024 }, { 6, 409, 1024 }, { 6, 410, 1024 }, { 7, 411, 1024 }, { 6, 412, 1024 }, { 7, 413, 1024 }, { 7, 414, 1024 }, { 8, 415, 1024 }, + { 4, 416, 1024 }, { 5, 417, 1024 }, { 5, 418, 1024 }, { 6, 419, 1024 }, { 5, 420, 1024 }, { 6, 421, 1024 }, { 6, 422, 1024 }, { 7, 423, 1024 }, + { 5, 424, 1024 }, { 6, 425, 1024 }, { 6, 426, 1024 }, { 7, 427, 1024 }, { 6, 428, 1024 }, { 7, 429, 1024 }, { 7, 430, 1024 }, { 8, 431, 1024 }, + { 5, 432, 1024 }, { 6, 433, 1024 }, { 6, 434, 1024 }, { 7, 435, 1024 }, { 6, 436, 1024 }, { 7, 437, 1024 }, { 7, 438, 1024 }, { 8, 439, 1024 }, + { 6, 440, 1024 }, { 7, 441, 1024 }, { 7, 442, 1024 }, { 8, 443, 1024 }, { 7, 444, 1024 }, { 8, 445, 1024 }, { 8, 446, 1024 }, { 9, 447, 1024 }, + { 4, 448, 1024 }, { 5, 449, 1024 }, { 5, 450, 1024 }, { 6, 451, 1024 }, { 5, 452, 1024 }, { 6, 453, 1024 }, { 6, 454, 1024 }, { 7, 455, 1024 }, + { 5, 456, 1024 }, { 6, 457, 1024 }, { 6, 458, 1024 }, { 7, 459, 1024 }, { 6, 460, 1024 }, { 7, 461, 1024 }, { 7, 462, 1024 }, { 8, 463, 1024 }, + { 5, 464, 1024 }, { 6, 465, 1024 }, { 6, 466, 1024 }, { 7, 467, 1024 }, { 6, 468, 1024 }, { 7, 469, 1024 }, { 7, 470, 1024 }, { 8, 471, 1024 }, + { 6, 472, 1024 }, { 7, 473, 1024 }, { 7, 474, 1024 }, { 8, 475, 1024 }, { 7, 476, 1024 }, { 8, 477, 1024 }, { 8, 478, 1024 }, { 9, 479, 1024 }, + { 5, 480, 1024 }, { 6, 481, 1024 }, { 6, 482, 1024 }, { 7, 483, 1024 }, { 6, 484, 1024 }, { 7, 485, 1024 }, { 7, 486, 1024 }, { 8, 487, 1024 }, + { 6, 488, 1024 }, { 7, 489, 1024 }, { 7, 490, 1024 }, { 8, 491, 1024 }, { 7, 492, 1024 }, { 8, 493, 1024 }, { 8, 494, 1024 }, { 9, 495, 1024 }, + { 6, 496, 1024 }, { 7, 497, 1024 }, { 7, 498, 1024 }, { 8, 499, 1024 }, { 7, 500, 1024 }, { 8, 501, 1024 }, { 8, 502, 1024 }, { 9, 503, 1024 }, + { 7, 504, 1024 }, { 8, 505, 1024 }, { 8, 506, 1024 }, { 9, 507, 1024 }, { 8, 508, 1024 }, { 9, 509, 1024 }, { 9, 510, 1024 }, { 10, 511, 1024 }, + { 2, 512, 1024 }, { 3, 513, 1024 }, { 3, 514, 1024 }, { 4, 515, 1024 }, { 3, 516, 1024 }, { 4, 517, 1024 }, { 4, 518, 1024 }, { 5, 519, 1024 }, + { 3, 520, 1024 }, { 4, 521, 1024 }, { 4, 522, 1024 }, { 5, 523, 1024 }, { 4, 524, 1024 }, { 5, 525, 1024 }, { 5, 526, 1024 }, { 6, 527, 1024 }, + { 3, 528, 1024 }, { 4, 529, 1024 }, { 4, 530, 1024 }, { 5, 531, 1024 }, { 4, 532, 1024 }, { 5, 533, 1024 }, { 5, 534, 1024 }, { 6, 535, 1024 }, + { 4, 536, 1024 }, { 5, 537, 1024 }, { 5, 538, 1024 }, { 6, 539, 1024 }, { 5, 540, 1024 }, { 6, 541, 1024 }, { 6, 542, 1024 }, { 7, 543, 1024 }, + { 3, 544, 1024 }, { 4, 545, 1024 }, { 4, 546, 1024 }, { 5, 547, 1024 }, { 4, 548, 1024 }, { 5, 549, 1024 }, { 5, 550, 1024 }, { 6, 551, 1024 }, + { 4, 552, 1024 }, { 5, 553, 1024 }, { 5, 554, 1024 }, { 6, 555, 1024 }, { 5, 556, 1024 }, { 6, 557, 1024 }, { 6, 558, 1024 }, { 7, 559, 1024 }, + { 4, 560, 1024 }, { 5, 561, 1024 }, { 5, 562, 1024 }, { 6, 563, 1024 }, { 5, 564, 1024 }, { 6, 565, 1024 }, { 6, 566, 1024 }, { 7, 567, 1024 }, + { 5, 568, 1024 }, { 6, 569, 1024 }, { 6, 570, 1024 }, { 7, 571, 1024 }, { 6, 572, 1024 }, { 7, 573, 1024 }, { 7, 574, 1024 }, { 8, 575, 1024 }, + { 3, 576, 1024 }, { 4, 577, 1024 }, { 4, 578, 1024 }, { 5, 579, 1024 }, { 4, 580, 1024 }, { 5, 581, 1024 }, { 5, 582, 1024 }, { 6, 583, 1024 }, + { 4, 584, 1024 }, { 5, 585, 1024 }, { 5, 586, 1024 }, { 6, 587, 1024 }, { 5, 588, 1024 }, { 6, 589, 1024 }, { 6, 590, 1024 }, { 7, 591, 1024 }, + { 4, 592, 1024 }, { 5, 593, 1024 }, { 5, 594, 1024 }, { 6, 595, 1024 }, { 5, 596, 1024 }, { 6, 597, 1024 }, { 6, 598, 1024 }, { 7, 599, 1024 }, + { 5, 600, 1024 }, { 6, 601, 1024 }, { 6, 602, 1024 }, { 7, 603, 1024 }, { 6, 604, 1024 }, { 7, 605, 1024 }, { 7, 606, 1024 }, { 8, 607, 1024 }, + { 4, 608, 1024 }, { 5, 609, 1024 }, { 5, 610, 1024 }, { 6, 611, 1024 }, { 5, 612, 1024 }, { 6, 613, 1024 }, { 6, 614, 1024 }, { 7, 615, 1024 }, + { 5, 616, 1024 }, { 6, 617, 1024 }, { 6, 618, 1024 }, { 7, 619, 1024 }, { 6, 620, 1024 }, { 7, 621, 1024 }, { 7, 622, 1024 }, { 8, 623, 1024 }, + { 5, 624, 1024 }, { 6, 625, 1024 }, { 6, 626, 1024 }, { 7, 627, 1024 }, { 6, 628, 1024 }, { 7, 629, 1024 }, { 7, 630, 1024 }, { 8, 631, 1024 }, + { 6, 632, 1024 }, { 7, 633, 1024 }, { 7, 634, 1024 }, { 8, 635, 1024 }, { 7, 636, 1024 }, { 8, 637, 1024 }, { 8, 638, 1024 }, { 9, 639, 1024 }, + { 3, 640, 1024 }, { 4, 641, 1024 }, { 4, 642, 1024 }, { 5, 643, 1024 }, { 4, 644, 1024 }, { 5, 645, 1024 }, { 5, 646, 1024 }, { 6, 647, 1024 }, + { 4, 648, 1024 }, { 5, 649, 1024 }, { 5, 650, 1024 }, { 6, 651, 1024 }, { 5, 652, 1024 }, { 6, 653, 1024 }, { 6, 654, 1024 }, { 7, 655, 1024 }, + { 4, 656, 1024 }, { 5, 657, 1024 }, { 5, 658, 1024 }, { 6, 659, 1024 }, { 5, 660, 1024 }, { 6, 661, 1024 }, { 6, 662, 1024 }, { 7, 663, 1024 }, + { 5, 664, 1024 }, { 6, 665, 1024 }, { 6, 666, 1024 }, { 7, 667, 1024 }, { 6, 668, 1024 }, { 7, 669, 1024 }, { 7, 670, 1024 }, { 8, 671, 1024 }, + { 4, 672, 1024 }, { 5, 673, 1024 }, { 5, 674, 1024 }, { 6, 675, 1024 }, { 5, 676, 1024 }, { 6, 677, 1024 }, { 6, 678, 1024 }, { 7, 679, 1024 }, + { 5, 680, 1024 }, { 6, 681, 1024 }, { 6, 682, 1024 }, { 7, 683, 1024 }, { 6, 684, 1024 }, { 7, 685, 1024 }, { 7, 686, 1024 }, { 8, 687, 1024 }, + { 5, 688, 1024 }, { 6, 689, 1024 }, { 6, 690, 1024 }, { 7, 691, 1024 }, { 6, 692, 1024 }, { 7, 693, 1024 }, { 7, 694, 1024 }, { 8, 695, 1024 }, + { 6, 696, 1024 }, { 7, 697, 1024 }, { 7, 698, 1024 }, { 8, 699, 1024 }, { 7, 700, 1024 }, { 8, 701, 1024 }, { 8, 702, 1024 }, { 9, 703, 1024 }, + { 4, 704, 1024 }, { 5, 705, 1024 }, { 5, 706, 1024 }, { 6, 707, 1024 }, { 5, 708, 1024 }, { 6, 709, 1024 }, { 6, 710, 1024 }, { 7, 711, 1024 }, + { 5, 712, 1024 }, { 6, 713, 1024 }, { 6, 714, 1024 }, { 7, 715, 1024 }, { 6, 716, 1024 }, { 7, 717, 1024 }, { 7, 718, 1024 }, { 8, 719, 1024 }, + { 5, 720, 1024 }, { 6, 721, 1024 }, { 6, 722, 1024 }, { 7, 723, 1024 }, { 6, 724, 1024 }, { 7, 725, 1024 }, { 7, 726, 1024 }, { 8, 727, 1024 }, + { 6, 728, 1024 }, { 7, 729, 1024 }, { 7, 730, 1024 }, { 8, 731, 1024 }, { 7, 732, 1024 }, { 8, 733, 1024 }, { 8, 734, 1024 }, { 9, 735, 1024 }, + { 5, 736, 1024 }, { 6, 737, 1024 }, { 6, 738, 1024 }, { 7, 739, 1024 }, { 6, 740, 1024 }, { 7, 741, 1024 }, { 7, 742, 1024 }, { 8, 743, 1024 }, + { 6, 744, 1024 }, { 7, 745, 1024 }, { 7, 746, 1024 }, { 8, 747, 1024 }, { 7, 748, 1024 }, { 8, 749, 1024 }, { 8, 750, 1024 }, { 9, 751, 1024 }, + { 6, 752, 1024 }, { 7, 753, 1024 }, { 7, 754, 1024 }, { 8, 755, 1024 }, { 7, 756, 1024 }, { 8, 757, 1024 }, { 8, 758, 1024 }, { 9, 759, 1024 }, + { 7, 760, 1024 }, { 8, 761, 1024 }, { 8, 762, 1024 }, { 9, 763, 1024 }, { 8, 764, 1024 }, { 9, 765, 1024 }, { 9, 766, 1024 }, { 10, 767, 1024 }, + { 3, 768, 1024 }, { 4, 769, 1024 }, { 4, 770, 1024 }, { 5, 771, 1024 }, { 4, 772, 1024 }, { 5, 773, 1024 }, { 5, 774, 1024 }, { 6, 775, 1024 }, + { 4, 776, 1024 }, { 5, 777, 1024 }, { 5, 778, 1024 }, { 6, 779, 1024 }, { 5, 780, 1024 }, { 6, 781, 1024 }, { 6, 782, 1024 }, { 7, 783, 1024 }, + { 4, 784, 1024 }, { 5, 785, 1024 }, { 5, 786, 1024 }, { 6, 787, 1024 }, { 5, 788, 1024 }, { 6, 789, 1024 }, { 6, 790, 1024 }, { 7, 791, 1024 }, + { 5, 792, 1024 }, { 6, 793, 1024 }, { 6, 794, 1024 }, { 7, 795, 1024 }, { 6, 796, 1024 }, { 7, 797, 1024 }, { 7, 798, 1024 }, { 8, 799, 1024 }, + { 4, 800, 1024 }, { 5, 801, 1024 }, { 5, 802, 1024 }, { 6, 803, 1024 }, { 5, 804, 1024 }, { 6, 805, 1024 }, { 6, 806, 1024 }, { 7, 807, 1024 }, + { 5, 808, 1024 }, { 6, 809, 1024 }, { 6, 810, 1024 }, { 7, 811, 1024 }, { 6, 812, 1024 }, { 7, 813, 1024 }, { 7, 814, 1024 }, { 8, 815, 1024 }, + { 5, 816, 1024 }, { 6, 817, 1024 }, { 6, 818, 1024 }, { 7, 819, 1024 }, { 6, 820, 1024 }, { 7, 821, 1024 }, { 7, 822, 1024 }, { 8, 823, 1024 }, + { 6, 824, 1024 }, { 7, 825, 1024 }, { 7, 826, 1024 }, { 8, 827, 1024 }, { 7, 828, 1024 }, { 8, 829, 1024 }, { 8, 830, 1024 }, { 9, 831, 1024 }, + { 4, 832, 1024 }, { 5, 833, 1024 }, { 5, 834, 1024 }, { 6, 835, 1024 }, { 5, 836, 1024 }, { 6, 837, 1024 }, { 6, 838, 1024 }, { 7, 839, 1024 }, + { 5, 840, 1024 }, { 6, 841, 1024 }, { 6, 842, 1024 }, { 7, 843, 1024 }, { 6, 844, 1024 }, { 7, 845, 1024 }, { 7, 846, 1024 }, { 8, 847, 1024 }, + { 5, 848, 1024 }, { 6, 849, 1024 }, { 6, 850, 1024 }, { 7, 851, 1024 }, { 6, 852, 1024 }, { 7, 853, 1024 }, { 7, 854, 1024 }, { 8, 855, 1024 }, + { 6, 856, 1024 }, { 7, 857, 1024 }, { 7, 858, 1024 }, { 8, 859, 1024 }, { 7, 860, 1024 }, { 8, 861, 1024 }, { 8, 862, 1024 }, { 9, 863, 1024 }, + { 5, 864, 1024 }, { 6, 865, 1024 }, { 6, 866, 1024 }, { 7, 867, 1024 }, { 6, 868, 1024 }, { 7, 869, 1024 }, { 7, 870, 1024 }, { 8, 871, 1024 }, + { 6, 872, 1024 }, { 7, 873, 1024 }, { 7, 874, 1024 }, { 8, 875, 1024 }, { 7, 876, 1024 }, { 8, 877, 1024 }, { 8, 878, 1024 }, { 9, 879, 1024 }, + { 6, 880, 1024 }, { 7, 881, 1024 }, { 7, 882, 1024 }, { 8, 883, 1024 }, { 7, 884, 1024 }, { 8, 885, 1024 }, { 8, 886, 1024 }, { 9, 887, 1024 }, + { 7, 888, 1024 }, { 8, 889, 1024 }, { 8, 890, 1024 }, { 9, 891, 1024 }, { 8, 892, 1024 }, { 9, 893, 1024 }, { 9, 894, 1024 }, { 10, 895, 1024 }, + { 4, 896, 1024 }, { 5, 897, 1024 }, { 5, 898, 1024 }, { 6, 899, 1024 }, { 5, 900, 1024 }, { 6, 901, 1024 }, { 6, 902, 1024 }, { 7, 903, 1024 }, + { 5, 904, 1024 }, { 6, 905, 1024 }, { 6, 906, 1024 }, { 7, 907, 1024 }, { 6, 908, 1024 }, { 7, 909, 1024 }, { 7, 910, 1024 }, { 8, 911, 1024 }, + { 5, 912, 1024 }, { 6, 913, 1024 }, { 6, 914, 1024 }, { 7, 915, 1024 }, { 6, 916, 1024 }, { 7, 917, 1024 }, { 7, 918, 1024 }, { 8, 919, 1024 }, + { 6, 920, 1024 }, { 7, 921, 1024 }, { 7, 922, 1024 }, { 8, 923, 1024 }, { 7, 924, 1024 }, { 8, 925, 1024 }, { 8, 926, 1024 }, { 9, 927, 1024 }, + { 5, 928, 1024 }, { 6, 929, 1024 }, { 6, 930, 1024 }, { 7, 931, 1024 }, { 6, 932, 1024 }, { 7, 933, 1024 }, { 7, 934, 1024 }, { 8, 935, 1024 }, + { 6, 936, 1024 }, { 7, 937, 1024 }, { 7, 938, 1024 }, { 8, 939, 1024 }, { 7, 940, 1024 }, { 8, 941, 1024 }, { 8, 942, 1024 }, { 9, 943, 1024 }, + { 6, 944, 1024 }, { 7, 945, 1024 }, { 7, 946, 1024 }, { 8, 947, 1024 }, { 7, 948, 1024 }, { 8, 949, 1024 }, { 8, 950, 1024 }, { 9, 951, 1024 }, + { 7, 952, 1024 }, { 8, 953, 1024 }, { 8, 954, 1024 }, { 9, 955, 1024 }, { 8, 956, 1024 }, { 9, 957, 1024 }, { 9, 958, 1024 }, { 10, 959, 1024 }, + { 5, 960, 1024 }, { 6, 961, 1024 }, { 6, 962, 1024 }, { 7, 963, 1024 }, { 6, 964, 1024 }, { 7, 965, 1024 }, { 7, 966, 1024 }, { 8, 967, 1024 }, + { 6, 968, 1024 }, { 7, 969, 1024 }, { 7, 970, 1024 }, { 8, 971, 1024 }, { 7, 972, 1024 }, { 8, 973, 1024 }, { 8, 974, 1024 }, { 9, 975, 1024 }, + { 6, 976, 1024 }, { 7, 977, 1024 }, { 7, 978, 1024 }, { 8, 979, 1024 }, { 7, 980, 1024 }, { 8, 981, 1024 }, { 8, 982, 1024 }, { 9, 983, 1024 }, + { 7, 984, 1024 }, { 8, 985, 1024 }, { 8, 986, 1024 }, { 9, 987, 1024 }, { 8, 988, 1024 }, { 9, 989, 1024 }, { 9, 990, 1024 }, { 10, 991, 1024 }, + { 6, 992, 1024 }, { 7, 993, 1024 }, { 7, 994, 1024 }, { 8, 995, 1024 }, { 7, 996, 1024 }, { 8, 997, 1024 }, { 8, 998, 1024 }, { 9, 999, 1024 }, + { 7, 1000, 1024 }, { 8, 1001, 1024 }, { 8, 1002, 1024 }, { 9, 1003, 1024 }, { 8, 1004, 1024 }, { 9, 1005, 1024 }, { 9, 1006, 1024 }, { 10, 1007, 1024 }, + { 7, 1008, 1024 }, { 8, 1009, 1024 }, { 8, 1010, 1024 }, { 9, 1011, 1024 }, { 8, 1012, 1024 }, { 9, 1013, 1024 }, { 9, 1014, 1024 }, { 10, 1015, 1024 }, + { 8, 1016, 1024 }, { 9, 1017, 1024 }, { 9, 1018, 1024 }, { 10, 1019, 1024 }, { 9, 1020, 1024 }, { 10, 1021, 1024 }, { 10, 1022, 1024 }, { 11, 1023, 1024 }, +#if FP_LUT > 11 + { 1, 0, 0 }, { 2, 1, 2048 }, { 2, 2, 2048 }, { 3, 3, 2048 }, { 2, 4, 2048 }, { 3, 5, 2048 }, { 3, 6, 2048 }, { 4, 7, 2048 }, + { 2, 8, 2048 }, { 3, 9, 2048 }, { 3, 10, 2048 }, { 4, 11, 2048 }, { 3, 12, 2048 }, { 4, 13, 2048 }, { 4, 14, 2048 }, { 5, 15, 2048 }, + { 2, 16, 2048 }, { 3, 17, 2048 }, { 3, 18, 2048 }, { 4, 19, 2048 }, { 3, 20, 2048 }, { 4, 21, 2048 }, { 4, 22, 2048 }, { 5, 23, 2048 }, + { 3, 24, 2048 }, { 4, 25, 2048 }, { 4, 26, 2048 }, { 5, 27, 2048 }, { 4, 28, 2048 }, { 5, 29, 2048 }, { 5, 30, 2048 }, { 6, 31, 2048 }, + { 2, 32, 2048 }, { 3, 33, 2048 }, { 3, 34, 2048 }, { 4, 35, 2048 }, { 3, 36, 2048 }, { 4, 37, 2048 }, { 4, 38, 2048 }, { 5, 39, 2048 }, + { 3, 40, 2048 }, { 4, 41, 2048 }, { 4, 42, 2048 }, { 5, 43, 2048 }, { 4, 44, 2048 }, { 5, 45, 2048 }, { 5, 46, 2048 }, { 6, 47, 2048 }, + { 3, 48, 2048 }, { 4, 49, 2048 }, { 4, 50, 2048 }, { 5, 51, 2048 }, { 4, 52, 2048 }, { 5, 53, 2048 }, { 5, 54, 2048 }, { 6, 55, 2048 }, + { 4, 56, 2048 }, { 5, 57, 2048 }, { 5, 58, 2048 }, { 6, 59, 2048 }, { 5, 60, 2048 }, { 6, 61, 2048 }, { 6, 62, 2048 }, { 7, 63, 2048 }, + { 2, 64, 2048 }, { 3, 65, 2048 }, { 3, 66, 2048 }, { 4, 67, 2048 }, { 3, 68, 2048 }, { 4, 69, 2048 }, { 4, 70, 2048 }, { 5, 71, 2048 }, + { 3, 72, 2048 }, { 4, 73, 2048 }, { 4, 74, 2048 }, { 5, 75, 2048 }, { 4, 76, 2048 }, { 5, 77, 2048 }, { 5, 78, 2048 }, { 6, 79, 2048 }, + { 3, 80, 2048 }, { 4, 81, 2048 }, { 4, 82, 2048 }, { 5, 83, 2048 }, { 4, 84, 2048 }, { 5, 85, 2048 }, { 5, 86, 2048 }, { 6, 87, 2048 }, + { 4, 88, 2048 }, { 5, 89, 2048 }, { 5, 90, 2048 }, { 6, 91, 2048 }, { 5, 92, 2048 }, { 6, 93, 2048 }, { 6, 94, 2048 }, { 7, 95, 2048 }, + { 3, 96, 2048 }, { 4, 97, 2048 }, { 4, 98, 2048 }, { 5, 99, 2048 }, { 4, 100, 2048 }, { 5, 101, 2048 }, { 5, 102, 2048 }, { 6, 103, 2048 }, + { 4, 104, 2048 }, { 5, 105, 2048 }, { 5, 106, 2048 }, { 6, 107, 2048 }, { 5, 108, 2048 }, { 6, 109, 2048 }, { 6, 110, 2048 }, { 7, 111, 2048 }, + { 4, 112, 2048 }, { 5, 113, 2048 }, { 5, 114, 2048 }, { 6, 115, 2048 }, { 5, 116, 2048 }, { 6, 117, 2048 }, { 6, 118, 2048 }, { 7, 119, 2048 }, + { 5, 120, 2048 }, { 6, 121, 2048 }, { 6, 122, 2048 }, { 7, 123, 2048 }, { 6, 124, 2048 }, { 7, 125, 2048 }, { 7, 126, 2048 }, { 8, 127, 2048 }, + { 2, 128, 2048 }, { 3, 129, 2048 }, { 3, 130, 2048 }, { 4, 131, 2048 }, { 3, 132, 2048 }, { 4, 133, 2048 }, { 4, 134, 2048 }, { 5, 135, 2048 }, + { 3, 136, 2048 }, { 4, 137, 2048 }, { 4, 138, 2048 }, { 5, 139, 2048 }, { 4, 140, 2048 }, { 5, 141, 2048 }, { 5, 142, 2048 }, { 6, 143, 2048 }, + { 3, 144, 2048 }, { 4, 145, 2048 }, { 4, 146, 2048 }, { 5, 147, 2048 }, { 4, 148, 2048 }, { 5, 149, 2048 }, { 5, 150, 2048 }, { 6, 151, 2048 }, + { 4, 152, 2048 }, { 5, 153, 2048 }, { 5, 154, 2048 }, { 6, 155, 2048 }, { 5, 156, 2048 }, { 6, 157, 2048 }, { 6, 158, 2048 }, { 7, 159, 2048 }, + { 3, 160, 2048 }, { 4, 161, 2048 }, { 4, 162, 2048 }, { 5, 163, 2048 }, { 4, 164, 2048 }, { 5, 165, 2048 }, { 5, 166, 2048 }, { 6, 167, 2048 }, + { 4, 168, 2048 }, { 5, 169, 2048 }, { 5, 170, 2048 }, { 6, 171, 2048 }, { 5, 172, 2048 }, { 6, 173, 2048 }, { 6, 174, 2048 }, { 7, 175, 2048 }, + { 4, 176, 2048 }, { 5, 177, 2048 }, { 5, 178, 2048 }, { 6, 179, 2048 }, { 5, 180, 2048 }, { 6, 181, 2048 }, { 6, 182, 2048 }, { 7, 183, 2048 }, + { 5, 184, 2048 }, { 6, 185, 2048 }, { 6, 186, 2048 }, { 7, 187, 2048 }, { 6, 188, 2048 }, { 7, 189, 2048 }, { 7, 190, 2048 }, { 8, 191, 2048 }, + { 3, 192, 2048 }, { 4, 193, 2048 }, { 4, 194, 2048 }, { 5, 195, 2048 }, { 4, 196, 2048 }, { 5, 197, 2048 }, { 5, 198, 2048 }, { 6, 199, 2048 }, + { 4, 200, 2048 }, { 5, 201, 2048 }, { 5, 202, 2048 }, { 6, 203, 2048 }, { 5, 204, 2048 }, { 6, 205, 2048 }, { 6, 206, 2048 }, { 7, 207, 2048 }, + { 4, 208, 2048 }, { 5, 209, 2048 }, { 5, 210, 2048 }, { 6, 211, 2048 }, { 5, 212, 2048 }, { 6, 213, 2048 }, { 6, 214, 2048 }, { 7, 215, 2048 }, + { 5, 216, 2048 }, { 6, 217, 2048 }, { 6, 218, 2048 }, { 7, 219, 2048 }, { 6, 220, 2048 }, { 7, 221, 2048 }, { 7, 222, 2048 }, { 8, 223, 2048 }, + { 4, 224, 2048 }, { 5, 225, 2048 }, { 5, 226, 2048 }, { 6, 227, 2048 }, { 5, 228, 2048 }, { 6, 229, 2048 }, { 6, 230, 2048 }, { 7, 231, 2048 }, + { 5, 232, 2048 }, { 6, 233, 2048 }, { 6, 234, 2048 }, { 7, 235, 2048 }, { 6, 236, 2048 }, { 7, 237, 2048 }, { 7, 238, 2048 }, { 8, 239, 2048 }, + { 5, 240, 2048 }, { 6, 241, 2048 }, { 6, 242, 2048 }, { 7, 243, 2048 }, { 6, 244, 2048 }, { 7, 245, 2048 }, { 7, 246, 2048 }, { 8, 247, 2048 }, + { 6, 248, 2048 }, { 7, 249, 2048 }, { 7, 250, 2048 }, { 8, 251, 2048 }, { 7, 252, 2048 }, { 8, 253, 2048 }, { 8, 254, 2048 }, { 9, 255, 2048 }, + { 2, 256, 2048 }, { 3, 257, 2048 }, { 3, 258, 2048 }, { 4, 259, 2048 }, { 3, 260, 2048 }, { 4, 261, 2048 }, { 4, 262, 2048 }, { 5, 263, 2048 }, + { 3, 264, 2048 }, { 4, 265, 2048 }, { 4, 266, 2048 }, { 5, 267, 2048 }, { 4, 268, 2048 }, { 5, 269, 2048 }, { 5, 270, 2048 }, { 6, 271, 2048 }, + { 3, 272, 2048 }, { 4, 273, 2048 }, { 4, 274, 2048 }, { 5, 275, 2048 }, { 4, 276, 2048 }, { 5, 277, 2048 }, { 5, 278, 2048 }, { 6, 279, 2048 }, + { 4, 280, 2048 }, { 5, 281, 2048 }, { 5, 282, 2048 }, { 6, 283, 2048 }, { 5, 284, 2048 }, { 6, 285, 2048 }, { 6, 286, 2048 }, { 7, 287, 2048 }, + { 3, 288, 2048 }, { 4, 289, 2048 }, { 4, 290, 2048 }, { 5, 291, 2048 }, { 4, 292, 2048 }, { 5, 293, 2048 }, { 5, 294, 2048 }, { 6, 295, 2048 }, + { 4, 296, 2048 }, { 5, 297, 2048 }, { 5, 298, 2048 }, { 6, 299, 2048 }, { 5, 300, 2048 }, { 6, 301, 2048 }, { 6, 302, 2048 }, { 7, 303, 2048 }, + { 4, 304, 2048 }, { 5, 305, 2048 }, { 5, 306, 2048 }, { 6, 307, 2048 }, { 5, 308, 2048 }, { 6, 309, 2048 }, { 6, 310, 2048 }, { 7, 311, 2048 }, + { 5, 312, 2048 }, { 6, 313, 2048 }, { 6, 314, 2048 }, { 7, 315, 2048 }, { 6, 316, 2048 }, { 7, 317, 2048 }, { 7, 318, 2048 }, { 8, 319, 2048 }, + { 3, 320, 2048 }, { 4, 321, 2048 }, { 4, 322, 2048 }, { 5, 323, 2048 }, { 4, 324, 2048 }, { 5, 325, 2048 }, { 5, 326, 2048 }, { 6, 327, 2048 }, + { 4, 328, 2048 }, { 5, 329, 2048 }, { 5, 330, 2048 }, { 6, 331, 2048 }, { 5, 332, 2048 }, { 6, 333, 2048 }, { 6, 334, 2048 }, { 7, 335, 2048 }, + { 4, 336, 2048 }, { 5, 337, 2048 }, { 5, 338, 2048 }, { 6, 339, 2048 }, { 5, 340, 2048 }, { 6, 341, 2048 }, { 6, 342, 2048 }, { 7, 343, 2048 }, + { 5, 344, 2048 }, { 6, 345, 2048 }, { 6, 346, 2048 }, { 7, 347, 2048 }, { 6, 348, 2048 }, { 7, 349, 2048 }, { 7, 350, 2048 }, { 8, 351, 2048 }, + { 4, 352, 2048 }, { 5, 353, 2048 }, { 5, 354, 2048 }, { 6, 355, 2048 }, { 5, 356, 2048 }, { 6, 357, 2048 }, { 6, 358, 2048 }, { 7, 359, 2048 }, + { 5, 360, 2048 }, { 6, 361, 2048 }, { 6, 362, 2048 }, { 7, 363, 2048 }, { 6, 364, 2048 }, { 7, 365, 2048 }, { 7, 366, 2048 }, { 8, 367, 2048 }, + { 5, 368, 2048 }, { 6, 369, 2048 }, { 6, 370, 2048 }, { 7, 371, 2048 }, { 6, 372, 2048 }, { 7, 373, 2048 }, { 7, 374, 2048 }, { 8, 375, 2048 }, + { 6, 376, 2048 }, { 7, 377, 2048 }, { 7, 378, 2048 }, { 8, 379, 2048 }, { 7, 380, 2048 }, { 8, 381, 2048 }, { 8, 382, 2048 }, { 9, 383, 2048 }, + { 3, 384, 2048 }, { 4, 385, 2048 }, { 4, 386, 2048 }, { 5, 387, 2048 }, { 4, 388, 2048 }, { 5, 389, 2048 }, { 5, 390, 2048 }, { 6, 391, 2048 }, + { 4, 392, 2048 }, { 5, 393, 2048 }, { 5, 394, 2048 }, { 6, 395, 2048 }, { 5, 396, 2048 }, { 6, 397, 2048 }, { 6, 398, 2048 }, { 7, 399, 2048 }, + { 4, 400, 2048 }, { 5, 401, 2048 }, { 5, 402, 2048 }, { 6, 403, 2048 }, { 5, 404, 2048 }, { 6, 405, 2048 }, { 6, 406, 2048 }, { 7, 407, 2048 }, + { 5, 408, 2048 }, { 6, 409, 2048 }, { 6, 410, 2048 }, { 7, 411, 2048 }, { 6, 412, 2048 }, { 7, 413, 2048 }, { 7, 414, 2048 }, { 8, 415, 2048 }, + { 4, 416, 2048 }, { 5, 417, 2048 }, { 5, 418, 2048 }, { 6, 419, 2048 }, { 5, 420, 2048 }, { 6, 421, 2048 }, { 6, 422, 2048 }, { 7, 423, 2048 }, + { 5, 424, 2048 }, { 6, 425, 2048 }, { 6, 426, 2048 }, { 7, 427, 2048 }, { 6, 428, 2048 }, { 7, 429, 2048 }, { 7, 430, 2048 }, { 8, 431, 2048 }, + { 5, 432, 2048 }, { 6, 433, 2048 }, { 6, 434, 2048 }, { 7, 435, 2048 }, { 6, 436, 2048 }, { 7, 437, 2048 }, { 7, 438, 2048 }, { 8, 439, 2048 }, + { 6, 440, 2048 }, { 7, 441, 2048 }, { 7, 442, 2048 }, { 8, 443, 2048 }, { 7, 444, 2048 }, { 8, 445, 2048 }, { 8, 446, 2048 }, { 9, 447, 2048 }, + { 4, 448, 2048 }, { 5, 449, 2048 }, { 5, 450, 2048 }, { 6, 451, 2048 }, { 5, 452, 2048 }, { 6, 453, 2048 }, { 6, 454, 2048 }, { 7, 455, 2048 }, + { 5, 456, 2048 }, { 6, 457, 2048 }, { 6, 458, 2048 }, { 7, 459, 2048 }, { 6, 460, 2048 }, { 7, 461, 2048 }, { 7, 462, 2048 }, { 8, 463, 2048 }, + { 5, 464, 2048 }, { 6, 465, 2048 }, { 6, 466, 2048 }, { 7, 467, 2048 }, { 6, 468, 2048 }, { 7, 469, 2048 }, { 7, 470, 2048 }, { 8, 471, 2048 }, + { 6, 472, 2048 }, { 7, 473, 2048 }, { 7, 474, 2048 }, { 8, 475, 2048 }, { 7, 476, 2048 }, { 8, 477, 2048 }, { 8, 478, 2048 }, { 9, 479, 2048 }, + { 5, 480, 2048 }, { 6, 481, 2048 }, { 6, 482, 2048 }, { 7, 483, 2048 }, { 6, 484, 2048 }, { 7, 485, 2048 }, { 7, 486, 2048 }, { 8, 487, 2048 }, + { 6, 488, 2048 }, { 7, 489, 2048 }, { 7, 490, 2048 }, { 8, 491, 2048 }, { 7, 492, 2048 }, { 8, 493, 2048 }, { 8, 494, 2048 }, { 9, 495, 2048 }, + { 6, 496, 2048 }, { 7, 497, 2048 }, { 7, 498, 2048 }, { 8, 499, 2048 }, { 7, 500, 2048 }, { 8, 501, 2048 }, { 8, 502, 2048 }, { 9, 503, 2048 }, + { 7, 504, 2048 }, { 8, 505, 2048 }, { 8, 506, 2048 }, { 9, 507, 2048 }, { 8, 508, 2048 }, { 9, 509, 2048 }, { 9, 510, 2048 }, { 10, 511, 2048 }, + { 2, 512, 2048 }, { 3, 513, 2048 }, { 3, 514, 2048 }, { 4, 515, 2048 }, { 3, 516, 2048 }, { 4, 517, 2048 }, { 4, 518, 2048 }, { 5, 519, 2048 }, + { 3, 520, 2048 }, { 4, 521, 2048 }, { 4, 522, 2048 }, { 5, 523, 2048 }, { 4, 524, 2048 }, { 5, 525, 2048 }, { 5, 526, 2048 }, { 6, 527, 2048 }, + { 3, 528, 2048 }, { 4, 529, 2048 }, { 4, 530, 2048 }, { 5, 531, 2048 }, { 4, 532, 2048 }, { 5, 533, 2048 }, { 5, 534, 2048 }, { 6, 535, 2048 }, + { 4, 536, 2048 }, { 5, 537, 2048 }, { 5, 538, 2048 }, { 6, 539, 2048 }, { 5, 540, 2048 }, { 6, 541, 2048 }, { 6, 542, 2048 }, { 7, 543, 2048 }, + { 3, 544, 2048 }, { 4, 545, 2048 }, { 4, 546, 2048 }, { 5, 547, 2048 }, { 4, 548, 2048 }, { 5, 549, 2048 }, { 5, 550, 2048 }, { 6, 551, 2048 }, + { 4, 552, 2048 }, { 5, 553, 2048 }, { 5, 554, 2048 }, { 6, 555, 2048 }, { 5, 556, 2048 }, { 6, 557, 2048 }, { 6, 558, 2048 }, { 7, 559, 2048 }, + { 4, 560, 2048 }, { 5, 561, 2048 }, { 5, 562, 2048 }, { 6, 563, 2048 }, { 5, 564, 2048 }, { 6, 565, 2048 }, { 6, 566, 2048 }, { 7, 567, 2048 }, + { 5, 568, 2048 }, { 6, 569, 2048 }, { 6, 570, 2048 }, { 7, 571, 2048 }, { 6, 572, 2048 }, { 7, 573, 2048 }, { 7, 574, 2048 }, { 8, 575, 2048 }, + { 3, 576, 2048 }, { 4, 577, 2048 }, { 4, 578, 2048 }, { 5, 579, 2048 }, { 4, 580, 2048 }, { 5, 581, 2048 }, { 5, 582, 2048 }, { 6, 583, 2048 }, + { 4, 584, 2048 }, { 5, 585, 2048 }, { 5, 586, 2048 }, { 6, 587, 2048 }, { 5, 588, 2048 }, { 6, 589, 2048 }, { 6, 590, 2048 }, { 7, 591, 2048 }, + { 4, 592, 2048 }, { 5, 593, 2048 }, { 5, 594, 2048 }, { 6, 595, 2048 }, { 5, 596, 2048 }, { 6, 597, 2048 }, { 6, 598, 2048 }, { 7, 599, 2048 }, + { 5, 600, 2048 }, { 6, 601, 2048 }, { 6, 602, 2048 }, { 7, 603, 2048 }, { 6, 604, 2048 }, { 7, 605, 2048 }, { 7, 606, 2048 }, { 8, 607, 2048 }, + { 4, 608, 2048 }, { 5, 609, 2048 }, { 5, 610, 2048 }, { 6, 611, 2048 }, { 5, 612, 2048 }, { 6, 613, 2048 }, { 6, 614, 2048 }, { 7, 615, 2048 }, + { 5, 616, 2048 }, { 6, 617, 2048 }, { 6, 618, 2048 }, { 7, 619, 2048 }, { 6, 620, 2048 }, { 7, 621, 2048 }, { 7, 622, 2048 }, { 8, 623, 2048 }, + { 5, 624, 2048 }, { 6, 625, 2048 }, { 6, 626, 2048 }, { 7, 627, 2048 }, { 6, 628, 2048 }, { 7, 629, 2048 }, { 7, 630, 2048 }, { 8, 631, 2048 }, + { 6, 632, 2048 }, { 7, 633, 2048 }, { 7, 634, 2048 }, { 8, 635, 2048 }, { 7, 636, 2048 }, { 8, 637, 2048 }, { 8, 638, 2048 }, { 9, 639, 2048 }, + { 3, 640, 2048 }, { 4, 641, 2048 }, { 4, 642, 2048 }, { 5, 643, 2048 }, { 4, 644, 2048 }, { 5, 645, 2048 }, { 5, 646, 2048 }, { 6, 647, 2048 }, + { 4, 648, 2048 }, { 5, 649, 2048 }, { 5, 650, 2048 }, { 6, 651, 2048 }, { 5, 652, 2048 }, { 6, 653, 2048 }, { 6, 654, 2048 }, { 7, 655, 2048 }, + { 4, 656, 2048 }, { 5, 657, 2048 }, { 5, 658, 2048 }, { 6, 659, 2048 }, { 5, 660, 2048 }, { 6, 661, 2048 }, { 6, 662, 2048 }, { 7, 663, 2048 }, + { 5, 664, 2048 }, { 6, 665, 2048 }, { 6, 666, 2048 }, { 7, 667, 2048 }, { 6, 668, 2048 }, { 7, 669, 2048 }, { 7, 670, 2048 }, { 8, 671, 2048 }, + { 4, 672, 2048 }, { 5, 673, 2048 }, { 5, 674, 2048 }, { 6, 675, 2048 }, { 5, 676, 2048 }, { 6, 677, 2048 }, { 6, 678, 2048 }, { 7, 679, 2048 }, + { 5, 680, 2048 }, { 6, 681, 2048 }, { 6, 682, 2048 }, { 7, 683, 2048 }, { 6, 684, 2048 }, { 7, 685, 2048 }, { 7, 686, 2048 }, { 8, 687, 2048 }, + { 5, 688, 2048 }, { 6, 689, 2048 }, { 6, 690, 2048 }, { 7, 691, 2048 }, { 6, 692, 2048 }, { 7, 693, 2048 }, { 7, 694, 2048 }, { 8, 695, 2048 }, + { 6, 696, 2048 }, { 7, 697, 2048 }, { 7, 698, 2048 }, { 8, 699, 2048 }, { 7, 700, 2048 }, { 8, 701, 2048 }, { 8, 702, 2048 }, { 9, 703, 2048 }, + { 4, 704, 2048 }, { 5, 705, 2048 }, { 5, 706, 2048 }, { 6, 707, 2048 }, { 5, 708, 2048 }, { 6, 709, 2048 }, { 6, 710, 2048 }, { 7, 711, 2048 }, + { 5, 712, 2048 }, { 6, 713, 2048 }, { 6, 714, 2048 }, { 7, 715, 2048 }, { 6, 716, 2048 }, { 7, 717, 2048 }, { 7, 718, 2048 }, { 8, 719, 2048 }, + { 5, 720, 2048 }, { 6, 721, 2048 }, { 6, 722, 2048 }, { 7, 723, 2048 }, { 6, 724, 2048 }, { 7, 725, 2048 }, { 7, 726, 2048 }, { 8, 727, 2048 }, + { 6, 728, 2048 }, { 7, 729, 2048 }, { 7, 730, 2048 }, { 8, 731, 2048 }, { 7, 732, 2048 }, { 8, 733, 2048 }, { 8, 734, 2048 }, { 9, 735, 2048 }, + { 5, 736, 2048 }, { 6, 737, 2048 }, { 6, 738, 2048 }, { 7, 739, 2048 }, { 6, 740, 2048 }, { 7, 741, 2048 }, { 7, 742, 2048 }, { 8, 743, 2048 }, + { 6, 744, 2048 }, { 7, 745, 2048 }, { 7, 746, 2048 }, { 8, 747, 2048 }, { 7, 748, 2048 }, { 8, 749, 2048 }, { 8, 750, 2048 }, { 9, 751, 2048 }, + { 6, 752, 2048 }, { 7, 753, 2048 }, { 7, 754, 2048 }, { 8, 755, 2048 }, { 7, 756, 2048 }, { 8, 757, 2048 }, { 8, 758, 2048 }, { 9, 759, 2048 }, + { 7, 760, 2048 }, { 8, 761, 2048 }, { 8, 762, 2048 }, { 9, 763, 2048 }, { 8, 764, 2048 }, { 9, 765, 2048 }, { 9, 766, 2048 }, { 10, 767, 2048 }, + { 3, 768, 2048 }, { 4, 769, 2048 }, { 4, 770, 2048 }, { 5, 771, 2048 }, { 4, 772, 2048 }, { 5, 773, 2048 }, { 5, 774, 2048 }, { 6, 775, 2048 }, + { 4, 776, 2048 }, { 5, 777, 2048 }, { 5, 778, 2048 }, { 6, 779, 2048 }, { 5, 780, 2048 }, { 6, 781, 2048 }, { 6, 782, 2048 }, { 7, 783, 2048 }, + { 4, 784, 2048 }, { 5, 785, 2048 }, { 5, 786, 2048 }, { 6, 787, 2048 }, { 5, 788, 2048 }, { 6, 789, 2048 }, { 6, 790, 2048 }, { 7, 791, 2048 }, + { 5, 792, 2048 }, { 6, 793, 2048 }, { 6, 794, 2048 }, { 7, 795, 2048 }, { 6, 796, 2048 }, { 7, 797, 2048 }, { 7, 798, 2048 }, { 8, 799, 2048 }, + { 4, 800, 2048 }, { 5, 801, 2048 }, { 5, 802, 2048 }, { 6, 803, 2048 }, { 5, 804, 2048 }, { 6, 805, 2048 }, { 6, 806, 2048 }, { 7, 807, 2048 }, + { 5, 808, 2048 }, { 6, 809, 2048 }, { 6, 810, 2048 }, { 7, 811, 2048 }, { 6, 812, 2048 }, { 7, 813, 2048 }, { 7, 814, 2048 }, { 8, 815, 2048 }, + { 5, 816, 2048 }, { 6, 817, 2048 }, { 6, 818, 2048 }, { 7, 819, 2048 }, { 6, 820, 2048 }, { 7, 821, 2048 }, { 7, 822, 2048 }, { 8, 823, 2048 }, + { 6, 824, 2048 }, { 7, 825, 2048 }, { 7, 826, 2048 }, { 8, 827, 2048 }, { 7, 828, 2048 }, { 8, 829, 2048 }, { 8, 830, 2048 }, { 9, 831, 2048 }, + { 4, 832, 2048 }, { 5, 833, 2048 }, { 5, 834, 2048 }, { 6, 835, 2048 }, { 5, 836, 2048 }, { 6, 837, 2048 }, { 6, 838, 2048 }, { 7, 839, 2048 }, + { 5, 840, 2048 }, { 6, 841, 2048 }, { 6, 842, 2048 }, { 7, 843, 2048 }, { 6, 844, 2048 }, { 7, 845, 2048 }, { 7, 846, 2048 }, { 8, 847, 2048 }, + { 5, 848, 2048 }, { 6, 849, 2048 }, { 6, 850, 2048 }, { 7, 851, 2048 }, { 6, 852, 2048 }, { 7, 853, 2048 }, { 7, 854, 2048 }, { 8, 855, 2048 }, + { 6, 856, 2048 }, { 7, 857, 2048 }, { 7, 858, 2048 }, { 8, 859, 2048 }, { 7, 860, 2048 }, { 8, 861, 2048 }, { 8, 862, 2048 }, { 9, 863, 2048 }, + { 5, 864, 2048 }, { 6, 865, 2048 }, { 6, 866, 2048 }, { 7, 867, 2048 }, { 6, 868, 2048 }, { 7, 869, 2048 }, { 7, 870, 2048 }, { 8, 871, 2048 }, + { 6, 872, 2048 }, { 7, 873, 2048 }, { 7, 874, 2048 }, { 8, 875, 2048 }, { 7, 876, 2048 }, { 8, 877, 2048 }, { 8, 878, 2048 }, { 9, 879, 2048 }, + { 6, 880, 2048 }, { 7, 881, 2048 }, { 7, 882, 2048 }, { 8, 883, 2048 }, { 7, 884, 2048 }, { 8, 885, 2048 }, { 8, 886, 2048 }, { 9, 887, 2048 }, + { 7, 888, 2048 }, { 8, 889, 2048 }, { 8, 890, 2048 }, { 9, 891, 2048 }, { 8, 892, 2048 }, { 9, 893, 2048 }, { 9, 894, 2048 }, { 10, 895, 2048 }, + { 4, 896, 2048 }, { 5, 897, 2048 }, { 5, 898, 2048 }, { 6, 899, 2048 }, { 5, 900, 2048 }, { 6, 901, 2048 }, { 6, 902, 2048 }, { 7, 903, 2048 }, + { 5, 904, 2048 }, { 6, 905, 2048 }, { 6, 906, 2048 }, { 7, 907, 2048 }, { 6, 908, 2048 }, { 7, 909, 2048 }, { 7, 910, 2048 }, { 8, 911, 2048 }, + { 5, 912, 2048 }, { 6, 913, 2048 }, { 6, 914, 2048 }, { 7, 915, 2048 }, { 6, 916, 2048 }, { 7, 917, 2048 }, { 7, 918, 2048 }, { 8, 919, 2048 }, + { 6, 920, 2048 }, { 7, 921, 2048 }, { 7, 922, 2048 }, { 8, 923, 2048 }, { 7, 924, 2048 }, { 8, 925, 2048 }, { 8, 926, 2048 }, { 9, 927, 2048 }, + { 5, 928, 2048 }, { 6, 929, 2048 }, { 6, 930, 2048 }, { 7, 931, 2048 }, { 6, 932, 2048 }, { 7, 933, 2048 }, { 7, 934, 2048 }, { 8, 935, 2048 }, + { 6, 936, 2048 }, { 7, 937, 2048 }, { 7, 938, 2048 }, { 8, 939, 2048 }, { 7, 940, 2048 }, { 8, 941, 2048 }, { 8, 942, 2048 }, { 9, 943, 2048 }, + { 6, 944, 2048 }, { 7, 945, 2048 }, { 7, 946, 2048 }, { 8, 947, 2048 }, { 7, 948, 2048 }, { 8, 949, 2048 }, { 8, 950, 2048 }, { 9, 951, 2048 }, + { 7, 952, 2048 }, { 8, 953, 2048 }, { 8, 954, 2048 }, { 9, 955, 2048 }, { 8, 956, 2048 }, { 9, 957, 2048 }, { 9, 958, 2048 }, { 10, 959, 2048 }, + { 5, 960, 2048 }, { 6, 961, 2048 }, { 6, 962, 2048 }, { 7, 963, 2048 }, { 6, 964, 2048 }, { 7, 965, 2048 }, { 7, 966, 2048 }, { 8, 967, 2048 }, + { 6, 968, 2048 }, { 7, 969, 2048 }, { 7, 970, 2048 }, { 8, 971, 2048 }, { 7, 972, 2048 }, { 8, 973, 2048 }, { 8, 974, 2048 }, { 9, 975, 2048 }, + { 6, 976, 2048 }, { 7, 977, 2048 }, { 7, 978, 2048 }, { 8, 979, 2048 }, { 7, 980, 2048 }, { 8, 981, 2048 }, { 8, 982, 2048 }, { 9, 983, 2048 }, + { 7, 984, 2048 }, { 8, 985, 2048 }, { 8, 986, 2048 }, { 9, 987, 2048 }, { 8, 988, 2048 }, { 9, 989, 2048 }, { 9, 990, 2048 }, { 10, 991, 2048 }, + { 6, 992, 2048 }, { 7, 993, 2048 }, { 7, 994, 2048 }, { 8, 995, 2048 }, { 7, 996, 2048 }, { 8, 997, 2048 }, { 8, 998, 2048 }, { 9, 999, 2048 }, + { 7, 1000, 2048 }, { 8, 1001, 2048 }, { 8, 1002, 2048 }, { 9, 1003, 2048 }, { 8, 1004, 2048 }, { 9, 1005, 2048 }, { 9, 1006, 2048 }, { 10, 1007, 2048 }, + { 7, 1008, 2048 }, { 8, 1009, 2048 }, { 8, 1010, 2048 }, { 9, 1011, 2048 }, { 8, 1012, 2048 }, { 9, 1013, 2048 }, { 9, 1014, 2048 }, { 10, 1015, 2048 }, + { 8, 1016, 2048 }, { 9, 1017, 2048 }, { 9, 1018, 2048 }, { 10, 1019, 2048 }, { 9, 1020, 2048 }, { 10, 1021, 2048 }, { 10, 1022, 2048 }, { 11, 1023, 2048 }, + { 2, 1024, 2048 }, { 3, 1025, 2048 }, { 3, 1026, 2048 }, { 4, 1027, 2048 }, { 3, 1028, 2048 }, { 4, 1029, 2048 }, { 4, 1030, 2048 }, { 5, 1031, 2048 }, + { 3, 1032, 2048 }, { 4, 1033, 2048 }, { 4, 1034, 2048 }, { 5, 1035, 2048 }, { 4, 1036, 2048 }, { 5, 1037, 2048 }, { 5, 1038, 2048 }, { 6, 1039, 2048 }, + { 3, 1040, 2048 }, { 4, 1041, 2048 }, { 4, 1042, 2048 }, { 5, 1043, 2048 }, { 4, 1044, 2048 }, { 5, 1045, 2048 }, { 5, 1046, 2048 }, { 6, 1047, 2048 }, + { 4, 1048, 2048 }, { 5, 1049, 2048 }, { 5, 1050, 2048 }, { 6, 1051, 2048 }, { 5, 1052, 2048 }, { 6, 1053, 2048 }, { 6, 1054, 2048 }, { 7, 1055, 2048 }, + { 3, 1056, 2048 }, { 4, 1057, 2048 }, { 4, 1058, 2048 }, { 5, 1059, 2048 }, { 4, 1060, 2048 }, { 5, 1061, 2048 }, { 5, 1062, 2048 }, { 6, 1063, 2048 }, + { 4, 1064, 2048 }, { 5, 1065, 2048 }, { 5, 1066, 2048 }, { 6, 1067, 2048 }, { 5, 1068, 2048 }, { 6, 1069, 2048 }, { 6, 1070, 2048 }, { 7, 1071, 2048 }, + { 4, 1072, 2048 }, { 5, 1073, 2048 }, { 5, 1074, 2048 }, { 6, 1075, 2048 }, { 5, 1076, 2048 }, { 6, 1077, 2048 }, { 6, 1078, 2048 }, { 7, 1079, 2048 }, + { 5, 1080, 2048 }, { 6, 1081, 2048 }, { 6, 1082, 2048 }, { 7, 1083, 2048 }, { 6, 1084, 2048 }, { 7, 1085, 2048 }, { 7, 1086, 2048 }, { 8, 1087, 2048 }, + { 3, 1088, 2048 }, { 4, 1089, 2048 }, { 4, 1090, 2048 }, { 5, 1091, 2048 }, { 4, 1092, 2048 }, { 5, 1093, 2048 }, { 5, 1094, 2048 }, { 6, 1095, 2048 }, + { 4, 1096, 2048 }, { 5, 1097, 2048 }, { 5, 1098, 2048 }, { 6, 1099, 2048 }, { 5, 1100, 2048 }, { 6, 1101, 2048 }, { 6, 1102, 2048 }, { 7, 1103, 2048 }, + { 4, 1104, 2048 }, { 5, 1105, 2048 }, { 5, 1106, 2048 }, { 6, 1107, 2048 }, { 5, 1108, 2048 }, { 6, 1109, 2048 }, { 6, 1110, 2048 }, { 7, 1111, 2048 }, + { 5, 1112, 2048 }, { 6, 1113, 2048 }, { 6, 1114, 2048 }, { 7, 1115, 2048 }, { 6, 1116, 2048 }, { 7, 1117, 2048 }, { 7, 1118, 2048 }, { 8, 1119, 2048 }, + { 4, 1120, 2048 }, { 5, 1121, 2048 }, { 5, 1122, 2048 }, { 6, 1123, 2048 }, { 5, 1124, 2048 }, { 6, 1125, 2048 }, { 6, 1126, 2048 }, { 7, 1127, 2048 }, + { 5, 1128, 2048 }, { 6, 1129, 2048 }, { 6, 1130, 2048 }, { 7, 1131, 2048 }, { 6, 1132, 2048 }, { 7, 1133, 2048 }, { 7, 1134, 2048 }, { 8, 1135, 2048 }, + { 5, 1136, 2048 }, { 6, 1137, 2048 }, { 6, 1138, 2048 }, { 7, 1139, 2048 }, { 6, 1140, 2048 }, { 7, 1141, 2048 }, { 7, 1142, 2048 }, { 8, 1143, 2048 }, + { 6, 1144, 2048 }, { 7, 1145, 2048 }, { 7, 1146, 2048 }, { 8, 1147, 2048 }, { 7, 1148, 2048 }, { 8, 1149, 2048 }, { 8, 1150, 2048 }, { 9, 1151, 2048 }, + { 3, 1152, 2048 }, { 4, 1153, 2048 }, { 4, 1154, 2048 }, { 5, 1155, 2048 }, { 4, 1156, 2048 }, { 5, 1157, 2048 }, { 5, 1158, 2048 }, { 6, 1159, 2048 }, + { 4, 1160, 2048 }, { 5, 1161, 2048 }, { 5, 1162, 2048 }, { 6, 1163, 2048 }, { 5, 1164, 2048 }, { 6, 1165, 2048 }, { 6, 1166, 2048 }, { 7, 1167, 2048 }, + { 4, 1168, 2048 }, { 5, 1169, 2048 }, { 5, 1170, 2048 }, { 6, 1171, 2048 }, { 5, 1172, 2048 }, { 6, 1173, 2048 }, { 6, 1174, 2048 }, { 7, 1175, 2048 }, + { 5, 1176, 2048 }, { 6, 1177, 2048 }, { 6, 1178, 2048 }, { 7, 1179, 2048 }, { 6, 1180, 2048 }, { 7, 1181, 2048 }, { 7, 1182, 2048 }, { 8, 1183, 2048 }, + { 4, 1184, 2048 }, { 5, 1185, 2048 }, { 5, 1186, 2048 }, { 6, 1187, 2048 }, { 5, 1188, 2048 }, { 6, 1189, 2048 }, { 6, 1190, 2048 }, { 7, 1191, 2048 }, + { 5, 1192, 2048 }, { 6, 1193, 2048 }, { 6, 1194, 2048 }, { 7, 1195, 2048 }, { 6, 1196, 2048 }, { 7, 1197, 2048 }, { 7, 1198, 2048 }, { 8, 1199, 2048 }, + { 5, 1200, 2048 }, { 6, 1201, 2048 }, { 6, 1202, 2048 }, { 7, 1203, 2048 }, { 6, 1204, 2048 }, { 7, 1205, 2048 }, { 7, 1206, 2048 }, { 8, 1207, 2048 }, + { 6, 1208, 2048 }, { 7, 1209, 2048 }, { 7, 1210, 2048 }, { 8, 1211, 2048 }, { 7, 1212, 2048 }, { 8, 1213, 2048 }, { 8, 1214, 2048 }, { 9, 1215, 2048 }, + { 4, 1216, 2048 }, { 5, 1217, 2048 }, { 5, 1218, 2048 }, { 6, 1219, 2048 }, { 5, 1220, 2048 }, { 6, 1221, 2048 }, { 6, 1222, 2048 }, { 7, 1223, 2048 }, + { 5, 1224, 2048 }, { 6, 1225, 2048 }, { 6, 1226, 2048 }, { 7, 1227, 2048 }, { 6, 1228, 2048 }, { 7, 1229, 2048 }, { 7, 1230, 2048 }, { 8, 1231, 2048 }, + { 5, 1232, 2048 }, { 6, 1233, 2048 }, { 6, 1234, 2048 }, { 7, 1235, 2048 }, { 6, 1236, 2048 }, { 7, 1237, 2048 }, { 7, 1238, 2048 }, { 8, 1239, 2048 }, + { 6, 1240, 2048 }, { 7, 1241, 2048 }, { 7, 1242, 2048 }, { 8, 1243, 2048 }, { 7, 1244, 2048 }, { 8, 1245, 2048 }, { 8, 1246, 2048 }, { 9, 1247, 2048 }, + { 5, 1248, 2048 }, { 6, 1249, 2048 }, { 6, 1250, 2048 }, { 7, 1251, 2048 }, { 6, 1252, 2048 }, { 7, 1253, 2048 }, { 7, 1254, 2048 }, { 8, 1255, 2048 }, + { 6, 1256, 2048 }, { 7, 1257, 2048 }, { 7, 1258, 2048 }, { 8, 1259, 2048 }, { 7, 1260, 2048 }, { 8, 1261, 2048 }, { 8, 1262, 2048 }, { 9, 1263, 2048 }, + { 6, 1264, 2048 }, { 7, 1265, 2048 }, { 7, 1266, 2048 }, { 8, 1267, 2048 }, { 7, 1268, 2048 }, { 8, 1269, 2048 }, { 8, 1270, 2048 }, { 9, 1271, 2048 }, + { 7, 1272, 2048 }, { 8, 1273, 2048 }, { 8, 1274, 2048 }, { 9, 1275, 2048 }, { 8, 1276, 2048 }, { 9, 1277, 2048 }, { 9, 1278, 2048 }, { 10, 1279, 2048 }, + { 3, 1280, 2048 }, { 4, 1281, 2048 }, { 4, 1282, 2048 }, { 5, 1283, 2048 }, { 4, 1284, 2048 }, { 5, 1285, 2048 }, { 5, 1286, 2048 }, { 6, 1287, 2048 }, + { 4, 1288, 2048 }, { 5, 1289, 2048 }, { 5, 1290, 2048 }, { 6, 1291, 2048 }, { 5, 1292, 2048 }, { 6, 1293, 2048 }, { 6, 1294, 2048 }, { 7, 1295, 2048 }, + { 4, 1296, 2048 }, { 5, 1297, 2048 }, { 5, 1298, 2048 }, { 6, 1299, 2048 }, { 5, 1300, 2048 }, { 6, 1301, 2048 }, { 6, 1302, 2048 }, { 7, 1303, 2048 }, + { 5, 1304, 2048 }, { 6, 1305, 2048 }, { 6, 1306, 2048 }, { 7, 1307, 2048 }, { 6, 1308, 2048 }, { 7, 1309, 2048 }, { 7, 1310, 2048 }, { 8, 1311, 2048 }, + { 4, 1312, 2048 }, { 5, 1313, 2048 }, { 5, 1314, 2048 }, { 6, 1315, 2048 }, { 5, 1316, 2048 }, { 6, 1317, 2048 }, { 6, 1318, 2048 }, { 7, 1319, 2048 }, + { 5, 1320, 2048 }, { 6, 1321, 2048 }, { 6, 1322, 2048 }, { 7, 1323, 2048 }, { 6, 1324, 2048 }, { 7, 1325, 2048 }, { 7, 1326, 2048 }, { 8, 1327, 2048 }, + { 5, 1328, 2048 }, { 6, 1329, 2048 }, { 6, 1330, 2048 }, { 7, 1331, 2048 }, { 6, 1332, 2048 }, { 7, 1333, 2048 }, { 7, 1334, 2048 }, { 8, 1335, 2048 }, + { 6, 1336, 2048 }, { 7, 1337, 2048 }, { 7, 1338, 2048 }, { 8, 1339, 2048 }, { 7, 1340, 2048 }, { 8, 1341, 2048 }, { 8, 1342, 2048 }, { 9, 1343, 2048 }, + { 4, 1344, 2048 }, { 5, 1345, 2048 }, { 5, 1346, 2048 }, { 6, 1347, 2048 }, { 5, 1348, 2048 }, { 6, 1349, 2048 }, { 6, 1350, 2048 }, { 7, 1351, 2048 }, + { 5, 1352, 2048 }, { 6, 1353, 2048 }, { 6, 1354, 2048 }, { 7, 1355, 2048 }, { 6, 1356, 2048 }, { 7, 1357, 2048 }, { 7, 1358, 2048 }, { 8, 1359, 2048 }, + { 5, 1360, 2048 }, { 6, 1361, 2048 }, { 6, 1362, 2048 }, { 7, 1363, 2048 }, { 6, 1364, 2048 }, { 7, 1365, 2048 }, { 7, 1366, 2048 }, { 8, 1367, 2048 }, + { 6, 1368, 2048 }, { 7, 1369, 2048 }, { 7, 1370, 2048 }, { 8, 1371, 2048 }, { 7, 1372, 2048 }, { 8, 1373, 2048 }, { 8, 1374, 2048 }, { 9, 1375, 2048 }, + { 5, 1376, 2048 }, { 6, 1377, 2048 }, { 6, 1378, 2048 }, { 7, 1379, 2048 }, { 6, 1380, 2048 }, { 7, 1381, 2048 }, { 7, 1382, 2048 }, { 8, 1383, 2048 }, + { 6, 1384, 2048 }, { 7, 1385, 2048 }, { 7, 1386, 2048 }, { 8, 1387, 2048 }, { 7, 1388, 2048 }, { 8, 1389, 2048 }, { 8, 1390, 2048 }, { 9, 1391, 2048 }, + { 6, 1392, 2048 }, { 7, 1393, 2048 }, { 7, 1394, 2048 }, { 8, 1395, 2048 }, { 7, 1396, 2048 }, { 8, 1397, 2048 }, { 8, 1398, 2048 }, { 9, 1399, 2048 }, + { 7, 1400, 2048 }, { 8, 1401, 2048 }, { 8, 1402, 2048 }, { 9, 1403, 2048 }, { 8, 1404, 2048 }, { 9, 1405, 2048 }, { 9, 1406, 2048 }, { 10, 1407, 2048 }, + { 4, 1408, 2048 }, { 5, 1409, 2048 }, { 5, 1410, 2048 }, { 6, 1411, 2048 }, { 5, 1412, 2048 }, { 6, 1413, 2048 }, { 6, 1414, 2048 }, { 7, 1415, 2048 }, + { 5, 1416, 2048 }, { 6, 1417, 2048 }, { 6, 1418, 2048 }, { 7, 1419, 2048 }, { 6, 1420, 2048 }, { 7, 1421, 2048 }, { 7, 1422, 2048 }, { 8, 1423, 2048 }, + { 5, 1424, 2048 }, { 6, 1425, 2048 }, { 6, 1426, 2048 }, { 7, 1427, 2048 }, { 6, 1428, 2048 }, { 7, 1429, 2048 }, { 7, 1430, 2048 }, { 8, 1431, 2048 }, + { 6, 1432, 2048 }, { 7, 1433, 2048 }, { 7, 1434, 2048 }, { 8, 1435, 2048 }, { 7, 1436, 2048 }, { 8, 1437, 2048 }, { 8, 1438, 2048 }, { 9, 1439, 2048 }, + { 5, 1440, 2048 }, { 6, 1441, 2048 }, { 6, 1442, 2048 }, { 7, 1443, 2048 }, { 6, 1444, 2048 }, { 7, 1445, 2048 }, { 7, 1446, 2048 }, { 8, 1447, 2048 }, + { 6, 1448, 2048 }, { 7, 1449, 2048 }, { 7, 1450, 2048 }, { 8, 1451, 2048 }, { 7, 1452, 2048 }, { 8, 1453, 2048 }, { 8, 1454, 2048 }, { 9, 1455, 2048 }, + { 6, 1456, 2048 }, { 7, 1457, 2048 }, { 7, 1458, 2048 }, { 8, 1459, 2048 }, { 7, 1460, 2048 }, { 8, 1461, 2048 }, { 8, 1462, 2048 }, { 9, 1463, 2048 }, + { 7, 1464, 2048 }, { 8, 1465, 2048 }, { 8, 1466, 2048 }, { 9, 1467, 2048 }, { 8, 1468, 2048 }, { 9, 1469, 2048 }, { 9, 1470, 2048 }, { 10, 1471, 2048 }, + { 5, 1472, 2048 }, { 6, 1473, 2048 }, { 6, 1474, 2048 }, { 7, 1475, 2048 }, { 6, 1476, 2048 }, { 7, 1477, 2048 }, { 7, 1478, 2048 }, { 8, 1479, 2048 }, + { 6, 1480, 2048 }, { 7, 1481, 2048 }, { 7, 1482, 2048 }, { 8, 1483, 2048 }, { 7, 1484, 2048 }, { 8, 1485, 2048 }, { 8, 1486, 2048 }, { 9, 1487, 2048 }, + { 6, 1488, 2048 }, { 7, 1489, 2048 }, { 7, 1490, 2048 }, { 8, 1491, 2048 }, { 7, 1492, 2048 }, { 8, 1493, 2048 }, { 8, 1494, 2048 }, { 9, 1495, 2048 }, + { 7, 1496, 2048 }, { 8, 1497, 2048 }, { 8, 1498, 2048 }, { 9, 1499, 2048 }, { 8, 1500, 2048 }, { 9, 1501, 2048 }, { 9, 1502, 2048 }, { 10, 1503, 2048 }, + { 6, 1504, 2048 }, { 7, 1505, 2048 }, { 7, 1506, 2048 }, { 8, 1507, 2048 }, { 7, 1508, 2048 }, { 8, 1509, 2048 }, { 8, 1510, 2048 }, { 9, 1511, 2048 }, + { 7, 1512, 2048 }, { 8, 1513, 2048 }, { 8, 1514, 2048 }, { 9, 1515, 2048 }, { 8, 1516, 2048 }, { 9, 1517, 2048 }, { 9, 1518, 2048 }, { 10, 1519, 2048 }, + { 7, 1520, 2048 }, { 8, 1521, 2048 }, { 8, 1522, 2048 }, { 9, 1523, 2048 }, { 8, 1524, 2048 }, { 9, 1525, 2048 }, { 9, 1526, 2048 }, { 10, 1527, 2048 }, + { 8, 1528, 2048 }, { 9, 1529, 2048 }, { 9, 1530, 2048 }, { 10, 1531, 2048 }, { 9, 1532, 2048 }, { 10, 1533, 2048 }, { 10, 1534, 2048 }, { 11, 1535, 2048 }, + { 3, 1536, 2048 }, { 4, 1537, 2048 }, { 4, 1538, 2048 }, { 5, 1539, 2048 }, { 4, 1540, 2048 }, { 5, 1541, 2048 }, { 5, 1542, 2048 }, { 6, 1543, 2048 }, + { 4, 1544, 2048 }, { 5, 1545, 2048 }, { 5, 1546, 2048 }, { 6, 1547, 2048 }, { 5, 1548, 2048 }, { 6, 1549, 2048 }, { 6, 1550, 2048 }, { 7, 1551, 2048 }, + { 4, 1552, 2048 }, { 5, 1553, 2048 }, { 5, 1554, 2048 }, { 6, 1555, 2048 }, { 5, 1556, 2048 }, { 6, 1557, 2048 }, { 6, 1558, 2048 }, { 7, 1559, 2048 }, + { 5, 1560, 2048 }, { 6, 1561, 2048 }, { 6, 1562, 2048 }, { 7, 1563, 2048 }, { 6, 1564, 2048 }, { 7, 1565, 2048 }, { 7, 1566, 2048 }, { 8, 1567, 2048 }, + { 4, 1568, 2048 }, { 5, 1569, 2048 }, { 5, 1570, 2048 }, { 6, 1571, 2048 }, { 5, 1572, 2048 }, { 6, 1573, 2048 }, { 6, 1574, 2048 }, { 7, 1575, 2048 }, + { 5, 1576, 2048 }, { 6, 1577, 2048 }, { 6, 1578, 2048 }, { 7, 1579, 2048 }, { 6, 1580, 2048 }, { 7, 1581, 2048 }, { 7, 1582, 2048 }, { 8, 1583, 2048 }, + { 5, 1584, 2048 }, { 6, 1585, 2048 }, { 6, 1586, 2048 }, { 7, 1587, 2048 }, { 6, 1588, 2048 }, { 7, 1589, 2048 }, { 7, 1590, 2048 }, { 8, 1591, 2048 }, + { 6, 1592, 2048 }, { 7, 1593, 2048 }, { 7, 1594, 2048 }, { 8, 1595, 2048 }, { 7, 1596, 2048 }, { 8, 1597, 2048 }, { 8, 1598, 2048 }, { 9, 1599, 2048 }, + { 4, 1600, 2048 }, { 5, 1601, 2048 }, { 5, 1602, 2048 }, { 6, 1603, 2048 }, { 5, 1604, 2048 }, { 6, 1605, 2048 }, { 6, 1606, 2048 }, { 7, 1607, 2048 }, + { 5, 1608, 2048 }, { 6, 1609, 2048 }, { 6, 1610, 2048 }, { 7, 1611, 2048 }, { 6, 1612, 2048 }, { 7, 1613, 2048 }, { 7, 1614, 2048 }, { 8, 1615, 2048 }, + { 5, 1616, 2048 }, { 6, 1617, 2048 }, { 6, 1618, 2048 }, { 7, 1619, 2048 }, { 6, 1620, 2048 }, { 7, 1621, 2048 }, { 7, 1622, 2048 }, { 8, 1623, 2048 }, + { 6, 1624, 2048 }, { 7, 1625, 2048 }, { 7, 1626, 2048 }, { 8, 1627, 2048 }, { 7, 1628, 2048 }, { 8, 1629, 2048 }, { 8, 1630, 2048 }, { 9, 1631, 2048 }, + { 5, 1632, 2048 }, { 6, 1633, 2048 }, { 6, 1634, 2048 }, { 7, 1635, 2048 }, { 6, 1636, 2048 }, { 7, 1637, 2048 }, { 7, 1638, 2048 }, { 8, 1639, 2048 }, + { 6, 1640, 2048 }, { 7, 1641, 2048 }, { 7, 1642, 2048 }, { 8, 1643, 2048 }, { 7, 1644, 2048 }, { 8, 1645, 2048 }, { 8, 1646, 2048 }, { 9, 1647, 2048 }, + { 6, 1648, 2048 }, { 7, 1649, 2048 }, { 7, 1650, 2048 }, { 8, 1651, 2048 }, { 7, 1652, 2048 }, { 8, 1653, 2048 }, { 8, 1654, 2048 }, { 9, 1655, 2048 }, + { 7, 1656, 2048 }, { 8, 1657, 2048 }, { 8, 1658, 2048 }, { 9, 1659, 2048 }, { 8, 1660, 2048 }, { 9, 1661, 2048 }, { 9, 1662, 2048 }, { 10, 1663, 2048 }, + { 4, 1664, 2048 }, { 5, 1665, 2048 }, { 5, 1666, 2048 }, { 6, 1667, 2048 }, { 5, 1668, 2048 }, { 6, 1669, 2048 }, { 6, 1670, 2048 }, { 7, 1671, 2048 }, + { 5, 1672, 2048 }, { 6, 1673, 2048 }, { 6, 1674, 2048 }, { 7, 1675, 2048 }, { 6, 1676, 2048 }, { 7, 1677, 2048 }, { 7, 1678, 2048 }, { 8, 1679, 2048 }, + { 5, 1680, 2048 }, { 6, 1681, 2048 }, { 6, 1682, 2048 }, { 7, 1683, 2048 }, { 6, 1684, 2048 }, { 7, 1685, 2048 }, { 7, 1686, 2048 }, { 8, 1687, 2048 }, + { 6, 1688, 2048 }, { 7, 1689, 2048 }, { 7, 1690, 2048 }, { 8, 1691, 2048 }, { 7, 1692, 2048 }, { 8, 1693, 2048 }, { 8, 1694, 2048 }, { 9, 1695, 2048 }, + { 5, 1696, 2048 }, { 6, 1697, 2048 }, { 6, 1698, 2048 }, { 7, 1699, 2048 }, { 6, 1700, 2048 }, { 7, 1701, 2048 }, { 7, 1702, 2048 }, { 8, 1703, 2048 }, + { 6, 1704, 2048 }, { 7, 1705, 2048 }, { 7, 1706, 2048 }, { 8, 1707, 2048 }, { 7, 1708, 2048 }, { 8, 1709, 2048 }, { 8, 1710, 2048 }, { 9, 1711, 2048 }, + { 6, 1712, 2048 }, { 7, 1713, 2048 }, { 7, 1714, 2048 }, { 8, 1715, 2048 }, { 7, 1716, 2048 }, { 8, 1717, 2048 }, { 8, 1718, 2048 }, { 9, 1719, 2048 }, + { 7, 1720, 2048 }, { 8, 1721, 2048 }, { 8, 1722, 2048 }, { 9, 1723, 2048 }, { 8, 1724, 2048 }, { 9, 1725, 2048 }, { 9, 1726, 2048 }, { 10, 1727, 2048 }, + { 5, 1728, 2048 }, { 6, 1729, 2048 }, { 6, 1730, 2048 }, { 7, 1731, 2048 }, { 6, 1732, 2048 }, { 7, 1733, 2048 }, { 7, 1734, 2048 }, { 8, 1735, 2048 }, + { 6, 1736, 2048 }, { 7, 1737, 2048 }, { 7, 1738, 2048 }, { 8, 1739, 2048 }, { 7, 1740, 2048 }, { 8, 1741, 2048 }, { 8, 1742, 2048 }, { 9, 1743, 2048 }, + { 6, 1744, 2048 }, { 7, 1745, 2048 }, { 7, 1746, 2048 }, { 8, 1747, 2048 }, { 7, 1748, 2048 }, { 8, 1749, 2048 }, { 8, 1750, 2048 }, { 9, 1751, 2048 }, + { 7, 1752, 2048 }, { 8, 1753, 2048 }, { 8, 1754, 2048 }, { 9, 1755, 2048 }, { 8, 1756, 2048 }, { 9, 1757, 2048 }, { 9, 1758, 2048 }, { 10, 1759, 2048 }, + { 6, 1760, 2048 }, { 7, 1761, 2048 }, { 7, 1762, 2048 }, { 8, 1763, 2048 }, { 7, 1764, 2048 }, { 8, 1765, 2048 }, { 8, 1766, 2048 }, { 9, 1767, 2048 }, + { 7, 1768, 2048 }, { 8, 1769, 2048 }, { 8, 1770, 2048 }, { 9, 1771, 2048 }, { 8, 1772, 2048 }, { 9, 1773, 2048 }, { 9, 1774, 2048 }, { 10, 1775, 2048 }, + { 7, 1776, 2048 }, { 8, 1777, 2048 }, { 8, 1778, 2048 }, { 9, 1779, 2048 }, { 8, 1780, 2048 }, { 9, 1781, 2048 }, { 9, 1782, 2048 }, { 10, 1783, 2048 }, + { 8, 1784, 2048 }, { 9, 1785, 2048 }, { 9, 1786, 2048 }, { 10, 1787, 2048 }, { 9, 1788, 2048 }, { 10, 1789, 2048 }, { 10, 1790, 2048 }, { 11, 1791, 2048 }, + { 4, 1792, 2048 }, { 5, 1793, 2048 }, { 5, 1794, 2048 }, { 6, 1795, 2048 }, { 5, 1796, 2048 }, { 6, 1797, 2048 }, { 6, 1798, 2048 }, { 7, 1799, 2048 }, + { 5, 1800, 2048 }, { 6, 1801, 2048 }, { 6, 1802, 2048 }, { 7, 1803, 2048 }, { 6, 1804, 2048 }, { 7, 1805, 2048 }, { 7, 1806, 2048 }, { 8, 1807, 2048 }, + { 5, 1808, 2048 }, { 6, 1809, 2048 }, { 6, 1810, 2048 }, { 7, 1811, 2048 }, { 6, 1812, 2048 }, { 7, 1813, 2048 }, { 7, 1814, 2048 }, { 8, 1815, 2048 }, + { 6, 1816, 2048 }, { 7, 1817, 2048 }, { 7, 1818, 2048 }, { 8, 1819, 2048 }, { 7, 1820, 2048 }, { 8, 1821, 2048 }, { 8, 1822, 2048 }, { 9, 1823, 2048 }, + { 5, 1824, 2048 }, { 6, 1825, 2048 }, { 6, 1826, 2048 }, { 7, 1827, 2048 }, { 6, 1828, 2048 }, { 7, 1829, 2048 }, { 7, 1830, 2048 }, { 8, 1831, 2048 }, + { 6, 1832, 2048 }, { 7, 1833, 2048 }, { 7, 1834, 2048 }, { 8, 1835, 2048 }, { 7, 1836, 2048 }, { 8, 1837, 2048 }, { 8, 1838, 2048 }, { 9, 1839, 2048 }, + { 6, 1840, 2048 }, { 7, 1841, 2048 }, { 7, 1842, 2048 }, { 8, 1843, 2048 }, { 7, 1844, 2048 }, { 8, 1845, 2048 }, { 8, 1846, 2048 }, { 9, 1847, 2048 }, + { 7, 1848, 2048 }, { 8, 1849, 2048 }, { 8, 1850, 2048 }, { 9, 1851, 2048 }, { 8, 1852, 2048 }, { 9, 1853, 2048 }, { 9, 1854, 2048 }, { 10, 1855, 2048 }, + { 5, 1856, 2048 }, { 6, 1857, 2048 }, { 6, 1858, 2048 }, { 7, 1859, 2048 }, { 6, 1860, 2048 }, { 7, 1861, 2048 }, { 7, 1862, 2048 }, { 8, 1863, 2048 }, + { 6, 1864, 2048 }, { 7, 1865, 2048 }, { 7, 1866, 2048 }, { 8, 1867, 2048 }, { 7, 1868, 2048 }, { 8, 1869, 2048 }, { 8, 1870, 2048 }, { 9, 1871, 2048 }, + { 6, 1872, 2048 }, { 7, 1873, 2048 }, { 7, 1874, 2048 }, { 8, 1875, 2048 }, { 7, 1876, 2048 }, { 8, 1877, 2048 }, { 8, 1878, 2048 }, { 9, 1879, 2048 }, + { 7, 1880, 2048 }, { 8, 1881, 2048 }, { 8, 1882, 2048 }, { 9, 1883, 2048 }, { 8, 1884, 2048 }, { 9, 1885, 2048 }, { 9, 1886, 2048 }, { 10, 1887, 2048 }, + { 6, 1888, 2048 }, { 7, 1889, 2048 }, { 7, 1890, 2048 }, { 8, 1891, 2048 }, { 7, 1892, 2048 }, { 8, 1893, 2048 }, { 8, 1894, 2048 }, { 9, 1895, 2048 }, + { 7, 1896, 2048 }, { 8, 1897, 2048 }, { 8, 1898, 2048 }, { 9, 1899, 2048 }, { 8, 1900, 2048 }, { 9, 1901, 2048 }, { 9, 1902, 2048 }, { 10, 1903, 2048 }, + { 7, 1904, 2048 }, { 8, 1905, 2048 }, { 8, 1906, 2048 }, { 9, 1907, 2048 }, { 8, 1908, 2048 }, { 9, 1909, 2048 }, { 9, 1910, 2048 }, { 10, 1911, 2048 }, + { 8, 1912, 2048 }, { 9, 1913, 2048 }, { 9, 1914, 2048 }, { 10, 1915, 2048 }, { 9, 1916, 2048 }, { 10, 1917, 2048 }, { 10, 1918, 2048 }, { 11, 1919, 2048 }, + { 5, 1920, 2048 }, { 6, 1921, 2048 }, { 6, 1922, 2048 }, { 7, 1923, 2048 }, { 6, 1924, 2048 }, { 7, 1925, 2048 }, { 7, 1926, 2048 }, { 8, 1927, 2048 }, + { 6, 1928, 2048 }, { 7, 1929, 2048 }, { 7, 1930, 2048 }, { 8, 1931, 2048 }, { 7, 1932, 2048 }, { 8, 1933, 2048 }, { 8, 1934, 2048 }, { 9, 1935, 2048 }, + { 6, 1936, 2048 }, { 7, 1937, 2048 }, { 7, 1938, 2048 }, { 8, 1939, 2048 }, { 7, 1940, 2048 }, { 8, 1941, 2048 }, { 8, 1942, 2048 }, { 9, 1943, 2048 }, + { 7, 1944, 2048 }, { 8, 1945, 2048 }, { 8, 1946, 2048 }, { 9, 1947, 2048 }, { 8, 1948, 2048 }, { 9, 1949, 2048 }, { 9, 1950, 2048 }, { 10, 1951, 2048 }, + { 6, 1952, 2048 }, { 7, 1953, 2048 }, { 7, 1954, 2048 }, { 8, 1955, 2048 }, { 7, 1956, 2048 }, { 8, 1957, 2048 }, { 8, 1958, 2048 }, { 9, 1959, 2048 }, + { 7, 1960, 2048 }, { 8, 1961, 2048 }, { 8, 1962, 2048 }, { 9, 1963, 2048 }, { 8, 1964, 2048 }, { 9, 1965, 2048 }, { 9, 1966, 2048 }, { 10, 1967, 2048 }, + { 7, 1968, 2048 }, { 8, 1969, 2048 }, { 8, 1970, 2048 }, { 9, 1971, 2048 }, { 8, 1972, 2048 }, { 9, 1973, 2048 }, { 9, 1974, 2048 }, { 10, 1975, 2048 }, + { 8, 1976, 2048 }, { 9, 1977, 2048 }, { 9, 1978, 2048 }, { 10, 1979, 2048 }, { 9, 1980, 2048 }, { 10, 1981, 2048 }, { 10, 1982, 2048 }, { 11, 1983, 2048 }, + { 6, 1984, 2048 }, { 7, 1985, 2048 }, { 7, 1986, 2048 }, { 8, 1987, 2048 }, { 7, 1988, 2048 }, { 8, 1989, 2048 }, { 8, 1990, 2048 }, { 9, 1991, 2048 }, + { 7, 1992, 2048 }, { 8, 1993, 2048 }, { 8, 1994, 2048 }, { 9, 1995, 2048 }, { 8, 1996, 2048 }, { 9, 1997, 2048 }, { 9, 1998, 2048 }, { 10, 1999, 2048 }, + { 7, 2000, 2048 }, { 8, 2001, 2048 }, { 8, 2002, 2048 }, { 9, 2003, 2048 }, { 8, 2004, 2048 }, { 9, 2005, 2048 }, { 9, 2006, 2048 }, { 10, 2007, 2048 }, + { 8, 2008, 2048 }, { 9, 2009, 2048 }, { 9, 2010, 2048 }, { 10, 2011, 2048 }, { 9, 2012, 2048 }, { 10, 2013, 2048 }, { 10, 2014, 2048 }, { 11, 2015, 2048 }, + { 7, 2016, 2048 }, { 8, 2017, 2048 }, { 8, 2018, 2048 }, { 9, 2019, 2048 }, { 8, 2020, 2048 }, { 9, 2021, 2048 }, { 9, 2022, 2048 }, { 10, 2023, 2048 }, + { 8, 2024, 2048 }, { 9, 2025, 2048 }, { 9, 2026, 2048 }, { 10, 2027, 2048 }, { 9, 2028, 2048 }, { 10, 2029, 2048 }, { 10, 2030, 2048 }, { 11, 2031, 2048 }, + { 8, 2032, 2048 }, { 9, 2033, 2048 }, { 9, 2034, 2048 }, { 10, 2035, 2048 }, { 9, 2036, 2048 }, { 10, 2037, 2048 }, { 10, 2038, 2048 }, { 11, 2039, 2048 }, + { 9, 2040, 2048 }, { 10, 2041, 2048 }, { 10, 2042, 2048 }, { 11, 2043, 2048 }, { 10, 2044, 2048 }, { 11, 2045, 2048 }, { 11, 2046, 2048 }, { 12, 2047, 2048 }, +#endif +#endif +#endif +#endif +#endif +#endif +}; + +/* find a hole and free as required, return -1 if no hole found */ +static int find_hole(void) +{ + unsigned x; + int y, z; + for (z = -1, y = INT_MAX, x = 0; x < FP_ENTRIES; x++) { + if (fp_cache[x].lru_count < y && fp_cache[x].lock == 0) { + z = x; + y = fp_cache[x].lru_count; + } + } + + /* decrease all */ + for (x = 0; x < FP_ENTRIES; x++) { + if (fp_cache[x].lru_count > 3) { + --(fp_cache[x].lru_count); + } + } + + /* free entry z */ + if (z >= 0 && fp_cache[z].g) { + mp_clear(&fp_cache[z].mu); + ecc_del_point(fp_cache[z].g); + fp_cache[z].g = NULL; + for (x = 0; x < (1U<x, &g->x) == MP_EQ && + mp_cmp(&fp_cache[x].g->y, &g->y) == MP_EQ && + mp_cmp(&fp_cache[x].g->z, &g->z) == MP_EQ) { + break; + } + } + if (x == FP_ENTRIES) { + x = -1; + } + return x; +} + +/* add a new base to the cache */ +static int add_entry(int idx, ecc_point *g) +{ + unsigned x, y; + + /* allocate base and LUT */ + fp_cache[idx].g = ecc_new_point(); + if (fp_cache[idx].g == NULL) { + return GEN_MEM_ERR; + } + + /* copy x and y */ + if ((mp_copy(&g->x, &fp_cache[idx].g->x) != MP_OKAY) || + (mp_copy(&g->y, &fp_cache[idx].g->y) != MP_OKAY) || + (mp_copy(&g->z, &fp_cache[idx].g->z) != MP_OKAY)) { + ecc_del_point(fp_cache[idx].g); + fp_cache[idx].g = NULL; + return GEN_MEM_ERR; + } + + for (x = 0; x < (1U<x, mu, modulus, + &fp_cache[idx].LUT[1]->x) != MP_OKAY) || + (mp_mulmod(&fp_cache[idx].g->y, mu, modulus, + &fp_cache[idx].LUT[1]->y) != MP_OKAY) || + (mp_mulmod(&fp_cache[idx].g->z, mu, modulus, + &fp_cache[idx].LUT[1]->z) != MP_OKAY)) { + err = MP_MULMOD_E; + } + } + + /* make all single bit entries */ + for (x = 1; x < FP_LUT; x++) { + if (err != MP_OKAY) + break; + if ((mp_copy(&fp_cache[idx].LUT[1<<(x-1)]->x, + &fp_cache[idx].LUT[1<x) != MP_OKAY) || + (mp_copy(&fp_cache[idx].LUT[1<<(x-1)]->y, + &fp_cache[idx].LUT[1<y) != MP_OKAY) || + (mp_copy(&fp_cache[idx].LUT[1<<(x-1)]->z, + &fp_cache[idx].LUT[1<z) != MP_OKAY)){ + err = MP_INIT_E; + break; + } else { + + /* now double it bitlen/FP_LUT times */ + for (y = 0; y < lut_gap; y++) { + if ((err = ecc_projective_dbl_point(fp_cache[idx].LUT[1<z, modulus, *mp); + + /* invert it */ + if (err == MP_OKAY) + err = mp_invmod(&fp_cache[idx].LUT[x]->z, modulus, + &fp_cache[idx].LUT[x]->z); + + if (err == MP_OKAY) + /* now square it */ + err = mp_sqrmod(&fp_cache[idx].LUT[x]->z, modulus, &tmp); + + if (err == MP_OKAY) + /* fix x */ + err = mp_mulmod(&fp_cache[idx].LUT[x]->x, &tmp, modulus, + &fp_cache[idx].LUT[x]->x); + + if (err == MP_OKAY) + /* get 1/z^3 */ + err = mp_mulmod(&tmp, &fp_cache[idx].LUT[x]->z, modulus, &tmp); + + if (err == MP_OKAY) + /* fix y */ + err = mp_mulmod(&fp_cache[idx].LUT[x]->y, &tmp, modulus, + &fp_cache[idx].LUT[x]->y); + + if (err == MP_OKAY) + /* free z */ + mp_clear(&fp_cache[idx].LUT[x]->z); + } + mp_clear(&tmp); + + if (err == MP_OKAY) + return MP_OKAY; + + /* err cleanup */ + for (y = 0; y < (1U< mp_unsigned_bin_size(modulus)) { + mp_int order; + if (mp_init(&order) != MP_OKAY) { + mp_clear(&tk); + return MP_INIT_E; + } + + /* find order */ + y = mp_unsigned_bin_size(modulus); + for (x = 0; ecc_sets[x].size; x++) { + if (y <= (unsigned)ecc_sets[x].size) break; + } + + /* back off if we are on the 521 bit curve */ + if (y == 66) --x; + + if ((err = mp_read_radix(&order, ecc_sets[x].order, 16)) != MP_OKAY) { + mp_clear(&order); + mp_clear(&tk); + return err; + } + + /* k must be less than modulus */ + if (mp_cmp(k, &order) != MP_LT) { + if ((err = mp_mod(k, &order, &tk)) != MP_OKAY) { + mp_clear(&tk); + mp_clear(&order); + return err; + } + } else { + mp_copy(k, &tk); + } + mp_clear(&order); + } else { + mp_copy(k, &tk); + } + + /* get bitlen and round up to next multiple of FP_LUT */ + bitlen = mp_unsigned_bin_size(modulus) << 3; + x = bitlen % FP_LUT; + if (x) { + bitlen += FP_LUT - x; + } + lut_gap = bitlen / FP_LUT; + + /* get the k value */ + if (mp_unsigned_bin_size(&tk) > (int)(KB_SIZE - 2)) { + mp_clear(&tk); + return BUFFER_E; + } + + /* store k */ +#ifdef CYASSL_SMALL_STACK + kb = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (kb == NULL) + return MEMORY_E; +#endif + + XMEMSET(kb, 0, KB_SIZE); + if ((err = mp_to_unsigned_bin(&tk, kb)) != MP_OKAY) { + mp_clear(&tk); + } + else { + /* let's reverse kb so it's little endian */ + x = 0; + y = mp_unsigned_bin_size(&tk) - 1; + mp_clear(&tk); + + while ((unsigned)x < y) { + z = kb[x]; kb[x] = kb[y]; kb[y] = z; + ++x; --y; + } + + /* at this point we can start, yipee */ + first = 1; + for (x = lut_gap-1; x >= 0; x--) { + /* extract FP_LUT bits from kb spread out by lut_gap bits and offset + by x bits from the start */ + bitpos = x; + for (y = z = 0; y < FP_LUT; y++) { + z |= ((kb[bitpos>>3] >> (bitpos&7)) & 1) << y; + bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid + the mult in each loop */ + } + + /* double if not first */ + if (!first) { + if ((err = ecc_projective_dbl_point(R, R, modulus, + mp)) != MP_OKAY) { + break; + } + } + + /* add if not first, otherwise copy */ + if (!first && z) { + if ((err = ecc_projective_add_point(R, fp_cache[idx].LUT[z], R, + modulus, mp)) != MP_OKAY) { + break; + } + } else if (z) { + if ((mp_copy(&fp_cache[idx].LUT[z]->x, &R->x) != MP_OKAY) || + (mp_copy(&fp_cache[idx].LUT[z]->y, &R->y) != MP_OKAY) || + (mp_copy(&fp_cache[idx].mu, &R->z) != MP_OKAY)) { + err = GEN_MEM_ERR; + break; + } + first = 0; + } + } + } + + if (err == MP_OKAY) { + z = 0; + XMEMSET(kb, 0, KB_SIZE); + /* map R back from projective space */ + if (map) { + err = ecc_map(R, modulus, mp); + } else { + err = MP_OKAY; + } + } + +#ifdef CYASSL_SMALL_STACK + XFREE(kb, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + +#undef KB_SIZE + + return err; +} + +#ifdef ECC_SHAMIR +/* perform a fixed point ECC mulmod */ +static int accel_fp_mul2add(int idx1, int idx2, + mp_int* kA, mp_int* kB, + ecc_point *R, mp_int* modulus, mp_digit* mp) +{ +#define KB_SIZE 128 + +#ifdef CYASSL_SMALL_STACK + unsigned char* kb[2]; +#else + unsigned char kb[2][128]; +#endif + int x; + unsigned y, z, err, bitlen, bitpos, lut_gap, first, zA, zB; + mp_int tka; + mp_int tkb; + mp_int order; + + if (mp_init_multi(&tka, &tkb, 0, 0, 0, 0) != MP_OKAY) + return MP_INIT_E; + + /* if it's smaller than modulus we fine */ + if (mp_unsigned_bin_size(kA) > mp_unsigned_bin_size(modulus)) { + /* find order */ + y = mp_unsigned_bin_size(modulus); + for (x = 0; ecc_sets[x].size; x++) { + if (y <= (unsigned)ecc_sets[x].size) break; + } + + /* back off if we are on the 521 bit curve */ + if (y == 66) --x; + + if ((err = mp_init(&order)) != MP_OKAY) { + mp_clear(&tkb); + mp_clear(&tka); + return err; + } + if ((err = mp_read_radix(&order, ecc_sets[x].order, 16)) != MP_OKAY) { + mp_clear(&tkb); + mp_clear(&tka); + mp_clear(&order); + return err; + } + + /* kA must be less than modulus */ + if (mp_cmp(kA, &order) != MP_LT) { + if ((err = mp_mod(kA, &order, &tka)) != MP_OKAY) { + mp_clear(&tkb); + mp_clear(&tka); + mp_clear(&order); + return err; + } + } else { + mp_copy(kA, &tka); + } + mp_clear(&order); + } else { + mp_copy(kA, &tka); + } + + /* if it's smaller than modulus we fine */ + if (mp_unsigned_bin_size(kB) > mp_unsigned_bin_size(modulus)) { + /* find order */ + y = mp_unsigned_bin_size(modulus); + for (x = 0; ecc_sets[x].size; x++) { + if (y <= (unsigned)ecc_sets[x].size) break; + } + + /* back off if we are on the 521 bit curve */ + if (y == 66) --x; + + if ((err = mp_init(&order)) != MP_OKAY) { + mp_clear(&tkb); + mp_clear(&tka); + return err; + } + if ((err = mp_read_radix(&order, ecc_sets[x].order, 16)) != MP_OKAY) { + mp_clear(&tkb); + mp_clear(&tka); + mp_clear(&order); + return err; + } + + /* kB must be less than modulus */ + if (mp_cmp(kB, &order) != MP_LT) { + if ((err = mp_mod(kB, &order, &tkb)) != MP_OKAY) { + mp_clear(&tkb); + mp_clear(&tka); + mp_clear(&order); + return err; + } + } else { + mp_copy(kB, &tkb); + } + mp_clear(&order); + } else { + mp_copy(kB, &tkb); + } + + /* get bitlen and round up to next multiple of FP_LUT */ + bitlen = mp_unsigned_bin_size(modulus) << 3; + x = bitlen % FP_LUT; + if (x) { + bitlen += FP_LUT - x; + } + lut_gap = bitlen / FP_LUT; + + /* get the k value */ + if ((mp_unsigned_bin_size(&tka) > (int)(KB_SIZE - 2)) || + (mp_unsigned_bin_size(&tkb) > (int)(KB_SIZE - 2)) ) { + mp_clear(&tka); + mp_clear(&tkb); + return BUFFER_E; + } + + /* store k */ +#ifdef CYASSL_SMALL_STACK + kb[0] = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (kb[0] == NULL) + return MEMORY_E; +#endif + + XMEMSET(kb[0], 0, KB_SIZE); + if ((err = mp_to_unsigned_bin(&tka, kb[0])) != MP_OKAY) { + mp_clear(&tka); + mp_clear(&tkb); + XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER); + return err; + } + + /* let's reverse kb so it's little endian */ + x = 0; + y = mp_unsigned_bin_size(&tka) - 1; + mp_clear(&tka); + while ((unsigned)x < y) { + z = kb[0][x]; kb[0][x] = kb[0][y]; kb[0][y] = z; + ++x; --y; + } + + /* store b */ +#ifdef CYASSL_SMALL_STACK + kb[1] = (unsigned char*)XMALLOC(KB_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (kb[1] == NULL) { + XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + XMEMSET(kb[1], 0, KB_SIZE); + if ((err = mp_to_unsigned_bin(&tkb, kb[1])) != MP_OKAY) { + mp_clear(&tkb); + } + else { + x = 0; + y = mp_unsigned_bin_size(&tkb) - 1; + mp_clear(&tkb); + while ((unsigned)x < y) { + z = kb[1][x]; kb[1][x] = kb[1][y]; kb[1][y] = z; + ++x; --y; + } + + /* at this point we can start, yipee */ + first = 1; + for (x = lut_gap-1; x >= 0; x--) { + /* extract FP_LUT bits from kb spread out by lut_gap bits and + offset by x bits from the start */ + bitpos = x; + for (y = zA = zB = 0; y < FP_LUT; y++) { + zA |= ((kb[0][bitpos>>3] >> (bitpos&7)) & 1) << y; + zB |= ((kb[1][bitpos>>3] >> (bitpos&7)) & 1) << y; + bitpos += lut_gap; /* it's y*lut_gap + x, but here we can avoid + the mult in each loop */ + } + + /* double if not first */ + if (!first) { + if ((err = ecc_projective_dbl_point(R, R, modulus, + mp)) != MP_OKAY) { + break; + } + } + + /* add if not first, otherwise copy */ + if (!first) { + if (zA) { + if ((err = ecc_projective_add_point(R, fp_cache[idx1].LUT[zA], + R, modulus, mp)) != MP_OKAY) { + break; + } + } + if (zB) { + if ((err = ecc_projective_add_point(R, fp_cache[idx2].LUT[zB], + R, modulus, mp)) != MP_OKAY) { + break; + } + } + } else { + if (zA) { + if ((mp_copy(&fp_cache[idx1].LUT[zA]->x, &R->x) != MP_OKAY) || + (mp_copy(&fp_cache[idx1].LUT[zA]->y, &R->y) != MP_OKAY) || + (mp_copy(&fp_cache[idx1].mu, &R->z) != MP_OKAY)) { + err = GEN_MEM_ERR; + break; + } + first = 0; + } + if (zB && first == 0) { + if (zB) { + if ((err = ecc_projective_add_point(R, + fp_cache[idx2].LUT[zB], R, modulus, mp)) != MP_OKAY){ + break; + } + } + } else if (zB && first == 1) { + if ((mp_copy(&fp_cache[idx2].LUT[zB]->x, &R->x) != MP_OKAY) || + (mp_copy(&fp_cache[idx2].LUT[zB]->y, &R->y) != MP_OKAY) || + (mp_copy(&fp_cache[idx2].mu, &R->z) != MP_OKAY)) { + err = GEN_MEM_ERR; + break; + } + first = 0; + } + } + } + } + + XMEMSET(kb[0], 0, KB_SIZE); + XMEMSET(kb[1], 0, KB_SIZE); + +#ifdef CYASSL_SMALL_STACK + XFREE(kb[0], NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(kb[1], NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + +#undef KB_SIZE + + return ecc_map(R, modulus, mp); +} + +/** ECC Fixed Point mulmod global + Computes kA*A + kB*B = C using Shamir's Trick + A First point to multiply + kA What to multiple A by + B Second point to multiply + kB What to multiple B by + C [out] Destination point (can overlap with A or B) + modulus Modulus for curve + return MP_OKAY on success +*/ +int ecc_mul2add(ecc_point* A, mp_int* kA, + ecc_point* B, mp_int* kB, + ecc_point* C, mp_int* modulus) +{ + int idx1 = -1, idx2 = -1, err = MP_OKAY, mpInit = 0; + mp_digit mp; + mp_int mu; + + err = mp_init(&mu); + if (err != MP_OKAY) + return err; + +#ifndef HAVE_THREAD_LS + if (initMutex == 0) { + InitMutex(&ecc_fp_lock); + initMutex = 1; + } + if (LockMutex(&ecc_fp_lock) != 0) + return BAD_MUTEX_E; +#endif /* HAVE_THREAD_LS */ + + /* find point */ + idx1 = find_base(A); + + /* no entry? */ + if (idx1 == -1) { + /* find hole and add it */ + if ((idx1 = find_hole()) >= 0) { + err = add_entry(idx1, A); + } + } + if (err == MP_OKAY && idx1 != -1) { + /* increment LRU */ + ++(fp_cache[idx1].lru_count); + } + + if (err == MP_OKAY) + /* find point */ + idx2 = find_base(B); + + if (err == MP_OKAY) { + /* no entry? */ + if (idx2 == -1) { + /* find hole and add it */ + if ((idx2 = find_hole()) >= 0) + err = add_entry(idx2, B); + } + } + + if (err == MP_OKAY && idx2 != -1) { + /* increment LRU */ + ++(fp_cache[idx2].lru_count); + } + + if (err == MP_OKAY) { + /* if it's 2 build the LUT, if it's higher just use the LUT */ + if (idx1 >= 0 && fp_cache[idx1].lru_count == 2) { + /* compute mp */ + err = mp_montgomery_setup(modulus, &mp); + + if (err == MP_OKAY) { + mpInit = 1; + err = mp_montgomery_calc_normalization(&mu, modulus); + } + + if (err == MP_OKAY) + /* build the LUT */ + err = build_lut(idx1, modulus, &mp, &mu); + } + } + + if (err == MP_OKAY) { + /* if it's 2 build the LUT, if it's higher just use the LUT */ + if (idx2 >= 0 && fp_cache[idx2].lru_count == 2) { + if (mpInit == 0) { + /* compute mp */ + err = mp_montgomery_setup(modulus, &mp); + if (err == MP_OKAY) { + mpInit = 1; + err = mp_montgomery_calc_normalization(&mu, modulus); + } + } + + if (err == MP_OKAY) + /* build the LUT */ + err = build_lut(idx2, modulus, &mp, &mu); + } + } + + + if (err == MP_OKAY) { + if (idx1 >=0 && idx2 >= 0 && fp_cache[idx1].lru_count >= 2 && + fp_cache[idx2].lru_count >= 2) { + if (mpInit == 0) { + /* compute mp */ + err = mp_montgomery_setup(modulus, &mp); + } + if (err == MP_OKAY) + err = accel_fp_mul2add(idx1, idx2, kA, kB, C, modulus, &mp); + } else { + err = normal_ecc_mul2add(A, kA, B, kB, C, modulus); + } + } + +#ifndef HAVE_THREAD_LS + UnLockMutex(&ecc_fp_lock); +#endif /* HAVE_THREAD_LS */ + mp_clear(&mu); + + return err; +} +#endif + +/** ECC Fixed Point mulmod global + k The multiplicand + G Base point to multiply + R [out] Destination of product + modulus The modulus for the curve + map [boolean] If non-zero maps the point back to affine co-ordinates, + otherwise it's left in jacobian-montgomery form + return MP_OKAY if successful +*/ +int ecc_mulmod(mp_int* k, ecc_point *G, ecc_point *R, mp_int* modulus, + int map) +{ + int idx, err = MP_OKAY; + mp_digit mp; + mp_int mu; + int mpSetup = 0; + + if (mp_init(&mu) != MP_OKAY) + return MP_INIT_E; + +#ifndef HAVE_THREAD_LS + if (initMutex == 0) { + InitMutex(&ecc_fp_lock); + initMutex = 1; + } + + if (LockMutex(&ecc_fp_lock) != 0) + return BAD_MUTEX_E; +#endif /* HAVE_THREAD_LS */ + + /* find point */ + idx = find_base(G); + + /* no entry? */ + if (idx == -1) { + /* find hole and add it */ + idx = find_hole(); + + if (idx >= 0) + err = add_entry(idx, G); + } + if (err == MP_OKAY && idx != -1) { + /* increment LRU */ + ++(fp_cache[idx].lru_count); + } + + + if (err == MP_OKAY) { + /* if it's 2 build the LUT, if it's higher just use the LUT */ + if (idx >= 0 && fp_cache[idx].lru_count == 2) { + /* compute mp */ + err = mp_montgomery_setup(modulus, &mp); + + if (err == MP_OKAY) { + /* compute mu */ + mpSetup = 1; + err = mp_montgomery_calc_normalization(&mu, modulus); + } + + if (err == MP_OKAY) + /* build the LUT */ + err = build_lut(idx, modulus, &mp, &mu); + } + } + + if (err == MP_OKAY) { + if (idx >= 0 && fp_cache[idx].lru_count >= 2) { + if (mpSetup == 0) { + /* compute mp */ + err = mp_montgomery_setup(modulus, &mp); + } + if (err == MP_OKAY) + err = accel_fp_mul(idx, k, R, modulus, &mp, map); + } else { + err = normal_ecc_mulmod(k, G, R, modulus, map); + } + } + +#ifndef HAVE_THREAD_LS + UnLockMutex(&ecc_fp_lock); +#endif /* HAVE_THREAD_LS */ + mp_clear(&mu); + + return err; +} + +/* helper function for freeing the cache ... + must be called with the cache mutex locked */ +static void ecc_fp_free_cache(void) +{ + unsigned x, y; + for (x = 0; x < FP_ENTRIES; x++) { + if (fp_cache[x].g != NULL) { + for (y = 0; y < (1U<protocol == 0) + return NULL; + + if (ctx->protocol == REQ_RESP_CLIENT) { + if (ctx->cliSt == ecCLI_INIT) { + ctx->cliSt = ecCLI_SALT_GET; + return ctx->clientSalt; + } + else { + ctx->cliSt = ecCLI_BAD_STATE; + return NULL; + } + } + else if (ctx->protocol == REQ_RESP_SERVER) { + if (ctx->srvSt == ecSRV_INIT) { + ctx->srvSt = ecSRV_SALT_GET; + return ctx->serverSalt; + } + else { + ctx->srvSt = ecSRV_BAD_STATE; + return NULL; + } + } + + return NULL; +} + + +/* optional set info, can be called before or after set_peer_salt */ +int ecc_ctx_set_info(ecEncCtx* ctx, const byte* info, int sz) +{ + if (ctx == NULL || info == 0 || sz < 0) + return BAD_FUNC_ARG; + + ctx->kdfInfo = info; + ctx->kdfInfoSz = sz; + + return 0; +} + + +static const char* exchange_info = "Secure Message Exchange"; + +int ecc_ctx_set_peer_salt(ecEncCtx* ctx, const byte* salt) +{ + byte tmp[EXCHANGE_SALT_SZ/2]; + int halfSz = EXCHANGE_SALT_SZ/2; + + if (ctx == NULL || ctx->protocol == 0 || salt == NULL) + return BAD_FUNC_ARG; + + if (ctx->protocol == REQ_RESP_CLIENT) { + XMEMCPY(ctx->serverSalt, salt, EXCHANGE_SALT_SZ); + if (ctx->cliSt == ecCLI_SALT_GET) + ctx->cliSt = ecCLI_SALT_SET; + else { + ctx->cliSt = ecCLI_BAD_STATE; + return BAD_ENC_STATE_E; + } + } + else { + XMEMCPY(ctx->clientSalt, salt, EXCHANGE_SALT_SZ); + if (ctx->srvSt == ecSRV_SALT_GET) + ctx->srvSt = ecSRV_SALT_SET; + else { + ctx->srvSt = ecSRV_BAD_STATE; + return BAD_ENC_STATE_E; + } + } + + /* mix half and half */ + /* tmp stores 2nd half of client before overwrite */ + XMEMCPY(tmp, ctx->clientSalt + halfSz, halfSz); + XMEMCPY(ctx->clientSalt + halfSz, ctx->serverSalt, halfSz); + XMEMCPY(ctx->serverSalt, tmp, halfSz); + + ctx->kdfSalt = ctx->clientSalt; + ctx->kdfSaltSz = EXCHANGE_SALT_SZ; + + ctx->macSalt = ctx->serverSalt; + ctx->macSaltSz = EXCHANGE_SALT_SZ; + + if (ctx->kdfInfo == NULL) { + /* default info */ + ctx->kdfInfo = (const byte*)exchange_info; + ctx->kdfInfoSz = EXCHANGE_INFO_SZ; + } + + return 0; +} + + +static int ecc_ctx_set_salt(ecEncCtx* ctx, int flags, RNG* rng) +{ + byte* saltBuffer = NULL; + + if (ctx == NULL || rng == NULL || flags == 0) + return BAD_FUNC_ARG; + + saltBuffer = (flags == REQ_RESP_CLIENT) ? ctx->clientSalt : ctx->serverSalt; + + return RNG_GenerateBlock(rng, saltBuffer, EXCHANGE_SALT_SZ); +} + + +static void ecc_ctx_init(ecEncCtx* ctx, int flags) +{ + if (ctx) { + XMEMSET(ctx, 0, sizeof(ecEncCtx)); + + ctx->encAlgo = ecAES_128_CBC; + ctx->kdfAlgo = ecHKDF_SHA256; + ctx->macAlgo = ecHMAC_SHA256; + ctx->protocol = (byte)flags; + + if (flags == REQ_RESP_CLIENT) + ctx->cliSt = ecCLI_INIT; + if (flags == REQ_RESP_SERVER) + ctx->srvSt = ecSRV_INIT; + } +} + + +/* allow ecc context reset so user doesn't have to init/free for resue */ +int ecc_ctx_reset(ecEncCtx* ctx, RNG* rng) +{ + if (ctx == NULL || rng == NULL) + return BAD_FUNC_ARG; + + ecc_ctx_init(ctx, ctx->protocol); + return ecc_ctx_set_salt(ctx, ctx->protocol, rng); +} + + +/* alloc/init and set defaults, return new Context */ +ecEncCtx* ecc_ctx_new(int flags, RNG* rng) +{ + int ret = 0; + ecEncCtx* ctx = (ecEncCtx*)XMALLOC(sizeof(ecEncCtx), 0, DYNAMIC_TYPE_ECC); + + if (ctx) + ctx->protocol = (byte)flags; + + ret = ecc_ctx_reset(ctx, rng); + if (ret != 0) { + ecc_ctx_free(ctx); + ctx = NULL; + } + + return ctx; +} + + +/* free any resources, clear any keys */ +void ecc_ctx_free(ecEncCtx* ctx) +{ + if (ctx) { + XMEMSET(ctx, 0, sizeof(ecEncCtx)); + XFREE(ctx, 0, DYNAMIC_TYPE_ECC); + } +} + + +static int ecc_get_key_sizes(ecEncCtx* ctx, int* encKeySz, int* ivSz, + int* keysLen, word32* digestSz, word32* blockSz) +{ + if (ctx) { + switch (ctx->encAlgo) { + case ecAES_128_CBC: + *encKeySz = KEY_SIZE_128; + *ivSz = IV_SIZE_64; + *blockSz = AES_BLOCK_SIZE; + break; + default: + return BAD_FUNC_ARG; + } + + switch (ctx->macAlgo) { + case ecHMAC_SHA256: + *digestSz = SHA256_DIGEST_SIZE; + break; + default: + return BAD_FUNC_ARG; + } + } else + return BAD_FUNC_ARG; + + *keysLen = *encKeySz + *ivSz + *digestSz; + + return 0; +} + + +/* ecc encrypt with shared secret run through kdf + ctx holds non default algos and inputs + msgSz should be the right size for encAlgo, i.e., already padded + return 0 on success */ +int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx) +{ + int ret; + word32 blockSz; + word32 digestSz; + ecEncCtx localCtx; +#ifdef CYASSL_SMALL_STACK + byte* sharedSecret; + byte* keys; +#else + byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */ + byte keys[ECC_BUFSIZE]; /* max size */ +#endif + word32 sharedSz = ECC_MAXSIZE; + int keysLen; + int encKeySz; + int ivSz; + int offset = 0; /* keys offset if doing msg exchange */ + byte* encKey; + byte* encIv; + byte* macKey; + + if (privKey == NULL || pubKey == NULL || msg == NULL || out == NULL || + outSz == NULL) + return BAD_FUNC_ARG; + + if (ctx == NULL) { /* use defaults */ + ecc_ctx_init(&localCtx, 0); + ctx = &localCtx; + } + + ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz, + &blockSz); + if (ret != 0) + return ret; + + if (ctx->protocol == REQ_RESP_SERVER) { + offset = keysLen; + keysLen *= 2; + + if (ctx->srvSt != ecSRV_RECV_REQ) + return BAD_ENC_STATE_E; + + ctx->srvSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */ + } + else if (ctx->protocol == REQ_RESP_CLIENT) { + if (ctx->cliSt != ecCLI_SALT_SET) + return BAD_ENC_STATE_E; + + ctx->cliSt = ecCLI_SENT_REQ; /* only do this once */ + } + + if (keysLen > ECC_BUFSIZE) /* keys size */ + return BUFFER_E; + + if ( (msgSz%blockSz) != 0) + return BAD_PADDING_E; + + if (*outSz < (msgSz + digestSz)) + return BUFFER_E; + +#ifdef CYASSL_SMALL_STACK + sharedSecret = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (sharedSecret == NULL) + return MEMORY_E; + + keys = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (keys == NULL) { + XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + ret = ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz); + + if (ret == 0) { + switch (ctx->kdfAlgo) { + case ecHKDF_SHA256 : + ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt, + ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz, + keys, keysLen); + break; + + default: + ret = BAD_FUNC_ARG; + break; + } + } + + if (ret == 0) { + encKey = keys + offset; + encIv = encKey + encKeySz; + macKey = encKey + encKeySz + ivSz; + + switch (ctx->encAlgo) { + case ecAES_128_CBC: + { + Aes aes; + ret = AesSetKey(&aes, encKey, KEY_SIZE_128, encIv, + AES_ENCRYPTION); + if (ret != 0) + break; + ret = AesCbcEncrypt(&aes, out, msg, msgSz); + } + break; + + default: + ret = BAD_FUNC_ARG; + break; + } + } + + if (ret == 0) { + switch (ctx->macAlgo) { + case ecHMAC_SHA256: + { + Hmac hmac; + ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE); + if (ret != 0) + break; + ret = HmacUpdate(&hmac, out, msgSz); + if (ret != 0) + break; + ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz); + if (ret != 0) + break; + ret = HmacFinal(&hmac, out+msgSz); + } + break; + + default: + ret = BAD_FUNC_ARG; + break; + } + } + + if (ret == 0) + *outSz = msgSz + digestSz; + +#ifdef CYASSL_SMALL_STACK + XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keys, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; +} + + +/* ecc decrypt with shared secret run through kdf + ctx holds non default algos and inputs + return 0 on success */ +int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx) +{ + int ret; + word32 blockSz; + word32 digestSz; + ecEncCtx localCtx; +#ifdef CYASSL_SMALL_STACK + byte* sharedSecret; + byte* keys; +#else + byte sharedSecret[ECC_MAXSIZE]; /* 521 max size */ + byte keys[ECC_BUFSIZE]; /* max size */ +#endif + word32 sharedSz = ECC_MAXSIZE; + int keysLen; + int encKeySz; + int ivSz; + int offset = 0; /* in case using msg exchange */ + byte* encKey; + byte* encIv; + byte* macKey; + + if (privKey == NULL || pubKey == NULL || msg == NULL || out == NULL || + outSz == NULL) + return BAD_FUNC_ARG; + + if (ctx == NULL) { /* use defaults */ + ecc_ctx_init(&localCtx, 0); + ctx = &localCtx; + } + + ret = ecc_get_key_sizes(ctx, &encKeySz, &ivSz, &keysLen, &digestSz, + &blockSz); + if (ret != 0) + return ret; + + if (ctx->protocol == REQ_RESP_CLIENT) { + offset = keysLen; + keysLen *= 2; + + if (ctx->cliSt != ecCLI_SENT_REQ) + return BAD_ENC_STATE_E; + + ctx->cliSt = ecSRV_BAD_STATE; /* we're done no more ops allowed */ + } + else if (ctx->protocol == REQ_RESP_SERVER) { + if (ctx->srvSt != ecSRV_SALT_SET) + return BAD_ENC_STATE_E; + + ctx->srvSt = ecSRV_RECV_REQ; /* only do this once */ + } + + if (keysLen > ECC_BUFSIZE) /* keys size */ + return BUFFER_E; + + if ( ((msgSz-digestSz) % blockSz) != 0) + return BAD_PADDING_E; + + if (*outSz < (msgSz - digestSz)) + return BUFFER_E; + +#ifdef CYASSL_SMALL_STACK + sharedSecret = (byte*)XMALLOC(ECC_MAXSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (sharedSecret == NULL) + return MEMORY_E; + + keys = (byte*)XMALLOC(ECC_BUFSIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (keys == NULL) { + XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + ret = ecc_shared_secret(privKey, pubKey, sharedSecret, &sharedSz); + + if (ret == 0) { + switch (ctx->kdfAlgo) { + case ecHKDF_SHA256 : + ret = HKDF(SHA256, sharedSecret, sharedSz, ctx->kdfSalt, + ctx->kdfSaltSz, ctx->kdfInfo, ctx->kdfInfoSz, + keys, keysLen); + break; + + default: + ret = BAD_FUNC_ARG; + break; + } + } + + if (ret == 0) { + encKey = keys + offset; + encIv = encKey + encKeySz; + macKey = encKey + encKeySz + ivSz; + + switch (ctx->macAlgo) { + case ecHMAC_SHA256: + { + byte verify[SHA256_DIGEST_SIZE]; + Hmac hmac; + ret = HmacSetKey(&hmac, SHA256, macKey, SHA256_DIGEST_SIZE); + if (ret != 0) + break; + ret = HmacUpdate(&hmac, msg, msgSz-digestSz); + if (ret != 0) + break; + ret = HmacUpdate(&hmac, ctx->macSalt, ctx->macSaltSz); + if (ret != 0) + break; + ret = HmacFinal(&hmac, verify); + if (ret != 0) + break; + if (memcmp(verify, msg + msgSz - digestSz, digestSz) != 0) + ret = -1; + } + break; + + default: + ret = BAD_FUNC_ARG; + break; + } + } + + if (ret == 0) { + switch (ctx->encAlgo) { + case ecAES_128_CBC: + { + Aes aes; + ret = AesSetKey(&aes, encKey, KEY_SIZE_128, encIv, + AES_DECRYPTION); + if (ret != 0) + break; + ret = AesCbcDecrypt(&aes, out, msg, msgSz-digestSz); + } + break; + + default: + ret = BAD_FUNC_ARG; + break; + } + } + + if (ret == 0) + *outSz = msgSz - digestSz; + +#ifdef CYASSL_SMALL_STACK + XFREE(sharedSecret, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keys, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; +} + + +#endif /* HAVE_ECC_ENCRYPT */ + +#endif /* HAVE_ECC */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/error.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/error.c new file mode 100644 index 000000000..00bfe309b --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/error.c @@ -0,0 +1,295 @@ +/* error.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#include + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of XSTRNCPY */ + #pragma warning(disable: 4996) +#endif + +const char* CTaoCryptGetErrorString(int error) +{ +#ifdef NO_ERROR_STRINGS + + (void)error; + return "no support for error strings built in"; + +#else + + switch (error) { + + case OPEN_RAN_E : + return "opening random device error"; + + case READ_RAN_E : + return "reading random device error"; + + case WINCRYPT_E : + return "windows crypt init error"; + + case CRYPTGEN_E : + return "windows crypt generation error"; + + case RAN_BLOCK_E : + return "random device read would block error"; + + case BAD_MUTEX_E : + return "Bad mutex, operation failed"; + + case MP_INIT_E : + return "mp_init error state"; + + case MP_READ_E : + return "mp_read error state"; + + case MP_EXPTMOD_E : + return "mp_exptmod error state"; + + case MP_TO_E : + return "mp_to_xxx error state, can't convert"; + + case MP_SUB_E : + return "mp_sub error state, can't subtract"; + + case MP_ADD_E : + return "mp_add error state, can't add"; + + case MP_MUL_E : + return "mp_mul error state, can't multiply"; + + case MP_MULMOD_E : + return "mp_mulmod error state, can't multiply mod"; + + case MP_MOD_E : + return "mp_mod error state, can't mod"; + + case MP_INVMOD_E : + return "mp_invmod error state, can't inv mod"; + + case MP_CMP_E : + return "mp_cmp error state"; + + case MP_ZERO_E : + return "mp zero result, not expected"; + + case MEMORY_E : + return "out of memory error"; + + case RSA_WRONG_TYPE_E : + return "RSA wrong block type for RSA function"; + + case RSA_BUFFER_E : + return "RSA buffer error, output too small or input too big"; + + case BUFFER_E : + return "Buffer error, output too small or input too big"; + + case ALGO_ID_E : + return "Setting Cert AlogID error"; + + case PUBLIC_KEY_E : + return "Setting Cert Public Key error"; + + case DATE_E : + return "Setting Cert Date validity error"; + + case SUBJECT_E : + return "Setting Cert Subject name error"; + + case ISSUER_E : + return "Setting Cert Issuer name error"; + + case CA_TRUE_E : + return "Setting basic constraint CA true error"; + + case EXTENSIONS_E : + return "Setting extensions error"; + + case ASN_PARSE_E : + return "ASN parsing error, invalid input"; + + case ASN_VERSION_E : + return "ASN version error, invalid number"; + + case ASN_GETINT_E : + return "ASN get big int error, invalid data"; + + case ASN_RSA_KEY_E : + return "ASN key init error, invalid input"; + + case ASN_OBJECT_ID_E : + return "ASN object id error, invalid id"; + + case ASN_TAG_NULL_E : + return "ASN tag error, not null"; + + case ASN_EXPECT_0_E : + return "ASN expect error, not zero"; + + case ASN_BITSTR_E : + return "ASN bit string error, wrong id"; + + case ASN_UNKNOWN_OID_E : + return "ASN oid error, unknown sum id"; + + case ASN_DATE_SZ_E : + return "ASN date error, bad size"; + + case ASN_BEFORE_DATE_E : + return "ASN date error, current date before"; + + case ASN_AFTER_DATE_E : + return "ASN date error, current date after"; + + case ASN_SIG_OID_E : + return "ASN signature error, mismatched oid"; + + case ASN_TIME_E : + return "ASN time error, unkown time type"; + + case ASN_INPUT_E : + return "ASN input error, not enough data"; + + case ASN_SIG_CONFIRM_E : + return "ASN sig error, confirm failure"; + + case ASN_SIG_HASH_E : + return "ASN sig error, unsupported hash type"; + + case ASN_SIG_KEY_E : + return "ASN sig error, unsupported key type"; + + case ASN_DH_KEY_E : + return "ASN key init error, invalid input"; + + case ASN_NTRU_KEY_E : + return "ASN NTRU key decode error, invalid input"; + + case ASN_CRIT_EXT_E: + return "X.509 Critical extension ignored"; + + case ECC_BAD_ARG_E : + return "ECC input argument wrong type, invalid input"; + + case ASN_ECC_KEY_E : + return "ECC ASN1 bad key data, invalid input"; + + case ECC_CURVE_OID_E : + return "ECC curve sum OID unsupported, invalid input"; + + case BAD_FUNC_ARG : + return "Bad function argument"; + + case NOT_COMPILED_IN : + return "Feature not compiled in"; + + case UNICODE_SIZE_E : + return "Unicode password too big"; + + case NO_PASSWORD : + return "No password provided by user"; + + case ALT_NAME_E : + return "Alt Name problem, too big"; + + case AES_GCM_AUTH_E: + return "AES-GCM Authentication check fail"; + + case AES_CCM_AUTH_E: + return "AES-CCM Authentication check fail"; + + case CAVIUM_INIT_E: + return "Cavium Init type error"; + + case COMPRESS_INIT_E: + return "Compress Init error"; + + case COMPRESS_E: + return "Compress error"; + + case DECOMPRESS_INIT_E: + return "DeCompress Init error"; + + case DECOMPRESS_E: + return "DeCompress error"; + + case BAD_ALIGN_E: + return "Bad alignment error, no alloc help"; + + case ASN_NO_SIGNER_E : + return "ASN no signer error to confirm failure"; + + case ASN_CRL_CONFIRM_E : + return "ASN CRL sig error, confirm failure"; + + case ASN_CRL_NO_SIGNER_E : + return "ASN CRL no signer error to confirm failure"; + + case ASN_OCSP_CONFIRM_E : + return "ASN OCSP sig error, confirm failure"; + + case BAD_ENC_STATE_E: + return "Bad ecc encrypt state operation"; + + case BAD_PADDING_E: + return "Bad padding, message wrong length"; + + case REQ_ATTRIBUTE_E: + return "Setting cert request attributes error"; + + case PKCS7_OID_E: + return "PKCS#7 error: mismatched OID value"; + + case PKCS7_RECIP_E: + return "PKCS#7 error: no matching recipient found"; + + case FIPS_NOT_ALLOWED_E: + return "FIPS mode not allowed error"; + + case ASN_NAME_INVALID_E: + return "Name Constraint error"; + + case RNG_FAILURE_E: + return "Random Number Generator failed"; + + case HMAC_MIN_KEYLEN_E: + return "FIPS Mode HMAC Minimum Key Length error"; + + default: + return "unknown error number"; + + } + +#endif /* NO_ERROR_STRINGS */ + +} + +void CTaoCryptErrorString(int error, char* buffer) +{ + XSTRNCPY(buffer, CTaoCryptGetErrorString(error), CYASSL_MAX_ERROR_SZ); +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fips.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fips.c new file mode 100644 index 000000000..e69de29bb diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fips_test.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fips_test.c new file mode 100644 index 000000000..e69de29bb diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mont_small.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mont_small.i index 3b50d6b21..f52cc0875 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mont_small.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mont_small.i @@ -1,6 +1,6 @@ /* fp_mont_small.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_12.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_12.i index a7c5871bd..c40ee2ba1 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_12.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_12.i @@ -1,6 +1,6 @@ /* fp_mul_comba_12.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_17.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_17.i index 3ad0716a6..c92237075 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_17.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_17.i @@ -1,6 +1,6 @@ /* fp_mul_comba_17.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_20.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_20.i index b82e77921..22d342fa7 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_20.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_20.i @@ -1,6 +1,6 @@ /* fp_mul_comba_20.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef TFM_MUL20 diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_24.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_24.i index 42f44b6ec..18de6b81a 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_24.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_24.i @@ -1,6 +1,6 @@ /* fp_mul_comba_24.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_28.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_28.i index 060bb8a7e..8c8f9ae45 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_28.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_28.i @@ -1,6 +1,6 @@ /* fp_mul_comba_28.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_3.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_3.i index 03499c954..a0720f30a 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_3.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_3.i @@ -1,6 +1,6 @@ /* fp_mul_comba_3.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_32.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_32.i index 3ca1fdbb3..b1ddf1df3 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_32.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_32.i @@ -1,6 +1,6 @@ /* fp_mul_comba_32.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_4.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_4.i index d715937d0..a3bdd4294 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_4.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_4.i @@ -1,6 +1,6 @@ /* fp_mul_comba_4.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_48.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_48.i index 4c185698f..bb0685831 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_48.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_48.i @@ -1,6 +1,6 @@ /* fp_mul_comba_48.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_6.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_6.i index e691e9813..da46589ef 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_6.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_6.i @@ -1,6 +1,6 @@ /* fp_mul_comba_6.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_64.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_64.i index ba0517b13..38b40a71a 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_64.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_64.i @@ -1,6 +1,6 @@ /* fp_mul_comba_64.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_7.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_7.i index 46fb97010..22b2eec21 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_7.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_7.i @@ -1,6 +1,6 @@ /* fp_mul_comba_7.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_8.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_8.i index 987d13edf..7847d1114 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_8.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_8.i @@ -1,6 +1,6 @@ /* fp_mul_comba_8.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_9.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_9.i index 5b1b3c79b..598c281aa 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_9.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_9.i @@ -1,6 +1,6 @@ /* fp_mul_comba_9.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_small_set.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_small_set.i index db40da73b..64326c6b9 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_small_set.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_mul_comba_small_set.i @@ -1,6 +1,6 @@ /* fp_mul_comba_small_set.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_12.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_12.i index 382ebe271..f6326d7e6 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_12.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_12.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_12.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,7 +24,9 @@ void fp_sqr_comba12(fp_int *A, fp_int *B) { fp_digit *a, b[24], c0, c1, c2, sc0, sc1, sc2; - +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_17.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_17.i index 153ce878b..d94bd6382 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_17.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_17.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_17.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,6 +24,9 @@ void fp_sqr_comba17(fp_int *A, fp_int *B) { fp_digit *a, b[34], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_20.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_20.i index 34d6593c3..04b5dd406 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_20.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_20.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_20.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_24.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_24.i index 35092def4..3e23e9f55 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_24.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_24.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_24.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_28.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_28.i index 7164f3946..d6e4998fb 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_28.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_28.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_28.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_3.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_3.i index 6ff9d156b..7e308dd59 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_3.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_3.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_3.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,14 +16,17 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef TFM_SQR3 void fp_sqr_comba3(fp_int *A, fp_int *B) { - fp_digit *a, b[6], c0, c1, c2, sc0, sc1, sc2; + fp_digit *a, b[6], c0, c1, c2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_32.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_32.i index ada0007d8..598a514e2 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_32.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_32.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_32.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_4.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_4.i index cd19f761b..53c2a9057 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_4.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_4.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_4.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,14 +16,17 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef TFM_SQR4 void fp_sqr_comba4(fp_int *A, fp_int *B) { - fp_digit *a, b[8], c0, c1, c2, sc0, sc1, sc2; + fp_digit *a, b[8], c0, c1, c2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_48.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_48.i index 27dddfe50..61779c880 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_48.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_48.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_48.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_6.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_6.i index 695e6d3d0..75205e85d 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_6.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_6.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_6.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,6 +24,9 @@ void fp_sqr_comba6(fp_int *A, fp_int *B) { fp_digit *a, b[12], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_64.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_64.i index a2fedc8e4..6c8b9f131 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_64.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_64.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_64.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_7.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_7.i index 1d620fce6..12b4f19ad 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_7.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_7.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_7.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,6 +24,9 @@ void fp_sqr_comba7(fp_int *A, fp_int *B) { fp_digit *a, b[14], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_8.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_8.i index 7d7e58f3f..52a0cebdf 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_8.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_8.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_8.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,6 +24,9 @@ void fp_sqr_comba8(fp_int *A, fp_int *B) { fp_digit *a, b[16], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_9.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_9.i index f0b04b645..bbf7149e8 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_9.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_9.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_9.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,6 +24,9 @@ void fp_sqr_comba9(fp_int *A, fp_int *B) { fp_digit *a, b[18], c0, c1, c2, sc0, sc1, sc2; +#ifdef TFM_ISO + fp_word tt; +#endif a = A->dp; COMBA_START; diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_small_set.i b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_small_set.i index 140c4361f..43f15b5ec 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_small_set.i +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/fp_sqr_comba_small_set.i @@ -1,6 +1,6 @@ /* fp_sqr_comba_small_set.i * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hc128.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hc128.c index 20081fc54..4937d6eb9 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hc128.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hc128.c @@ -1,6 +1,6 @@ /* hc128.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,18 +16,23 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifdef HAVE_HC128 #include +#include +#include #ifdef NO_INLINE #include + #include #else #include #endif @@ -224,12 +229,18 @@ static void setup_update(HC128* ctx) /*each time 16 steps*/ -static void Hc128_SetIV(HC128* ctx, const byte* iv) +static void Hc128_SetIV(HC128* ctx, const byte* inIv) { word32 i; - + word32 iv[4]; + + if (inIv) + XMEMCPY(iv, inIv, sizeof(iv)); + else + XMEMSET(iv, 0, sizeof(iv)); + for (i = 0; i < (128 >> 5); i++) - ctx->iv[i] = LITTLE32(((word32*)iv)[i]); + ctx->iv[i] = LITTLE32(iv[i]); for (; i < 8; i++) ctx->iv[i] = ctx->iv[i-4]; @@ -259,7 +270,7 @@ static void Hc128_SetIV(HC128* ctx, const byte* iv) } -void Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv) +static INLINE int DoKey(HC128* ctx, const byte* key, const byte* iv) { word32 i; @@ -270,11 +281,35 @@ void Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv) for ( ; i < 8 ; i++) ctx->key[i] = ctx->key[i-4]; Hc128_SetIV(ctx, iv); + + return 0; } +/* Key setup */ +int Hc128_SetKey(HC128* ctx, const byte* key, const byte* iv) +{ +#ifdef XSTREAM_ALIGN + if ((word)key % 4) { + int alignKey[4]; + + /* iv gets aligned in SetIV */ + CYASSL_MSG("Hc128SetKey unaligned key"); + + XMEMCPY(alignKey, key, sizeof(alignKey)); + + return DoKey(ctx, (const byte*)alignKey, iv); + } +#endif /* XSTREAM_ALIGN */ + + return DoKey(ctx, key, iv); +} + + + /* The following defines the encryption of data stream */ -void Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen) +static INLINE int DoProcess(HC128* ctx, byte* output, const byte* input, + word32 msglen) { word32 i, keystream[16]; @@ -303,6 +338,7 @@ void Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen) if (msglen > 0) { + XMEMSET(keystream, 0, sizeof(keystream)); /* hush the static analysis */ generate_keystream(ctx, keystream); #ifdef BIG_ENDIAN_ORDER @@ -318,6 +354,36 @@ void Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen) output[i] = input[i] ^ ((byte*)keystream)[i]; } + return 0; +} + + +/* Encrypt/decrypt a message of any size */ +int Hc128_Process(HC128* ctx, byte* output, const byte* input, word32 msglen) +{ +#ifdef XSTREAM_ALIGN + if ((word)input % 4 || (word)output % 4) { + #ifndef NO_CYASSL_ALLOC_ALIGN + byte* tmp; + CYASSL_MSG("Hc128Process unaligned"); + + tmp = (byte*)XMALLOC(msglen, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (tmp == NULL) return MEMORY_E; + + XMEMCPY(tmp, input, msglen); + DoProcess(ctx, tmp, tmp, msglen); + XMEMCPY(output, tmp, msglen); + + XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + return 0; + #else + return BAD_ALIGN_E; + #endif + } +#endif /* XSTREAM_ALIGN */ + + return DoProcess(ctx, output, input, msglen); } diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hmac.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hmac.c index 880581e8c..c5362db55 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hmac.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/hmac.c @@ -1,6 +1,6 @@ /* hmac.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,195 +16,810 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifndef NO_HMAC +#ifdef CYASSL_PIC32MZ_HASH + +#define InitMd5 InitMd5_sw +#define Md5Update Md5Update_sw +#define Md5Final Md5Final_sw + +#define InitSha InitSha_sw +#define ShaUpdate ShaUpdate_sw +#define ShaFinal ShaFinal_sw + +#define InitSha256 InitSha256_sw +#define Sha256Update Sha256Update_sw +#define Sha256Final Sha256Final_sw + +#endif + +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif + #include -#include +#include + +#ifdef HAVE_CAVIUM + static void HmacCaviumFinal(Hmac* hmac, byte* hash); + static void HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length); + static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key, + word32 length); +#endif static int InitHmac(Hmac* hmac, int type) { + int ret = 0; + hmac->innerHashKeyed = 0; hmac->macType = (byte)type; - if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384)) + if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384 + || type == SHA512 || type == BLAKE2B_ID)) return BAD_FUNC_ARG; - if (type == MD5) - InitMd5(&hmac->hash.md5); - else if (type == SHA) - InitSha(&hmac->hash.sha); -#ifndef NO_SHA256 - else if (type == SHA256) - InitSha256(&hmac->hash.sha256); -#endif -#ifdef CYASSL_SHA384 - else if (type == SHA384) - InitSha384(&hmac->hash.sha384); -#endif + switch (type) { + #ifndef NO_MD5 + case MD5: + InitMd5(&hmac->hash.md5); + break; + #endif + + #ifndef NO_SHA + case SHA: + ret = InitSha(&hmac->hash.sha); + break; + #endif + + #ifndef NO_SHA256 + case SHA256: + ret = InitSha256(&hmac->hash.sha256); + break; + #endif + + #ifdef CYASSL_SHA384 + case SHA384: + ret = InitSha384(&hmac->hash.sha384); + break; + #endif + + #ifdef CYASSL_SHA512 + case SHA512: + ret = InitSha512(&hmac->hash.sha512); + break; + #endif + + #ifdef HAVE_BLAKE2 + case BLAKE2B_ID: + ret = InitBlake2b(&hmac->hash.blake2b, BLAKE2B_256); + break; + #endif + + default: + return BAD_FUNC_ARG; + } - return 0; + return ret; } -void HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) +int HmacSetKey(Hmac* hmac, int type, const byte* key, word32 length) { byte* ip = (byte*) hmac->ipad; byte* op = (byte*) hmac->opad; - word32 i, hmac_block_size = MD5_BLOCK_SIZE; + word32 i, hmac_block_size = 0; + int ret; + +#ifdef HAVE_CAVIUM + if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC) + return HmacCaviumSetKey(hmac, type, key, length); +#endif - InitHmac(hmac, type); + ret = InitHmac(hmac, type); + if (ret != 0) + return ret; - if (hmac->macType == MD5) { - if (length <= MD5_BLOCK_SIZE) { - XMEMCPY(ip, key, length); - } - else { - Md5Update(&hmac->hash.md5, key, length); - Md5Final(&hmac->hash.md5, ip); - length = MD5_DIGEST_SIZE; - } - } - else if (hmac->macType == SHA) { - hmac_block_size = SHA_BLOCK_SIZE; - if (length <= SHA_BLOCK_SIZE) { - XMEMCPY(ip, key, length); +#ifdef HAVE_FIPS + if (length < HMAC_FIPS_MIN_KEY) + return HMAC_MIN_KEYLEN_E; +#endif + + switch (hmac->macType) { + #ifndef NO_MD5 + case MD5: + { + hmac_block_size = MD5_BLOCK_SIZE; + if (length <= MD5_BLOCK_SIZE) { + XMEMCPY(ip, key, length); + } + else { + Md5Update(&hmac->hash.md5, key, length); + Md5Final(&hmac->hash.md5, ip); + length = MD5_DIGEST_SIZE; + } } - else { - ShaUpdate(&hmac->hash.sha, key, length); - ShaFinal(&hmac->hash.sha, ip); - length = SHA_DIGEST_SIZE; + break; + #endif + + #ifndef NO_SHA + case SHA: + { + hmac_block_size = SHA_BLOCK_SIZE; + if (length <= SHA_BLOCK_SIZE) { + XMEMCPY(ip, key, length); + } + else { + ShaUpdate(&hmac->hash.sha, key, length); + ShaFinal(&hmac->hash.sha, ip); + length = SHA_DIGEST_SIZE; + } } - } -#ifndef NO_SHA256 - else if (hmac->macType == SHA256) { - hmac_block_size = SHA256_BLOCK_SIZE; - if (length <= SHA256_BLOCK_SIZE) { - XMEMCPY(ip, key, length); + break; + #endif + + #ifndef NO_SHA256 + case SHA256: + { + hmac_block_size = SHA256_BLOCK_SIZE; + if (length <= SHA256_BLOCK_SIZE) { + XMEMCPY(ip, key, length); + } + else { + ret = Sha256Update(&hmac->hash.sha256, key, length); + if (ret != 0) + return ret; + + ret = Sha256Final(&hmac->hash.sha256, ip); + if (ret != 0) + return ret; + + length = SHA256_DIGEST_SIZE; + } } - else { - Sha256Update(&hmac->hash.sha256, key, length); - Sha256Final(&hmac->hash.sha256, ip); - length = SHA256_DIGEST_SIZE; + break; + #endif + + #ifdef CYASSL_SHA384 + case SHA384: + { + hmac_block_size = SHA384_BLOCK_SIZE; + if (length <= SHA384_BLOCK_SIZE) { + XMEMCPY(ip, key, length); + } + else { + ret = Sha384Update(&hmac->hash.sha384, key, length); + if (ret != 0) + return ret; + + ret = Sha384Final(&hmac->hash.sha384, ip); + if (ret != 0) + return ret; + + length = SHA384_DIGEST_SIZE; + } } - } -#endif -#ifdef CYASSL_SHA384 - else if (hmac->macType == SHA384) { - hmac_block_size = SHA384_BLOCK_SIZE; - if (length <= SHA384_BLOCK_SIZE) { - XMEMCPY(ip, key, length); + break; + #endif + + #ifdef CYASSL_SHA512 + case SHA512: + { + hmac_block_size = SHA512_BLOCK_SIZE; + if (length <= SHA512_BLOCK_SIZE) { + XMEMCPY(ip, key, length); + } + else { + ret = Sha512Update(&hmac->hash.sha512, key, length); + if (ret != 0) + return ret; + + ret = Sha512Final(&hmac->hash.sha512, ip); + if (ret != 0) + return ret; + + length = SHA512_DIGEST_SIZE; + } } - else { - Sha384Update(&hmac->hash.sha384, key, length); - Sha384Final(&hmac->hash.sha384, ip); - length = SHA384_DIGEST_SIZE; + break; + #endif + + #ifdef HAVE_BLAKE2 + case BLAKE2B_ID: + { + hmac_block_size = BLAKE2B_BLOCKBYTES; + if (length <= BLAKE2B_BLOCKBYTES) { + XMEMCPY(ip, key, length); + } + else { + ret = Blake2bUpdate(&hmac->hash.blake2b, key, length); + if (ret != 0) + return ret; + + ret = Blake2bFinal(&hmac->hash.blake2b, ip, BLAKE2B_256); + if (ret != 0) + return ret; + + length = BLAKE2B_256; + } } + break; + #endif + + default: + return BAD_FUNC_ARG; } -#endif - XMEMSET(ip + length, 0, hmac_block_size - length); + if (length < hmac_block_size) + XMEMSET(ip + length, 0, hmac_block_size - length); for(i = 0; i < hmac_block_size; i++) { op[i] = ip[i] ^ OPAD; ip[i] ^= IPAD; } + return 0; } -static void HmacKeyInnerHash(Hmac* hmac) +static int HmacKeyInnerHash(Hmac* hmac) { - if (hmac->macType == MD5) - Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE); - else if (hmac->macType == SHA) - ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE); -#ifndef NO_SHA256 - else if (hmac->macType == SHA256) - Sha256Update(&hmac->hash.sha256, (byte*) hmac->ipad, SHA256_BLOCK_SIZE); -#endif -#ifdef CYASSL_SHA384 - else if (hmac->macType == SHA384) - Sha384Update(&hmac->hash.sha384, (byte*) hmac->ipad, SHA384_BLOCK_SIZE); -#endif + int ret = 0; + + switch (hmac->macType) { + #ifndef NO_MD5 + case MD5: + Md5Update(&hmac->hash.md5, (byte*) hmac->ipad, MD5_BLOCK_SIZE); + break; + #endif + + #ifndef NO_SHA + case SHA: + ShaUpdate(&hmac->hash.sha, (byte*) hmac->ipad, SHA_BLOCK_SIZE); + break; + #endif + + #ifndef NO_SHA256 + case SHA256: + ret = Sha256Update(&hmac->hash.sha256, + (byte*) hmac->ipad, SHA256_BLOCK_SIZE); + if (ret != 0) + return ret; + break; + #endif + + #ifdef CYASSL_SHA384 + case SHA384: + ret = Sha384Update(&hmac->hash.sha384, + (byte*) hmac->ipad, SHA384_BLOCK_SIZE); + if (ret != 0) + return ret; + break; + #endif + + #ifdef CYASSL_SHA512 + case SHA512: + ret = Sha512Update(&hmac->hash.sha512, + (byte*) hmac->ipad, SHA512_BLOCK_SIZE); + if (ret != 0) + return ret; + break; + #endif + + #ifdef HAVE_BLAKE2 + case BLAKE2B_ID: + ret = Blake2bUpdate(&hmac->hash.blake2b, + (byte*) hmac->ipad,BLAKE2B_BLOCKBYTES); + if (ret != 0) + return ret; + break; + #endif + + default: + break; + } hmac->innerHashKeyed = 1; + + return ret; } -void HmacUpdate(Hmac* hmac, const byte* msg, word32 length) +int HmacUpdate(Hmac* hmac, const byte* msg, word32 length) { - if (!hmac->innerHashKeyed) - HmacKeyInnerHash(hmac); - - if (hmac->macType == MD5) - Md5Update(&hmac->hash.md5, msg, length); - else if (hmac->macType == SHA) - ShaUpdate(&hmac->hash.sha, msg, length); -#ifndef NO_SHA256 - else if (hmac->macType == SHA256) - Sha256Update(&hmac->hash.sha256, msg, length); + int ret; + +#ifdef HAVE_CAVIUM + if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC) + return HmacCaviumUpdate(hmac, msg, length); #endif -#ifdef CYASSL_SHA384 - else if (hmac->macType == SHA384) - Sha384Update(&hmac->hash.sha384, msg, length); + + if (!hmac->innerHashKeyed) { + ret = HmacKeyInnerHash(hmac); + if (ret != 0) + return ret; + } + + switch (hmac->macType) { + #ifndef NO_MD5 + case MD5: + Md5Update(&hmac->hash.md5, msg, length); + break; + #endif + + #ifndef NO_SHA + case SHA: + ShaUpdate(&hmac->hash.sha, msg, length); + break; + #endif + + #ifndef NO_SHA256 + case SHA256: + ret = Sha256Update(&hmac->hash.sha256, msg, length); + if (ret != 0) + return ret; + break; + #endif + + #ifdef CYASSL_SHA384 + case SHA384: + ret = Sha384Update(&hmac->hash.sha384, msg, length); + if (ret != 0) + return ret; + break; + #endif + + #ifdef CYASSL_SHA512 + case SHA512: + ret = Sha512Update(&hmac->hash.sha512, msg, length); + if (ret != 0) + return ret; + break; + #endif + + #ifdef HAVE_BLAKE2 + case BLAKE2B_ID: + ret = Blake2bUpdate(&hmac->hash.blake2b, msg, length); + if (ret != 0) + return ret; + break; + #endif + + default: + break; + } + + return 0; +} + + +int HmacFinal(Hmac* hmac, byte* hash) +{ + int ret; + +#ifdef HAVE_CAVIUM + if (hmac->magic == CYASSL_HMAC_CAVIUM_MAGIC) + return HmacCaviumFinal(hmac, hash); #endif + if (!hmac->innerHashKeyed) { + ret = HmacKeyInnerHash(hmac); + if (ret != 0) + return ret; + } + + switch (hmac->macType) { + #ifndef NO_MD5 + case MD5: + { + Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash); + + Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE); + Md5Update(&hmac->hash.md5, + (byte*) hmac->innerHash, MD5_DIGEST_SIZE); + + Md5Final(&hmac->hash.md5, hash); + } + break; + #endif + + #ifndef NO_SHA + case SHA: + { + ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash); + + ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE); + ShaUpdate(&hmac->hash.sha, + (byte*) hmac->innerHash, SHA_DIGEST_SIZE); + + ShaFinal(&hmac->hash.sha, hash); + } + break; + #endif + + #ifndef NO_SHA256 + case SHA256: + { + ret = Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash); + if (ret != 0) + return ret; + + ret = Sha256Update(&hmac->hash.sha256, + (byte*) hmac->opad, SHA256_BLOCK_SIZE); + if (ret != 0) + return ret; + + ret = Sha256Update(&hmac->hash.sha256, + (byte*) hmac->innerHash, SHA256_DIGEST_SIZE); + if (ret != 0) + return ret; + + ret = Sha256Final(&hmac->hash.sha256, hash); + if (ret != 0) + return ret; + } + break; + #endif + + #ifdef CYASSL_SHA384 + case SHA384: + { + ret = Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash); + if (ret != 0) + return ret; + + ret = Sha384Update(&hmac->hash.sha384, + (byte*) hmac->opad, SHA384_BLOCK_SIZE); + if (ret != 0) + return ret; + + ret = Sha384Update(&hmac->hash.sha384, + (byte*) hmac->innerHash, SHA384_DIGEST_SIZE); + if (ret != 0) + return ret; + + ret = Sha384Final(&hmac->hash.sha384, hash); + if (ret != 0) + return ret; + } + break; + #endif + + #ifdef CYASSL_SHA512 + case SHA512: + { + ret = Sha512Final(&hmac->hash.sha512, (byte*) hmac->innerHash); + if (ret != 0) + return ret; + + ret = Sha512Update(&hmac->hash.sha512, + (byte*) hmac->opad, SHA512_BLOCK_SIZE); + if (ret != 0) + return ret; + + ret = Sha512Update(&hmac->hash.sha512, + (byte*) hmac->innerHash, SHA512_DIGEST_SIZE); + if (ret != 0) + return ret; + + ret = Sha512Final(&hmac->hash.sha512, hash); + if (ret != 0) + return ret; + } + break; + #endif + + #ifdef HAVE_BLAKE2 + case BLAKE2B_ID: + { + ret = Blake2bFinal(&hmac->hash.blake2b, (byte*) hmac->innerHash, + BLAKE2B_256); + if (ret != 0) + return ret; + + ret = Blake2bUpdate(&hmac->hash.blake2b, + (byte*) hmac->opad, BLAKE2B_BLOCKBYTES); + if (ret != 0) + return ret; + + ret = Blake2bUpdate(&hmac->hash.blake2b, + (byte*) hmac->innerHash, BLAKE2B_256); + if (ret != 0) + return ret; + + ret = Blake2bFinal(&hmac->hash.blake2b, hash, BLAKE2B_256); + if (ret != 0) + return ret; + } + break; + #endif + + default: + break; + } + + hmac->innerHashKeyed = 0; + + return 0; +} + + +#ifdef HAVE_CAVIUM + +/* Initiliaze Hmac for use with Nitrox device */ +int HmacInitCavium(Hmac* hmac, int devId) +{ + if (hmac == NULL) + return -1; + + if (CspAllocContext(CONTEXT_SSL, &hmac->contextHandle, devId) != 0) + return -1; + + hmac->keyLen = 0; + hmac->dataLen = 0; + hmac->type = 0; + hmac->devId = devId; + hmac->magic = CYASSL_HMAC_CAVIUM_MAGIC; + hmac->data = NULL; /* buffered input data */ + + hmac->innerHashKeyed = 0; + + return 0; } -void HmacFinal(Hmac* hmac, byte* hash) +/* Free Hmac from use with Nitrox device */ +void HmacFreeCavium(Hmac* hmac) { - if (!hmac->innerHashKeyed) - HmacKeyInnerHash(hmac); + if (hmac == NULL) + return; - if (hmac->macType == MD5) { - Md5Final(&hmac->hash.md5, (byte*) hmac->innerHash); + CspFreeContext(CONTEXT_SSL, hmac->contextHandle, hmac->devId); + hmac->magic = 0; + XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP); + hmac->data = NULL; +} - Md5Update(&hmac->hash.md5, (byte*) hmac->opad, MD5_BLOCK_SIZE); - Md5Update(&hmac->hash.md5, (byte*) hmac->innerHash, MD5_DIGEST_SIZE); - Md5Final(&hmac->hash.md5, hash); +static void HmacCaviumFinal(Hmac* hmac, byte* hash) +{ + word32 requestId; + + if (CspHmac(CAVIUM_BLOCKING, hmac->type, NULL, hmac->keyLen, + (byte*)hmac->ipad, hmac->dataLen, hmac->data, hash, &requestId, + hmac->devId) != 0) { + CYASSL_MSG("Cavium Hmac failed"); + } + hmac->innerHashKeyed = 0; /* tell update to start over if used again */ +} + + +static void HmacCaviumUpdate(Hmac* hmac, const byte* msg, word32 length) +{ + word16 add = (word16)length; + word32 total; + byte* tmp; + + if (length > CYASSL_MAX_16BIT) { + CYASSL_MSG("Too big msg for cavium hmac"); + return; } - else if (hmac->macType == SHA) { - ShaFinal(&hmac->hash.sha, (byte*) hmac->innerHash); - ShaUpdate(&hmac->hash.sha, (byte*) hmac->opad, SHA_BLOCK_SIZE); - ShaUpdate(&hmac->hash.sha, (byte*) hmac->innerHash, SHA_DIGEST_SIZE); + if (hmac->innerHashKeyed == 0) { /* starting new */ + hmac->dataLen = 0; + hmac->innerHashKeyed = 1; + } - ShaFinal(&hmac->hash.sha, hash); + total = add + hmac->dataLen; + if (total > CYASSL_MAX_16BIT) { + CYASSL_MSG("Too big msg for cavium hmac"); + return; } -#ifndef NO_SHA256 - else if (hmac->macType == SHA256) { - Sha256Final(&hmac->hash.sha256, (byte*) hmac->innerHash); - Sha256Update(&hmac->hash.sha256, (byte*) hmac->opad, SHA256_BLOCK_SIZE); - Sha256Update(&hmac->hash.sha256, (byte*) hmac->innerHash, - SHA256_DIGEST_SIZE); + tmp = XMALLOC(hmac->dataLen + add, NULL,DYNAMIC_TYPE_CAVIUM_TMP); + if (tmp == NULL) { + CYASSL_MSG("Out of memory for cavium update"); + return; + } + if (hmac->dataLen) + XMEMCPY(tmp, hmac->data, hmac->dataLen); + XMEMCPY(tmp + hmac->dataLen, msg, add); + + hmac->dataLen += add; + XFREE(hmac->data, NULL, DYNAMIC_TYPE_CAVIUM_TMP); + hmac->data = tmp; +} - Sha256Final(&hmac->hash.sha256, hash); + +static void HmacCaviumSetKey(Hmac* hmac, int type, const byte* key, + word32 length) +{ + hmac->macType = (byte)type; + if (type == MD5) + hmac->type = MD5_TYPE; + else if (type == SHA) + hmac->type = SHA1_TYPE; + else if (type == SHA256) + hmac->type = SHA256_TYPE; + else { + CYASSL_MSG("unsupported cavium hmac type"); } + + hmac->innerHashKeyed = 0; /* should we key Startup flag */ + + hmac->keyLen = (word16)length; + /* store key in ipad */ + XMEMCPY(hmac->ipad, key, length); +} + +#endif /* HAVE_CAVIUM */ + +int CyaSSL_GetHmacMaxSize(void) +{ + return MAX_DIGEST_SIZE; +} + +#ifdef HAVE_HKDF + +#ifndef min + + static INLINE word32 min(word32 a, word32 b) + { + return a > b ? b : a; + } + +#endif /* min */ + + +static INLINE int GetHashSizeByType(int type) +{ + if (!(type == MD5 || type == SHA || type == SHA256 || type == SHA384 + || type == SHA512 || type == BLAKE2B_ID)) + return BAD_FUNC_ARG; + + switch (type) { + #ifndef NO_MD5 + case MD5: + return MD5_DIGEST_SIZE; + break; + #endif + + #ifndef NO_SHA + case SHA: + return SHA_DIGEST_SIZE; + break; + #endif + + #ifndef NO_SHA256 + case SHA256: + return SHA256_DIGEST_SIZE; + break; + #endif + + #ifdef CYASSL_SHA384 + case SHA384: + return SHA384_DIGEST_SIZE; + break; + #endif + + #ifdef CYASSL_SHA512 + case SHA512: + return SHA512_DIGEST_SIZE; + break; + #endif + + #ifdef HAVE_BLAKE2 + case BLAKE2B_ID: + return BLAKE2B_OUTBYTES; + break; + #endif + + default: + return BAD_FUNC_ARG; + break; + } +} + + +/* HMAC-KDF with hash type, optional salt and info, return 0 on success */ +int HKDF(int type, const byte* inKey, word32 inKeySz, + const byte* salt, word32 saltSz, + const byte* info, word32 infoSz, + byte* out, word32 outSz) +{ + Hmac myHmac; +#ifdef CYASSL_SMALL_STACK + byte* tmp; + byte* prk; +#else + byte tmp[MAX_DIGEST_SIZE]; /* localSalt helper and T */ + byte prk[MAX_DIGEST_SIZE]; #endif -#ifdef CYASSL_SHA384 - else if (hmac->macType == SHA384) { - Sha384Final(&hmac->hash.sha384, (byte*) hmac->innerHash); + const byte* localSalt; /* either points to user input or tmp */ + int hashSz = GetHashSizeByType(type); + word32 outIdx = 0; + byte n = 0x1; + int ret; + + if (hashSz < 0) + return BAD_FUNC_ARG; - Sha384Update(&hmac->hash.sha384, (byte*) hmac->opad, SHA384_BLOCK_SIZE); - Sha384Update(&hmac->hash.sha384, (byte*) hmac->innerHash, - SHA384_DIGEST_SIZE); +#ifdef CYASSL_SMALL_STACK + tmp = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (tmp == NULL) + return MEMORY_E; - Sha384Final(&hmac->hash.sha384, hash); + prk = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (prk == NULL) { + XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; } #endif - hmac->innerHashKeyed = 0; + localSalt = salt; + if (localSalt == NULL) { + XMEMSET(tmp, 0, hashSz); + localSalt = tmp; + saltSz = hashSz; + } + + do { + ret = HmacSetKey(&myHmac, type, localSalt, saltSz); + if (ret != 0) + break; + ret = HmacUpdate(&myHmac, inKey, inKeySz); + if (ret != 0) + break; + ret = HmacFinal(&myHmac, prk); + } while (0); + + if (ret == 0) { + while (outIdx < outSz) { + int tmpSz = (n == 1) ? 0 : hashSz; + word32 left = outSz - outIdx; + + ret = HmacSetKey(&myHmac, type, prk, hashSz); + if (ret != 0) + break; + ret = HmacUpdate(&myHmac, tmp, tmpSz); + if (ret != 0) + break; + ret = HmacUpdate(&myHmac, info, infoSz); + if (ret != 0) + break; + ret = HmacUpdate(&myHmac, &n, 1); + if (ret != 0) + break; + ret = HmacFinal(&myHmac, tmp); + if (ret != 0) + break; + + left = min(left, (word32)hashSz); + XMEMCPY(out+outIdx, tmp, left); + + outIdx += hashSz; + n++; + } + } + +#ifdef CYASSL_SMALL_STACK + XFREE(tmp, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(prk, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; } +#endif /* HAVE_HKDF */ #endif /* NO_HMAC */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/include.am b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/include.am index 580d3f553..6664dab22 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/include.am @@ -2,7 +2,8 @@ # All paths should be given relative to the root EXTRA_DIST += ctaocrypt/src/misc.c -EXTRA_DIST += ctaocrypt/src/asm.c +EXTRA_DIST += ctaocrypt/src/asm.c +EXTRA_DIST += ctaocrypt/src/aes_asm.asm EXTRA_DIST += \ ctaocrypt/src/ecc_fp.c \ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/integer.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/integer.c index 72f443ffc..b39a36f9f 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/integer.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/integer.c @@ -1,6 +1,6 @@ /* integer.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -33,10 +33,19 @@ /* in case user set USE_FAST_MATH there */ #include +#ifndef NO_BIG_INT + #ifndef USE_FAST_MATH #include +#ifndef NO_CYASSL_SMALL_STACK + #ifndef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #endif +#endif + +static void bn_reverse (unsigned char *s, int len); /* math settings check */ word32 CheckRunTimeSettings(void) @@ -116,6 +125,9 @@ mp_clear (mp_int * a) { int i; + if (a == NULL) + return; + /* only do anything if a hasn't been freed previously */ if (a->dp != NULL) { /* first zero the digits */ @@ -167,6 +179,28 @@ mp_count_bits (mp_int * a) } +int mp_leading_bit (mp_int * a) +{ + int bit = 0; + mp_int t; + + if (mp_init_copy(&t, a) != MP_OKAY) + return 0; + + while (mp_iszero(&t) == 0) { +#ifndef MP_8BIT + bit = (t.dp[0] & 0x80) != 0; +#else + bit = (t.dp[0] | ((t.dp[1] & 0x01) << 7)) & 0x80 != 0; +#endif + if (mp_div_2d (&t, 8, &t, NULL) != MP_OKAY) + break; + } + mp_clear(&t); + return bit; +} + + /* store in unsigned [big endian] format */ int mp_to_unsigned_bin (mp_int * a, unsigned char *b) { @@ -316,8 +350,7 @@ bn_reverse (unsigned char *s, int len) remainder in d) */ int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d) { - mp_digit D, r, rr; - int x, res; + int D, res; mp_int t; @@ -354,33 +387,9 @@ int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d) } /* shift any bit count < DIGIT_BIT */ - D = (mp_digit) (b % DIGIT_BIT); + D = (b % DIGIT_BIT); if (D != 0) { - register mp_digit *tmpc, mask, shift; - - /* mask */ - mask = (((mp_digit)1) << D) - 1; - - /* shift for lsb */ - shift = DIGIT_BIT - D; - - /* alias */ - tmpc = c->dp + (c->used - 1); - - /* carry */ - r = 0; - for (x = c->used - 1; x >= 0; x--) { - /* get the lower bits of this word in a temp */ - rr = *tmpc & mask; - - /* shift the current word and mix in the carry bits from the previous - word */ - *tmpc = (*tmpc >> D) | (r << shift); - --tmpc; - - /* set the carry to the carry bits of the current word found above */ - r = rr; - } + mp_rshb(c, D); } mp_clamp (c); if (d != NULL) { @@ -445,6 +454,38 @@ mp_exch (mp_int * a, mp_int * b) } +/* shift right a certain number of bits */ +void mp_rshb (mp_int *c, int x) +{ + register mp_digit *tmpc, mask, shift; + mp_digit r, rr; + mp_digit D = x; + + /* mask */ + mask = (((mp_digit)1) << D) - 1; + + /* shift for lsb */ + shift = DIGIT_BIT - D; + + /* alias */ + tmpc = c->dp + (c->used - 1); + + /* carry */ + r = 0; + for (x = c->used - 1; x >= 0; x--) { + /* get the lower bits of this word in a temp */ + rr = *tmpc & mask; + + /* shift the current word and mix in the carry bits from previous word */ + *tmpc = (*tmpc >> D) | (r << shift); + --tmpc; + + /* set the carry to the carry bits of the current word found above */ + r = rr; + } +} + + /* shift right a certain amount of digits */ void mp_rshd (mp_int * a, int b) { @@ -1813,15 +1854,15 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, } /* compute the value at M[1<<(winsize-1)] by squaring M[1] (winsize-1) times*/ - if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { + if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) { goto LBL_RES; } for (x = 0; x < (winsize - 1); x++) { - if ((err = mp_sqr (&M[1 << (winsize - 1)], &M[1 << (winsize - 1)])) != MP_OKAY) { + if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) { goto LBL_RES; } - if ((err = redux (&M[1 << (winsize - 1)], P, mp)) != MP_OKAY) { + if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, mp)) != MP_OKAY) { goto LBL_RES; } } @@ -1857,7 +1898,7 @@ int mp_exptmod_fast (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, } /* grab the next msb from the exponent */ - y = (mp_digit)(buf >> (DIGIT_BIT - 1)) & 1; + y = (int)(buf >> (DIGIT_BIT - 1)) & 1; buf <<= (mp_digit)1; /* if the bit is zero and mode == 0 then we ignore it @@ -3209,19 +3250,19 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode) /* compute the value at M[1<<(winsize-1)] by squaring * M[1] (winsize-1) times */ - if ((err = mp_copy (&M[1], &M[1 << (winsize - 1)])) != MP_OKAY) { + if ((err = mp_copy (&M[1], &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) { goto LBL_MU; } for (x = 0; x < (winsize - 1); x++) { /* square it */ - if ((err = mp_sqr (&M[1 << (winsize - 1)], - &M[1 << (winsize - 1)])) != MP_OKAY) { + if ((err = mp_sqr (&M[(mp_digit)(1 << (winsize - 1))], + &M[(mp_digit)(1 << (winsize - 1))])) != MP_OKAY) { goto LBL_MU; } /* reduce modulo P */ - if ((err = redux (&M[1 << (winsize - 1)], P, &mu)) != MP_OKAY) { + if ((err = redux (&M[(mp_digit)(1 << (winsize - 1))], P, &mu)) != MP_OKAY) { goto LBL_MU; } } @@ -3265,7 +3306,7 @@ int s_mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y, int redmode) } /* grab the next msb from the exponent */ - y = (buf >> (mp_digit)(DIGIT_BIT - 1)) & 1; + y = (int)(buf >> (mp_digit)(DIGIT_BIT - 1)) & 1; buf <<= (mp_digit)1; /* if the bit is zero and mode == 0 then we ignore it @@ -3388,7 +3429,7 @@ int mp_reduce (mp_int * x, mp_int * m, mp_int * mu) mp_rshd (&q, um - 1); /* according to HAC this optimization is ok */ - if (((unsigned long) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) { + if (((mp_word) um) > (((mp_digit)1) << (DIGIT_BIT - 1))) { if ((res = mp_mul (&q, mu, &q)) != MP_OKAY) { goto CLEANUP; } @@ -3724,7 +3765,7 @@ int mp_sqrmod (mp_int * a, mp_int * b, mp_int * c) #endif -#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED) +#if defined(HAVE_ECC) || !defined(NO_PWDBASED) || defined(CYASSL_SNIFFER) || defined(CYASSL_HAVE_WOLFSCEP) || defined(CYASSL_KEY_GEN) /* single digit addition */ int mp_add_d (mp_int* a, mp_digit b, mp_int* c) @@ -3784,8 +3825,10 @@ int mp_add_d (mp_int* a, mp_digit b, mp_int* c) *tmpc++ &= MP_MASK; } /* set final carry */ - ix++; - *tmpc++ = mu; + if (mu != 0 && ix < c->alloc) { + ix++; + *tmpc++ = mu; + } /* setup size */ c->used = a->used + 1; @@ -3886,7 +3929,7 @@ int mp_sub_d (mp_int * a, mp_digit b, mp_int * c) return MP_OKAY; } -#endif /* CYASSL_KEY_GEN || HAVE_ECC */ +#endif /* defined(HAVE_ECC) || !defined(NO_PWDBASED) */ #ifdef CYASSL_KEY_GEN @@ -4442,3 +4485,4 @@ int mp_read_radix (mp_int * a, const char *str, int radix) #endif /* USE_FAST_MATH */ +#endif /* NO_BIG_INT */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/logging.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/logging.c index 584d1dda9..5c17f591d 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/logging.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/logging.c @@ -1,6 +1,6 @@ /* logging.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,18 +16,19 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + /* submitted by eof */ -#include #include -#include +#include #ifdef __cplusplus @@ -88,7 +89,11 @@ void CyaSSL_Debugging_OFF(void) #ifdef DEBUG_CYASSL -#include /* for default printf stuff */ +#ifdef FREESCALE_MQX + #include +#else + #include /* for default printf stuff */ +#endif #ifdef THREADX int dc_log_printf(char*, ...); @@ -106,6 +111,10 @@ static void cyassl_log(const int logLevel, const char *const logMessage) #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) NetSecure_TraceOut((CPU_CHAR *)logMessage); #endif +#elif defined(CYASSL_MDK_ARM) + fflush(stdout) ; + printf("%s\n", logMessage); + fflush(stdout) ; #else fprintf(stderr, "%s\n", logMessage); #endif diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md2.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md2.c index 0c1bb9c38..e129cf73c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md2.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md2.c @@ -1,6 +1,6 @@ /* md2.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,9 +24,13 @@ #include #endif +#include + #ifdef CYASSL_MD2 #include +#include + #ifdef NO_INLINE #include #else @@ -126,4 +130,30 @@ void Md2Final(Md2* md2, byte* hash) } +int Md2Hash(const byte* data, word32 len, byte* hash) +{ +#ifdef CYASSL_SMALL_STACK + Md2* md2; +#else + Md2 md2[1]; +#endif + +#ifdef CYASSL_SMALL_STACK + md2 = (Md2*)XMALLOC(sizeof(Md2), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (md2 == NULL) + return MEMORY_E; +#endif + + InitMd2(md2); + Md2Update(md2, data, len); + Md2Final(md2, hash); + +#ifdef CYASSL_SMALL_STACK + XFREE(md2, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return 0; +} + + #endif /* CYASSL_MD2 */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md4.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md4.c index e47c43277..d696d6380 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md4.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md4.c @@ -1,6 +1,6 @@ /* md4.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,13 +16,14 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include #ifndef NO_MD4 @@ -160,7 +161,7 @@ void Md4Update(Md4* md4, const byte* data, word32 len) if (md4->buffLen == MD4_BLOCK_SIZE) { #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, MD4_BLOCK_SIZE); + ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE); #endif Transform(md4); AddLength(md4, MD4_BLOCK_SIZE); @@ -184,7 +185,7 @@ void Md4Final(Md4* md4, byte* hash) md4->buffLen += MD4_BLOCK_SIZE - md4->buffLen; #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, MD4_BLOCK_SIZE); + ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE); #endif Transform(md4); md4->buffLen = 0; @@ -198,7 +199,7 @@ void Md4Final(Md4* md4, byte* hash) /* store lengths */ #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, MD4_BLOCK_SIZE); + ByteReverseWords(md4->buffer, md4->buffer, MD4_BLOCK_SIZE); #endif /* ! length ordering dependent on digest endian type ! */ XMEMCPY(&local[MD4_PAD_SIZE], &md4->loLen, sizeof(word32)); diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md5.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md5.c index f735c74d2..4a375391d 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md5.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/md5.c @@ -1,6 +1,6 @@ /* md5.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,7 +24,18 @@ #include #endif +#include + +#if !defined(NO_MD5) + +#ifdef CYASSL_PIC32MZ_HASH +#define InitMd5 InitMd5_sw +#define Md5Update Md5Update_sw +#define Md5Final Md5Final_sw +#endif + #include +#include #ifdef NO_INLINE #include @@ -32,6 +43,128 @@ #include #endif +#ifdef FREESCALE_MMCAU + #include "cau_api.h" + #define XTRANSFORM(S,B) cau_md5_hash_n((B), 1, (unsigned char*)(S)->digest) +#else + #define XTRANSFORM(S,B) Transform((S)) +#endif + + +#ifdef STM32F2_HASH + /* + * STM32F2 hardware MD5 support through the STM32F2 standard peripheral + * library. Documentation located in STM32F2xx Standard Peripheral Library + * document (See note in README). + */ + #include "stm32f2xx.h" + + void InitMd5(Md5* md5) + { + /* STM32F2 struct notes: + * md5->buffer = first 4 bytes used to hold partial block if needed + * md5->buffLen = num bytes currently stored in md5->buffer + * md5->loLen = num bytes that have been written to STM32 FIFO + */ + XMEMSET(md5->buffer, 0, MD5_REG_SIZE); + + md5->buffLen = 0; + md5->loLen = 0; + + /* initialize HASH peripheral */ + HASH_DeInit(); + + /* configure algo used, algo mode, datatype */ + HASH->CR &= ~ (HASH_CR_ALGO | HASH_CR_DATATYPE | HASH_CR_MODE); + HASH->CR |= (HASH_AlgoSelection_MD5 | HASH_AlgoMode_HASH + | HASH_DataType_8b); + + /* reset HASH processor */ + HASH->CR |= HASH_CR_INIT; + } + + void Md5Update(Md5* md5, const byte* data, word32 len) + { + word32 i = 0; + word32 fill = 0; + word32 diff = 0; + + /* if saved partial block is available */ + if (md5->buffLen > 0) { + fill = 4 - md5->buffLen; + + /* if enough data to fill, fill and push to FIFO */ + if (fill <= len) { + XMEMCPY((byte*)md5->buffer + md5->buffLen, data, fill); + HASH_DataIn(*(uint32_t*)md5->buffer); + + data += fill; + len -= fill; + md5->loLen += 4; + md5->buffLen = 0; + } else { + /* append partial to existing stored block */ + XMEMCPY((byte*)md5->buffer + md5->buffLen, data, len); + md5->buffLen += len; + return; + } + } + + /* write input block in the IN FIFO */ + for (i = 0; i < len; i += 4) + { + diff = len - i; + if (diff < 4) { + /* store incomplete last block, not yet in FIFO */ + XMEMSET(md5->buffer, 0, MD5_REG_SIZE); + XMEMCPY((byte*)md5->buffer, data, diff); + md5->buffLen = diff; + } else { + HASH_DataIn(*(uint32_t*)data); + data+=4; + } + } + + /* keep track of total data length thus far */ + md5->loLen += (len - md5->buffLen); + } + + void Md5Final(Md5* md5, byte* hash) + { + __IO uint16_t nbvalidbitsdata = 0; + + /* finish reading any trailing bytes into FIFO */ + if (md5->buffLen > 0) { + HASH_DataIn(*(uint32_t*)md5->buffer); + md5->loLen += md5->buffLen; + } + + /* calculate number of valid bits in last word of input data */ + nbvalidbitsdata = 8 * (md5->loLen % MD5_REG_SIZE); + + /* configure number of valid bits in last word of the data */ + HASH_SetLastWordValidBitsNbr(nbvalidbitsdata); + + /* start HASH processor */ + HASH_StartDigest(); + + /* wait until Busy flag == RESET */ + while (HASH_GetFlagStatus(HASH_FLAG_BUSY) != RESET) {} + + /* read message digest */ + md5->digest[0] = HASH->HR[0]; + md5->digest[1] = HASH->HR[1]; + md5->digest[2] = HASH->HR[2]; + md5->digest[3] = HASH->HR[3]; + + ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE); + + XMEMCPY(hash, md5->digest, MD5_DIGEST_SIZE); + + InitMd5(md5); /* reset state */ + } + +#else /* CTaoCrypt software implementation */ #ifndef min @@ -55,6 +188,7 @@ void InitMd5(Md5* md5) md5->hiLen = 0; } +#ifndef FREESCALE_MMCAU static void Transform(Md5* md5) { @@ -147,6 +281,8 @@ static void Transform(Md5* md5) md5->digest[3] += d; } +#endif /* FREESCALE_MMCAU */ + static INLINE void AddLength(Md5* md5, word32 len) { @@ -170,10 +306,10 @@ void Md5Update(Md5* md5, const byte* data, word32 len) len -= add; if (md5->buffLen == MD5_BLOCK_SIZE) { - #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, MD5_BLOCK_SIZE); + #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE); #endif - Transform(md5); + XTRANSFORM(md5, local); AddLength(md5, MD5_BLOCK_SIZE); md5->buffLen = 0; } @@ -185,7 +321,7 @@ void Md5Final(Md5* md5, byte* hash) { byte* local = (byte*)md5->buffer; - AddLength(md5, md5->buffLen); /* before adding pads */ + AddLength(md5, md5->buffLen); /* before adding pads */ local[md5->buffLen++] = 0x80; /* add 1 */ @@ -194,10 +330,10 @@ void Md5Final(Md5* md5, byte* hash) XMEMSET(&local[md5->buffLen], 0, MD5_BLOCK_SIZE - md5->buffLen); md5->buffLen += MD5_BLOCK_SIZE - md5->buffLen; - #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, MD5_BLOCK_SIZE); + #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE); #endif - Transform(md5); + XTRANSFORM(md5, local); md5->buffLen = 0; } XMEMSET(&local[md5->buffLen], 0, MD5_PAD_SIZE - md5->buffLen); @@ -208,14 +344,14 @@ void Md5Final(Md5* md5, byte* hash) md5->loLen = md5->loLen << 3; /* store lengths */ - #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, MD5_BLOCK_SIZE); + #if defined(BIG_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(md5->buffer, md5->buffer, MD5_BLOCK_SIZE); #endif /* ! length ordering dependent on digest endian type ! */ XMEMCPY(&local[MD5_PAD_SIZE], &md5->loLen, sizeof(word32)); XMEMCPY(&local[MD5_PAD_SIZE + sizeof(word32)], &md5->hiLen, sizeof(word32)); - Transform(md5); + XTRANSFORM(md5, local); #ifdef BIG_ENDIAN_ORDER ByteReverseWords(md5->digest, md5->digest, MD5_DIGEST_SIZE); #endif @@ -224,3 +360,32 @@ void Md5Final(Md5* md5, byte* hash) InitMd5(md5); /* reset state */ } +#endif /* STM32F2_HASH */ + + +int Md5Hash(const byte* data, word32 len, byte* hash) +{ +#ifdef CYASSL_SMALL_STACK + Md5* md5; +#else + Md5 md5[1]; +#endif + +#ifdef CYASSL_SMALL_STACK + md5 = (Md5*)XMALLOC(sizeof(Md5), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (md5 == NULL) + return MEMORY_E; +#endif + + InitMd5(md5); + Md5Update(md5, data, len); + Md5Final(md5, hash); + +#ifdef CYASSL_SMALL_STACK + XFREE(md5, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return 0; +} + +#endif /* NO_MD5 */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/memory.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/memory.c index b98e548ad..71bbbc461 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/memory.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/memory.c @@ -1,6 +1,6 @@ /* memory.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,23 +16,23 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif -/* submitted by eof */ - - #include #ifdef USE_CYASSL_MEMORY #include -#include +#include +#ifdef CYASSL_MALLOC_CHECK + #include +#endif /* Set these to default values initially. */ static CyaSSL_Malloc_cb malloc_function = 0; @@ -73,6 +73,11 @@ void* CyaSSL_Malloc(size_t size) else res = malloc(size); + #ifdef CYASSL_MALLOC_CHECK + if (res == NULL) + puts("CyaSSL_malloc failed"); + #endif + return res; } @@ -97,3 +102,82 @@ void* CyaSSL_Realloc(void *ptr, size_t size) } #endif /* USE_CYASSL_MEMORY */ + + +#ifdef HAVE_IO_POOL + +/* Example for user io pool, shared build may need definitions in lib proper */ + +#include +#include + +#ifndef HAVE_THREAD_LS + #error "Oops, simple I/O pool example needs thread local storage" +#endif + + +/* allow simple per thread in and out pools */ +/* use 17k size sense max record size is 16k plus overhead */ +static THREAD_LS_T byte pool_in[17*1024]; +static THREAD_LS_T byte pool_out[17*1024]; + + +void* XMALLOC(size_t n, void* heap, int type) +{ + (void)heap; + + if (type == DYNAMIC_TYPE_IN_BUFFER) { + if (n < sizeof(pool_in)) + return pool_in; + else + return NULL; + } + + if (type == DYNAMIC_TYPE_OUT_BUFFER) { + if (n < sizeof(pool_out)) + return pool_out; + else + return NULL; + } + + return malloc(n); +} + +void* XREALLOC(void *p, size_t n, void* heap, int type) +{ + (void)heap; + + if (type == DYNAMIC_TYPE_IN_BUFFER) { + if (n < sizeof(pool_in)) + return pool_in; + else + return NULL; + } + + if (type == DYNAMIC_TYPE_OUT_BUFFER) { + if (n < sizeof(pool_out)) + return pool_out; + else + return NULL; + } + + return realloc(p, n); +} + + +/* unit api calls, let's make sure visisble with CYASSL_API */ +CYASSL_API void XFREE(void *p, void* heap, int type) +{ + (void)heap; + + if (type == DYNAMIC_TYPE_IN_BUFFER) + return; /* do nothing, static pool */ + + if (type == DYNAMIC_TYPE_OUT_BUFFER) + return; /* do nothing, static pool */ + + free(p); +} + +#endif /* HAVE_IO_POOL */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/misc.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/misc.c index b9d88b56a..7d4d33594 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/misc.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/misc.c @@ -1,6 +1,6 @@ /* misc.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,13 +16,15 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #include /* inlining these functions is a huge speed increase and a small size decrease, @@ -43,6 +45,8 @@ #include /* get intrinsic definitions */ + /* for non visual studio probably need no long version, 32 bit only + * i.e., _rotl and _rotr */ #pragma intrinsic(_lrotl, _lrotr) STATIC INLINE word32 rotlFixed(word32 x, word32 y) @@ -76,6 +80,8 @@ STATIC INLINE word32 ByteReverseWord32(word32 value) #ifdef PPC_INTRINSICS /* PPC: load reverse indexed instruction */ return (word32)__lwbrx(&value,0); +#elif defined(KEIL_INTRINSICS) + return (word32)__rev(value); #elif defined(FAST_ROTATE) /* 5 instructions with rotate instruction, 9 without */ return (rotrFixed(value, 8U) & 0xff00ff00) | @@ -91,7 +97,7 @@ STATIC INLINE word32 ByteReverseWord32(word32 value) STATIC INLINE void ByteReverseWords(word32* out, const word32* in, word32 byteCount) { - word32 count = byteCount/sizeof(word32), i; + word32 count = byteCount/(word32)sizeof(word32), i; for (i = 0; i < count; i++) out[i] = ByteReverseWord32(in[i]); @@ -132,7 +138,7 @@ STATIC INLINE word64 ByteReverseWord64(word64 value) STATIC INLINE void ByteReverseWords64(word64* out, const word64* in, word32 byteCount) { - word32 count = byteCount/sizeof(word64), i; + word32 count = byteCount/(word32)sizeof(word64), i; for (i = 0; i < count; i++) out[i] = ByteReverseWord64(in[i]); @@ -142,15 +148,6 @@ STATIC INLINE void ByteReverseWords64(word64* out, const word64* in, #endif /* WORD64_AVAILABLE */ -STATIC INLINE void ByteReverseBytes(byte* out, const byte* in, word32 byteCount) -{ - word32* op = (word32*)out; - const word32* ip = (const word32*)in; - - ByteReverseWords(op, ip, byteCount); -} - - STATIC INLINE void XorWords(word* r, const word* a, word32 n) { word32 i; @@ -159,16 +156,17 @@ STATIC INLINE void XorWords(word* r, const word* a, word32 n) } -STATIC INLINE void xorbuf(byte* buf, const byte* mask, word32 count) +STATIC INLINE void xorbuf(void* buf, const void* mask, word32 count) { - if (((word)buf | (word)mask | count) % WORD_SIZE == 0) - XorWords( (word*)buf, (const word*)mask, count / WORD_SIZE); + if (((word)buf | (word)mask | count) % CYASSL_WORD_SIZE == 0) + XorWords( (word*)buf, (const word*)mask, count / CYASSL_WORD_SIZE); else { word32 i; - for (i = 0; i < count; i++) buf[i] ^= mask[i]; + byte* b = (byte*)buf; + const byte* m = (const byte*)mask; + + for (i = 0; i < count; i++) b[i] ^= m[i]; } } - - #undef STATIC diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pkcs7.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pkcs7.c new file mode 100644 index 000000000..9e3706da0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pkcs7.c @@ -0,0 +1,1849 @@ +/* pkcs7.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#ifdef HAVE_PKCS7 + +#include +#include +#include + +#ifndef min + static INLINE word32 min(word32 a, word32 b) + { + return a > b ? b : a; + } +#endif + + +/* placed ASN.1 contentType OID into *output, return idx on success, + * 0 upon failure */ +CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output) +{ + /* PKCS#7 content types, RFC 2315, section 14 */ + static const byte pkcs7[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07 }; + static const byte data[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x01 }; + static const byte signedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x02}; + static const byte envelopedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x03 }; + static const byte signedAndEnveloped[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x04 }; + static const byte digestedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x05 }; + static const byte encryptedData[] = { 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x07, 0x06 }; + + int idSz; + int typeSz = 0, idx = 0; + const byte* typeName = 0; + byte ID_Length[MAX_LENGTH_SZ]; + + switch (pkcs7TypeOID) { + case PKCS7_MSG: + typeSz = sizeof(pkcs7); + typeName = pkcs7; + break; + + case DATA: + typeSz = sizeof(data); + typeName = data; + break; + + case SIGNED_DATA: + typeSz = sizeof(signedData); + typeName = signedData; + break; + + case ENVELOPED_DATA: + typeSz = sizeof(envelopedData); + typeName = envelopedData; + break; + + case SIGNED_AND_ENVELOPED_DATA: + typeSz = sizeof(signedAndEnveloped); + typeName = signedAndEnveloped; + break; + + case DIGESTED_DATA: + typeSz = sizeof(digestedData); + typeName = digestedData; + break; + + case ENCRYPTED_DATA: + typeSz = sizeof(encryptedData); + typeName = encryptedData; + break; + + default: + CYASSL_MSG("Unknown PKCS#7 Type"); + return 0; + }; + + idSz = SetLength(typeSz, ID_Length); + output[idx++] = ASN_OBJECT_ID; + XMEMCPY(output + idx, ID_Length, idSz); + idx += idSz; + XMEMCPY(output + idx, typeName, typeSz); + idx += typeSz; + + return idx; + +} + + +/* get ASN.1 contentType OID sum, return 0 on success, <0 on failure */ +int GetContentType(const byte* input, word32* inOutIdx, word32* oid, + word32 maxIdx) +{ + int length; + word32 i = *inOutIdx; + byte b; + *oid = 0; + + CYASSL_ENTER("GetContentType"); + + b = input[i++]; + if (b != ASN_OBJECT_ID) + return ASN_OBJECT_ID_E; + + if (GetLength(input, &i, &length, maxIdx) < 0) + return ASN_PARSE_E; + + while(length--) { + *oid += input[i]; + i++; + } + + *inOutIdx = i; + + return 0; +} + + +/* init PKCS7 struct with recipient cert, decode into DecodedCert */ +int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz) +{ + int ret = 0; + + XMEMSET(pkcs7, 0, sizeof(PKCS7)); + if (cert != NULL && certSz > 0) { +#ifdef CYASSL_SMALL_STACK + DecodedCert* dCert; + + dCert = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (dCert == NULL) + return MEMORY_E; +#else + DecodedCert stack_dCert; + DecodedCert* dCert = &stack_dCert; +#endif + + pkcs7->singleCert = cert; + pkcs7->singleCertSz = certSz; + InitDecodedCert(dCert, cert, certSz, 0); + + ret = ParseCert(dCert, CA_TYPE, NO_VERIFY, 0); + if (ret < 0) { + FreeDecodedCert(dCert); +#ifdef CYASSL_SMALL_STACK + XFREE(dCert, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + + XMEMCPY(pkcs7->publicKey, dCert->publicKey, dCert->pubKeySize); + pkcs7->publicKeySz = dCert->pubKeySize; + XMEMCPY(pkcs7->issuerHash, dCert->issuerHash, SHA_SIZE); + pkcs7->issuer = dCert->issuerRaw; + pkcs7->issuerSz = dCert->issuerRawLen; + XMEMCPY(pkcs7->issuerSn, dCert->serial, dCert->serialSz); + pkcs7->issuerSnSz = dCert->serialSz; + FreeDecodedCert(dCert); + +#ifdef CYASSL_SMALL_STACK + XFREE(dCert, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + } + + return ret; +} + + +/* releases any memory allocated by a PKCS7 initializer */ +void PKCS7_Free(PKCS7* pkcs7) +{ + (void)pkcs7; +} + + +/* build PKCS#7 data content type */ +int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz) +{ + static const byte oid[] = + { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x07, 0x01 }; + byte seq[MAX_SEQ_SZ]; + byte octetStr[MAX_OCTET_STR_SZ]; + word32 seqSz; + word32 octetStrSz; + word32 oidSz = (word32)sizeof(oid); + int idx = 0; + + octetStrSz = SetOctetString(pkcs7->contentSz, octetStr); + seqSz = SetSequence(pkcs7->contentSz + octetStrSz + oidSz, seq); + + if (outputSz < pkcs7->contentSz + octetStrSz + oidSz + seqSz) + return BUFFER_E; + + XMEMCPY(output, seq, seqSz); + idx += seqSz; + XMEMCPY(output + idx, oid, oidSz); + idx += oidSz; + XMEMCPY(output + idx, octetStr, octetStrSz); + idx += octetStrSz; + XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz); + idx += pkcs7->contentSz; + + return idx; +} + + +typedef struct EncodedAttrib { + byte valueSeq[MAX_SEQ_SZ]; + const byte* oid; + byte valueSet[MAX_SET_SZ]; + const byte* value; + word32 valueSeqSz, oidSz, idSz, valueSetSz, valueSz, totalSz; +} EncodedAttrib; + + +typedef struct ESD { + Sha sha; + byte contentDigest[SHA_DIGEST_SIZE + 2]; /* content only + ASN.1 heading */ + byte contentAttribsDigest[SHA_DIGEST_SIZE]; + byte encContentDigest[512]; + + byte outerSeq[MAX_SEQ_SZ]; + byte outerContent[MAX_EXP_SZ]; + byte innerSeq[MAX_SEQ_SZ]; + byte version[MAX_VERSION_SZ]; + byte digAlgoIdSet[MAX_SET_SZ]; + byte singleDigAlgoId[MAX_ALGO_SZ]; + + byte contentInfoSeq[MAX_SEQ_SZ]; + byte innerContSeq[MAX_EXP_SZ]; + byte innerOctets[MAX_OCTET_STR_SZ]; + + byte certsSet[MAX_SET_SZ]; + + byte signerInfoSet[MAX_SET_SZ]; + byte signerInfoSeq[MAX_SEQ_SZ]; + byte signerVersion[MAX_VERSION_SZ]; + byte issuerSnSeq[MAX_SEQ_SZ]; + byte issuerName[MAX_SEQ_SZ]; + byte issuerSn[MAX_SN_SZ]; + byte signerDigAlgoId[MAX_ALGO_SZ]; + byte digEncAlgoId[MAX_ALGO_SZ]; + byte signedAttribSet[MAX_SET_SZ]; + EncodedAttrib signedAttribs[6]; + byte signerDigest[MAX_OCTET_STR_SZ]; + word32 innerOctetsSz, innerContSeqSz, contentInfoSeqSz; + word32 outerSeqSz, outerContentSz, innerSeqSz, versionSz, digAlgoIdSetSz, + singleDigAlgoIdSz, certsSetSz; + word32 signerInfoSetSz, signerInfoSeqSz, signerVersionSz, + issuerSnSeqSz, issuerNameSz, issuerSnSz, + signerDigAlgoIdSz, digEncAlgoIdSz, signerDigestSz; + word32 encContentDigestSz, signedAttribsSz, signedAttribsCount, + signedAttribSetSz; +} ESD; + + +static int EncodeAttributes(EncodedAttrib* ea, int eaSz, + PKCS7Attrib* attribs, int attribsSz) +{ + int i; + int maxSz = min(eaSz, attribsSz); + int allAttribsSz = 0; + + for (i = 0; i < maxSz; i++) + { + int attribSz = 0; + + ea[i].value = attribs[i].value; + ea[i].valueSz = attribs[i].valueSz; + attribSz += ea[i].valueSz; + ea[i].valueSetSz = SetSet(attribSz, ea[i].valueSet); + attribSz += ea[i].valueSetSz; + ea[i].oid = attribs[i].oid; + ea[i].oidSz = attribs[i].oidSz; + attribSz += ea[i].oidSz; + ea[i].valueSeqSz = SetSequence(attribSz, ea[i].valueSeq); + attribSz += ea[i].valueSeqSz; + ea[i].totalSz = attribSz; + + allAttribsSz += attribSz; + } + return allAttribsSz; +} + + +static int FlattenAttributes(byte* output, EncodedAttrib* ea, int eaSz) +{ + int i, idx; + + idx = 0; + for (i = 0; i < eaSz; i++) { + XMEMCPY(output + idx, ea[i].valueSeq, ea[i].valueSeqSz); + idx += ea[i].valueSeqSz; + XMEMCPY(output + idx, ea[i].oid, ea[i].oidSz); + idx += ea[i].oidSz; + XMEMCPY(output + idx, ea[i].valueSet, ea[i].valueSetSz); + idx += ea[i].valueSetSz; + XMEMCPY(output + idx, ea[i].value, ea[i].valueSz); + idx += ea[i].valueSz; + } + return 0; +} + + +/* build PKCS#7 signedData content type */ +int PKCS7_EncodeSignedData(PKCS7* pkcs7, byte* output, word32 outputSz) +{ + static const byte outerOid[] = + { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x07, 0x02 }; + static const byte innerOid[] = + { ASN_OBJECT_ID, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x07, 0x01 }; + +#ifdef CYASSL_SMALL_STACK + ESD* esd = NULL; +#else + ESD stack_esd; + ESD* esd = &stack_esd; +#endif + + word32 signerInfoSz = 0; + word32 totalSz = 0; + int idx = 0, ret = 0; + byte* flatSignedAttribs = NULL; + word32 flatSignedAttribsSz = 0; + word32 innerOidSz = sizeof(innerOid); + word32 outerOidSz = sizeof(outerOid); + + if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 || + pkcs7->encryptOID == 0 || pkcs7->hashOID == 0 || pkcs7->rng == 0 || + pkcs7->singleCert == NULL || pkcs7->singleCertSz == 0 || + pkcs7->privateKey == NULL || pkcs7->privateKeySz == 0 || + output == NULL || outputSz == 0) + return BAD_FUNC_ARG; + +#ifdef CYASSL_SMALL_STACK + esd = (ESD*)XMALLOC(sizeof(ESD), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (esd == NULL) + return MEMORY_E; +#endif + + XMEMSET(esd, 0, sizeof(ESD)); + ret = InitSha(&esd->sha); + if (ret != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + + if (pkcs7->contentSz != 0) + { + ShaUpdate(&esd->sha, pkcs7->content, pkcs7->contentSz); + esd->contentDigest[0] = ASN_OCTET_STRING; + esd->contentDigest[1] = SHA_DIGEST_SIZE; + ShaFinal(&esd->sha, &esd->contentDigest[2]); + } + + esd->innerOctetsSz = SetOctetString(pkcs7->contentSz, esd->innerOctets); + esd->innerContSeqSz = SetExplicit(0, esd->innerOctetsSz + pkcs7->contentSz, + esd->innerContSeq); + esd->contentInfoSeqSz = SetSequence(pkcs7->contentSz + esd->innerOctetsSz + + innerOidSz + esd->innerContSeqSz, + esd->contentInfoSeq); + + esd->issuerSnSz = SetSerialNumber(pkcs7->issuerSn, pkcs7->issuerSnSz, + esd->issuerSn); + signerInfoSz += esd->issuerSnSz; + esd->issuerNameSz = SetSequence(pkcs7->issuerSz, esd->issuerName); + signerInfoSz += esd->issuerNameSz + pkcs7->issuerSz; + esd->issuerSnSeqSz = SetSequence(signerInfoSz, esd->issuerSnSeq); + signerInfoSz += esd->issuerSnSeqSz; + esd->signerVersionSz = SetMyVersion(1, esd->signerVersion, 0); + signerInfoSz += esd->signerVersionSz; + esd->signerDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd->signerDigAlgoId, + hashType, 0); + signerInfoSz += esd->signerDigAlgoIdSz; + esd->digEncAlgoIdSz = SetAlgoID(pkcs7->encryptOID, esd->digEncAlgoId, + keyType, 0); + signerInfoSz += esd->digEncAlgoIdSz; + + if (pkcs7->signedAttribsSz != 0) { + byte contentTypeOid[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xF7, 0x0d, 0x01, + 0x09, 0x03 }; + byte contentType[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x07, 0x01 }; + byte messageDigestOid[] = + { ASN_OBJECT_ID, 0x09, 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, + 0x09, 0x04 }; + + PKCS7Attrib cannedAttribs[2] = + { + { contentTypeOid, sizeof(contentTypeOid), + contentType, sizeof(contentType) }, + { messageDigestOid, sizeof(messageDigestOid), + esd->contentDigest, sizeof(esd->contentDigest) } + }; + word32 cannedAttribsCount = sizeof(cannedAttribs)/sizeof(PKCS7Attrib); + + esd->signedAttribsCount += cannedAttribsCount; + esd->signedAttribsSz += EncodeAttributes(&esd->signedAttribs[0], 2, + cannedAttribs, cannedAttribsCount); + + esd->signedAttribsCount += pkcs7->signedAttribsSz; + esd->signedAttribsSz += EncodeAttributes(&esd->signedAttribs[2], 4, + pkcs7->signedAttribs, pkcs7->signedAttribsSz); + + flatSignedAttribs = (byte*)XMALLOC(esd->signedAttribsSz, 0, NULL); + flatSignedAttribsSz = esd->signedAttribsSz; + if (flatSignedAttribs == NULL) { +#ifdef CYASSL_SMALL_STACK + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return MEMORY_E; + } + FlattenAttributes(flatSignedAttribs, + esd->signedAttribs, esd->signedAttribsCount); + esd->signedAttribSetSz = SetImplicit(ASN_SET, 0, esd->signedAttribsSz, + esd->signedAttribSet); + } + /* Calculate the final hash and encrypt it. */ + { + int result; + word32 scratch = 0; + +#ifdef CYASSL_SMALL_STACK + byte* digestInfo; + RsaKey* privKey; +#else + RsaKey stack_privKey; + RsaKey* privKey = &stack_privKey; + byte digestInfo[MAX_SEQ_SZ + MAX_ALGO_SZ + + MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE]; +#endif + byte digestInfoSeq[MAX_SEQ_SZ]; + byte digestStr[MAX_OCTET_STR_SZ]; + word32 digestInfoSeqSz, digestStrSz; + int digIdx = 0; + + if (pkcs7->signedAttribsSz != 0) { + byte attribSet[MAX_SET_SZ]; + word32 attribSetSz; + + attribSetSz = SetSet(flatSignedAttribsSz, attribSet); + + ret = InitSha(&esd->sha); + if (ret < 0) { + XFREE(flatSignedAttribs, 0, NULL); +#ifdef CYASSL_SMALL_STACK + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + ShaUpdate(&esd->sha, attribSet, attribSetSz); + ShaUpdate(&esd->sha, flatSignedAttribs, flatSignedAttribsSz); + } + ShaFinal(&esd->sha, esd->contentAttribsDigest); + + digestStrSz = SetOctetString(SHA_DIGEST_SIZE, digestStr); + digestInfoSeqSz = SetSequence(esd->signerDigAlgoIdSz + + digestStrSz + SHA_DIGEST_SIZE, + digestInfoSeq); + +#ifdef CYASSL_SMALL_STACK + digestInfo = (byte*)XMALLOC(MAX_SEQ_SZ + MAX_ALGO_SZ + + MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE, + NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (digestInfo == NULL) { + if (pkcs7->signedAttribsSz != 0) + XFREE(flatSignedAttribs, 0, NULL); + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + XMEMCPY(digestInfo + digIdx, digestInfoSeq, digestInfoSeqSz); + digIdx += digestInfoSeqSz; + XMEMCPY(digestInfo + digIdx, + esd->signerDigAlgoId, esd->signerDigAlgoIdSz); + digIdx += esd->signerDigAlgoIdSz; + XMEMCPY(digestInfo + digIdx, digestStr, digestStrSz); + digIdx += digestStrSz; + XMEMCPY(digestInfo + digIdx, esd->contentAttribsDigest, + SHA_DIGEST_SIZE); + digIdx += SHA_DIGEST_SIZE; + +#ifdef CYASSL_SMALL_STACK + privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (privKey == NULL) { + if (pkcs7->signedAttribsSz != 0) + XFREE(flatSignedAttribs, 0, NULL); + XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + result = InitRsaKey(privKey, NULL); + if (result == 0) + result = RsaPrivateKeyDecode(pkcs7->privateKey, &scratch, privKey, + pkcs7->privateKeySz); + if (result < 0) { + if (pkcs7->signedAttribsSz != 0) + XFREE(flatSignedAttribs, 0, NULL); +#ifdef CYASSL_SMALL_STACK + XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return PUBLIC_KEY_E; + } + + result = RsaSSL_Sign(digestInfo, digIdx, + esd->encContentDigest, + sizeof(esd->encContentDigest), + privKey, pkcs7->rng); + + FreeRsaKey(privKey); + +#ifdef CYASSL_SMALL_STACK + XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(digestInfo, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + if (result < 0) { + if (pkcs7->signedAttribsSz != 0) + XFREE(flatSignedAttribs, 0, NULL); +#ifdef CYASSL_SMALL_STACK + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return result; + } + esd->encContentDigestSz = (word32)result; + } + signerInfoSz += flatSignedAttribsSz + esd->signedAttribSetSz; + + esd->signerDigestSz = SetOctetString(esd->encContentDigestSz, + esd->signerDigest); + signerInfoSz += esd->signerDigestSz + esd->encContentDigestSz; + + esd->signerInfoSeqSz = SetSequence(signerInfoSz, esd->signerInfoSeq); + signerInfoSz += esd->signerInfoSeqSz; + esd->signerInfoSetSz = SetSet(signerInfoSz, esd->signerInfoSet); + signerInfoSz += esd->signerInfoSetSz; + + esd->certsSetSz = SetImplicit(ASN_SET, 0, pkcs7->singleCertSz, + esd->certsSet); + + esd->singleDigAlgoIdSz = SetAlgoID(pkcs7->hashOID, esd->singleDigAlgoId, + hashType, 0); + esd->digAlgoIdSetSz = SetSet(esd->singleDigAlgoIdSz, esd->digAlgoIdSet); + + + esd->versionSz = SetMyVersion(1, esd->version, 0); + + totalSz = esd->versionSz + esd->singleDigAlgoIdSz + esd->digAlgoIdSetSz + + esd->contentInfoSeqSz + esd->certsSetSz + pkcs7->singleCertSz + + esd->innerOctetsSz + esd->innerContSeqSz + + innerOidSz + pkcs7->contentSz + + signerInfoSz; + esd->innerSeqSz = SetSequence(totalSz, esd->innerSeq); + totalSz += esd->innerSeqSz; + esd->outerContentSz = SetExplicit(0, totalSz, esd->outerContent); + totalSz += esd->outerContentSz + outerOidSz; + esd->outerSeqSz = SetSequence(totalSz, esd->outerSeq); + totalSz += esd->outerSeqSz; + + if (outputSz < totalSz) { + if (pkcs7->signedAttribsSz != 0) + XFREE(flatSignedAttribs, 0, NULL); +#ifdef CYASSL_SMALL_STACK + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return BUFFER_E; + } + + idx = 0; + XMEMCPY(output + idx, esd->outerSeq, esd->outerSeqSz); + idx += esd->outerSeqSz; + XMEMCPY(output + idx, outerOid, outerOidSz); + idx += outerOidSz; + XMEMCPY(output + idx, esd->outerContent, esd->outerContentSz); + idx += esd->outerContentSz; + XMEMCPY(output + idx, esd->innerSeq, esd->innerSeqSz); + idx += esd->innerSeqSz; + XMEMCPY(output + idx, esd->version, esd->versionSz); + idx += esd->versionSz; + XMEMCPY(output + idx, esd->digAlgoIdSet, esd->digAlgoIdSetSz); + idx += esd->digAlgoIdSetSz; + XMEMCPY(output + idx, esd->singleDigAlgoId, esd->singleDigAlgoIdSz); + idx += esd->singleDigAlgoIdSz; + XMEMCPY(output + idx, esd->contentInfoSeq, esd->contentInfoSeqSz); + idx += esd->contentInfoSeqSz; + XMEMCPY(output + idx, innerOid, innerOidSz); + idx += innerOidSz; + XMEMCPY(output + idx, esd->innerContSeq, esd->innerContSeqSz); + idx += esd->innerContSeqSz; + XMEMCPY(output + idx, esd->innerOctets, esd->innerOctetsSz); + idx += esd->innerOctetsSz; + XMEMCPY(output + idx, pkcs7->content, pkcs7->contentSz); + idx += pkcs7->contentSz; + XMEMCPY(output + idx, esd->certsSet, esd->certsSetSz); + idx += esd->certsSetSz; + XMEMCPY(output + idx, pkcs7->singleCert, pkcs7->singleCertSz); + idx += pkcs7->singleCertSz; + XMEMCPY(output + idx, esd->signerInfoSet, esd->signerInfoSetSz); + idx += esd->signerInfoSetSz; + XMEMCPY(output + idx, esd->signerInfoSeq, esd->signerInfoSeqSz); + idx += esd->signerInfoSeqSz; + XMEMCPY(output + idx, esd->signerVersion, esd->signerVersionSz); + idx += esd->signerVersionSz; + XMEMCPY(output + idx, esd->issuerSnSeq, esd->issuerSnSeqSz); + idx += esd->issuerSnSeqSz; + XMEMCPY(output + idx, esd->issuerName, esd->issuerNameSz); + idx += esd->issuerNameSz; + XMEMCPY(output + idx, pkcs7->issuer, pkcs7->issuerSz); + idx += pkcs7->issuerSz; + XMEMCPY(output + idx, esd->issuerSn, esd->issuerSnSz); + idx += esd->issuerSnSz; + XMEMCPY(output + idx, esd->signerDigAlgoId, esd->signerDigAlgoIdSz); + idx += esd->signerDigAlgoIdSz; + + /* SignerInfo:Attributes */ + if (pkcs7->signedAttribsSz != 0) { + XMEMCPY(output + idx, esd->signedAttribSet, esd->signedAttribSetSz); + idx += esd->signedAttribSetSz; + XMEMCPY(output + idx, flatSignedAttribs, flatSignedAttribsSz); + idx += flatSignedAttribsSz; + XFREE(flatSignedAttribs, 0, NULL); + } + + XMEMCPY(output + idx, esd->digEncAlgoId, esd->digEncAlgoIdSz); + idx += esd->digEncAlgoIdSz; + XMEMCPY(output + idx, esd->signerDigest, esd->signerDigestSz); + idx += esd->signerDigestSz; + XMEMCPY(output + idx, esd->encContentDigest, esd->encContentDigestSz); + idx += esd->encContentDigestSz; + +#ifdef CYASSL_SMALL_STACK + XFREE(esd, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return idx; +} + + +/* Finds the certificates in the message and saves it. */ +int PKCS7_VerifySignedData(PKCS7* pkcs7, byte* pkiMsg, word32 pkiMsgSz) +{ + word32 idx, contentType; + int length, version, ret; + byte* content = NULL; + byte* sig = NULL; + byte* cert = NULL; + int contentSz = 0, sigSz = 0, certSz = 0; + + if (pkcs7 == NULL || pkiMsg == NULL || pkiMsgSz == 0) + return BAD_FUNC_ARG; + + idx = 0; + + /* Get the contentInfo sequence */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the contentInfo contentType */ + if (GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (contentType != SIGNED_DATA) { + CYASSL_MSG("PKCS#7 input not of type SignedData"); + return PKCS7_OID_E; + } + + /* get the ContentInfo content */ + if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the signedData sequence */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the version */ + if (GetMyVersion(pkiMsg, &idx, &version) < 0) + return ASN_PARSE_E; + + if (version != 1) { + CYASSL_MSG("PKCS#7 signedData needs to be of version 1"); + return ASN_VERSION_E; + } + + /* Get the set of DigestAlgorithmIdentifiers */ + if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip the set. */ + idx += length; + + /* Get the inner ContentInfo sequence */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the inner ContentInfo contentType */ + if (GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (contentType != DATA) { + CYASSL_MSG("PKCS#7 inner input not of type Data"); + return PKCS7_OID_E; + } + + if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (pkiMsg[idx++] != ASN_OCTET_STRING) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Save the inner data as the content. */ + if (length > 0) { + /* Local pointer for calculating hashes later */ + pkcs7->content = content = &pkiMsg[idx]; + pkcs7->contentSz = contentSz = length; + idx += length; + } + + /* Get the implicit[0] set of certificates */ + if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { + idx++; + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (length > 0) { + /* At this point, idx is at the first certificate in + * a set of certificates. There may be more than one, + * or none, or they may be a PKCS 6 extended + * certificate. We want to save the first cert if it + * is X.509. */ + + word32 certIdx = idx; + + if (pkiMsg[certIdx++] == (ASN_CONSTRUCTED | ASN_SEQUENCE)) { + if (GetLength(pkiMsg, &certIdx, &certSz, pkiMsgSz) < 0) + return ASN_PARSE_E; + + cert = &pkiMsg[idx]; + certSz += (certIdx - idx); + } + PKCS7_InitWithCert(pkcs7, cert, certSz); + } + idx += length; + } + + /* Get the implicit[1] set of crls */ + if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 1)) { + idx++; + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip the set */ + idx += length; + } + + /* Get the set of signerInfos */ + if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (length > 0) { + /* Get the sequence of the first signerInfo */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Get the version */ + if (GetMyVersion(pkiMsg, &idx, &version) < 0) + return ASN_PARSE_E; + + if (version != 1) { + CYASSL_MSG("PKCS#7 signerInfo needs to be of version 1"); + return ASN_VERSION_E; + } + + /* Get the sequence of IssuerAndSerialNumber */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the sequence of digestAlgorithm */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the IMPLICIT[0] SET OF signedAttributes */ + if (pkiMsg[idx] == (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) { + idx++; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + idx += length; + } + + /* Get the sequence of digestEncryptionAlgorithm */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* Skip it */ + idx += length; + + /* Get the signature */ + if (pkiMsg[idx] == ASN_OCTET_STRING) { + idx++; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* save pointer and length */ + sig = &pkiMsg[idx]; + sigSz = length; + + idx += length; + } + + pkcs7->content = content; + pkcs7->contentSz = contentSz; + + { + word32 scratch = 0; + int plainSz = 0; + int digestSz = MAX_SEQ_SZ + MAX_ALGO_SZ + + MAX_OCTET_STR_SZ + SHA_DIGEST_SIZE; + +#ifdef CYASSL_SMALL_STACK + byte* digest; + RsaKey* key; + + digest = (byte*)XMALLOC(digestSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + + if (digest == NULL) + return MEMORY_E; + + key = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (key == NULL) { + XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#else + byte digest[digestSz]; + RsaKey stack_key; + RsaKey* key = &stack_key; +#endif + + XMEMSET(digest, 0, digestSz); + + ret = InitRsaKey(key, NULL); + if (ret != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + if (RsaPublicKeyDecode(pkcs7->publicKey, &scratch, key, + pkcs7->publicKeySz) < 0) { + CYASSL_MSG("ASN RSA key decode error"); +#ifdef CYASSL_SMALL_STACK + XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return PUBLIC_KEY_E; + } + + plainSz = RsaSSL_Verify(sig, sigSz, digest, digestSz, key); + FreeRsaKey(key); + +#ifdef CYASSL_SMALL_STACK + XFREE(digest, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + if (plainSz < 0) + return plainSz; + } + } + + return 0; +} + + +/* create ASN.1 fomatted RecipientInfo structure, returns sequence size */ +CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, + int keyEncAlgo, int blockKeySz, + RNG* rng, byte* contentKeyPlain, + byte* contentKeyEnc, + int* keyEncSz, byte* out, word32 outSz) +{ + word32 idx = 0; + int ret = 0, totalSz = 0; + int verSz, issuerSz, snSz, keyEncAlgSz; + int issuerSeqSz, recipSeqSz, issuerSerialSeqSz; + int encKeyOctetStrSz; + + byte ver[MAX_VERSION_SZ]; + byte issuerSerialSeq[MAX_SEQ_SZ]; + byte recipSeq[MAX_SEQ_SZ]; + byte issuerSeq[MAX_SEQ_SZ]; + byte encKeyOctetStr[MAX_OCTET_STR_SZ]; + +#ifdef CYASSL_SMALL_STACK + byte *serial; + byte *keyAlgArray; + + RsaKey* pubKey; + DecodedCert* decoded; + + serial = (byte*)XMALLOC(MAX_SN_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + keyAlgArray = (byte*)XMALLOC(MAX_SN_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + decoded = (DecodedCert*)XMALLOC(sizeof(DecodedCert), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + + if (decoded == NULL || serial == NULL || keyAlgArray == NULL) { + if (serial) XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (keyAlgArray) XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (decoded) XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } + +#else + byte serial[MAX_SN_SZ]; + byte keyAlgArray[MAX_ALGO_SZ]; + + RsaKey stack_pubKey; + RsaKey* pubKey = &stack_pubKey; + DecodedCert stack_decoded; + DecodedCert* decoded = &stack_decoded; +#endif + + InitDecodedCert(decoded, (byte*)cert, certSz, 0); + ret = ParseCert(decoded, CA_TYPE, NO_VERIFY, 0); + if (ret < 0) { + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + + /* version */ + verSz = SetMyVersion(0, ver, 0); + + /* IssuerAndSerialNumber */ + if (decoded->issuerRaw == NULL || decoded->issuerRawLen == 0) { + CYASSL_MSG("DecodedCert lacks raw issuer pointer and length"); + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return -1; + } + issuerSz = decoded->issuerRawLen; + issuerSeqSz = SetSequence(issuerSz, issuerSeq); + + if (decoded->serial == NULL || decoded->serialSz == 0) { + CYASSL_MSG("DecodedCert missing serial number"); + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return -1; + } + snSz = SetSerialNumber(decoded->serial, decoded->serialSz, serial); + + issuerSerialSeqSz = SetSequence(issuerSeqSz + issuerSz + snSz, + issuerSerialSeq); + + /* KeyEncryptionAlgorithmIdentifier, only support RSA now */ + if (keyEncAlgo != RSAk) { + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ALGO_ID_E; + } + + keyEncAlgSz = SetAlgoID(keyEncAlgo, keyAlgArray, keyType, 0); + if (keyEncAlgSz == 0) { + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return BAD_FUNC_ARG; + } + +#ifdef CYASSL_SMALL_STACK + pubKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (pubKey == NULL) { + FreeDecodedCert(decoded); + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + /* EncryptedKey */ + ret = InitRsaKey(pubKey, 0); + if (ret != 0) { + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + + if (RsaPublicKeyDecode(decoded->publicKey, &idx, pubKey, + decoded->pubKeySize) < 0) { + CYASSL_MSG("ASN RSA key decode error"); + FreeRsaKey(pubKey); + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return PUBLIC_KEY_E; + } + + *keyEncSz = RsaPublicEncrypt(contentKeyPlain, blockKeySz, contentKeyEnc, + MAX_ENCRYPTED_KEY_SZ, pubKey, rng); + FreeRsaKey(pubKey); + +#ifdef CYASSL_SMALL_STACK + XFREE(pubKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + if (*keyEncSz < 0) { + CYASSL_MSG("RSA Public Encrypt failed"); + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return *keyEncSz; + } + + encKeyOctetStrSz = SetOctetString(*keyEncSz, encKeyOctetStr); + + /* RecipientInfo */ + recipSeqSz = SetSequence(verSz + issuerSerialSeqSz + issuerSeqSz + + issuerSz + snSz + keyEncAlgSz + encKeyOctetStrSz + + *keyEncSz, recipSeq); + + if (recipSeqSz + verSz + issuerSerialSeqSz + issuerSeqSz + snSz + + keyEncAlgSz + encKeyOctetStrSz + *keyEncSz > (int)outSz) { + CYASSL_MSG("RecipientInfo output buffer too small"); + FreeDecodedCert(decoded); +#ifdef CYASSL_SMALL_STACK + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return BUFFER_E; + } + + XMEMCPY(out + totalSz, recipSeq, recipSeqSz); + totalSz += recipSeqSz; + XMEMCPY(out + totalSz, ver, verSz); + totalSz += verSz; + XMEMCPY(out + totalSz, issuerSerialSeq, issuerSerialSeqSz); + totalSz += issuerSerialSeqSz; + XMEMCPY(out + totalSz, issuerSeq, issuerSeqSz); + totalSz += issuerSeqSz; + XMEMCPY(out + totalSz, decoded->issuerRaw, issuerSz); + totalSz += issuerSz; + XMEMCPY(out + totalSz, serial, snSz); + totalSz += snSz; + XMEMCPY(out + totalSz, keyAlgArray, keyEncAlgSz); + totalSz += keyEncAlgSz; + XMEMCPY(out + totalSz, encKeyOctetStr, encKeyOctetStrSz); + totalSz += encKeyOctetStrSz; + XMEMCPY(out + totalSz, contentKeyEnc, *keyEncSz); + totalSz += *keyEncSz; + + FreeDecodedCert(decoded); + +#ifdef CYASSL_SMALL_STACK + XFREE(serial, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(keyAlgArray, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(decoded, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return totalSz; +} + + +/* build PKCS#7 envelopedData content type, return enveloped size */ +int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, byte* output, word32 outputSz) +{ + int i, ret = 0, idx = 0; + int totalSz = 0, padSz = 0, desOutSz = 0; + + int contentInfoSeqSz, outerContentTypeSz, outerContentSz; + byte contentInfoSeq[MAX_SEQ_SZ]; + byte outerContentType[MAX_ALGO_SZ]; + byte outerContent[MAX_SEQ_SZ]; + + int envDataSeqSz, verSz; + byte envDataSeq[MAX_SEQ_SZ]; + byte ver[MAX_VERSION_SZ]; + + RNG rng; + int contentKeyEncSz, blockKeySz; + int dynamicFlag = 0; + byte contentKeyPlain[MAX_CONTENT_KEY_LEN]; +#ifdef CYASSL_SMALL_STACK + byte* contentKeyEnc; +#else + byte contentKeyEnc[MAX_ENCRYPTED_KEY_SZ]; +#endif + byte* plain; + byte* encryptedContent; + + int recipSz, recipSetSz; +#ifdef CYASSL_SMALL_STACK + byte* recip; +#else + byte recip[MAX_RECIP_SZ]; +#endif + byte recipSet[MAX_SET_SZ]; + + int encContentOctetSz, encContentSeqSz, contentTypeSz; + int contentEncAlgoSz, ivOctetStringSz; + byte encContentSeq[MAX_SEQ_SZ]; + byte contentType[MAX_ALGO_SZ]; + byte contentEncAlgo[MAX_ALGO_SZ]; + byte tmpIv[DES_BLOCK_SIZE]; + byte ivOctetString[MAX_OCTET_STR_SZ]; + byte encContentOctet[MAX_OCTET_STR_SZ]; + + if (pkcs7 == NULL || pkcs7->content == NULL || pkcs7->contentSz == 0 || + pkcs7->encryptOID == 0 || pkcs7->singleCert == NULL) + return BAD_FUNC_ARG; + + if (output == NULL || outputSz == 0) + return BAD_FUNC_ARG; + + /* PKCS#7 only supports DES, 3DES for now */ + switch (pkcs7->encryptOID) { + case DESb: + blockKeySz = DES_KEYLEN; + break; + + case DES3b: + blockKeySz = DES3_KEYLEN; + break; + + default: + CYASSL_MSG("Unsupported content cipher type"); + return ALGO_ID_E; + }; + + /* outer content type */ + outerContentTypeSz = SetContentType(ENVELOPED_DATA, outerContentType); + + /* version, defined as 0 in RFC 2315 */ + verSz = SetMyVersion(0, ver, 0); + + /* generate random content encryption key */ + ret = InitRng(&rng); + if (ret != 0) + return ret; + + ret = RNG_GenerateBlock(&rng, contentKeyPlain, blockKeySz); + if (ret != 0) + return ret; + +#ifdef CYASSL_SMALL_STACK + recip = (byte*)XMALLOC(MAX_RECIP_SZ, NULL, DYNAMIC_TYPE_TMP_BUFFER); + contentKeyEnc = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (contentKeyEnc == NULL || recip == NULL) { + if (recip) XFREE(recip, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (contentKeyEnc) XFREE(contentKeyEnc, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } + +#endif + + /* build RecipientInfo, only handle 1 for now */ + recipSz = CreateRecipientInfo(pkcs7->singleCert, pkcs7->singleCertSz, RSAk, + blockKeySz, &rng, contentKeyPlain, + contentKeyEnc, &contentKeyEncSz, recip, + MAX_RECIP_SZ); + + XMEMSET(contentKeyEnc, 0, MAX_ENCRYPTED_KEY_SZ); + +#ifdef CYASSL_SMALL_STACK + XFREE(contentKeyEnc, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + if (recipSz < 0) { + CYASSL_MSG("Failed to create RecipientInfo"); +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return recipSz; + } + recipSetSz = SetSet(recipSz, recipSet); + + /* generate IV for block cipher */ + ret = RNG_GenerateBlock(&rng, tmpIv, DES_BLOCK_SIZE); + if (ret != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + + /* EncryptedContentInfo */ + contentTypeSz = SetContentType(pkcs7->contentOID, contentType); + if (contentTypeSz == 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return BAD_FUNC_ARG; + } + + /* allocate encrypted content buffer, pad if necessary, PKCS#7 padding */ + padSz = DES_BLOCK_SIZE - (pkcs7->contentSz % DES_BLOCK_SIZE); + desOutSz = pkcs7->contentSz + padSz; + + if (padSz != 0) { + plain = (byte*)XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (plain == NULL) { +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return MEMORY_E; + } + XMEMCPY(plain, pkcs7->content, pkcs7->contentSz); + dynamicFlag = 1; + + for (i = 0; i < padSz; i++) { + plain[pkcs7->contentSz + i] = padSz; + } + + } else { + plain = pkcs7->content; + desOutSz = pkcs7->contentSz; + } + + encryptedContent = (byte*)XMALLOC(desOutSz, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (encryptedContent == NULL) { + if (dynamicFlag) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return MEMORY_E; + } + + /* put together IV OCTET STRING */ + ivOctetStringSz = SetOctetString(DES_BLOCK_SIZE, ivOctetString); + + /* build up our ContentEncryptionAlgorithmIdentifier sequence, + * adding (ivOctetStringSz + DES_BLOCK_SIZE) for IV OCTET STRING */ + contentEncAlgoSz = SetAlgoID(pkcs7->encryptOID, contentEncAlgo, + blkType, ivOctetStringSz + DES_BLOCK_SIZE); + + if (contentEncAlgoSz == 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (dynamicFlag) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return BAD_FUNC_ARG; + } + + /* encrypt content */ + if (pkcs7->encryptOID == DESb) { + Des des; + + ret = Des_SetKey(&des, contentKeyPlain, tmpIv, DES_ENCRYPTION); + + if (ret == 0) + Des_CbcEncrypt(&des, encryptedContent, plain, desOutSz); + + if (ret != 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (dynamicFlag) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + } + else if (pkcs7->encryptOID == DES3b) { + Des3 des3; + + ret = Des3_SetKey(&des3, contentKeyPlain, tmpIv, DES_ENCRYPTION); + + if (ret == 0) + ret = Des3_CbcEncrypt(&des3, encryptedContent, plain, desOutSz); + + if (ret != 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (dynamicFlag) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + } + + encContentOctetSz = SetImplicit(ASN_OCTET_STRING, 0, + desOutSz, encContentOctet); + + encContentSeqSz = SetSequence(contentTypeSz + contentEncAlgoSz + + ivOctetStringSz + DES_BLOCK_SIZE + + encContentOctetSz + desOutSz, encContentSeq); + + /* keep track of sizes for outer wrapper layering */ + totalSz = verSz + recipSetSz + recipSz + encContentSeqSz + contentTypeSz + + contentEncAlgoSz + ivOctetStringSz + DES_BLOCK_SIZE + + encContentOctetSz + desOutSz; + + /* EnvelopedData */ + envDataSeqSz = SetSequence(totalSz, envDataSeq); + totalSz += envDataSeqSz; + + /* outer content */ + outerContentSz = SetExplicit(0, totalSz, outerContent); + totalSz += outerContentTypeSz; + totalSz += outerContentSz; + + /* ContentInfo */ + contentInfoSeqSz = SetSequence(totalSz, contentInfoSeq); + totalSz += contentInfoSeqSz; + + if (totalSz > (int)outputSz) { + CYASSL_MSG("Pkcs7_encrypt output buffer too small"); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (dynamicFlag) + XFREE(plain, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + return BUFFER_E; + } + + XMEMCPY(output + idx, contentInfoSeq, contentInfoSeqSz); + idx += contentInfoSeqSz; + XMEMCPY(output + idx, outerContentType, outerContentTypeSz); + idx += outerContentTypeSz; + XMEMCPY(output + idx, outerContent, outerContentSz); + idx += outerContentSz; + XMEMCPY(output + idx, envDataSeq, envDataSeqSz); + idx += envDataSeqSz; + XMEMCPY(output + idx, ver, verSz); + idx += verSz; + XMEMCPY(output + idx, recipSet, recipSetSz); + idx += recipSetSz; + XMEMCPY(output + idx, recip, recipSz); + idx += recipSz; + XMEMCPY(output + idx, encContentSeq, encContentSeqSz); + idx += encContentSeqSz; + XMEMCPY(output + idx, contentType, contentTypeSz); + idx += contentTypeSz; + XMEMCPY(output + idx, contentEncAlgo, contentEncAlgoSz); + idx += contentEncAlgoSz; + XMEMCPY(output + idx, ivOctetString, ivOctetStringSz); + idx += ivOctetStringSz; + XMEMCPY(output + idx, tmpIv, DES_BLOCK_SIZE); + idx += DES_BLOCK_SIZE; + XMEMCPY(output + idx, encContentOctet, encContentOctetSz); + idx += encContentOctetSz; + XMEMCPY(output + idx, encryptedContent, desOutSz); + idx += desOutSz; + +#ifdef NO_RC4 + FreeRng(&rng); +#endif + + XMEMSET(contentKeyPlain, 0, MAX_CONTENT_KEY_LEN); + + if (dynamicFlag) + XFREE(plain, NULL, DYNAMMIC_TYPE_TMP_BUFFER); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + +#ifdef CYASSL_SMALL_STACK + XFREE(recip, NULL, DYNAMMIC_TYPE_TMP_BUFFER); +#endif + + return idx; +} + +/* unwrap and decrypt PKCS#7 envelopedData object, return decoded size */ +CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, + word32 pkiMsgSz, byte* output, + word32 outputSz) +{ + int recipFound = 0; + int ret, version, length; + word32 savedIdx = 0, idx = 0; + word32 contentType, encOID; + byte issuerHash[SHA_DIGEST_SIZE]; + + int encryptedKeySz, keySz; + byte tmpIv[DES_BLOCK_SIZE]; + byte* decryptedKey = NULL; + +#ifdef CYASSL_SMALL_STACK + mp_int* serialNum; + byte* encryptedKey; + RsaKey* privKey; +#else + mp_int stack_serialNum; + mp_int* serialNum = &stack_serialNum; + byte encryptedKey[MAX_ENCRYPTED_KEY_SZ]; + + RsaKey stack_privKey; + RsaKey* privKey = &stack_privKey; +#endif + int encryptedContentSz; + byte padLen; + byte* encryptedContent = NULL; + + if (pkcs7 == NULL || pkcs7->singleCert == NULL || + pkcs7->singleCertSz == 0 || pkcs7->privateKey == NULL || + pkcs7->privateKeySz == 0) + return BAD_FUNC_ARG; + + if (pkiMsg == NULL || pkiMsgSz == 0 || + output == NULL || outputSz == 0) + return BAD_FUNC_ARG; + + /* read past ContentInfo, verify type is envelopedData */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (contentType != ENVELOPED_DATA) { + CYASSL_MSG("PKCS#7 input not of type EnvelopedData"); + return PKCS7_OID_E; + } + + if (pkiMsg[idx++] != (ASN_CONSTRUCTED | ASN_CONTEXT_SPECIFIC | 0)) + return ASN_PARSE_E; + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + /* remove EnvelopedData and version */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + + if (GetMyVersion(pkiMsg, &idx, &version) < 0) + return ASN_PARSE_E; + + if (version != 0) { + CYASSL_MSG("PKCS#7 envelopedData needs to be of version 0"); + return ASN_VERSION_E; + } + + /* walk through RecipientInfo set, find correct recipient */ + if (GetSet(pkiMsg, &idx, &length, pkiMsgSz) < 0) + return ASN_PARSE_E; + +#ifdef CYASSL_SMALL_STACK + encryptedKey = (byte*)XMALLOC(MAX_ENCRYPTED_KEY_SZ, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (encryptedKey == NULL) + return MEMORY_E; +#endif + + savedIdx = idx; + recipFound = 0; + + /* when looking for next recipient, use first sequence and version to + * indicate there is another, if not, move on */ + while(recipFound == 0) { + + /* remove RecipientInfo, if we don't have a SEQUENCE, back up idx to + * last good saved one */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) { + idx = savedIdx; + break; + } + + if (GetMyVersion(pkiMsg, &idx, &version) < 0) { + idx = savedIdx; + break; + } + + if (version != 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_VERSION_E; + } + + /* remove IssuerAndSerialNumber */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + if (GetNameHash(pkiMsg, &idx, issuerHash, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + /* if we found correct recipient, issuer hashes will match */ + if (XMEMCMP(issuerHash, pkcs7->issuerHash, SHA_DIGEST_SIZE) == 0) { + recipFound = 1; + } + +#ifdef CYASSL_SMALL_STACK + serialNum = (mp_int*)XMALLOC(sizeof(mp_int), NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (serialNum == NULL) { + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + if (GetInt(serialNum, pkiMsg, &idx, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(serialNum, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + mp_clear(serialNum); + +#ifdef CYASSL_SMALL_STACK + XFREE(serialNum, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + /* key encryption algorithm must be RSA for now */ + if (encOID != RSAk) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ALGO_ID_E; + } + + /* read encryptedKey */ + if (pkiMsg[idx++] != ASN_OCTET_STRING) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + if (GetLength(pkiMsg, &idx, &encryptedKeySz, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + if (recipFound == 1) + XMEMCPY(encryptedKey, &pkiMsg[idx], encryptedKeySz); + idx += encryptedKeySz; + + /* update good idx */ + savedIdx = idx; + } + + if (recipFound == 0) { + CYASSL_MSG("No recipient found in envelopedData that matches input"); +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return PKCS7_RECIP_E; + } + + /* remove EncryptedContentInfo */ + if (GetSequence(pkiMsg, &idx, &length, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + if (GetContentType(pkiMsg, &idx, &contentType, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + if (GetAlgoId(pkiMsg, &idx, &encOID, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + /* get block cipher IV, stored in OPTIONAL parameter of AlgoID */ + if (pkiMsg[idx++] != ASN_OCTET_STRING) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + if (GetLength(pkiMsg, &idx, &length, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + if (length != DES_BLOCK_SIZE) { + CYASSL_MSG("Incorrect IV length, must be of DES_BLOCK_SIZE"); +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + XMEMCPY(tmpIv, &pkiMsg[idx], length); + idx += length; + + /* read encryptedContent, cont[0] */ + if (pkiMsg[idx++] != (ASN_CONTEXT_SPECIFIC | 0)) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + if (GetLength(pkiMsg, &idx, &encryptedContentSz, pkiMsgSz) < 0) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ASN_PARSE_E; + } + + encryptedContent = (byte*)XMALLOC(encryptedContentSz, NULL, + DYNAMIC_TYPE_TMP_BUFFER); + if (encryptedContent == NULL) { +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return MEMORY_E; + } + + XMEMCPY(encryptedContent, &pkiMsg[idx], encryptedContentSz); + + /* load private key */ +#ifdef CYASSL_SMALL_STACK + privKey = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (privKey == NULL) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); return MEMORY_E; + } +#endif + + ret = InitRsaKey(privKey, 0); + if (ret != 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + + idx = 0; + + ret = RsaPrivateKeyDecode(pkcs7->privateKey, &idx, privKey, + pkcs7->privateKeySz); + if (ret != 0) { + CYASSL_MSG("Failed to decode RSA private key"); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + + /* decrypt encryptedKey */ + keySz = RsaPrivateDecryptInline(encryptedKey, encryptedKeySz, + &decryptedKey, privKey); + FreeRsaKey(privKey); + +#ifdef CYASSL_SMALL_STACK + XFREE(privKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + if (keySz <= 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return keySz; + } + + /* decrypt encryptedContent */ + if (encOID == DESb) { + Des des; + ret = Des_SetKey(&des, decryptedKey, tmpIv, DES_DECRYPTION); + + if (ret == 0) + Des_CbcDecrypt(&des, encryptedContent, encryptedContent, + encryptedContentSz); + + if (ret != 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + } + else if (encOID == DES3b) { + Des3 des; + ret = Des3_SetKey(&des, decryptedKey, tmpIv, DES_DECRYPTION); + if (ret == 0) + ret = Des3_CbcDecrypt(&des, encryptedContent, encryptedContent, + encryptedContentSz); + + if (ret != 0) { + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; + } + } else { + CYASSL_MSG("Unsupported content encryption OID type"); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ALGO_ID_E; + } + + padLen = encryptedContent[encryptedContentSz-1]; + + /* copy plaintext to output */ + XMEMCPY(output, encryptedContent, encryptedContentSz - padLen); + + /* free memory, zero out keys */ + XMEMSET(encryptedKey, 0, MAX_ENCRYPTED_KEY_SZ); + XMEMSET(encryptedContent, 0, encryptedContentSz); + XFREE(encryptedContent, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#ifdef CYASSL_SMALL_STACK + XFREE(encryptedKey, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return encryptedContentSz - padLen; +} + + +#else /* HAVE_PKCS7 */ + + +#ifdef _MSC_VER + /* 4206 warning for blank file */ + #pragma warning(disable: 4206) +#endif + + +#endif /* HAVE_PKCS7 */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pwdbased.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pwdbased.c index d36f7e9aa..582c80fb9 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pwdbased.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/pwdbased.c @@ -1,6 +1,6 @@ /* pwdbased.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,22 +16,41 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifndef NO_PWDBASED +#ifdef CYASSL_PIC32MZ_HASH + +#define InitMd5 InitMd5_sw +#define Md5Update Md5Update_sw +#define Md5Final Md5Final_sw + +#define InitSha InitSha_sw +#define ShaUpdate ShaUpdate_sw +#define ShaFinal ShaFinal_sw + +#define InitSha256 InitSha256_sw +#define Sha256Update Sha256Update_sw +#define Sha256Final Sha256Final_sw + +#endif + #include #include #include -#include -#ifdef CYASSL_SHA512 +#include +#if defined(CYASSL_SHA512) || defined(CYASSL_SHA384) #include #endif + #ifdef NO_INLINE #include #else @@ -54,8 +73,8 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt, { Md5 md5; Sha sha; - int hLen = (hashType == MD5) ? MD5_DIGEST_SIZE : SHA_DIGEST_SIZE; - int i; + int hLen = (hashType == MD5) ? (int)MD5_DIGEST_SIZE : (int)SHA_DIGEST_SIZE; + int i, ret = 0; byte buffer[SHA_DIGEST_SIZE]; /* max size */ if (hashType != MD5 && hashType != SHA) @@ -74,7 +93,9 @@ int PBKDF1(byte* output, const byte* passwd, int pLen, const byte* salt, Md5Final(&md5, buffer); } else { - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + return ret; ShaUpdate(&sha, passwd, pLen); ShaUpdate(&sha, salt, sLen); ShaFinal(&sha, buffer); @@ -101,9 +122,13 @@ int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt, { word32 i = 1; int hLen; - int j; + int j, ret; Hmac hmac; - byte buffer[INNER_HASH_SIZE]; /* max size */ +#ifdef CYASSL_SMALL_STACK + byte* buffer; +#else + byte buffer[MAX_DIGEST_SIZE]; +#endif if (hashType == MD5) { hLen = MD5_DIGEST_SIZE; @@ -124,36 +149,76 @@ int PBKDF2(byte* output, const byte* passwd, int pLen, const byte* salt, else return BAD_FUNC_ARG; - HmacSetKey(&hmac, hashType, passwd, pLen); +#ifdef CYASSL_SMALL_STACK + buffer = (byte*)XMALLOC(MAX_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (buffer == NULL) + return MEMORY_E; +#endif - while (kLen) { - int currentLen; - HmacUpdate(&hmac, salt, sLen); + ret = HmacSetKey(&hmac, hashType, passwd, pLen); - /* encode i */ - for (j = 0; j < 4; j++) { - byte b = (byte)(i >> ((3-j) * 8)); - HmacUpdate(&hmac, &b, 1); - } - HmacFinal(&hmac, buffer); + if (ret == 0) { + while (kLen) { + int currentLen; - currentLen = min(kLen, hLen); - XMEMCPY(output, buffer, currentLen); + ret = HmacUpdate(&hmac, salt, sLen); + if (ret != 0) + break; - for (j = 1; j < iterations; j++) { - HmacUpdate(&hmac, buffer, hLen); - HmacFinal(&hmac, buffer); - xorbuf(output, buffer, currentLen); - } + /* encode i */ + for (j = 0; j < 4; j++) { + byte b = (byte)(i >> ((3-j) * 8)); - output += currentLen; - kLen -= currentLen; - i++; + ret = HmacUpdate(&hmac, &b, 1); + if (ret != 0) + break; + } + + /* check ret from inside for loop */ + if (ret != 0) + break; + + ret = HmacFinal(&hmac, buffer); + if (ret != 0) + break; + + currentLen = min(kLen, hLen); + XMEMCPY(output, buffer, currentLen); + + for (j = 1; j < iterations; j++) { + ret = HmacUpdate(&hmac, buffer, hLen); + if (ret != 0) + break; + ret = HmacFinal(&hmac, buffer); + if (ret != 0) + break; + xorbuf(output, buffer, currentLen); + } + + /* check ret from inside for loop */ + if (ret != 0) + break; + + output += currentLen; + kLen -= currentLen; + i++; + } } - return 0; +#ifdef CYASSL_SMALL_STACK + XFREE(buffer, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; } +#ifdef CYASSL_SHA512 +#define PBKDF_DIGEST_SIZE SHA512_BLOCK_SIZE +#elif !defined(NO_SHA256) +#define PBKDF_DIGEST_SIZE SHA256_BLOCK_SIZE +#else +#define PBKDF_DIGEST_SIZE SHA_DIGEST_SIZE +#endif int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, int saltLen, int iterations, int kLen, int hashType, int id) @@ -164,17 +229,19 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, int ret = 0; int i; byte *D, *S, *P, *I; +#ifdef CYASSL_SMALL_STACK + byte staticBuffer[1]; /* force dynamic usage */ +#else byte staticBuffer[1024]; +#endif byte* buffer = staticBuffer; -#ifdef CYASSL_SHA512 - byte Ai[SHA512_DIGEST_SIZE]; - byte B[SHA512_BLOCK_SIZE]; -#elif !defined(NO_SHA256) - byte Ai[SHA256_DIGEST_SIZE]; - byte B[SHA256_BLOCK_SIZE]; + +#ifdef CYASSL_SMALL_STACK + byte* Ai; + byte* B; #else - byte Ai[SHA_DIGEST_SIZE]; - byte B[SHA_BLOCK_SIZE]; + byte Ai[PBKDF_DIGEST_SIZE]; + byte B[PBKDF_DIGEST_SIZE]; #endif if (!iterations) @@ -201,7 +268,19 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, } #endif else - return BAD_FUNC_ARG; + return BAD_FUNC_ARG; + +#ifdef CYASSL_SMALL_STACK + Ai = (byte*)XMALLOC(PBKDF_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (Ai == NULL) + return MEMORY_E; + + B = (byte*)XMALLOC(PBKDF_DIGEST_SIZE, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (B == NULL) { + XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif dLen = v; sLen = v * ((saltLen + v - 1) / v); @@ -215,7 +294,13 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, if (totalLen > sizeof(staticBuffer)) { buffer = (byte*)XMALLOC(totalLen, 0, DYNAMIC_TYPE_KEY); - if (buffer == NULL) return MEMORY_E; + if (buffer == NULL) { +#ifdef CYASSL_SMALL_STACK + XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(B, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return MEMORY_E; + } dynamic = 1; } @@ -236,11 +321,23 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, mp_int B1; if (hashType == MD5) { + Md5 md5; + + InitMd5(&md5); + Md5Update(&md5, buffer, totalLen); + Md5Final(&md5, Ai); + + for (i = 1; i < iterations; i++) { + Md5Update(&md5, Ai, u); + Md5Final(&md5, Ai); + } } else if (hashType == SHA) { Sha sha; - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + break; ShaUpdate(&sha, buffer, totalLen); ShaFinal(&sha, Ai); @@ -251,21 +348,70 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, } #ifndef NO_SHA256 else if (hashType == SHA256) { + Sha256 sha256; + + ret = InitSha256(&sha256); + if (ret != 0) + break; + + ret = Sha256Update(&sha256, buffer, totalLen); + if (ret != 0) + break; + + ret = Sha256Final(&sha256, Ai); + if (ret != 0) + break; + + for (i = 1; i < iterations; i++) { + ret = Sha256Update(&sha256, Ai, u); + if (ret != 0) + break; + + ret = Sha256Final(&sha256, Ai); + if (ret != 0) + break; + } } #endif #ifdef CYASSL_SHA512 else if (hashType == SHA512) { + Sha512 sha512; + + ret = InitSha512(&sha512); + if (ret != 0) + break; + + ret = Sha512Update(&sha512, buffer, totalLen); + if (ret != 0) + break; + + ret = Sha512Final(&sha512, Ai); + if (ret != 0) + break; + + for (i = 1; i < iterations; i++) { + ret = Sha512Update(&sha512, Ai, u); + if (ret != 0) + break; + + ret = Sha512Final(&sha512, Ai); + if (ret != 0) + break; + } } #endif for (i = 0; i < (int)v; i++) B[i] = Ai[i % u]; - mp_init(&B1); - if (mp_read_unsigned_bin(&B1, B, v) != MP_OKAY) + if (mp_init(&B1) != MP_OKAY) + ret = MP_INIT_E; + else if (mp_read_unsigned_bin(&B1, B, v) != MP_OKAY) ret = MP_READ_E; - else if (mp_add_d(&B1, (mp_digit)1, &B1) != MP_OKAY) { + else if (mp_add_d(&B1, (mp_digit)1, &B1) != MP_OKAY) ret = MP_ADD_E; + + if (ret != 0) { mp_clear(&B1); break; } @@ -275,9 +421,10 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, mp_int i1; mp_int res; - mp_init(&i1); - mp_init(&res); - + if (mp_init_multi(&i1, &res, NULL, NULL, NULL, NULL) != MP_OKAY) { + ret = MP_INIT_E; + break; + } if (mp_read_unsigned_bin(&i1, I + i, v) != MP_OKAY) ret = MP_READ_E; else if (mp_add(&i1, &B1, &res) != MP_OKAY) @@ -288,15 +435,15 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, if (outSz > (int)v) { /* take off MSB */ byte tmp[129]; - mp_to_unsigned_bin(&res, tmp); + ret = mp_to_unsigned_bin(&res, tmp); XMEMCPY(I + i, tmp + 1, v); } else if (outSz < (int)v) { XMEMSET(I + i, 0, v - outSz); - mp_to_unsigned_bin(&res, I + i + v - outSz); + ret = mp_to_unsigned_bin(&res, I + i + v - outSz); } else - mp_to_unsigned_bin(&res, I + i); + ret = mp_to_unsigned_bin(&res, I + i); } mp_clear(&i1); @@ -312,8 +459,16 @@ int PKCS12_PBKDF(byte* output, const byte* passwd, int passLen,const byte* salt, } if (dynamic) XFREE(buffer, 0, DYNAMIC_TYPE_KEY); + +#ifdef CYASSL_SMALL_STACK + XFREE(Ai, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(B, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; } +#undef PBKDF_DIGEST_SIZE + #endif /* NO_PWDBASED */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rabbit.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rabbit.c index 79f5b3e92..5be474163 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rabbit.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rabbit.c @@ -1,6 +1,6 @@ /* rabbit.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,16 +16,20 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifndef NO_RABBIT #include +#include +#include #ifdef NO_INLINE #include #else @@ -39,7 +43,7 @@ #define LITTLE32(x) (x) #endif -#define U32V(x) (word32)(x) +#define U32V(x) ((word32)(x) & 0xFFFFFFFFU) /* Square a 32-bit unsigned integer to obtain the 64-bit result and return */ @@ -100,14 +104,20 @@ static void RABBIT_next_state(RabbitCtx* ctx) /* IV setup */ -static void RabbitSetIV(Rabbit* ctx, const byte* iv) +static void RabbitSetIV(Rabbit* ctx, const byte* inIv) { /* Temporary variables */ word32 i0, i1, i2, i3, i; + word32 iv[2]; + + if (inIv) + XMEMCPY(iv, inIv, sizeof(iv)); + else + XMEMSET(iv, 0, sizeof(iv)); /* Generate four subvectors */ - i0 = LITTLE32(*(word32*)(iv+0)); - i2 = LITTLE32(*(word32*)(iv+4)); + i0 = LITTLE32(iv[0]); + i2 = LITTLE32(iv[1]); i1 = (i0>>16) | (i2&0xFFFF0000); i3 = (i2<<16) | (i0&0x0000FFFF); @@ -133,7 +143,7 @@ static void RabbitSetIV(Rabbit* ctx, const byte* iv) /* Key setup */ -void RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv) +static INLINE int DoKey(Rabbit* ctx, const byte* key, const byte* iv) { /* Temporary variables */ word32 k0, k1, k2, k3, i; @@ -182,14 +192,36 @@ void RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv) } ctx->workCtx.carry = ctx->masterCtx.carry; - if (iv) RabbitSetIV(ctx, iv); + RabbitSetIV(ctx, iv); + + return 0; } -/* Encrypt/decrypt a message of any size */ -void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen) +/* Key setup */ +int RabbitSetKey(Rabbit* ctx, const byte* key, const byte* iv) { +#ifdef XSTREAM_ALIGN + if ((word)key % 4) { + int alignKey[4]; + + /* iv aligned in SetIV */ + CYASSL_MSG("RabbitSetKey unaligned key"); + + XMEMCPY(alignKey, key, sizeof(alignKey)); + return DoKey(ctx, (const byte*)alignKey, iv); + } +#endif /* XSTREAM_ALIGN */ + + return DoKey(ctx, key, iv); +} + + +/* Encrypt/decrypt a message of any size */ +static INLINE int DoProcess(Rabbit* ctx, byte* output, const byte* input, + word32 msglen) +{ /* Encrypt/decrypt all full blocks */ while (msglen >= 16) { /* Iterate the system */ @@ -210,7 +242,7 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen) U32V(ctx->workCtx.x[1]<<16)); /* Increment pointers and decrement length */ - input += 16; + input += 16; output += 16; msglen -= 16; } @@ -222,6 +254,8 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen) word32 tmp[4]; byte* buffer = (byte*)tmp; + XMEMSET(tmp, 0, sizeof(tmp)); /* help static analysis */ + /* Iterate the system */ RABBIT_next_state(&(ctx->workCtx)); @@ -239,8 +273,38 @@ void RabbitProcess(Rabbit* ctx, byte* output, const byte* input, word32 msglen) for (i=0; i #endif +#include + /* on HPUX 11 you may need to install /dev/random see http://h20293.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=KRNG11I */ +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif + #include -#include +#include + +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + #include + + #ifdef NO_INLINE + #include + #else + #include + #endif +#endif /* HAVE_HASHDRBG || NO_RC4 */ #if defined(USE_WINDOWS_API) #ifndef _WIN32_WINNT @@ -39,49 +56,505 @@ #include #include #else - #ifndef NO_DEV_RANDOM - #include - #include + #if !defined(NO_DEV_RANDOM) && !defined(CYASSL_MDK_ARM) \ + && !defined(CYASSL_IAR_ARM) + #include + #ifndef EBSNET + #include + #endif #else /* include headers that may be needed to get good seed */ #endif #endif /* USE_WINDOWS_API */ +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + +/* Start NIST DRBG code */ + +#define OUTPUT_BLOCK_LEN (SHA256_DIGEST_SIZE) +#define MAX_REQUEST_LEN (0x10000) +#define RESEED_INTERVAL (1000000) +#define SECURITY_STRENGTH (256) +#define ENTROPY_SZ (SECURITY_STRENGTH/8) +#define NONCE_SZ (ENTROPY_SZ/2) +#define ENTROPY_NONCE_SZ (ENTROPY_SZ+NONCE_SZ) + +/* Internal return codes */ +#define DRBG_SUCCESS 0 +#define DRBG_ERROR 1 +#define DRBG_FAILURE 2 +#define DRBG_NEED_RESEED 3 + +/* RNG health states */ +#define DRBG_NOT_INIT 0 +#define DRBG_OK 1 +#define DRBG_FAILED 2 + + +enum { + drbgInitC = 0, + drbgReseed = 1, + drbgGenerateW = 2, + drbgGenerateH = 3, + drbgInitV +}; + + +/* Hash Derivation Function */ +/* Returns: DRBG_SUCCESS or DRBG_FAILURE */ +static int Hash_df(RNG* rng, byte* out, word32 outSz, byte type, + const byte* inA, word32 inASz, + const byte* inB, word32 inBSz) +{ + byte ctr; + int i; + int len; + word32 bits = (outSz * 8); /* reverse byte order */ + + #ifdef LITTLE_ENDIAN_ORDER + bits = ByteReverseWord32(bits); + #endif + len = (outSz / OUTPUT_BLOCK_LEN) + + ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0); + + for (i = 0, ctr = 1; i < len; i++, ctr++) + { + if (InitSha256(&rng->sha) != 0) + return DRBG_FAILURE; + + if (Sha256Update(&rng->sha, &ctr, sizeof(ctr)) != 0) + return DRBG_FAILURE; + + if (Sha256Update(&rng->sha, (byte*)&bits, sizeof(bits)) != 0) + return DRBG_FAILURE; + + /* churning V is the only string that doesn't have + * the type added */ + if (type != drbgInitV) + if (Sha256Update(&rng->sha, &type, sizeof(type)) != 0) + return DRBG_FAILURE; + + if (Sha256Update(&rng->sha, inA, inASz) != 0) + return DRBG_FAILURE; + + if (inB != NULL && inBSz > 0) + if (Sha256Update(&rng->sha, inB, inBSz) != 0) + return DRBG_FAILURE; + + if (Sha256Final(&rng->sha, rng->digest) != 0) + return DRBG_FAILURE; + + if (outSz > OUTPUT_BLOCK_LEN) { + XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN); + outSz -= OUTPUT_BLOCK_LEN; + out += OUTPUT_BLOCK_LEN; + } + else { + XMEMCPY(out, rng->digest, outSz); + } + } + + return DRBG_SUCCESS; +} + + +/* Returns: DRBG_SUCCESS or DRBG_FAILURE */ +static int Hash_DRBG_Reseed(RNG* rng, const byte* entropy, word32 entropySz) +{ + byte seed[DRBG_SEED_LEN]; + + if (Hash_df(rng, seed, sizeof(seed), drbgReseed, rng->V, sizeof(rng->V), + entropy, entropySz) != DRBG_SUCCESS) { + return DRBG_FAILURE; + } + + XMEMCPY(rng->V, seed, sizeof(rng->V)); + XMEMSET(seed, 0, sizeof(seed)); + + if (Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V, + sizeof(rng->V), NULL, 0) != DRBG_SUCCESS) { + return DRBG_FAILURE; + } + + rng->reseedCtr = 1; + return DRBG_SUCCESS; +} + +static INLINE void array_add_one(byte* data, word32 dataSz) +{ + int i; + + for (i = dataSz - 1; i >= 0; i--) + { + data[i]++; + if (data[i] != 0) break; + } +} + + +/* Returns: DRBG_SUCCESS or DRBG_FAILURE */ +static int Hash_gen(RNG* rng, byte* out, word32 outSz, const byte* V) +{ + byte data[DRBG_SEED_LEN]; + int i; + int len = (outSz / OUTPUT_BLOCK_LEN) + + ((outSz % OUTPUT_BLOCK_LEN) ? 1 : 0); + + XMEMCPY(data, V, sizeof(data)); + for (i = 0; i < len; i++) { + if (InitSha256(&rng->sha) != 0 || + Sha256Update(&rng->sha, data, sizeof(data)) != 0 || + Sha256Final(&rng->sha, rng->digest) != 0) { + + return DRBG_FAILURE; + } + + if (outSz > OUTPUT_BLOCK_LEN) { + XMEMCPY(out, rng->digest, OUTPUT_BLOCK_LEN); + outSz -= OUTPUT_BLOCK_LEN; + out += OUTPUT_BLOCK_LEN; + array_add_one(data, DRBG_SEED_LEN); + } + else { + XMEMCPY(out, rng->digest, outSz); + } + } + XMEMSET(data, 0, sizeof(data)); + + return DRBG_SUCCESS; +} + + +static INLINE void array_add(byte* d, word32 dLen, const byte* s, word32 sLen) +{ + word16 carry = 0; + + if (dLen > 0 && sLen > 0 && dLen >= sLen) { + int sIdx, dIdx; + + for (sIdx = sLen - 1, dIdx = dLen - 1; sIdx >= 0; dIdx--, sIdx--) + { + carry += d[dIdx] + s[sIdx]; + d[dIdx] = carry; + carry >>= 8; + } + if (dIdx > 0) + d[dIdx] += carry; + } +} + + +/* Returns: DRBG_SUCCESS, DRBG_NEED_RESEED, or DRBG_FAILURE */ +static int Hash_DRBG_Generate(RNG* rng, byte* out, word32 outSz) +{ + int ret = DRBG_NEED_RESEED; + + if (rng->reseedCtr != RESEED_INTERVAL) { + byte type = drbgGenerateH; + word32 reseedCtr = rng->reseedCtr; + + rng->reseedCtr++; + if (Hash_gen(rng, out, outSz, rng->V) != 0 || + InitSha256(&rng->sha) != 0 || + Sha256Update(&rng->sha, &type, sizeof(type)) != 0 || + Sha256Update(&rng->sha, rng->V, sizeof(rng->V)) != 0 || + Sha256Final(&rng->sha, rng->digest) != 0) { + + ret = DRBG_FAILURE; + } + else { + array_add(rng->V, sizeof(rng->V), rng->digest, sizeof(rng->digest)); + array_add(rng->V, sizeof(rng->V), rng->C, sizeof(rng->C)); + #ifdef LITTLE_ENDIAN_ORDER + reseedCtr = ByteReverseWord32(reseedCtr); + #endif + array_add(rng->V, sizeof(rng->V), + (byte*)&reseedCtr, sizeof(reseedCtr)); + ret = DRBG_SUCCESS; + } + } + + return ret; +} + + +/* Returns: DRBG_SUCCESS or DRBG_FAILURE */ +static int Hash_DRBG_Instantiate(RNG* rng, const byte* seed, word32 seedSz, + const byte* nonce, word32 nonceSz) +{ + int ret = DRBG_FAILURE; + + XMEMSET(rng, 0, sizeof(*rng)); + + if (Hash_df(rng, rng->V, sizeof(rng->V), drbgInitV, seed, seedSz, + nonce, nonceSz) == DRBG_SUCCESS && + Hash_df(rng, rng->C, sizeof(rng->C), drbgInitC, rng->V, + sizeof(rng->V), NULL, 0) == DRBG_SUCCESS) { + + rng->reseedCtr = 1; + ret = DRBG_SUCCESS; + } + + return ret; +} + + +/* Returns: DRBG_SUCCESS */ +static int Hash_DRBG_Uninstantiate(RNG* rng) +{ + XMEMSET(rng, 0, sizeof(*rng)); + + return DRBG_SUCCESS; +} + +/* End NIST DRBG Code */ + + +/* Get seed and key cipher */ +int InitRng(RNG* rng) +{ + int ret = BAD_FUNC_ARG; + + if (rng != NULL) { + byte entropy[ENTROPY_NONCE_SZ]; + + /* This doesn't use a separate nonce. The entropy input will be + * the default size plus the size of the nonce making the seed + * size. */ + if (GenerateSeed(&rng->seed, entropy, ENTROPY_NONCE_SZ) == 0 && + Hash_DRBG_Instantiate(rng, entropy, ENTROPY_NONCE_SZ, + NULL, 0) == DRBG_SUCCESS) { + rng->status = DRBG_OK; + ret = 0; + } + else { + rng->status = DRBG_FAILED; + ret = RNG_FAILURE_E; + } + + XMEMSET(entropy, 0, ENTROPY_NONCE_SZ); + } + + return ret; +} + + +/* place a generated block in output */ +int RNG_GenerateBlock(RNG* rng, byte* output, word32 sz) +{ + int ret; + + if (rng == NULL || output == NULL || sz > MAX_REQUEST_LEN) + return BAD_FUNC_ARG; + + if (rng->status != DRBG_OK) + return RNG_FAILURE_E; + + ret = Hash_DRBG_Generate(rng, output, sz); + if (ret == DRBG_SUCCESS) { + ret = 0; + } + else if (ret == DRBG_NEED_RESEED) { + byte entropy[ENTROPY_SZ]; + + if (GenerateSeed(&rng->seed, entropy, ENTROPY_SZ) == 0 && + Hash_DRBG_Reseed(rng, entropy, ENTROPY_SZ) == DRBG_SUCCESS && + Hash_DRBG_Generate(rng, output, sz) == DRBG_SUCCESS) { + + ret = 0; + } + else { + ret = RNG_FAILURE_E; + rng->status = DRBG_FAILED; + } + + XMEMSET(entropy, 0, ENTROPY_SZ); + } + else { + ret = RNG_FAILURE_E; + rng->status = DRBG_FAILED; + } + + return ret; +} + + +int RNG_GenerateByte(RNG* rng, byte* b) +{ + return RNG_GenerateBlock(rng, b, 1); +} + + +int FreeRng(RNG* rng) +{ + int ret = BAD_FUNC_ARG; + + if (rng != NULL) { + if (Hash_DRBG_Uninstantiate(rng) == DRBG_SUCCESS) + ret = 0; + else + ret = RNG_FAILURE_E; + } + + return ret; +} + + +int RNG_HealthTest(int reseed, const byte* entropyA, word32 entropyASz, + const byte* entropyB, word32 entropyBSz, + const byte* output, word32 outputSz) +{ + RNG rng; + byte check[SHA256_DIGEST_SIZE * 4]; + + if (Hash_DRBG_Instantiate(&rng, entropyA, entropyASz, NULL, 0) != 0) + return -1; + + if (reseed) { + if (Hash_DRBG_Reseed(&rng, entropyB, entropyBSz) != 0) { + Hash_DRBG_Uninstantiate(&rng); + return -1; + } + } + + if (Hash_DRBG_Generate(&rng, check, sizeof(check)) != 0) { + Hash_DRBG_Uninstantiate(&rng); + return -1; + } + + if (Hash_DRBG_Generate(&rng, check, sizeof(check)) != 0) { + Hash_DRBG_Uninstantiate(&rng); + return -1; + } + + if (outputSz != sizeof(check) || XMEMCMP(output, check, sizeof(check))) { + Hash_DRBG_Uninstantiate(&rng); + return -1; + } + + Hash_DRBG_Uninstantiate(&rng); + + return 0; +} + + +#else /* HAVE_HASHDRBG || NO_RC4 */ /* Get seed and key cipher */ int InitRng(RNG* rng) { + int ret; +#ifdef CYASSL_SMALL_STACK + byte* key; + byte* junk; +#else byte key[32]; byte junk[256]; +#endif - int ret = GenerateSeed(&rng->seed, key, sizeof(key)); +#ifdef HAVE_CAVIUM + if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC) + return 0; +#endif + +#ifdef CYASSL_SMALL_STACK + key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (key == NULL) + return MEMORY_E; + + junk = (byte*)XMALLOC(256, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (junk == NULL) { + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); + return MEMORY_E; + } +#endif + + ret = GenerateSeed(&rng->seed, key, 32); if (ret == 0) { Arc4SetKey(&rng->cipher, key, sizeof(key)); - RNG_GenerateBlock(rng, junk, sizeof(junk)); /* rid initial state */ + + ret = RNG_GenerateBlock(rng, junk, 256); /*rid initial state*/ } +#ifdef CYASSL_SMALL_STACK + XFREE(key, NULL, DYNAMIC_TYPE_TMP_BUFFER); + XFREE(junk, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + return ret; } +#ifdef HAVE_CAVIUM + static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz); +#endif /* place a generated block in output */ -void RNG_GenerateBlock(RNG* rng, byte* output, word32 sz) +int RNG_GenerateBlock(RNG* rng, byte* output, word32 sz) { +#ifdef HAVE_CAVIUM + if (rng->magic == CYASSL_RNG_CAVIUM_MAGIC) + return CaviumRNG_GenerateBlock(rng, output, sz); +#endif XMEMSET(output, 0, sz); Arc4Process(&rng->cipher, output, output, sz); + + return 0; +} + + +int RNG_GenerateByte(RNG* rng, byte* b) +{ + return RNG_GenerateBlock(rng, b, 1); } -byte RNG_GenerateByte(RNG* rng) +#ifdef HAVE_CAVIUM + +#include +#include "cavium_common.h" + +/* Initiliaze RNG for use with Nitrox device */ +int InitRngCavium(RNG* rng, int devId) { - byte b; - RNG_GenerateBlock(rng, &b, 1); + if (rng == NULL) + return -1; + + rng->devId = devId; + rng->magic = CYASSL_RNG_CAVIUM_MAGIC; + + return 0; +} + - return b; +static void CaviumRNG_GenerateBlock(RNG* rng, byte* output, word32 sz) +{ + word offset = 0; + word32 requestId; + + while (sz > CYASSL_MAX_16BIT) { + word16 slen = (word16)CYASSL_MAX_16BIT; + if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId, + rng->devId) != 0) { + CYASSL_MSG("Cavium RNG failed"); + } + sz -= CYASSL_MAX_16BIT; + offset += CYASSL_MAX_16BIT; + } + if (sz) { + word16 slen = (word16)sz; + if (CspRandom(CAVIUM_BLOCKING, slen, output + offset, &requestId, + rng->devId) != 0) { + CYASSL_MSG("Cavium RNG failed"); + } + } } +#endif /* HAVE_CAVIUM */ + +#endif /* HAVE_HASHDRBG || NO_RC4 */ + #if defined(USE_WINDOWS_API) @@ -101,7 +574,7 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz) } -#elif defined(THREADX) +#elif defined(HAVE_RTP_SYS) || defined(EBSNET) #include "rtprand.h" /* rtp_rand () */ #include "rtptime.h" /* rtp_get_system_msec() */ @@ -144,12 +617,244 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz) return 0; } +#elif defined(MICROCHIP_PIC32) + +#ifdef MICROCHIP_MPLAB_HARMONY + #define PIC32_SEED_COUNT _CP0_GET_COUNT +#else + #if !defined(CYASSL_MICROCHIP_PIC32MZ) + #include + #endif + #define PIC32_SEED_COUNT ReadCoreTimer +#endif + #ifdef CYASSL_MIC32MZ_RNG + #include "xc.h" + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i ; + byte rnd[8] ; + word32 *rnd32 = (word32 *)rnd ; + word32 size = sz ; + byte* op = output ; + + /* This part has to be replaced with better random seed */ + RNGNUMGEN1 = ReadCoreTimer(); + RNGPOLY1 = ReadCoreTimer(); + RNGPOLY2 = ReadCoreTimer(); + RNGNUMGEN2 = ReadCoreTimer(); +#ifdef DEBUG_CYASSL + printf("GenerateSeed::Seed=%08x, %08x\n", RNGNUMGEN1, RNGNUMGEN2) ; +#endif + RNGCONbits.PLEN = 0x40; + RNGCONbits.PRNGEN = 1; + for(i=0; i<5; i++) { /* wait for RNGNUMGEN ready */ + volatile int x ; + x = RNGNUMGEN1 ; + x = RNGNUMGEN2 ; + } + do { + rnd32[0] = RNGNUMGEN1; + rnd32[1] = RNGNUMGEN2; + + for(i=0; i<8; i++, op++) { + *op = rnd[i] ; + size -- ; + if(size==0)break ; + } + } while(size) ; + return 0; + } + #else /* CYASSL_MIC32MZ_RNG */ + /* uses the core timer, in nanoseconds to seed srand */ + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i; + srand(PIC32_SEED_COUNT() * 25); + + for (i = 0; i < sz; i++ ) { + output[i] = rand() % 256; + if ( (i % 8) == 7) + srand(PIC32_SEED_COUNT() * 25); + } + return 0; + } + #endif /* CYASSL_MIC32MZ_RNG */ + +#elif defined(FREESCALE_MQX) + + #ifdef FREESCALE_K70_RNGA + /* + * Generates a RNG seed using the Random Number Generator Accelerator + * on the Kinetis K70. Documentation located in Chapter 37 of + * K70 Sub-Family Reference Manual (see Note 3 in the README for link). + */ + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i; + + /* turn on RNGA module */ + SIM_SCGC3 |= SIM_SCGC3_RNGA_MASK; + + /* set SLP bit to 0 - "RNGA is not in sleep mode" */ + RNG_CR &= ~RNG_CR_SLP_MASK; + + /* set HA bit to 1 - "security violations masked" */ + RNG_CR |= RNG_CR_HA_MASK; + + /* set GO bit to 1 - "output register loaded with data" */ + RNG_CR |= RNG_CR_GO_MASK; + + for (i = 0; i < sz; i++) { + + /* wait for RNG FIFO to be full */ + while((RNG_SR & RNG_SR_OREG_LVL(0xF)) == 0) {} + + /* get value */ + output[i] = RNG_OR; + } + + return 0; + } + + #elif defined(FREESCALE_K53_RNGB) + /* + * Generates a RNG seed using the Random Number Generator (RNGB) + * on the Kinetis K53. Documentation located in Chapter 33 of + * K53 Sub-Family Reference Manual (see note in the README for link). + */ + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i; + + /* turn on RNGB module */ + SIM_SCGC3 |= SIM_SCGC3_RNGB_MASK; + + /* reset RNGB */ + RNG_CMD |= RNG_CMD_SR_MASK; + + /* FIFO generate interrupt, return all zeros on underflow, + * set auto reseed */ + RNG_CR |= (RNG_CR_FUFMOD_MASK | RNG_CR_AR_MASK); + + /* gen seed, clear interrupts, clear errors */ + RNG_CMD |= (RNG_CMD_GS_MASK | RNG_CMD_CI_MASK | RNG_CMD_CE_MASK); + + /* wait for seeding to complete */ + while ((RNG_SR & RNG_SR_SDN_MASK) == 0) {} + + for (i = 0; i < sz; i++) { + + /* wait for a word to be available from FIFO */ + while((RNG_SR & RNG_SR_FIFO_LVL_MASK) == 0) {} + + /* get value */ + output[i] = RNG_OUT; + } + + return 0; + } + + #else + #warning "write a real random seed!!!!, just for testing now" + + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i; + for (i = 0; i < sz; i++ ) + output[i] = i; + + return 0; + } + #endif /* FREESCALE_K70_RNGA */ + +#elif defined(CYASSL_SAFERTOS) || defined(CYASSL_LEANPSK) \ + || defined(CYASSL_IAR_ARM) || defined(CYASSL_MDK_ARM) + +#warning "write a real random seed!!!!, just for testing now" + +int GenerateSeed(OS_Seed* os, byte* output, word32 sz) +{ + word32 i; + for (i = 0; i < sz; i++ ) + output[i] = i; + + (void)os; + + return 0; +} + +#elif defined(STM32F2_RNG) + #undef RNG + #include "stm32f2xx_rng.h" + #include "stm32f2xx_rcc.h" + /* + * Generate a RNG seed using the hardware random number generator + * on the STM32F2. Documentation located in STM32F2xx Standard Peripheral + * Library document (See note in README). + */ + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i; + + /* enable RNG clock source */ + RCC_AHB2PeriphClockCmd(RCC_AHB2Periph_RNG, ENABLE); + + /* enable RNG peripheral */ + RNG_Cmd(ENABLE); + + for (i = 0; i < sz; i++) { + /* wait until RNG number is ready */ + while(RNG_GetFlagStatus(RNG_FLAG_DRDY)== RESET) { } + + /* get value */ + output[i] = RNG_GetRandomNumber(); + } + + return 0; + } +#elif defined(CYASSL_LPC43xx) || defined(CYASSL_STM32F2xx) + + #warning "write a real random seed!!!!, just for testing now" + + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i; + + for (i = 0; i < sz; i++ ) + output[i] = i; + + return 0; + } + +#elif defined(CUSTOM_RAND_GENERATE) + + /* Implement your own random generation function + * word32 rand_gen(void); + * #define CUSTOM_RAND_GENERATE rand_gen */ + + int GenerateSeed(OS_Seed* os, byte* output, word32 sz) + { + int i; + + for (i = 0; i < sz; i++ ) + output[i] = CUSTOM_RAND_GENERATE(); + + return 0; + } + #elif defined(NO_DEV_RANDOM) #error "you need to write an os specific GenerateSeed() here" +/* +int GenerateSeed(OS_Seed* os, byte* output, word32 sz) +{ + return 0; +} +*/ + -#else /* !USE_WINDOWS_API && !THREADX && !MICRIUM && !NO_DEV_RANDOM */ +#else /* !USE_WINDOWS_API && !HAVE_RPT_SYS && !MICRIUM && !NO_DEV_RANDOM */ /* may block */ @@ -166,8 +871,8 @@ int GenerateSeed(OS_Seed* os, byte* output, word32 sz) } while (sz) { - int len = read(os->fd, output, sz); - if (len == -1) { + int len = (int)read(os->fd, output, sz); + if (len == -1) { ret = READ_RAN_E; break; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ripemd.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ripemd.c index 1cb6ae8f1..69ff9066e 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ripemd.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/ripemd.c @@ -1,6 +1,6 @@ /* ripemd.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,6 +24,8 @@ #include #endif +#include + #ifdef CYASSL_RIPEMD #include @@ -293,7 +295,8 @@ void RipeMdUpdate(RipeMd* ripemd, const byte* data, word32 len) if (ripemd->buffLen == RIPEMD_BLOCK_SIZE) { #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, RIPEMD_BLOCK_SIZE); + ByteReverseWords(ripemd->buffer, ripemd->buffer, + RIPEMD_BLOCK_SIZE); #endif Transform(ripemd); AddLength(ripemd, RIPEMD_BLOCK_SIZE); @@ -317,7 +320,7 @@ void RipeMdFinal(RipeMd* ripemd, byte* hash) ripemd->buffLen += RIPEMD_BLOCK_SIZE - ripemd->buffLen; #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, RIPEMD_BLOCK_SIZE); + ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE); #endif Transform(ripemd); ripemd->buffLen = 0; @@ -331,7 +334,7 @@ void RipeMdFinal(RipeMd* ripemd, byte* hash) /* store lengths */ #ifdef BIG_ENDIAN_ORDER - ByteReverseBytes(local, local, RIPEMD_BLOCK_SIZE); + ByteReverseWords(ripemd->buffer, ripemd->buffer, RIPEMD_BLOCK_SIZE); #endif /* ! length ordering dependent on digest endian type ! */ XMEMCPY(&local[RIPEMD_PAD_SIZE], &ripemd->loLen, sizeof(word32)); diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rsa.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rsa.c index 7f511df1c..648d56f1b 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rsa.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/rsa.c @@ -1,6 +1,6 @@ /* rsa.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,15 +24,40 @@ #include #endif +#include + +#ifndef NO_RSA + +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif + #include #include -#include +#include #include #ifdef SHOW_GEN - #include + #ifdef FREESCALE_MQX + #include + #else + #include + #endif #endif +#ifdef HAVE_CAVIUM + static int InitCaviumRsaKey(RsaKey* key, void* heap); + static int FreeCaviumRsaKey(RsaKey* key); + static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); + static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); + static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); + static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); +#endif enum { RSA_PUBLIC_ENCRYPT = 0, @@ -50,8 +75,13 @@ enum { }; -void InitRsaKey(RsaKey* key, void* heap) +int InitRsaKey(RsaKey* key, void* heap) { +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) + return InitCaviumRsaKey(key, heap); +#endif + key->type = -1; /* haven't decided yet */ key->heap = heap; @@ -63,12 +93,20 @@ void InitRsaKey(RsaKey* key, void* heap) key->q.dp = key->dP.dp = 0; key->u.dp = key->dQ.dp = 0; #endif + + return 0; } -void FreeRsaKey(RsaKey* key) +int FreeRsaKey(RsaKey* key) { (void)key; + +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) + return FreeCaviumRsaKey(key); +#endif + /* TomsFastMath doesn't use memory allocation */ #ifndef USE_FAST_MATH if (key->type == RSA_PRIVATE) { @@ -82,12 +120,15 @@ void FreeRsaKey(RsaKey* key) mp_clear(&key->e); mp_clear(&key->n); #endif + + return 0; } -static void RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock, +static int RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock, word32 pkcsBlockLen, byte padValue, RNG* rng) { - if (inputLen == 0) return; + if (inputLen == 0) + return 0; pkcsBlock[0] = 0x0; /* set first byte to zero and advance */ pkcsBlock++; pkcsBlockLen--; @@ -99,7 +140,10 @@ static void RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock, else { /* pad with non-zero random bytes */ word32 padLen = pkcsBlockLen - inputLen - 1, i; - RNG_GenerateBlock(rng, &pkcsBlock[1], padLen); + int ret = RNG_GenerateBlock(rng, &pkcsBlock[1], padLen); + + if (ret != 0) + return ret; /* remove zeros */ for (i = 1; i < padLen; i++) @@ -108,6 +152,8 @@ static void RsaPad(const byte* input, word32 inputLen, byte* pkcsBlock, pkcsBlock[pkcsBlockLen-inputLen-1] = 0; /* separator */ XMEMCPY(pkcsBlock+pkcsBlockLen-inputLen, input, inputLen); + + return 0; } @@ -243,15 +289,23 @@ done: int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key, RNG* rng) { - int sz = mp_unsigned_bin_size(&key->n), ret; + int sz, ret; + +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) + return CaviumRsaPublicEncrypt(in, inLen, out, outLen, key); +#endif + sz = mp_unsigned_bin_size(&key->n); if (sz > (int)outLen) return RSA_BUFFER_E; if (inLen > (word32)(sz - RSA_MIN_PAD_SZ)) return RSA_BUFFER_E; - RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_2, rng); + ret = RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_2, rng); + if (ret != 0) + return ret; if ((ret = RsaFunction(out, sz, out, &outLen, RSA_PUBLIC_ENCRYPT, key)) < 0) sz = ret; @@ -264,6 +318,15 @@ int RsaPrivateDecryptInline(byte* in, word32 inLen, byte** out, RsaKey* key) { int plainLen, ret; +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) { + ret = CaviumRsaPrivateDecrypt(in, inLen, in, inLen, key); + if (ret > 0) + *out = in; + return ret; + } +#endif + if ((ret = RsaFunction(in, inLen, in, &inLen, RSA_PRIVATE_DECRYPT, key)) < 0) { return ret; @@ -282,6 +345,11 @@ int RsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, word32 outLen, byte* tmp; byte* pad = 0; +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) + return CaviumRsaPrivateDecrypt(in, inLen, out, outLen, key); +#endif + tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA); if (tmp == NULL) { return MEMORY_E; @@ -310,6 +378,15 @@ int RsaSSL_VerifyInline(byte* in, word32 inLen, byte** out, RsaKey* key) { int plainLen, ret; +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) { + ret = CaviumRsaSSL_Verify(in, inLen, in, inLen, key); + if (ret > 0) + *out = in; + return ret; + } +#endif + if ((ret = RsaFunction(in, inLen, in, &inLen, RSA_PUBLIC_DECRYPT, key)) < 0) { return ret; @@ -328,6 +405,11 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen, byte* tmp; byte* pad = 0; +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) + return CaviumRsaSSL_Verify(in, inLen, out, outLen, key); +#endif + tmp = (byte*)XMALLOC(inLen, key->heap, DYNAMIC_TYPE_RSA); if (tmp == NULL) { return MEMORY_E; @@ -356,15 +438,23 @@ int RsaSSL_Verify(const byte* in, word32 inLen, byte* out, word32 outLen, int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key, RNG* rng) { - int sz = mp_unsigned_bin_size(&key->n), ret; + int sz, ret; + +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) + return CaviumRsaSSL_Sign(in, inLen, out, outLen, key); +#endif + sz = mp_unsigned_bin_size(&key->n); if (sz > (int)outLen) return RSA_BUFFER_E; if (inLen > (word32)(sz - RSA_MIN_PAD_SZ)) return RSA_BUFFER_E; - RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_1, rng); + ret = RsaPad(in, inLen, out, sz, RSA_BLOCK_TYPE_1, rng); + if (ret != 0) + return ret; if ((ret = RsaFunction(out, sz, out, &outLen, RSA_PRIVATE_ENCRYPT,key)) < 0) sz = ret; @@ -375,6 +465,10 @@ int RsaSSL_Sign(const byte* in, word32 inLen, byte* out, word32 outLen, int RsaEncryptSize(RsaKey* key) { +#ifdef HAVE_CAVIUM + if (key->magic == CYASSL_RSA_CAVIUM_MAGIC) + return key->c_nSz; +#endif return mp_unsigned_bin_size(&key->n); } @@ -418,7 +512,11 @@ static int rand_prime(mp_int* N, int len, RNG* rng, void* heap) fflush(stdout); #endif /* generate value */ - RNG_GenerateBlock(rng, buf, len); + err = RNG_GenerateBlock(rng, buf, len); + if (err != 0) { + XFREE(buf, heap, DYNAMIC_TYPE_RSA); + return err; + } /* munge bits */ buf[0] |= 0x80 | 0x40; @@ -496,7 +594,7 @@ int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng) err = mp_init_multi(&key->n, &key->e, &key->d, &key->p, &key->q, NULL); if (err == MP_OKAY) - err = mp_init_multi(&key->dP, &key->dP, &key->u, NULL, NULL, NULL); + err = mp_init_multi(&key->dP, &key->dQ, &key->u, NULL, NULL, NULL); if (err == MP_OKAY) err = mp_sub_d(&p, 1, &tmp2); /* tmp2 = p-1 */ @@ -553,5 +651,184 @@ int MakeRsaKey(RsaKey* key, int size, long e, RNG* rng) } -#endif /* CYASLS_KEY_GEN */ +#endif /* CYASSL_KEY_GEN */ + + +#ifdef HAVE_CAVIUM + +#include +#include "cavium_common.h" + +/* Initiliaze RSA for use with Nitrox device */ +int RsaInitCavium(RsaKey* rsa, int devId) +{ + if (rsa == NULL) + return -1; + + if (CspAllocContext(CONTEXT_SSL, &rsa->contextHandle, devId) != 0) + return -1; + + rsa->devId = devId; + rsa->magic = CYASSL_RSA_CAVIUM_MAGIC; + + return 0; +} + + +/* Free RSA from use with Nitrox device */ +void RsaFreeCavium(RsaKey* rsa) +{ + if (rsa == NULL) + return; + + CspFreeContext(CONTEXT_SSL, rsa->contextHandle, rsa->devId); + rsa->magic = 0; +} + + +/* Initialize cavium RSA key */ +static int InitCaviumRsaKey(RsaKey* key, void* heap) +{ + if (key == NULL) + return BAD_FUNC_ARG; + + key->heap = heap; + key->type = -1; /* don't know yet */ + + key->c_n = NULL; + key->c_e = NULL; + key->c_d = NULL; + key->c_p = NULL; + key->c_q = NULL; + key->c_dP = NULL; + key->c_dQ = NULL; + key->c_u = NULL; + + key->c_nSz = 0; + key->c_eSz = 0; + key->c_dSz = 0; + key->c_pSz = 0; + key->c_qSz = 0; + key->c_dP_Sz = 0; + key->c_dQ_Sz = 0; + key->c_uSz = 0; + + return 0; +} + + +/* Free cavium RSA key */ +static int FreeCaviumRsaKey(RsaKey* key) +{ + if (key == NULL) + return BAD_FUNC_ARG; + + XFREE(key->c_n, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); + XFREE(key->c_e, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); + XFREE(key->c_d, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); + XFREE(key->c_p, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); + XFREE(key->c_q, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); + XFREE(key->c_dP, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); + XFREE(key->c_dQ, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); + XFREE(key->c_u, key->heap, DYNAMIC_TYPE_CAVIUM_TMP); + + return InitCaviumRsaKey(key, key->heap); /* reset pointers */ +} + + +static int CaviumRsaPublicEncrypt(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key) +{ + word32 requestId; + word32 ret; + + if (key == NULL || in == NULL || out == NULL || outLen < (word32)key->c_nSz) + return -1; + + ret = CspPkcs1v15Enc(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_eSz, + (word16)inLen, key->c_n, key->c_e, (byte*)in, out, + &requestId, key->devId); + if (ret != 0) { + CYASSL_MSG("Cavium Enc BT2 failed"); + return -1; + } + return key->c_nSz; +} + + +static INLINE void ato16(const byte* c, word16* u16) +{ + *u16 = (c[0] << 8) | (c[1]); +} + + +static int CaviumRsaPrivateDecrypt(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key) +{ + word32 requestId; + word32 ret; + word16 outSz = (word16)outLen; + + if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz) + return -1; + + ret = CspPkcs1v15CrtDec(CAVIUM_BLOCKING, BT2, key->c_nSz, key->c_q, + key->c_dQ, key->c_p, key->c_dP, key->c_u, + (byte*)in, &outSz, out, &requestId, key->devId); + if (ret != 0) { + CYASSL_MSG("Cavium CRT Dec BT2 failed"); + return -1; + } + ato16((const byte*)&outSz, &outSz); + + return outSz; +} + + +static int CaviumRsaSSL_Sign(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key) +{ + word32 requestId; + word32 ret; + + if (key == NULL || in == NULL || out == NULL || inLen == 0 || outLen < + (word32)key->c_nSz) + return -1; + + ret = CspPkcs1v15CrtEnc(CAVIUM_BLOCKING, BT1, key->c_nSz, (word16)inLen, + key->c_q, key->c_dQ, key->c_p, key->c_dP, key->c_u, + (byte*)in, out, &requestId, key->devId); + if (ret != 0) { + CYASSL_MSG("Cavium CRT Enc BT1 failed"); + return -1; + } + return key->c_nSz; +} + + +static int CaviumRsaSSL_Verify(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key) +{ + word32 requestId; + word32 ret; + word16 outSz = (word16)outLen; + + if (key == NULL || in == NULL || out == NULL || inLen != (word32)key->c_nSz) + return -1; + + ret = CspPkcs1v15Dec(CAVIUM_BLOCKING, BT1, key->c_nSz, key->c_eSz, + key->c_n, key->c_e, (byte*)in, &outSz, out, + &requestId, key->devId); + if (ret != 0) { + CYASSL_MSG("Cavium Dec BT1 failed"); + return -1; + } + outSz = ntohs(outSz); + + return outSz; +} + + +#endif /* HAVE_CAVIUM */ +#endif /* NO_RSA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha.c index bad8c9f79..7501312d5 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha.c @@ -1,6 +1,6 @@ /* sha.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,20 +16,166 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ + #ifdef HAVE_CONFIG_H #include #endif +#include + +#if !defined(NO_SHA) + +#ifdef CYASSL_PIC32MZ_HASH +#define InitSha InitSha_sw +#define ShaUpdate ShaUpdate_sw +#define ShaFinal ShaFinal_sw +#endif + +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif + #include +#include +#include + #ifdef NO_INLINE #include #else #include #endif +#ifdef FREESCALE_MMCAU + #include "cau_api.h" + #define XTRANSFORM(S,B) cau_sha1_hash_n((B), 1, ((S))->digest) +#else + #define XTRANSFORM(S,B) Transform((S)) +#endif + + +#ifdef STM32F2_HASH + /* + * STM32F2 hardware SHA1 support through the STM32F2 standard peripheral + * library. Documentation located in STM32F2xx Standard Peripheral Library + * document (See note in README). + */ + #include "stm32f2xx.h" + #include "stm32f2xx_hash.h" + + int InitSha(Sha* sha) + { + /* STM32F2 struct notes: + * sha->buffer = first 4 bytes used to hold partial block if needed + * sha->buffLen = num bytes currently stored in sha->buffer + * sha->loLen = num bytes that have been written to STM32 FIFO + */ + XMEMSET(sha->buffer, 0, SHA_REG_SIZE); + sha->buffLen = 0; + sha->loLen = 0; + + /* initialize HASH peripheral */ + HASH_DeInit(); + + /* configure algo used, algo mode, datatype */ + HASH->CR &= ~ (HASH_CR_ALGO | HASH_CR_DATATYPE | HASH_CR_MODE); + HASH->CR |= (HASH_AlgoSelection_SHA1 | HASH_AlgoMode_HASH + | HASH_DataType_8b); + + /* reset HASH processor */ + HASH->CR |= HASH_CR_INIT; + + return 0; + } + + int ShaUpdate(Sha* sha, const byte* data, word32 len) + { + word32 i = 0; + word32 fill = 0; + word32 diff = 0; + + /* if saved partial block is available */ + if (sha->buffLen) { + fill = 4 - sha->buffLen; + + /* if enough data to fill, fill and push to FIFO */ + if (fill <= len) { + XMEMCPY((byte*)sha->buffer + sha->buffLen, data, fill); + HASH_DataIn(*(uint32_t*)sha->buffer); + + data += fill; + len -= fill; + sha->loLen += 4; + sha->buffLen = 0; + } else { + /* append partial to existing stored block */ + XMEMCPY((byte*)sha->buffer + sha->buffLen, data, len); + sha->buffLen += len; + return; + } + } + + /* write input block in the IN FIFO */ + for(i = 0; i < len; i += 4) + { + diff = len - i; + if ( diff < 4) { + /* store incomplete last block, not yet in FIFO */ + XMEMSET(sha->buffer, 0, SHA_REG_SIZE); + XMEMCPY((byte*)sha->buffer, data, diff); + sha->buffLen = diff; + } else { + HASH_DataIn(*(uint32_t*)data); + data+=4; + } + } + + /* keep track of total data length thus far */ + sha->loLen += (len - sha->buffLen); + + return 0; + } + + int ShaFinal(Sha* sha, byte* hash) + { + __IO uint16_t nbvalidbitsdata = 0; + + /* finish reading any trailing bytes into FIFO */ + if (sha->buffLen) { + HASH_DataIn(*(uint32_t*)sha->buffer); + sha->loLen += sha->buffLen; + } + + /* calculate number of valid bits in last word of input data */ + nbvalidbitsdata = 8 * (sha->loLen % SHA_REG_SIZE); + + /* configure number of valid bits in last word of the data */ + HASH_SetLastWordValidBitsNbr(nbvalidbitsdata); + + /* start HASH processor */ + HASH_StartDigest(); + + /* wait until Busy flag == RESET */ + while (HASH_GetFlagStatus(HASH_FLAG_BUSY) != RESET) {} + + /* read message digest */ + sha->digest[0] = HASH->HR[0]; + sha->digest[1] = HASH->HR[1]; + sha->digest[2] = HASH->HR[2]; + sha->digest[3] = HASH->HR[3]; + sha->digest[4] = HASH->HR[4]; + + ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE); + + XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE); + + return InitSha(sha); /* reset state */ + } + +#else /* CTaoCrypt software implementation */ #ifndef min @@ -41,19 +187,27 @@ #endif /* min */ -void InitSha(Sha* sha) +int InitSha(Sha* sha) { - sha->digest[0] = 0x67452301L; - sha->digest[1] = 0xEFCDAB89L; - sha->digest[2] = 0x98BADCFEL; - sha->digest[3] = 0x10325476L; - sha->digest[4] = 0xC3D2E1F0L; + #ifdef FREESCALE_MMCAU + cau_sha1_initialize_output(sha->digest); + #else + sha->digest[0] = 0x67452301L; + sha->digest[1] = 0xEFCDAB89L; + sha->digest[2] = 0x98BADCFEL; + sha->digest[3] = 0x10325476L; + sha->digest[4] = 0xC3D2E1F0L; + #endif sha->buffLen = 0; sha->loLen = 0; sha->hiLen = 0; + + return 0; } +#ifndef FREESCALE_MMCAU + #define blk0(i) (W[i] = sha->buffer[i]) #define blk1(i) (W[i&15] = \ rotlFixed(W[(i+13)&15]^W[(i+8)&15]^W[(i+2)&15]^W[i&15],1)) @@ -87,6 +241,34 @@ static void Transform(Sha* sha) word32 d = sha->digest[3]; word32 e = sha->digest[4]; +#ifdef USE_SLOW_SHA + word32 t, i; + + for (i = 0; i < 16; i++) { + R0(a, b, c, d, e, i); + t = e; e = d; d = c; c = b; b = a; a = t; + } + + for (; i < 20; i++) { + R1(a, b, c, d, e, i); + t = e; e = d; d = c; c = b; b = a; a = t; + } + + for (; i < 40; i++) { + R2(a, b, c, d, e, i); + t = e; e = d; d = c; c = b; b = a; a = t; + } + + for (; i < 60; i++) { + R3(a, b, c, d, e, i); + t = e; e = d; d = c; c = b; b = a; a = t; + } + + for (; i < 80; i++) { + R4(a, b, c, d, e, i); + t = e; e = d; d = c; c = b; b = a; a = t; + } +#else /* nearly 1 K bigger in code size but 25% faster */ /* 4 rounds of 20 operations each. Loop unrolled. */ R0(a,b,c,d,e, 0); R0(e,a,b,c,d, 1); R0(d,e,a,b,c, 2); R0(c,d,e,a,b, 3); @@ -113,6 +295,7 @@ static void Transform(Sha* sha) R4(c,d,e,a,b,68); R4(b,c,d,e,a,69); R4(a,b,c,d,e,70); R4(e,a,b,c,d,71); R4(d,e,a,b,c,72); R4(c,d,e,a,b,73); R4(b,c,d,e,a,74); R4(a,b,c,d,e,75); R4(e,a,b,c,d,76); R4(d,e,a,b,c,77); R4(c,d,e,a,b,78); R4(b,c,d,e,a,79); +#endif /* Add the working vars back into digest state[] */ sha->digest[0] += a; @@ -122,6 +305,8 @@ static void Transform(Sha* sha) sha->digest[4] += e; } +#endif /* FREESCALE_MMCAU */ + static INLINE void AddLength(Sha* sha, word32 len) { @@ -131,7 +316,7 @@ static INLINE void AddLength(Sha* sha, word32 len) } -void ShaUpdate(Sha* sha, const byte* data, word32 len) +int ShaUpdate(Sha* sha, const byte* data, word32 len) { /* do block size increments */ byte* local = (byte*)sha->buffer; @@ -145,22 +330,24 @@ void ShaUpdate(Sha* sha, const byte* data, word32 len) len -= add; if (sha->buffLen == SHA_BLOCK_SIZE) { - #ifdef LITTLE_ENDIAN_ORDER - ByteReverseBytes(local, local, SHA_BLOCK_SIZE); + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE); #endif - Transform(sha); + XTRANSFORM(sha, local); AddLength(sha, SHA_BLOCK_SIZE); sha->buffLen = 0; } } + + return 0; } -void ShaFinal(Sha* sha, byte* hash) +int ShaFinal(Sha* sha, byte* hash) { byte* local = (byte*)sha->buffer; - AddLength(sha, sha->buffLen); /* before adding pads */ + AddLength(sha, sha->buffLen); /* before adding pads */ local[sha->buffLen++] = 0x80; /* add 1 */ @@ -169,10 +356,10 @@ void ShaFinal(Sha* sha, byte* hash) XMEMSET(&local[sha->buffLen], 0, SHA_BLOCK_SIZE - sha->buffLen); sha->buffLen += SHA_BLOCK_SIZE - sha->buffLen; - #ifdef LITTLE_ENDIAN_ORDER - ByteReverseBytes(local, local, SHA_BLOCK_SIZE); + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE); #endif - Transform(sha); + XTRANSFORM(sha, local); sha->buffLen = 0; } XMEMSET(&local[sha->buffLen], 0, SHA_PAD_SIZE - sha->buffLen); @@ -183,19 +370,60 @@ void ShaFinal(Sha* sha, byte* hash) sha->loLen = sha->loLen << 3; /* store lengths */ - #ifdef LITTLE_ENDIAN_ORDER - ByteReverseBytes(local, local, SHA_BLOCK_SIZE); + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(sha->buffer, sha->buffer, SHA_BLOCK_SIZE); #endif /* ! length ordering dependent on digest endian type ! */ XMEMCPY(&local[SHA_PAD_SIZE], &sha->hiLen, sizeof(word32)); XMEMCPY(&local[SHA_PAD_SIZE + sizeof(word32)], &sha->loLen, sizeof(word32)); - Transform(sha); + #ifdef FREESCALE_MMCAU + /* Kinetis requires only these bytes reversed */ + ByteReverseWords(&sha->buffer[SHA_PAD_SIZE/sizeof(word32)], + &sha->buffer[SHA_PAD_SIZE/sizeof(word32)], + 2 * sizeof(word32)); + #endif + + XTRANSFORM(sha, local); #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords(sha->digest, sha->digest, SHA_DIGEST_SIZE); #endif XMEMCPY(hash, sha->digest, SHA_DIGEST_SIZE); - InitSha(sha); /* reset state */ + return InitSha(sha); /* reset state */ +} + +#endif /* STM32F2_HASH */ + + +int ShaHash(const byte* data, word32 len, byte* hash) +{ + int ret = 0; +#ifdef CYASSL_SMALL_STACK + Sha* sha; +#else + Sha sha[1]; +#endif + +#ifdef CYASSL_SMALL_STACK + sha = (Sha*)XMALLOC(sizeof(Sha), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (sha == NULL) + return MEMORY_E; +#endif + + if ((ret = InitSha(sha)) != 0) { + CYASSL_MSG("InitSha failed"); + } + else { + ShaUpdate(sha, data, len); + ShaFinal(sha, hash); + } + +#ifdef CYASSL_SMALL_STACK + XFREE(sha, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; } +#endif /* NO_SHA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha256.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha256.c index 9291dbc9c..a90fb19b5 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha256.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha256.c @@ -1,6 +1,6 @@ /* sha256.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -26,15 +26,34 @@ #include #endif -#ifndef NO_SHA256 +#include + +#if !defined(NO_SHA256) + +#ifdef CYASSL_PIC32MZ_HASH +#define InitSha256 InitSha256_sw +#define Sha256Update Sha256Update_sw +#define Sha256Final Sha256Final_sw +#endif + +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif #include +#include +#include + #ifdef NO_INLINE #include #else #include #endif +#ifdef FREESCALE_MMCAU + #include "cau_api.h" +#endif #ifndef min @@ -46,22 +65,41 @@ #endif /* min */ -void InitSha256(Sha256* sha256) +int InitSha256(Sha256* sha256) { - sha256->digest[0] = 0x6A09E667L; - sha256->digest[1] = 0xBB67AE85L; - sha256->digest[2] = 0x3C6EF372L; - sha256->digest[3] = 0xA54FF53AL; - sha256->digest[4] = 0x510E527FL; - sha256->digest[5] = 0x9B05688CL; - sha256->digest[6] = 0x1F83D9ABL; - sha256->digest[7] = 0x5BE0CD19L; + #ifdef FREESCALE_MMCAU + cau_sha256_initialize_output(sha256->digest); + #else + sha256->digest[0] = 0x6A09E667L; + sha256->digest[1] = 0xBB67AE85L; + sha256->digest[2] = 0x3C6EF372L; + sha256->digest[3] = 0xA54FF53AL; + sha256->digest[4] = 0x510E527FL; + sha256->digest[5] = 0x9B05688CL; + sha256->digest[6] = 0x1F83D9ABL; + sha256->digest[7] = 0x5BE0CD19L; + #endif sha256->buffLen = 0; sha256->loLen = 0; sha256->hiLen = 0; + + return 0; } +#ifdef FREESCALE_MMCAU + #define XTRANSFORM(S,B) Transform((S), (B)) + +static int Transform(Sha256* sha256, byte* buf) +{ + cau_sha256_hash_n(buf, 1, sha256->digest); + + return 0; +} + +#else + #define XTRANSFORM(S,B) Transform((S)) + static const word32 K[64] = { 0x428A2F98L, 0x71374491L, 0xB5C0FBCFL, 0xE9B5DBA5L, 0x3956C25BL, 0x59F111F1L, 0x923F82A4L, 0xAB1C5ED5L, 0xD807AA98L, 0x12835B01L, @@ -81,7 +119,7 @@ static const word32 K[64] = { #define Ch(x,y,z) (z ^ (x & (y ^ z))) #define Maj(x,y,z) (((x | y) & z) | (x & y)) #define S(x, n) rotrFixed(x, n) -#define R(x, n) (((x)&0xFFFFFFFFL)>>(n)) +#define R(x, n) (((x)&0xFFFFFFFFU)>>(n)) #define Sigma0(x) (S(x, 2) ^ S(x, 13) ^ S(x, 22)) #define Sigma1(x) (S(x, 6) ^ S(x, 11) ^ S(x, 25)) #define Gamma0(x) (S(x, 7) ^ S(x, 18) ^ R(x, 3)) @@ -94,11 +132,21 @@ static const word32 K[64] = { h = t0 + t1; -static void Transform(Sha256* sha256) +static int Transform(Sha256* sha256) { - word32 S[8], W[64], t0, t1; + word32 S[8], t0, t1; int i; +#ifdef CYASSL_SMALL_STACK + word32* W; + + W = (word32*) XMALLOC(sizeof(word32) * 64, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (W == NULL) + return MEMORY_E; +#else + word32 W[64]; +#endif + /* Copy context->state[] to working vars */ for (i = 0; i < 8; i++) S[i] = sha256->digest[i]; @@ -124,8 +172,16 @@ static void Transform(Sha256* sha256) for (i = 0; i < 8; i++) { sha256->digest[i] += S[i]; } + +#ifdef CYASSL_SMALL_STACK + XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return 0; } +#endif /* FREESCALE_MMCAU */ + static INLINE void AddLength(Sha256* sha256, word32 len) { @@ -135,7 +191,7 @@ static INLINE void AddLength(Sha256* sha256, word32 len) } -void Sha256Update(Sha256* sha256, const byte* data, word32 len) +int Sha256Update(Sha256* sha256, const byte* data, word32 len) { /* do block size increments */ byte* local = (byte*)sha256->buffer; @@ -149,34 +205,48 @@ void Sha256Update(Sha256* sha256, const byte* data, word32 len) len -= add; if (sha256->buffLen == SHA256_BLOCK_SIZE) { - #ifdef LITTLE_ENDIAN_ORDER - ByteReverseBytes(local, local, SHA256_BLOCK_SIZE); + int ret; + + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(sha256->buffer, sha256->buffer, + SHA256_BLOCK_SIZE); #endif - Transform(sha256); + + ret = XTRANSFORM(sha256, local); + if (ret != 0) + return ret; + AddLength(sha256, SHA256_BLOCK_SIZE); sha256->buffLen = 0; } } + + return 0; } -void Sha256Final(Sha256* sha256, byte* hash) +int Sha256Final(Sha256* sha256, byte* hash) { byte* local = (byte*)sha256->buffer; + int ret; AddLength(sha256, sha256->buffLen); /* before adding pads */ - local[sha256->buffLen++] = 0x80; /* add 1 */ + local[sha256->buffLen++] = 0x80; /* add 1 */ /* pad with zeros */ if (sha256->buffLen > SHA256_PAD_SIZE) { XMEMSET(&local[sha256->buffLen], 0, SHA256_BLOCK_SIZE - sha256->buffLen); sha256->buffLen += SHA256_BLOCK_SIZE - sha256->buffLen; - #ifdef LITTLE_ENDIAN_ORDER - ByteReverseBytes(local, local, SHA256_BLOCK_SIZE); + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(sha256->buffer, sha256->buffer, SHA256_BLOCK_SIZE); #endif - Transform(sha256); + + ret = XTRANSFORM(sha256, local); + if (ret != 0) + return ret; + sha256->buffLen = 0; } XMEMSET(&local[sha256->buffLen], 0, SHA256_PAD_SIZE - sha256->buffLen); @@ -187,21 +257,64 @@ void Sha256Final(Sha256* sha256, byte* hash) sha256->loLen = sha256->loLen << 3; /* store lengths */ - #ifdef LITTLE_ENDIAN_ORDER - ByteReverseBytes(local, local, SHA256_BLOCK_SIZE); + #if defined(LITTLE_ENDIAN_ORDER) && !defined(FREESCALE_MMCAU) + ByteReverseWords(sha256->buffer, sha256->buffer, SHA256_BLOCK_SIZE); #endif /* ! length ordering dependent on digest endian type ! */ XMEMCPY(&local[SHA256_PAD_SIZE], &sha256->hiLen, sizeof(word32)); XMEMCPY(&local[SHA256_PAD_SIZE + sizeof(word32)], &sha256->loLen, sizeof(word32)); - Transform(sha256); + #ifdef FREESCALE_MMCAU + /* Kinetis requires only these bytes reversed */ + ByteReverseWords(&sha256->buffer[SHA256_PAD_SIZE/sizeof(word32)], + &sha256->buffer[SHA256_PAD_SIZE/sizeof(word32)], + 2 * sizeof(word32)); + #endif + + ret = XTRANSFORM(sha256, local); + if (ret != 0) + return ret; + #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords(sha256->digest, sha256->digest, SHA256_DIGEST_SIZE); #endif XMEMCPY(hash, sha256->digest, SHA256_DIGEST_SIZE); - InitSha256(sha256); /* reset state */ + return InitSha256(sha256); /* reset state */ +} + + +int Sha256Hash(const byte* data, word32 len, byte* hash) +{ + int ret = 0; +#ifdef CYASSL_SMALL_STACK + Sha256* sha256; +#else + Sha256 sha256[1]; +#endif + +#ifdef CYASSL_SMALL_STACK + sha256 = (Sha256*)XMALLOC(sizeof(Sha256), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (sha256 == NULL) + return MEMORY_E; +#endif + + if ((ret = InitSha256(sha256)) != 0) { + CYASSL_MSG("InitSha256 failed"); + } + else if ((ret = Sha256Update(sha256, data, len)) != 0) { + CYASSL_MSG("Sha256Update failed"); + } + else if ((ret = Sha256Final(sha256, hash)) != 0) { + CYASSL_MSG("Sha256Final failed"); + } + +#ifdef CYASSL_SMALL_STACK + XFREE(sha256, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha512.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha512.c index f14efecff..40086949b 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha512.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/sha512.c @@ -1,6 +1,6 @@ /* sha512.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,17 +16,26 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include #ifdef CYASSL_SHA512 +#ifdef HAVE_FIPS + /* set NO_WRAPPERS before headers, use direct internal f()s not wrappers */ + #define FIPS_NO_WRAPPERS +#endif + #include +#include +#include + #ifdef NO_INLINE #include #else @@ -44,7 +53,7 @@ #endif /* min */ -void InitSha512(Sha512* sha512) +int InitSha512(Sha512* sha512) { sha512->digest[0] = W64LIT(0x6a09e667f3bcc908); sha512->digest[1] = W64LIT(0xbb67ae8584caa73b); @@ -58,6 +67,8 @@ void InitSha512(Sha512* sha512) sha512->buffLen = 0; sha512->loLen = 0; sha512->hiLen = 0; + + return 0; } @@ -134,24 +145,44 @@ static const word64 K512[80] = { d(i)+=h(i);h(i)+=S0(a(i))+Maj(a(i),b(i),c(i)) -static void Transform(Sha512* sha512) +static int Transform(Sha512* sha512) { const word64* K = K512; word32 j; - word64 W[16]; word64 T[8]; +#ifdef CYASSL_SMALL_STACK + word64* W; + + W = (word64*) XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (W == NULL) + return MEMORY_E; +#else + word64 W[16]; +#endif + /* Copy digest to working vars */ XMEMCPY(T, sha512->digest, sizeof(T)); - /* 64 operations, partially loop unrolled */ +#ifdef USE_SLOW_SHA2 + /* over twice as small, but 50% slower */ + /* 80 operations, not unrolled */ + for (j = 0; j < 80; j += 16) { + int m; + for (m = 0; m < 16; m++) { /* braces needed here for macros {} */ + R(m); + } + } +#else + /* 80 operations, partially loop unrolled */ for (j = 0; j < 80; j += 16) { R( 0); R( 1); R( 2); R( 3); R( 4); R( 5); R( 6); R( 7); R( 8); R( 9); R(10); R(11); R(12); R(13); R(14); R(15); } +#endif /* USE_SLOW_SHA2 */ /* Add the working vars back into digest */ @@ -165,8 +196,14 @@ static void Transform(Sha512* sha512) sha512->digest[7] += h(0); /* Wipe variables */ - XMEMSET(W, 0, sizeof(W)); + XMEMSET(W, 0, sizeof(word64) * 16); XMEMSET(T, 0, sizeof(T)); + +#ifdef CYASSL_SMALL_STACK + XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return 0; } @@ -178,7 +215,7 @@ static INLINE void AddLength(Sha512* sha512, word32 len) } -void Sha512Update(Sha512* sha512, const byte* data, word32 len) +int Sha512Update(Sha512* sha512, const byte* data, word32 len) { /* do block size increments */ byte* local = (byte*)sha512->buffer; @@ -192,21 +229,28 @@ void Sha512Update(Sha512* sha512, const byte* data, word32 len) len -= add; if (sha512->buffLen == SHA512_BLOCK_SIZE) { + int ret; + #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords64(sha512->buffer, sha512->buffer, SHA512_BLOCK_SIZE); #endif - Transform(sha512); + ret = Transform(sha512); + if (ret != 0) + return ret; + AddLength(sha512, SHA512_BLOCK_SIZE); sha512->buffLen = 0; } } + return 0; } -void Sha512Final(Sha512* sha512, byte* hash) +int Sha512Final(Sha512* sha512, byte* hash) { byte* local = (byte*)sha512->buffer; + int ret; AddLength(sha512, sha512->buffLen); /* before adding pads */ @@ -220,7 +264,10 @@ void Sha512Final(Sha512* sha512, byte* hash) #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords64(sha512->buffer,sha512->buffer,SHA512_BLOCK_SIZE); #endif - Transform(sha512); + ret = Transform(sha512); + if (ret != 0) + return ret; + sha512->buffLen = 0; } XMEMSET(&local[sha512->buffLen], 0, SHA512_PAD_SIZE - sha512->buffLen); @@ -238,20 +285,55 @@ void Sha512Final(Sha512* sha512, byte* hash) sha512->buffer[SHA512_BLOCK_SIZE / sizeof(word64) - 2] = sha512->hiLen; sha512->buffer[SHA512_BLOCK_SIZE / sizeof(word64) - 1] = sha512->loLen; - Transform(sha512); + ret = Transform(sha512); + if (ret != 0) + return ret; + #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords64(sha512->digest, sha512->digest, SHA512_DIGEST_SIZE); #endif XMEMCPY(hash, sha512->digest, SHA512_DIGEST_SIZE); - InitSha512(sha512); /* reset state */ + return InitSha512(sha512); /* reset state */ } +int Sha512Hash(const byte* data, word32 len, byte* hash) +{ + int ret = 0; +#ifdef CYASSL_SMALL_STACK + Sha512* sha512; +#else + Sha512 sha512[1]; +#endif + +#ifdef CYASSL_SMALL_STACK + sha512 = (Sha512*)XMALLOC(sizeof(Sha512), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (sha512 == NULL) + return MEMORY_E; +#endif + + if ((ret = InitSha512(sha512)) != 0) { + CYASSL_MSG("InitSha512 failed"); + } + else if ((ret = Sha512Update(sha512, data, len)) != 0) { + CYASSL_MSG("Sha512Update failed"); + } + else if ((ret = Sha512Final(sha512, hash)) != 0) { + CYASSL_MSG("Sha512Final failed"); + } + +#ifdef CYASSL_SMALL_STACK + XFREE(sha512, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; +} + #ifdef CYASSL_SHA384 -void InitSha384(Sha384* sha384) +int InitSha384(Sha384* sha384) { sha384->digest[0] = W64LIT(0xcbbb9d5dc1059ed8); sha384->digest[1] = W64LIT(0x629a292a367cd507); @@ -265,27 +347,49 @@ void InitSha384(Sha384* sha384) sha384->buffLen = 0; sha384->loLen = 0; sha384->hiLen = 0; + + return 0; } -static void Transform384(Sha384* sha384) +static int Transform384(Sha384* sha384) { const word64* K = K512; word32 j; - word64 W[16]; word64 T[8]; +#ifdef CYASSL_SMALL_STACK + word64* W; + + W = (word64*) XMALLOC(sizeof(word64) * 16, NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (W == NULL) + return MEMORY_E; +#else + word64 W[16]; +#endif + /* Copy digest to working vars */ XMEMCPY(T, sha384->digest, sizeof(T)); - /* 64 operations, partially loop unrolled */ +#ifdef USE_SLOW_SHA2 + /* over twice as small, but 50% slower */ + /* 80 operations, not unrolled */ + for (j = 0; j < 80; j += 16) { + int m; + for (m = 0; m < 16; m++) { /* braces needed for macros {} */ + R2(m); + } + } +#else + /* 80 operations, partially loop unrolled */ for (j = 0; j < 80; j += 16) { R2( 0); R2( 1); R2( 2); R2( 3); R2( 4); R2( 5); R2( 6); R2( 7); R2( 8); R2( 9); R2(10); R2(11); R2(12); R2(13); R2(14); R2(15); } +#endif /* USE_SLOW_SHA2 */ /* Add the working vars back into digest */ @@ -299,8 +403,14 @@ static void Transform384(Sha384* sha384) sha384->digest[7] += h(0); /* Wipe variables */ - XMEMSET(W, 0, sizeof(W)); + XMEMSET(W, 0, sizeof(word64) * 16); XMEMSET(T, 0, sizeof(T)); + +#ifdef CYASSL_SMALL_STACK + XFREE(W, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return 0; } @@ -312,7 +422,7 @@ static INLINE void AddLength384(Sha384* sha384, word32 len) } -void Sha384Update(Sha384* sha384, const byte* data, word32 len) +int Sha384Update(Sha384* sha384, const byte* data, word32 len) { /* do block size increments */ byte* local = (byte*)sha384->buffer; @@ -326,21 +436,28 @@ void Sha384Update(Sha384* sha384, const byte* data, word32 len) len -= add; if (sha384->buffLen == SHA384_BLOCK_SIZE) { + int ret; + #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords64(sha384->buffer, sha384->buffer, SHA384_BLOCK_SIZE); #endif - Transform384(sha384); + ret = Transform384(sha384); + if (ret != 0) + return ret; + AddLength384(sha384, SHA384_BLOCK_SIZE); sha384->buffLen = 0; } } + return 0; } -void Sha384Final(Sha384* sha384, byte* hash) +int Sha384Final(Sha384* sha384, byte* hash) { byte* local = (byte*)sha384->buffer; + int ret; AddLength384(sha384, sha384->buffLen); /* before adding pads */ @@ -354,7 +471,10 @@ void Sha384Final(Sha384* sha384, byte* hash) #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords64(sha384->buffer,sha384->buffer,SHA384_BLOCK_SIZE); #endif - Transform384(sha384); + ret = Transform384(sha384); + if (ret != 0) + return ret; + sha384->buffLen = 0; } XMEMSET(&local[sha384->buffLen], 0, SHA384_PAD_SIZE - sha384->buffLen); @@ -372,13 +492,49 @@ void Sha384Final(Sha384* sha384, byte* hash) sha384->buffer[SHA384_BLOCK_SIZE / sizeof(word64) - 2] = sha384->hiLen; sha384->buffer[SHA384_BLOCK_SIZE / sizeof(word64) - 1] = sha384->loLen; - Transform384(sha384); + ret = Transform384(sha384); + if (ret != 0) + return ret; + #ifdef LITTLE_ENDIAN_ORDER ByteReverseWords64(sha384->digest, sha384->digest, SHA384_DIGEST_SIZE); #endif XMEMCPY(hash, sha384->digest, SHA384_DIGEST_SIZE); - InitSha384(sha384); /* reset state */ + return InitSha384(sha384); /* reset state */ +} + + +int Sha384Hash(const byte* data, word32 len, byte* hash) +{ + int ret = 0; +#ifdef CYASSL_SMALL_STACK + Sha384* sha384; +#else + Sha384 sha384[1]; +#endif + +#ifdef CYASSL_SMALL_STACK + sha384 = (Sha384*)XMALLOC(sizeof(Sha384), NULL, DYNAMIC_TYPE_TMP_BUFFER); + if (sha384 == NULL) + return MEMORY_E; +#endif + + if ((ret = InitSha384(sha384)) != 0) { + CYASSL_MSG("InitSha384 failed"); + } + else if ((ret = Sha384Update(sha384, data, len)) != 0) { + CYASSL_MSG("Sha384Update failed"); + } + else if ((ret = Sha384Final(sha384, hash)) != 0) { + CYASSL_MSG("Sha384Final failed"); + } + +#ifdef CYASSL_SMALL_STACK + XFREE(sha384, NULL, DYNAMIC_TYPE_TMP_BUFFER); +#endif + + return ret; } #endif /* CYASSL_SHA384 */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/tfm.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/tfm.c index 36c69f25d..5fb6b2efc 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/tfm.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/tfm.c @@ -1,6 +1,6 @@ /* tfm.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -26,7 +26,7 @@ */ /** - * Edited by Moisés Guimarães (moises.guimaraes@phoebus.com.br) + * Edited by Moisés Guimarães (moisesguimaraesm@gmail.com) * to fit CyaSSL's needs. */ @@ -95,7 +95,7 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c) register fp_word t; y = MAX(a->used, b->used); - oldused = c->used; + oldused = MAX(c->used, FP_SIZE); /* help static analysis w/ max size */ c->used = y; t = 0; @@ -169,7 +169,7 @@ void s_fp_sub(fp_int *a, fp_int *b, fp_int *c) for (; x < a->used; x++) { t = ((fp_word)a->dp[x]) - t; c->dp[x] = (fp_digit)t; - t = (t >> DIGIT_BIT); + t = (t >> DIGIT_BIT)&1; } for (; x < oldused; x++) { c->dp[x] = 0; @@ -524,7 +524,7 @@ int fp_div(fp_int *a, fp_int *b, fp_int *c, fp_int *d) /* step 3.1 if xi == yt then set q{i-t-1} to b-1, * otherwise set q{i-t-1} to (xi*b + x{i-1})/yt */ if (x.dp[i] == y.dp[t]) { - q.dp[i - t - 1] = ((((fp_word)1) << DIGIT_BIT) - 1); + q.dp[i - t - 1] = (fp_digit) ((((fp_word)1) << DIGIT_BIT) - 1); } else { fp_word tmp; tmp = ((fp_word) x.dp[i]) << ((fp_word) DIGIT_BIT); @@ -641,8 +641,7 @@ void fp_div_2(fp_int * a, fp_int * b) /* c = a / 2**b */ void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d) { - fp_digit D, r, rr; - int x; + int D; fp_int t; /* if the shift count is <= 0 then we do no work */ @@ -670,32 +669,9 @@ void fp_div_2d(fp_int *a, int b, fp_int *c, fp_int *d) } /* shift any bit count < DIGIT_BIT */ - D = (fp_digit) (b % DIGIT_BIT); + D = (b % DIGIT_BIT); if (D != 0) { - register fp_digit *tmpc, mask, shift; - - /* mask */ - mask = (((fp_digit)1) << D) - 1; - - /* shift for lsb */ - shift = DIGIT_BIT - D; - - /* alias */ - tmpc = c->dp + (c->used - 1); - - /* carry */ - r = 0; - for (x = c->used - 1; x >= 0; x--) { - /* get the lower bits of this word in a temp */ - rr = *tmpc & mask; - - /* shift the current word and mix in the carry bits from the previous word */ - *tmpc = (*tmpc >> D) | (r << shift); - --tmpc; - - /* set the carry to the carry bits of the current word found above */ - r = rr; - } + fp_rshb(c, D); } fp_clamp (c); if (d != NULL) { @@ -1005,7 +981,7 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) } /* grab the next msb from the exponent */ - y = (fp_digit)(buf >> (DIGIT_BIT - 1)) & 1; + y = (int)(buf >> (DIGIT_BIT - 1)) & 1; buf <<= (fp_digit)1; /* do ops */ @@ -1107,7 +1083,7 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) } /* grab the next msb from the exponent */ - y = (fp_digit)(buf >> (DIGIT_BIT - 1)) & 1; + y = (int)(buf >> (DIGIT_BIT - 1)) & 1; buf <<= (fp_digit)1; /* if the bit is zero and mode == 0 then we ignore it @@ -1183,16 +1159,16 @@ static int _fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) { - fp_int tmp; - int err; - /* prevent overflows */ if (P->used > (FP_SIZE/2)) { return FP_VAL; } - /* is X negative? */ if (X->sign == FP_NEG) { +#ifndef POSITIVE_EXP_ONLY /* reduce stack if assume no negatives */ + int err; + fp_int tmp; + /* yes, copy G and invmod it */ fp_copy(G, &tmp); if ((err = fp_invmod(&tmp, P, &tmp)) != FP_OKAY) { @@ -1204,7 +1180,11 @@ int fp_exptmod(fp_int * G, fp_int * X, fp_int * P, fp_int * Y) X->sign = FP_NEG; } return err; - } else { +#else + return FP_VAL; +#endif + } + else { /* Positive exponent so just exptmod */ return _fp_exptmod(G, X, P, Y); } @@ -1548,7 +1528,7 @@ void fp_montgomery_calc_normalization(fp_int *a, fp_int *b) /* computes x/R == x (mod N) via Montgomery Reduction */ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp) { - fp_digit c[FP_SIZE], *_c, *tmpm, mu; + fp_digit c[FP_SIZE], *_c, *tmpm, mu = 0; int oldused, x, y, pa; /* bail if too large */ @@ -1565,10 +1545,8 @@ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp) #endif -#if defined(USE_MEMSET) /* now zero the buff */ XMEMSET(c, 0, sizeof c); -#endif pa = m->used; /* copy the input */ @@ -1576,11 +1554,6 @@ void fp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp) for (x = 0; x < oldused; x++) { c[x] = a->dp[x]; } -#if !defined(USE_MEMSET) - for (; x < 2*pa+1; x++) { - c[x] = 0; - } -#endif MONT_START; for (x = 0; x < pa; x++) { @@ -1638,10 +1611,10 @@ void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c) /* If we know the endianness of this architecture, and we're using 32-bit fp_digits, we can optimize this */ -#if (defined(ENDIAN_LITTLE) || defined(ENDIAN_BIG)) && !defined(FP_64BIT) +#if (defined(LITTLE_ENDIAN_ORDER) || defined(BIG_ENDIAN_ORDER)) && !defined(FP_64BIT) /* But not for both simultaneously */ -#if defined(ENDIAN_LITTLE) && defined(ENDIAN_BIG) -#error Both ENDIAN_LITTLE and ENDIAN_BIG defined. +#if defined(LITTLE_ENDIAN_ORDER) && defined(BIG_ENDIAN_ORDER) +#error Both LITTLE_ENDIAN_ORDER and BIG_ENDIAN_ORDER defined. #endif { unsigned char *pd = (unsigned char *)a->dp; @@ -1653,7 +1626,7 @@ void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c) } a->used = (c + sizeof(fp_digit) - 1)/sizeof(fp_digit); /* read the bytes in */ -#ifdef ENDIAN_BIG +#ifdef BIG_ENDIAN_ORDER { /* Use Duff's device to unroll the loop. */ int idx = (c - 1) & ~3; @@ -1733,6 +1706,25 @@ int fp_count_bits (fp_int * a) return r; } +int fp_leading_bit(fp_int *a) +{ + int bit = 0; + + if (a->used != 0) { + fp_digit q = a->dp[a->used - 1]; + int qSz = sizeof(fp_digit); + + while (qSz > 0) { + if ((unsigned char)q != 0) + bit = (q & 0x80) != 0; + q >>= 8; + qSz--; + } + } + + return bit; +} + void fp_lshd(fp_int *a, int x) { int y; @@ -1757,6 +1749,39 @@ void fp_lshd(fp_int *a, int x) fp_clamp(a); } + +/* right shift by bit count */ +void fp_rshb(fp_int *c, int x) +{ + register fp_digit *tmpc, mask, shift; + fp_digit r, rr; + fp_digit D = x; + + /* mask */ + mask = (((fp_digit)1) << D) - 1; + + /* shift for lsb */ + shift = DIGIT_BIT - D; + + /* alias */ + tmpc = c->dp + (c->used - 1); + + /* carry */ + r = 0; + for (x = c->used - 1; x >= 0; x--) { + /* get the lower bits of this word in a temp */ + rr = *tmpc & mask; + + /* shift the current word and mix in the carry bits from previous word */ + *tmpc = (*tmpc >> D) | (r << shift); + --tmpc; + + /* set the carry to the carry bits of the current word found above */ + r = rr; + } +} + + void fp_rshd(fp_int *a, int x) { int y; @@ -1962,6 +1987,19 @@ int mp_count_bits (mp_int* a) } +int mp_leading_bit (mp_int* a) +{ + return fp_leading_bit(a); +} + + +/* fast math conversion */ +void mp_rshb (mp_int* a, int x) +{ + fp_rshb(a, x); +} + + /* fast math wrappers */ int mp_set_int(fp_int *a, fp_digit b) { @@ -2364,7 +2402,7 @@ int mp_add_d(fp_int *a, fp_digit b, fp_int *c) #ifdef HAVE_ECC /* chars used in radix conversions */ -const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/"; +static const char *fp_s_rmap = "0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz+/"; static int fp_read_radix(fp_int *a, const char *str, int radix) { diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wc_port.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wc_port.c new file mode 100644 index 000000000..c51062185 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wc_port.c @@ -0,0 +1,436 @@ +/* port.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include +#include + + +#ifdef _MSC_VER + /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ + #pragma warning(disable: 4996) +#endif + + + +#ifdef SINGLE_THREADED + +int InitMutex(CyaSSL_Mutex* m) +{ + (void)m; + return 0; +} + + +int FreeMutex(CyaSSL_Mutex *m) +{ + (void)m; + return 0; +} + + +int LockMutex(CyaSSL_Mutex *m) +{ + (void)m; + return 0; +} + + +int UnLockMutex(CyaSSL_Mutex *m) +{ + (void)m; + return 0; +} + +#else /* MULTI_THREAD */ + + #if defined(FREERTOS) + + int InitMutex(CyaSSL_Mutex* m) + { + int iReturn; + + *m = ( CyaSSL_Mutex ) xSemaphoreCreateMutex(); + if( *m != NULL ) + iReturn = 0; + else + iReturn = BAD_MUTEX_E; + + return iReturn; + } + + int FreeMutex(CyaSSL_Mutex* m) + { + vSemaphoreDelete( *m ); + return 0; + } + + int LockMutex(CyaSSL_Mutex* m) + { + /* Assume an infinite block, or should there be zero block? */ + xSemaphoreTake( *m, portMAX_DELAY ); + return 0; + } + + int UnLockMutex(CyaSSL_Mutex* m) + { + xSemaphoreGive( *m ); + return 0; + } + + #elif defined(CYASSL_SAFERTOS) + + int InitMutex(CyaSSL_Mutex* m) + { + vSemaphoreCreateBinary(m->mutexBuffer, m->mutex); + if (m->mutex == NULL) + return BAD_MUTEX_E; + + return 0; + } + + int FreeMutex(CyaSSL_Mutex* m) + { + (void)m; + return 0; + } + + int LockMutex(CyaSSL_Mutex* m) + { + /* Assume an infinite block */ + xSemaphoreTake(m->mutex, portMAX_DELAY); + return 0; + } + + int UnLockMutex(CyaSSL_Mutex* m) + { + xSemaphoreGive(m->mutex); + return 0; + } + + + #elif defined(USE_WINDOWS_API) + + int InitMutex(CyaSSL_Mutex* m) + { + InitializeCriticalSection(m); + return 0; + } + + + int FreeMutex(CyaSSL_Mutex* m) + { + DeleteCriticalSection(m); + return 0; + } + + + int LockMutex(CyaSSL_Mutex* m) + { + EnterCriticalSection(m); + return 0; + } + + + int UnLockMutex(CyaSSL_Mutex* m) + { + LeaveCriticalSection(m); + return 0; + } + + #elif defined(CYASSL_PTHREADS) + + int InitMutex(CyaSSL_Mutex* m) + { + if (pthread_mutex_init(m, 0) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + + int FreeMutex(CyaSSL_Mutex* m) + { + if (pthread_mutex_destroy(m) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + + int LockMutex(CyaSSL_Mutex* m) + { + if (pthread_mutex_lock(m) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + + int UnLockMutex(CyaSSL_Mutex* m) + { + if (pthread_mutex_unlock(m) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + #elif defined(THREADX) + + int InitMutex(CyaSSL_Mutex* m) + { + if (tx_mutex_create(m, "CyaSSL Mutex", TX_NO_INHERIT) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + + int FreeMutex(CyaSSL_Mutex* m) + { + if (tx_mutex_delete(m) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + + int LockMutex(CyaSSL_Mutex* m) + { + if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + + int UnLockMutex(CyaSSL_Mutex* m) + { + if (tx_mutex_put(m) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + #elif defined(MICRIUM) + + int InitMutex(CyaSSL_Mutex* m) + { + #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + if (NetSecure_OS_MutexCreate(m) == 0) + return 0; + else + return BAD_MUTEX_E; + #else + return 0; + #endif + } + + + int FreeMutex(CyaSSL_Mutex* m) + { + #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + if (NetSecure_OS_FreeMutex(m) == 0) + return 0; + else + return BAD_MUTEX_E; + #else + return 0; + #endif + } + + + int LockMutex(CyaSSL_Mutex* m) + { + #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + if (NetSecure_OS_LockMutex(m) == 0) + return 0; + else + return BAD_MUTEX_E; + #else + return 0; + #endif + } + + + int UnLockMutex(CyaSSL_Mutex* m) + { + #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) + if (NetSecure_OS_UnLockMutex(m) == 0) + return 0; + else + return BAD_MUTEX_E; + #else + return 0; + #endif + + } + + #elif defined(EBSNET) + + int InitMutex(CyaSSL_Mutex* m) + { + if (rtp_sig_mutex_alloc(m, "CyaSSL Mutex") == -1) + return BAD_MUTEX_E; + else + return 0; + } + + int FreeMutex(CyaSSL_Mutex* m) + { + rtp_sig_mutex_free(*m); + return 0; + } + + int LockMutex(CyaSSL_Mutex* m) + { + if (rtp_sig_mutex_claim_timed(*m, RTIP_INF) == 0) + return 0; + else + return BAD_MUTEX_E; + } + + int UnLockMutex(CyaSSL_Mutex* m) + { + rtp_sig_mutex_release(*m); + return 0; + } + + #elif defined(FREESCALE_MQX) + + int InitMutex(CyaSSL_Mutex* m) + { + if (_mutex_init(m, NULL) == MQX_EOK) + return 0; + else + return BAD_MUTEX_E; + } + + int FreeMutex(CyaSSL_Mutex* m) + { + if (_mutex_destroy(m) == MQX_EOK) + return 0; + else + return BAD_MUTEX_E; + } + + int LockMutex(CyaSSL_Mutex* m) + { + if (_mutex_lock(m) == MQX_EOK) + return 0; + else + return BAD_MUTEX_E; + } + + int UnLockMutex(CyaSSL_Mutex* m) + { + if (_mutex_unlock(m) == MQX_EOK) + return 0; + else + return BAD_MUTEX_E; + } + + #elif defined(CYASSL_MDK_ARM)|| defined(CYASSL_CMSIS_RTOS) + + #if defined(CYASSL_CMSIS_RTOS) + #include "cmsis_os.h" + #define CMSIS_NMUTEX 10 + osMutexDef(CyaSSL_mt0) ; osMutexDef(CyaSSL_mt1) ; osMutexDef(CyaSSL_mt2) ; + osMutexDef(CyaSSL_mt3) ; osMutexDef(CyaSSL_mt4) ; osMutexDef(CyaSSL_mt5) ; + osMutexDef(CyaSSL_mt6) ; osMutexDef(CyaSSL_mt7) ; osMutexDef(CyaSSL_mt8) ; + osMutexDef(CyaSSL_mt9) ; + + static const osMutexDef_t *CMSIS_mutex[] = { osMutex(CyaSSL_mt0), + osMutex(CyaSSL_mt1), osMutex(CyaSSL_mt2), osMutex(CyaSSL_mt3), + osMutex(CyaSSL_mt4), osMutex(CyaSSL_mt5), osMutex(CyaSSL_mt6), + osMutex(CyaSSL_mt7), osMutex(CyaSSL_mt8), osMutex(CyaSSL_mt9) } ; + + static osMutexId CMSIS_mutexID[CMSIS_NMUTEX] = {0} ; + + int InitMutex(CyaSSL_Mutex* m) + { + int i ; + for (i=0; i +#endif + +/* in case user set HAVE_FIPS there */ +#include + +#ifdef HAVE_FIPS + +/* read only start address */ +const unsigned int wolfCrypt_FIPS_ro_start[] = +{ 0x1a2b3c4d, 0x00000001 }; + + +/* first function of text/code segment */ +int wolfCrypt_FIPS_first(void); +int wolfCrypt_FIPS_first(void) +{ + return 0; +} + + +#endif /* HAVE_FIPS */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wolfcrypt_last.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wolfcrypt_last.c new file mode 100644 index 000000000..669e07abe --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/src/wolfcrypt_last.c @@ -0,0 +1,47 @@ +/* wolfcrypt_last.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* This file needs to be linked last in order to work correctly */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +/* in case user set HAVE_FIPS there */ +#include + +#ifdef HAVE_FIPS + +/* last function of text/code segment */ +int wolfCrypt_FIPS_last(void); +int wolfCrypt_FIPS_last(void) +{ + return 0; +} + + +/* read only end address */ +const unsigned int wolfCrypt_FIPS_ro_end[] = +{ 0x1a2b3c4d, 0xffffffff }; + + +#endif /* HAVE_FIPS */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/include.am b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/include.am index 9c876c939..d5c550bc3 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/include.am @@ -5,5 +5,7 @@ noinst_PROGRAMS+= ctaocrypt/test/testctaocrypt ctaocrypt_test_testctaocrypt_SOURCES = ctaocrypt/test/test.c ctaocrypt_test_testctaocrypt_LDADD = src/libcyassl.la ctaocrypt_test_testctaocrypt_DEPENDENCIES = src/libcyassl.la +noinst_HEADERS += ctaocrypt/test/test.h EXTRA_DIST += ctaocrypt/test/test.sln EXTRA_DIST += ctaocrypt/test/test.vcproj +DISTCLEANFILES+= ctaocrypt/test/.libs/testctaocrypt diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.c b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.c index ddb3e0149..7f7191cb0 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.c +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.c @@ -1,6 +1,6 @@ /* test.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,16 +16,20 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif -#include -#include -#include +#include + +#ifdef XMALLOC_USER + #include /* we're using malloc / free direct here */ +#endif + +#ifndef NO_CRYPT_TEST #ifdef CYASSL_TEST_CERT #include @@ -44,6 +48,7 @@ #include #include #include +#include #include #include #include @@ -53,7 +58,16 @@ #include #ifdef HAVE_ECC #include -#endif +#endif +#ifdef HAVE_BLAKE2 + #include +#endif +#ifdef HAVE_LIBZ + #include +#endif +#ifdef HAVE_PKCS7 + #include +#endif #ifdef _MSC_VER /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ @@ -67,8 +81,40 @@ #include #endif + +#if defined(USE_CERT_BUFFERS_1024) || defined(USE_CERT_BUFFERS_2048) + /* include test cert and key buffers for use with NO_FILESYSTEM */ + #if defined(CYASSL_MDK_ARM) + #include "cert_data.h" + /* use certs_test.c for initial data, so other + commands can share the data. */ + #else + #include + #endif +#endif + +#if defined(CYASSL_MDK_ARM) + #include + #include + extern FILE * CyaSSL_fopen(const char *fname, const char *mode) ; + #define fopen CyaSSL_fopen +#endif + #ifdef HAVE_NTRU - #include "crypto_ntru.h" + #include "ntru_crypto.h" +#endif +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif + +#ifdef FREESCALE_MQX + #include + #include + #include +#else + #include #endif @@ -79,49 +125,77 @@ #define printf dc_log_printf #endif +#include "ctaocrypt/test/test.h" + typedef struct testVector { - char* input; - char* output; + const char* input; + const char* output; size_t inLen; size_t outLen; } testVector; -int md2_test(); -int md5_test(); -int md4_test(); -int sha_test(); -int sha256_test(); -int sha512_test(); -int sha384_test(); -int hmac_test(); -int arc4_test(); -int hc128_test(); -int rabbit_test(); -int des_test(); -int des3_test(); -int aes_test(); -int aesgcm_test(); -int rsa_test(); -int dh_test(); -int dsa_test(); -int random_test(); -int pwdbased_test(); -int ripemd_test(); -int openssl_test(); /* test mini api */ +int md2_test(void); +int md5_test(void); +int md4_test(void); +int sha_test(void); +int sha256_test(void); +int sha512_test(void); +int sha384_test(void); +int hmac_md5_test(void); +int hmac_sha_test(void); +int hmac_sha256_test(void); +int hmac_sha384_test(void); +int hmac_sha512_test(void); +int hmac_blake2b_test(void); +int hkdf_test(void); +int arc4_test(void); +int hc128_test(void); +int rabbit_test(void); +int des_test(void); +int des3_test(void); +int aes_test(void); +int aesgcm_test(void); +int gmac_test(void); +int aesccm_test(void); +int camellia_test(void); +int rsa_test(void); +int dh_test(void); +int dsa_test(void); +int random_test(void); +int pwdbased_test(void); +int ripemd_test(void); +int openssl_test(void); /* test mini api */ +int pbkdf1_test(void); +int pkcs12_test(void); +int pbkdf2_test(void); #ifdef HAVE_ECC - int ecc_test(); + int ecc_test(void); + #ifdef HAVE_ECC_ENCRYPT + int ecc_encrypt_test(void); + #endif +#endif +#ifdef HAVE_BLAKE2 + int blake2b_test(void); +#endif +#ifdef HAVE_LIBZ + int compress_test(void); +#endif +#ifdef HAVE_PKCS7 + int pkcs7enveloped_test(void); + int pkcs7signed_test(void); #endif -int PemToDer(const char* inName, const char* outName); -void err_sys(const char* msg, int es) +static void err_sys(const char* msg, int es) { printf("%s error = %d\n", msg, es); -#ifndef THREADX - exit(es); -#endif + #if !defined(THREADX) && !defined(CYASSL_MDK_ARM) + if (msg) + exit(es); + #endif + return; } /* func_args from test.h, so don't have to pull in other junk */ @@ -132,186 +206,333 @@ typedef struct func_args { } func_args; + void ctaocrypt_test(void* args) { int ret = 0; ((func_args*)args)->return_code = -1; /* error state */ +#if !defined(NO_BIG_INT) if (CheckCtcSettings() != 1) err_sys("Build vs runtime math mismatch\n", -1234); #ifdef USE_FAST_MATH if (CheckFastMathSettings() != 1) err_sys("Build vs runtime fastmath FP_MAX_BITS mismatch\n", -1235); -#endif - - if ( (ret = md5_test()) ) +#endif /* USE_FAST_MATH */ +#endif /* !NO_BIG_INT */ + + +#ifndef NO_MD5 + if ( (ret = md5_test()) != 0) err_sys("MD5 test failed!\n", ret); else printf( "MD5 test passed!\n"); +#endif #ifdef CYASSL_MD2 - if ( (ret = md2_test()) ) + if ( (ret = md2_test()) != 0) err_sys("MD2 test failed!\n", ret); else printf( "MD2 test passed!\n"); #endif #ifndef NO_MD4 - if ( (ret = md4_test()) ) + if ( (ret = md4_test()) != 0) err_sys("MD4 test failed!\n", ret); else printf( "MD4 test passed!\n"); #endif - if ( (ret = sha_test()) ) +#ifndef NO_SHA + if ( (ret = sha_test()) != 0) err_sys("SHA test failed!\n", ret); else printf( "SHA test passed!\n"); +#endif #ifndef NO_SHA256 - if ( (ret = sha256_test()) ) + if ( (ret = sha256_test()) != 0) err_sys("SHA-256 test failed!\n", ret); else printf( "SHA-256 test passed!\n"); #endif #ifdef CYASSL_SHA384 - if ( (ret = sha384_test()) ) + if ( (ret = sha384_test()) != 0) err_sys("SHA-384 test failed!\n", ret); else printf( "SHA-384 test passed!\n"); #endif #ifdef CYASSL_SHA512 - if ( (ret = sha512_test()) ) + if ( (ret = sha512_test()) != 0) err_sys("SHA-512 test failed!\n", ret); else printf( "SHA-512 test passed!\n"); #endif #ifdef CYASSL_RIPEMD - if ( (ret = ripemd_test()) ) + if ( (ret = ripemd_test()) != 0) err_sys("RIPEMD test failed!\n", ret); else printf( "RIPEMD test passed!\n"); #endif +#ifdef HAVE_BLAKE2 + if ( (ret = blake2b_test()) != 0) + err_sys("BLAKE2b test failed!\n", ret); + else + printf( "BLAKE2b test passed!\n"); +#endif + #ifndef NO_HMAC - if ( (ret = hmac_test()) ) - err_sys("HMAC test failed!\n", ret); + #ifndef NO_MD5 + if ( (ret = hmac_md5_test()) != 0) + err_sys("HMAC-MD5 test failed!\n", ret); + else + printf( "HMAC-MD5 test passed!\n"); + #endif + + #ifndef NO_SHA + if ( (ret = hmac_sha_test()) != 0) + err_sys("HMAC-SHA test failed!\n", ret); else - printf( "HMAC test passed!\n"); + printf( "HMAC-SHA test passed!\n"); + #endif + + #ifndef NO_SHA256 + if ( (ret = hmac_sha256_test()) != 0) + err_sys("HMAC-SHA256 test failed!\n", ret); + else + printf( "HMAC-SHA256 test passed!\n"); + #endif + + #ifdef CYASSL_SHA384 + if ( (ret = hmac_sha384_test()) != 0) + err_sys("HMAC-SHA384 test failed!\n", ret); + else + printf( "HMAC-SHA384 test passed!\n"); + #endif + + #ifdef CYASSL_SHA512 + if ( (ret = hmac_sha512_test()) != 0) + err_sys("HMAC-SHA512 test failed!\n", ret); + else + printf( "HMAC-SHA512 test passed!\n"); + #endif + + #ifdef HAVE_BLAKE2 + if ( (ret = hmac_blake2b_test()) != 0) + err_sys("HMAC-BLAKE2 test failed!\n", ret); + else + printf( "HMAC-BLAKE2 test passed!\n"); + #endif + + #ifdef HAVE_HKDF + if ( (ret = hkdf_test()) != 0) + err_sys("HMAC-KDF test failed!\n", ret); + else + printf( "HMAC-KDF test passed!\n"); + #endif + +#endif + +#ifdef HAVE_AESGCM + if ( (ret = gmac_test()) != 0) + err_sys("GMAC test passed!\n", ret); + else + printf( "GMAC test passed!\n"); #endif - if ( (ret = arc4_test()) ) +#ifndef NO_RC4 + if ( (ret = arc4_test()) != 0) err_sys("ARC4 test failed!\n", ret); else printf( "ARC4 test passed!\n"); +#endif #ifndef NO_HC128 - if ( (ret = hc128_test()) ) + if ( (ret = hc128_test()) != 0) err_sys("HC-128 test failed!\n", ret); else printf( "HC-128 test passed!\n"); #endif #ifndef NO_RABBIT - if ( (ret = rabbit_test()) ) + if ( (ret = rabbit_test()) != 0) err_sys("Rabbit test failed!\n", ret); else printf( "Rabbit test passed!\n"); #endif #ifndef NO_DES3 - if ( (ret = des_test()) ) + if ( (ret = des_test()) != 0) err_sys("DES test failed!\n", ret); else printf( "DES test passed!\n"); #endif #ifndef NO_DES3 - if ( (ret = des3_test()) ) + if ( (ret = des3_test()) != 0) err_sys("DES3 test failed!\n", ret); else printf( "DES3 test passed!\n"); #endif #ifndef NO_AES - if ( (ret = aes_test()) ) + if ( (ret = aes_test()) != 0) err_sys("AES test failed!\n", ret); else printf( "AES test passed!\n"); #ifdef HAVE_AESGCM - if ( (ret = aesgcm_test()) ) + if ( (ret = aesgcm_test()) != 0) err_sys("AES-GCM test failed!\n", ret); else printf( "AES-GCM test passed!\n"); #endif + +#ifdef HAVE_AESCCM + if ( (ret = aesccm_test()) != 0) + err_sys("AES-CCM test failed!\n", ret); + else + printf( "AES-CCM test passed!\n"); +#endif +#endif + +#ifdef HAVE_CAMELLIA + if ( (ret = camellia_test()) != 0) + err_sys("CAMELLIA test failed!\n", ret); + else + printf( "CAMELLIA test passed!\n"); #endif - if ( (ret = random_test()) ) + if ( (ret = random_test()) != 0) err_sys("RANDOM test failed!\n", ret); else printf( "RANDOM test passed!\n"); - if ( (ret = rsa_test()) ) +#ifndef NO_RSA + if ( (ret = rsa_test()) != 0) err_sys("RSA test failed!\n", ret); else printf( "RSA test passed!\n"); +#endif #ifndef NO_DH - if ( (ret = dh_test()) ) + if ( (ret = dh_test()) != 0) err_sys("DH test failed!\n", ret); else printf( "DH test passed!\n"); #endif #ifndef NO_DSA - if ( (ret = dsa_test()) ) + if ( (ret = dsa_test()) != 0) err_sys("DSA test failed!\n", ret); else printf( "DSA test passed!\n"); #endif - + #ifndef NO_PWDBASED - if ( (ret = pwdbased_test()) ) + if ( (ret = pwdbased_test()) != 0) err_sys("PWDBASED test failed!\n", ret); else printf( "PWDBASED test passed!\n"); #endif - + #ifdef OPENSSL_EXTRA - if ( (ret = openssl_test()) ) + if ( (ret = openssl_test()) != 0) err_sys("OPENSSL test failed!\n", ret); else printf( "OPENSSL test passed!\n"); #endif #ifdef HAVE_ECC - if ( (ret = ecc_test()) ) + if ( (ret = ecc_test()) != 0) err_sys("ECC test failed!\n", ret); else printf( "ECC test passed!\n"); + #ifdef HAVE_ECC_ENCRYPT + if ( (ret = ecc_encrypt_test()) != 0) + err_sys("ECC Enc test failed!\n", ret); + else + printf( "ECC Enc test passed!\n"); + #endif +#endif + +#ifdef HAVE_LIBZ + if ( (ret = compress_test()) != 0) + err_sys("COMPRESS test failed!\n", ret); + else + printf( "COMPRESS test passed!\n"); +#endif + +#ifdef HAVE_PKCS7 + if ( (ret = pkcs7enveloped_test()) != 0) + err_sys("PKCS7enveloped test failed!\n", ret); + else + printf( "PKCS7enveloped test passed!\n"); + + if ( (ret = pkcs7signed_test()) != 0) + err_sys("PKCS7signed test failed!\n", ret); + else + printf( "PKCS7signed test passed!\n"); #endif ((func_args*)args)->return_code = ret; } -/* so overall tests can pull in test function */ #ifndef NO_MAIN_DRIVER +#ifdef HAVE_CAVIUM + +static int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif /* HAVE_CAVIUM */ + + /* so overall tests can pull in test function */ + int main(int argc, char** argv) { + func_args args; + +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed", -1236); +#endif /* HAVE_CAVIUM */ + args.argc = argc; args.argv = argv; ctaocrypt_test(&args); + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif + return args.return_code; } @@ -332,45 +553,45 @@ int md2_test() a.output = "\x83\x50\xe5\xa3\xe2\x4c\x15\x3d\xf2\x27\x5c\x9f\x80\x69" "\x27\x73"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = MD2_DIGEST_SIZE; b.input = "a"; b.output = "\x32\xec\x01\xec\x4a\x6d\xac\x72\xc0\xab\x96\xfb\x34\xc0" "\xb5\xd1"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = MD2_DIGEST_SIZE; c.input = "abc"; c.output = "\xda\x85\x3b\x0d\x3f\x88\xd9\x9b\x30\x28\x3a\x69\xe6\xde" "\xd6\xbb"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); + c.outLen = MD2_DIGEST_SIZE; d.input = "message digest"; d.output = "\xab\x4f\x49\x6b\xfb\x2a\x53\x0b\x21\x9f\xf3\x30\x31\xfe" "\x06\xb0"; d.inLen = strlen(d.input); - d.outLen = strlen(d.output); + d.outLen = MD2_DIGEST_SIZE; e.input = "abcdefghijklmnopqrstuvwxyz"; e.output = "\x4e\x8d\xdf\xf3\x65\x02\x92\xab\x5a\x41\x08\xc3\xaa\x47" "\x94\x0b"; e.inLen = strlen(e.input); - e.outLen = strlen(e.output); + e.outLen = MD2_DIGEST_SIZE; f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" "6789"; f.output = "\xda\x33\xde\xf2\xa4\x2d\xf1\x39\x75\x35\x28\x46\xc3\x03" "\x38\xcd"; f.inLen = strlen(f.input); - f.outLen = strlen(f.output); + f.outLen = MD2_DIGEST_SIZE; g.input = "1234567890123456789012345678901234567890123456789012345678" "9012345678901234567890"; g.output = "\xd5\x97\x6f\x79\xd8\x3d\x3a\x0d\xc9\x80\x6c\x3c\x66\xf3" "\xef\xd8"; g.inLen = strlen(g.input); - g.outLen = strlen(g.output); + g.outLen = MD2_DIGEST_SIZE; test_md2[0] = a; test_md2[1] = b; @@ -392,10 +613,10 @@ int md2_test() return 0; } -#endif - +#endif -int md5_test() +#ifndef NO_MD5 +int md5_test(void) { Md5 md5; byte hash[MD5_DIGEST_SIZE]; @@ -408,33 +629,33 @@ int md5_test() a.output = "\x90\x01\x50\x98\x3c\xd2\x4f\xb0\xd6\x96\x3f\x7d\x28\xe1\x7f" "\x72"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = MD5_DIGEST_SIZE; b.input = "message digest"; b.output = "\xf9\x6b\x69\x7d\x7c\xb7\x93\x8d\x52\x5a\x2f\x31\xaa\xf1\x61" "\xd0"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = MD5_DIGEST_SIZE; c.input = "abcdefghijklmnopqrstuvwxyz"; c.output = "\xc3\xfc\xd3\xd7\x61\x92\xe4\x00\x7d\xfb\x49\x6c\xca\x67\xe1" "\x3b"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); + c.outLen = MD5_DIGEST_SIZE; d.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" "6789"; d.output = "\xd1\x74\xab\x98\xd2\x77\xd9\xf5\xa5\x61\x1c\x2c\x9f\x41\x9d" "\x9f"; d.inLen = strlen(d.input); - d.outLen = strlen(d.output); + d.outLen = MD5_DIGEST_SIZE; e.input = "1234567890123456789012345678901234567890123456789012345678" "9012345678901234567890"; e.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" "\x7a"; e.inLen = strlen(e.input); - e.outLen = strlen(e.output); + e.outLen = MD5_DIGEST_SIZE; test_md5[0] = a; test_md5[1] = b; @@ -454,11 +675,12 @@ int md5_test() return 0; } +#endif /* NO_MD5 */ #ifndef NO_MD4 -int md4_test() +int md4_test(void) { Md4 md4; byte hash[MD4_DIGEST_SIZE]; @@ -468,48 +690,48 @@ int md4_test() int times = sizeof(test_md4) / sizeof(testVector), i; a.input = ""; - a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" + a.output = "\x31\xd6\xcf\xe0\xd1\x6a\xe9\x31\xb7\x3c\x59\xd7\xe0\xc0\x89" "\xc0"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = MD4_DIGEST_SIZE; b.input = "a"; - b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" + b.output = "\xbd\xe5\x2c\xb3\x1d\xe3\x3e\x46\x24\x5e\x05\xfb\xdb\xd6\xfb" "\x24"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = MD4_DIGEST_SIZE; c.input = "abc"; - c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" + c.output = "\xa4\x48\x01\x7a\xaf\x21\xd8\x52\x5f\xc1\x0a\xe8\x7a\xa6\x72" "\x9d"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); + c.outLen = MD4_DIGEST_SIZE; d.input = "message digest"; - d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" + d.output = "\xd9\x13\x0a\x81\x64\x54\x9f\xe8\x18\x87\x48\x06\xe1\xc7\x01" "\x4b"; d.inLen = strlen(d.input); - d.outLen = strlen(d.output); + d.outLen = MD4_DIGEST_SIZE; e.input = "abcdefghijklmnopqrstuvwxyz"; - e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" + e.output = "\xd7\x9e\x1c\x30\x8a\xa5\xbb\xcd\xee\xa8\xed\x63\xdf\x41\x2d" "\xa9"; e.inLen = strlen(e.input); - e.outLen = strlen(e.output); + e.outLen = MD4_DIGEST_SIZE; f.input = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz012345" "6789"; - f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" + f.output = "\x04\x3f\x85\x82\xf2\x41\xdb\x35\x1c\xe6\x27\xe1\x53\xe7\xf0" "\xe4"; f.inLen = strlen(f.input); - f.outLen = strlen(f.output); + f.outLen = MD4_DIGEST_SIZE; g.input = "1234567890123456789012345678901234567890123456789012345678" "9012345678901234567890"; - g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" + g.output = "\xe3\x3b\x4d\xdc\x9c\x38\xf2\x19\x9c\x3e\x7b\x16\x4f\xcc\x05" "\x36"; g.inLen = strlen(g.input); - g.outLen = strlen(g.output); + g.outLen = MD4_DIGEST_SIZE; test_md4[0] = a; test_md4[1] = b; @@ -534,33 +756,36 @@ int md4_test() #endif /* NO_MD4 */ -int sha_test() +#ifndef NO_SHA + +int sha_test(void) { Sha sha; byte hash[SHA_DIGEST_SIZE]; testVector a, b, c, d; testVector test_sha[4]; + int ret; int times = sizeof(test_sha) / sizeof(struct testVector), i; a.input = "abc"; a.output = "\xA9\x99\x3E\x36\x47\x06\x81\x6A\xBA\x3E\x25\x71\x78\x50\xC2" "\x6C\x9C\xD0\xD8\x9D"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = SHA_DIGEST_SIZE; b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; b.output = "\x84\x98\x3E\x44\x1C\x3B\xD2\x6E\xBA\xAE\x4A\xA1\xF9\x51\x29" "\xE5\xE5\x46\x70\xF1"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = SHA_DIGEST_SIZE; c.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" "aaaaaa"; c.output = "\x00\x98\xBA\x82\x4B\x5C\x16\x42\x7B\xD7\xA1\x12\x2A\x5A\x44" "\x2A\x25\xEC\x64\x4D"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); + c.outLen = SHA_DIGEST_SIZE; d.input = "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" @@ -568,14 +793,16 @@ int sha_test() d.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" "\x53\x99\x5E\x26\xA0"; d.inLen = strlen(d.input); - d.outLen = strlen(d.output); + d.outLen = SHA_DIGEST_SIZE; test_sha[0] = a; test_sha[1] = b; test_sha[2] = c; test_sha[3] = d; - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + return -4001; for (i = 0; i < times; ++i) { ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); @@ -588,9 +815,10 @@ int sha_test() return 0; } +#endif /* NO_SHA */ #ifdef CYASSL_RIPEMD -int ripemd_test() +int ripemd_test(void) { RipeMd ripemd; byte hash[RIPEMD_DIGEST_SIZE]; @@ -603,26 +831,26 @@ int ripemd_test() a.output = "\x8e\xb2\x08\xf7\xe0\x5d\x98\x7a\x9b\x04\x4a\x8e\x98\xc6" "\xb0\x87\xf1\x5a\x0b\xfc"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = RIPEMD_DIGEST_SIZE; b.input = "message digest"; b.output = "\x5d\x06\x89\xef\x49\xd2\xfa\xe5\x72\xb8\x81\xb1\x23\xa8" "\x5f\xfa\x21\x59\x5f\x36"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = RIPEMD_DIGEST_SIZE; - c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; + c.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; c.output = "\x12\xa0\x53\x38\x4a\x9c\x0c\x88\xe4\x05\xa0\x6c\x27\xdc" "\xf4\x9a\xda\x62\xeb\x2b"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); + c.outLen = RIPEMD_DIGEST_SIZE; d.input = "12345678901234567890123456789012345678901234567890123456" "789012345678901234567890"; d.output = "\x9b\x75\x2e\x45\x57\x3d\x4b\x39\xf4\xdb\xd3\x32\x3c\xab" - "\x82\xbf\x63\x32\x6b\xfb"; + "\x82\xbf\x63\x32\x6b\xfb"; d.inLen = strlen(d.input); - d.outLen = strlen(d.output); + d.outLen = RIPEMD_DIGEST_SIZE; test_ripemd[0] = a; test_ripemd[1] = b; @@ -645,14 +873,89 @@ int ripemd_test() #endif /* CYASSL_RIPEMD */ +#ifdef HAVE_BLAKE2 + + +#define BLAKE2_TESTS 3 + +static const byte blake2b_vec[BLAKE2_TESTS][BLAKE2B_OUTBYTES] = +{ + { + 0x78, 0x6A, 0x02, 0xF7, 0x42, 0x01, 0x59, 0x03, + 0xC6, 0xC6, 0xFD, 0x85, 0x25, 0x52, 0xD2, 0x72, + 0x91, 0x2F, 0x47, 0x40, 0xE1, 0x58, 0x47, 0x61, + 0x8A, 0x86, 0xE2, 0x17, 0xF7, 0x1F, 0x54, 0x19, + 0xD2, 0x5E, 0x10, 0x31, 0xAF, 0xEE, 0x58, 0x53, + 0x13, 0x89, 0x64, 0x44, 0x93, 0x4E, 0xB0, 0x4B, + 0x90, 0x3A, 0x68, 0x5B, 0x14, 0x48, 0xB7, 0x55, + 0xD5, 0x6F, 0x70, 0x1A, 0xFE, 0x9B, 0xE2, 0xCE + }, + { + 0x2F, 0xA3, 0xF6, 0x86, 0xDF, 0x87, 0x69, 0x95, + 0x16, 0x7E, 0x7C, 0x2E, 0x5D, 0x74, 0xC4, 0xC7, + 0xB6, 0xE4, 0x8F, 0x80, 0x68, 0xFE, 0x0E, 0x44, + 0x20, 0x83, 0x44, 0xD4, 0x80, 0xF7, 0x90, 0x4C, + 0x36, 0x96, 0x3E, 0x44, 0x11, 0x5F, 0xE3, 0xEB, + 0x2A, 0x3A, 0xC8, 0x69, 0x4C, 0x28, 0xBC, 0xB4, + 0xF5, 0xA0, 0xF3, 0x27, 0x6F, 0x2E, 0x79, 0x48, + 0x7D, 0x82, 0x19, 0x05, 0x7A, 0x50, 0x6E, 0x4B + }, + { + 0x1C, 0x08, 0x79, 0x8D, 0xC6, 0x41, 0xAB, 0xA9, + 0xDE, 0xE4, 0x35, 0xE2, 0x25, 0x19, 0xA4, 0x72, + 0x9A, 0x09, 0xB2, 0xBF, 0xE0, 0xFF, 0x00, 0xEF, + 0x2D, 0xCD, 0x8E, 0xD6, 0xF8, 0xA0, 0x7D, 0x15, + 0xEA, 0xF4, 0xAE, 0xE5, 0x2B, 0xBF, 0x18, 0xAB, + 0x56, 0x08, 0xA6, 0x19, 0x0F, 0x70, 0xB9, 0x04, + 0x86, 0xC8, 0xA7, 0xD4, 0x87, 0x37, 0x10, 0xB1, + 0x11, 0x5D, 0x3D, 0xEB, 0xBB, 0x43, 0x27, 0xB5 + } +}; + + + +int blake2b_test(void) +{ + Blake2b b2b; + byte digest[64]; + byte input[64]; + int i, ret; + + for (i = 0; i < (int)sizeof(input); i++) + input[i] = (byte)i; + + for (i = 0; i < BLAKE2_TESTS; i++) { + ret = InitBlake2b(&b2b, 64); + if (ret != 0) + return -4002; + + ret = Blake2bUpdate(&b2b, input, i); + if (ret != 0) + return -4003; + + ret = Blake2bFinal(&b2b, digest, 64); + if (ret != 0) + return -4004; + + if (memcmp(digest, blake2b_vec[i], 64) != 0) { + return -300 - i; + } + } + + return 0; +} +#endif /* HAVE_BLAKE2 */ + + #ifndef NO_SHA256 -int sha256_test() +int sha256_test(void) { Sha256 sha; byte hash[SHA256_DIGEST_SIZE]; testVector a, b; testVector test_sha[2]; + int ret; int times = sizeof(test_sha) / sizeof(struct testVector), i; a.input = "abc"; @@ -660,23 +963,29 @@ int sha256_test() "\x23\xB0\x03\x61\xA3\x96\x17\x7A\x9C\xB4\x10\xFF\x61\xF2\x00" "\x15\xAD"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = SHA256_DIGEST_SIZE; b.input = "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"; b.output = "\x24\x8D\x6A\x61\xD2\x06\x38\xB8\xE5\xC0\x26\x93\x0C\x3E\x60" "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" "\x06\xC1"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = SHA256_DIGEST_SIZE; test_sha[0] = a; test_sha[1] = b; - InitSha256(&sha); + ret = InitSha256(&sha); + if (ret != 0) + return -4005; for (i = 0; i < times; ++i) { - Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - Sha256Final(&sha, hash); + ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4006; + ret = Sha256Final(&sha, hash); + if (ret != 0) + return -4007; if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0) return -10 - i; @@ -688,10 +997,11 @@ int sha256_test() #ifdef CYASSL_SHA512 -int sha512_test() +int sha512_test(void) { Sha512 sha; byte hash[SHA512_DIGEST_SIZE]; + int ret; testVector a, b; testVector test_sha[2]; @@ -704,7 +1014,7 @@ int sha512_test() "\xfe\xeb\xbd\x45\x4d\x44\x23\x64\x3c\xe8\x0e\x2a\x9a\xc9\x4f" "\xa5\x4c\xa4\x9f"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = SHA512_DIGEST_SIZE; b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; @@ -712,18 +1022,25 @@ int sha512_test() "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" - "\x87\x4b\xe9\x09"; + "\x87\x4b\xe9\x09"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = SHA512_DIGEST_SIZE; test_sha[0] = a; test_sha[1] = b; - InitSha512(&sha); + ret = InitSha512(&sha); + if (ret != 0) + return -4009; for (i = 0; i < times; ++i) { - Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - Sha512Final(&sha, hash); + ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4010; + + ret = Sha512Final(&sha, hash); + if (ret != 0) + return -4011; if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0) return -10 - i; @@ -735,10 +1052,11 @@ int sha512_test() #ifdef CYASSL_SHA384 -int sha384_test() +int sha384_test(void) { Sha384 sha; byte hash[SHA384_DIGEST_SIZE]; + int ret; testVector a, b; testVector test_sha[2]; @@ -750,7 +1068,7 @@ int sha384_test() "\x5b\xed\x80\x86\x07\x2b\xa1\xe7\xcc\x23\x58\xba\xec\xa1\x34" "\xc8\x25\xa7"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = SHA384_DIGEST_SIZE; b.input = "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhi" "jklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"; @@ -759,16 +1077,23 @@ int sha384_test() "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" "\x74\x60\x39"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = SHA384_DIGEST_SIZE; test_sha[0] = a; test_sha[1] = b; - InitSha384(&sha); + ret = InitSha384(&sha); + if (ret != 0) + return -4012; for (i = 0; i < times; ++i) { - Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - Sha384Final(&sha, hash); + ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return -4013; + + ret = Sha384Final(&sha, hash); + if (ret != 0) + return -4014; if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0) return -10 - i; @@ -779,8 +1104,8 @@ int sha384_test() #endif /* CYASSL_SHA384 */ -#ifndef NO_HMAC -int hmac_test() +#if !defined(NO_HMAC) && !defined(NO_MD5) +int hmac_md5_test(void) { Hmac hmac; byte hash[MD5_DIGEST_SIZE]; @@ -795,19 +1120,20 @@ int hmac_test() testVector a, b, c; testVector test_hmac[3]; + int ret; int times = sizeof(test_hmac) / sizeof(testVector), i; a.input = "Hi There"; a.output = "\x92\x94\x72\x7a\x36\x38\xbb\x1c\x13\xf4\x8e\xf8\x15\x8b\xfc" "\x9d"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = MD5_DIGEST_SIZE; b.input = "what do ya want for nothing?"; b.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" "\x38"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = MD5_DIGEST_SIZE; c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" @@ -816,178 +1142,614 @@ int hmac_test() c.output = "\x56\xbe\x34\x52\x1d\x14\x4c\x88\xdb\xb8\xc7\x33\xf0\xe8\xb3" "\xf6"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); + c.outLen = MD5_DIGEST_SIZE; test_hmac[0] = a; test_hmac[1] = b; test_hmac[2] = c; for (i = 0; i < times; ++i) { - HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); - HmacUpdate(&hmac, (byte*)test_hmac[i].input, +#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) + if (i == 1) + continue; /* cavium can't handle short keys, fips not allowed */ +#endif +#ifdef HAVE_CAVIUM + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20009; +#endif + ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4015; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, (word32)test_hmac[i].inLen); - HmacFinal(&hmac, hash); + if (ret != 0) + return -4016; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4017; if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0) return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif } return 0; } -#endif - +#endif /* NO_HMAC && NO_MD5 */ -int arc4_test() +#if !defined(NO_HMAC) && !defined(NO_SHA) +int hmac_sha_test(void) { - byte cipher[16]; - byte plain[16]; + Hmac hmac; + byte hash[SHA_DIGEST_SIZE]; - const char* keys[] = - { - "\x01\x23\x45\x67\x89\xab\xcd\xef", - "\x01\x23\x45\x67\x89\xab\xcd\xef", - "\x00\x00\x00\x00\x00\x00\x00\x00", - "\xef\x01\x23\x45" + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" }; - testVector a, b, c, d; - testVector test_arc4[4]; + testVector a, b, c; + testVector test_hmac[3]; - int times = sizeof(test_arc4) / sizeof(testVector), i; + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; - a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef"; - a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96"; + a.input = "Hi There"; + a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c" + "\x8e\xf1\x46\xbe\x00"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = SHA_DIGEST_SIZE; - b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79"; + b.input = "what do ya want for nothing?"; + b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf" + "\x9c\x25\x9a\x7c\x79"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = SHA_DIGEST_SIZE; - c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a"; + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b" + "\x4f\x63\xf1\x75\xd3"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); - - d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; - d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61"; - d.inLen = strlen(d.input); - d.outLen = strlen(d.output); + c.outLen = SHA_DIGEST_SIZE; - test_arc4[0] = a; - test_arc4[1] = b; - test_arc4[2] = c; - test_arc4[3] = d; + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; for (i = 0; i < times; ++i) { - Arc4 enc; - Arc4 dec; - - Arc4SetKey(&enc, (byte*)keys[i], (word32)strlen(keys[i])); - Arc4SetKey(&dec, (byte*)keys[i], (word32)strlen(keys[i])); - - Arc4Process(&enc, cipher, (byte*)test_arc4[i].input, - (word32)test_arc4[i].outLen); - Arc4Process(&dec, plain, cipher, (word32)test_arc4[i].outLen); +#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) + if (i == 1) + continue; /* cavium can't handle short keys, fips not allowed */ +#endif +#ifdef HAVE_CAVIUM + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20010; +#endif + ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4018; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4019; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4020; - if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen)) + if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0) return -20 - i; - - if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen)) - return -20 - 5 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif } return 0; } +#endif -int hc128_test() +#if !defined(NO_HMAC) && !defined(NO_SHA256) +int hmac_sha256_test(void) { -#ifdef HAVE_HC128 - byte cipher[16]; - byte plain[16]; - - const char* keys[] = - { - "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD", - "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC" - }; + Hmac hmac; + byte hash[SHA256_DIGEST_SIZE]; - const char* ivs[] = + const char* keys[]= { - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16", - "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31" + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" }; + testVector a, b, c; + testVector test_hmac[3]; - testVector a, b, c, d; - testVector test_hc128[4]; - - int times = sizeof(test_hc128) / sizeof(testVector), i; + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; - a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48"; + a.input = "Hi There"; + a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1" + "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32" + "\xcf\xf7"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = SHA256_DIGEST_SIZE; - b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F"; + b.input = "what do ya want for nothing?"; + b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75" + "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec" + "\x38\x43"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = SHA256_DIGEST_SIZE; - c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"; + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81" + "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5" + "\x65\xfe"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); - - d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; - d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29"; - d.inLen = strlen(d.input); - d.outLen = strlen(d.output); + c.outLen = SHA256_DIGEST_SIZE; - test_hc128[0] = a; - test_hc128[1] = b; - test_hc128[2] = c; - test_hc128[3] = d; + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; for (i = 0; i < times; ++i) { - HC128 enc; - HC128 dec; - - Hc128_SetKey(&enc, (byte*)keys[i], (byte*)ivs[i]); - Hc128_SetKey(&dec, (byte*)keys[i], (byte*)ivs[i]); - - Hc128_Process(&enc, cipher, (byte*)test_hc128[i].input, - (word32)test_hc128[i].outLen); - Hc128_Process(&dec, plain, cipher, (word32)test_hc128[i].outLen); - - if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen)) - return -120 - i; +#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) + if (i == 1) + continue; /* cavium can't handle short keys, fips not allowed */ +#endif +#ifdef HAVE_CAVIUM + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20011; +#endif + ret = HmacSetKey(&hmac, SHA256, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4021; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4022; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4023; - if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen)) - return -120 - 5 - i; + if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif } -#endif /* HAVE_HC128 */ return 0; } +#endif -#ifndef NO_RABBIT -int rabbit_test() +#if !defined(NO_HMAC) && defined(HAVE_BLAKE2) +int hmac_blake2b_test(void) { - byte cipher[16]; - byte plain[16]; + Hmac hmac; + byte hash[BLAKE2B_256]; - const char* keys[] = - { - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", - "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\x72\x93\x0d\xdd\xf5\xf7\xe1\x78\x38\x07\x44\x18\x0b\x3f\x51" + "\x37\x25\xb5\x82\xc2\x08\x83\x2f\x1c\x99\xfd\x03\xa0\x16\x75" + "\xac\xfd"; + a.inLen = strlen(a.input); + a.outLen = BLAKE2B_256; + + b.input = "what do ya want for nothing?"; + b.output = "\x3d\x20\x50\x71\x05\xc0\x8c\x0c\x38\x44\x1e\xf7\xf9\xd1\x67" + "\x21\xff\x64\xf5\x94\x00\xcf\xf9\x75\x41\xda\x88\x61\x9d\x7c" + "\xda\x2b"; + b.inLen = strlen(b.input); + b.outLen = BLAKE2B_256; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\xda\xfe\x2a\x24\xfc\xe7\xea\x36\x34\xbe\x41\x92\xc7\x11\xa7" + "\x00\xae\x53\x9c\x11\x9c\x80\x74\x55\x22\x25\x4a\xb9\x55\xd3" + "\x0f\x87"; + c.inLen = strlen(c.input); + c.outLen = BLAKE2B_256; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) || defined(HAVE_CAVIUM) + if (i == 1) + continue; /* cavium can't handle short keys, fips not allowed */ +#endif +#ifdef HAVE_CAVIUM + if (HmacInitCavium(&hmac, CAVIUM_DEV_ID) != 0) + return -20011; +#endif + ret = HmacSetKey(&hmac, BLAKE2B_ID, (byte*)keys[i], + (word32)strlen(keys[i])); + if (ret != 0) + return -4024; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4025; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4026; + + if (memcmp(hash, test_hmac[i].output, BLAKE2B_256) != 0) + return -20 - i; +#ifdef HAVE_CAVIUM + HmacFreeCavium(&hmac); +#endif + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(CYASSL_SHA384) +int hmac_sha384_test(void) +{ + Hmac hmac; + byte hash[SHA384_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90" + "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb" + "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2" + "\xfa\x9c\xb6"; + a.inLen = strlen(a.input); + a.outLen = SHA384_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b" + "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22" + "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa" + "\xb2\x16\x49"; + b.inLen = strlen(b.input); + b.outLen = SHA384_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8" + "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66" + "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01" + "\xa3\x4f\x27"; + c.inLen = strlen(c.input); + c.outLen = SHA384_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) + if (i == 1) + continue; /* fips not allowed */ +#endif + ret = HmacSetKey(&hmac, SHA384, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4027; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4028; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4029; + + if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(CYASSL_SHA512) +int hmac_sha512_test(void) +{ + Hmac hmac; + byte hash[SHA512_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\x87\xaa\x7c\xde\xa5\xef\x61\x9d\x4f\xf0\xb4\x24\x1a\x1d\x6c" + "\xb0\x23\x79\xf4\xe2\xce\x4e\xc2\x78\x7a\xd0\xb3\x05\x45\xe1" + "\x7c\xde\xda\xa8\x33\xb7\xd6\xb8\xa7\x02\x03\x8b\x27\x4e\xae" + "\xa3\xf4\xe4\xbe\x9d\x91\x4e\xeb\x61\xf1\x70\x2e\x69\x6c\x20" + "\x3a\x12\x68\x54"; + a.inLen = strlen(a.input); + a.outLen = SHA512_DIGEST_SIZE; + + b.input = "what do ya want for nothing?"; + b.output = "\x16\x4b\x7a\x7b\xfc\xf8\x19\xe2\xe3\x95\xfb\xe7\x3b\x56\xe0" + "\xa3\x87\xbd\x64\x22\x2e\x83\x1f\xd6\x10\x27\x0c\xd7\xea\x25" + "\x05\x54\x97\x58\xbf\x75\xc0\x5a\x99\x4a\x6d\x03\x4f\x65\xf8" + "\xf0\xe6\xfd\xca\xea\xb1\xa3\x4d\x4a\x6b\x4b\x63\x6e\x07\x0a" + "\x38\xbc\xe7\x37"; + b.inLen = strlen(b.input); + b.outLen = SHA512_DIGEST_SIZE; + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\xfa\x73\xb0\x08\x9d\x56\xa2\x84\xef\xb0\xf0\x75\x6c\x89\x0b" + "\xe9\xb1\xb5\xdb\xdd\x8e\xe8\x1a\x36\x55\xf8\x3e\x33\xb2\x27" + "\x9d\x39\xbf\x3e\x84\x82\x79\xa7\x22\xc8\x06\xb4\x85\xa4\x7e" + "\x67\xc8\x07\xb9\x46\xa3\x37\xbe\xe8\x94\x26\x74\x27\x88\x59" + "\xe1\x32\x92\xfb"; + c.inLen = strlen(c.input); + c.outLen = SHA512_DIGEST_SIZE; + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) + if (i == 1) + continue; /* fips not allowed */ +#endif + ret = HmacSetKey(&hmac, SHA512, (byte*)keys[i],(word32)strlen(keys[i])); + if (ret != 0) + return -4030; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4031; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4032; + + if (memcmp(hash, test_hmac[i].output, SHA512_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + + +#ifndef NO_RC4 +int arc4_test(void) +{ + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x01\x23\x45\x67\x89\xab\xcd\xef", + "\x01\x23\x45\x67\x89\xab\xcd\xef", + "\x00\x00\x00\x00\x00\x00\x00\x00", + "\xef\x01\x23\x45" + }; + + testVector a, b, c, d; + testVector test_arc4[4]; + + int times = sizeof(test_arc4) / sizeof(testVector), i; + + a.input = "\x01\x23\x45\x67\x89\xab\xcd\xef"; + a.output = "\x75\xb7\x87\x80\x99\xe0\xc5\x96"; + a.inLen = 8; + a.outLen = 8; + + b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + b.output = "\x74\x94\xc2\xe7\x10\x4b\x08\x79"; + b.inLen = 8; + b.outLen = 8; + + c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + c.output = "\xde\x18\x89\x41\xa3\x37\x5d\x3a"; + c.inLen = 8; + c.outLen = 8; + + d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + d.output = "\xd6\xa1\x41\xa7\xec\x3c\x38\xdf\xbd\x61"; + d.inLen = 10; + d.outLen = 10; + + test_arc4[0] = a; + test_arc4[1] = b; + test_arc4[2] = c; + test_arc4[3] = d; + + for (i = 0; i < times; ++i) { + Arc4 enc; + Arc4 dec; + int keylen = 8; /* strlen with key 0x00 not good */ + if (i == 3) + keylen = 4; + +#ifdef HAVE_CAVIUM + if (Arc4InitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20001; + if (Arc4InitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20002; +#endif + + Arc4SetKey(&enc, (byte*)keys[i], keylen); + Arc4SetKey(&dec, (byte*)keys[i], keylen); + + Arc4Process(&enc, cipher, (byte*)test_arc4[i].input, + (word32)test_arc4[i].outLen); + Arc4Process(&dec, plain, cipher, (word32)test_arc4[i].outLen); + + if (memcmp(plain, test_arc4[i].input, test_arc4[i].outLen)) + return -20 - i; + + if (memcmp(cipher, test_arc4[i].output, test_arc4[i].outLen)) + return -20 - 5 - i; + +#ifdef HAVE_CAVIUM + Arc4FreeCavium(&enc); + Arc4FreeCavium(&dec); +#endif + } + + return 0; +} +#endif + + +int hc128_test(void) +{ +#ifdef HAVE_HC128 + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x53\xA6\xF9\x4C\x9F\xF2\x45\x98\xEB\x3E\x91\xE4\x37\x8A\xDD", + "\x0F\x62\xB5\x08\x5B\xAE\x01\x54\xA7\xFA\x4D\xA0\xF3\x46\x99\xEC" + }; + + const char* ivs[] = + { + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x80\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x0D\x74\xDB\x42\xA9\x10\x77\xDE\x45\xAC\x13\x7A\xE1\x48\xAF\x16", + "\x28\x8F\xF6\x5D\xC4\x2B\x92\xF9\x60\xC7\x2E\x95\xFC\x63\xCA\x31" + }; + + + testVector a, b, c, d; + testVector test_hc128[4]; + + int times = sizeof(test_hc128) / sizeof(testVector), i; + + a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + a.output = "\x37\x86\x02\xB9\x8F\x32\xA7\x48"; + a.inLen = 8; + a.outLen = 8; + + b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + b.output = "\x33\x7F\x86\x11\xC6\xED\x61\x5F"; + b.inLen = 8; + b.outLen = 8; + + c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; + c.output = "\x2E\x1E\xD1\x2A\x85\x51\xC0\x5A"; + c.inLen = 8; + c.outLen = 8; + + d.input = "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00"; + d.output = "\x1C\xD8\xAE\xDD\xFE\x52\xE2\x17\xE8\x35\xD0\xB7\xE8\x4E\x29"; + d.inLen = 15; + d.outLen = 15; + + test_hc128[0] = a; + test_hc128[1] = b; + test_hc128[2] = c; + test_hc128[3] = d; + + for (i = 0; i < times; ++i) { + HC128 enc; + HC128 dec; + + /* align keys/ivs in plain/cipher buffers */ + memcpy(plain, keys[i], 16); + memcpy(cipher, ivs[i], 16); + + Hc128_SetKey(&enc, plain, cipher); + Hc128_SetKey(&dec, plain, cipher); + + /* align input */ + memcpy(plain, test_hc128[i].input, test_hc128[i].outLen); + Hc128_Process(&enc, cipher, plain, (word32)test_hc128[i].outLen); + Hc128_Process(&dec, plain, cipher, (word32)test_hc128[i].outLen); + + if (memcmp(plain, test_hc128[i].input, test_hc128[i].outLen)) + return -120 - i; + + if (memcmp(cipher, test_hc128[i].output, test_hc128[i].outLen)) + return -120 - 5 - i; + } + +#endif /* HAVE_HC128 */ + return 0; +} + + +#ifndef NO_RABBIT +int rabbit_test(void) +{ + byte cipher[16]; + byte plain[16]; + + const char* keys[] = + { + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", + "\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00", "\xAC\xC3\x51\xDC\xF1\x62\xFC\x3B\xFE\x36\x3D\x2E\x29\x13\x28\x91" }; @@ -998,7 +1760,6 @@ int rabbit_test() 0 }; - testVector a, b, c; testVector test_rabbit[3]; @@ -1006,18 +1767,18 @@ int rabbit_test() a.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; a.output = "\xED\xB7\x05\x67\x37\x5D\xCD\x7C"; - a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.inLen = 8; + a.outLen = 8; b.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; b.output = "\x6D\x7D\x01\x22\x92\xCC\xDC\xE0"; - b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.inLen = 8; + b.outLen = 8; c.input = "\x00\x00\x00\x00\x00\x00\x00\x00"; - c.output = "\x9C\x51\xE2\x87\x84\xC3\x7F\xE9"; - c.inLen = strlen(c.input); - c.outLen = strlen(c.output); + c.output = "\x04\xCE\xCA\x7A\x1A\x86\x6E\x77"; + c.inLen = 8; + c.outLen = 8; test_rabbit[0] = a; test_rabbit[1] = b; @@ -1026,12 +1787,21 @@ int rabbit_test() for (i = 0; i < times; ++i) { Rabbit enc; Rabbit dec; - - RabbitSetKey(&enc, (byte*)keys[i], (byte*)ivs[i]); - RabbitSetKey(&dec, (byte*)keys[i], (byte*)ivs[i]); - - RabbitProcess(&enc, cipher, (byte*)test_rabbit[i].input, - (word32)test_rabbit[i].outLen); + byte* iv; + + /* align keys/ivs in plain/cipher buffers */ + memcpy(plain, keys[i], 16); + if (ivs[i]) { + memcpy(cipher, ivs[i], 8); + iv = cipher; + } else + iv = NULL; + RabbitSetKey(&enc, plain, iv); + RabbitSetKey(&dec, plain, iv); + + /* align input */ + memcpy(plain, test_rabbit[i].input, test_rabbit[i].outLen); + RabbitProcess(&enc, cipher, plain, (word32)test_rabbit[i].outLen); RabbitProcess(&dec, plain, cipher, (word32)test_rabbit[i].outLen); if (memcmp(plain, test_rabbit[i].input, test_rabbit[i].outLen)) @@ -1047,7 +1817,7 @@ int rabbit_test() #ifndef NO_DES3 -int des_test() +int des_test(void) { const byte vector[] = { /* "now is the time for all " w/o trailing 0 */ 0x6e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, @@ -1061,34 +1831,40 @@ int des_test() Des enc; Des dec; - const byte key[] = + const byte key[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef }; - const byte iv[] = + const byte iv[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef }; - const byte verify[] = + const byte verify[] = { 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, 0x15,0x85,0xb3,0x22,0x4b,0x86,0x2b,0x4b }; + int ret; + + ret = Des_SetKey(&enc, key, iv, DES_ENCRYPTION); + if (ret != 0) + return -31; - Des_SetKey(&enc, key, iv, DES_ENCRYPTION); Des_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); - Des_SetKey(&dec, key, iv, DES_DECRYPTION); + ret = Des_SetKey(&dec, key, iv, DES_DECRYPTION); + if (ret != 0) + return -32; Des_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); if (memcmp(plain, vector, sizeof(plain))) - return -31; + return -33; if (memcmp(cipher, verify, sizeof(cipher))) - return -32; + return -34; return 0; } @@ -1096,7 +1872,7 @@ int des_test() #ifndef NO_DES3 -int des3_test() +int des3_test(void) { const byte vector[] = { /* "Now is the time for all " w/o trailing 0 */ 0x4e,0x6f,0x77,0x20,0x69,0x73,0x20,0x74, @@ -1110,46 +1886,66 @@ int des3_test() Des3 enc; Des3 dec; - const byte key3[] = + const byte key3[] = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef, 0xfe,0xde,0xba,0x98,0x76,0x54,0x32,0x10, 0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67 }; - const byte iv3[] = + const byte iv3[] = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef, 0x01,0x01,0x01,0x01,0x01,0x01,0x01,0x01, 0x11,0x21,0x31,0x41,0x51,0x61,0x71,0x81 - + }; - const byte verify3[] = + const byte verify3[] = { 0x43,0xa0,0x29,0x7e,0xd1,0x84,0xf8,0x0e, 0x89,0x64,0x84,0x32,0x12,0xd5,0x08,0x98, 0x18,0x94,0x15,0x74,0x87,0x12,0x7d,0xb0 }; + int ret; - Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION); - Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); - Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION); - Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); - if (memcmp(plain, vector, sizeof(plain))) +#ifdef HAVE_CAVIUM + if (Des3_InitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20005; + if (Des3_InitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20006; +#endif + ret = Des3_SetKey(&enc, key3, iv3, DES_ENCRYPTION); + if (ret != 0) + return -31; + ret = Des3_SetKey(&dec, key3, iv3, DES_DECRYPTION); + if (ret != 0) + return -32; + ret = Des3_CbcEncrypt(&enc, cipher, vector, sizeof(vector)); + if (ret != 0) return -33; + ret = Des3_CbcDecrypt(&dec, plain, cipher, sizeof(cipher)); + if (ret != 0) + return -34; + + if (memcmp(plain, vector, sizeof(plain))) + return -35; if (memcmp(cipher, verify3, sizeof(cipher))) - return -34; + return -36; +#ifdef HAVE_CAVIUM + Des3_FreeCavium(&enc); + Des3_FreeCavium(&dec); +#endif return 0; } #endif /* NO_DES */ #ifndef NO_AES -int aes_test() +int aes_test(void) { Aes enc; Aes dec; @@ -1160,7 +1956,7 @@ int aes_test() 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; - const byte verify[] = + const byte verify[] = { 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb @@ -1171,12 +1967,27 @@ int aes_test() byte cipher[AES_BLOCK_SIZE * 4]; byte plain [AES_BLOCK_SIZE * 4]; + int ret; - AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); - AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); +#ifdef HAVE_CAVIUM + if (AesInitCavium(&enc, CAVIUM_DEV_ID) != 0) + return -20003; + if (AesInitCavium(&dec, CAVIUM_DEV_ID) != 0) + return -20004; +#endif + ret = AesSetKey(&enc, key, AES_BLOCK_SIZE, iv, AES_ENCRYPTION); + if (ret != 0) + return -1001; + ret = AesSetKey(&dec, key, AES_BLOCK_SIZE, iv, AES_DECRYPTION); + if (ret != 0) + return -1002; - AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); - AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); + ret = AesCbcEncrypt(&enc, cipher, msg, AES_BLOCK_SIZE); + if (ret != 0) + return -1005; + ret = AesCbcDecrypt(&dec, plain, cipher, AES_BLOCK_SIZE); + if (ret != 0) + return -1006; if (memcmp(plain, msg, AES_BLOCK_SIZE)) return -60; @@ -1184,9 +1995,13 @@ int aes_test() if (memcmp(cipher, verify, AES_BLOCK_SIZE)) return -61; +#ifdef HAVE_CAVIUM + AesFreeCavium(&enc); + AesFreeCavium(&dec); +#endif #ifdef CYASSL_AES_COUNTER { - const byte ctrKey[] = + const byte ctrKey[] = { 0x2b,0x7e,0x15,0x16,0x28,0xae,0xd2,0xa6, 0xab,0xf7,0x15,0x88,0x09,0xcf,0x4f,0x3c @@ -1223,9 +2038,15 @@ int aes_test() 0x79,0x21,0x70,0xa0,0xf3,0x00,0x9c,0xee }; - AesSetKey(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + const byte oddCipher[] = + { + 0xb9,0xd7,0xcb,0x08,0xb0,0xe1,0x7b,0xa0, + 0xc2 + }; + + AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); /* Ctr only uses encrypt, even on key setup */ - AesSetKey(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); AesCtrEncrypt(&enc, cipher, ctrPlain, AES_BLOCK_SIZE*4); AesCtrEncrypt(&dec, plain, cipher, AES_BLOCK_SIZE*4); @@ -1235,14 +2056,78 @@ int aes_test() if (memcmp(cipher, ctrCipher, AES_BLOCK_SIZE*4)) return -67; + + /* let's try with just 9 bytes, non block size test */ + AesSetKeyDirect(&enc, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + /* Ctr only uses encrypt, even on key setup */ + AesSetKeyDirect(&dec, ctrKey, AES_BLOCK_SIZE, ctrIv, AES_ENCRYPTION); + + AesCtrEncrypt(&enc, cipher, ctrPlain, 9); + AesCtrEncrypt(&dec, plain, cipher, 9); + + if (memcmp(plain, ctrPlain, 9)) + return -68; + + if (memcmp(cipher, ctrCipher, 9)) + return -69; + + /* and an additional 9 bytes to reuse tmp left buffer */ + AesCtrEncrypt(&enc, cipher, ctrPlain, 9); + AesCtrEncrypt(&dec, plain, cipher, 9); + + if (memcmp(plain, ctrPlain, 9)) + return -70; + + if (memcmp(cipher, oddCipher, 9)) + return -71; } #endif /* CYASSL_AES_COUNTER */ +#if defined(CYASSL_AESNI) && defined(CYASSL_AES_DIRECT) + { + const byte niPlain[] = + { + 0x6b,0xc1,0xbe,0xe2,0x2e,0x40,0x9f,0x96, + 0xe9,0x3d,0x7e,0x11,0x73,0x93,0x17,0x2a + }; + + const byte niCipher[] = + { + 0xf3,0xee,0xd1,0xbd,0xb5,0xd2,0xa0,0x3c, + 0x06,0x4b,0x5a,0x7e,0x3d,0xb1,0x81,0xf8 + }; + + const byte niKey[] = + { + 0x60,0x3d,0xeb,0x10,0x15,0xca,0x71,0xbe, + 0x2b,0x73,0xae,0xf0,0x85,0x7d,0x77,0x81, + 0x1f,0x35,0x2c,0x07,0x3b,0x61,0x08,0xd7, + 0x2d,0x98,0x10,0xa3,0x09,0x14,0xdf,0xf4 + }; + + XMEMSET(cipher, 0, AES_BLOCK_SIZE); + ret = AesSetKey(&enc, niKey, sizeof(niKey), cipher, AES_ENCRYPTION); + if (ret != 0) + return -1003; + AesEncryptDirect(&enc, cipher, niPlain); + if (XMEMCMP(cipher, niCipher, AES_BLOCK_SIZE) != 0) + return -20006; + + XMEMSET(plain, 0, AES_BLOCK_SIZE); + ret = AesSetKey(&dec, niKey, sizeof(niKey), plain, AES_DECRYPTION); + if (ret != 0) + return -1004; + AesDecryptDirect(&dec, plain, niCipher); + if (XMEMCMP(plain, niPlain, AES_BLOCK_SIZE) != 0) + return -20007; + } +#endif /* CYASSL_AESNI && CYASSL_AES_DIRECT */ + return 0; } #ifdef HAVE_AESGCM -int aesgcm_test() +int aesgcm_test(void) { Aes enc; @@ -1262,9 +2147,9 @@ int aesgcm_test() const byte iv[] = { 0xca, 0xfe, 0xba, 0xbe, 0xfa, 0xce, 0xdb, 0xad, - 0xde, 0xca, 0xf8, 0x88, 0x00, 0x00, 0x00, 0x00 + 0xde, 0xca, 0xf8, 0x88 }; - + const byte p[] = { 0xd9, 0x31, 0x32, 0x25, 0xf8, 0x84, 0x06, 0xe5, @@ -1276,14 +2161,14 @@ int aesgcm_test() 0xb1, 0x6a, 0xed, 0xf5, 0xaa, 0x0d, 0xe6, 0x57, 0xba, 0x63, 0x7b, 0x39 }; - + const byte a[] = { 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xfe, 0xed, 0xfa, 0xce, 0xde, 0xad, 0xbe, 0xef, 0xab, 0xad, 0xda, 0xd2 }; - + const byte c[] = { 0x52, 0x2d, 0xc1, 0xf0, 0x99, 0x56, 0x7d, 0x07, @@ -1302,27 +2187,27 @@ int aesgcm_test() 0xcd, 0xdf, 0x88, 0x53, 0xbb, 0x2d, 0x55, 0x1b }; - byte t2[16]; - byte p2[60]; - byte c2[60]; + byte t2[sizeof(t)]; + byte p2[sizeof(c)]; + byte c2[sizeof(p)]; int result; - memset(t2, 0, 16); - memset(c2, 0, 60); - memset(p2, 0, 60); + memset(t2, 0, sizeof(t2)); + memset(c2, 0, sizeof(c2)); + memset(p2, 0, sizeof(p2)); - AesGcmSetKey(&enc, k, sizeof(k), iv); - AesGcmSetExpIV(&enc, iv + /*AES_GCM_IMP_IV_SZ*/ 4); + AesGcmSetKey(&enc, k, sizeof(k)); /* AES-GCM encrypt and decrypt both use AES encrypt internally */ - AesGcmEncrypt(&enc, c2, p, sizeof(c2), t2, sizeof(t2), a, sizeof(a)); + AesGcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); if (memcmp(c, c2, sizeof(c2))) return -68; if (memcmp(t, t2, sizeof(t2))) return -69; - result = AesGcmDecrypt(&enc, - p2, c2, sizeof(p2), t2, sizeof(t2), a, sizeof(a)); + result = AesGcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); if (result != 0) return -70; if (memcmp(p, p2, sizeof(p2))) @@ -1330,54 +2215,494 @@ int aesgcm_test() return 0; } + +int gmac_test(void) +{ + Gmac gmac; + + const byte k1[] = + { + 0x89, 0xc9, 0x49, 0xe9, 0xc8, 0x04, 0xaf, 0x01, + 0x4d, 0x56, 0x04, 0xb3, 0x94, 0x59, 0xf2, 0xc8 + }; + const byte iv1[] = + { + 0xd1, 0xb1, 0x04, 0xc8, 0x15, 0xbf, 0x1e, 0x94, + 0xe2, 0x8c, 0x8f, 0x16 + }; + const byte a1[] = + { + 0x82, 0xad, 0xcd, 0x63, 0x8d, 0x3f, 0xa9, 0xd9, + 0xf3, 0xe8, 0x41, 0x00, 0xd6, 0x1e, 0x07, 0x77 + }; + const byte t1[] = + { + 0x88, 0xdb, 0x9d, 0x62, 0x17, 0x2e, 0xd0, 0x43, + 0xaa, 0x10, 0xf1, 0x6d, 0x22, 0x7d, 0xc4, 0x1b + }; + + const byte k2[] = + { + 0x40, 0xf7, 0xec, 0xb2, 0x52, 0x6d, 0xaa, 0xd4, + 0x74, 0x25, 0x1d, 0xf4, 0x88, 0x9e, 0xf6, 0x5b + }; + const byte iv2[] = + { + 0xee, 0x9c, 0x6e, 0x06, 0x15, 0x45, 0x45, 0x03, + 0x1a, 0x60, 0x24, 0xa7 + }; + const byte a2[] = + { + 0x94, 0x81, 0x2c, 0x87, 0x07, 0x4e, 0x15, 0x18, + 0x34, 0xb8, 0x35, 0xaf, 0x1c, 0xa5, 0x7e, 0x56 + }; + const byte t2[] = + { + 0xc6, 0x81, 0x79, 0x8e, 0x3d, 0xda, 0xb0, 0x9f, + 0x8d, 0x83, 0xb0, 0xbb, 0x14, 0xb6, 0x91 + }; + + const byte k3[] = + { + 0xb8, 0xe4, 0x9a, 0x5e, 0x37, 0xf9, 0x98, 0x2b, + 0xb9, 0x6d, 0xd0, 0xc9, 0xb6, 0xab, 0x26, 0xac + }; + const byte iv3[] = + { + 0xe4, 0x4a, 0x42, 0x18, 0x8c, 0xae, 0x94, 0x92, + 0x6a, 0x9c, 0x26, 0xb0 + }; + const byte a3[] = + { + 0x9d, 0xb9, 0x61, 0x68, 0xa6, 0x76, 0x7a, 0x31, + 0xf8, 0x29, 0xe4, 0x72, 0x61, 0x68, 0x3f, 0x8a + }; + const byte t3[] = + { + 0x23, 0xe2, 0x9f, 0x66, 0xe4, 0xc6, 0x52, 0x48 + }; + + byte tag[16]; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k1, sizeof(k1)); + GmacUpdate(&gmac, iv1, sizeof(iv1), a1, sizeof(a1), tag, sizeof(t1)); + if (memcmp(t1, tag, sizeof(t1)) != 0) + return -126; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k2, sizeof(k2)); + GmacUpdate(&gmac, iv2, sizeof(iv2), a2, sizeof(a2), tag, sizeof(t2)); + if (memcmp(t2, tag, sizeof(t2)) != 0) + return -127; + + memset(tag, 0, sizeof(tag)); + GmacSetKey(&gmac, k3, sizeof(k3)); + GmacUpdate(&gmac, iv3, sizeof(iv3), a3, sizeof(a3), tag, sizeof(t3)); + if (memcmp(t3, tag, sizeof(t3)) != 0) + return -128; + + return 0; +} #endif /* HAVE_AESGCM */ +#ifdef HAVE_AESCCM +int aesccm_test(void) +{ + Aes enc; + + /* key */ + const byte k[] = + { + 0xc0, 0xc1, 0xc2, 0xc3, 0xc4, 0xc5, 0xc6, 0xc7, + 0xc8, 0xc9, 0xca, 0xcb, 0xcc, 0xcd, 0xce, 0xcf + }; + + /* nonce */ + const byte iv[] = + { + 0x00, 0x00, 0x00, 0x03, 0x02, 0x01, 0x00, 0xa0, + 0xa1, 0xa2, 0xa3, 0xa4, 0xa5 + }; + + /* plaintext */ + const byte p[] = + { + 0x08, 0x09, 0x0a, 0x0b, 0x0c, 0x0d, 0x0e, 0x0f, + 0x10, 0x11, 0x12, 0x13, 0x14, 0x15, 0x16, 0x17, + 0x18, 0x19, 0x1a, 0x1b, 0x1c, 0x1d, 0x1e + }; + + const byte a[] = + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07 + }; + + const byte c[] = + { + 0x58, 0x8c, 0x97, 0x9a, 0x61, 0xc6, 0x63, 0xd2, + 0xf0, 0x66, 0xd0, 0xc2, 0xc0, 0xf9, 0x89, 0x80, + 0x6d, 0x5f, 0x6b, 0x61, 0xda, 0xc3, 0x84 + }; + + const byte t[] = + { + 0x17, 0xe8, 0xd1, 0x2c, 0xfd, 0xf9, 0x26, 0xe0 + }; + + byte t2[sizeof(t)]; + byte p2[sizeof(p)]; + byte c2[sizeof(c)]; + + int result; + + memset(t2, 0, sizeof(t2)); + memset(c2, 0, sizeof(c2)); + memset(p2, 0, sizeof(p2)); + + AesCcmSetKey(&enc, k, sizeof(k)); + /* AES-CCM encrypt and decrypt both use AES encrypt internally */ + AesCcmEncrypt(&enc, c2, p, sizeof(c2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (memcmp(c, c2, sizeof(c2))) + return -107; + if (memcmp(t, t2, sizeof(t2))) + return -108; + + result = AesCcmDecrypt(&enc, p2, c2, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (result != 0) + return -109; + if (memcmp(p, p2, sizeof(p2))) + return -110; + + /* Test the authentication failure */ + t2[0]++; /* Corrupt the authentication tag. */ + result = AesCcmDecrypt(&enc, p2, c, sizeof(p2), iv, sizeof(iv), + t2, sizeof(t2), a, sizeof(a)); + if (result == 0) + return -111; + + /* Clear c2 to compare against p2. p2 should be set to zero in case of + * authentication fail. */ + memset(c2, 0, sizeof(c2)); + if (memcmp(p2, c2, sizeof(p2))) + return -112; + + return 0; +} +#endif /* HAVE_AESCCM */ + #endif /* NO_AES */ -int random_test() +#ifdef HAVE_CAMELLIA + +enum { + CAM_ECB_ENC, CAM_ECB_DEC, CAM_CBC_ENC, CAM_CBC_DEC +}; + +typedef struct { + int type; + const byte* plaintext; + const byte* iv; + const byte* ciphertext; + const byte* key; + word32 keySz; + int errorCode; +} test_vector_t; + +int camellia_test(void) { - RNG rng; - byte block[32]; - int ret = InitRng(&rng); + /* Camellia ECB Test Plaintext */ + static const byte pte[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 + }; + + /* Camellia ECB Test Initialization Vector */ + static const byte ive[] = {0,0,0,0,0,0,0,0,0,0,0,0,0,0,0,0}; + + /* Test 1: Camellia ECB 128-bit key */ + static const byte k1[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10 + }; + static const byte c1[] = + { + 0x67, 0x67, 0x31, 0x38, 0x54, 0x96, 0x69, 0x73, + 0x08, 0x57, 0x06, 0x56, 0x48, 0xea, 0xbe, 0x43 + }; + + /* Test 2: Camellia ECB 192-bit key */ + static const byte k2[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77 + }; + static const byte c2[] = + { + 0xb4, 0x99, 0x34, 0x01, 0xb3, 0xe9, 0x96, 0xf8, + 0x4e, 0xe5, 0xce, 0xe7, 0xd7, 0x9b, 0x09, 0xb9 + }; + + /* Test 3: Camellia ECB 256-bit key */ + static const byte k3[] = + { + 0x01, 0x23, 0x45, 0x67, 0x89, 0xab, 0xcd, 0xef, + 0xfe, 0xdc, 0xba, 0x98, 0x76, 0x54, 0x32, 0x10, + 0x00, 0x11, 0x22, 0x33, 0x44, 0x55, 0x66, 0x77, + 0x88, 0x99, 0xaa, 0xbb, 0xcc, 0xdd, 0xee, 0xff + }; + static const byte c3[] = + { + 0x9a, 0xcc, 0x23, 0x7d, 0xff, 0x16, 0xd7, 0x6c, + 0x20, 0xef, 0x7c, 0x91, 0x9e, 0x3a, 0x75, 0x09 + }; + + /* Camellia CBC Test Plaintext */ + static const byte ptc[] = + { + 0x6B, 0xC1, 0xBE, 0xE2, 0x2E, 0x40, 0x9F, 0x96, + 0xE9, 0x3D, 0x7E, 0x11, 0x73, 0x93, 0x17, 0x2A + }; + + /* Camellia CBC Test Initialization Vector */ + static const byte ivc[] = + { + 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0A, 0x0B, 0x0C, 0x0D, 0x0E, 0x0F + }; + + /* Test 4: Camellia-CBC 128-bit key */ + static const byte k4[] = + { + 0x2B, 0x7E, 0x15, 0x16, 0x28, 0xAE, 0xD2, 0xA6, + 0xAB, 0xF7, 0x15, 0x88, 0x09, 0xCF, 0x4F, 0x3C + }; + static const byte c4[] = + { + 0x16, 0x07, 0xCF, 0x49, 0x4B, 0x36, 0xBB, 0xF0, + 0x0D, 0xAE, 0xB0, 0xB5, 0x03, 0xC8, 0x31, 0xAB + }; + + /* Test 5: Camellia-CBC 192-bit key */ + static const byte k5[] = + { + 0x8E, 0x73, 0xB0, 0xF7, 0xDA, 0x0E, 0x64, 0x52, + 0xC8, 0x10, 0xF3, 0x2B, 0x80, 0x90, 0x79, 0xE5, + 0x62, 0xF8, 0xEA, 0xD2, 0x52, 0x2C, 0x6B, 0x7B + }; + static const byte c5[] = + { + 0x2A, 0x48, 0x30, 0xAB, 0x5A, 0xC4, 0xA1, 0xA2, + 0x40, 0x59, 0x55, 0xFD, 0x21, 0x95, 0xCF, 0x93 + }; + + /* Test 6: CBC 256-bit key */ + static const byte k6[] = + { + 0x60, 0x3D, 0xEB, 0x10, 0x15, 0xCA, 0x71, 0xBE, + 0x2B, 0x73, 0xAE, 0xF0, 0x85, 0x7D, 0x77, 0x81, + 0x1F, 0x35, 0x2C, 0x07, 0x3B, 0x61, 0x08, 0xD7, + 0x2D, 0x98, 0x10, 0xA3, 0x09, 0x14, 0xDF, 0xF4 + }; + static const byte c6[] = + { + 0xE6, 0xCF, 0xA3, 0x5F, 0xC0, 0x2B, 0x13, 0x4A, + 0x4D, 0x2C, 0x0B, 0x67, 0x37, 0xAC, 0x3E, 0xDA + }; + + byte out[CAMELLIA_BLOCK_SIZE]; + Camellia cam; + int i, testsSz; + const test_vector_t testVectors[] = + { + {CAM_ECB_ENC, pte, ive, c1, k1, sizeof(k1), -114}, + {CAM_ECB_ENC, pte, ive, c2, k2, sizeof(k2), -115}, + {CAM_ECB_ENC, pte, ive, c3, k3, sizeof(k3), -116}, + {CAM_ECB_DEC, pte, ive, c1, k1, sizeof(k1), -117}, + {CAM_ECB_DEC, pte, ive, c2, k2, sizeof(k2), -118}, + {CAM_ECB_DEC, pte, ive, c3, k3, sizeof(k3), -119}, + {CAM_CBC_ENC, ptc, ivc, c4, k4, sizeof(k4), -120}, + {CAM_CBC_ENC, ptc, ivc, c5, k5, sizeof(k5), -121}, + {CAM_CBC_ENC, ptc, ivc, c6, k6, sizeof(k6), -122}, + {CAM_CBC_DEC, ptc, ivc, c4, k4, sizeof(k4), -123}, + {CAM_CBC_DEC, ptc, ivc, c5, k5, sizeof(k5), -124}, + {CAM_CBC_DEC, ptc, ivc, c6, k6, sizeof(k6), -125} + }; + + testsSz = sizeof(testVectors)/sizeof(test_vector_t); + for (i = 0; i < testsSz; i++) { + if (CamelliaSetKey(&cam, testVectors[i].key, testVectors[i].keySz, + testVectors[i].iv) != 0) + return testVectors[i].errorCode; + + switch (testVectors[i].type) { + case CAM_ECB_ENC: + CamelliaEncryptDirect(&cam, out, testVectors[i].plaintext); + if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_ECB_DEC: + CamelliaDecryptDirect(&cam, out, testVectors[i].ciphertext); + if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_CBC_ENC: + CamelliaCbcEncrypt(&cam, out, testVectors[i].plaintext, + CAMELLIA_BLOCK_SIZE); + if (memcmp(out, testVectors[i].ciphertext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + case CAM_CBC_DEC: + CamelliaCbcDecrypt(&cam, out, testVectors[i].ciphertext, + CAMELLIA_BLOCK_SIZE); + if (memcmp(out, testVectors[i].plaintext, CAMELLIA_BLOCK_SIZE)) + return testVectors[i].errorCode; + break; + default: + break; + } + } + + /* Setting the IV and checking it was actually set. */ + CamelliaSetIV(&cam, ivc); + if (XMEMCMP(cam.reg, ivc, CAMELLIA_BLOCK_SIZE)) + return -1; + + /* Setting the IV to NULL should be same as all zeros IV */ + if (CamelliaSetIV(&cam, NULL) != 0 || + XMEMCMP(cam.reg, ive, CAMELLIA_BLOCK_SIZE)) + return -1; + + /* First parameter should never be null */ + if (CamelliaSetIV(NULL, NULL) == 0) + return -1; + + /* First parameter should never be null, check it fails */ + if (CamelliaSetKey(NULL, k1, sizeof(k1), NULL) == 0) + return -1; + + /* Key should have a size of 16, 24, or 32 */ + if (CamelliaSetKey(&cam, k1, 0, NULL) == 0) + return -1; + + return 0; +} +#endif /* HAVE_CAMELLIA */ + + +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + +int random_test(void) +{ + const byte test1Entropy[] = + { + 0xa6, 0x5a, 0xd0, 0xf3, 0x45, 0xdb, 0x4e, 0x0e, 0xff, 0xe8, 0x75, 0xc3, + 0xa2, 0xe7, 0x1f, 0x42, 0xc7, 0x12, 0x9d, 0x62, 0x0f, 0xf5, 0xc1, 0x19, + 0xa9, 0xef, 0x55, 0xf0, 0x51, 0x85, 0xe0, 0xfb, 0x85, 0x81, 0xf9, 0x31, + 0x75, 0x17, 0x27, 0x6e, 0x06, 0xe9, 0x60, 0x7d, 0xdb, 0xcb, 0xcc, 0x2e + }; + const byte test1Output[] = + { + 0xd3, 0xe1, 0x60, 0xc3, 0x5b, 0x99, 0xf3, 0x40, 0xb2, 0x62, 0x82, 0x64, + 0xd1, 0x75, 0x10, 0x60, 0xe0, 0x04, 0x5d, 0xa3, 0x83, 0xff, 0x57, 0xa5, + 0x7d, 0x73, 0xa6, 0x73, 0xd2, 0xb8, 0xd8, 0x0d, 0xaa, 0xf6, 0xa6, 0xc3, + 0x5a, 0x91, 0xbb, 0x45, 0x79, 0xd7, 0x3f, 0xd0, 0xc8, 0xfe, 0xd1, 0x11, + 0xb0, 0x39, 0x13, 0x06, 0x82, 0x8a, 0xdf, 0xed, 0x52, 0x8f, 0x01, 0x81, + 0x21, 0xb3, 0xfe, 0xbd, 0xc3, 0x43, 0xe7, 0x97, 0xb8, 0x7d, 0xbb, 0x63, + 0xdb, 0x13, 0x33, 0xde, 0xd9, 0xd1, 0xec, 0xe1, 0x77, 0xcf, 0xa6, 0xb7, + 0x1f, 0xe8, 0xab, 0x1d, 0xa4, 0x66, 0x24, 0xed, 0x64, 0x15, 0xe5, 0x1c, + 0xcd, 0xe2, 0xc7, 0xca, 0x86, 0xe2, 0x83, 0x99, 0x0e, 0xea, 0xeb, 0x91, + 0x12, 0x04, 0x15, 0x52, 0x8b, 0x22, 0x95, 0x91, 0x02, 0x81, 0xb0, 0x2d, + 0xd4, 0x31, 0xf4, 0xc9, 0xf7, 0x04, 0x27, 0xdf + }; + const byte test2EntropyA[] = + { + 0x63, 0x36, 0x33, 0x77, 0xe4, 0x1e, 0x86, 0x46, 0x8d, 0xeb, 0x0a, 0xb4, + 0xa8, 0xed, 0x68, 0x3f, 0x6a, 0x13, 0x4e, 0x47, 0xe0, 0x14, 0xc7, 0x00, + 0x45, 0x4e, 0x81, 0xe9, 0x53, 0x58, 0xa5, 0x69, 0x80, 0x8a, 0xa3, 0x8f, + 0x2a, 0x72, 0xa6, 0x23, 0x59, 0x91, 0x5a, 0x9f, 0x8a, 0x04, 0xca, 0x68 + }; + const byte test2EntropyB[] = + { + 0xe6, 0x2b, 0x8a, 0x8e, 0xe8, 0xf1, 0x41, 0xb6, 0x98, 0x05, 0x66, 0xe3, + 0xbf, 0xe3, 0xc0, 0x49, 0x03, 0xda, 0xd4, 0xac, 0x2c, 0xdf, 0x9f, 0x22, + 0x80, 0x01, 0x0a, 0x67, 0x39, 0xbc, 0x83, 0xd3 + }; + const byte test2Output[] = + { + 0x04, 0xee, 0xc6, 0x3b, 0xb2, 0x31, 0xdf, 0x2c, 0x63, 0x0a, 0x1a, 0xfb, + 0xe7, 0x24, 0x94, 0x9d, 0x00, 0x5a, 0x58, 0x78, 0x51, 0xe1, 0xaa, 0x79, + 0x5e, 0x47, 0x73, 0x47, 0xc8, 0xb0, 0x56, 0x62, 0x1c, 0x18, 0xbd, 0xdc, + 0xdd, 0x8d, 0x99, 0xfc, 0x5f, 0xc2, 0xb9, 0x20, 0x53, 0xd8, 0xcf, 0xac, + 0xfb, 0x0b, 0xb8, 0x83, 0x12, 0x05, 0xfa, 0xd1, 0xdd, 0xd6, 0xc0, 0x71, + 0x31, 0x8a, 0x60, 0x18, 0xf0, 0x3b, 0x73, 0xf5, 0xed, 0xe4, 0xd4, 0xd0, + 0x71, 0xf9, 0xde, 0x03, 0xfd, 0x7a, 0xea, 0x10, 0x5d, 0x92, 0x99, 0xb8, + 0xaf, 0x99, 0xaa, 0x07, 0x5b, 0xdb, 0x4d, 0xb9, 0xaa, 0x28, 0xc1, 0x8d, + 0x17, 0x4b, 0x56, 0xee, 0x2a, 0x01, 0x4d, 0x09, 0x88, 0x96, 0xff, 0x22, + 0x82, 0xc9, 0x55, 0xa8, 0x19, 0x69, 0xe0, 0x69, 0xfa, 0x8c, 0xe0, 0x07, + 0xa1, 0x80, 0x18, 0x3a, 0x07, 0xdf, 0xae, 0x17 + }; + int ret; + + ret = RNG_HealthTest(0, test1Entropy, sizeof(test1Entropy), NULL, 0, + test1Output, sizeof(test1Output)); if (ret != 0) return -39; - RNG_GenerateBlock(&rng, block, sizeof(block)); + ret = RNG_HealthTest(1, test2EntropyA, sizeof(test2EntropyA), + test2EntropyB, sizeof(test2EntropyB), + test2Output, sizeof(test2Output)); + if (ret != 0) return -40; return 0; } +#else /* HAVE_HASHDRBG || NO_RC4 */ -static const char* clientKey = "./certs/client-key.der"; -static const char* clientCert = "./certs/client-cert.der"; -#ifdef CYASSL_CERT_GEN - static const char* caKeyFile = "./certs/ca-key.der"; - static const char* caCertFile = "./certs/ca-cert.pem"; +int random_test(void) +{ + RNG rng; + byte block[32]; + int ret; + +#ifdef HAVE_CAVIUM + ret = InitRngCavium(&rng, CAVIUM_DEV_ID); + if (ret != 0) return -2007; #endif + ret = InitRng(&rng); + if (ret != 0) return -39; + + ret = RNG_GenerateBlock(&rng, block, sizeof(block)); + if (ret != 0) return -40; + + return 0; +} + +#endif /* HAVE_HASHDRBG || NO_RC4 */ #ifdef HAVE_NTRU -static byte GetEntropy(ENTROPY_CMD cmd, byte* out) +byte GetEntropy(ENTROPY_CMD cmd, byte* out); + +byte GetEntropy(ENTROPY_CMD cmd, byte* out) { static RNG rng; - if (cmd == INIT) { - int ret = InitRng(&rng); - if (ret == 0) - return 1; - else - return 0; - } + if (cmd == INIT) + return (InitRng(&rng) == 0) ? 1 : 0; if (out == NULL) return 0; - if (cmd == GET_BYTE_OF_ENTROPY) { - RNG_GenerateBlock(&rng, out, 1); - return 1; - } + if (cmd == GET_BYTE_OF_ENTROPY) + return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0; if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) { *out = 1; @@ -1389,10 +2714,59 @@ static byte GetEntropy(ENTROPY_CMD cmd, byte* out) #endif /* HAVE_NTRU */ -int rsa_test() +#ifndef NO_RSA + +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* clientKey = "a:\\certs\\client-key.der"; + static const char* clientCert = "a:\\certs\\client-cert.der"; + #ifdef CYASSL_CERT_GEN + static const char* caKeyFile = "a:\\certs\\ca-key.der"; + static const char* caCertFile = "a:\\certs\\ca-cert.pem"; + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "a:\\certs\\ecc-key.der"; + static const char* eccCaCertFile = "a:\\certs\\server-ecc.pem"; + #endif + #endif + #elif defined(CYASSL_MKD_SHELL) + static char* clientKey = "certs/client-key.der"; + static char* clientCert = "certs/client-cert.der"; + void set_clientKey(char *key) { clientKey = key ; } + void set_clientCert(char *cert) { clientCert = cert ; } + #ifdef CYASSL_CERT_GEN + static char* caKeyFile = "certs/ca-key.der"; + static char* caCertFile = "certs/ca-cert.pem"; + void set_caKeyFile (char * key) { caKeyFile = key ; } + void set_caCertFile(char * cert) { caCertFile = cert ; } + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "certs/ecc-key.der"; + static const char* eccCaCertFile = "certs/server-ecc.pem"; + void set_eccCaKeyFile (char * key) { eccCaKeyFile = key ; } + void set_eccCaCertFile(char * cert) { eccCaCertFile = cert ; } + #endif + #endif + #else + static const char* clientKey = "./certs/client-key.der"; + static const char* clientCert = "./certs/client-cert.der"; + #ifdef CYASSL_CERT_GEN + static const char* caKeyFile = "./certs/ca-key.der"; + static const char* caCertFile = "./certs/ca-cert.pem"; + #ifdef HAVE_ECC + static const char* eccCaKeyFile = "./certs/ecc-key.der"; + static const char* eccCaCertFile = "./certs/server-ecc.pem"; + #endif + #endif + #endif +#endif + + + +#define FOURK_BUF 4096 + +int rsa_test(void) { - byte tmp[2048], tmp2[2048]; - size_t bytes, bytes2; + byte* tmp; + size_t bytes; RsaKey key; RNG rng; word32 idx = 0; @@ -1401,19 +2775,39 @@ int rsa_test() word32 inLen = (word32)strlen((char*)in); byte out[256]; byte plain[256]; +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + FILE* file, * file2; +#endif #ifdef CYASSL_TEST_CERT DecodedCert cert; #endif - FILE* file = fopen(clientKey, "rb"), * file2; + tmp = (byte*)malloc(FOURK_BUF); + if (tmp == NULL) + return -40; + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, client_key_der_1024, sizeof_client_key_der_1024); + bytes = sizeof_client_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, client_key_der_2048, sizeof_client_key_der_2048); + bytes = sizeof_client_key_der_2048; +#else + file = fopen(clientKey, "rb"); if (!file) err_sys("can't open ./certs/client-key.der, " "Please run from CyaSSL home dir", -40); - bytes = fread(tmp, 1, sizeof(tmp), file); - - InitRsaKey(&key, 0); + bytes = fread(tmp, 1, FOURK_BUF, file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + +#ifdef HAVE_CAVIUM + RsaInitCavium(&key, CAVIUM_DEV_ID); +#endif + ret = InitRsaKey(&key, 0); + if (ret != 0) return -39; ret = RsaPrivateKeyDecode(tmp, &idx, &key, (word32)bytes); if (ret != 0) return -41; @@ -1437,68 +2831,139 @@ int rsa_test() if (memcmp(plain, in, ret)) return -48; +#if defined(CYASSL_MDK_ARM) + #define sizeof(s) strlen((char *)(s)) +#endif + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, client_cert_der_1024, sizeof_client_cert_der_1024); + bytes = sizeof_client_cert_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, client_cert_der_2048, sizeof_client_cert_der_2048); + bytes = sizeof_client_cert_der_2048; +#else file2 = fopen(clientCert, "rb"); if (!file2) return -49; - bytes2 = fread(tmp2, 1, sizeof(tmp2), file2); + bytes = fread(tmp, 1, FOURK_BUF, file2); + fclose(file2); +#endif + +#ifdef sizeof + #undef sizeof +#endif #ifdef CYASSL_TEST_CERT - InitDecodedCert(&cert, (byte*)&tmp2, (word32)bytes2, 0); + InitDecodedCert(&cert, tmp, (word32)bytes, 0); ret = ParseCert(&cert, CERT_TYPE, NO_VERIFY, 0); if (ret != 0) return -491; FreeDecodedCert(&cert); +#else + (void)bytes; #endif - fclose(file2); - fclose(file); #ifdef CYASSL_KEY_GEN { - byte der[4096]; - byte pem[4096]; - word32 derSz = 0; - word32 pemSz = 0; + byte* der; + byte* pem; + int derSz = 0; + int pemSz = 0; RsaKey derIn; RsaKey genKey; - FILE* keyFile; - FILE* pemFile; + FILE* keyFile; + FILE* pemFile; - InitRsaKey(&genKey, 0); + ret = InitRsaKey(&genKey, 0); + if (ret != 0) + return -300; ret = MakeRsaKey(&genKey, 1024, 65537, &rng); if (ret != 0) return -301; - derSz = RsaKeyToDer(&genKey, der, sizeof(der)); - if (derSz < 0) + der = (byte*)malloc(FOURK_BUF); + if (der == NULL) { + FreeRsaKey(&genKey); + return -307; + } + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(der); + FreeRsaKey(&genKey); + return -308; + } + + derSz = RsaKeyToDer(&genKey, der, FOURK_BUF); + if (derSz < 0) { + free(der); + free(pem); return -302; + } keyFile = fopen("./key.der", "wb"); - if (!keyFile) + if (!keyFile) { + free(der); + free(pem); + FreeRsaKey(&genKey); return -303; - ret = fwrite(der, derSz, 1, keyFile); + } + ret = (int)fwrite(der, 1, derSz, keyFile); fclose(keyFile); - - pemSz = DerToPem(der, derSz, pem, sizeof(pem), PRIVATEKEY_TYPE); - if (pemSz < 0) + if (ret != derSz) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -313; + } + + pemSz = DerToPem(der, derSz, pem, FOURK_BUF, PRIVATEKEY_TYPE); + if (pemSz < 0) { + free(der); + free(pem); + FreeRsaKey(&genKey); return -304; + } pemFile = fopen("./key.pem", "wb"); - if (!pemFile) + if (!pemFile) { + free(der); + free(pem); + FreeRsaKey(&genKey); return -305; - ret = fwrite(pem, pemSz, 1, pemFile); + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); fclose(pemFile); - - InitRsaKey(&derIn, 0); + if (ret != pemSz) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -314; + } + + ret = InitRsaKey(&derIn, 0); + if (ret != 0) { + free(der); + free(pem); + FreeRsaKey(&genKey); + return -3060; + } idx = 0; ret = RsaPrivateKeyDecode(der, &idx, &derIn, derSz); - if (ret != 0) + if (ret != 0) { + free(der); + free(pem); + FreeRsaKey(&derIn); + FreeRsaKey(&genKey); return -306; + } FreeRsaKey(&derIn); FreeRsaKey(&genKey); + free(pem); + free(der); } #endif /* CYASSL_KEY_GEN */ @@ -1507,8 +2972,8 @@ int rsa_test() /* self signed */ { Cert myCert; - byte derCert[4096]; - byte pem[4096]; + byte* derCert; + byte* pem; FILE* derFile; FILE* pemFile; int certSz; @@ -1517,6 +2982,15 @@ int rsa_test() DecodedCert decode; #endif + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -309; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -310; + } + InitCert(&myCert); strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); @@ -1529,62 +3003,110 @@ int rsa_test() myCert.isCA = 1; myCert.sigType = CTC_SHA256wRSA; - certSz = MakeSelfCert(&myCert, derCert, sizeof(derCert), &key, &rng); - if (certSz < 0) + certSz = MakeSelfCert(&myCert, derCert, FOURK_BUF, &key, &rng); + if (certSz < 0) { + free(derCert); + free(pem); return -401; + } #ifdef CYASSL_TEST_CERT InitDecodedCert(&decode, derCert, certSz, 0); ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); - if (ret != 0) + if (ret != 0) { + free(derCert); + free(pem); return -402; + } FreeDecodedCert(&decode); #endif derFile = fopen("./cert.der", "wb"); - if (!derFile) + if (!derFile) { + free(derCert); + free(pem); return -403; - ret = fwrite(derCert, certSz, 1, derFile); + } + ret = (int)fwrite(derCert, 1, certSz, derFile); fclose(derFile); - - pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE); - if (pemSz < 0) + if (ret != certSz) { + free(derCert); + free(pem); + return -414; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); return -404; + } pemFile = fopen("./cert.pem", "wb"); - if (!pemFile) + if (!pemFile) { + free(derCert); + free(pem); return -405; - ret = fwrite(pem, pemSz, 1, pemFile); + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); fclose(pemFile); - - + if (ret != pemSz) { + free(derCert); + free(pem); + return -406; + } + free(pem); + free(derCert); } /* CA style */ { RsaKey caKey; Cert myCert; - byte derCert[4096]; - byte pem[4096]; + byte* derCert; + byte* pem; FILE* derFile; FILE* pemFile; int certSz; int pemSz; - byte tmp[2048]; - size_t bytes; - word32 idx = 0; + size_t bytes3; + word32 idx3 = 0; + FILE* file3 ; #ifdef CYASSL_TEST_CERT DecodedCert decode; #endif - FILE* file = fopen(caKeyFile, "rb"); + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -312; + } + + file3 = fopen(caKeyFile, "rb"); - if (!file) + if (!file3) { + free(derCert); + free(pem); return -412; + } - bytes = fread(tmp, 1, sizeof(tmp), file); - - InitRsaKey(&caKey, 0); - ret = RsaPrivateKeyDecode(tmp, &idx, &caKey, (word32)bytes); - if (ret != 0) return -413; + bytes3 = fread(tmp, 1, FOURK_BUF, file3); + fclose(file3); + + ret = InitRsaKey(&caKey, 0); + if (ret != 0) { + free(derCert); + free(pem); + return -411; + } + ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); + if (ret != 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -413; + } InitCert(&myCert); @@ -1597,60 +3119,248 @@ int rsa_test() strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); ret = SetIssuer(&myCert, caCertFile); - if (ret < 0) + if (ret < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -405; + } - certSz = MakeCert(&myCert, derCert, sizeof(derCert), &key, &rng); - if (certSz < 0) + certSz = MakeCert(&myCert, derCert, FOURK_BUF, &key, NULL, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -407; - - certSz = SignCert(&myCert, derCert, sizeof(derCert), &caKey, &rng); - if (certSz < 0) + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -408; + } #ifdef CYASSL_TEST_CERT InitDecodedCert(&decode, derCert, certSz, 0); ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); - if (ret != 0) + if (ret != 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -409; + } FreeDecodedCert(&decode); #endif derFile = fopen("./othercert.der", "wb"); - if (!derFile) + if (!derFile) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -410; - ret = fwrite(derCert, certSz, 1, derFile); + } + ret = (int)fwrite(derCert, 1, certSz, derFile); fclose(derFile); - - pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE); - if (pemSz < 0) + if (ret != certSz) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -416; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -411; + } pemFile = fopen("./othercert.pem", "wb"); - if (!pemFile) + if (!pemFile) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -412; - ret = fwrite(pem, pemSz, 1, pemFile); + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + if (ret != pemSz) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); + return -415; + } + fclose(pemFile); + free(pem); + free(derCert); + FreeRsaKey(&caKey); + } +#ifdef HAVE_ECC + /* ECC CA style */ + { + ecc_key caKey; + Cert myCert; + byte* derCert; + byte* pem; + FILE* derFile; + FILE* pemFile; + int certSz; + int pemSz; + size_t bytes3; + word32 idx3 = 0; + FILE* file3; +#ifdef CYASSL_TEST_CERT + DecodedCert decode; +#endif + + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -5311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -5312; + } + + file3 = fopen(eccCaKeyFile, "rb"); + + if (!file3) { + free(derCert); + free(pem); + return -5412; + } + + bytes3 = fread(tmp, 1, FOURK_BUF, file3); + fclose(file3); + + ecc_init(&caKey); + ret = EccPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes3); + if (ret != 0) { + free(derCert); + free(pem); + return -5413; + } + + InitCert(&myCert); + myCert.sigType = CTC_SHA256wECDSA; + + strncpy(myCert.subject.country, "US", CTC_NAME_SIZE); + strncpy(myCert.subject.state, "OR", CTC_NAME_SIZE); + strncpy(myCert.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(myCert.subject.org, "wolfSSL", CTC_NAME_SIZE); + strncpy(myCert.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(myCert.subject.commonName, "www.wolfssl.com", CTC_NAME_SIZE); + strncpy(myCert.subject.email, "info@wolfssl.com", CTC_NAME_SIZE); + + ret = SetIssuer(&myCert, eccCaCertFile); + if (ret < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5405; + } + + certSz = MakeCert(&myCert, derCert, FOURK_BUF, NULL, &caKey, &rng); + if (certSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5407; + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + NULL, &caKey, &rng); + if (certSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5408; + } + +#ifdef CYASSL_TEST_CERT + InitDecodedCert(&decode, derCert, certSz, 0); + ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); + if (ret != 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5409; + } + FreeDecodedCert(&decode); +#endif + + derFile = fopen("./certecc.der", "wb"); + if (!derFile) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5410; + } + ret = (int)fwrite(derCert, 1, certSz, derFile); + fclose(derFile); + if (ret != certSz) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5414; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5411; + } + + pemFile = fopen("./certecc.pem", "wb"); + if (!pemFile) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5412; + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); + if (ret != pemSz) { + free(pem); + free(derCert); + ecc_free(&caKey); + return -5415; + } fclose(pemFile); + free(pem); + free(derCert); + ecc_free(&caKey); } +#endif /* HAVE_ECC */ #ifdef HAVE_NTRU { RsaKey caKey; Cert myCert; - byte derCert[4096]; - byte pem[4096]; + byte* derCert; + byte* pem; FILE* derFile; FILE* pemFile; FILE* caFile; FILE* ntruPrivFile; int certSz; int pemSz; - byte tmp[2048]; - size_t bytes; - word32 idx = 0; + word32 idx3; #ifdef CYASSL_TEST_CERT DecodedCert decode; #endif + derCert = (byte*)malloc(FOURK_BUF); + if (derCert == NULL) + return -311; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(derCert); + return -312; + } byte public_key[557]; /* sized for EES401EP2 */ word16 public_key_len; /* no. of octets in public key */ @@ -1660,34 +3370,63 @@ int rsa_test() static uint8_t const pers_str[] = { 'C', 'y', 'a', 'S', 'S', 'L', ' ', 't', 'e', 's', 't' }; - word32 rc = crypto_drbg_instantiate(112, pers_str, sizeof(pers_str), - GetEntropy, &drbg); - if (rc != DRBG_OK) + word32 rc = ntru_crypto_drbg_instantiate(112, pers_str, + sizeof(pers_str), GetEntropy, &drbg); + if (rc != DRBG_OK) { + free(derCert); + free(pem); + return -448; + } + + rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, + &public_key_len, NULL, + &private_key_len, NULL); + if (rc != NTRU_OK) { + free(derCert); + free(pem); + return -449; + } + + rc = ntru_crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, + &public_key_len, public_key, + &private_key_len, private_key); + if (rc != NTRU_OK) { + free(derCert); + free(pem); return -450; + } - rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len, - NULL, &private_key_len, NULL); - if (rc != NTRU_OK) + rc = ntru_crypto_drbg_uninstantiate(drbg); + + if (rc != NTRU_OK) { + free(derCert); + free(pem); return -451; + } - rc = crypto_ntru_encrypt_keygen(drbg, NTRU_EES401EP2, &public_key_len, - public_key, &private_key_len, private_key); - crypto_drbg_uninstantiate(drbg); + caFile = fopen(caKeyFile, "rb"); - if (rc != NTRU_OK) + if (!caFile) { + free(derCert); + free(pem); return -452; + } - caFile = fopen(caKeyFile, "rb"); + bytes = fread(tmp, 1, FOURK_BUF, caFile); + fclose(caFile); - if (!caFile) + ret = InitRsaKey(&caKey, 0); + if (ret != 0) { + free(derCert); + free(pem); return -453; - - bytes = fread(tmp, 1, sizeof(tmp), caFile); - fclose(caFile); - - InitRsaKey(&caKey, 0); - ret = RsaPrivateKeyDecode(tmp, &idx, &caKey, (word32)bytes); - if (ret != 0) return -454; + } + ret = RsaPrivateKeyDecode(tmp, &idx3, &caKey, (word32)bytes); + if (ret != 0) { + free(derCert); + free(pem); + return -454; + } InitCert(&myCert); @@ -1700,62 +3439,206 @@ int rsa_test() strncpy(myCert.subject.email, "info@yassl.com", CTC_NAME_SIZE); ret = SetIssuer(&myCert, caCertFile); - if (ret < 0) + if (ret < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -455; - - certSz = MakeNtruCert(&myCert, derCert, sizeof(derCert), public_key, - public_key_len, &rng); - if (certSz < 0) + } + + certSz = MakeNtruCert(&myCert, derCert, FOURK_BUF, public_key, + public_key_len, &rng); + if (certSz < 0) { + free(derCert); + free(pem); + FreeRsaKey(&caKey); return -456; - - certSz = SignCert(&myCert, derCert, sizeof(derCert), &caKey, &rng); - if (certSz < 0) + } + + certSz = SignCert(myCert.bodySz, myCert.sigType, derCert, FOURK_BUF, + &caKey, NULL, &rng); + FreeRsaKey(&caKey); + if (certSz < 0) { + free(derCert); + free(pem); return -457; + } #ifdef CYASSL_TEST_CERT InitDecodedCert(&decode, derCert, certSz, 0); ret = ParseCert(&decode, CERT_TYPE, NO_VERIFY, 0); - if (ret != 0) + if (ret != 0) { + free(derCert); + free(pem); return -458; + } FreeDecodedCert(&decode); #endif derFile = fopen("./ntru-cert.der", "wb"); - if (!derFile) + if (!derFile) { + free(derCert); + free(pem); return -459; - ret = fwrite(derCert, certSz, 1, derFile); + } + ret = (int)fwrite(derCert, 1, certSz, derFile); fclose(derFile); - - pemSz = DerToPem(derCert, certSz, pem, sizeof(pem), CERT_TYPE); - if (pemSz < 0) + if (ret != certSz) { + free(derCert); + free(pem); + return -473; + } + + pemSz = DerToPem(derCert, certSz, pem, FOURK_BUF, CERT_TYPE); + if (pemSz < 0) { + free(derCert); + free(pem); return -460; + } pemFile = fopen("./ntru-cert.pem", "wb"); - if (!pemFile) + if (!pemFile) { + free(derCert); + free(pem); return -461; - ret = fwrite(pem, pemSz, 1, pemFile); + } + ret = (int)fwrite(pem, 1, pemSz, pemFile); fclose(pemFile); + if (ret != pemSz) { + free(derCert); + free(pem); + return -474; + } ntruPrivFile = fopen("./ntru-key.raw", "wb"); - if (!ntruPrivFile) + if (!ntruPrivFile) { + free(derCert); + free(pem); return -462; - ret = fwrite(private_key, private_key_len, 1, ntruPrivFile); + } + ret = (int)fwrite(private_key, 1, private_key_len, ntruPrivFile); fclose(ntruPrivFile); + if (ret != private_key_len) { + free(pem); + free(derCert); + return -475; + } + free(pem); + free(derCert); } #endif /* HAVE_NTRU */ +#ifdef CYASSL_CERT_REQ + { + Cert req; + byte* der; + byte* pem; + int derSz; + int pemSz; + FILE* reqFile; + + der = (byte*)malloc(FOURK_BUF); + if (der == NULL) + return -463; + pem = (byte*)malloc(FOURK_BUF); + if (pem == NULL) { + free(der); + return -464; + } + + InitCert(&req); + + req.version = 0; + req.isCA = 1; + strncpy(req.challengePw, "yassl123", CTC_NAME_SIZE); + strncpy(req.subject.country, "US", CTC_NAME_SIZE); + strncpy(req.subject.state, "OR", CTC_NAME_SIZE); + strncpy(req.subject.locality, "Portland", CTC_NAME_SIZE); + strncpy(req.subject.org, "yaSSL", CTC_NAME_SIZE); + strncpy(req.subject.unit, "Development", CTC_NAME_SIZE); + strncpy(req.subject.commonName, "www.yassl.com", CTC_NAME_SIZE); + strncpy(req.subject.email, "info@yassl.com", CTC_NAME_SIZE); + req.sigType = CTC_SHA256wRSA; + + derSz = MakeCertReq(&req, der, FOURK_BUF, &key, NULL); + if (derSz < 0) { + free(pem); + free(der); + return -465; + } + + derSz = SignCert(req.bodySz, req.sigType, der, FOURK_BUF, + &key, NULL, &rng); + if (derSz < 0) { + free(pem); + free(der); + return -466; + } + + pemSz = DerToPem(der, derSz, pem, FOURK_BUF, CERTREQ_TYPE); + if (pemSz < 0) { + free(pem); + free(der); + return -467; + } + + reqFile = fopen("./certreq.der", "wb"); + if (!reqFile) { + free(pem); + free(der); + return -468; + } + + ret = (int)fwrite(der, 1, derSz, reqFile); + fclose(reqFile); + if (ret != derSz) { + free(pem); + free(der); + return -471; + } + + reqFile = fopen("./certreq.pem", "wb"); + if (!reqFile) { + free(pem); + free(der); + return -469; + } + ret = (int)fwrite(pem, 1, pemSz, reqFile); + fclose(reqFile); + if (ret != pemSz) { + free(pem); + free(der); + return -470; + } + + free(pem); + free(der); + } +#endif /* CYASSL_CERT_REQ */ #endif /* CYASSL_CERT_GEN */ FreeRsaKey(&key); +#ifdef HAVE_CAVIUM + RsaFreeCavium(&key); +#endif + free(tmp); return 0; } +#endif -static const char* dhKey = "./certs/dh2048.der"; #ifndef NO_DH -int dh_test() +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* dhKey = "a:\certs\\dh2048.der"; + #else + static const char* dhKey = "./certs/dh2048.der"; + #endif +#endif + +int dh_test(void) { int ret; word32 bytes; @@ -1770,15 +3653,26 @@ int dh_test() DhKey key; DhKey key2; RNG rng; + + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dh_key_der_1024, sizeof_dh_key_der_1024); + bytes = sizeof_dh_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dh_key_der_2048, sizeof_dh_key_der_2048); + bytes = sizeof_dh_key_der_2048; +#else FILE* file = fopen(dhKey, "rb"); if (!file) return -50; bytes = (word32) fread(tmp, 1, sizeof(tmp), file); + fclose(file); +#endif /* USE_CERT_BUFFERS */ - InitDhKey(&key); - InitDhKey(&key2); + InitDhKey(&key); + InitDhKey(&key2); ret = DhKeyDecode(tmp, &idx, &key, bytes); if (ret != 0) return -51; @@ -1791,14 +3685,14 @@ int dh_test() ret = InitRng(&rng); if (ret != 0) return -53; - - ret = DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz); - ret = DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2); + + ret = DhGenerateKeyPair(&key, &rng, priv, &privSz, pub, &pubSz); + ret += DhGenerateKeyPair(&key2, &rng, priv2, &privSz2, pub2, &pubSz2); if (ret != 0) return -54; - ret = DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2); - ret = DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz); + ret = DhAgree(&key, agree, &agreeSz, priv, privSz, pub2, pubSz2); + ret += DhAgree(&key2, agree2, &agreeSz2, priv2, privSz2, pub, pubSz); if (ret != 0) return -55; @@ -1807,7 +3701,6 @@ int dh_test() FreeDhKey(&key); FreeDhKey(&key2); - fclose(file); return 0; } @@ -1815,11 +3708,17 @@ int dh_test() #endif /* NO_DH */ -static const char* dsaKey = "./certs/dsa2048.der"; - #ifndef NO_DSA -int dsa_test() +#if !defined(USE_CERT_BUFFERS_1024) && !defined(USE_CERT_BUFFERS_2048) + #ifdef FREESCALE_MQX + static const char* dsaKey = "a:\\certs\\dsa2048.der"; + #else + static const char* dsaKey = "./certs/dsa2048.der"; + #endif +#endif + +int dsa_test(void) { int ret, answer; word32 bytes; @@ -1827,17 +3726,30 @@ int dsa_test() byte tmp[1024]; DsaKey key; RNG rng; - FILE* file = fopen(dsaKey, "rb"); Sha sha; byte hash[SHA_DIGEST_SIZE]; byte signature[40]; + +#ifdef USE_CERT_BUFFERS_1024 + XMEMCPY(tmp, dsa_key_der_1024, sizeof_dsa_key_der_1024); + bytes = sizeof_dsa_key_der_1024; +#elif defined(USE_CERT_BUFFERS_2048) + XMEMCPY(tmp, dsa_key_der_2048, sizeof_dsa_key_der_2048); + bytes = sizeof_dsa_key_der_2048; +#else + FILE* file = fopen(dsaKey, "rb"); + if (!file) return -60; bytes = (word32) fread(tmp, 1, sizeof(tmp), file); - - InitSha(&sha); + fclose(file); +#endif /* USE_CERT_BUFFERS */ + + ret = InitSha(&sha); + if (ret != 0) + return -4002; ShaUpdate(&sha, tmp, bytes); ShaFinal(&sha, hash); @@ -1854,10 +3766,9 @@ int dsa_test() ret = DsaVerify(hash, signature, &key, &answer); if (ret != 0) return -64; if (answer != 1) return -65; - + FreeDsaKey(&key); - fclose(file); - + return 0; } @@ -1866,7 +3777,7 @@ int dsa_test() #ifdef OPENSSL_EXTRA -int openssl_test() +int openssl_test(void) { EVP_MD_CTX md_ctx; testVector a, b, c, d, e, f; @@ -1880,12 +3791,12 @@ int openssl_test() a.output = "\x57\xed\xf4\xa2\x2b\xe3\xc9\x55\xac\x49\xda\x2e\x21\x07\xb6" "\x7a"; a.inLen = strlen(a.input); - a.outLen = strlen(a.output); + a.outLen = MD5_DIGEST_SIZE; EVP_MD_CTX_init(&md_ctx); EVP_DigestInit(&md_ctx, EVP_md5()); - EVP_DigestUpdate(&md_ctx, a.input, a.inLen); + EVP_DigestUpdate(&md_ctx, a.input, (unsigned long)a.inLen); EVP_DigestFinal(&md_ctx, hash, 0); if (memcmp(hash, a.output, MD5_DIGEST_SIZE) != 0) @@ -1897,12 +3808,12 @@ int openssl_test() b.output = "\xAD\x5B\x3F\xDB\xCB\x52\x67\x78\xC2\x83\x9D\x2F\x15\x1E\xA7" "\x53\x99\x5E\x26\xA0"; b.inLen = strlen(b.input); - b.outLen = strlen(b.output); + b.outLen = SHA_DIGEST_SIZE; EVP_MD_CTX_init(&md_ctx); EVP_DigestInit(&md_ctx, EVP_sha1()); - EVP_DigestUpdate(&md_ctx, b.input, b.inLen); + EVP_DigestUpdate(&md_ctx, b.input, (unsigned long)b.inLen); EVP_DigestFinal(&md_ctx, hash, 0); if (memcmp(hash, b.output, SHA_DIGEST_SIZE) != 0) @@ -1914,12 +3825,12 @@ int openssl_test() "\x39\xA3\x3C\xE4\x59\x64\xFF\x21\x67\xF6\xEC\xED\xD4\x19\xDB" "\x06\xC1"; d.inLen = strlen(d.input); - d.outLen = strlen(d.output); + d.outLen = SHA256_DIGEST_SIZE; EVP_MD_CTX_init(&md_ctx); EVP_DigestInit(&md_ctx, EVP_sha256()); - EVP_DigestUpdate(&md_ctx, d.input, d.inLen); + EVP_DigestUpdate(&md_ctx, d.input, (unsigned long)d.inLen); EVP_DigestFinal(&md_ctx, hash, 0); if (memcmp(hash, d.output, SHA256_DIGEST_SIZE) != 0) @@ -1932,9 +3843,9 @@ int openssl_test() e.output = "\x09\x33\x0c\x33\xf7\x11\x47\xe8\x3d\x19\x2f\xc7\x82\xcd\x1b" "\x47\x53\x11\x1b\x17\x3b\x3b\x05\xd2\x2f\xa0\x80\x86\xe3\xb0" "\xf7\x12\xfc\xc7\xc7\x1a\x55\x7e\x2d\xb9\x66\xc3\xe9\xfa\x91" - "\x74\x60\x39"; + "\x74\x60\x39"; e.inLen = strlen(e.input); - e.outLen = strlen(e.output); + e.outLen = SHA384_DIGEST_SIZE; EVP_MD_CTX_init(&md_ctx); EVP_DigestInit(&md_ctx, EVP_sha384()); @@ -1956,14 +3867,14 @@ int openssl_test() "\x3f\x8f\x77\x79\xc6\xeb\x9f\x7f\xa1\x72\x99\xae\xad\xb6\x88" "\x90\x18\x50\x1d\x28\x9e\x49\x00\xf7\xe4\x33\x1b\x99\xde\xc4" "\xb5\x43\x3a\xc7\xd3\x29\xee\xb6\xdd\x26\x54\x5e\x96\xe5\x5b" - "\x87\x4b\xe9\x09"; + "\x87\x4b\xe9\x09"; f.inLen = strlen(f.input); - f.outLen = strlen(f.output); + f.outLen = SHA512_DIGEST_SIZE; EVP_MD_CTX_init(&md_ctx); EVP_DigestInit(&md_ctx, EVP_sha512()); - EVP_DigestUpdate(&md_ctx, f.input, f.inLen); + EVP_DigestUpdate(&md_ctx, f.input, (unsigned long)f.inLen); EVP_DigestFinal(&md_ctx, hash, 0); if (memcmp(hash, f.output, SHA512_DIGEST_SIZE) != 0) @@ -1974,12 +3885,12 @@ int openssl_test() if (RAND_bytes(hash, sizeof(hash)) != 1) return -73; - + c.input = "what do ya want for nothing?"; c.output = "\x75\x0c\x78\x3e\x6a\xb0\xb5\x03\xea\xa8\x6e\x31\x0a\x5d\xb7" "\x38"; c.inLen = strlen(c.input); - c.outLen = strlen(c.output); + c.outLen = MD5_DIGEST_SIZE; HMAC(EVP_md5(), "Jefe", 4, (byte*)c.input, (int)c.inLen, hash, 0); @@ -1996,19 +3907,19 @@ int openssl_test() byte plain[24]; byte cipher[24]; - const_DES_cblock key = + const_DES_cblock key = { 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef }; - DES_cblock iv = + DES_cblock iv = { 0x12,0x34,0x56,0x78,0x90,0xab,0xcd,0xef }; DES_key_schedule sched; - const byte verify[] = + const byte verify[] = { 0x8b,0x7c,0x52,0xb0,0x01,0x2b,0x6c,0xb8, 0x4f,0x0f,0xeb,0xf3,0xfb,0x5f,0x86,0x73, @@ -2045,7 +3956,7 @@ int openssl_test() 0x66,0x6f,0x72,0x20,0x61,0x6c,0x6c,0x20 }; - const byte verify[] = + const byte verify[] = { 0x95,0x94,0x92,0x57,0x5f,0x42,0x81,0x53, 0x2c,0xcc,0x9d,0x46,0x77,0xa2,0x33,0xcb @@ -2088,14 +3999,14 @@ int openssl_test() #ifndef NO_PWDBASED -int pkcs12_test() +int pkcs12_test(void) { const byte passwd[] = { 0x00, 0x73, 0x00, 0x6d, 0x00, 0x65, 0x00, 0x67, - 0x00, 0x00 }; + 0x00, 0x00 }; const byte salt[] = { 0x0a, 0x58, 0xCF, 0x64, 0x53, 0x0d, 0x82, 0x3f }; const byte passwd2[] = { 0x00, 0x71, 0x00, 0x75, 0x00, 0x65, 0x00, 0x65, - 0x00, 0x67, 0x00, 0x00 }; + 0x00, 0x67, 0x00, 0x00 }; const byte salt2[] = { 0x16, 0x82, 0xC0, 0xfC, 0x5b, 0x3f, 0x7e, 0xc5 }; byte derived[64]; @@ -2117,20 +4028,26 @@ int pkcs12_test() int ret = PKCS12_PBKDF(derived, passwd, sizeof(passwd), salt, 8, iterations, kLen, SHA, id); - if ( (ret = memcmp(derived, verify, kLen)) != 0) + if (ret < 0) return -103; + if ( (ret = memcmp(derived, verify, kLen)) != 0) + return -104; + iterations = 1000; - ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations, + ret = PKCS12_PBKDF(derived, passwd2, sizeof(passwd2), salt2, 8, iterations, kLen, SHA, id); + if (ret < 0) + return -105; + if ( (ret = memcmp(derived, verify2, 24)) != 0) - return -104; + return -106; return 0; } -int pbkdf2_test() +int pbkdf2_test(void) { char passwd[] = "password"; const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 }; @@ -2144,8 +4061,10 @@ int pbkdf2_test() }; - PBKDF2(derived, (byte*)passwd, strlen(passwd), salt, 8, iterations, kLen, - SHA); + int ret = PBKDF2(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, + iterations, kLen, SHA); + if (ret != 0) + return ret; if (memcmp(derived, verify, sizeof(verify)) != 0) return -102; @@ -2154,7 +4073,7 @@ int pbkdf2_test() } -int pbkdf1_test() +int pbkdf1_test(void) { char passwd[] = "password"; const byte salt[] = { 0x78, 0x57, 0x8E, 0x5a, 0x5d, 0x63, 0xcb, 0x06 }; @@ -2167,8 +4086,8 @@ int pbkdf1_test() 0x4A, 0x3D, 0x2A, 0x20 }; - PBKDF1(derived, (byte*)passwd, strlen(passwd), salt, 8, iterations, kLen, - SHA); + PBKDF1(derived, (byte*)passwd, (int)strlen(passwd), salt, 8, iterations, + kLen, SHA); if (memcmp(derived, verify, sizeof(verify)) != 0) return -101; @@ -2177,7 +4096,7 @@ int pbkdf1_test() } -int pwdbased_test() +int pwdbased_test(void) { int ret = pbkdf1_test(); ret += pbkdf2_test(); @@ -2187,10 +4106,99 @@ int pwdbased_test() #endif /* NO_PWDBASED */ +#if defined(HAVE_HKDF) && (!defined(NO_SHA) || !defined(NO_SHA256)) + +int hkdf_test(void) +{ + int ret; + int L = 42; + byte okm1[42]; + byte ikm1[22] = { 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, + 0x0b, 0x0b, 0x0b, 0x0b, 0x0b, 0x0b }; + byte salt1[13] ={ 0x00, 0x01, 0x02, 0x03, 0x04, 0x05, 0x06, 0x07, + 0x08, 0x09, 0x0a, 0x0b, 0x0c }; + byte info1[10] ={ 0xf0, 0xf1, 0xf2, 0xf3, 0xf4, 0xf5, 0xf6, 0xf7, + 0xf8, 0xf9 }; + byte res1[42] = { 0x0a, 0xc1, 0xaf, 0x70, 0x02, 0xb3, 0xd7, 0x61, + 0xd1, 0xe5, 0x52, 0x98, 0xda, 0x9d, 0x05, 0x06, + 0xb9, 0xae, 0x52, 0x05, 0x72, 0x20, 0xa3, 0x06, + 0xe0, 0x7b, 0x6b, 0x87, 0xe8, 0xdf, 0x21, 0xd0, + 0xea, 0x00, 0x03, 0x3d, 0xe0, 0x39, 0x84, 0xd3, + 0x49, 0x18 }; + byte res2[42] = { 0x08, 0x5a, 0x01, 0xea, 0x1b, 0x10, 0xf3, 0x69, + 0x33, 0x06, 0x8b, 0x56, 0xef, 0xa5, 0xad, 0x81, + 0xa4, 0xf1, 0x4b, 0x82, 0x2f, 0x5b, 0x09, 0x15, + 0x68, 0xa9, 0xcd, 0xd4, 0xf1, 0x55, 0xfd, 0xa2, + 0xc2, 0x2e, 0x42, 0x24, 0x78, 0xd3, 0x05, 0xf3, + 0xf8, 0x96 }; + byte res3[42] = { 0x8d, 0xa4, 0xe7, 0x75, 0xa5, 0x63, 0xc1, 0x8f, + 0x71, 0x5f, 0x80, 0x2a, 0x06, 0x3c, 0x5a, 0x31, + 0xb8, 0xa1, 0x1f, 0x5c, 0x5e, 0xe1, 0x87, 0x9e, + 0xc3, 0x45, 0x4e, 0x5f, 0x3c, 0x73, 0x8d, 0x2d, + 0x9d, 0x20, 0x13, 0x95, 0xfa, 0xa4, 0xb6, 0x1a, + 0x96, 0xc8 }; + byte res4[42] = { 0x3c, 0xb2, 0x5f, 0x25, 0xfa, 0xac, 0xd5, 0x7a, + 0x90, 0x43, 0x4f, 0x64, 0xd0, 0x36, 0x2f, 0x2a, + 0x2d, 0x2d, 0x0a, 0x90, 0xcf, 0x1a, 0x5a, 0x4c, + 0x5d, 0xb0, 0x2d, 0x56, 0xec, 0xc4, 0xc5, 0xbf, + 0x34, 0x00, 0x72, 0x08, 0xd5, 0xb8, 0x87, 0x18, + 0x58, 0x65 }; + + (void)res1; + (void)res2; + (void)res3; + (void)res4; + (void)salt1; + (void)info1; + +#ifndef NO_SHA + ret = HKDF(SHA, ikm1, 22, NULL, 0, NULL, 0, okm1, L); + if (ret != 0) + return -2001; + + if (memcmp(okm1, res1, L) != 0) + return -2002; + +#ifndef HAVE_FIPS + /* fips can't have key size under 14 bytes, salt is key too */ + ret = HKDF(SHA, ikm1, 11, salt1, 13, info1, 10, okm1, L); + if (ret != 0) + return -2003; + + if (memcmp(okm1, res2, L) != 0) + return -2004; +#endif /* HAVE_FIPS */ +#endif /* NO_SHA */ + +#ifndef NO_SHA256 + ret = HKDF(SHA256, ikm1, 22, NULL, 0, NULL, 0, okm1, L); + if (ret != 0) + return -2005; + + if (memcmp(okm1, res3, L) != 0) + return -2006; + +#ifndef HAVE_FIPS + /* fips can't have key size under 14 bytes, salt is key too */ + ret = HKDF(SHA256, ikm1, 22, salt1, 13, info1, 10, okm1, L); + if (ret != 0) + return -2007; + + if (memcmp(okm1, res4, L) != 0) + return -2007; +#endif /* HAVE_FIPS */ +#endif /* NO_SHA256 */ + + return 0; +} + +#endif /* HAVE_HKDF */ + #ifdef HAVE_ECC -int ecc_test() +int ecc_test(void) { RNG rng; byte sharedA[1024]; @@ -2211,6 +4219,10 @@ int ecc_test() ecc_init(&pubKey); ret = ecc_make_key(&rng, 32, &userA); + + if (ret != 0) + return -1014; + ret = ecc_make_key(&rng, 32, &userB); if (ret != 0) @@ -2218,10 +4230,13 @@ int ecc_test() x = sizeof(sharedA); ret = ecc_shared_secret(&userA, &userB, sharedA, &x); - + + if (ret != 0) + return -1015; + y = sizeof(sharedB); ret = ecc_shared_secret(&userB, &userA, sharedB, &y); - + if (ret != 0) return -1003; @@ -2238,12 +4253,12 @@ int ecc_test() ret = ecc_import_x963(exportBuf, x, &pubKey); - if (ret != 0) + if (ret != 0) return -1007; y = sizeof(sharedB); ret = ecc_shared_secret(&userB, &pubKey, sharedB, &y); - + if (ret != 0) return -1008; @@ -2251,12 +4266,15 @@ int ecc_test() return -1010; /* test DSA sign hash */ - for (i = 0; i < sizeof(digest); i++) - digest[i] = i; + for (i = 0; i < (int)sizeof(digest); i++) + digest[i] = (byte)i; x = sizeof(sig); ret = ecc_sign_hash(digest, sizeof(digest), sig, &x, &rng, &userA); - + + if (ret != 0) + return -1016; + verify = 0; ret = ecc_verify_hash(sig, x, digest, sizeof(digest), &verify, &userA); @@ -2266,6 +4284,11 @@ int ecc_test() if (verify != 1) return -1012; + x = sizeof(exportBuf); + ret = ecc_export_private_only(&userA, exportBuf, &x); + if (ret != 0) + return -1013; + ecc_free(&pubKey); ecc_free(&userB); ecc_free(&userA); @@ -2273,4 +4296,568 @@ int ecc_test() return 0; } +#ifdef HAVE_ECC_ENCRYPT + +int ecc_encrypt_test(void) +{ + RNG rng; + int ret; + ecc_key userA, userB; + byte msg[48]; + byte plain[48]; + byte out[80]; + word32 outSz = sizeof(out); + word32 plainSz = sizeof(plain); + int i; + + ret = InitRng(&rng); + if (ret != 0) + return -3001; + + ecc_init(&userA); + ecc_init(&userB); + + ret = ecc_make_key(&rng, 32, &userA); + ret += ecc_make_key(&rng, 32, &userB); + + if (ret != 0) + return -3002; + + for (i = 0; i < 48; i++) + msg[i] = i; + + /* encrypt msg to B */ + ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz, NULL); + if (ret != 0) + return -3003; + + /* decrypt msg from A */ + ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, NULL); + if (ret != 0) + return -3004; + + if (memcmp(plain, msg, sizeof(msg)) != 0) + return -3005; + + + { /* let's verify message exchange works, A is client, B is server */ + ecEncCtx* cliCtx = ecc_ctx_new(REQ_RESP_CLIENT, &rng); + ecEncCtx* srvCtx = ecc_ctx_new(REQ_RESP_SERVER, &rng); + + byte cliSalt[EXCHANGE_SALT_SZ]; + byte srvSalt[EXCHANGE_SALT_SZ]; + const byte* tmpSalt; + + if (cliCtx == NULL || srvCtx == NULL) + return -3006; + + /* get salt to send to peer */ + tmpSalt = ecc_ctx_get_own_salt(cliCtx); + if (tmpSalt == NULL) + return -3007; + memcpy(cliSalt, tmpSalt, EXCHANGE_SALT_SZ); + + tmpSalt = ecc_ctx_get_own_salt(srvCtx); + if (tmpSalt == NULL) + return -3007; + memcpy(srvSalt, tmpSalt, EXCHANGE_SALT_SZ); + + /* in actual use, we'd get the peer's salt over the transport */ + ret = ecc_ctx_set_peer_salt(cliCtx, srvSalt); + ret += ecc_ctx_set_peer_salt(srvCtx, cliSalt); + + ret += ecc_ctx_set_info(cliCtx, (byte*)"CyaSSL MSGE", 11); + ret += ecc_ctx_set_info(srvCtx, (byte*)"CyaSSL MSGE", 11); + + if (ret != 0) + return -3008; + + /* get encrypted msg (request) to send to B */ + outSz = sizeof(out); + ret = ecc_encrypt(&userA, &userB, msg, sizeof(msg), out, &outSz,cliCtx); + if (ret != 0) + return -3009; + + /* B decrypts msg (request) from A */ + plainSz = sizeof(plain); + ret = ecc_decrypt(&userB, &userA, out, outSz, plain, &plainSz, srvCtx); + if (ret != 0) + return -3010; + + if (memcmp(plain, msg, sizeof(msg)) != 0) + return -3011; + + { + /* msg2 (response) from B to A */ + byte msg2[48]; + byte plain2[48]; + byte out2[80]; + word32 outSz2 = sizeof(out2); + word32 plainSz2 = sizeof(plain2); + + for (i = 0; i < 48; i++) + msg2[i] = i+48; + + /* get encrypted msg (response) to send to B */ + ret = ecc_encrypt(&userB, &userA, msg2, sizeof(msg2), out2, + &outSz2, srvCtx); + if (ret != 0) + return -3012; + + /* A decrypts msg (response) from B */ + ret = ecc_decrypt(&userA, &userB, out2, outSz2, plain2, &plainSz2, + cliCtx); + if (ret != 0) + return -3013; + + if (memcmp(plain2, msg2, sizeof(msg2)) != 0) + return -3014; + } + + /* cleanup */ + ecc_ctx_free(srvCtx); + ecc_ctx_free(cliCtx); + } + + /* cleanup */ + ecc_free(&userB); + ecc_free(&userA); + + return 0; +} + +#endif /* HAVE_ECC_ENCRYPT */ #endif /* HAVE_ECC */ + +#ifdef HAVE_LIBZ + +const byte sample_text[] = + "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n" + "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n" + "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n" + "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n" + "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n" + "small batch meggings kogi dolore food truck bespoke gastropub.\n" + "\n" + "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n" + "four loko you probably haven't heard of them high life. Messenger bag\n" + "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n" + "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n" + "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n" + "food truck next level, tousled irony non semiotics PBR ethical anim cred\n" + "readymade. Mumblecore brunch lomo odd future, portland organic terry\n" + "richardson elit leggings adipisicing ennui raw denim banjo hella. Godard\n" + "mixtape polaroid, pork belly readymade organic cray typewriter helvetica\n" + "four loko whatever street art yr farm-to-table.\n" + "\n" + "Vinyl keytar vice tofu. Locavore you probably haven't heard of them pug\n" + "pickled, hella tonx labore truffaut DIY mlkshk elit cosby sweater sint\n" + "et mumblecore. Elit swag semiotics, reprehenderit DIY sartorial nisi ugh\n" + "nesciunt pug pork belly wayfarers selfies delectus. Ethical hoodie\n" + "seitan fingerstache kale chips. Terry richardson artisan williamsburg,\n" + "eiusmod fanny pack irony tonx ennui lo-fi incididunt tofu YOLO\n" + "readymade. 8-bit sed ethnic beard officia. Pour-over iphone DIY butcher,\n" + "ethnic art party qui letterpress nisi proident jean shorts mlkshk\n" + "locavore.\n" + "\n" + "Narwhal flexitarian letterpress, do gluten-free voluptate next level\n" + "banh mi tonx incididunt carles DIY. Odd future nulla 8-bit beard ut\n" + "cillum pickled velit, YOLO officia you probably haven't heard of them\n" + "trust fund gastropub. Nisi adipisicing tattooed, Austin mlkshk 90's\n" + "small batch american apparel. Put a bird on it cosby sweater before they\n" + "sold out pork belly kogi hella. Street art mollit sustainable polaroid,\n" + "DIY ethnic ea pug beard dreamcatcher cosby sweater magna scenester nisi.\n" + "Sed pork belly skateboard mollit, labore proident eiusmod. Sriracha\n" + "excepteur cosby sweater, anim deserunt laborum eu aliquip ethical et\n" + "neutra PBR selvage.\n" + "\n" + "Raw denim pork belly truffaut, irony plaid sustainable put a bird on it\n" + "next level jean shorts exercitation. Hashtag keytar whatever, nihil\n" + "authentic aliquip disrupt laborum. Tattooed selfies deserunt trust fund\n" + "wayfarers. 3 wolf moon synth church-key sartorial, gastropub leggings\n" + "tattooed. Labore high life commodo, meggings raw denim fingerstache pug\n" + "trust fund leggings seitan forage. Nostrud ullamco duis, reprehenderit\n" + "incididunt flannel sustainable helvetica pork belly pug banksy you\n" + "probably haven't heard of them nesciunt farm-to-table. Disrupt nostrud\n" + "mollit magna, sriracha sartorial helvetica.\n" + "\n" + "Nulla kogi reprehenderit, skateboard sustainable duis adipisicing viral\n" + "ad fanny pack salvia. Fanny pack trust fund you probably haven't heard\n" + "of them YOLO vice nihil. Keffiyeh cray lo-fi pinterest cardigan aliqua,\n" + "reprehenderit aute. Culpa tousled williamsburg, marfa lomo actually anim\n" + "skateboard. Iphone aliqua ugh, semiotics pariatur vero readymade\n" + "organic. Marfa squid nulla, in laborum disrupt laboris irure gastropub.\n" + "Veniam sunt food truck leggings, sint vinyl fap.\n" + "\n" + "Hella dolore pork belly, truffaut carles you probably haven't heard of\n" + "them PBR helvetica in sapiente. Fashion axe ugh bushwick american\n" + "apparel. Fingerstache sed iphone, jean shorts blue bottle nisi bushwick\n" + "flexitarian officia veniam plaid bespoke fap YOLO lo-fi. Blog\n" + "letterpress mumblecore, food truck id cray brooklyn cillum ad sed.\n" + "Assumenda chambray wayfarers vinyl mixtape sustainable. VHS vinyl\n" + "delectus, culpa williamsburg polaroid cliche swag church-key synth kogi\n" + "magna pop-up literally. Swag thundercats ennui shoreditch vegan\n" + "pitchfork neutra truffaut etsy, sed single-origin coffee craft beer.\n" + "\n" + "Odio letterpress brooklyn elit. Nulla single-origin coffee in occaecat\n" + "meggings. Irony meggings 8-bit, chillwave lo-fi adipisicing cred\n" + "dreamcatcher veniam. Put a bird on it irony umami, trust fund bushwick\n" + "locavore kale chips. Sriracha swag thundercats, chillwave disrupt\n" + "tousled beard mollit mustache leggings portland next level. Nihil esse\n" + "est, skateboard art party etsy thundercats sed dreamcatcher ut iphone\n" + "swag consectetur et. Irure skateboard banjo, nulla deserunt messenger\n" + "bag dolor terry richardson sapiente.\n"; + + +int compress_test(void) +{ + int ret = 0; + word32 dSz = sizeof(sample_text); + word32 cSz = (dSz + (word32)(dSz * 0.001) + 12); + byte *c = NULL; + byte *d = NULL; + + c = calloc(cSz, sizeof(byte)); + d = calloc(dSz, sizeof(byte)); + + if (c == NULL || d == NULL) + ret = -300; + + if (ret == 0 && (ret = Compress(c, cSz, sample_text, dSz, 0)) < 0) + ret = -301; + + if (ret > 0) { + cSz = (word32)ret; + ret = 0; + } + + if (ret == 0 && DeCompress(d, dSz, c, cSz) != (int)dSz) + ret = -302; + + if (ret == 0 && memcmp(d, sample_text, dSz)) + ret = -303; + + if (c) free(c); + if (d) free(d); + + return ret; +} + +#endif /* HAVE_LIBZ */ + +#ifdef HAVE_PKCS7 + +int pkcs7enveloped_test(void) +{ + int ret = 0; + + int cipher = DES3b; + int envelopedSz, decodedSz; + PKCS7 pkcs7; + byte* cert; + byte* privKey; + byte enveloped[2048]; + byte decoded[2048]; + + size_t certSz; + size_t privKeySz; + FILE* certFile; + FILE* keyFile; + FILE* pkcs7File; + const char* pkcs7OutFile = "pkcs7envelopedData.der"; + + const byte data[] = { /* Hello World */ + 0x48,0x65,0x6c,0x6c,0x6f,0x20,0x57,0x6f, + 0x72,0x6c,0x64 + }; + + /* read client cert and key in DER format */ + cert = (byte*)malloc(FOURK_BUF); + if (cert == NULL) + return -201; + + privKey = (byte*)malloc(FOURK_BUF); + if (privKey == NULL) { + free(cert); + return -202; + } + + certFile = fopen(clientCert, "rb"); + if (!certFile) { + free(cert); + free(privKey); + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -42); + } + + certSz = fread(cert, 1, FOURK_BUF, certFile); + fclose(certFile); + + keyFile = fopen(clientKey, "rb"); + if (!keyFile) { + free(cert); + free(privKey); + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -43); + } + + privKeySz = fread(privKey, 1, FOURK_BUF, keyFile); + fclose(keyFile); + + PKCS7_InitWithCert(&pkcs7, cert, (word32)certSz); + pkcs7.content = (byte*)data; + pkcs7.contentSz = (word32)sizeof(data); + pkcs7.contentOID = DATA; + pkcs7.encryptOID = cipher; + pkcs7.privateKey = privKey; + pkcs7.privateKeySz = (word32)privKeySz; + + /* encode envelopedData */ + envelopedSz = PKCS7_EncodeEnvelopedData(&pkcs7, enveloped, + sizeof(enveloped)); + if (envelopedSz <= 0) { + free(cert); + free(privKey); + return -203; + } + + /* decode envelopedData */ + decodedSz = PKCS7_DecodeEnvelopedData(&pkcs7, enveloped, envelopedSz, + decoded, sizeof(decoded)); + if (decodedSz <= 0) { + free(cert); + free(privKey); + return -204; + } + + /* test decode result */ + if (memcmp(decoded, data, sizeof(data)) != 0) { + free(cert); + free(privKey); + return -205; + } + + /* output pkcs7 envelopedData for external testing */ + pkcs7File = fopen(pkcs7OutFile, "wb"); + if (!pkcs7File) { + free(cert); + free(privKey); + return -206; + } + + ret = (int)fwrite(enveloped, envelopedSz, 1, pkcs7File); + fclose(pkcs7File); + + free(cert); + free(privKey); + PKCS7_Free(&pkcs7); + + if (ret > 0) + return 0; + + return ret; +} + +int pkcs7signed_test(void) +{ + int ret = 0; + + FILE* file; + byte* certDer; + byte* keyDer; + byte* out; + char data[] = "Hello World"; + word32 dataSz, outSz, certDerSz, keyDerSz; + PKCS7 msg; + RNG rng; + + byte transIdOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x07 }; + byte messageTypeOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x02 }; + byte senderNonceOid[] = + { 0x06, 0x0a, 0x60, 0x86, 0x48, 0x01, 0x86, 0xF8, 0x45, 0x01, + 0x09, 0x05 }; + byte transId[(SHA_DIGEST_SIZE + 1) * 2 + 1]; + byte messageType[] = { 0x13, 2, '1', '9' }; + byte senderNonce[PKCS7_NONCE_SZ + 2]; + + PKCS7Attrib attribs[] = + { + { transIdOid, sizeof(transIdOid), + transId, sizeof(transId) - 1 }, /* take off the null */ + { messageTypeOid, sizeof(messageTypeOid), + messageType, sizeof(messageType) }, + { senderNonceOid, sizeof(senderNonceOid), + senderNonce, sizeof(senderNonce) } + }; + + dataSz = (word32) strlen(data); + outSz = FOURK_BUF; + + certDer = (byte*)malloc(FOURK_BUF); + if (certDer == NULL) + return -207; + keyDer = (byte*)malloc(FOURK_BUF); + if (keyDer == NULL) { + free(certDer); + return -208; + } + out = (byte*)malloc(FOURK_BUF); + if (out == NULL) { + free(certDer); + free(keyDer); + return -209; + } + + /* read in DER cert of recipient, into cert of size certSz */ + file = fopen(clientCert, "rb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + err_sys("can't open ./certs/client-cert.der, " + "Please run from CyaSSL home dir", -44); + } + certDerSz = (word32)fread(certDer, 1, FOURK_BUF, file); + fclose(file); + + file = fopen(clientKey, "rb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + err_sys("can't open ./certs/client-key.der, " + "Please run from CyaSSL home dir", -45); + } + keyDerSz = (word32)fread(keyDer, 1, FOURK_BUF, file); + fclose(file); + + ret = InitRng(&rng); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -210; + } + + senderNonce[0] = 0x04; + senderNonce[1] = PKCS7_NONCE_SZ; + + ret = RNG_GenerateBlock(&rng, &senderNonce[2], PKCS7_NONCE_SZ); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -211; + } + + PKCS7_InitWithCert(&msg, certDer, certDerSz); + msg.privateKey = keyDer; + msg.privateKeySz = keyDerSz; + msg.content = (byte*)data; + msg.contentSz = dataSz; + msg.hashOID = SHAh; + msg.encryptOID = RSAk; + msg.signedAttribs = attribs; + msg.signedAttribsSz = sizeof(attribs)/sizeof(PKCS7Attrib); + msg.rng = &rng; + { + Sha sha; + byte digest[SHA_DIGEST_SIZE]; + int i,j; + + transId[0] = 0x13; + transId[1] = SHA_DIGEST_SIZE * 2; + + ret = InitSha(&sha); + if (ret != 0) { + free(certDer); + free(keyDer); + free(out); + return -4003; + } + ShaUpdate(&sha, msg.publicKey, msg.publicKeySz); + ShaFinal(&sha, digest); + + for (i = 0, j = 2; i < SHA_DIGEST_SIZE; i++, j += 2) { + snprintf((char*)&transId[j], 3, "%02x", digest[i]); + } + } + ret = PKCS7_EncodeSignedData(&msg, out, outSz); + if (ret < 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -212; + } + else + outSz = ret; + + /* write PKCS#7 to output file for more testing */ + file = fopen("./pkcs7signedData.der", "wb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -213; + } + ret = (int)fwrite(out, 1, outSz, file); + fclose(file); + if (ret != (int)outSz) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -218; + } + + PKCS7_Free(&msg); + PKCS7_InitWithCert(&msg, NULL, 0); + + ret = PKCS7_VerifySignedData(&msg, out, outSz); + if (ret < 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -214; + } + + if (msg.singleCert == NULL || msg.singleCertSz == 0) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -215; + } + + file = fopen("./pkcs7cert.der", "wb"); + if (!file) { + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + return -216; + } + ret = (int)fwrite(msg.singleCert, 1, msg.singleCertSz, file); + fclose(file); + + free(certDer); + free(keyDer); + free(out); + PKCS7_Free(&msg); + + if (ret > 0) + return 0; + + return ret; +} + +#endif /* HAVE_PKCS7 */ + +#endif /* NO_CRYPT_TEST */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.h b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.h new file mode 100644 index 000000000..2310ed516 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/ctaocrypt/test/test.h @@ -0,0 +1,33 @@ +/* ctaocrypt/test/test.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#pragma once + +#ifdef __cplusplus + extern "C" { +#endif + +void ctaocrypt_test(void* args); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl-ios.xcodeproj/project.pbxproj b/FreeRTOS-Plus/Source/CyaSSL/cyassl-ios.xcodeproj/project.pbxproj new file mode 100644 index 000000000..6c342cc81 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl-ios.xcodeproj/project.pbxproj @@ -0,0 +1,383 @@ +// !$*UTF8*$! +{ + archiveVersion = 1; + classes = { + }; + objectVersion = 46; + objects = { + +/* Begin PBXBuildFile section */ + 52397C5D17E0E63200517C9A /* port.c in Sources */ = {isa = PBXBuildFile; fileRef = 52397C5C17E0E63200517C9A /* port.c */; }; + 52B1348216F3CCC400C07B32 /* tls.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347B16F3CCC400C07B32 /* tls.c */; }; + 52B1348316F3CCC400C07B32 /* ssl.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347C16F3CCC400C07B32 /* ssl.c */; }; + 52B1348416F3CCC400C07B32 /* ocsp.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347D16F3CCC400C07B32 /* ocsp.c */; }; + 52B1348516F3CCC400C07B32 /* keys.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347E16F3CCC400C07B32 /* keys.c */; }; + 52B1348616F3CCC400C07B32 /* io.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1347F16F3CCC400C07B32 /* io.c */; }; + 52B1348716F3CCC400C07B32 /* internal.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348016F3CCC400C07B32 /* internal.c */; }; + 52B1348816F3CCC400C07B32 /* crl.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348116F3CCC400C07B32 /* crl.c */; }; + 52B134A316F3CDF300C07B32 /* tfm.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348916F3CDF300C07B32 /* tfm.c */; }; + 52B134A416F3CDF300C07B32 /* sha256.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348A16F3CDF300C07B32 /* sha256.c */; }; + 52B134A516F3CDF300C07B32 /* sha.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348B16F3CDF300C07B32 /* sha.c */; }; + 52B134A616F3CDF300C07B32 /* rsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348C16F3CDF300C07B32 /* rsa.c */; }; + 52B134A716F3CDF300C07B32 /* ripemd.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348D16F3CDF300C07B32 /* ripemd.c */; }; + 52B134A816F3CDF300C07B32 /* random.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348E16F3CDF300C07B32 /* random.c */; }; + 52B134A916F3CDF300C07B32 /* rabbit.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1348F16F3CDF300C07B32 /* rabbit.c */; }; + 52B134AA16F3CDF300C07B32 /* pwdbased.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349016F3CDF300C07B32 /* pwdbased.c */; }; + 52B134AB16F3CDF300C07B32 /* misc.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349116F3CDF300C07B32 /* misc.c */; }; + 52B134AC16F3CDF300C07B32 /* memory.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349216F3CDF300C07B32 /* memory.c */; }; + 52B134AD16F3CDF300C07B32 /* md5.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349316F3CDF300C07B32 /* md5.c */; }; + 52B134AE16F3CDF300C07B32 /* md4.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349416F3CDF300C07B32 /* md4.c */; }; + 52B134AF16F3CDF300C07B32 /* logging.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349516F3CDF300C07B32 /* logging.c */; }; + 52B134B016F3CDF300C07B32 /* integer.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349616F3CDF300C07B32 /* integer.c */; }; + 52B134B116F3CDF300C07B32 /* hmac.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349716F3CDF300C07B32 /* hmac.c */; }; + 52B134B216F3CDF300C07B32 /* hc128.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349816F3CDF300C07B32 /* hc128.c */; }; + 52B134B316F3CDF300C07B32 /* error.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349916F3CDF300C07B32 /* error.c */; }; + 52B134B416F3CDF300C07B32 /* ecc.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349A16F3CDF300C07B32 /* ecc.c */; }; + 52B134B516F3CDF300C07B32 /* dsa.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349B16F3CDF300C07B32 /* dsa.c */; }; + 52B134B616F3CDF300C07B32 /* dh.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349C16F3CDF300C07B32 /* dh.c */; }; + 52B134B716F3CDF300C07B32 /* des3.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349D16F3CDF300C07B32 /* des3.c */; }; + 52B134B816F3CDF300C07B32 /* coding.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349E16F3CDF300C07B32 /* coding.c */; }; + 52B134B916F3CDF300C07B32 /* camellia.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B1349F16F3CDF300C07B32 /* camellia.c */; }; + 52B134BA16F3CDF300C07B32 /* asn.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B134A016F3CDF300C07B32 /* asn.c */; }; + 52B134BB16F3CDF300C07B32 /* arc4.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B134A116F3CDF300C07B32 /* arc4.c */; }; + 52B134BC16F3CDF300C07B32 /* aes.c in Sources */ = {isa = PBXBuildFile; fileRef = 52B134A216F3CDF300C07B32 /* aes.c */; }; +/* End PBXBuildFile section */ + +/* Begin PBXCopyFilesBuildPhase section */ + 52B1344B16F3C9E800C07B32 /* CopyFiles */ = { + isa = PBXCopyFilesBuildPhase; + buildActionMask = 2147483647; + dstPath = "include/${PRODUCT_NAME}"; + dstSubfolderSpec = 16; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXCopyFilesBuildPhase section */ + +/* Begin PBXFileReference section */ + 52397C5C17E0E63200517C9A /* port.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = port.c; path = ctaocrypt/src/port.c; sourceTree = SOURCE_ROOT; }; + 52B1344D16F3C9E800C07B32 /* libcyassl-ios.a */ = {isa = PBXFileReference; explicitFileType = archive.ar; includeInIndex = 0; path = "libcyassl-ios.a"; sourceTree = BUILT_PRODUCTS_DIR; }; + 52B1347B16F3CCC400C07B32 /* tls.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tls.c; path = src/tls.c; sourceTree = SOURCE_ROOT; }; + 52B1347C16F3CCC400C07B32 /* ssl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ssl.c; path = src/ssl.c; sourceTree = SOURCE_ROOT; }; + 52B1347D16F3CCC400C07B32 /* ocsp.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ocsp.c; path = src/ocsp.c; sourceTree = SOURCE_ROOT; }; + 52B1347E16F3CCC400C07B32 /* keys.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = keys.c; path = src/keys.c; sourceTree = SOURCE_ROOT; }; + 52B1347F16F3CCC400C07B32 /* io.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = io.c; path = src/io.c; sourceTree = SOURCE_ROOT; }; + 52B1348016F3CCC400C07B32 /* internal.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = internal.c; path = src/internal.c; sourceTree = SOURCE_ROOT; }; + 52B1348116F3CCC400C07B32 /* crl.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = crl.c; path = src/crl.c; sourceTree = SOURCE_ROOT; }; + 52B1348916F3CDF300C07B32 /* tfm.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = tfm.c; path = ctaocrypt/src/tfm.c; sourceTree = SOURCE_ROOT; }; + 52B1348A16F3CDF300C07B32 /* sha256.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha256.c; path = ctaocrypt/src/sha256.c; sourceTree = SOURCE_ROOT; }; + 52B1348B16F3CDF300C07B32 /* sha.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = sha.c; path = ctaocrypt/src/sha.c; sourceTree = SOURCE_ROOT; }; + 52B1348C16F3CDF300C07B32 /* rsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rsa.c; path = ctaocrypt/src/rsa.c; sourceTree = SOURCE_ROOT; }; + 52B1348D16F3CDF300C07B32 /* ripemd.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ripemd.c; path = ctaocrypt/src/ripemd.c; sourceTree = SOURCE_ROOT; }; + 52B1348E16F3CDF300C07B32 /* random.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = random.c; path = ctaocrypt/src/random.c; sourceTree = SOURCE_ROOT; }; + 52B1348F16F3CDF300C07B32 /* rabbit.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = rabbit.c; path = ctaocrypt/src/rabbit.c; sourceTree = SOURCE_ROOT; }; + 52B1349016F3CDF300C07B32 /* pwdbased.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = pwdbased.c; path = ctaocrypt/src/pwdbased.c; sourceTree = SOURCE_ROOT; }; + 52B1349116F3CDF300C07B32 /* misc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = misc.c; path = ctaocrypt/src/misc.c; sourceTree = SOURCE_ROOT; }; + 52B1349216F3CDF300C07B32 /* memory.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = memory.c; path = ctaocrypt/src/memory.c; sourceTree = SOURCE_ROOT; }; + 52B1349316F3CDF300C07B32 /* md5.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md5.c; path = ctaocrypt/src/md5.c; sourceTree = SOURCE_ROOT; }; + 52B1349416F3CDF300C07B32 /* md4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = md4.c; path = ctaocrypt/src/md4.c; sourceTree = SOURCE_ROOT; }; + 52B1349516F3CDF300C07B32 /* logging.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = logging.c; path = ctaocrypt/src/logging.c; sourceTree = SOURCE_ROOT; }; + 52B1349616F3CDF300C07B32 /* integer.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = integer.c; path = ctaocrypt/src/integer.c; sourceTree = SOURCE_ROOT; }; + 52B1349716F3CDF300C07B32 /* hmac.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hmac.c; path = ctaocrypt/src/hmac.c; sourceTree = SOURCE_ROOT; }; + 52B1349816F3CDF300C07B32 /* hc128.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = hc128.c; path = ctaocrypt/src/hc128.c; sourceTree = SOURCE_ROOT; }; + 52B1349916F3CDF300C07B32 /* error.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = error.c; path = ctaocrypt/src/error.c; sourceTree = SOURCE_ROOT; }; + 52B1349A16F3CDF300C07B32 /* ecc.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = ecc.c; path = ctaocrypt/src/ecc.c; sourceTree = SOURCE_ROOT; }; + 52B1349B16F3CDF300C07B32 /* dsa.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dsa.c; path = ctaocrypt/src/dsa.c; sourceTree = SOURCE_ROOT; }; + 52B1349C16F3CDF300C07B32 /* dh.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = dh.c; path = ctaocrypt/src/dh.c; sourceTree = SOURCE_ROOT; }; + 52B1349D16F3CDF300C07B32 /* des3.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = des3.c; path = ctaocrypt/src/des3.c; sourceTree = SOURCE_ROOT; }; + 52B1349E16F3CDF300C07B32 /* coding.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = coding.c; path = ctaocrypt/src/coding.c; sourceTree = SOURCE_ROOT; }; + 52B1349F16F3CDF300C07B32 /* camellia.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = camellia.c; path = ctaocrypt/src/camellia.c; sourceTree = SOURCE_ROOT; }; + 52B134A016F3CDF300C07B32 /* asn.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = asn.c; path = ctaocrypt/src/asn.c; sourceTree = SOURCE_ROOT; }; + 52B134A116F3CDF300C07B32 /* arc4.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = arc4.c; path = ctaocrypt/src/arc4.c; sourceTree = SOURCE_ROOT; }; + 52B134A216F3CDF300C07B32 /* aes.c */ = {isa = PBXFileReference; fileEncoding = 4; lastKnownFileType = sourcecode.c.c; name = aes.c; path = ctaocrypt/src/aes.c; sourceTree = SOURCE_ROOT; }; +/* End PBXFileReference section */ + +/* Begin PBXFrameworksBuildPhase section */ + 52B1344A16F3C9E800C07B32 /* Frameworks */ = { + isa = PBXFrameworksBuildPhase; + buildActionMask = 2147483647; + files = ( + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXFrameworksBuildPhase section */ + +/* Begin PBXGroup section */ + 52B1344416F3C9E800C07B32 = { + isa = PBXGroup; + children = ( + 52B1347816F3CC0400C07B32 /* Source */, + 52B1344E16F3C9E800C07B32 /* Products */, + ); + sourceTree = ""; + }; + 52B1344E16F3C9E800C07B32 /* Products */ = { + isa = PBXGroup; + children = ( + 52B1344D16F3C9E800C07B32 /* libcyassl-ios.a */, + ); + name = Products; + sourceTree = ""; + }; + 52B1347816F3CC0400C07B32 /* Source */ = { + isa = PBXGroup; + children = ( + 52B1347916F3CC9200C07B32 /* cyaSSL */, + 52B1347A16F3CC9A00C07B32 /* wolfCrypt */, + ); + name = Source; + path = "cyassl-ios"; + sourceTree = ""; + }; + 52B1347916F3CC9200C07B32 /* cyaSSL */ = { + isa = PBXGroup; + children = ( + 52B1347B16F3CCC400C07B32 /* tls.c */, + 52B1347C16F3CCC400C07B32 /* ssl.c */, + 52B1347D16F3CCC400C07B32 /* ocsp.c */, + 52B1347E16F3CCC400C07B32 /* keys.c */, + 52B1347F16F3CCC400C07B32 /* io.c */, + 52B1348016F3CCC400C07B32 /* internal.c */, + 52B1348116F3CCC400C07B32 /* crl.c */, + ); + name = cyaSSL; + sourceTree = ""; + }; + 52B1347A16F3CC9A00C07B32 /* wolfCrypt */ = { + isa = PBXGroup; + children = ( + 52397C5C17E0E63200517C9A /* port.c */, + 52B1348916F3CDF300C07B32 /* tfm.c */, + 52B1348A16F3CDF300C07B32 /* sha256.c */, + 52B1348B16F3CDF300C07B32 /* sha.c */, + 52B1348C16F3CDF300C07B32 /* rsa.c */, + 52B1348D16F3CDF300C07B32 /* ripemd.c */, + 52B1348E16F3CDF300C07B32 /* random.c */, + 52B1348F16F3CDF300C07B32 /* rabbit.c */, + 52B1349016F3CDF300C07B32 /* pwdbased.c */, + 52B1349116F3CDF300C07B32 /* misc.c */, + 52B1349216F3CDF300C07B32 /* memory.c */, + 52B1349316F3CDF300C07B32 /* md5.c */, + 52B1349416F3CDF300C07B32 /* md4.c */, + 52B1349516F3CDF300C07B32 /* logging.c */, + 52B1349616F3CDF300C07B32 /* integer.c */, + 52B1349716F3CDF300C07B32 /* hmac.c */, + 52B1349816F3CDF300C07B32 /* hc128.c */, + 52B1349916F3CDF300C07B32 /* error.c */, + 52B1349A16F3CDF300C07B32 /* ecc.c */, + 52B1349B16F3CDF300C07B32 /* dsa.c */, + 52B1349C16F3CDF300C07B32 /* dh.c */, + 52B1349D16F3CDF300C07B32 /* des3.c */, + 52B1349E16F3CDF300C07B32 /* coding.c */, + 52B1349F16F3CDF300C07B32 /* camellia.c */, + 52B134A016F3CDF300C07B32 /* asn.c */, + 52B134A116F3CDF300C07B32 /* arc4.c */, + 52B134A216F3CDF300C07B32 /* aes.c */, + ); + name = wolfCrypt; + sourceTree = ""; + }; +/* End PBXGroup section */ + +/* Begin PBXNativeTarget section */ + 52B1344C16F3C9E800C07B32 /* cyassl-ios */ = { + isa = PBXNativeTarget; + buildConfigurationList = 52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "cyassl-ios" */; + buildPhases = ( + 52B1344916F3C9E800C07B32 /* Sources */, + 52B1344A16F3C9E800C07B32 /* Frameworks */, + 52B1344B16F3C9E800C07B32 /* CopyFiles */, + ); + buildRules = ( + ); + dependencies = ( + ); + name = "cyassl-ios"; + productName = "cyassl-ios"; + productReference = 52B1344D16F3C9E800C07B32 /* libcyassl-ios.a */; + productType = "com.apple.product-type.library.static"; + }; +/* End PBXNativeTarget section */ + +/* Begin PBXProject section */ + 52B1344516F3C9E800C07B32 /* Project object */ = { + isa = PBXProject; + attributes = { + LastUpgradeCheck = 0460; + ORGANIZATIONNAME = "wolfSSL Inc"; + }; + buildConfigurationList = 52B1344816F3C9E800C07B32 /* Build configuration list for PBXProject "cyassl-ios" */; + compatibilityVersion = "Xcode 3.2"; + developmentRegion = English; + hasScannedForEncodings = 0; + knownRegions = ( + en, + ); + mainGroup = 52B1344416F3C9E800C07B32; + productRefGroup = 52B1344E16F3C9E800C07B32 /* Products */; + projectDirPath = ""; + projectRoot = ""; + targets = ( + 52B1344C16F3C9E800C07B32 /* cyassl-ios */, + ); + }; +/* End PBXProject section */ + +/* Begin PBXSourcesBuildPhase section */ + 52B1344916F3C9E800C07B32 /* Sources */ = { + isa = PBXSourcesBuildPhase; + buildActionMask = 2147483647; + files = ( + 52B1348216F3CCC400C07B32 /* tls.c in Sources */, + 52B1348316F3CCC400C07B32 /* ssl.c in Sources */, + 52B1348416F3CCC400C07B32 /* ocsp.c in Sources */, + 52B1348516F3CCC400C07B32 /* keys.c in Sources */, + 52B1348616F3CCC400C07B32 /* io.c in Sources */, + 52B1348716F3CCC400C07B32 /* internal.c in Sources */, + 52B1348816F3CCC400C07B32 /* crl.c in Sources */, + 52B134A316F3CDF300C07B32 /* tfm.c in Sources */, + 52B134A416F3CDF300C07B32 /* sha256.c in Sources */, + 52B134A516F3CDF300C07B32 /* sha.c in Sources */, + 52B134A616F3CDF300C07B32 /* rsa.c in Sources */, + 52B134A716F3CDF300C07B32 /* ripemd.c in Sources */, + 52B134A816F3CDF300C07B32 /* random.c in Sources */, + 52B134A916F3CDF300C07B32 /* rabbit.c in Sources */, + 52B134AA16F3CDF300C07B32 /* pwdbased.c in Sources */, + 52B134AB16F3CDF300C07B32 /* misc.c in Sources */, + 52B134AC16F3CDF300C07B32 /* memory.c in Sources */, + 52B134AD16F3CDF300C07B32 /* md5.c in Sources */, + 52B134AE16F3CDF300C07B32 /* md4.c in Sources */, + 52B134AF16F3CDF300C07B32 /* logging.c in Sources */, + 52B134B016F3CDF300C07B32 /* integer.c in Sources */, + 52B134B116F3CDF300C07B32 /* hmac.c in Sources */, + 52B134B216F3CDF300C07B32 /* hc128.c in Sources */, + 52B134B316F3CDF300C07B32 /* error.c in Sources */, + 52B134B416F3CDF300C07B32 /* ecc.c in Sources */, + 52B134B516F3CDF300C07B32 /* dsa.c in Sources */, + 52B134B616F3CDF300C07B32 /* dh.c in Sources */, + 52B134B716F3CDF300C07B32 /* des3.c in Sources */, + 52B134B816F3CDF300C07B32 /* coding.c in Sources */, + 52B134B916F3CDF300C07B32 /* camellia.c in Sources */, + 52B134BA16F3CDF300C07B32 /* asn.c in Sources */, + 52B134BB16F3CDF300C07B32 /* arc4.c in Sources */, + 52B134BC16F3CDF300C07B32 /* aes.c in Sources */, + 52397C5D17E0E63200517C9A /* port.c in Sources */, + ); + runOnlyForDeploymentPostprocessing = 0; + }; +/* End PBXSourcesBuildPhase section */ + +/* Begin XCBuildConfiguration section */ + 52B1347016F3C9E800C07B32 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + COPY_PHASE_STRIP = NO; + GCC_C_LANGUAGE_STANDARD = gnu99; + GCC_DYNAMIC_NO_PIC = NO; + GCC_OPTIMIZATION_LEVEL = 0; + GCC_PREPROCESSOR_DEFINITIONS = ( + "DEBUG=1", + "$(inherited)", + ); + GCC_SYMBOLS_PRIVATE_EXTERN = NO; + GCC_WARN_ABOUT_RETURN_TYPE = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + IPHONEOS_DEPLOYMENT_TARGET = 6.1; + ONLY_ACTIVE_ARCH = YES; + SDKROOT = iphoneos; + USER_HEADER_SEARCH_PATHS = "cyassl/ctaocrypt cyassl include"; + }; + name = Debug; + }; + 52B1347116F3C9E800C07B32 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = NO; + CLANG_CXX_LANGUAGE_STANDARD = "gnu++0x"; + CLANG_CXX_LIBRARY = "libc++"; + CLANG_WARN_CONSTANT_CONVERSION = YES; + CLANG_WARN_EMPTY_BODY = YES; + CLANG_WARN_ENUM_CONVERSION = YES; + CLANG_WARN_INT_CONVERSION = YES; + CLANG_WARN__DUPLICATE_METHOD_MATCH = YES; + COPY_PHASE_STRIP = YES; + GCC_C_LANGUAGE_STANDARD = gnu99; + GCC_WARN_ABOUT_RETURN_TYPE = YES; + GCC_WARN_UNINITIALIZED_AUTOS = YES; + GCC_WARN_UNUSED_VARIABLE = YES; + IPHONEOS_DEPLOYMENT_TARGET = 6.1; + SDKROOT = iphoneos; + USER_HEADER_SEARCH_PATHS = "cyassl/ctaocrypt cyassl include"; + VALIDATE_PRODUCT = NO; + }; + name = Release; + }; + 52B1347316F3C9E800C07B32 /* Debug */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = YES; + CLANG_LINK_OBJC_RUNTIME = NO; + DSTROOT = /tmp/cyassl_ios.dst; + GCC_PRECOMPILE_PREFIX_HEADER = NO; + GCC_PREFIX_HEADER = ""; + HEADER_SEARCH_PATHS = $SRCROOT; + OTHER_LDFLAGS = ""; + PRODUCT_NAME = "$(TARGET_NAME)"; + SKIP_INSTALL = YES; + TARGETED_DEVICE_FAMILY = "1,2"; + USER_HEADER_SEARCH_PATHS = "cyassl/ctaocrypt cyassl"; + }; + name = Debug; + }; + 52B1347416F3C9E800C07B32 /* Release */ = { + isa = XCBuildConfiguration; + buildSettings = { + ALWAYS_SEARCH_USER_PATHS = YES; + CLANG_LINK_OBJC_RUNTIME = NO; + DSTROOT = /tmp/cyassl_ios.dst; + GCC_PRECOMPILE_PREFIX_HEADER = NO; + GCC_PREFIX_HEADER = ""; + HEADER_SEARCH_PATHS = $SRCROOT; + OTHER_LDFLAGS = ""; + PRODUCT_NAME = "$(TARGET_NAME)"; + SKIP_INSTALL = YES; + TARGETED_DEVICE_FAMILY = "1,2"; + USER_HEADER_SEARCH_PATHS = "cyassl/ctaocrypt cyassl"; + }; + name = Release; + }; +/* End XCBuildConfiguration section */ + +/* Begin XCConfigurationList section */ + 52B1344816F3C9E800C07B32 /* Build configuration list for PBXProject "cyassl-ios" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 52B1347016F3C9E800C07B32 /* Debug */, + 52B1347116F3C9E800C07B32 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; + 52B1347216F3C9E800C07B32 /* Build configuration list for PBXNativeTarget "cyassl-ios" */ = { + isa = XCConfigurationList; + buildConfigurations = ( + 52B1347316F3C9E800C07B32 /* Debug */, + 52B1347416F3C9E800C07B32 /* Release */, + ); + defaultConfigurationIsVisible = 0; + defaultConfigurationName = Release; + }; +/* End XCConfigurationList section */ + }; + rootObject = 52B1344516F3C9E800C07B32 /* Project object */; +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl-ntru.vcproj b/FreeRTOS-Plus/Source/CyaSSL/cyassl-ntru.vcproj index 2402504bb..bf3c04cbb 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl-ntru.vcproj +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl-ntru.vcproj @@ -166,10 +166,22 @@ RelativePath=".\ctaocrypt\src\asn.c" > + + + + + + @@ -182,6 +194,14 @@ RelativePath=".\ctaocrypt\src\dsa.c" > + + + + @@ -226,6 +246,14 @@ RelativePath=".\ctaocrypt\src\misc.c" > + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl.vcproj b/FreeRTOS-Plus/Source/CyaSSL/cyassl.vcproj index d21effda1..ed5e30eca 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl.vcproj +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl.vcproj @@ -49,6 +49,7 @@ UsePrecompiledHeader="0" WarningLevel="4" DebugInformationFormat="4" + DisableSpecificWarnings="4206" /> + + + + + + @@ -178,6 +191,14 @@ RelativePath=".\ctaocrypt\src\dsa.c" > + + + + @@ -218,6 +239,14 @@ RelativePath=".\ctaocrypt\src\memory.c" > + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl.vcxproj b/FreeRTOS-Plus/Source/CyaSSL/cyassl.vcxproj new file mode 100644 index 000000000..ea7dd5eaa --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl.vcxproj @@ -0,0 +1,182 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + {73973223-5EE8-41CA-8E88-1D60E89A237B} + cyassl + Win32Proj + + + + StaticLibrary + v110 + Unicode + true + + + StaticLibrary + v110 + Unicode + true + + + StaticLibrary + v110 + Unicode + + + StaticLibrary + v110 + Unicode + + + + + + + + + + + + + + + + + + + <_ProjectFileVersion>11.0.61030.0 + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + + + + + Disabled + ./;%(AdditionalIncludeDirectories) + OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;%(PreprocessorDefinitions) + true + EnableFastChecks + MultiThreadedDebugDLL + + Level4 + EditAndContinue + 4206;%(DisableSpecificWarnings) + + + + + Disabled + ./;%(AdditionalIncludeDirectories) + OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;%(PreprocessorDefinitions) + EnableFastChecks + MultiThreadedDebugDLL + + + Level4 + ProgramDatabase + 4206;%(DisableSpecificWarnings) + + + + + MaxSpeed + true + ./;%(AdditionalIncludeDirectories) + OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + Level3 + ProgramDatabase + + + + + MaxSpeed + true + ./;%(AdditionalIncludeDirectories) + OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + + Level3 + ProgramDatabase + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + false + ml64.exe /c /Zi /Fo"$(OutDir)%(Filename).obj" %(Identity) + $(OutDir)%(Filename).obj + false + ml64.exe /c /Zi /Fo"$(OutDir)%(Filename).obj" %(Identity) + $(OutDir)%(Filename).obj + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/callbacks.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/callbacks.h index f43fbdd7b..3dacc5729 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/callbacks.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/callbacks.h @@ -1,6 +1,6 @@ -/* cyassl_callbacks.h +/* callbacks.h * - * Copyright (C) 2012 Sawtooth Consulting Ltd. + * Copyright (C) 2013 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -76,5 +76,5 @@ typedef struct timeoutInfo_st { #endif -#endif /* CyaSSL_CALLBACKS_H */ +#endif /* CYASSL_CALLBACKS_H */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/certs_test.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/certs_test.h new file mode 100644 index 000000000..0d4373b2c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/certs_test.h @@ -0,0 +1,1178 @@ +/* certs_test.h */ + +#ifndef CYASSL_CERTS_TEST_H +#define CYASSL_CERTS_TEST_H + +#ifdef USE_CERT_BUFFERS_1024 + +/* ./certs/1024/client-key.der, 1024-bit */ +const unsigned char client_key_der_1024[] = +{ + 0x30, 0x82, 0x02, 0x5C, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, + 0x00, 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, 0xA9, + 0xEF, 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, 0xEC, + 0xB3, 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, 0xEC, + 0xD1, 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, 0x94, + 0xCA, 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, 0x4D, + 0xC4, 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, 0x25, + 0xBB, 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, 0xCC, + 0x39, 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, 0xDA, + 0x4D, 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, 0x77, + 0xC9, 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, 0x4C, + 0xE8, 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, 0xAE, + 0xF6, 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, 0x67, + 0xC8, 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, 0x02, + 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x13, 0x97, 0xEA, + 0xE8, 0x38, 0x78, 0x25, 0xA2, 0x5C, 0x04, 0xCE, 0x0D, 0x40, + 0x7C, 0x31, 0xE5, 0xC4, 0x70, 0xCD, 0x9B, 0x82, 0x3B, 0x58, + 0x09, 0x86, 0x3B, 0x66, 0x5F, 0xDC, 0x31, 0x90, 0xF1, 0x4F, + 0xD5, 0xDB, 0x15, 0xDD, 0xDE, 0xD7, 0x3B, 0x95, 0x93, 0x31, + 0x18, 0x31, 0x0E, 0x5E, 0xA3, 0xD6, 0xA2, 0x1A, 0x71, 0x6E, + 0x81, 0x48, 0x1C, 0x4B, 0xCF, 0xDB, 0x8E, 0x7A, 0x86, 0x61, + 0x32, 0xDC, 0xFB, 0x55, 0xC1, 0x16, 0x6D, 0x27, 0x92, 0x24, + 0x45, 0x8B, 0xF1, 0xB8, 0x48, 0xB1, 0x4B, 0x1D, 0xAC, 0xDE, + 0xDA, 0xDD, 0x8E, 0x2F, 0xC2, 0x91, 0xFB, 0xA5, 0xA9, 0x6E, + 0xF8, 0x3A, 0x6A, 0xF1, 0xFD, 0x50, 0x18, 0xEF, 0x9F, 0xE7, + 0xC3, 0xCA, 0x78, 0xEA, 0x56, 0xD3, 0xD3, 0x72, 0x5B, 0x96, + 0xDD, 0x4E, 0x06, 0x4E, 0x3A, 0xC3, 0xD9, 0xBE, 0x72, 0xB6, + 0x65, 0x07, 0x07, 0x4C, 0x01, 0x02, 0x41, 0x00, 0xFA, 0x47, + 0xD4, 0x7A, 0x7C, 0x92, 0x3C, 0x55, 0xEF, 0x81, 0xF0, 0x41, + 0x30, 0x2D, 0xA3, 0xCF, 0x8F, 0x1C, 0xE6, 0x87, 0x27, 0x05, + 0x70, 0x0D, 0xDF, 0x98, 0x35, 0xD6, 0xF1, 0x8B, 0x38, 0x2F, + 0x24, 0xB5, 0xD0, 0x84, 0xB6, 0x79, 0x4F, 0x71, 0x29, 0x94, + 0x5A, 0xF0, 0x64, 0x6A, 0xAC, 0xE7, 0x72, 0xC6, 0xED, 0x4D, + 0x59, 0x98, 0x3E, 0x67, 0x3A, 0xF3, 0x74, 0x2C, 0xF9, 0x61, + 0x17, 0x69, 0x02, 0x41, 0x00, 0xC0, 0xC1, 0x82, 0x0D, 0x0C, + 0xEB, 0xC6, 0x2F, 0xDC, 0x92, 0xF9, 0x9D, 0x82, 0x1A, 0x31, + 0xE9, 0xE9, 0xF7, 0x4B, 0xF2, 0x82, 0x87, 0x1C, 0xEE, 0x16, + 0x6A, 0xD1, 0x1D, 0x18, 0x82, 0x70, 0xF3, 0xC0, 0xB6, 0x2F, + 0xF6, 0xF3, 0xF7, 0x1D, 0xF1, 0x86, 0x23, 0xC8, 0x4E, 0xEB, + 0x8F, 0x56, 0x8E, 0x8F, 0xF5, 0xBF, 0xF1, 0xF7, 0x2B, 0xB5, + 0xCC, 0x3D, 0xC6, 0x57, 0x39, 0x0C, 0x1B, 0x54, 0x41, 0x02, + 0x41, 0x00, 0x9D, 0x7E, 0x05, 0xDE, 0xED, 0xF4, 0xB7, 0xB2, + 0xFB, 0xFC, 0x30, 0x4B, 0x55, 0x1D, 0xE3, 0x2F, 0x01, 0x47, + 0x96, 0x69, 0x05, 0xCD, 0x0E, 0x2E, 0x2C, 0xBD, 0x83, 0x63, + 0xB6, 0xAB, 0x7C, 0xB7, 0x6D, 0xCA, 0x5B, 0x64, 0xA7, 0xCE, + 0xBE, 0x86, 0xDF, 0x3B, 0x53, 0xDE, 0x61, 0xD2, 0x1E, 0xEB, + 0xA5, 0xF6, 0x37, 0xED, 0xAC, 0xAB, 0x78, 0xD9, 0x4C, 0xE7, + 0x55, 0xFB, 0xD7, 0x11, 0x99, 0xC1, 0x02, 0x40, 0x18, 0x98, + 0x18, 0x29, 0xE6, 0x1E, 0x27, 0x39, 0x70, 0x21, 0x68, 0xAC, + 0x0A, 0x2F, 0xA1, 0x72, 0xC1, 0x21, 0x86, 0x95, 0x38, 0xC6, + 0x58, 0x90, 0xA0, 0x57, 0x9C, 0xBA, 0xE3, 0xA7, 0xB1, 0x15, + 0xC8, 0xDE, 0xF6, 0x1B, 0xC2, 0x61, 0x23, 0x76, 0xEF, 0xB0, + 0x9D, 0x1C, 0x44, 0xBE, 0x13, 0x43, 0x39, 0x67, 0x17, 0xC8, + 0x9D, 0xCA, 0xFB, 0xF5, 0x45, 0x64, 0x8B, 0x38, 0x82, 0x2C, + 0xF2, 0x81, 0x02, 0x40, 0x39, 0x89, 0xE5, 0x9C, 0x19, 0x55, + 0x30, 0xBA, 0xB7, 0x48, 0x8C, 0x48, 0x14, 0x0E, 0xF4, 0x9F, + 0x7E, 0x77, 0x97, 0x43, 0xE1, 0xB4, 0x19, 0x35, 0x31, 0x23, + 0x75, 0x9C, 0x3B, 0x44, 0xAD, 0x69, 0x12, 0x56, 0xEE, 0x00, + 0x61, 0x64, 0x16, 0x66, 0xD3, 0x7C, 0x74, 0x2B, 0x15, 0xB4, + 0xA2, 0xFE, 0xBF, 0x08, 0x6B, 0x1A, 0x5D, 0x3F, 0x90, 0x12, + 0xB1, 0x05, 0x86, 0x31, 0x29, 0xDB, 0xD9, 0xE2 +}; +const int sizeof_client_key_der_1024 = sizeof(client_key_der_1024); + +/* ./certs/1024/client-cert.der, 1024-bit */ +const unsigned char client_cert_der_1024[] = +{ + 0x30, 0x82, 0x02, 0xEC, 0x30, 0x82, 0x02, 0x55, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x8D, 0x0D, 0xAC, 0xFE, + 0xC6, 0x98, 0x45, 0x26, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, + 0x81, 0x8E, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, + 0x6F, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, + 0x07, 0x0C, 0x08, 0x50, 0x6F, 0x72, 0x74, 0x6C, 0x61, 0x6E, + 0x64, 0x31, 0x0E, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x05, 0x79, 0x61, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, + 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x50, 0x72, + 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x31, + 0x16, 0x30, 0x14, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0D, + 0x77, 0x77, 0x77, 0x2E, 0x79, 0x61, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x0E, + 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x79, 0x61, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x33, + 0x30, 0x31, 0x31, 0x38, 0x32, 0x31, 0x34, 0x32, 0x34, 0x39, + 0x5A, 0x17, 0x0D, 0x31, 0x35, 0x31, 0x30, 0x31, 0x35, 0x32, + 0x31, 0x34, 0x32, 0x34, 0x39, 0x5A, 0x30, 0x81, 0x8E, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x0F, 0x30, 0x0D, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x06, 0x4F, 0x72, 0x65, 0x67, 0x6F, 0x6E, 0x31, + 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x08, + 0x50, 0x6F, 0x72, 0x74, 0x6C, 0x61, 0x6E, 0x64, 0x31, 0x0E, + 0x30, 0x0C, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x05, 0x79, + 0x61, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x50, 0x72, 0x6F, 0x67, 0x72, + 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x31, 0x16, 0x30, 0x14, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0D, 0x77, 0x77, 0x77, + 0x2E, 0x79, 0x61, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1D, 0x30, 0x1B, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x0E, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x79, 0x61, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x81, 0x9F, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, 0x03, + 0x81, 0x8D, 0x00, 0x30, 0x81, 0x89, 0x02, 0x81, 0x81, 0x00, + 0xBC, 0x73, 0x0E, 0xA8, 0x49, 0xF3, 0x74, 0xA2, 0xA9, 0xEF, + 0x18, 0xA5, 0xDA, 0x55, 0x99, 0x21, 0xF9, 0xC8, 0xEC, 0xB3, + 0x6D, 0x48, 0xE5, 0x35, 0x35, 0x75, 0x77, 0x37, 0xEC, 0xD1, + 0x61, 0x90, 0x5F, 0x3E, 0xD9, 0xE4, 0xD5, 0xDF, 0x94, 0xCA, + 0xC1, 0xA9, 0xD7, 0x19, 0xDA, 0x86, 0xC9, 0xE8, 0x4D, 0xC4, + 0x61, 0x36, 0x82, 0xFE, 0xAB, 0xAD, 0x7E, 0x77, 0x25, 0xBB, + 0x8D, 0x11, 0xA5, 0xBC, 0x62, 0x3A, 0xA8, 0x38, 0xCC, 0x39, + 0xA2, 0x04, 0x66, 0xB4, 0xF7, 0xF7, 0xF3, 0xAA, 0xDA, 0x4D, + 0x02, 0x0E, 0xBB, 0x5E, 0x8D, 0x69, 0x48, 0xDC, 0x77, 0xC9, + 0x28, 0x0E, 0x22, 0xE9, 0x6B, 0xA4, 0x26, 0xBA, 0x4C, 0xE8, + 0xC1, 0xFD, 0x4A, 0x6F, 0x2B, 0x1F, 0xEF, 0x8A, 0xAE, 0xF6, + 0x90, 0x62, 0xE5, 0x64, 0x1E, 0xEB, 0x2B, 0x3C, 0x67, 0xC8, + 0xDC, 0x27, 0x00, 0xF6, 0x91, 0x68, 0x65, 0xA9, 0x02, 0x03, + 0x01, 0x00, 0x01, 0xA3, 0x50, 0x30, 0x4E, 0x30, 0x1D, 0x06, + 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, 0x04, 0x14, 0x81, 0x69, + 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, 0xD5, 0x67, 0x75, + 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, 0xEC, 0x30, 0x1F, + 0x06, 0x03, 0x55, 0x1D, 0x23, 0x04, 0x18, 0x30, 0x16, 0x80, + 0x14, 0x81, 0x69, 0x0F, 0xF8, 0xDF, 0xDD, 0xCF, 0x34, 0x29, + 0xD5, 0x67, 0x75, 0x71, 0x85, 0xC7, 0x75, 0x10, 0x69, 0x59, + 0xEC, 0x30, 0x0C, 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, + 0x30, 0x03, 0x01, 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, + 0x03, 0x81, 0x81, 0x00, 0x72, 0x66, 0x0F, 0x6A, 0xA1, 0x85, + 0x95, 0x06, 0xE6, 0x87, 0x1A, 0xED, 0x2B, 0xDA, 0xED, 0x84, + 0x90, 0x89, 0xA6, 0x31, 0x4D, 0x60, 0xF2, 0x7B, 0x63, 0x0C, + 0xDC, 0x9B, 0x44, 0x4C, 0xD6, 0x62, 0x41, 0x24, 0x74, 0x30, + 0x70, 0x4E, 0x07, 0x10, 0x05, 0x12, 0x5E, 0x14, 0xB3, 0xDD, + 0xCF, 0x58, 0x27, 0x93, 0xCF, 0xAA, 0x4F, 0x85, 0x2C, 0x35, + 0x0E, 0xFF, 0x5B, 0xA8, 0x6B, 0xB5, 0x95, 0x32, 0xD5, 0xCC, + 0x73, 0x68, 0x5B, 0x1B, 0xC4, 0xF8, 0x89, 0x5E, 0x3D, 0xF8, + 0x02, 0x39, 0x32, 0x7D, 0x06, 0xA4, 0x32, 0xE9, 0xB3, 0xEF, + 0x62, 0xA0, 0x43, 0x5D, 0x4F, 0xFB, 0xCE, 0x3D, 0x08, 0x33, + 0xAF, 0x3D, 0x7F, 0x12, 0xCB, 0x8A, 0x5A, 0xC2, 0x63, 0xDB, + 0x3E, 0xDD, 0xEA, 0x5B, 0x67, 0x10, 0x49, 0x9F, 0x5B, 0x96, + 0x1B, 0x4E, 0x5D, 0xBC, 0x4E, 0x9A, 0x7C, 0x1F, 0xAB, 0x56, + 0x47, 0x4A +}; +const int sizeof_client_cert_der_1024 = sizeof(client_cert_der_1024); + +/* ./certs/1024/dh1024.der, 1024-bit */ +const unsigned char dh_key_der_1024[] = +{ + 0x30, 0x81, 0x87, 0x02, 0x81, 0x81, 0x00, 0xA4, 0xD2, 0xB8, + 0x6E, 0x78, 0xF5, 0xD9, 0xED, 0x2D, 0x7C, 0xDD, 0xB6, 0x16, + 0x86, 0x5A, 0x4B, 0x05, 0x76, 0x90, 0xDD, 0x66, 0x61, 0xB9, + 0x6D, 0x52, 0xA7, 0x1C, 0xAF, 0x62, 0xC6, 0x69, 0x47, 0x7B, + 0x39, 0xF2, 0xFB, 0x94, 0xEC, 0xBC, 0x79, 0xFF, 0x24, 0x5E, + 0xEF, 0x79, 0xBB, 0x59, 0xB2, 0xFC, 0xCA, 0x07, 0xD6, 0xF4, + 0xE9, 0x34, 0xF7, 0xE8, 0x38, 0xE7, 0xD7, 0x33, 0x44, 0x1D, + 0xA3, 0x64, 0x76, 0x1A, 0x84, 0x97, 0x54, 0x74, 0x40, 0x84, + 0x1F, 0x15, 0xFE, 0x7C, 0x25, 0x2A, 0x2B, 0x25, 0xFD, 0x9E, + 0xC1, 0x89, 0x33, 0x8C, 0x39, 0x25, 0x2B, 0x40, 0xE6, 0xCD, + 0xF8, 0xA8, 0xA1, 0x8A, 0x53, 0xC6, 0x47, 0xB2, 0xA0, 0xD7, + 0x8F, 0xEB, 0x2E, 0x60, 0x0A, 0x0D, 0x4B, 0xF8, 0xB4, 0x94, + 0x8C, 0x63, 0x0A, 0xAD, 0xC7, 0x10, 0xEA, 0xC7, 0xA1, 0xB9, + 0x9D, 0xF2, 0xA8, 0x37, 0x73, 0x02, 0x01, 0x02 +}; +const int sizeof_dh_key_der_1024 = sizeof(dh_key_der_1024); + +/* ./certs/1024/dsa1024.der, 1024-bit */ +const unsigned char dsa_key_der_1024[] = +{ + 0x30, 0x82, 0x01, 0xBC, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, + 0x00, 0xF7, 0x4B, 0xF9, 0xBB, 0x15, 0x98, 0xEB, 0xDD, 0xDE, + 0x1E, 0x4E, 0x71, 0x88, 0x85, 0xF2, 0xB7, 0xBA, 0xE2, 0x4A, + 0xDA, 0x76, 0x40, 0xCD, 0x69, 0x48, 0x9E, 0x83, 0x7C, 0x11, + 0xF7, 0x65, 0x31, 0x78, 0xF5, 0x25, 0x2D, 0xF7, 0xB7, 0xF8, + 0x52, 0x3F, 0xBE, 0xD8, 0xB6, 0xC5, 0xFE, 0x18, 0x15, 0x5B, + 0xB9, 0xD5, 0x92, 0x86, 0xBC, 0xB2, 0x17, 0x7C, 0xD8, 0xB0, + 0xBE, 0xA0, 0x7C, 0xF2, 0xD5, 0x73, 0x7A, 0x58, 0x8F, 0x8D, + 0xE5, 0x4A, 0x00, 0x99, 0x83, 0x4A, 0xC0, 0x9E, 0x16, 0x09, + 0xA1, 0x10, 0x34, 0xD5, 0x19, 0xBB, 0x63, 0xE3, 0xDD, 0x83, + 0x74, 0x7F, 0x10, 0xCA, 0x73, 0x75, 0xEE, 0x31, 0x4A, 0xDD, + 0x9F, 0xE0, 0x02, 0x6A, 0x9D, 0xEE, 0xB2, 0x4B, 0xA7, 0x6B, + 0x2A, 0x6C, 0xC7, 0x86, 0x77, 0xE8, 0x04, 0x15, 0xDC, 0x92, + 0xB4, 0x7A, 0x29, 0x1F, 0x4E, 0x83, 0x63, 0x85, 0x55, 0x02, + 0x15, 0x00, 0xD2, 0x05, 0xE4, 0x73, 0xFB, 0xC1, 0x99, 0xC5, + 0xDC, 0x68, 0xA4, 0x8D, 0x92, 0x27, 0x3D, 0xE2, 0x52, 0x5F, + 0x89, 0x8B, 0x02, 0x81, 0x81, 0x00, 0xAA, 0x21, 0x02, 0x09, + 0x43, 0x6E, 0xFB, 0xA2, 0x54, 0x14, 0x85, 0x0A, 0xF4, 0x28, + 0x7C, 0xCB, 0xCC, 0xDB, 0xF5, 0x1E, 0xA2, 0x18, 0xA9, 0x21, + 0xDE, 0x88, 0x88, 0x33, 0x8C, 0x2E, 0xEB, 0x8D, 0xA3, 0xF0, + 0x1D, 0xC8, 0x8F, 0xF6, 0x7E, 0xF8, 0xCF, 0x12, 0xF5, 0xB4, + 0xA1, 0x11, 0x6F, 0x0C, 0xD4, 0xF0, 0x06, 0xAD, 0xC4, 0xFC, + 0x14, 0x45, 0xC7, 0x94, 0x15, 0xBC, 0x19, 0x4B, 0xAE, 0xEF, + 0x93, 0x6A, 0x4F, 0xCC, 0x14, 0xD8, 0x47, 0x8B, 0x39, 0x66, + 0x87, 0x02, 0xD4, 0x28, 0x0A, 0xB8, 0xEE, 0x09, 0x37, 0xF4, + 0x00, 0xA0, 0x04, 0xA7, 0x79, 0xA7, 0xD2, 0x3C, 0xF7, 0x34, + 0x43, 0x56, 0x8E, 0xD0, 0x7C, 0xC2, 0xD8, 0x4D, 0x0F, 0x89, + 0xED, 0x14, 0xC1, 0x2C, 0x9C, 0x4C, 0x19, 0x9B, 0x9E, 0xDC, + 0x53, 0x09, 0x9F, 0xDF, 0x2D, 0xF0, 0x0C, 0x27, 0x54, 0x3A, + 0x77, 0x14, 0x2D, 0xDE, 0x02, 0x81, 0x81, 0x00, 0xE8, 0x1F, + 0x7C, 0xB7, 0xC0, 0x54, 0x51, 0xA7, 0x28, 0x2D, 0x58, 0x7C, + 0xDE, 0xD4, 0x5C, 0xDD, 0xD5, 0x76, 0x84, 0x3C, 0x36, 0x20, + 0xC0, 0xC3, 0x25, 0xD7, 0x3A, 0x38, 0xE1, 0x54, 0xC8, 0xFD, + 0x40, 0x68, 0x1A, 0x21, 0x54, 0x26, 0x39, 0x14, 0xBF, 0xF6, + 0xA3, 0x9C, 0x5E, 0xD9, 0x2B, 0xF7, 0xC9, 0x25, 0xBA, 0x00, + 0x09, 0xCB, 0x7F, 0x0C, 0x4A, 0x24, 0xFD, 0x15, 0x16, 0x15, + 0x48, 0xCD, 0x0B, 0x52, 0x44, 0x40, 0x7B, 0x90, 0x63, 0x2B, + 0x90, 0x22, 0xC5, 0x18, 0x05, 0x80, 0x53, 0xAF, 0x83, 0x1F, + 0x54, 0xE2, 0xB0, 0xA2, 0x0B, 0x5A, 0x92, 0x24, 0xE1, 0x62, + 0x28, 0x3F, 0xB7, 0xCA, 0xB9, 0x89, 0xD6, 0xA0, 0xB7, 0xAD, + 0xAE, 0x05, 0xE1, 0xC1, 0x59, 0x40, 0xED, 0x4A, 0x1B, 0x68, + 0xA7, 0x7B, 0xFB, 0xC3, 0x20, 0x81, 0xEF, 0x4B, 0xF3, 0x69, + 0x91, 0xB0, 0xCE, 0x3A, 0xB0, 0x38, 0x02, 0x14, 0x25, 0x38, + 0x3B, 0xA1, 0x19, 0x75, 0xDF, 0x9B, 0xF5, 0x72, 0x53, 0x4F, + 0x39, 0xE1, 0x1C, 0xEC, 0x13, 0x84, 0x82, 0x18 +}; +const int sizeof_dsa_key_der_1024 = sizeof(dsa_key_der_1024); + +/* ./certs/1024/rsa1024.der, 1024-bit */ +const unsigned char rsa_key_der_1024[] = +{ + 0x30, 0x82, 0x02, 0x5D, 0x02, 0x01, 0x00, 0x02, 0x81, 0x81, + 0x00, 0xBE, 0x70, 0x70, 0xB8, 0x04, 0x18, 0xE5, 0x28, 0xFE, + 0x66, 0xD8, 0x90, 0x88, 0xE0, 0xF1, 0xB7, 0xC3, 0xD0, 0xD2, + 0x3E, 0xE6, 0x4B, 0x94, 0x74, 0xB0, 0xFF, 0xB0, 0xF7, 0x63, + 0xA5, 0xAB, 0x7E, 0xAF, 0xB6, 0x2B, 0xB7, 0x38, 0x16, 0x1A, + 0x50, 0xBF, 0xF1, 0xCA, 0x87, 0x3A, 0xD5, 0xB0, 0xDA, 0xF8, + 0x43, 0x7A, 0x15, 0xB9, 0x7E, 0xEA, 0x2A, 0x80, 0xD2, 0x51, + 0xB0, 0x35, 0xAF, 0x07, 0xF3, 0xF2, 0x5D, 0x24, 0x3A, 0x4B, + 0x87, 0x56, 0x48, 0x1B, 0x3C, 0x24, 0x9A, 0xDA, 0x70, 0x80, + 0xBD, 0x3C, 0x8B, 0x03, 0x4A, 0x0C, 0x83, 0x71, 0xDE, 0xE3, + 0x03, 0x70, 0xA2, 0xB7, 0x60, 0x09, 0x1B, 0x5E, 0xC7, 0x3D, + 0xA0, 0x64, 0x60, 0xE3, 0xA9, 0x06, 0x8D, 0xD3, 0xFF, 0x42, + 0xBB, 0x0A, 0x94, 0x27, 0x2D, 0x57, 0x42, 0x0D, 0xB0, 0x2D, + 0xE0, 0xBA, 0x18, 0x25, 0x60, 0x92, 0x11, 0x92, 0xF3, 0x02, + 0x03, 0x01, 0x00, 0x01, 0x02, 0x81, 0x80, 0x0E, 0xEE, 0x1D, + 0xC8, 0x2F, 0x7A, 0x0C, 0x2D, 0x44, 0x94, 0xA7, 0x91, 0xDD, + 0x49, 0x55, 0x6A, 0x04, 0xCE, 0x10, 0x4D, 0xA2, 0x1C, 0x76, + 0xCD, 0x17, 0x3B, 0x54, 0x92, 0x70, 0x9B, 0x82, 0x70, 0x72, + 0x32, 0x24, 0x07, 0x3F, 0x3C, 0x6C, 0x5F, 0xBC, 0x4C, 0xA6, + 0x86, 0x27, 0x94, 0xAD, 0x42, 0xDD, 0x87, 0xDC, 0xC0, 0x6B, + 0x44, 0x89, 0xF3, 0x3F, 0x1A, 0x3E, 0x11, 0x44, 0x84, 0x2E, + 0x69, 0x4C, 0xBB, 0x4A, 0x71, 0x1A, 0xBB, 0x9A, 0x52, 0x3C, + 0x6B, 0xDE, 0xBC, 0xB2, 0x7C, 0x51, 0xEF, 0x4F, 0x8F, 0x3A, + 0xDC, 0x50, 0x04, 0x4E, 0xB6, 0x31, 0x66, 0xA8, 0x8E, 0x06, + 0x3B, 0x51, 0xA9, 0xC1, 0x8A, 0xCB, 0xC4, 0x81, 0xCA, 0x2D, + 0x69, 0xEC, 0x88, 0xFC, 0x33, 0x88, 0xD1, 0xD4, 0x29, 0x47, + 0x87, 0x37, 0xF9, 0x6A, 0x22, 0x69, 0xB9, 0xC9, 0xFE, 0xEB, + 0x8C, 0xC5, 0x21, 0x41, 0x71, 0x02, 0x41, 0x00, 0xFD, 0x17, + 0x98, 0x42, 0x54, 0x1C, 0x23, 0xF8, 0xD7, 0x5D, 0xEF, 0x49, + 0x4F, 0xAF, 0xD9, 0x35, 0x6F, 0x08, 0xC6, 0xC7, 0x40, 0x5C, + 0x7E, 0x58, 0x86, 0xC2, 0xB2, 0x16, 0x39, 0x24, 0xC5, 0x06, + 0xB0, 0x3D, 0xAF, 0x02, 0xD2, 0x87, 0x77, 0xD2, 0x76, 0xBA, + 0xE3, 0x59, 0x60, 0x42, 0xF1, 0x16, 0xEF, 0x33, 0x0B, 0xF2, + 0x0B, 0xBA, 0x99, 0xCC, 0xB6, 0x4C, 0x46, 0x3F, 0x33, 0xE4, + 0xD4, 0x67, 0x02, 0x41, 0x00, 0xC0, 0xA0, 0x91, 0x6D, 0xFE, + 0x28, 0xE0, 0x81, 0x5A, 0x15, 0xA7, 0xC9, 0xA8, 0x98, 0xC6, + 0x0A, 0xAB, 0x00, 0xC5, 0x40, 0xC9, 0x21, 0xBB, 0xB2, 0x33, + 0x5A, 0xA7, 0xCB, 0x6E, 0xB8, 0x08, 0x56, 0x4A, 0x76, 0x28, + 0xE8, 0x6D, 0xBD, 0xF5, 0x26, 0x7B, 0xBF, 0xC5, 0x46, 0x45, + 0x0D, 0xEC, 0x7D, 0xEE, 0x82, 0xD6, 0xCA, 0x5F, 0x3D, 0x6E, + 0xCC, 0x94, 0x73, 0xCD, 0xCE, 0x86, 0x6E, 0x95, 0x95, 0x02, + 0x40, 0x38, 0xFD, 0x28, 0x1E, 0xBF, 0x5B, 0xBA, 0xC9, 0xDC, + 0x8C, 0xDD, 0x45, 0xAF, 0xB8, 0xD3, 0xFB, 0x11, 0x2E, 0x73, + 0xBC, 0x08, 0x05, 0x0B, 0xBA, 0x19, 0x56, 0x1B, 0xCD, 0x9F, + 0x3E, 0x65, 0x53, 0x15, 0x3A, 0x3E, 0x7F, 0x2F, 0x32, 0xAB, + 0xCB, 0x6B, 0x4A, 0xB7, 0xC8, 0xB7, 0x41, 0x3B, 0x92, 0x43, + 0x78, 0x46, 0x17, 0x51, 0x86, 0xC9, 0xFC, 0xEB, 0x8B, 0x8F, + 0x41, 0xCA, 0x08, 0x9B, 0xBF, 0x02, 0x41, 0x00, 0xAD, 0x9B, + 0x89, 0xB6, 0xF2, 0x8C, 0x70, 0xDA, 0xE4, 0x10, 0x04, 0x6B, + 0x11, 0x92, 0xAF, 0x5A, 0xCA, 0x08, 0x25, 0xBF, 0x60, 0x07, + 0x11, 0x1D, 0x68, 0x7F, 0x5A, 0x1F, 0x55, 0x28, 0x74, 0x0B, + 0x21, 0x8D, 0x21, 0x0D, 0x6A, 0x6A, 0xFB, 0xD9, 0xB5, 0x4A, + 0x7F, 0x47, 0xF7, 0xD0, 0xB6, 0xC6, 0x41, 0x02, 0x97, 0x07, + 0x49, 0x93, 0x1A, 0x9B, 0x33, 0x68, 0xB3, 0xA2, 0x61, 0x32, + 0xA5, 0x89, 0x02, 0x41, 0x00, 0x8F, 0xEF, 0xAD, 0xB5, 0xB0, + 0xB0, 0x7E, 0x86, 0x03, 0x43, 0x93, 0x6E, 0xDD, 0x3C, 0x2D, + 0x9B, 0x6A, 0x55, 0xFF, 0x6F, 0x3E, 0x70, 0x2A, 0xD4, 0xBF, + 0x1F, 0x8C, 0x93, 0x60, 0x9E, 0x6D, 0x2F, 0x18, 0x6C, 0x11, + 0x36, 0x98, 0x3F, 0x10, 0x78, 0xE8, 0x3E, 0x8F, 0xFE, 0x55, + 0xB9, 0x9E, 0xD5, 0x5B, 0x2E, 0x87, 0x1C, 0x58, 0xD0, 0x37, + 0x89, 0x96, 0xEC, 0x48, 0x54, 0xF5, 0x9F, 0x0F, 0xB3 +}; +const int sizeof_rsa_key_der_1024 = sizeof(rsa_key_der_1024); + +#elif defined(USE_CERT_BUFFERS_2048) + +/* ./certs/client-key.der, 2048-bit */ +const unsigned char client_key_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xA4, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, 0xFE, 0x39, 0xA4, 0x32, + 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, 0x2A, 0x7C, 0x74, 0x9A, + 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, 0xD6, 0xA6, 0x36, 0xB2, + 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, 0x7B, 0xC6, 0xC3, 0x44, + 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, 0x68, 0xA2, 0x8B, 0x67, + 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, 0x4A, 0xD2, 0x1B, 0xF7, + 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, 0xEC, 0xF1, 0x81, 0x1E, + 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, 0x65, 0xCC, 0x7F, 0x65, + 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, 0x5B, 0xE4, 0x34, 0xF7, + 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, 0x7B, 0x3A, 0x7A, 0x78, + 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, 0x13, 0x42, 0x8D, 0xD2, + 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, 0x86, 0xDF, 0x37, 0x51, + 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, 0xA3, 0x4A, 0x35, 0xE4, + 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, 0xBF, 0x4E, 0x97, 0xD0, + 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, 0xAF, 0x20, 0x0B, 0x43, + 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, 0x82, 0x6F, 0x8D, 0x86, + 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, 0xBA, 0x1E, 0x40, 0x72, + 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, 0x73, 0xB0, 0xCE, 0xEF, + 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, 0x7B, 0xC0, 0x12, 0x03, + 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, 0x3B, 0xA3, 0x3B, 0xA3, + 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, 0x85, 0xB3, 0xD9, 0x8A, + 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, 0xAC, 0xBB, 0xFF, 0x25, + 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, 0xD3, 0x86, 0x40, 0x18, + 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, 0x30, 0xC4, 0x97, 0x84, + 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, 0xF7, 0x7F, 0xC0, 0xAE, + 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, 0xBA, 0xD3, 0x02, 0x03, + 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x01, 0x00, 0xA2, 0xE6, + 0xD8, 0x5F, 0x10, 0x71, 0x64, 0x08, 0x9E, 0x2E, 0x6D, 0xD1, + 0x6D, 0x1E, 0x85, 0xD2, 0x0A, 0xB1, 0x8C, 0x47, 0xCE, 0x2C, + 0x51, 0x6A, 0xA0, 0x12, 0x9E, 0x53, 0xDE, 0x91, 0x4C, 0x1D, + 0x6D, 0xEA, 0x59, 0x7B, 0xF2, 0x77, 0xAA, 0xD9, 0xC6, 0xD9, + 0x8A, 0xAB, 0xD8, 0xE1, 0x16, 0xE4, 0x63, 0x26, 0xFF, 0xB5, + 0x6C, 0x13, 0x59, 0xB8, 0xE3, 0xA5, 0xC8, 0x72, 0x17, 0x2E, + 0x0C, 0x9F, 0x6F, 0xE5, 0x59, 0x3F, 0x76, 0x6F, 0x49, 0xB1, + 0x11, 0xC2, 0x5A, 0x2E, 0x16, 0x29, 0x0D, 0xDE, 0xB7, 0x8E, + 0xDC, 0x40, 0xD5, 0xA2, 0xEE, 0xE0, 0x1E, 0xA1, 0xF4, 0xBE, + 0x97, 0xDB, 0x86, 0x63, 0x96, 0x14, 0xCD, 0x98, 0x09, 0x60, + 0x2D, 0x30, 0x76, 0x9C, 0x3C, 0xCD, 0xE6, 0x88, 0xEE, 0x47, + 0x92, 0x79, 0x0B, 0x5A, 0x00, 0xE2, 0x5E, 0x5F, 0x11, 0x7C, + 0x7D, 0xF9, 0x08, 0xB7, 0x20, 0x06, 0x89, 0x2A, 0x5D, 0xFD, + 0x00, 0xAB, 0x22, 0xE1, 0xF0, 0xB3, 0xBC, 0x24, 0xA9, 0x5E, + 0x26, 0x0E, 0x1F, 0x00, 0x2D, 0xFE, 0x21, 0x9A, 0x53, 0x5B, + 0x6D, 0xD3, 0x2B, 0xAB, 0x94, 0x82, 0x68, 0x43, 0x36, 0xD8, + 0xF6, 0x2F, 0xC6, 0x22, 0xFC, 0xB5, 0x41, 0x5D, 0x0D, 0x33, + 0x60, 0xEA, 0xA4, 0x7D, 0x7E, 0xE8, 0x4B, 0x55, 0x91, 0x56, + 0xD3, 0x5C, 0x57, 0x8F, 0x1F, 0x94, 0x17, 0x2F, 0xAA, 0xDE, + 0xE9, 0x9E, 0xA8, 0xF4, 0xCF, 0x8A, 0x4C, 0x8E, 0xA0, 0xE4, + 0x56, 0x73, 0xB2, 0xCF, 0x4F, 0x86, 0xC5, 0x69, 0x3C, 0xF3, + 0x24, 0x20, 0x8B, 0x5C, 0x96, 0x0C, 0xFA, 0x6B, 0x12, 0x3B, + 0x9A, 0x67, 0xC1, 0xDF, 0xC6, 0x96, 0xB2, 0xA5, 0xD5, 0x92, + 0x0D, 0x9B, 0x09, 0x42, 0x68, 0x24, 0x10, 0x45, 0xD4, 0x50, + 0xE4, 0x17, 0x39, 0x48, 0xD0, 0x35, 0x8B, 0x94, 0x6D, 0x11, + 0xDE, 0x8F, 0xCA, 0x59, 0x02, 0x81, 0x81, 0x00, 0xEA, 0x24, + 0xA7, 0xF9, 0x69, 0x33, 0xE9, 0x71, 0xDC, 0x52, 0x7D, 0x88, + 0x21, 0x28, 0x2F, 0x49, 0xDE, 0xBA, 0x72, 0x16, 0xE9, 0xCC, + 0x47, 0x7A, 0x88, 0x0D, 0x94, 0x57, 0x84, 0x58, 0x16, 0x3A, + 0x81, 0xB0, 0x3F, 0xA2, 0xCF, 0xA6, 0x6C, 0x1E, 0xB0, 0x06, + 0x29, 0x00, 0x8F, 0xE7, 0x77, 0x76, 0xAC, 0xDB, 0xCA, 0xC7, + 0xD9, 0x5E, 0x9B, 0x3F, 0x26, 0x90, 0x52, 0xAE, 0xFC, 0x38, + 0x90, 0x00, 0x14, 0xBB, 0xB4, 0x0F, 0x58, 0x94, 0xE7, 0x2F, + 0x6A, 0x7E, 0x1C, 0x4F, 0x41, 0x21, 0xD4, 0x31, 0x59, 0x1F, + 0x4E, 0x8A, 0x1A, 0x8D, 0xA7, 0x57, 0x6C, 0x22, 0xD8, 0xE5, + 0xF4, 0x7E, 0x32, 0xA6, 0x10, 0xCB, 0x64, 0xA5, 0x55, 0x03, + 0x87, 0xA6, 0x27, 0x05, 0x8C, 0xC3, 0xD7, 0xB6, 0x27, 0xB2, + 0x4D, 0xBA, 0x30, 0xDA, 0x47, 0x8F, 0x54, 0xD3, 0x3D, 0x8B, + 0x84, 0x8D, 0x94, 0x98, 0x58, 0xA5, 0x02, 0x81, 0x81, 0x00, + 0xD5, 0x38, 0x1B, 0xC3, 0x8F, 0xC5, 0x93, 0x0C, 0x47, 0x0B, + 0x6F, 0x35, 0x92, 0xC5, 0xB0, 0x8D, 0x46, 0xC8, 0x92, 0x18, + 0x8F, 0xF5, 0x80, 0x0A, 0xF7, 0xEF, 0xA1, 0xFE, 0x80, 0xB9, + 0xB5, 0x2A, 0xBA, 0xCA, 0x18, 0xB0, 0x5D, 0xA5, 0x07, 0xD0, + 0x93, 0x8D, 0xD8, 0x9C, 0x04, 0x1C, 0xD4, 0x62, 0x8E, 0xA6, + 0x26, 0x81, 0x01, 0xFF, 0xCE, 0x8A, 0x2A, 0x63, 0x34, 0x35, + 0x40, 0xAA, 0x6D, 0x80, 0xDE, 0x89, 0x23, 0x6A, 0x57, 0x4D, + 0x9E, 0x6E, 0xAD, 0x93, 0x4E, 0x56, 0x90, 0x0B, 0x6D, 0x9D, + 0x73, 0x8B, 0x0C, 0xAE, 0x27, 0x3D, 0xDE, 0x4E, 0xF0, 0xAA, + 0xC5, 0x6C, 0x78, 0x67, 0x6C, 0x94, 0x52, 0x9C, 0x37, 0x67, + 0x6C, 0x2D, 0xEF, 0xBB, 0xAF, 0xDF, 0xA6, 0x90, 0x3C, 0xC4, + 0x47, 0xCF, 0x8D, 0x96, 0x9E, 0x98, 0xA9, 0xB4, 0x9F, 0xC5, + 0xA6, 0x50, 0xDC, 0xB3, 0xF0, 0xFB, 0x74, 0x17, 0x02, 0x81, + 0x80, 0x5E, 0x83, 0x09, 0x62, 0xBD, 0xBA, 0x7C, 0xA2, 0xBF, + 0x42, 0x74, 0xF5, 0x7C, 0x1C, 0xD2, 0x69, 0xC9, 0x04, 0x0D, + 0x85, 0x7E, 0x3E, 0x3D, 0x24, 0x12, 0xC3, 0x18, 0x7B, 0xF3, + 0x29, 0xF3, 0x5F, 0x0E, 0x76, 0x6C, 0x59, 0x75, 0xE4, 0x41, + 0x84, 0x69, 0x9D, 0x32, 0xF3, 0xCD, 0x22, 0xAB, 0xB0, 0x35, + 0xBA, 0x4A, 0xB2, 0x3C, 0xE5, 0xD9, 0x58, 0xB6, 0x62, 0x4F, + 0x5D, 0xDE, 0xE5, 0x9E, 0x0A, 0xCA, 0x53, 0xB2, 0x2C, 0xF7, + 0x9E, 0xB3, 0x6B, 0x0A, 0x5B, 0x79, 0x65, 0xEC, 0x6E, 0x91, + 0x4E, 0x92, 0x20, 0xF6, 0xFC, 0xFC, 0x16, 0xED, 0xD3, 0x76, + 0x0C, 0xE2, 0xEC, 0x7F, 0xB2, 0x69, 0x13, 0x6B, 0x78, 0x0E, + 0x5A, 0x46, 0x64, 0xB4, 0x5E, 0xB7, 0x25, 0xA0, 0x5A, 0x75, + 0x3A, 0x4B, 0xEF, 0xC7, 0x3C, 0x3E, 0xF7, 0xFD, 0x26, 0xB8, + 0x20, 0xC4, 0x99, 0x0A, 0x9A, 0x73, 0xBE, 0xC3, 0x19, 0x02, + 0x81, 0x81, 0x00, 0xBA, 0x44, 0x93, 0x14, 0xAC, 0x34, 0x19, + 0x3B, 0x5F, 0x91, 0x60, 0xAC, 0xF7, 0xB4, 0xD6, 0x81, 0x05, + 0x36, 0x51, 0x53, 0x3D, 0xE8, 0x65, 0xDC, 0xAF, 0x2E, 0xDC, + 0x61, 0x3E, 0xC9, 0x7D, 0xB8, 0x7F, 0x87, 0xF0, 0x3B, 0x9B, + 0x03, 0x82, 0x29, 0x37, 0xCE, 0x72, 0x4E, 0x11, 0xD5, 0xB1, + 0xC1, 0x0C, 0x07, 0xA0, 0x99, 0x91, 0x4A, 0x8D, 0x7F, 0xEC, + 0x79, 0xCF, 0xF1, 0x39, 0xB5, 0xE9, 0x85, 0xEC, 0x62, 0xF7, + 0xDA, 0x7D, 0xBC, 0x64, 0x4D, 0x22, 0x3C, 0x0E, 0xF2, 0xD6, + 0x51, 0xF5, 0x87, 0xD8, 0x99, 0xC0, 0x11, 0x20, 0x5D, 0x0F, + 0x29, 0xFD, 0x5B, 0xE2, 0xAE, 0xD9, 0x1C, 0xD9, 0x21, 0x56, + 0x6D, 0xFC, 0x84, 0xD0, 0x5F, 0xED, 0x10, 0x15, 0x1C, 0x18, + 0x21, 0xE7, 0xC4, 0x3D, 0x4B, 0xD7, 0xD0, 0x9E, 0x6A, 0x95, + 0xCF, 0x22, 0xC9, 0x03, 0x7B, 0x9E, 0xE3, 0x60, 0x01, 0xFC, + 0x2F, 0x02, 0x81, 0x80, 0x11, 0xD0, 0x4B, 0xCF, 0x1B, 0x67, + 0xB9, 0x9F, 0x10, 0x75, 0x47, 0x86, 0x65, 0xAE, 0x31, 0xC2, + 0xC6, 0x30, 0xAC, 0x59, 0x06, 0x50, 0xD9, 0x0F, 0xB5, 0x70, + 0x06, 0xF7, 0xF0, 0xD3, 0xC8, 0x62, 0x7C, 0xA8, 0xDA, 0x6E, + 0xF6, 0x21, 0x3F, 0xD3, 0x7F, 0x5F, 0xEA, 0x8A, 0xAB, 0x3F, + 0xD9, 0x2A, 0x5E, 0xF3, 0x51, 0xD2, 0xC2, 0x30, 0x37, 0xE3, + 0x2D, 0xA3, 0x75, 0x0D, 0x1E, 0x4D, 0x21, 0x34, 0xD5, 0x57, + 0x70, 0x5C, 0x89, 0xBF, 0x72, 0xEC, 0x4A, 0x6E, 0x68, 0xD5, + 0xCD, 0x18, 0x74, 0x33, 0x4E, 0x8C, 0x3A, 0x45, 0x8F, 0xE6, + 0x96, 0x40, 0xEB, 0x63, 0xF9, 0x19, 0x86, 0x3A, 0x51, 0xDD, + 0x89, 0x4B, 0xB0, 0xF3, 0xF9, 0x9F, 0x5D, 0x28, 0x95, 0x38, + 0xBE, 0x35, 0xAB, 0xCA, 0x5C, 0xE7, 0x93, 0x53, 0x34, 0xA1, + 0x45, 0x5D, 0x13, 0x39, 0x65, 0x42, 0x46, 0xA1, 0x9F, 0xCD, + 0xF5, 0xBF +}; +const int sizeof_client_key_der_2048 = sizeof(client_key_der_2048); + +/* ./certs/client-cert.der, 2048-bit */ +const unsigned char client_cert_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, 0x92, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0xB6, 0x63, 0xAF, 0x8F, + 0x5D, 0x62, 0x57, 0xA0, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, + 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, + 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, + 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, + 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x34, 0x30, 0x37, 0x31, 0x31, + 0x31, 0x37, 0x33, 0x39, 0x34, 0x34, 0x5A, 0x17, 0x0D, 0x31, + 0x37, 0x30, 0x34, 0x30, 0x36, 0x31, 0x37, 0x33, 0x39, 0x34, + 0x34, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, 0x66, 0x53, + 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x0B, 0x50, 0x72, 0x6F, 0x67, 0x72, 0x61, 0x6D, + 0x6D, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, + 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xC3, 0x03, 0xD1, 0x2B, + 0xFE, 0x39, 0xA4, 0x32, 0x45, 0x3B, 0x53, 0xC8, 0x84, 0x2B, + 0x2A, 0x7C, 0x74, 0x9A, 0xBD, 0xAA, 0x2A, 0x52, 0x07, 0x47, + 0xD6, 0xA6, 0x36, 0xB2, 0x07, 0x32, 0x8E, 0xD0, 0xBA, 0x69, + 0x7B, 0xC6, 0xC3, 0x44, 0x9E, 0xD4, 0x81, 0x48, 0xFD, 0x2D, + 0x68, 0xA2, 0x8B, 0x67, 0xBB, 0xA1, 0x75, 0xC8, 0x36, 0x2C, + 0x4A, 0xD2, 0x1B, 0xF7, 0x8B, 0xBA, 0xCF, 0x0D, 0xF9, 0xEF, + 0xEC, 0xF1, 0x81, 0x1E, 0x7B, 0x9B, 0x03, 0x47, 0x9A, 0xBF, + 0x65, 0xCC, 0x7F, 0x65, 0x24, 0x69, 0xA6, 0xE8, 0x14, 0x89, + 0x5B, 0xE4, 0x34, 0xF7, 0xC5, 0xB0, 0x14, 0x93, 0xF5, 0x67, + 0x7B, 0x3A, 0x7A, 0x78, 0xE1, 0x01, 0x56, 0x56, 0x91, 0xA6, + 0x13, 0x42, 0x8D, 0xD2, 0x3C, 0x40, 0x9C, 0x4C, 0xEF, 0xD1, + 0x86, 0xDF, 0x37, 0x51, 0x1B, 0x0C, 0xA1, 0x3B, 0xF5, 0xF1, + 0xA3, 0x4A, 0x35, 0xE4, 0xE1, 0xCE, 0x96, 0xDF, 0x1B, 0x7E, + 0xBF, 0x4E, 0x97, 0xD0, 0x10, 0xE8, 0xA8, 0x08, 0x30, 0x81, + 0xAF, 0x20, 0x0B, 0x43, 0x14, 0xC5, 0x74, 0x67, 0xB4, 0x32, + 0x82, 0x6F, 0x8D, 0x86, 0xC2, 0x88, 0x40, 0x99, 0x36, 0x83, + 0xBA, 0x1E, 0x40, 0x72, 0x22, 0x17, 0xD7, 0x52, 0x65, 0x24, + 0x73, 0xB0, 0xCE, 0xEF, 0x19, 0xCD, 0xAE, 0xFF, 0x78, 0x6C, + 0x7B, 0xC0, 0x12, 0x03, 0xD4, 0x4E, 0x72, 0x0D, 0x50, 0x6D, + 0x3B, 0xA3, 0x3B, 0xA3, 0x99, 0x5E, 0x9D, 0xC8, 0xD9, 0x0C, + 0x85, 0xB3, 0xD9, 0x8A, 0xD9, 0x54, 0x26, 0xDB, 0x6D, 0xFA, + 0xAC, 0xBB, 0xFF, 0x25, 0x4C, 0xC4, 0xD1, 0x79, 0xF4, 0x71, + 0xD3, 0x86, 0x40, 0x18, 0x13, 0xB0, 0x63, 0xB5, 0x72, 0x4E, + 0x30, 0xC4, 0x97, 0x84, 0x86, 0x2D, 0x56, 0x2F, 0xD7, 0x15, + 0xF7, 0x7F, 0xC0, 0xAE, 0xF5, 0xFC, 0x5B, 0xE5, 0xFB, 0xA1, + 0xBA, 0xD3, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, + 0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, + 0x87, 0x18, 0x7E, 0x54, 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, + 0xD7, 0x85, 0x65, 0xC0, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, + 0x33, 0xD8, 0x45, 0x66, 0xD7, 0x68, 0x87, 0x18, 0x7E, 0x54, + 0x0D, 0x70, 0x27, 0x91, 0xC7, 0x26, 0xD7, 0x85, 0x65, 0xC0, + 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, + 0x6F, 0x6C, 0x66, 0x53, 0x53, 0x4C, 0x31, 0x14, 0x30, 0x12, + 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0B, 0x50, 0x72, 0x6F, + 0x67, 0x72, 0x61, 0x6D, 0x6D, 0x69, 0x6E, 0x67, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0xB6, 0x63, 0xAF, 0x8F, 0x5D, 0x62, 0x57, 0xA0, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, + 0x01, 0x00, 0x85, 0x10, 0x90, 0xC5, 0x5D, 0xDE, 0x25, 0x8C, + 0xF2, 0x57, 0x7B, 0x2D, 0x14, 0x1C, 0x05, 0xF9, 0x71, 0x63, + 0x40, 0xB0, 0xE3, 0xC1, 0xC1, 0x2E, 0x13, 0x2A, 0x7A, 0xB7, + 0xD6, 0x24, 0x58, 0x87, 0xEB, 0x03, 0xFB, 0x0D, 0xAF, 0xE0, + 0xF4, 0xD0, 0xC8, 0xBC, 0x51, 0x36, 0x10, 0x4F, 0x79, 0xCC, + 0x4F, 0x66, 0x7D, 0xAF, 0x99, 0xCB, 0x7B, 0xCE, 0x68, 0x94, + 0xC6, 0x36, 0xAA, 0x42, 0x6E, 0x8C, 0x78, 0x5B, 0xB2, 0x85, + 0xCA, 0xD1, 0xE1, 0xA8, 0x31, 0xD1, 0x81, 0xD9, 0xF9, 0xC1, + 0xA3, 0x9E, 0x34, 0x43, 0xEF, 0x0A, 0x79, 0x7D, 0x3E, 0x83, + 0x61, 0xFC, 0x14, 0x5C, 0xD1, 0xDD, 0xBC, 0x0E, 0xD7, 0x51, + 0xB7, 0x71, 0x6E, 0x41, 0x7E, 0x8B, 0x2C, 0x5A, 0x9A, 0xCB, + 0x77, 0x4B, 0x6A, 0xF5, 0x06, 0xFF, 0x02, 0xAF, 0x1E, 0xE6, + 0x63, 0x4F, 0xBC, 0x44, 0xD9, 0x3F, 0x56, 0x9E, 0x09, 0x9C, + 0x43, 0xF9, 0x55, 0x21, 0x32, 0x46, 0x82, 0x09, 0x86, 0xA9, + 0x7B, 0x74, 0x1C, 0x9E, 0x5A, 0x2A, 0xBF, 0x03, 0x79, 0x91, + 0xCB, 0xF2, 0x29, 0x7F, 0xC9, 0x15, 0x82, 0x89, 0xB9, 0x53, + 0xCD, 0x7E, 0x07, 0x90, 0xA9, 0x5D, 0x76, 0xE1, 0x19, 0x5E, + 0x0D, 0x58, 0xB8, 0x59, 0xD5, 0x0D, 0xDF, 0x23, 0xAB, 0x6B, + 0x63, 0x76, 0x19, 0x9E, 0x9C, 0xDF, 0xB0, 0x57, 0x49, 0x6C, + 0xD0, 0x86, 0x97, 0xC3, 0x6C, 0x3C, 0xFA, 0xE0, 0x56, 0xC2, + 0x1B, 0xE3, 0xA1, 0x42, 0x1A, 0x58, 0x62, 0x85, 0x9D, 0x74, + 0x19, 0x83, 0x08, 0xAF, 0x59, 0x90, 0xF8, 0x99, 0xBD, 0x67, + 0xD3, 0x4A, 0xEA, 0x0E, 0xC9, 0xCA, 0x61, 0x8A, 0x0D, 0x8A, + 0x42, 0xCC, 0x90, 0xE9, 0x2E, 0xC2, 0x54, 0x73, 0x7F, 0x5E, + 0xAF, 0x8D, 0xE2, 0x32, 0xCB, 0x45, 0x20, 0xD6, 0x19, 0x4D, + 0x5B, 0x77, 0x31, 0xCC, 0x0F, 0x2D, 0xC0, 0x7E +}; +const int sizeof_client_cert_der_2048 = sizeof(client_cert_der_2048); + +/* ./certs/dh2048.der, 2048-bit */ +const unsigned char dh_key_der_2048[] = +{ + 0x30, 0x82, 0x01, 0x08, 0x02, 0x82, 0x01, 0x01, 0x00, 0xB0, + 0xA1, 0x08, 0x06, 0x9C, 0x08, 0x13, 0xBA, 0x59, 0x06, 0x3C, + 0xBC, 0x30, 0xD5, 0xF5, 0x00, 0xC1, 0x4F, 0x44, 0xA7, 0xD6, + 0xEF, 0x4A, 0xC6, 0x25, 0x27, 0x1C, 0xE8, 0xD2, 0x96, 0x53, + 0x0A, 0x5C, 0x91, 0xDD, 0xA2, 0xC2, 0x94, 0x84, 0xBF, 0x7D, + 0xB2, 0x44, 0x9F, 0x9B, 0xD2, 0xC1, 0x8A, 0xC5, 0xBE, 0x72, + 0x5C, 0xA7, 0xE7, 0x91, 0xE6, 0xD4, 0x9F, 0x73, 0x07, 0x85, + 0x5B, 0x66, 0x48, 0xC7, 0x70, 0xFA, 0xB4, 0xEE, 0x02, 0xC9, + 0x3D, 0x9A, 0x4A, 0xDA, 0x3D, 0xC1, 0x46, 0x3E, 0x19, 0x69, + 0xD1, 0x17, 0x46, 0x07, 0xA3, 0x4D, 0x9F, 0x2B, 0x96, 0x17, + 0x39, 0x6D, 0x30, 0x8D, 0x2A, 0xF3, 0x94, 0xD3, 0x75, 0xCF, + 0xA0, 0x75, 0xE6, 0xF2, 0x92, 0x1F, 0x1A, 0x70, 0x05, 0xAA, + 0x04, 0x83, 0x57, 0x30, 0xFB, 0xDA, 0x76, 0x93, 0x38, 0x50, + 0xE8, 0x27, 0xFD, 0x63, 0xEE, 0x3C, 0xE5, 0xB7, 0xC8, 0x09, + 0xAE, 0x6F, 0x50, 0x35, 0x8E, 0x84, 0xCE, 0x4A, 0x00, 0xE9, + 0x12, 0x7E, 0x5A, 0x31, 0xD7, 0x33, 0xFC, 0x21, 0x13, 0x76, + 0xCC, 0x16, 0x30, 0xDB, 0x0C, 0xFC, 0xC5, 0x62, 0xA7, 0x35, + 0xB8, 0xEF, 0xB7, 0xB0, 0xAC, 0xC0, 0x36, 0xF6, 0xD9, 0xC9, + 0x46, 0x48, 0xF9, 0x40, 0x90, 0x00, 0x2B, 0x1B, 0xAA, 0x6C, + 0xE3, 0x1A, 0xC3, 0x0B, 0x03, 0x9E, 0x1B, 0xC2, 0x46, 0xE4, + 0x48, 0x4E, 0x22, 0x73, 0x6F, 0xC3, 0x5F, 0xD4, 0x9A, 0xD6, + 0x30, 0x07, 0x48, 0xD6, 0x8C, 0x90, 0xAB, 0xD4, 0xF6, 0xF1, + 0xE3, 0x48, 0xD3, 0x58, 0x4B, 0xA6, 0xB9, 0xCD, 0x29, 0xBF, + 0x68, 0x1F, 0x08, 0x4B, 0x63, 0x86, 0x2F, 0x5C, 0x6B, 0xD6, + 0xB6, 0x06, 0x65, 0xF7, 0xA6, 0xDC, 0x00, 0x67, 0x6B, 0xBB, + 0xC3, 0xA9, 0x41, 0x83, 0xFB, 0xC7, 0xFA, 0xC8, 0xE2, 0x1E, + 0x7E, 0xAF, 0x00, 0x3F, 0x93, 0x02, 0x01, 0x02 +}; +const int sizeof_dh_key_der_2048 = sizeof(dh_key_der_2048); + +/* ./certs/dsa2048.der, 2048-bit */ +const unsigned char dsa_key_der_2048[] = +{ + 0x30, 0x82, 0x03, 0x3F, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xCC, 0x8E, 0xC9, 0xA0, 0xD5, 0x9A, 0x27, 0x1C, + 0xDA, 0x52, 0xDF, 0xC7, 0xC0, 0xE6, 0x06, 0xA4, 0x3E, 0x8A, + 0x66, 0x49, 0xD0, 0x59, 0x33, 0x51, 0x69, 0xC4, 0x9C, 0x5E, + 0x64, 0x85, 0xC7, 0xF1, 0xAB, 0xD5, 0xD9, 0x62, 0xAC, 0xFD, + 0xA1, 0xE0, 0x1B, 0x57, 0xFF, 0x96, 0xEF, 0x0C, 0x9F, 0xC8, + 0x44, 0x87, 0xEB, 0x5C, 0x91, 0xD0, 0x46, 0x42, 0x09, 0x50, + 0x6A, 0x23, 0xCB, 0x89, 0x6F, 0x55, 0xE9, 0x6A, 0x11, 0xA9, + 0xA8, 0x32, 0xAB, 0x33, 0x0D, 0x51, 0xB5, 0x79, 0x51, 0xB4, + 0xAB, 0xA2, 0x25, 0x11, 0x8D, 0xE5, 0x24, 0xBE, 0xD8, 0xF1, + 0x9D, 0x4E, 0x12, 0x6F, 0xAC, 0x44, 0x54, 0x80, 0xA9, 0xB4, + 0x81, 0x68, 0x4E, 0x44, 0x0E, 0xB8, 0x39, 0xF3, 0xBE, 0x83, + 0x08, 0x74, 0xA2, 0xC6, 0x7A, 0xD7, 0x6A, 0x7D, 0x0A, 0x88, + 0x57, 0x83, 0x48, 0xDC, 0xCF, 0x5E, 0x6F, 0xEE, 0x68, 0x0C, + 0xF7, 0xFF, 0x03, 0x04, 0x90, 0xAA, 0xF7, 0x07, 0x98, 0xF8, + 0x67, 0x5A, 0x83, 0x23, 0x66, 0x47, 0x60, 0xC3, 0x43, 0x6E, + 0x03, 0x91, 0xAC, 0x28, 0x66, 0xCB, 0xF0, 0xD3, 0x05, 0xC8, + 0x09, 0x97, 0xB5, 0xAE, 0x01, 0x5E, 0x80, 0x3B, 0x9D, 0x4F, + 0xDE, 0x3E, 0x94, 0xFE, 0xCB, 0x82, 0xB0, 0xB1, 0xFC, 0x91, + 0x8B, 0x1D, 0x8A, 0xEE, 0xC6, 0x06, 0x1F, 0x37, 0x91, 0x48, + 0xD2, 0xF8, 0x6C, 0x5D, 0x60, 0x13, 0x83, 0xA7, 0x81, 0xAC, + 0xCA, 0x8D, 0xD0, 0x6A, 0x04, 0x0A, 0xEA, 0x3E, 0x22, 0x4E, + 0x13, 0xF1, 0x0D, 0xBB, 0x60, 0x6B, 0xCD, 0xBC, 0x5C, 0x87, + 0xA3, 0x67, 0x2B, 0x42, 0xA1, 0x9F, 0xCD, 0x39, 0x58, 0xBE, + 0x55, 0xB1, 0x93, 0x84, 0xCE, 0xB2, 0x10, 0x4E, 0xE4, 0xC3, + 0x9F, 0xB2, 0x53, 0x61, 0x01, 0x29, 0xAA, 0x96, 0xCB, 0x20, + 0x60, 0x42, 0x1D, 0xBA, 0x75, 0x4B, 0x63, 0xC1, 0x02, 0x15, + 0x00, 0xE7, 0xA5, 0x39, 0xD4, 0x6A, 0x37, 0x5E, 0x95, 0x06, + 0x39, 0x07, 0x77, 0x0A, 0xEB, 0xA0, 0x03, 0xEB, 0x78, 0x82, + 0x9B, 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD4, 0x4C, 0x71, + 0x2F, 0xEC, 0xFA, 0x32, 0xB2, 0x80, 0x7E, 0x61, 0x4A, 0x6B, + 0x5F, 0x18, 0x76, 0x43, 0xC3, 0x69, 0xBA, 0x41, 0xC7, 0xA7, + 0x1D, 0x79, 0x01, 0xEC, 0xAF, 0x34, 0x87, 0x67, 0x4F, 0x29, + 0x80, 0xA8, 0x3B, 0x87, 0xF6, 0xE8, 0xA1, 0xE8, 0xCD, 0x1B, + 0x1C, 0x86, 0x38, 0xF6, 0xD1, 0x0C, 0x46, 0x2E, 0xC8, 0xE0, + 0xC9, 0x30, 0x26, 0xD5, 0x2C, 0x7F, 0xC1, 0x08, 0xBF, 0xCC, + 0x5A, 0x82, 0x8E, 0xD4, 0xD4, 0x49, 0xAA, 0xA2, 0xFA, 0xE6, + 0xC1, 0x9D, 0xF0, 0xD9, 0x96, 0xB0, 0xFF, 0x0C, 0x5B, 0x33, + 0x8E, 0x06, 0xDD, 0x9D, 0x28, 0xA9, 0xE9, 0x80, 0x41, 0x3B, + 0xD8, 0x7A, 0x94, 0x21, 0x8F, 0x56, 0xF1, 0xA2, 0xB4, 0x2B, + 0x89, 0x1C, 0x74, 0xFF, 0x7E, 0x91, 0xDC, 0x1F, 0x91, 0x13, + 0x98, 0xAF, 0xC7, 0x06, 0xD2, 0x4C, 0x90, 0xA2, 0xBD, 0xDA, + 0x16, 0xBA, 0x65, 0xB0, 0x2D, 0x68, 0x87, 0x3C, 0x6E, 0x25, + 0x8D, 0x90, 0xC7, 0xBC, 0x0D, 0xA9, 0x43, 0x03, 0xC9, 0xBE, + 0xCF, 0x85, 0x6F, 0xDB, 0x07, 0x7B, 0x8C, 0xF8, 0xB1, 0xC2, + 0x49, 0x10, 0x69, 0x63, 0x56, 0x37, 0xC5, 0x30, 0xD2, 0xFB, + 0x71, 0x9A, 0xE8, 0x82, 0x07, 0x2E, 0x3E, 0x95, 0x50, 0xF3, + 0x73, 0xCF, 0x34, 0x5B, 0xD5, 0xAB, 0x02, 0x15, 0xF2, 0xCC, + 0xD7, 0x52, 0xC5, 0x28, 0xD8, 0x41, 0x19, 0x55, 0x6F, 0xB8, + 0x5F, 0xF1, 0x99, 0xB3, 0xC7, 0xD9, 0xB3, 0x71, 0xF4, 0x2D, + 0xDF, 0x22, 0x59, 0x35, 0x86, 0xDB, 0x39, 0xCA, 0x1B, 0x4D, + 0x35, 0x90, 0x19, 0x6B, 0x31, 0xE3, 0xC8, 0xC6, 0x09, 0xBF, + 0x7C, 0xED, 0x01, 0xB4, 0xB2, 0xF5, 0x6E, 0xDA, 0x63, 0x41, + 0x3C, 0xE6, 0x3A, 0x72, 0x2D, 0x65, 0x48, 0xF6, 0x07, 0xCD, + 0x92, 0x84, 0x8B, 0x1D, 0xA7, 0x31, 0x6B, 0xD6, 0xF0, 0xFB, + 0xD9, 0xF4, 0x02, 0x82, 0x01, 0x00, 0x66, 0x4B, 0xBB, 0xB7, + 0xC9, 0x48, 0x95, 0x0D, 0x5A, 0xA6, 0x2D, 0xA1, 0x7F, 0xDF, + 0x1F, 0x67, 0x6D, 0xED, 0x52, 0x4B, 0x16, 0x6C, 0x17, 0xC6, + 0xAE, 0xF8, 0x6A, 0xC4, 0x57, 0xED, 0x2F, 0xB3, 0xF0, 0x2A, + 0x55, 0xAB, 0xBA, 0xCA, 0xEA, 0x17, 0xE8, 0x35, 0x7C, 0xE5, + 0x31, 0x0D, 0x4A, 0x95, 0xFC, 0x43, 0x6F, 0x97, 0x3C, 0x5C, + 0x67, 0xAC, 0xBE, 0x67, 0x7F, 0xE9, 0x4E, 0xAA, 0x48, 0xB3, + 0x92, 0xA1, 0x76, 0x75, 0xEA, 0x04, 0x34, 0x7F, 0x87, 0x33, + 0x2D, 0x24, 0xB6, 0x29, 0x97, 0xE3, 0x04, 0x77, 0x93, 0x89, + 0x13, 0xDB, 0x1B, 0x93, 0xB8, 0x2C, 0x90, 0x1A, 0x09, 0x3B, + 0x26, 0xD9, 0x59, 0xF3, 0x2A, 0x09, 0x58, 0xDC, 0xAC, 0x25, + 0xB4, 0xA9, 0x45, 0x3B, 0xA2, 0x3A, 0x6C, 0x61, 0x84, 0xBF, + 0x68, 0xD4, 0xEA, 0x9B, 0xC5, 0x29, 0x48, 0x60, 0x15, 0x10, + 0x35, 0x2C, 0x44, 0x1D, 0xB5, 0x9A, 0xEE, 0xAC, 0xC1, 0x68, + 0xE8, 0x47, 0xB7, 0x41, 0x34, 0x39, 0x9A, 0xF8, 0xA5, 0x20, + 0xE9, 0x24, 0xC4, 0x2C, 0x58, 0x3F, 0x4C, 0x41, 0x30, 0x3A, + 0x14, 0x6E, 0x8D, 0xEA, 0xAD, 0xBA, 0x9B, 0x43, 0xD3, 0x98, + 0x2F, 0x83, 0xD8, 0x14, 0x67, 0xE8, 0xF8, 0xD5, 0x4F, 0xAC, + 0xE0, 0x3B, 0xBF, 0xA7, 0x54, 0x16, 0x5E, 0x49, 0x64, 0x26, + 0x54, 0xA4, 0x6B, 0x69, 0x7C, 0xBA, 0x8A, 0x83, 0xD9, 0x2E, + 0x65, 0x0A, 0xA2, 0x27, 0xEF, 0x99, 0x99, 0x08, 0xD7, 0xB5, + 0x9F, 0xA0, 0x01, 0xEF, 0x7E, 0x17, 0xBF, 0x83, 0x6B, 0x2E, + 0xDD, 0xC0, 0x39, 0x38, 0x23, 0x68, 0xB4, 0x76, 0x6B, 0xE5, + 0xCA, 0xF7, 0x7C, 0xEE, 0xC0, 0x52, 0xE2, 0xDD, 0xAD, 0x59, + 0x3A, 0x42, 0x06, 0x45, 0xB0, 0xC7, 0xC1, 0x77, 0x05, 0xB2, + 0x0C, 0x32, 0x40, 0x46, 0xAA, 0xDA, 0x79, 0x77, 0x04, 0x71, + 0xDF, 0x7A, 0x02, 0x15, 0x00, 0x98, 0xEE, 0xB9, 0x51, 0x37, + 0x3E, 0x75, 0x13, 0x13, 0x06, 0x8F, 0x94, 0xD3, 0xE6, 0xE9, + 0x00, 0xCB, 0x62, 0x6D, 0x9A +}; +const int sizeof_dsa_key_der_2048 = sizeof(dsa_key_der_2048); + +/* ./certs/rsa2048.der, 2048-bit */ +const unsigned char rsa_key_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xA3, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xE9, 0x8A, 0x5D, 0x15, 0xA4, 0xD4, 0x34, 0xB9, + 0x59, 0xA2, 0xDA, 0xAF, 0x74, 0xC8, 0xC9, 0x03, 0x26, 0x38, + 0xFA, 0x48, 0xFC, 0x4D, 0x30, 0x6E, 0xEA, 0x76, 0x89, 0xCE, + 0x4F, 0xF6, 0x87, 0xDE, 0x32, 0x3A, 0x46, 0x6E, 0x38, 0x12, + 0x58, 0x37, 0x22, 0x0D, 0x80, 0xAC, 0x2D, 0xAF, 0x2F, 0x12, + 0x3E, 0x62, 0x73, 0x60, 0x66, 0x68, 0x90, 0xB2, 0x6F, 0x47, + 0x17, 0x04, 0x2B, 0xCA, 0xB7, 0x26, 0xB7, 0x10, 0xC2, 0x13, + 0xF9, 0x7A, 0x62, 0x0A, 0x93, 0x32, 0x90, 0x42, 0x0D, 0x16, + 0x2E, 0xFA, 0xD7, 0x29, 0xD7, 0x9F, 0x54, 0xE4, 0xFC, 0x65, + 0x74, 0xF8, 0xF6, 0x43, 0x6B, 0x4E, 0x9E, 0x34, 0x7F, 0xCB, + 0x6B, 0x1C, 0x1A, 0xDE, 0x82, 0x81, 0xBF, 0x08, 0x5D, 0x3F, + 0xC0, 0xB6, 0xB1, 0xA8, 0xA5, 0x9C, 0x81, 0x70, 0xA7, 0x4E, + 0x32, 0x87, 0x15, 0x1C, 0x78, 0x0E, 0xF0, 0x18, 0xFE, 0xEB, + 0x4B, 0x37, 0x2B, 0xE9, 0xE1, 0xF7, 0xFA, 0x51, 0xC6, 0x58, + 0xB9, 0xD8, 0x06, 0x03, 0xED, 0xC0, 0x03, 0x18, 0x55, 0x8B, + 0x98, 0xFE, 0xB1, 0xF6, 0xD0, 0x3D, 0xFA, 0x63, 0xC0, 0x38, + 0x19, 0xC7, 0x00, 0xEF, 0x4D, 0x99, 0x60, 0xB4, 0xBA, 0xCE, + 0xE3, 0xCE, 0xD9, 0x6B, 0x2D, 0x76, 0x94, 0xFF, 0xFB, 0x77, + 0x18, 0x4A, 0xFE, 0x65, 0xF0, 0x0A, 0x91, 0x5C, 0x3B, 0x22, + 0x94, 0x85, 0xD0, 0x20, 0x18, 0x59, 0x2E, 0xA5, 0x33, 0x03, + 0xAC, 0x1B, 0x5F, 0x78, 0x32, 0x11, 0x25, 0xEE, 0x7F, 0x96, + 0x21, 0xA9, 0xD6, 0x76, 0x97, 0x8D, 0x66, 0x7E, 0xB2, 0x91, + 0xD0, 0x36, 0x2E, 0xA3, 0x1D, 0xBF, 0xF1, 0x85, 0xED, 0xC0, + 0x3E, 0x60, 0xB8, 0x5A, 0x9F, 0xAB, 0x80, 0xE0, 0xEA, 0x5D, + 0x5F, 0x75, 0x56, 0xC7, 0x4D, 0x51, 0x8E, 0xD4, 0x1F, 0x34, + 0xA6, 0x36, 0xF1, 0x30, 0x1F, 0x51, 0x99, 0x2F, 0x02, 0x03, + 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x00, 0x52, 0x11, 0x33, + 0x40, 0xC5, 0xD9, 0x64, 0x65, 0xB5, 0xE0, 0x0A, 0xA5, 0x19, + 0x8E, 0xED, 0x44, 0x54, 0x0C, 0x35, 0xB7, 0xAC, 0x21, 0x9B, + 0xE1, 0x7E, 0x37, 0x05, 0x9A, 0x20, 0x73, 0x6B, 0xAF, 0x63, + 0x4B, 0x23, 0x30, 0xDC, 0x37, 0x66, 0x14, 0x89, 0xBC, 0xE0, + 0xF8, 0xA0, 0x5D, 0x2D, 0x57, 0x65, 0xE0, 0xC6, 0xD6, 0x9B, + 0x66, 0x27, 0x62, 0xEC, 0xC3, 0xB8, 0x8C, 0xD8, 0xAE, 0xB5, + 0xC9, 0xBF, 0x0E, 0xFE, 0x84, 0x72, 0x68, 0xD5, 0x47, 0x0E, + 0x0E, 0xF8, 0xAE, 0x9D, 0x56, 0xAC, 0x4F, 0xAD, 0x88, 0xA0, + 0xA2, 0xF6, 0xFC, 0x38, 0xCD, 0x96, 0x5B, 0x5E, 0x7E, 0xB6, + 0x98, 0xBB, 0xF3, 0x8A, 0xEC, 0xFA, 0xC8, 0xB7, 0x90, 0x75, + 0xA0, 0x0E, 0x77, 0x6B, 0xFD, 0x59, 0x45, 0x5A, 0x0C, 0xFF, + 0x95, 0x8D, 0xCE, 0xFE, 0x9B, 0xF6, 0x19, 0x8E, 0x0B, 0xA1, + 0x0C, 0xEE, 0xC6, 0x79, 0xDD, 0x9D, 0x61, 0x85, 0x5C, 0x19, + 0x6C, 0x47, 0xCC, 0x08, 0xFF, 0xA5, 0x62, 0xDB, 0xE4, 0x2D, + 0x2D, 0xDD, 0x14, 0x67, 0xD6, 0x4A, 0x64, 0x2A, 0x66, 0x49, + 0x54, 0x9C, 0xE3, 0x85, 0x18, 0xE7, 0x31, 0x42, 0xE2, 0xD0, + 0x2C, 0x20, 0xA0, 0x74, 0x0F, 0x1F, 0x20, 0x89, 0xBA, 0xAB, + 0x80, 0xD8, 0x38, 0xD9, 0x46, 0x69, 0xBB, 0xEF, 0xCC, 0x8B, + 0xA1, 0x73, 0xA7, 0xF2, 0xE4, 0x38, 0x5D, 0xD6, 0x75, 0x9F, + 0x88, 0x0E, 0x56, 0xCD, 0xD8, 0x84, 0x59, 0x29, 0x73, 0xF5, + 0xA1, 0x79, 0xDA, 0x7A, 0x1F, 0xBF, 0x73, 0x83, 0xC0, 0x6D, + 0x9F, 0x8B, 0x34, 0x15, 0xC0, 0x6D, 0x69, 0x6A, 0x20, 0xE6, + 0x51, 0xCF, 0x45, 0x6E, 0xCC, 0x05, 0xC4, 0x3A, 0xC0, 0x9E, + 0xAA, 0xC1, 0x06, 0x2F, 0xAB, 0x99, 0x30, 0xE1, 0x6E, 0x9D, + 0x45, 0x7A, 0xFF, 0xA9, 0xCE, 0x70, 0xB8, 0x16, 0x1A, 0x0E, + 0x20, 0xFA, 0xC1, 0x02, 0x81, 0x81, 0x00, 0xFF, 0x30, 0x11, + 0xC2, 0x3C, 0x6B, 0xB4, 0xD6, 0x9E, 0x6B, 0xC1, 0x93, 0xD1, + 0x48, 0xCE, 0x80, 0x2D, 0xBE, 0xAF, 0xF7, 0xBA, 0xB2, 0xD7, + 0xC3, 0xC4, 0x53, 0x6E, 0x15, 0x02, 0xAA, 0x61, 0xB9, 0xEA, + 0x05, 0x9B, 0x79, 0x67, 0x0B, 0xCE, 0xD9, 0xFB, 0x98, 0x8C, + 0x1D, 0x6B, 0xF4, 0x5A, 0xA7, 0xA0, 0x5E, 0x54, 0x18, 0xE9, + 0x31, 0x44, 0x7C, 0xC7, 0x52, 0xD8, 0x6D, 0xA0, 0x3E, 0xD6, + 0x14, 0x2D, 0x7B, 0x15, 0x9D, 0x1E, 0x39, 0x87, 0x96, 0xDD, + 0xA8, 0x33, 0x55, 0x2A, 0x8E, 0x32, 0xC0, 0xC4, 0xE5, 0xB8, + 0xCB, 0xCD, 0x32, 0x8D, 0xAD, 0x7B, 0xE5, 0xC6, 0x7E, 0x4D, + 0x6F, 0xF3, 0xA4, 0xC5, 0xA6, 0x40, 0xBE, 0x90, 0x3A, 0x33, + 0x6A, 0x24, 0xB2, 0x80, 0x81, 0x12, 0xAC, 0xE3, 0x7B, 0x26, + 0x63, 0xCF, 0x88, 0xB9, 0xFF, 0x74, 0x23, 0x37, 0x52, 0xF0, + 0xC4, 0x27, 0x5D, 0x45, 0x1F, 0x02, 0x81, 0x81, 0x00, 0xEA, + 0x48, 0xA7, 0xDD, 0x73, 0x41, 0x56, 0x21, 0x15, 0xF7, 0x42, + 0x45, 0x4D, 0xA9, 0xE1, 0x66, 0x5B, 0xBD, 0x25, 0x7D, 0xF7, + 0xA8, 0x65, 0x13, 0xAE, 0x2D, 0x38, 0x11, 0xCD, 0x93, 0xFC, + 0x30, 0xA3, 0x2C, 0x44, 0xBB, 0xCF, 0xD0, 0x21, 0x8F, 0xFB, + 0xC1, 0xF9, 0xAD, 0x1D, 0xEE, 0x96, 0xCF, 0x97, 0x49, 0x60, + 0x53, 0x80, 0xA5, 0xA2, 0xF8, 0xEE, 0xB9, 0xD5, 0x77, 0x44, + 0xDD, 0xFD, 0x19, 0x2A, 0xF1, 0x81, 0xF4, 0xD9, 0x3C, 0xEC, + 0x73, 0xD0, 0x2A, 0xD8, 0x3C, 0x27, 0x87, 0x79, 0x12, 0x86, + 0xE7, 0x57, 0x0C, 0x59, 0xD1, 0x44, 0x55, 0xAE, 0xC3, 0x4D, + 0x42, 0xAD, 0xA9, 0xB3, 0x28, 0x61, 0xB4, 0x9C, 0xA6, 0x63, + 0xD3, 0x96, 0xB1, 0x75, 0x9F, 0x2A, 0x78, 0x99, 0xE3, 0x1E, + 0x71, 0x47, 0x39, 0xF4, 0x52, 0xE3, 0x66, 0xF1, 0xEB, 0x7F, + 0xEF, 0xC6, 0x81, 0x93, 0x4C, 0x99, 0xF1, 0x02, 0x81, 0x81, + 0x00, 0xC5, 0xB6, 0x20, 0x8C, 0x34, 0xF3, 0xDD, 0xF0, 0x4A, + 0x5D, 0x82, 0x65, 0x5C, 0x48, 0xE4, 0x75, 0x3A, 0xFB, 0xFA, + 0xAA, 0x1C, 0xE4, 0x63, 0x77, 0x31, 0xAC, 0xD2, 0x25, 0x45, + 0x23, 0x6D, 0x03, 0xF5, 0xE4, 0xD2, 0x48, 0x85, 0x26, 0x08, + 0xE5, 0xAA, 0xA0, 0xCE, 0x2E, 0x1D, 0x6D, 0xFC, 0xAE, 0xD2, + 0xF9, 0x42, 0x7E, 0xEA, 0x6D, 0x59, 0x7A, 0xB3, 0x93, 0xE4, + 0x4B, 0x4B, 0x54, 0x63, 0xD8, 0xCE, 0x44, 0x06, 0xC2, 0xEC, + 0x9F, 0xF6, 0x05, 0x55, 0x46, 0xF4, 0x3E, 0x8F, 0xF2, 0x0C, + 0x30, 0x7E, 0x5C, 0xDD, 0x88, 0x49, 0x3B, 0x59, 0xB9, 0x87, + 0xBC, 0xC6, 0xC5, 0x24, 0x8A, 0x10, 0x63, 0x21, 0x1F, 0x66, + 0x1A, 0x3E, 0xF4, 0x58, 0xD1, 0x6C, 0x0D, 0x40, 0xB2, 0xC0, + 0x1D, 0x63, 0x42, 0x0E, 0xC4, 0x56, 0x0E, 0xC0, 0xCC, 0xC2, + 0xD6, 0x66, 0x0E, 0xC4, 0xAB, 0xB5, 0x33, 0xF6, 0x51, 0x02, + 0x81, 0x80, 0x19, 0x7E, 0xE6, 0xA5, 0xB6, 0xD1, 0x39, 0x6A, + 0x48, 0x55, 0xAC, 0x24, 0x96, 0x9B, 0x12, 0x28, 0x6D, 0x7B, + 0x5C, 0x05, 0x25, 0x5A, 0x72, 0x05, 0x7E, 0x42, 0xF5, 0x83, + 0x1A, 0x78, 0x2C, 0x4D, 0xAE, 0xB4, 0x36, 0x96, 0xA9, 0xBA, + 0xE0, 0xAC, 0x26, 0x9D, 0xA9, 0x6A, 0x29, 0x83, 0xB9, 0x6D, + 0xC5, 0xEC, 0xFA, 0x4A, 0x9C, 0x09, 0x6A, 0x7E, 0xE4, 0x9B, + 0xDC, 0x9B, 0x2A, 0x27, 0x6E, 0x4F, 0xBA, 0xD8, 0xA5, 0x67, + 0xDB, 0xEC, 0x41, 0x5F, 0x29, 0x1C, 0x40, 0x83, 0xEB, 0x59, + 0x56, 0xD7, 0xA9, 0x4E, 0xAB, 0xAE, 0x70, 0x67, 0xD1, 0xA3, + 0xF1, 0x6C, 0xD7, 0x8F, 0x96, 0x0E, 0x8D, 0xAC, 0xAB, 0x55, + 0x58, 0x66, 0xD3, 0x1E, 0x47, 0x9B, 0xF0, 0x4C, 0xED, 0xF6, + 0x49, 0xE8, 0xE9, 0x7B, 0x32, 0x61, 0x20, 0x31, 0x95, 0x05, + 0xB2, 0xF6, 0x09, 0xEA, 0x32, 0x14, 0x0F, 0xCF, 0x9A, 0x41, + 0x02, 0x81, 0x80, 0x77, 0x3F, 0xB6, 0x14, 0x8D, 0xC5, 0x13, + 0x08, 0x7E, 0xC9, 0xC4, 0xEA, 0xD4, 0xBA, 0x0D, 0xA4, 0x9E, + 0xB3, 0x6E, 0xDE, 0x1A, 0x7A, 0xF8, 0x89, 0x88, 0xEF, 0x36, + 0x3C, 0x11, 0xBC, 0x83, 0xE8, 0x30, 0x6C, 0x81, 0x7C, 0x47, + 0xF3, 0x4D, 0xCA, 0xEA, 0x56, 0x01, 0x62, 0x55, 0x2E, 0x4B, + 0x89, 0xA9, 0xBD, 0x6F, 0x01, 0xF6, 0x74, 0x02, 0xAA, 0xE3, + 0x84, 0x66, 0x06, 0x95, 0x34, 0xA1, 0xE2, 0xCA, 0x65, 0xFE, + 0xA3, 0x2D, 0x43, 0x97, 0x95, 0x6C, 0x6F, 0xD5, 0xB4, 0x38, + 0xF6, 0xF9, 0x95, 0x30, 0xFA, 0xF8, 0x9C, 0x25, 0x2B, 0xB6, + 0x14, 0x51, 0xCC, 0x2E, 0xB3, 0x5B, 0xD6, 0xDC, 0x1A, 0xEC, + 0x2D, 0x09, 0x5B, 0x3F, 0x3A, 0xD0, 0xB8, 0x4E, 0x27, 0x1F, + 0xDC, 0x2A, 0xEE, 0xAC, 0xA9, 0x59, 0x5D, 0x07, 0x63, 0x11, + 0x83, 0x0B, 0xD4, 0x74, 0x80, 0xB6, 0x7D, 0x62, 0x45, 0xBF, + 0x56 +}; +const int sizeof_rsa_key_der_2048 = sizeof(rsa_key_der_2048); + +/* ./certs/ca-cert.der, 2048-bit */ +const unsigned char ca_cert_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xAA, 0x30, 0x82, 0x03, 0x92, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x09, 0x00, 0x9A, 0x41, 0x47, 0xCD, + 0xA1, 0x14, 0x62, 0x8C, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x30, + 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, + 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, + 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, + 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, + 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, + 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, + 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, + 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, + 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, + 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, + 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, + 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x34, 0x30, 0x37, 0x31, 0x31, + 0x30, 0x33, 0x32, 0x30, 0x30, 0x38, 0x5A, 0x17, 0x0D, 0x31, + 0x37, 0x30, 0x34, 0x30, 0x36, 0x30, 0x33, 0x32, 0x30, 0x30, + 0x38, 0x5A, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, + 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, + 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, + 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, + 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, + 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, + 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, + 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, + 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, + 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, + 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, + 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, + 0x63, 0x6F, 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, + 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, + 0x05, 0x00, 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, + 0x0A, 0x02, 0x82, 0x01, 0x01, 0x00, 0xBF, 0x0C, 0xCA, 0x2D, + 0x14, 0xB2, 0x1E, 0x84, 0x42, 0x5B, 0xCD, 0x38, 0x1F, 0x4A, + 0xF2, 0x4D, 0x75, 0x10, 0xF1, 0xB6, 0x35, 0x9F, 0xDF, 0xCA, + 0x7D, 0x03, 0x98, 0xD3, 0xAC, 0xDE, 0x03, 0x66, 0xEE, 0x2A, + 0xF1, 0xD8, 0xB0, 0x7D, 0x6E, 0x07, 0x54, 0x0B, 0x10, 0x98, + 0x21, 0x4D, 0x80, 0xCB, 0x12, 0x20, 0xE7, 0xCC, 0x4F, 0xDE, + 0x45, 0x7D, 0xC9, 0x72, 0x77, 0x32, 0xEA, 0xCA, 0x90, 0xBB, + 0x69, 0x52, 0x10, 0x03, 0x2F, 0xA8, 0xF3, 0x95, 0xC5, 0xF1, + 0x8B, 0x62, 0x56, 0x1B, 0xEF, 0x67, 0x6F, 0xA4, 0x10, 0x41, + 0x95, 0xAD, 0x0A, 0x9B, 0xE3, 0xA5, 0xC0, 0xB0, 0xD2, 0x70, + 0x76, 0x50, 0x30, 0x5B, 0xA8, 0xE8, 0x08, 0x2C, 0x7C, 0xED, + 0xA7, 0xA2, 0x7A, 0x8D, 0x38, 0x29, 0x1C, 0xAC, 0xC7, 0xED, + 0xF2, 0x7C, 0x95, 0xB0, 0x95, 0x82, 0x7D, 0x49, 0x5C, 0x38, + 0xCD, 0x77, 0x25, 0xEF, 0xBD, 0x80, 0x75, 0x53, 0x94, 0x3C, + 0x3D, 0xCA, 0x63, 0x5B, 0x9F, 0x15, 0xB5, 0xD3, 0x1D, 0x13, + 0x2F, 0x19, 0xD1, 0x3C, 0xDB, 0x76, 0x3A, 0xCC, 0xB8, 0x7D, + 0xC9, 0xE5, 0xC2, 0xD7, 0xDA, 0x40, 0x6F, 0xD8, 0x21, 0xDC, + 0x73, 0x1B, 0x42, 0x2D, 0x53, 0x9C, 0xFE, 0x1A, 0xFC, 0x7D, + 0xAB, 0x7A, 0x36, 0x3F, 0x98, 0xDE, 0x84, 0x7C, 0x05, 0x67, + 0xCE, 0x6A, 0x14, 0x38, 0x87, 0xA9, 0xF1, 0x8C, 0xB5, 0x68, + 0xCB, 0x68, 0x7F, 0x71, 0x20, 0x2B, 0xF5, 0xA0, 0x63, 0xF5, + 0x56, 0x2F, 0xA3, 0x26, 0xD2, 0xB7, 0x6F, 0xB1, 0x5A, 0x17, + 0xD7, 0x38, 0x99, 0x08, 0xFE, 0x93, 0x58, 0x6F, 0xFE, 0xC3, + 0x13, 0x49, 0x08, 0x16, 0x0B, 0xA7, 0x4D, 0x67, 0x00, 0x52, + 0x31, 0x67, 0x23, 0x4E, 0x98, 0xED, 0x51, 0x45, 0x1D, 0xB9, + 0x04, 0xD9, 0x0B, 0xEC, 0xD8, 0x28, 0xB3, 0x4B, 0xBD, 0xED, + 0x36, 0x79, 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, + 0x30, 0x81, 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, + 0x04, 0x16, 0x04, 0x14, 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, + 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, + 0x30, 0xE5, 0xE8, 0xD5, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, + 0x1D, 0x23, 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, + 0x27, 0x8E, 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, + 0x33, 0x63, 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, + 0xA1, 0x81, 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, + 0x0B, 0x30, 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, + 0x55, 0x53, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, + 0x08, 0x0C, 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, + 0x07, 0x42, 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, + 0x30, 0x0F, 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, + 0x61, 0x77, 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, + 0x11, 0x06, 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, + 0x6E, 0x73, 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, + 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, + 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, + 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, + 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, + 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, + 0x9A, 0x41, 0x47, 0xCD, 0xA1, 0x14, 0x62, 0x8C, 0x30, 0x0C, + 0x06, 0x03, 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, + 0x01, 0xFF, 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, + 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, + 0x01, 0x00, 0x79, 0x78, 0x0C, 0x6D, 0x79, 0x88, 0x91, 0xFC, + 0x3A, 0x15, 0x9C, 0xF9, 0x27, 0x62, 0x16, 0xF0, 0x21, 0x1F, + 0xFA, 0x7D, 0x3F, 0xA2, 0xA8, 0x32, 0x1E, 0xF7, 0xF2, 0x11, + 0xA9, 0x74, 0x16, 0x74, 0x5E, 0xDC, 0x18, 0xCA, 0xF0, 0x00, + 0x2A, 0xD5, 0x03, 0x06, 0x26, 0x30, 0xF1, 0x47, 0x83, 0xFD, + 0x32, 0x6E, 0xFC, 0xED, 0xAA, 0x4F, 0x7D, 0x0C, 0x63, 0x60, + 0x31, 0x2F, 0x7C, 0x0C, 0xBF, 0x99, 0x66, 0x87, 0xED, 0x27, + 0x08, 0x86, 0x2D, 0xC4, 0x33, 0xE8, 0x98, 0x23, 0x1C, 0xFE, + 0xA3, 0xDB, 0x9A, 0x49, 0x4E, 0xFC, 0x5A, 0x42, 0xEF, 0x71, + 0xC3, 0x3F, 0xAD, 0xDC, 0x4A, 0xA8, 0xD2, 0xA3, 0x1D, 0x09, + 0xAC, 0x33, 0x04, 0x7B, 0x86, 0xF3, 0x6D, 0x00, 0x59, 0xA3, + 0xC8, 0xDB, 0xD1, 0x3C, 0x73, 0xF6, 0x0E, 0x90, 0xD6, 0x5E, + 0x49, 0xE0, 0xBF, 0x36, 0x63, 0x08, 0x7B, 0xA5, 0xB0, 0x8F, + 0x35, 0x3B, 0x56, 0x8C, 0x11, 0x35, 0x49, 0x04, 0x1C, 0xD0, + 0xE7, 0xBA, 0x56, 0xC5, 0x0D, 0x0A, 0x91, 0x8D, 0xD6, 0xB7, + 0x62, 0x19, 0x34, 0x12, 0x52, 0x4C, 0xD2, 0x6D, 0x7C, 0xC5, + 0x3D, 0x0F, 0x18, 0x81, 0x54, 0xCB, 0xF6, 0x3C, 0xE5, 0x84, + 0xD2, 0xD6, 0x71, 0x15, 0xEC, 0x1A, 0x34, 0x0B, 0xF0, 0xA0, + 0x21, 0x74, 0x43, 0xC8, 0xA3, 0xB0, 0xDF, 0xD9, 0x67, 0xDA, + 0xE2, 0xAD, 0x93, 0x48, 0xF8, 0xA0, 0x87, 0xBD, 0x79, 0x14, + 0xE0, 0x62, 0x0A, 0xDF, 0xF7, 0x31, 0x2E, 0x31, 0x7B, 0xD1, + 0x32, 0x2A, 0x0A, 0xFE, 0x5D, 0x14, 0xEF, 0xD9, 0x64, 0x50, + 0xE4, 0x83, 0x91, 0xBC, 0x70, 0x0D, 0xD7, 0x88, 0x8D, 0xD9, + 0xBC, 0x84, 0x0E, 0xC5, 0x1A, 0xB3, 0xBF, 0x64, 0x02, 0x4E, + 0x51, 0x91, 0xA4, 0xA2, 0x85, 0x15, 0x83, 0xAF, 0xF0, 0x5B, + 0x9B, 0x28, 0x49, 0x5F, 0xB2, 0xB3, 0x03, 0xD8 +}; +const int sizeof_ca_cert_der_2048 = sizeof(ca_cert_der_2048); + +/* ./certs/server-key.der, 2048-bit */ +const unsigned char server_key_der_2048[] = +{ + 0x30, 0x82, 0x04, 0xA5, 0x02, 0x01, 0x00, 0x02, 0x82, 0x01, + 0x01, 0x00, 0xC0, 0x95, 0x08, 0xE1, 0x57, 0x41, 0xF2, 0x71, + 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27, 0x01, 0x65, 0xC6, 0x45, + 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, 0x2F, 0x4E, + 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, 0xA8, 0x67, + 0x7F, 0xFE, 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, 0xCA, 0x07, + 0xE7, 0x35, 0x2F, 0x8F, 0xE1, 0xBD, 0x7B, 0xC0, 0x2F, 0x7C, + 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B, 0xBA, 0xE0, + 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, 0x95, 0x73, + 0xDA, 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, 0x19, 0x0D, + 0x25, 0x4F, 0xE1, 0x63, 0x63, 0x51, 0x8B, 0x0B, 0x64, 0x3F, + 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34, 0xB3, 0xAE, 0x00, + 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, 0x78, 0x73, + 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, 0x19, 0x01, + 0x2E, 0xB8, 0x10, 0xE3, 0xC6, 0xCC, 0x40, 0xB4, 0x69, 0xA3, + 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4, 0xBB, 0x17, 0xA6, 0xF3, + 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, 0xB5, 0xFD, + 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, 0x5F, 0x1C, + 0xBC, 0x23, 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, 0xD2, 0x10, + 0xB9, 0x64, 0xC3, 0x2A, 0xD0, 0xA1, 0x96, 0x4A, 0xBC, 0xE1, + 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63, 0x78, 0x0F, + 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, 0x95, 0xA1, + 0x77, 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, 0x25, 0xC9, + 0x6A, 0x0D, 0xC3, 0x39, 0x60, 0xA4, 0xB4, 0xB0, 0x69, 0x42, + 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, 0xB3, 0x58, + 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, 0x83, 0xC5, + 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, 0x02, 0x03, + 0x01, 0x00, 0x01, 0x02, 0x82, 0x01, 0x01, 0x00, 0x9A, 0xD0, + 0x34, 0x0F, 0x52, 0x62, 0x05, 0x50, 0x01, 0xEF, 0x9F, 0xED, + 0x64, 0x6E, 0xC2, 0xC4, 0xDA, 0x1A, 0xF2, 0x84, 0xD7, 0x92, + 0x10, 0x48, 0x92, 0xC4, 0xE9, 0x6A, 0xEB, 0x8B, 0x75, 0x6C, + 0xC6, 0x79, 0x38, 0xF2, 0xC9, 0x72, 0x4A, 0x86, 0x64, 0x54, + 0x95, 0x77, 0xCB, 0xC3, 0x9A, 0x9D, 0xB7, 0xD4, 0x1D, 0xA4, + 0x00, 0xC8, 0x9E, 0x4E, 0xE4, 0xDD, 0xC7, 0xBA, 0x67, 0x16, + 0xC1, 0x74, 0xBC, 0xA9, 0xD6, 0x94, 0x8F, 0x2B, 0x30, 0x1A, + 0xFB, 0xED, 0xDF, 0x21, 0x05, 0x23, 0xD9, 0x4A, 0x39, 0xBD, + 0x98, 0x6B, 0x65, 0x9A, 0xB8, 0xDC, 0xC4, 0x7D, 0xEE, 0xA6, + 0x43, 0x15, 0x2E, 0x3D, 0xBE, 0x1D, 0x22, 0x60, 0x2A, 0x73, + 0x30, 0xD5, 0x3E, 0xD8, 0xA2, 0xAC, 0x86, 0x43, 0x2E, 0xC4, + 0xF5, 0x64, 0x5E, 0x3F, 0x89, 0x75, 0x0F, 0x11, 0xD8, 0x51, + 0x25, 0x4E, 0x9F, 0xD8, 0xAA, 0xA3, 0xCE, 0x60, 0xB3, 0xE2, + 0x8A, 0xD9, 0x7E, 0x1B, 0xF0, 0x64, 0xCA, 0x9A, 0x5B, 0x05, + 0x0B, 0x5B, 0xAA, 0xCB, 0xE5, 0xE3, 0x3F, 0x6E, 0x32, 0x22, + 0x05, 0xF3, 0xD0, 0xFA, 0xEF, 0x74, 0x52, 0x81, 0xE2, 0x5F, + 0x74, 0xD3, 0xBD, 0xFF, 0x31, 0x83, 0x45, 0x75, 0xFA, 0x63, + 0x7A, 0x97, 0x2E, 0xD6, 0xB6, 0x19, 0xC6, 0x92, 0x26, 0xE4, + 0x28, 0x06, 0x50, 0x50, 0x0E, 0x78, 0x2E, 0xA9, 0x78, 0x0D, + 0x14, 0x97, 0xB4, 0x12, 0xD8, 0x31, 0x40, 0xAB, 0xA1, 0x01, + 0x41, 0xC2, 0x30, 0xF8, 0x07, 0x5F, 0x16, 0xE4, 0x61, 0x77, + 0xD2, 0x60, 0xF2, 0x9F, 0x8D, 0xE8, 0xF4, 0xBA, 0xEB, 0x63, + 0xDE, 0x2A, 0x97, 0x81, 0xEF, 0x4C, 0x6C, 0xE6, 0x55, 0x34, + 0x51, 0x2B, 0x28, 0x34, 0xF4, 0x53, 0x1C, 0xC4, 0x58, 0x0A, + 0x3F, 0xBB, 0xAF, 0xB5, 0xF7, 0x4A, 0x85, 0x43, 0x2D, 0x3C, + 0xF1, 0x58, 0x58, 0x81, 0x02, 0x81, 0x81, 0x00, 0xF2, 0x2C, + 0x54, 0x76, 0x39, 0x23, 0x63, 0xC9, 0x10, 0x32, 0xB7, 0x93, + 0xAD, 0xAF, 0xBE, 0x19, 0x75, 0x96, 0x81, 0x64, 0xE6, 0xB5, + 0xB8, 0x89, 0x42, 0x41, 0xD1, 0x6D, 0xD0, 0x1C, 0x1B, 0xF8, + 0x1B, 0xAC, 0x69, 0xCB, 0x36, 0x3C, 0x64, 0x7D, 0xDC, 0xF4, + 0x19, 0xB8, 0xC3, 0x60, 0xB1, 0x57, 0x48, 0x5F, 0x52, 0x4F, + 0x59, 0x3A, 0x55, 0x7F, 0x32, 0xC0, 0x19, 0x43, 0x50, 0x3F, + 0xAE, 0xCE, 0x6F, 0x17, 0xF3, 0x0E, 0x9F, 0x40, 0xCA, 0x4E, + 0xAD, 0x15, 0x3B, 0xC9, 0x79, 0xE9, 0xC0, 0x59, 0x38, 0x73, + 0x70, 0x9C, 0x0A, 0x7C, 0xC9, 0x3A, 0x48, 0x32, 0xA7, 0xD8, + 0x49, 0x75, 0x0A, 0x85, 0xC2, 0xC2, 0xFD, 0x15, 0x73, 0xDA, + 0x99, 0x09, 0x2A, 0x69, 0x9A, 0x9F, 0x0A, 0x71, 0xBF, 0xB0, + 0x04, 0xA6, 0x8C, 0x7A, 0x5A, 0x6F, 0x48, 0x5A, 0x54, 0x3B, + 0xC6, 0xB1, 0x53, 0x17, 0xDF, 0xE7, 0x02, 0x81, 0x81, 0x00, + 0xCB, 0x93, 0xDE, 0x77, 0x15, 0x5D, 0xB7, 0x5C, 0x5C, 0x7C, + 0xD8, 0x90, 0xA9, 0x98, 0x2D, 0xD6, 0x69, 0x0E, 0x63, 0xB3, + 0xA3, 0xDC, 0xA6, 0xCC, 0x8B, 0x6A, 0xA4, 0xA2, 0x12, 0x8C, + 0x8E, 0x7B, 0x48, 0x2C, 0xB2, 0x4B, 0x37, 0xDC, 0x06, 0x18, + 0x7D, 0xEA, 0xFE, 0x76, 0xA1, 0xD4, 0xA1, 0xE9, 0x3F, 0x0D, + 0xCD, 0x1B, 0x5F, 0xAF, 0x5F, 0x9E, 0x96, 0x5B, 0x5B, 0x0F, + 0xA1, 0x7C, 0xAF, 0xB3, 0x9B, 0x90, 0xDB, 0x57, 0x73, 0x3A, + 0xED, 0xB0, 0x23, 0x44, 0xAE, 0x41, 0x4F, 0x1F, 0x07, 0x42, + 0x13, 0x23, 0x4C, 0xCB, 0xFA, 0xF4, 0x14, 0xA4, 0xD5, 0xF7, + 0x9E, 0x36, 0x7C, 0x5B, 0x9F, 0xA8, 0x3C, 0xC1, 0x85, 0x5F, + 0x74, 0xD2, 0x39, 0x2D, 0xFF, 0xD0, 0x84, 0xDF, 0xFB, 0xB3, + 0x20, 0x7A, 0x2E, 0x9B, 0x17, 0xAE, 0xE6, 0xBA, 0x0B, 0xAE, + 0x5F, 0x53, 0xA4, 0x52, 0xED, 0x1B, 0xC4, 0x91, 0x02, 0x81, + 0x81, 0x00, 0xEC, 0x98, 0xDA, 0xBB, 0xD5, 0xFE, 0xF9, 0x52, + 0x4A, 0x7D, 0x02, 0x55, 0x49, 0x6F, 0x55, 0x6E, 0x52, 0x2F, + 0x84, 0xA3, 0x2B, 0xB3, 0x86, 0x62, 0xB3, 0x54, 0xD2, 0x63, + 0x52, 0xDA, 0xE3, 0x88, 0x76, 0xA0, 0xEF, 0x8B, 0x15, 0xA5, + 0xD3, 0x18, 0x14, 0x72, 0x77, 0x5E, 0xC7, 0xA3, 0x04, 0x1F, + 0x9E, 0x19, 0x62, 0xB5, 0x1B, 0x1B, 0x9E, 0xC3, 0xF2, 0xB5, + 0x32, 0xF9, 0x4C, 0xC1, 0xAA, 0xEB, 0x0C, 0x26, 0x7D, 0xD4, + 0x5F, 0x4A, 0x51, 0x5C, 0xA4, 0x45, 0x06, 0x70, 0x44, 0xA7, + 0x56, 0xC0, 0xD4, 0x22, 0x14, 0x76, 0x9E, 0xD8, 0x63, 0x50, + 0x89, 0x90, 0xD3, 0xE2, 0xBF, 0x81, 0x95, 0x92, 0x31, 0x41, + 0x87, 0x39, 0x1A, 0x43, 0x0B, 0x18, 0xA5, 0x53, 0x1F, 0x39, + 0x1A, 0x5F, 0x1F, 0x43, 0xBC, 0x87, 0x6A, 0xDF, 0x6E, 0xD3, + 0x22, 0x00, 0xFE, 0x22, 0x98, 0x70, 0x4E, 0x1A, 0x19, 0x29, + 0x02, 0x81, 0x81, 0x00, 0x8A, 0x41, 0x56, 0x28, 0x51, 0x9E, + 0x5F, 0xD4, 0x9E, 0x0B, 0x3B, 0x98, 0xA3, 0x54, 0xF2, 0x6C, + 0x56, 0xD4, 0xAA, 0xE9, 0x69, 0x33, 0x85, 0x24, 0x0C, 0xDA, + 0xD4, 0x0C, 0x2D, 0xC4, 0xBF, 0x4F, 0x02, 0x69, 0x38, 0x7C, + 0xD4, 0xE6, 0xDC, 0x4C, 0xED, 0xD7, 0x16, 0x11, 0xC3, 0x3E, + 0x00, 0xE7, 0xC3, 0x26, 0xC0, 0x51, 0x02, 0xDE, 0xBB, 0x75, + 0x9C, 0x6F, 0x56, 0x9C, 0x7A, 0xF3, 0x8E, 0xEF, 0xCF, 0x8A, + 0xC5, 0x2B, 0xD2, 0xDA, 0x06, 0x6A, 0x44, 0xC9, 0x73, 0xFE, + 0x6E, 0x99, 0x87, 0xF8, 0x5B, 0xBE, 0xF1, 0x7C, 0xE6, 0x65, + 0xB5, 0x4F, 0x6C, 0xF0, 0xC9, 0xC5, 0xFF, 0x16, 0xCA, 0x8B, + 0x1B, 0x17, 0xE2, 0x58, 0x3D, 0xA2, 0x37, 0xAB, 0x01, 0xBC, + 0xBF, 0x40, 0xCE, 0x53, 0x8C, 0x8E, 0xED, 0xEF, 0xEE, 0x59, + 0x9D, 0xE0, 0x63, 0xE6, 0x7C, 0x5E, 0xF5, 0x8E, 0x4B, 0xF1, + 0x3B, 0xC1, 0x02, 0x81, 0x80, 0x4D, 0x45, 0xF9, 0x40, 0x8C, + 0xC5, 0x5B, 0xF4, 0x2A, 0x1A, 0x8A, 0xB4, 0xF2, 0x1C, 0xAC, + 0x6B, 0xE9, 0x0C, 0x56, 0x36, 0xB7, 0x4E, 0x72, 0x96, 0xD5, + 0xE5, 0x8A, 0xD2, 0xE2, 0xFF, 0xF1, 0xF1, 0x18, 0x13, 0x3D, + 0x86, 0x09, 0xB8, 0xD8, 0x76, 0xA7, 0xC9, 0x1C, 0x71, 0x52, + 0x94, 0x30, 0x43, 0xE0, 0xF1, 0x78, 0x74, 0xFD, 0x61, 0x1B, + 0x4C, 0x09, 0xCC, 0xE6, 0x68, 0x2A, 0x71, 0xAD, 0x1C, 0xDF, + 0x43, 0xBC, 0x56, 0xDB, 0xA5, 0xA4, 0xBE, 0x35, 0x70, 0xA4, + 0x5E, 0xCF, 0x4F, 0xFC, 0x00, 0x55, 0x99, 0x3A, 0x3D, 0x23, + 0xCF, 0x67, 0x5A, 0xF5, 0x22, 0xF8, 0xB5, 0x29, 0xD0, 0x44, + 0x11, 0xEB, 0x35, 0x2E, 0x46, 0xBE, 0xFD, 0x8E, 0x18, 0xB2, + 0x5F, 0xA8, 0xBF, 0x19, 0x32, 0xA1, 0xF5, 0xDC, 0x03, 0xE6, + 0x7C, 0x9A, 0x1F, 0x0C, 0x7C, 0xA9, 0xB0, 0x0E, 0x21, 0x37, + 0x3B, 0xF1, 0xB0 +}; +const int sizeof_server_key_der_2048 = sizeof(server_key_der_2048); + +/* ./certs/server-cert.der, 2048-bit */ +const unsigned char server_cert_der_2048[] = +{ + 0x30, 0x82, 0x04, 0x9E, 0x30, 0x82, 0x03, 0x86, 0xA0, 0x03, + 0x02, 0x01, 0x02, 0x02, 0x01, 0x01, 0x30, 0x0D, 0x06, 0x09, + 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x05, 0x05, + 0x00, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, 0x09, 0x06, 0x03, + 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, 0x31, 0x10, 0x30, + 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, 0x07, 0x4D, 0x6F, + 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, 0x30, 0x0E, 0x06, + 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, 0x6F, 0x7A, 0x65, + 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, 0x06, 0x03, 0x55, + 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, 0x74, 0x6F, 0x6F, + 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, 0x03, 0x55, 0x04, + 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, 0x75, 0x6C, 0x74, + 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, + 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, + 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, + 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, + 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, + 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x30, 0x1E, 0x17, 0x0D, 0x31, 0x34, 0x30, 0x37, + 0x31, 0x31, 0x31, 0x37, 0x32, 0x30, 0x31, 0x34, 0x5A, 0x17, + 0x0D, 0x31, 0x37, 0x30, 0x34, 0x30, 0x36, 0x31, 0x37, 0x32, + 0x30, 0x31, 0x34, 0x5A, 0x30, 0x81, 0x90, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x10, 0x30, 0x0E, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x07, 0x77, 0x6F, 0x6C, + 0x66, 0x53, 0x53, 0x4C, 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, + 0x55, 0x04, 0x0B, 0x0C, 0x07, 0x53, 0x75, 0x70, 0x70, 0x6F, + 0x72, 0x74, 0x31, 0x18, 0x30, 0x16, 0x06, 0x03, 0x55, 0x04, + 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, 0x2E, 0x77, 0x6F, 0x6C, + 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x31, 0x1F, + 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, 0x6E, 0x66, 0x6F, 0x40, + 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, 0x6F, + 0x6D, 0x30, 0x82, 0x01, 0x22, 0x30, 0x0D, 0x06, 0x09, 0x2A, + 0x86, 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x01, 0x01, 0x05, 0x00, + 0x03, 0x82, 0x01, 0x0F, 0x00, 0x30, 0x82, 0x01, 0x0A, 0x02, + 0x82, 0x01, 0x01, 0x00, 0xC0, 0x95, 0x08, 0xE1, 0x57, 0x41, + 0xF2, 0x71, 0x6D, 0xB7, 0xD2, 0x45, 0x41, 0x27, 0x01, 0x65, + 0xC6, 0x45, 0xAE, 0xF2, 0xBC, 0x24, 0x30, 0xB8, 0x95, 0xCE, + 0x2F, 0x4E, 0xD6, 0xF6, 0x1C, 0x88, 0xBC, 0x7C, 0x9F, 0xFB, + 0xA8, 0x67, 0x7F, 0xFE, 0x5C, 0x9C, 0x51, 0x75, 0xF7, 0x8A, + 0xCA, 0x07, 0xE7, 0x35, 0x2F, 0x8F, 0xE1, 0xBD, 0x7B, 0xC0, + 0x2F, 0x7C, 0xAB, 0x64, 0xA8, 0x17, 0xFC, 0xCA, 0x5D, 0x7B, + 0xBA, 0xE0, 0x21, 0xE5, 0x72, 0x2E, 0x6F, 0x2E, 0x86, 0xD8, + 0x95, 0x73, 0xDA, 0xAC, 0x1B, 0x53, 0xB9, 0x5F, 0x3F, 0xD7, + 0x19, 0x0D, 0x25, 0x4F, 0xE1, 0x63, 0x63, 0x51, 0x8B, 0x0B, + 0x64, 0x3F, 0xAD, 0x43, 0xB8, 0xA5, 0x1C, 0x5C, 0x34, 0xB3, + 0xAE, 0x00, 0xA0, 0x63, 0xC5, 0xF6, 0x7F, 0x0B, 0x59, 0x68, + 0x78, 0x73, 0xA6, 0x8C, 0x18, 0xA9, 0x02, 0x6D, 0xAF, 0xC3, + 0x19, 0x01, 0x2E, 0xB8, 0x10, 0xE3, 0xC6, 0xCC, 0x40, 0xB4, + 0x69, 0xA3, 0x46, 0x33, 0x69, 0x87, 0x6E, 0xC4, 0xBB, 0x17, + 0xA6, 0xF3, 0xE8, 0xDD, 0xAD, 0x73, 0xBC, 0x7B, 0x2F, 0x21, + 0xB5, 0xFD, 0x66, 0x51, 0x0C, 0xBD, 0x54, 0xB3, 0xE1, 0x6D, + 0x5F, 0x1C, 0xBC, 0x23, 0x73, 0xD1, 0x09, 0x03, 0x89, 0x14, + 0xD2, 0x10, 0xB9, 0x64, 0xC3, 0x2A, 0xD0, 0xA1, 0x96, 0x4A, + 0xBC, 0xE1, 0xD4, 0x1A, 0x5B, 0xC7, 0xA0, 0xC0, 0xC1, 0x63, + 0x78, 0x0F, 0x44, 0x37, 0x30, 0x32, 0x96, 0x80, 0x32, 0x23, + 0x95, 0xA1, 0x77, 0xBA, 0x13, 0xD2, 0x97, 0x73, 0xE2, 0x5D, + 0x25, 0xC9, 0x6A, 0x0D, 0xC3, 0x39, 0x60, 0xA4, 0xB4, 0xB0, + 0x69, 0x42, 0x42, 0x09, 0xE9, 0xD8, 0x08, 0xBC, 0x33, 0x20, + 0xB3, 0x58, 0x22, 0xA7, 0xAA, 0xEB, 0xC4, 0xE1, 0xE6, 0x61, + 0x83, 0xC5, 0xD2, 0x96, 0xDF, 0xD9, 0xD0, 0x4F, 0xAD, 0xD7, + 0x02, 0x03, 0x01, 0x00, 0x01, 0xA3, 0x81, 0xFC, 0x30, 0x81, + 0xF9, 0x30, 0x1D, 0x06, 0x03, 0x55, 0x1D, 0x0E, 0x04, 0x16, + 0x04, 0x14, 0xB3, 0x11, 0x32, 0xC9, 0x92, 0x98, 0x84, 0xE2, + 0xC9, 0xF8, 0xD0, 0x3B, 0x6E, 0x03, 0x42, 0xCA, 0x1F, 0x0E, + 0x8E, 0x3C, 0x30, 0x81, 0xC9, 0x06, 0x03, 0x55, 0x1D, 0x23, + 0x04, 0x81, 0xC1, 0x30, 0x81, 0xBE, 0x80, 0x14, 0x27, 0x8E, + 0x67, 0x11, 0x74, 0xC3, 0x26, 0x1D, 0x3F, 0xED, 0x33, 0x63, + 0xB3, 0xA4, 0xD8, 0x1D, 0x30, 0xE5, 0xE8, 0xD5, 0xA1, 0x81, + 0x9A, 0xA4, 0x81, 0x97, 0x30, 0x81, 0x94, 0x31, 0x0B, 0x30, + 0x09, 0x06, 0x03, 0x55, 0x04, 0x06, 0x13, 0x02, 0x55, 0x53, + 0x31, 0x10, 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x08, 0x0C, + 0x07, 0x4D, 0x6F, 0x6E, 0x74, 0x61, 0x6E, 0x61, 0x31, 0x10, + 0x30, 0x0E, 0x06, 0x03, 0x55, 0x04, 0x07, 0x0C, 0x07, 0x42, + 0x6F, 0x7A, 0x65, 0x6D, 0x61, 0x6E, 0x31, 0x11, 0x30, 0x0F, + 0x06, 0x03, 0x55, 0x04, 0x0A, 0x0C, 0x08, 0x53, 0x61, 0x77, + 0x74, 0x6F, 0x6F, 0x74, 0x68, 0x31, 0x13, 0x30, 0x11, 0x06, + 0x03, 0x55, 0x04, 0x0B, 0x0C, 0x0A, 0x43, 0x6F, 0x6E, 0x73, + 0x75, 0x6C, 0x74, 0x69, 0x6E, 0x67, 0x31, 0x18, 0x30, 0x16, + 0x06, 0x03, 0x55, 0x04, 0x03, 0x0C, 0x0F, 0x77, 0x77, 0x77, + 0x2E, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, 0x6C, 0x2E, 0x63, + 0x6F, 0x6D, 0x31, 0x1F, 0x30, 0x1D, 0x06, 0x09, 0x2A, 0x86, + 0x48, 0x86, 0xF7, 0x0D, 0x01, 0x09, 0x01, 0x16, 0x10, 0x69, + 0x6E, 0x66, 0x6F, 0x40, 0x77, 0x6F, 0x6C, 0x66, 0x73, 0x73, + 0x6C, 0x2E, 0x63, 0x6F, 0x6D, 0x82, 0x09, 0x00, 0x9A, 0x41, + 0x47, 0xCD, 0xA1, 0x14, 0x62, 0x8C, 0x30, 0x0C, 0x06, 0x03, + 0x55, 0x1D, 0x13, 0x04, 0x05, 0x30, 0x03, 0x01, 0x01, 0xFF, + 0x30, 0x0D, 0x06, 0x09, 0x2A, 0x86, 0x48, 0x86, 0xF7, 0x0D, + 0x01, 0x01, 0x05, 0x05, 0x00, 0x03, 0x82, 0x01, 0x01, 0x00, + 0x3D, 0x8C, 0x70, 0x05, 0x5B, 0x62, 0x4B, 0xBF, 0x6C, 0xB6, + 0x48, 0x61, 0x01, 0x10, 0x1D, 0x5E, 0x05, 0xBA, 0x55, 0x94, + 0x2C, 0xAE, 0x59, 0x6F, 0x97, 0x80, 0x5D, 0x6C, 0x86, 0xEC, + 0x9A, 0xEB, 0x15, 0x45, 0x44, 0xE4, 0x56, 0xF8, 0x75, 0xCA, + 0x8A, 0x45, 0x32, 0xF4, 0xC7, 0xE1, 0xFA, 0xF2, 0x98, 0x1C, + 0x91, 0xD3, 0x3F, 0xE8, 0x0E, 0xC9, 0x1B, 0xFA, 0xE1, 0x79, + 0x99, 0x67, 0x0E, 0x0D, 0x6B, 0x8A, 0xEC, 0x1A, 0x2C, 0x59, + 0xC4, 0x34, 0x04, 0x8D, 0x39, 0x77, 0xCD, 0xB5, 0xE9, 0x60, + 0x5B, 0x82, 0xBF, 0x34, 0xCE, 0xED, 0xC6, 0x4F, 0x3F, 0xB4, + 0x5C, 0x4D, 0x8A, 0xB4, 0xF4, 0x0A, 0x04, 0x12, 0xA0, 0x56, + 0xC1, 0xE1, 0x33, 0x37, 0xA1, 0x54, 0x87, 0x48, 0xE9, 0x81, + 0xC2, 0x0F, 0x8F, 0x6F, 0xD3, 0x52, 0x4C, 0x4C, 0x32, 0x4C, + 0x6B, 0x9F, 0x3A, 0x04, 0x8F, 0x77, 0x5D, 0xAD, 0xDC, 0x3D, + 0x2B, 0xF2, 0xC9, 0xDF, 0x3C, 0x60, 0x5D, 0xD8, 0xFC, 0x86, + 0x72, 0x7C, 0x3D, 0xD0, 0x84, 0x4B, 0x8C, 0xDF, 0x26, 0x43, + 0xFE, 0xC0, 0xCC, 0x5B, 0xE1, 0x36, 0xB3, 0x3D, 0x32, 0x28, + 0xA3, 0xEF, 0x0C, 0x20, 0xD6, 0xB1, 0x50, 0x39, 0xD6, 0x67, + 0xA9, 0x8B, 0x84, 0xBC, 0x92, 0x34, 0xEB, 0x19, 0x23, 0xE8, + 0x10, 0x8F, 0xEA, 0xBD, 0x18, 0x8C, 0x93, 0x27, 0x3C, 0x74, + 0x75, 0x8E, 0x58, 0x04, 0xFA, 0x2A, 0x74, 0x44, 0x7D, 0xFC, + 0x4D, 0x39, 0xDF, 0x54, 0x17, 0xBA, 0x78, 0xE1, 0x5D, 0x6A, + 0x70, 0xD3, 0x7C, 0xA2, 0x80, 0x81, 0xE6, 0x19, 0x51, 0x91, + 0xC3, 0x44, 0x51, 0xEC, 0xBB, 0x88, 0xA9, 0x53, 0xE1, 0xD7, + 0xA9, 0x8C, 0x28, 0xF4, 0x21, 0x1C, 0x42, 0x51, 0x09, 0xB4, + 0x12, 0x6D, 0xA0, 0xD6, 0x25, 0x09, 0x85, 0xC6, 0x2A, 0x0C, + 0xAF, 0xA7, 0x58, 0xE6, 0x52, 0x8B +}; +const int sizeof_server_cert_der_2048 = sizeof(server_cert_der_2048); + +#endif /* USE_CERT_BUFFERS_1024 */ + +#endif /* CYASSL_CERTS_TEST_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/crl.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/crl.h index 5e2fa62b2..c3dbfd7c1 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/crl.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/crl.h @@ -1,6 +1,6 @@ /* crl.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,13 +16,16 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifndef CYASSL_CRL_H #define CYASSL_CRL_H + +#ifdef HAVE_CRL + #include #include @@ -33,7 +36,7 @@ typedef struct CYASSL_CRL CYASSL_CRL; CYASSL_LOCAL int InitCRL(CYASSL_CRL*, CYASSL_CERT_MANAGER*); -CYASSL_LOCAL void FreeCRL(CYASSL_CRL*); +CYASSL_LOCAL void FreeCRL(CYASSL_CRL*, int dynamic); CYASSL_LOCAL int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int mon); CYASSL_LOCAL int BufferLoadCRL(CYASSL_CRL*, const byte*, long, int); @@ -44,4 +47,5 @@ CYASSL_LOCAL int CheckCertCRL(CYASSL_CRL*, DecodedCert*); } /* extern "C" */ #endif +#endif /* HAVE_CRL */ #endif /* CYASSL_CRL_H */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/aes.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/aes.h index 9ab625dfc..69d86abf3 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/aes.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/aes.h @@ -1,6 +1,6 @@ /* aes.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -28,6 +28,11 @@ #include +#ifdef HAVE_CAVIUM + #include + #include "cavium_common.h" +#endif + #ifdef CYASSL_AESNI #include @@ -36,6 +41,8 @@ #if defined (__GNUC__) #define ALIGN16 __attribute__ ( (aligned (16))) #elif defined(_MSC_VER) + /* disable align warning, we want alignment ! */ + #pragma warning(disable: 4324) #define ALIGN16 __declspec (align (16)) #else #define ALIGN16 @@ -53,6 +60,8 @@ #endif +#define CYASSL_AES_CAVIUM_MAGIC 0xBEEF0002 + enum { AES_ENC_TYPE = 1, /* cipher unique type */ AES_ENCRYPTION = 0, @@ -76,31 +85,91 @@ typedef struct Aes { ALIGN16 byte M0[256][AES_BLOCK_SIZE]; #endif /* GCM_TABLE */ #endif /* HAVE_AESGCM */ +#ifdef CYASSL_AESNI + byte use_aesni; +#endif /* CYASSL_AESNI */ +#ifdef HAVE_CAVIUM + AesType type; /* aes key type */ + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ + word64 contextHandle; /* nitrox context memory handle */ +#endif +#ifdef CYASSL_AES_COUNTER + word32 left; /* unsued bytes left from last call */ +#endif +#ifdef CYASSL_PIC32MZ_CRYPT + word32 key_ce[AES_BLOCK_SIZE*2/sizeof(word32)] ; + word32 iv_ce [AES_BLOCK_SIZE /sizeof(word32)] ; + int keylen ; +#endif } Aes; CYASSL_API int AesSetKey(Aes* aes, const byte* key, word32 len, const byte* iv, int dir); CYASSL_API int AesSetIV(Aes* aes, const byte* iv); -CYASSL_API void AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); -CYASSL_API void AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); +CYASSL_API int AesCbcEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); +CYASSL_API int AesCbcDecrypt(Aes* aes, byte* out, const byte* in, word32 sz); CYASSL_API void AesCtrEncrypt(Aes* aes, byte* out, const byte* in, word32 sz); CYASSL_API void AesEncryptDirect(Aes* aes, byte* out, const byte* in); CYASSL_API void AesDecryptDirect(Aes* aes, byte* out, const byte* in); - +CYASSL_API int AesSetKeyDirect(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir); #ifdef HAVE_AESGCM -CYASSL_API void AesGcmSetKey(Aes* aes, const byte* key, word32 len, - const byte* implicitIV); -CYASSL_API void AesGcmSetExpIV(Aes* aes, const byte* iv); -CYASSL_API void AesGcmGetExpIV(Aes* aes, byte* iv); -CYASSL_API void AesGcmIncExpIV(Aes* aes); +CYASSL_API void AesGcmSetKey(Aes* aes, const byte* key, word32 len); CYASSL_API void AesGcmEncrypt(Aes* aes, byte* out, const byte* in, word32 sz, + const byte* iv, word32 ivSz, byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz); CYASSL_API int AesGcmDecrypt(Aes* aes, byte* out, const byte* in, word32 sz, + const byte* iv, word32 ivSz, const byte* authTag, word32 authTagSz, const byte* authIn, word32 authInSz); + +typedef struct Gmac { + Aes aes; +} Gmac; +CYASSL_API void GmacSetKey(Gmac* gmac, const byte* key, word32 len); +CYASSL_API void GmacUpdate(Gmac* gmac, const byte* iv, word32 ivSz, + const byte* authIn, word32 authInSz, + byte* authTag, word32 authTagSz); #endif /* HAVE_AESGCM */ +#ifdef HAVE_AESCCM +CYASSL_API void AesCcmSetKey(Aes* aes, const byte* key, word32 keySz); +CYASSL_API void AesCcmEncrypt(Aes* aes, byte* out, const byte* in, word32 inSz, + const byte* nonce, word32 nonceSz, + byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz); +CYASSL_API int AesCcmDecrypt(Aes* aes, byte* out, const byte* in, word32 inSz, + const byte* nonce, word32 nonceSz, + const byte* authTag, word32 authTagSz, + const byte* authIn, word32 authInSz); +#endif /* HAVE_AESCCM */ + +#ifdef HAVE_CAVIUM + CYASSL_API int AesInitCavium(Aes*, int); + CYASSL_API void AesFreeCavium(Aes*); +#endif + + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int AesSetKey_fips(Aes* aes, const byte* key, word32 len, + const byte* iv, int dir); + CYASSL_API int AesSetIV_fips(Aes* aes, const byte* iv); + CYASSL_API int AesCbcEncrypt_fips(Aes* aes, byte* out, const byte* in, + word32 sz); + CYASSL_API int AesCbcDecrypt_fips(Aes* aes, byte* out, const byte* in, + word32 sz); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define AesSetKey AesSetKey_fips + #define AesSetIV AesSetIV_fips + #define AesCbcEncrypt AesCbcEncrypt_fips + #define AesCbcDecrypt AesCbcDecrypt_fips + #endif /* FIPS_NO_WRAPPERS */ + +#endif /* HAVE_FIPS */ #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/arc4.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/arc4.h index b49146675..e205c50d8 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/arc4.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/arc4.h @@ -1,6 +1,6 @@ /* arc4.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -32,6 +32,8 @@ #endif +#define CYASSL_ARC4_CAVIUM_MAGIC 0xBEEF0001 + enum { ARC4_ENC_TYPE = 4, /* cipher unique type */ ARC4_STATE_SIZE = 256 @@ -42,11 +44,20 @@ typedef struct Arc4 { byte x; byte y; byte state[ARC4_STATE_SIZE]; +#ifdef HAVE_CAVIUM + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ + word64 contextHandle; /* nitrox context memory handle */ +#endif } Arc4; CYASSL_API void Arc4Process(Arc4*, byte*, const byte*, word32); CYASSL_API void Arc4SetKey(Arc4*, const byte*, word32); +#ifdef HAVE_CAVIUM + CYASSL_API int Arc4InitCavium(Arc4*, int); + CYASSL_API void Arc4FreeCavium(Arc4*); +#endif #ifdef __cplusplus } /* extern "C" */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn.h index cf2ac1cb7..bc51e529c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn.h @@ -1,6 +1,6 @@ /* asn.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,9 +16,10 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ +#ifndef NO_ASN #ifndef CTAO_CRYPT_ASN_H #define CTAO_CRYPT_ASN_H @@ -58,10 +59,14 @@ enum ASN_Tags { ASN_TAG_NULL = 0x05, ASN_OBJECT_ID = 0x06, ASN_ENUMERATED = 0x0a, + ASN_UTF8STRING = 0x0c, ASN_SEQUENCE = 0x10, ASN_SET = 0x11, ASN_UTC_TIME = 0x17, + ASN_OTHER_TYPE = 0x00, + ASN_RFC822_TYPE = 0x01, ASN_DNS_TYPE = 0x02, + ASN_DIR_TYPE = 0x04, ASN_GENERALIZED_TIME = 0x18, CRL_EXTENSIONS = 0xa0, ASN_EXTENSIONS = 0xa3, @@ -76,6 +81,7 @@ enum ASN_Flags{ enum DN_Tags { ASN_COMMON_NAME = 0x03, /* CN */ ASN_SUR_NAME = 0x04, /* SN */ + ASN_SERIAL_NUMBER = 0x05, /* serialNumber */ ASN_COUNTRY_NAME = 0x06, /* C */ ASN_LOCALITY_NAME = 0x07, /* L */ ASN_STATE_NAME = 0x08, /* ST */ @@ -122,6 +128,9 @@ enum Misc_ASN { MAX_ALGO_SZ = 20, MAX_SEQ_SZ = 5, /* enum(seq | con) + length(4) */ MAX_SET_SZ = 5, /* enum(set | con) + length(4) */ + MAX_OCTET_STR_SZ = 5, /* enum(set | con) + length(4) */ + MAX_EXP_SZ = 5, /* enum(contextspec|con|exp) + length(4) */ + MAX_PRSTR_SZ = 5, /* enum(prstr) + length(4) */ MAX_VERSION_SZ = 5, /* enum + id + version(byte) + (header(2))*/ MAX_ENCODED_DIG_SZ = 73, /* sha512 + enum(bit or octet) + legnth(4) */ MAX_RSA_INT_SZ = 517, /* RSA raw sz 4096 for bits + tag + len(4) */ @@ -132,6 +141,11 @@ enum Misc_ASN { MAX_CA_SZ = 32, /* Max encoded CA basic constraint length */ MAX_SN_SZ = 35, /* Max encoded serial number (INT) length */ #ifdef CYASSL_CERT_GEN + #ifdef CYASSL_CERT_REQ + /* Max encoded cert req attributes length */ + MAX_ATTRIB_SZ = MAX_SEQ_SZ * 3 + (11 + MAX_SEQ_SZ) * 2 + + MAX_PRSTR_SZ + CTC_NAME_SIZE, /* 11 is the OID size */ + #endif #ifdef CYASSL_ALT_NAMES MAX_EXTENSIONS_SZ = 1 + MAX_LENGTH_SZ + CTC_MAX_ALT_SIZE, #else @@ -141,15 +155,18 @@ enum Misc_ASN { #endif MAX_OCSP_EXT_SZ = 58, /* Max OCSP Extension length */ MAX_OCSP_NONCE_SZ = 18, /* OCSP Nonce size */ + EIGHTK_BUF = 8192, /* Tmp buffer size */ MAX_PUBLIC_KEY_SZ = MAX_NTRU_ENC_SZ + MAX_ALGO_SZ + MAX_SEQ_SZ * 2 /* use bigger NTRU size */ }; enum Oid_Types { - hashType = 0, - sigType = 1, - keyType = 2 + hashType = 0, + sigType = 1, + keyType = 2, + curveType = 3, + blkType = 4 }; @@ -163,10 +180,16 @@ enum Hash_Sum { }; +enum Block_Sum { + DESb = 69, + DES3b = 652 +}; + + enum Key_Sum { DSAk = 515, RSAk = 645, - NTRUk = 364, + NTRUk = 274, ECDSAk = 518 }; @@ -187,11 +210,38 @@ enum KDF_Sum { enum Extensions_Sum { - BASIC_CA_OID = 133, - ALT_NAMES_OID = 131, - CRL_DIST_OID = 145, - AUTH_INFO_OID = 69, - CA_ISSUER_OID = 117 + BASIC_CA_OID = 133, + ALT_NAMES_OID = 131, + CRL_DIST_OID = 145, + AUTH_INFO_OID = 69, + CA_ISSUER_OID = 117, + AUTH_KEY_OID = 149, + SUBJ_KEY_OID = 128, + CERT_POLICY_OID = 146, + KEY_USAGE_OID = 129, /* 2.5.29.15 */ + INHIBIT_ANY_OID = 168, /* 2.5.29.54 */ + EXT_KEY_USAGE_OID = 151, /* 2.5.29.37 */ + NAME_CONS_OID = 144 /* 2.5.29.30 */ +}; + +enum CertificatePolicy_Sum { + CP_ANY_OID = 146 /* id-ce 32 0 */ +}; + +enum SepHardwareName_Sum { + HW_NAME_OID = 79 /* 1.3.6.1.5.5.7.8.4 from RFC 4108*/ +}; + +enum AuthInfo_Sum { + AIA_OCSP_OID = 116, /* 1.3.6.1.5.5.7.48.1 */ + AIA_CA_ISSUER_OID = 117 /* 1.3.6.1.5.5.7.48.2 */ +}; + +enum ExtKeyUsage_Sum { /* From RFC 5280 */ + EKU_ANY_OID = 151, /* 2.5.29.37.0, anyExtendedKeyUsage */ + EKU_SERVER_AUTH_OID = 71, /* 1.3.6.1.5.5.7.3.1, id-kp-serverAuth */ + EKU_CLIENT_AUTH_OID = 72, /* 1.3.6.1.5.5.7.3.2, id-kp-clientAuth */ + EKU_OCSP_SIGN_OID = 79, /* 1.3.6.1.5.5.7.3.9, OCSPSigning */ }; @@ -201,6 +251,22 @@ enum VerifyType { }; +/* Key usage extension bits */ +#define KEYUSE_DIGITAL_SIG 0x0100 +#define KEYUSE_CONTENT_COMMIT 0x0080 +#define KEYUSE_KEY_ENCIPHER 0x0040 +#define KEYUSE_DATA_ENCIPHER 0x0020 +#define KEYUSE_KEY_AGREE 0x0010 +#define KEYUSE_KEY_CERT_SIGN 0x0008 +#define KEYUSE_CRL_SIGN 0x0004 +#define KEYUSE_ENCIPHER_ONLY 0x0002 +#define KEYUSE_DECIPHER_ONLY 0x0001 + +#define EXTKEYUSE_ANY 0x08 +#define EXTKEYUSE_OCSP_SIGN 0x04 +#define EXTKEYUSE_CLIENT_AUTH 0x02 +#define EXTKEYUSE_SERVER_AUTH 0x01 + typedef struct DNS_entry DNS_entry; struct DNS_entry { @@ -208,7 +274,46 @@ struct DNS_entry { char* name; /* actual DNS name */ }; + +typedef struct Base_entry Base_entry; + +struct Base_entry { + Base_entry* next; /* next on name base list */ + char* name; /* actual name base */ + int nameSz; /* name length */ + byte type; /* Name base type (DNS or RFC822) */ +}; + + +struct DecodedName { + char* fullName; + int fullNameLen; + int entryCount; + int cnIdx; + int cnLen; + int snIdx; + int snLen; + int cIdx; + int cLen; + int lIdx; + int lLen; + int stIdx; + int stLen; + int oIdx; + int oLen; + int ouIdx; + int ouLen; + int emailIdx; + int emailLen; + int uidIdx; + int uidLen; + int serialIdx; + int serialLen; +}; + + typedef struct DecodedCert DecodedCert; +typedef struct DecodedName DecodedName; typedef struct Signer Signer; @@ -221,7 +326,13 @@ struct DecodedCert { word32 sigLength; /* length of signature */ word32 signatureOID; /* sum of algorithm object id */ word32 keyOID; /* sum of key algo object id */ + int version; /* cert version, 1 or 3 */ DNS_entry* altNames; /* alt names list of dns entries */ +#ifndef IGNORE_NAME_CONSTRAINTS + DNS_entry* altEmailNames; /* alt names list of RFC822 entries */ + Base_entry* permittedNames; /* Permitted name bases */ + Base_entry* excludedNames; /* Excluded name bases */ +#endif /* IGNORE_NAME_CONSTRAINTS */ byte subjectHash[SHA_SIZE]; /* hash of all Names */ byte issuerHash[SHA_SIZE]; /* hash of all Names */ #ifdef HAVE_OCSP @@ -229,7 +340,8 @@ struct DecodedCert { #endif /* HAVE_OCSP */ byte* signature; /* not owned, points into raw cert */ char* subjectCN; /* CommonName */ - int subjectCNLen; + int subjectCNLen; /* CommonName Length */ + char subjectCNEnc; /* CommonName Encoding */ int subjectCNStored; /* have we saved a copy we own */ char issuer[ASN_NAME_MAX]; /* full name including common name */ char subject[ASN_NAME_MAX]; /* full name including common name */ @@ -247,38 +359,122 @@ struct DecodedCert { int extAuthInfoSz; /* length of the URI */ byte* extCrlInfo; /* CRL Distribution Points */ int extCrlInfoSz; /* length of the URI */ - byte isCA; /* CA basic constraint true */ -#ifdef CYASSL_CERT_GEN + byte extSubjKeyId[SHA_SIZE]; /* Subject Key ID */ + byte extSubjKeyIdSet; /* Set when the SKID was read from cert */ + byte extAuthKeyId[SHA_SIZE]; /* Authority Key ID */ + byte extAuthKeyIdSet; /* Set when the AKID was read from cert */ +#ifndef IGNORE_NAME_CONSTRAINTS + byte extNameConstraintSet; +#endif /* IGNORE_NAME_CONSTRAINTS */ + byte isCA; /* CA basic constraint true */ + byte extKeyUsageSet; + word16 extKeyUsage; /* Key usage bitfield */ + byte extExtKeyUsageSet; /* Extended Key Usage */ + byte extExtKeyUsage; /* Extended Key usage bitfield */ +#ifdef OPENSSL_EXTRA + byte extBasicConstSet; + byte extBasicConstCrit; + byte extBasicConstPlSet; + word32 pathLength; /* CA basic constraint path length, opt */ + byte extSubjAltNameSet; + byte extSubjAltNameCrit; + byte extAuthKeyIdCrit; +#ifndef IGNORE_NAME_CONSTRAINTS + byte extNameConstraintCrit; +#endif /* IGNORE_NAME_CONSTRAINTS */ + byte extSubjKeyIdCrit; + byte extKeyUsageCrit; + byte extExtKeyUsageCrit; + byte* extExtKeyUsageSrc; + word32 extExtKeyUsageSz; + word32 extExtKeyUsageCount; + byte* extAuthKeyIdSrc; + word32 extAuthKeyIdSz; + byte* extSubjKeyIdSrc; + word32 extSubjKeyIdSz; +#endif +#ifdef HAVE_ECC + word32 pkCurveOID; /* Public Key's curve OID */ +#endif /* HAVE_ECC */ + byte* beforeDate; + int beforeDateLen; + byte* afterDate; + int afterDateLen; +#ifdef HAVE_PKCS7 + byte* issuerRaw; /* pointer to issuer inside source */ + int issuerRawLen; +#endif +#ifndef IGNORE_NAME_CONSTRAINT + byte* subjectRaw; /* pointer to subject inside source */ + int subjectRawLen; +#endif +#if defined(CYASSL_CERT_GEN) /* easy access to subject info for other sign */ char* subjectSN; int subjectSNLen; + char subjectSNEnc; char* subjectC; int subjectCLen; + char subjectCEnc; char* subjectL; int subjectLLen; + char subjectLEnc; char* subjectST; int subjectSTLen; + char subjectSTEnc; char* subjectO; int subjectOLen; + char subjectOEnc; char* subjectOU; int subjectOULen; + char subjectOUEnc; char* subjectEmail; int subjectEmailLen; - byte* beforeDate; - int beforeDateLen; - byte* afterDate; - int afterDateLen; #endif /* CYASSL_CERT_GEN */ +#ifdef OPENSSL_EXTRA + DecodedName issuerName; + DecodedName subjectName; +#endif /* OPENSSL_EXTRA */ +#ifdef CYASSL_SEP + int deviceTypeSz; + byte* deviceType; + int hwTypeSz; + byte* hwType; + int hwSerialNumSz; + byte* hwSerialNum; + #ifdef OPENSSL_EXTRA + byte extCertPolicySet; + byte extCertPolicyCrit; + #endif /* OPENSSL_EXTRA */ +#endif /* CYASSL_SEP */ }; +#ifdef SHA_DIGEST_SIZE + #define SIGNER_DIGEST_SIZE SHA_DIGEST_SIZE +#else + #define SIGNER_DIGEST_SIZE 20 +#endif + /* CA Signers */ +/* if change layout change PERSIST_CERT_CACHE functions too */ struct Signer { - byte* publicKey; word32 pubKeySize; word32 keyOID; /* key type */ + word16 keyUsage; + byte* publicKey; + int nameLen; char* name; /* common name */ - byte hash[SHA_DIGEST_SIZE]; /* sha hash of names in certificate */ +#ifndef IGNORE_NAME_CONSTRAINTS + Base_entry* permittedNames; + Base_entry* excludedNames; +#endif /* IGNORE_NAME_CONSTRAINTS */ + byte subjectNameHash[SIGNER_DIGEST_SIZE]; + /* sha hash of names in certificate */ + #ifndef NO_SKID + byte subjectKeyIdHash[SIGNER_DIGEST_SIZE]; + /* sha hash of names in certificate */ + #endif Signer* next; }; @@ -291,6 +487,9 @@ struct Signer { #endif CYASSL_TEST_API void FreeAltNames(DNS_entry*, void*); +#ifndef IGNORE_NAME_CONSTRAINTS + CYASSL_TEST_API void FreeNameSubtrees(Base_entry*, void*); +#endif /* IGNORE_NAME_CONSTRAINTS */ CYASSL_TEST_API void InitDecodedCert(DecodedCert*, byte*, word32, void*); CYASSL_TEST_API void FreeDecodedCert(DecodedCert*); CYASSL_TEST_API int ParseCert(DecodedCert*, int type, int verify, void* cm); @@ -302,7 +501,8 @@ CYASSL_LOCAL word32 EncodeSignature(byte* out, const byte* digest, word32 digSz, int hashOID); CYASSL_LOCAL Signer* MakeSigner(void*); -CYASSL_LOCAL void FreeSigners(Signer*, void*); +CYASSL_LOCAL void FreeSigner(Signer*, void*); +CYASSL_LOCAL void FreeSignerTable(Signer**, int, void*); CYASSL_LOCAL int ToTraditional(byte* buffer, word32 length); @@ -310,15 +510,37 @@ CYASSL_LOCAL int ToTraditionalEnc(byte* buffer, word32 length,const char*, int); CYASSL_LOCAL int ValidateDate(const byte* date, byte format, int dateType); +/* ASN.1 helper functions */ +CYASSL_LOCAL int GetLength(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +CYASSL_LOCAL int GetSequence(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +CYASSL_LOCAL int GetSet(const byte* input, word32* inOutIdx, int* len, + word32 maxIdx); +CYASSL_LOCAL int GetMyVersion(const byte* input, word32* inOutIdx, + int* version); +CYASSL_LOCAL int GetInt(mp_int* mpi, const byte* input, word32* inOutIdx, + word32 maxIdx); +CYASSL_LOCAL int GetAlgoId(const byte* input, word32* inOutIdx, word32* oid, + word32 maxIdx); +CYASSL_LOCAL word32 SetLength(word32 length, byte* output); +CYASSL_LOCAL word32 SetSequence(word32 len, byte* output); +CYASSL_LOCAL word32 SetOctetString(word32 len, byte* output); +CYASSL_LOCAL word32 SetImplicit(byte tag, byte number, word32 len,byte* output); +CYASSL_LOCAL word32 SetExplicit(byte number, word32 len, byte* output); +CYASSL_LOCAL word32 SetSet(word32 len, byte* output); +CYASSL_LOCAL word32 SetAlgoID(int algoOID, byte* output, int type, int curveSz); +CYASSL_LOCAL int SetMyVersion(word32 version, byte* output, int header); +CYASSL_LOCAL int SetSerialNumber(const byte* sn, word32 snSz, byte* output); +CYASSL_LOCAL int GetNameHash(const byte* source, word32* idx, byte* hash, + int maxIdx); + #ifdef HAVE_ECC /* ASN sig helpers */ CYASSL_LOCAL int StoreECC_DSA_Sig(byte* out, word32* outLen, mp_int* r, mp_int* s); CYASSL_LOCAL int DecodeECC_DSA_Sig(const byte* sig, word32 sigLen, mp_int* r, mp_int* s); - /* private key helpers */ - CYASSL_LOCAL int EccPrivateKeyDecode(const byte* input,word32* inOutIdx, - ecc_key*,word32); #endif #ifdef CYASSL_CERT_GEN @@ -328,7 +550,8 @@ enum cert_enums { JOINT_LEN = 2, EMAIL_JOINT_LEN = 9, RSA_KEY = 10, - NTRU_KEY = 11 + NTRU_KEY = 11, + ECC_KEY = 12 }; @@ -415,6 +638,7 @@ struct OcspResponse { struct OcspRequest { DecodedCert* cert; + byte useNonce; byte nonce[MAX_OCSP_NONCE_SZ]; int nonceSz; @@ -431,7 +655,8 @@ struct OcspRequest { CYASSL_LOCAL void InitOcspResponse(OcspResponse*, CertStatus*, byte*, word32); CYASSL_LOCAL int OcspResponseDecode(OcspResponse*); -CYASSL_LOCAL void InitOcspRequest(OcspRequest*, DecodedCert*, byte*, word32); +CYASSL_LOCAL void InitOcspRequest(OcspRequest*, DecodedCert*, + byte, byte*, word32); CYASSL_LOCAL int EncodeOcspRequest(OcspRequest*); CYASSL_LOCAL int CompareOcspReqResp(OcspRequest*, OcspResponse*); @@ -460,7 +685,7 @@ struct DecodedCRL { word32 signatureOID; /* sum of algorithm object id */ byte* signature; /* pointer into raw source, not owned */ byte issuerHash[SHA_DIGEST_SIZE]; /* issuer hash */ - byte crlHash[MD5_DIGEST_SIZE]; /* raw crl data hash */ + byte crlHash[SHA_DIGEST_SIZE]; /* raw crl data hash */ byte lastDate[MAX_DATE_SIZE]; /* last date updated */ byte nextDate[MAX_DATE_SIZE]; /* next update date */ byte lastDateFormat; /* format of last date */ @@ -470,7 +695,7 @@ struct DecodedCRL { }; CYASSL_LOCAL void InitDecodedCRL(DecodedCRL*); -CYASSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, long sz, void* cm); +CYASSL_LOCAL int ParseCRL(DecodedCRL*, const byte* buff, word32 sz, void* cm); CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*); @@ -483,3 +708,4 @@ CYASSL_LOCAL void FreeDecodedCRL(DecodedCRL*); #endif /* CTAO_CRYPT_ASN_H */ +#endif /* !NO_ASN */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn_public.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn_public.h index efc21fd83..34c899dc0 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn_public.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/asn_public.h @@ -1,6 +1,6 @@ /* asn_public.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,6 +24,7 @@ #define CTAO_CRYPT_ASN_PUBLIC_H #include +#include #ifdef CYASSL_CERT_GEN #include #endif @@ -40,7 +41,9 @@ enum CertType { PRIVATEKEY_TYPE, DH_PARAM_TYPE, CRL_TYPE, - CA_TYPE + CA_TYPE, + ECC_PRIVATEKEY_TYPE, + CERTREQ_TYPE }; @@ -59,24 +62,40 @@ enum Ctc_SigType { CTC_SHA512wECDSA = 526 }; +enum Ctc_Encoding { + CTC_UTF8 = 0x0c, /* utf8 */ + CTC_PRINTABLE = 0x13 /* printable */ +}; + #ifdef CYASSL_CERT_GEN +#ifndef HAVE_ECC + typedef struct ecc_key ecc_key; +#endif + enum Ctc_Misc { - CTC_NAME_SIZE = 64, - CTC_DATE_SIZE = 32, - CTC_MAX_ALT_SIZE = 8192, /* may be huge */ - CTC_SERIAL_SIZE = 8 + CTC_NAME_SIZE = 64, + CTC_DATE_SIZE = 32, + CTC_MAX_ALT_SIZE = 16384, /* may be huge */ + CTC_SERIAL_SIZE = 8 }; typedef struct CertName { char country[CTC_NAME_SIZE]; + char countryEnc; char state[CTC_NAME_SIZE]; + char stateEnc; char locality[CTC_NAME_SIZE]; + char localityEnc; char sur[CTC_NAME_SIZE]; + char surEnc; char org[CTC_NAME_SIZE]; + char orgEnc; char unit[CTC_NAME_SIZE]; + char unitEnc; char commonName[CTC_NAME_SIZE]; + char commonNameEnc; char email[CTC_NAME_SIZE]; /* !!!! email has to be last !!!! */ } CertName; @@ -102,6 +121,9 @@ typedef struct Cert { byte afterDate[CTC_DATE_SIZE]; /* after date copy */ int afterDateSz; /* size of copy */ #endif +#ifdef CYASSL_CERT_REQ + char challengePw[CTC_NAME_SIZE]; +#endif } Cert; @@ -119,8 +141,14 @@ typedef struct Cert { keyType = RSA_KEY (default) */ CYASSL_API void InitCert(Cert*); -CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); -CYASSL_API int SignCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); +CYASSL_API int MakeCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + ecc_key*, RNG*); +#ifdef CYASSL_CERT_REQ + CYASSL_API int MakeCertReq(Cert*, byte* derBuffer, word32 derSz, RsaKey*, + ecc_key*); +#endif +CYASSL_API int SignCert(int requestSz, int sigType, byte* derBuffer, + word32 derSz, RsaKey*, ecc_key*, RNG*); CYASSL_API int MakeSelfCert(Cert*, byte* derBuffer, word32 derSz, RsaKey*, RNG*); CYASSL_API int SetIssuer(Cert*, const char*); @@ -146,6 +174,12 @@ CYASSL_API int SetDatesBuffer(Cert*, const byte*, int); word32 outputSz, int type); #endif +#ifdef HAVE_ECC + /* private key helpers */ + CYASSL_API int EccPrivateKeyDecode(const byte* input,word32* inOutIdx, + ecc_key*,word32); +#endif + #ifdef __cplusplus } /* extern "C" */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-impl.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-impl.h new file mode 100644 index 000000000..d82bffc64 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-impl.h @@ -0,0 +1,154 @@ +/* + BLAKE2 reference source code package - reference C implementations + + Written in 2012 by Samuel Neves + + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + + You should have received a copy of the CC0 Public Domain Dedication along with + this software. If not, see . +*/ +/* blake2-impl.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifndef CTAOCRYPT_BLAKE2_IMPL_H +#define CTAOCRYPT_BLAKE2_IMPL_H + +#include + +static inline word32 load32( const void *src ) +{ +#if defined(LITTLE_ENDIAN_ORDER) + return *( word32 * )( src ); +#else + const byte *p = ( byte * )src; + word32 w = *p++; + w |= ( word32 )( *p++ ) << 8; + w |= ( word32 )( *p++ ) << 16; + w |= ( word32 )( *p++ ) << 24; + return w; +#endif +} + +static inline word64 load64( const void *src ) +{ +#if defined(LITTLE_ENDIAN_ORDER) + return *( word64 * )( src ); +#else + const byte *p = ( byte * )src; + word64 w = *p++; + w |= ( word64 )( *p++ ) << 8; + w |= ( word64 )( *p++ ) << 16; + w |= ( word64 )( *p++ ) << 24; + w |= ( word64 )( *p++ ) << 32; + w |= ( word64 )( *p++ ) << 40; + w |= ( word64 )( *p++ ) << 48; + w |= ( word64 )( *p++ ) << 56; + return w; +#endif +} + +static inline void store32( void *dst, word32 w ) +{ +#if defined(LITTLE_ENDIAN_ORDER) + *( word32 * )( dst ) = w; +#else + byte *p = ( byte * )dst; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; +#endif +} + +static inline void store64( void *dst, word64 w ) +{ +#if defined(LITTLE_ENDIAN_ORDER) + *( word64 * )( dst ) = w; +#else + byte *p = ( byte * )dst; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; +#endif +} + +static inline word64 load48( const void *src ) +{ + const byte *p = ( const byte * )src; + word64 w = *p++; + w |= ( word64 )( *p++ ) << 8; + w |= ( word64 )( *p++ ) << 16; + w |= ( word64 )( *p++ ) << 24; + w |= ( word64 )( *p++ ) << 32; + w |= ( word64 )( *p++ ) << 40; + return w; +} + +static inline void store48( void *dst, word64 w ) +{ + byte *p = ( byte * )dst; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; w >>= 8; + *p++ = ( byte )w; +} + +static inline word32 rotl32( const word32 w, const unsigned c ) +{ + return ( w << c ) | ( w >> ( 32 - c ) ); +} + +static inline word64 rotl64( const word64 w, const unsigned c ) +{ + return ( w << c ) | ( w >> ( 64 - c ) ); +} + +static inline word32 rotr32( const word32 w, const unsigned c ) +{ + return ( w >> c ) | ( w << ( 32 - c ) ); +} + +static inline word64 rotr64( const word64 w, const unsigned c ) +{ + return ( w >> c ) | ( w << ( 64 - c ) ); +} + +/* prevents compiler optimizing out memset() */ +static inline void secure_zero_memory( void *v, word64 n ) +{ + volatile byte *p = ( volatile byte * )v; + + while( n-- ) *p++ = 0; +} + +#endif /* CTAOCRYPT_BLAKE2_IMPL_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-int.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-int.h new file mode 100644 index 000000000..ba5cc7745 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2-int.h @@ -0,0 +1,183 @@ +/* + BLAKE2 reference source code package - reference C implementations + + Written in 2012 by Samuel Neves + + To the extent possible under law, the author(s) have dedicated all copyright + and related and neighboring rights to this software to the public domain + worldwide. This software is distributed without any warranty. + + You should have received a copy of the CC0 Public Domain Dedication along with + this software. If not, see . +*/ +/* blake2-int.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + + +#ifndef CTAOCRYPT_BLAKE2_INT_H +#define CTAOCRYPT_BLAKE2_INT_H + +#include + + +#if defined(_MSC_VER) + #define ALIGN(x) __declspec(align(x)) +#elif defined(__GNUC__) + #define ALIGN(x) __attribute__((aligned(x))) +#else + #define ALIGN(x) +#endif + + +#if defined(__cplusplus) + extern "C" { +#endif + + enum blake2s_constant + { + BLAKE2S_BLOCKBYTES = 64, + BLAKE2S_OUTBYTES = 32, + BLAKE2S_KEYBYTES = 32, + BLAKE2S_SALTBYTES = 8, + BLAKE2S_PERSONALBYTES = 8 + }; + + enum blake2b_constant + { + BLAKE2B_BLOCKBYTES = 128, + BLAKE2B_OUTBYTES = 64, + BLAKE2B_KEYBYTES = 64, + BLAKE2B_SALTBYTES = 16, + BLAKE2B_PERSONALBYTES = 16 + }; + +#pragma pack(push, 1) + typedef struct __blake2s_param + { + byte digest_length; /* 1 */ + byte key_length; /* 2 */ + byte fanout; /* 3 */ + byte depth; /* 4 */ + word32 leaf_length; /* 8 */ + byte node_offset[6];/* 14 */ + byte node_depth; /* 15 */ + byte inner_length; /* 16 */ + /* byte reserved[0]; */ + byte salt[BLAKE2B_SALTBYTES]; /* 24 */ + byte personal[BLAKE2S_PERSONALBYTES]; /* 32 */ + } blake2s_param; + + ALIGN( 64 ) typedef struct __blake2s_state + { + word32 h[8]; + word32 t[2]; + word32 f[2]; + byte buf[2 * BLAKE2S_BLOCKBYTES]; + word64 buflen; + byte last_node; + } blake2s_state ; + + typedef struct __blake2b_param + { + byte digest_length; /* 1 */ + byte key_length; /* 2 */ + byte fanout; /* 3 */ + byte depth; /* 4 */ + word32 leaf_length; /* 8 */ + word64 node_offset; /* 16 */ + byte node_depth; /* 17 */ + byte inner_length; /* 18 */ + byte reserved[14]; /* 32 */ + byte salt[BLAKE2B_SALTBYTES]; /* 48 */ + byte personal[BLAKE2B_PERSONALBYTES]; /* 64 */ + } blake2b_param; + + ALIGN( 64 ) typedef struct __blake2b_state + { + word64 h[8]; + word64 t[2]; + word64 f[2]; + byte buf[2 * BLAKE2B_BLOCKBYTES]; + word64 buflen; + byte last_node; + } blake2b_state; + + typedef struct __blake2sp_state + { + blake2s_state S[8][1]; + blake2s_state R[1]; + byte buf[8 * BLAKE2S_BLOCKBYTES]; + word64 buflen; + } blake2sp_state; + + typedef struct __blake2bp_state + { + blake2b_state S[4][1]; + blake2b_state R[1]; + byte buf[4 * BLAKE2B_BLOCKBYTES]; + word64 buflen; + } blake2bp_state; +#pragma pack(pop) + + /* Streaming API */ + int blake2s_init( blake2s_state *S, const byte outlen ); + int blake2s_init_key( blake2s_state *S, const byte outlen, const void *key, const byte keylen ); + int blake2s_init_param( blake2s_state *S, const blake2s_param *P ); + int blake2s_update( blake2s_state *S, const byte *in, word64 inlen ); + int blake2s_final( blake2s_state *S, byte *out, byte outlen ); + + int blake2b_init( blake2b_state *S, const byte outlen ); + int blake2b_init_key( blake2b_state *S, const byte outlen, const void *key, const byte keylen ); + int blake2b_init_param( blake2b_state *S, const blake2b_param *P ); + int blake2b_update( blake2b_state *S, const byte *in, word64 inlen ); + int blake2b_final( blake2b_state *S, byte *out, byte outlen ); + + int blake2sp_init( blake2sp_state *S, const byte outlen ); + int blake2sp_init_key( blake2sp_state *S, const byte outlen, const void *key, const byte keylen ); + int blake2sp_update( blake2sp_state *S, const byte *in, word64 inlen ); + int blake2sp_final( blake2sp_state *S, byte *out, byte outlen ); + + int blake2bp_init( blake2bp_state *S, const byte outlen ); + int blake2bp_init_key( blake2bp_state *S, const byte outlen, const void *key, const byte keylen ); + int blake2bp_update( blake2bp_state *S, const byte *in, word64 inlen ); + int blake2bp_final( blake2bp_state *S, byte *out, byte outlen ); + + /* Simple API */ + int blake2s( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); + int blake2b( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); + + int blake2sp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); + int blake2bp( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ); + + static inline int blake2( byte *out, const void *in, const void *key, const byte outlen, const word64 inlen, byte keylen ) + { + return blake2b( out, in, key, outlen, inlen, keylen ); + } + + + +#if defined(__cplusplus) + } +#endif + +#endif /* CTAOCRYPT_BLAKE2_INT_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2.h new file mode 100644 index 000000000..ba5ec6fd6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/blake2.h @@ -0,0 +1,60 @@ +/* blake2.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifdef HAVE_BLAKE2 + +#ifndef CTAOCRYPT_BLAKE2_H +#define CTAOCRYPT_BLAKE2_H + +#include + +#ifdef __cplusplus + extern "C" { +#endif + +/* in bytes, variable digest size up to 512 bits (64 bytes) */ +enum { + BLAKE2B_ID = 7, /* hash type unique */ + BLAKE2B_256 = 32 /* 256 bit type, SSL default */ +}; + + +/* BLAKE2b digest */ +typedef struct Blake2b { + blake2b_state S[1]; /* our state */ + word32 digestSz; /* digest size used on init */ +} Blake2b; + + +CYASSL_API int InitBlake2b(Blake2b*, word32); +CYASSL_API int Blake2bUpdate(Blake2b*, const byte*, word32); +CYASSL_API int Blake2bFinal(Blake2b*, byte*, word32); + + + +#ifdef __cplusplus + } +#endif + +#endif /* CTAOCRYPT_BLAKE2_H */ +#endif /* HAVE_BLAKE2 */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/camellia.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/camellia.h new file mode 100644 index 000000000..aec9ecf69 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/camellia.h @@ -0,0 +1,96 @@ +/* camellia.h ver 1.2.0 + * + * Copyright (c) 2006,2007 + * NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. + * + * Redistribution and use in source and binary forms, with or without + * modification, are permitted provided that the following conditions + * are met: + * 1. Redistributions of source code must retain the above copyright + * notice, this list of conditions and the following disclaimer as + * the first lines of this file unmodified. + * 2. Redistributions in binary form must reproduce the above copyright + * notice, this list of conditions and the following disclaimer in the + * documentation and/or other materials provided with the distribution. + * + * THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR + * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES + * OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. + * IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, + * INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT + * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, + * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY + * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT + * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF + * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + */ + +/* camellia.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CAMELLIA + +#ifndef CTAO_CRYPT_CAMELLIA_H +#define CTAO_CRYPT_CAMELLIA_H + + +#include + +#ifdef __cplusplus + extern "C" { +#endif + + +enum { + CAMELLIA_BLOCK_SIZE = 16 +}; + +#define CAMELLIA_TABLE_BYTE_LEN 272 +#define CAMELLIA_TABLE_WORD_LEN (CAMELLIA_TABLE_BYTE_LEN / sizeof(word32)) + +typedef word32 KEY_TABLE_TYPE[CAMELLIA_TABLE_WORD_LEN]; + +typedef struct Camellia { + word32 keySz; + KEY_TABLE_TYPE key; + word32 reg[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ + word32 tmp[CAMELLIA_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ +} Camellia; + + +CYASSL_API int CamelliaSetKey(Camellia* cam, + const byte* key, word32 len, const byte* iv); +CYASSL_API int CamelliaSetIV(Camellia* cam, const byte* iv); +CYASSL_API void CamelliaEncryptDirect(Camellia* cam, byte* out, const byte* in); +CYASSL_API void CamelliaDecryptDirect(Camellia* cam, byte* out, const byte* in); +CYASSL_API void CamelliaCbcEncrypt(Camellia* cam, + byte* out, const byte* in, word32 sz); +CYASSL_API void CamelliaCbcDecrypt(Camellia* cam, + byte* out, const byte* in, word32 sz); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* CTAO_CRYPT_AES_H */ +#endif /* HAVE_CAMELLIA */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/coding.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/coding.h index 5bed1009d..303565fd9 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/coding.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/coding.h @@ -1,6 +1,6 @@ /* coding.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -39,10 +39,17 @@ CYASSL_LOCAL int Base64_Decode(const byte* in, word32 inLen, byte* out, CYASSL_API int Base64_Encode(const byte* in, word32 inLen, byte* out, word32* outLen); - CYASSL_LOCAL + CYASSL_API + int Base64_EncodeEsc(const byte* in, word32 inLen, byte* out, + word32* outLen); +#endif + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) || defined(HAVE_FIPS) + CYASSL_API int Base16_Decode(const byte* in, word32 inLen, byte* out, word32* outLen); #endif + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/compress.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/compress.h new file mode 100644 index 000000000..ecf162204 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/compress.h @@ -0,0 +1,52 @@ +/* compress.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifdef HAVE_LIBZ + +#ifndef CTAO_CRYPT_COMPRESS_H +#define CTAO_CRYPT_COMPRESS_H + + +#include + + +#ifdef __cplusplus + extern "C" { +#endif + + +#define COMPRESS_FIXED 1 + + +CYASSL_API int Compress(byte*, word32, const byte*, word32, word32); +CYASSL_API int DeCompress(byte*, word32, const byte*, word32); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CTAO_CRYPT_COMPRESS_H */ + +#endif /* HAVE_LIBZ */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/des3.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/des3.h index adae9a955..0c8f64006 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/des3.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/des3.h @@ -1,6 +1,6 @@ /* des3.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -33,6 +33,8 @@ extern "C" { #endif +#define CYASSL_3DES_CAVIUM_MAGIC 0xBEEF0003 + enum { DES_ENC_TYPE = 2, /* cipher unique type */ DES3_ENC_TYPE = 3, /* cipher unique type */ @@ -40,15 +42,28 @@ enum { DES_KS_SIZE = 32, DES_ENCRYPTION = 0, - DES_DECRYPTION = 1, + DES_DECRYPTION = 1 +}; + +#define DES_IVLEN 8 +#define DES_KEYLEN 8 +#define DES3_IVLEN 8 +#define DES3_KEYLEN 24 + + +#ifdef STM32F2_CRYPTO +enum { + DES_CBC = 0, + DES_ECB = 1 }; +#endif /* DES encryption and decryption */ typedef struct Des { - word32 key[DES_KS_SIZE]; word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ + word32 key[DES_KS_SIZE]; } Des; @@ -57,19 +72,50 @@ typedef struct Des3 { word32 key[3][DES_KS_SIZE]; word32 reg[DES_BLOCK_SIZE / sizeof(word32)]; /* for CBC mode */ word32 tmp[DES_BLOCK_SIZE / sizeof(word32)]; /* same */ +#ifdef HAVE_CAVIUM + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ + word64 contextHandle; /* nitrox context memory handle */ +#endif } Des3; -CYASSL_API void Des_SetKey(Des* des, const byte* key, const byte* iv, int dir); +CYASSL_API int Des_SetKey(Des* des, const byte* key, const byte* iv, int dir); CYASSL_API void Des_SetIV(Des* des, const byte* iv); -CYASSL_API void Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz); -CYASSL_API void Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz); -CYASSL_API void Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz); - -CYASSL_API void Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir); -CYASSL_API void Des3_SetIV(Des3* des, const byte* iv); -CYASSL_API void Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz); -CYASSL_API void Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz); +CYASSL_API int Des_CbcEncrypt(Des* des, byte* out, const byte* in, word32 sz); +CYASSL_API int Des_CbcDecrypt(Des* des, byte* out, const byte* in, word32 sz); +CYASSL_API int Des_EcbEncrypt(Des* des, byte* out, const byte* in, word32 sz); + +CYASSL_API int Des3_SetKey(Des3* des, const byte* key, const byte* iv,int dir); +CYASSL_API int Des3_SetIV(Des3* des, const byte* iv); +CYASSL_API int Des3_CbcEncrypt(Des3* des, byte* out, const byte* in,word32 sz); +CYASSL_API int Des3_CbcDecrypt(Des3* des, byte* out, const byte* in,word32 sz); + + +#ifdef HAVE_CAVIUM + CYASSL_API int Des3_InitCavium(Des3*, int); + CYASSL_API void Des3_FreeCavium(Des3*); +#endif + + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int Des3_SetKey_fips(Des3* des, const byte* key, const byte* iv, + int dir); + CYASSL_API int Des3_SetIV_fips(Des3* des, const byte* iv); + CYASSL_API int Des3_CbcEncrypt_fips(Des3* des, byte* out, const byte* in, + word32 sz); + CYASSL_API int Des3_CbcDecrypt_fips(Des3* des, byte* out, const byte* in, + word32 sz); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define Des3_SetKey Des3_SetKey_fips + #define Des3_SetIV Des3_SetIV_fips + #define Des3_CbcEncrypt Des3_CbcEncrypt_fips + #define Des3_CbcDecrypt Des3_CbcDecrypt_fips + #endif /* FIPS_NO_WRAPPERS */ + +#endif /* HAVE_FIPS */ #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dh.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dh.h index 0b002ac84..f700e3332 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dh.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dh.h @@ -1,6 +1,6 @@ /* dh.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dsa.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dsa.h index 2264773cc..8bfc32152 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dsa.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/dsa.h @@ -1,6 +1,6 @@ /* dsa.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ecc.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ecc.h index 4d54c0415..a885abf63 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ecc.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ecc.h @@ -1,6 +1,6 @@ /* ecc.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_ECC @@ -49,7 +49,7 @@ typedef struct { int size; /* The size of the curve in octets */ const char* name; /* name of this curve */ const char* prime; /* prime that defines the field, curve is in (hex) */ - const char* B; /* fields B param (hex) */ + const char* Bf; /* fields B param (hex) */ const char* order; /* order of the curve (hex) */ const char* Gx; /* x coordinate of the base point on curve (hex) */ const char* Gy; /* y coordinate of the base point on curve (hex) */ @@ -91,12 +91,14 @@ CYASSL_API int ecc_sign_hash(const byte* in, word32 inlen, byte* out, word32 *outlen, RNG* rng, ecc_key* key); CYASSL_API -int ecc_verify_hash(const byte* sig, word32 siglen, byte* hash, word32 hashlen, - int* stat, ecc_key* key); +int ecc_verify_hash(const byte* sig, word32 siglen, const byte* hash, + word32 hashlen, int* stat, ecc_key* key); CYASSL_API void ecc_init(ecc_key* key); CYASSL_API void ecc_free(ecc_key* key); +CYASSL_API +void ecc_fp_free(void); /* ASN key helpers */ @@ -107,6 +109,8 @@ int ecc_import_x963(const byte* in, word32 inLen, ecc_key* key); CYASSL_API int ecc_import_private_key(const byte* priv, word32 privSz, const byte* pub, word32 pubSz, ecc_key* key); +CYASSL_API +int ecc_export_private_only(ecc_key* key, byte* out, word32* outLen); /* size helper */ CYASSL_API @@ -114,12 +118,63 @@ int ecc_size(ecc_key* key); CYASSL_API int ecc_sig_size(ecc_key* key); -/* TODO: fix mutex types */ -#define MUTEX_GLOBAL(x) int (x); -#define MUTEX_LOCK(x) -#define MUTEX_UNLOCK(x) +#ifdef HAVE_ECC_ENCRYPT +/* ecc encrypt */ + +enum ecEncAlgo { + ecAES_128_CBC = 1, /* default */ + ecAES_256_CBC = 2 +}; + +enum ecKdfAlgo { + ecHKDF_SHA256 = 1, /* default */ + ecHKDF_SHA1 = 2 +}; + +enum ecMacAlgo { + ecHMAC_SHA256 = 1, /* default */ + ecHMAC_SHA1 = 2 +}; + +enum { + KEY_SIZE_128 = 16, + KEY_SIZE_256 = 32, + IV_SIZE_64 = 8, + EXCHANGE_SALT_SZ = 16, + EXCHANGE_INFO_SZ = 23 +}; + +enum ecFlags { + REQ_RESP_CLIENT = 1, + REQ_RESP_SERVER = 2 +}; + + +typedef struct ecEncCtx ecEncCtx; + +CYASSL_API +ecEncCtx* ecc_ctx_new(int flags, RNG* rng); +CYASSL_API +void ecc_ctx_free(ecEncCtx*); +CYASSL_API +int ecc_ctx_reset(ecEncCtx*, RNG*); /* reset for use again w/o alloc/free */ + +CYASSL_API +const byte* ecc_ctx_get_own_salt(ecEncCtx*); +CYASSL_API +int ecc_ctx_set_peer_salt(ecEncCtx*, const byte* salt); +CYASSL_API +int ecc_ctx_set_info(ecEncCtx*, const byte* info, int sz); + +CYASSL_API +int ecc_encrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); +CYASSL_API +int ecc_decrypt(ecc_key* privKey, ecc_key* pubKey, const byte* msg, + word32 msgSz, byte* out, word32* outSz, ecEncCtx* ctx); +#endif /* HAVE_ECC_ENCRYPT */ #ifdef __cplusplus } /* extern "C" */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/error.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/error-crypt.h similarity index 72% rename from FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/error.h rename to FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/error-crypt.h index 8a0d58628..c75d37ceb 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/error.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/error-crypt.h @@ -1,6 +1,6 @@ -/* error.h +/* error-crypt.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -33,13 +33,13 @@ /* error codes */ enum { - MAX_ERROR_SZ = 80, /* max size of error string */ - MAX_CODE_E = -100, /* errors -101 - -199 */ + MAX_CODE_E = -100, /* errors -101 - -299 */ OPEN_RAN_E = -101, /* opening random device error */ READ_RAN_E = -102, /* reading random device error */ WINCRYPT_E = -103, /* windows crypt init error */ CRYPTGEN_E = -104, /* windows crypt generation error */ RAN_BLOCK_E = -105, /* reading random device would block */ + BAD_MUTEX_E = -106, /* Bad mutex operation */ MP_INIT_E = -110, /* mp_init error state */ MP_READ_E = -111, /* mp_read error state */ @@ -88,6 +88,7 @@ enum { ASN_SIG_KEY_E = -157, /* ASN sig error, unsupported key type */ ASN_DH_KEY_E = -158, /* ASN key init error, invalid input */ ASN_NTRU_KEY_E = -159, /* ASN ntru key decode error, invalid input */ + ASN_CRIT_EXT_E = -160, /* ASN unsupported critical extension */ ECC_BAD_ARG_E = -170, /* ECC input argument of wrong type */ ASN_ECC_KEY_E = -171, /* ASN ECC bad input */ @@ -99,12 +100,41 @@ enum { ALT_NAME_E = -177, /* alt name size problem, too big */ AES_GCM_AUTH_E = -180, /* AES-GCM Authentication check failure */ + AES_CCM_AUTH_E = -181, /* AES-CCM Authentication check failure */ - MIN_CODE_E = -200 /* errors -101 - -199 */ + CAVIUM_INIT_E = -182, /* Cavium Init type error */ + + COMPRESS_INIT_E = -183, /* Compress init error */ + COMPRESS_E = -184, /* Compress error */ + DECOMPRESS_INIT_E = -185, /* DeCompress init error */ + DECOMPRESS_E = -186, /* DeCompress error */ + + BAD_ALIGN_E = -187, /* Bad alignment for operation, no alloc */ + ASN_NO_SIGNER_E = -188, /* ASN no signer to confirm failure */ + ASN_CRL_CONFIRM_E = -189, /* ASN CRL signature confirm failure */ + ASN_CRL_NO_SIGNER_E = -190, /* ASN CRL no signer to confirm failure */ + ASN_OCSP_CONFIRM_E = -191, /* ASN OCSP signature confirm failure */ + + BAD_ENC_STATE_E = -192, /* Bad ecc enc state operation */ + BAD_PADDING_E = -193, /* Bad padding, msg not correct length */ + + REQ_ATTRIBUTE_E = -194, /* setting cert request attributes error */ + + PKCS7_OID_E = -195, /* PKCS#7, mismatched OID error */ + PKCS7_RECIP_E = -196, /* PKCS#7, recipient error */ + FIPS_NOT_ALLOWED_E = -197, /* FIPS not allowed error */ + ASN_NAME_INVALID_E = -198, /* ASN name constraint error */ + + RNG_FAILURE_E = -199, /* RNG Failed, Reinitialize */ + + HMAC_MIN_KEYLEN_E = -200, /* FIPS Mode HMAC Minimum Key Length error */ + + MIN_CODE_E = -300 /* errors -101 - -299 */ }; -CYASSL_API void CTaoCryptErrorString(int error, char* buffer); +CYASSL_API void CTaoCryptErrorString(int err, char* buff); +CYASSL_API const char* CTaoCryptGetErrorString(int error); #ifdef __cplusplus @@ -113,3 +143,4 @@ CYASSL_API void CTaoCryptErrorString(int error, char* buffer); #endif /* CTAO_CRYPT_ERROR_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/fips_test.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/fips_test.h new file mode 100644 index 000000000..2015927cd --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/fips_test.h @@ -0,0 +1,43 @@ +/* fips_test.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifndef CTAO_CRYPT_FIPS_TEST_H +#define CTAO_CRYPT_FIPS_TEST_H + +#include + + +#ifdef __cplusplus + extern "C" { +#endif + +/* Known Answer Test string inputs are hex */ + +CYASSL_LOCAL int DoKnownAnswerTests(void); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* CTAO_CRYPT_FIPS_TEST_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hc128.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hc128.h index d3e5f21e8..766a79b2e 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hc128.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hc128.h @@ -1,6 +1,6 @@ /* hc128.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -47,8 +47,8 @@ typedef struct HC128 { } HC128; -CYASSL_API void Hc128_Process(HC128*, byte*, const byte*, word32); -CYASSL_API void Hc128_SetKey(HC128*, const byte* key, const byte* iv); +CYASSL_API int Hc128_Process(HC128*, byte*, const byte*, word32); +CYASSL_API int Hc128_SetKey(HC128*, const byte* key, const byte* iv); #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hmac.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hmac.h index ee11669d0..78cc9556c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hmac.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/hmac.h @@ -1,6 +1,6 @@ /* hmac.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -25,51 +25,111 @@ #ifndef CTAO_CRYPT_HMAC_H #define CTAO_CRYPT_HMAC_H -#include -#include +#include + +#ifndef NO_MD5 + #include +#endif + +#ifndef NO_SHA + #include +#endif #ifndef NO_SHA256 #include #endif -#ifdef CYASSL_SHA384 +#ifdef CYASSL_SHA512 #include #endif +#ifdef HAVE_BLAKE2 + #include +#endif + +#ifdef HAVE_CAVIUM + #include + #include "cavium_common.h" +#endif + #ifdef __cplusplus extern "C" { #endif +#define CYASSL_HMAC_CAVIUM_MAGIC 0xBEEF0005 + enum { + HMAC_FIPS_MIN_KEY = 14, /* 112 bit key length minimum */ + IPAD = 0x36, OPAD = 0x5C, -#if defined(CYASSL_SHA384) - INNER_HASH_SIZE = SHA384_DIGEST_SIZE, + +/* If any hash is not enabled, add the ID here. */ +#ifdef NO_MD5 + MD5 = 0, +#endif +#ifdef NO_SHA + SHA = 1, +#endif +#ifdef NO_SHA256 + SHA256 = 2, +#endif +#ifndef CYASSL_SHA512 + SHA512 = 4, +#endif +#ifndef CYASSL_SHA384 + SHA384 = 5, +#endif +#ifndef HAVE_BLAKE2 + BLAKE2B_ID = 7, +#endif + +/* Select the largest available hash for the buffer size. */ +#if defined(CYASSL_SHA512) + MAX_DIGEST_SIZE = SHA512_DIGEST_SIZE, + HMAC_BLOCK_SIZE = SHA512_BLOCK_SIZE +#elif defined(HAVE_BLAKE2) + MAX_DIGEST_SIZE = BLAKE2B_OUTBYTES, + HMAC_BLOCK_SIZE = BLAKE2B_BLOCKBYTES, +#elif defined(CYASSL_SHA384) + MAX_DIGEST_SIZE = SHA384_DIGEST_SIZE, HMAC_BLOCK_SIZE = SHA384_BLOCK_SIZE #elif !defined(NO_SHA256) - INNER_HASH_SIZE = SHA256_DIGEST_SIZE, - HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE, - SHA384 = 5 + MAX_DIGEST_SIZE = SHA256_DIGEST_SIZE, + HMAC_BLOCK_SIZE = SHA256_BLOCK_SIZE +#elif !defined(NO_SHA) + MAX_DIGEST_SIZE = SHA_DIGEST_SIZE, + HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE +#elif !defined(NO_MD5) + MAX_DIGEST_SIZE = MD5_DIGEST_SIZE, + HMAC_BLOCK_SIZE = MD5_BLOCK_SIZE #else - INNER_HASH_SIZE = SHA_DIGEST_SIZE, - HMAC_BLOCK_SIZE = SHA_BLOCK_SIZE, - SHA256 = 2, /* hash type unique */ - SHA384 = 5 + #error "You have to have some kind of hash if you want to use HMAC." #endif }; /* hash union */ typedef union { - Md5 md5; - Sha sha; + #ifndef NO_MD5 + Md5 md5; + #endif + #ifndef NO_SHA + Sha sha; + #endif #ifndef NO_SHA256 Sha256 sha256; #endif #ifdef CYASSL_SHA384 Sha384 sha384; #endif + #ifdef CYASSL_SHA512 + Sha512 sha512; + #endif + #ifdef HAVE_BLAKE2 + Blake2b blake2b; + #endif } Hash; /* Hmac digest */ @@ -77,16 +137,58 @@ typedef struct Hmac { Hash hash; word32 ipad[HMAC_BLOCK_SIZE / sizeof(word32)]; /* same block size all*/ word32 opad[HMAC_BLOCK_SIZE / sizeof(word32)]; - word32 innerHash[INNER_HASH_SIZE / sizeof(word32)]; /* max size */ + word32 innerHash[MAX_DIGEST_SIZE / sizeof(word32)]; byte macType; /* md5 sha or sha256 */ byte innerHashKeyed; /* keyed flag */ +#ifdef HAVE_CAVIUM + word16 keyLen; /* hmac key length */ + word16 dataLen; + HashType type; /* hmac key type */ + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ + word64 contextHandle; /* nitrox context memory handle */ + byte* data; /* buffered input data for one call */ +#endif } Hmac; /* does init */ -CYASSL_API void HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); -CYASSL_API void HmacUpdate(Hmac*, const byte*, word32); -CYASSL_API void HmacFinal(Hmac*, byte*); +CYASSL_API int HmacSetKey(Hmac*, int type, const byte* key, word32 keySz); +CYASSL_API int HmacUpdate(Hmac*, const byte*, word32); +CYASSL_API int HmacFinal(Hmac*, byte*); + +#ifdef HAVE_CAVIUM + CYASSL_API int HmacInitCavium(Hmac*, int); + CYASSL_API void HmacFreeCavium(Hmac*); +#endif + +CYASSL_API int CyaSSL_GetHmacMaxSize(void); + + +#ifdef HAVE_HKDF + +CYASSL_API int HKDF(int type, const byte* inKey, word32 inKeySz, + const byte* salt, word32 saltSz, + const byte* info, word32 infoSz, + byte* out, word32 outSz); + +#endif /* HAVE_HKDF */ + + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int HmacSetKey_fips(Hmac*, int type, const byte* key, + word32 keySz); + CYASSL_API int HmacUpdate_fips(Hmac*, const byte*, word32); + CYASSL_API int HmacFinal_fips(Hmac*, byte*); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define HmacSetKey HmacSetKey_fips + #define HmacUpdate HmacUpdate_fips + #define HmacFinal HmacFinal_fips + #endif /* FIPS_NO_WRAPPERS */ + +#endif /* HAVE_FIPS */ #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/include.am b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/include.am index 6b27ff13b..b3cf210a4 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/include.am @@ -6,12 +6,15 @@ nobase_include_HEADERS+= \ cyassl/ctaocrypt/arc4.h \ cyassl/ctaocrypt/asn.h \ cyassl/ctaocrypt/asn_public.h \ + cyassl/ctaocrypt/camellia.h \ cyassl/ctaocrypt/coding.h \ + cyassl/ctaocrypt/compress.h \ cyassl/ctaocrypt/des3.h \ cyassl/ctaocrypt/dh.h \ cyassl/ctaocrypt/dsa.h \ cyassl/ctaocrypt/ecc.h \ - cyassl/ctaocrypt/error.h \ + cyassl/ctaocrypt/error-crypt.h \ + cyassl/ctaocrypt/fips_test.h \ cyassl/ctaocrypt/hc128.h \ cyassl/ctaocrypt/hmac.h \ cyassl/ctaocrypt/integer.h \ @@ -19,6 +22,8 @@ nobase_include_HEADERS+= \ cyassl/ctaocrypt/md4.h \ cyassl/ctaocrypt/md5.h \ cyassl/ctaocrypt/misc.h \ + cyassl/ctaocrypt/pkcs7.h \ + cyassl/ctaocrypt/wc_port.h \ cyassl/ctaocrypt/pwdbased.h \ cyassl/ctaocrypt/rabbit.h \ cyassl/ctaocrypt/random.h \ @@ -28,6 +33,9 @@ nobase_include_HEADERS+= \ cyassl/ctaocrypt/sha256.h \ cyassl/ctaocrypt/sha512.h \ cyassl/ctaocrypt/sha.h \ + cyassl/ctaocrypt/blake2.h \ + cyassl/ctaocrypt/blake2-int.h \ + cyassl/ctaocrypt/blake2-impl.h \ cyassl/ctaocrypt/tfm.h \ cyassl/ctaocrypt/types.h \ cyassl/ctaocrypt/visibility.h \ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/integer.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/integer.h index ff1c5916b..77b5552c7 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/integer.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/integer.h @@ -1,6 +1,6 @@ /* integer.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ /* @@ -70,6 +70,10 @@ extern "C" { #define MP_64BIT #endif #endif +/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */ +#if defined(MP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T) + #undef MP_64BIT +#endif /* some default configurations. * @@ -82,33 +86,23 @@ extern "C" { #ifdef MP_8BIT typedef unsigned char mp_digit; typedef unsigned short mp_word; -#elif defined(MP_16BIT) +#elif defined(MP_16BIT) || defined(NO_64BIT) typedef unsigned short mp_digit; - typedef unsigned long mp_word; + typedef unsigned int mp_word; #elif defined(MP_64BIT) /* for GCC only on supported platforms */ -#ifndef CRYPT - typedef unsigned long long ulong64; - typedef signed long long long64; -#endif - - typedef unsigned long mp_digit; + typedef unsigned long long mp_digit; /* 64 bit type, 128 uses mode(TI) */ typedef unsigned long mp_word __attribute__ ((mode(TI))); #define DIGIT_BIT 60 #else /* this is the default case, 28-bit digits */ - /* this is to make porting into LibTomCrypt easier :-) */ -#ifndef CRYPT #if defined(_MSC_VER) || defined(__BORLANDC__) typedef unsigned __int64 ulong64; - typedef signed __int64 long64; #else typedef unsigned long long ulong64; - typedef signed long long long64; #endif -#endif typedef unsigned int mp_digit; /* long could be 64 now, changed TAO */ typedef ulong64 mp_word; @@ -235,15 +229,16 @@ int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y); /* functions added to support above needed, removed TOOM and KARATSUBA */ int mp_count_bits (mp_int * a); +int mp_leading_bit (mp_int * a); int mp_init_copy (mp_int * a, mp_int * b); int mp_copy (mp_int * a, mp_int * b); int mp_grow (mp_int * a, int size); -void bn_reverse (unsigned char *s, int len); int mp_div_2d (mp_int * a, int b, mp_int * c, mp_int * d); void mp_zero (mp_int * a); void mp_clamp (mp_int * a); void mp_exch (mp_int * a, mp_int * b); void mp_rshd (mp_int * a, int b); +void mp_rshb (mp_int * a, int b); int mp_mod_2d (mp_int * a, int b, mp_int * c); int mp_mul_2d (mp_int * a, int b, mp_int * c); int mp_lshd (mp_int * a, int b); @@ -295,6 +290,7 @@ int mp_2expt (mp_int * a, int b); int mp_reduce_2k_setup(mp_int *a, mp_digit *d); int mp_add_d (mp_int* a, mp_digit b, mp_int* c); int mp_set_int (mp_int * a, unsigned long b); +int mp_sub_d (mp_int * a, mp_digit b, mp_int * c); /* end support added functions */ /* added */ @@ -314,10 +310,6 @@ int mp_init_multi(mp_int* a, mp_int* b, mp_int* c, mp_int* d, mp_int* e, int mp_lcm (mp_int * a, mp_int * b, mp_int * c); #endif -#if defined(CYASSL_KEY_GEN) || defined(HAVE_ECC) || !defined(NO_PWDBASED) - int mp_sub_d (mp_int * a, mp_digit b, mp_int * c); -#endif - #ifdef __cplusplus } #endif diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/logging.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/logging.h index efe3d3bfa..a361e8cca 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/logging.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/logging.h @@ -1,6 +1,6 @@ /* logging.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ /* submitted by eof */ @@ -58,7 +58,7 @@ CYASSL_API int CyaSSL_SetLoggingCb(CyaSSL_Logging_cb log_function); #define CYASSL_ENTER(m) #define CYASSL_LEAVE(m, r) - #define CYASSL_ERROR(e) + #define CYASSL_ERROR(e) #define CYASSL_MSG(m) #endif /* DEBUG_CYASSL */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md2.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md2.h index a57a92fb0..2d55cd9ea 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md2.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md2.h @@ -1,6 +1,6 @@ /* md2.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -54,6 +54,7 @@ typedef struct Md2 { CYASSL_API void InitMd2(Md2*); CYASSL_API void Md2Update(Md2*, const byte*, word32); CYASSL_API void Md2Final(Md2*, byte*); +CYASSL_API int Md2Hash(const byte*, word32, byte*); #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md4.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md4.h index f6e8c7b7a..eb5ebb5a4 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md4.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md4.h @@ -1,6 +1,6 @@ /* md4.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md5.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md5.h index 2e6a46ddd..f62ede96c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md5.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/md5.h @@ -1,6 +1,6 @@ /* md5.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,9 +16,10 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ +#ifndef NO_MD5 #ifndef CTAO_CRYPT_MD5_H #define CTAO_CRYPT_MD5_H @@ -32,26 +33,37 @@ /* in bytes */ enum { +#ifdef STM32F2_HASH + MD5_REG_SIZE = 4, /* STM32 register size, bytes */ +#endif MD5 = 0, /* hash type unique */ MD5_BLOCK_SIZE = 64, MD5_DIGEST_SIZE = 16, MD5_PAD_SIZE = 56 }; +#ifdef CYASSL_PIC32MZ_HASH +#include "port/pic32/pic32mz-crypt.h" +#endif /* MD5 digest */ typedef struct Md5 { word32 buffLen; /* in bytes */ word32 loLen; /* length in bytes */ word32 hiLen; /* length in bytes */ - word32 digest[MD5_DIGEST_SIZE / sizeof(word32)]; word32 buffer[MD5_BLOCK_SIZE / sizeof(word32)]; + #ifndef CYASSL_PIC32MZ_HASH + word32 digest[MD5_DIGEST_SIZE / sizeof(word32)]; + #else + word32 digest[PIC32_HASH_SIZE / sizeof(word32)]; + pic32mz_desc desc ; /* Crypt Engine descripter */ + #endif } Md5; - CYASSL_API void InitMd5(Md5*); CYASSL_API void Md5Update(Md5*, const byte*, word32); CYASSL_API void Md5Final(Md5*, byte*); +CYASSL_API int Md5Hash(const byte*, word32, byte*); #ifdef __cplusplus @@ -59,4 +71,4 @@ CYASSL_API void Md5Final(Md5*, byte*); #endif #endif /* CTAO_CRYPT_MD5_H */ - +#endif /* NO_MD5 */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/memory.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/memory.h index e1467bcf9..20e98a392 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/memory.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/memory.h @@ -1,6 +1,6 @@ /* memory.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ /* submitted by eof */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/misc.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/misc.h index 41e236828..c55f50bd0 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/misc.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/misc.h @@ -1,6 +1,6 @@ /* misc.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -42,13 +42,11 @@ CYASSL_LOCAL word32 ByteReverseWord32(word32); CYASSL_LOCAL void ByteReverseWords(word32*, const word32*, word32); -CYASSL_LOCAL -void ByteReverseBytes(byte*, const byte*, word32); CYASSL_LOCAL void XorWords(word*, const word*, word32); CYASSL_LOCAL -void xorbuf(byte*, const byte*, word32); +void xorbuf(void*, const void*, word32); #ifdef WORD64_AVAILABLE CYASSL_LOCAL diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_class.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_class.h index 1381a8666..50ad757f3 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_class.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_class.h @@ -1,6 +1,6 @@ /* mpi_class.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_superclass.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_superclass.h index 60d6e3404..06a05f542 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_superclass.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/mpi_superclass.h @@ -1,6 +1,6 @@ /* mpi_superclass.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pkcs7.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pkcs7.h new file mode 100644 index 000000000..63ae2a54c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pkcs7.h @@ -0,0 +1,123 @@ +/* pkcs7.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifdef HAVE_PKCS7 + +#ifndef CTAO_CRYPT_PKCS7_H +#define CTAO_CRYPT_PKCS7_H + +#include +#include +#include +#include +#include + +#ifdef __cplusplus + extern "C" { +#endif + +/* PKCS#7 content types, ref RFC 2315 (Section 14) */ +enum PKCS7_TYPES { + PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */ + DATA = 651, /* 1.2.840.113549.1.7.1 */ + SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */ + ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */ + SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */ + DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */ + ENCRYPTED_DATA = 656 /* 1.2.840.113549.1.7.6 */ +}; + +enum Pkcs7_Misc { + PKCS7_NONCE_SZ = 16, + MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */ + MAX_CONTENT_KEY_LEN = DES3_KEYLEN, /* highest current cipher is 3DES */ + MAX_RECIP_SZ = MAX_VERSION_SZ + + MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ + + MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ +}; + + +typedef struct PKCS7Attrib { + byte* oid; + word32 oidSz; + byte* value; + word32 valueSz; +} PKCS7Attrib; + + +typedef struct PKCS7 { + byte* content; /* inner content, not owner */ + word32 contentSz; /* content size */ + int contentOID; /* PKCS#7 content type OID sum */ + + RNG* rng; + + int hashOID; + int encryptOID; /* key encryption algorithm OID */ + + byte* singleCert; /* recipient cert, DER, not owner */ + word32 singleCertSz; /* size of recipient cert buffer, bytes */ + byte issuerHash[SHA_SIZE]; /* hash of all alt Names */ + byte* issuer; /* issuer name of singleCert */ + word32 issuerSz; /* length of issuer name */ + byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */ + word32 issuerSnSz; /* length of serial number */ + byte publicKey[512]; + word32 publicKeySz; + byte* privateKey; /* private key, DER, not owner */ + word32 privateKeySz; /* size of private key buffer, bytes */ + + PKCS7Attrib* signedAttribs; + word32 signedAttribsSz; +} PKCS7; + + +CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output); +CYASSL_LOCAL int GetContentType(const byte* input, word32* inOutIdx, + word32* oid, word32 maxIdx); +CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz, + int keyEncAlgo, int blockKeySz, + RNG* rng, byte* contentKeyPlain, + byte* contentKeyEnc, + int* keyEncSz, byte* out, word32 outSz); + +CYASSL_API int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz); +CYASSL_API void PKCS7_Free(PKCS7* pkcs7); +CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz); +CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7, + byte* output, word32 outputSz); +CYASSL_API int PKCS7_VerifySignedData(PKCS7* pkcs7, + byte* pkiMsg, word32 pkiMsgSz); +CYASSL_API int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7, + byte* output, word32 outputSz); +CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg, + word32 pkiMsgSz, byte* output, + word32 outputSz); + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* CTAO_CRYPT_PKCS7_H */ + +#endif /* HAVE_PKCS7 */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pwdbased.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pwdbased.h index 27029eaa5..04ea330a8 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pwdbased.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/pwdbased.h @@ -1,6 +1,6 @@ /* pwdbased.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rabbit.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rabbit.h index ea1ea9f16..08da26c83 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rabbit.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rabbit.h @@ -1,6 +1,6 @@ /* rabbit.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -52,8 +52,8 @@ typedef struct Rabbit { } Rabbit; -CYASSL_API void RabbitProcess(Rabbit*, byte*, const byte*, word32); -CYASSL_API void RabbitSetKey(Rabbit*, const byte* key, const byte* iv); +CYASSL_API int RabbitProcess(Rabbit*, byte*, const byte*, word32); +CYASSL_API int RabbitSetKey(Rabbit*, const byte* key, const byte* iv); #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/random.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/random.h index 3bd911b51..728c22209 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/random.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/random.h @@ -1,6 +1,6 @@ /* random.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,14 +16,24 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifndef CTAO_CRYPT_RANDOM_H #define CTAO_CRYPT_RANDOM_H -#include +#include + +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + #ifdef NO_SHA256 + #error "Hash DRBG requires SHA-256." + #endif /* NO_SHA256 */ + + #include +#else /* HAVE_HASHDRBG || NO_RC4 */ + #include +#endif /* HAVE_HASHDRBG || NO_RC4 */ #ifdef __cplusplus extern "C" { @@ -49,20 +59,92 @@ typedef struct OS_Seed { #endif } OS_Seed; + CYASSL_LOCAL int GenerateSeed(OS_Seed* os, byte* seed, word32 sz); +#if defined(CYASSL_MDK_ARM) +#undef RNG +#define RNG CyaSSL_RNG /* for avoiding name conflict in "stm32f2xx.h" */ +#endif + + +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + + +#define DRBG_SEED_LEN (440/8) + + +/* Hash-based Deterministic Random Bit Generator */ +typedef struct RNG { + OS_Seed seed; + + Sha256 sha; + byte digest[SHA256_DIGEST_SIZE]; + byte V[DRBG_SEED_LEN]; + byte C[DRBG_SEED_LEN]; + word32 reseedCtr; + byte status; +} RNG; + + +#else /* HAVE_HASHDRBG || NO_RC4 */ + + +#define CYASSL_RNG_CAVIUM_MAGIC 0xBEEF0004 + +/* secure Random Number Generator */ + -/* secure Random Nnumber Generator */ typedef struct RNG { OS_Seed seed; Arc4 cipher; +#ifdef HAVE_CAVIUM + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ +#endif } RNG; +#ifdef HAVE_CAVIUM + CYASSL_API int InitRngCavium(RNG*, int); +#endif + + +#endif /* HAVE_HASH_DRBG || NO_RC4 */ + + CYASSL_API int InitRng(RNG*); -CYASSL_API void RNG_GenerateBlock(RNG*, byte*, word32 sz); -CYASSL_API byte RNG_GenerateByte(RNG*); +CYASSL_API int RNG_GenerateBlock(RNG*, byte*, word32 sz); +CYASSL_API int RNG_GenerateByte(RNG*, byte*); + + +#if defined(HAVE_HASHDRBG) || defined(NO_RC4) + CYASSL_API int FreeRng(RNG*); + CYASSL_API int RNG_HealthTest(int reseed, + const byte* entropyA, word32 entropyASz, + const byte* entropyB, word32 entropyBSz, + const byte* output, word32 outputSz); +#endif /* HAVE_HASHDRBG || NO_RC4 */ + + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int InitRng_fips(RNG* rng); + CYASSL_API int FreeRng_fips(RNG* rng); + CYASSL_API int RNG_GenerateBlock_fips(RNG* rng, byte* buf, word32 bufSz); + CYASSL_API int RNG_HealthTest_fips(int reseed, + const byte* entropyA, word32 entropyASz, + const byte* entropyB, word32 entropyBSz, + const byte* output, word32 outputSz); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define InitRng InitRng_fips + #define FreeRng FreeRng_fips + #define RNG_GenerateBlock RNG_GenerateBlock_fips + #define RNG_HealthTest RNG_HealthTest_fips + #endif /* FIPS_NO_WRAPPERS */ +#endif /* HAVE_FIPS */ #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ripemd.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ripemd.h index 5895cce26..de062698c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ripemd.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/ripemd.h @@ -1,6 +1,6 @@ /* ripemd.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rsa.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rsa.h index 70e3fcd1a..1f94742a8 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rsa.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/rsa.h @@ -1,6 +1,6 @@ /* rsa.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,9 +16,10 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ +#ifndef NO_RSA #ifndef CTAO_CRYPT_RSA_H #define CTAO_CRYPT_RSA_H @@ -31,6 +32,7 @@ extern "C" { #endif +#define CYASSL_RSA_CAVIUM_MAGIC 0xBEEF0006 enum { RSA_PUBLIC = 0, @@ -42,11 +44,25 @@ typedef struct RsaKey { mp_int n, e, d, p, q, dP, dQ, u; int type; /* public or private */ void* heap; /* for user memory overrides */ +#ifdef HAVE_CAVIUM + int devId; /* nitrox device id */ + word32 magic; /* using cavium magic */ + word64 contextHandle; /* nitrox context memory handle */ + byte* c_n; /* cavium byte buffers for key parts */ + byte* c_e; + byte* c_d; + byte* c_p; + byte* c_q; + byte* c_dP; + byte* c_dQ; + byte* c_u; /* sizes in bytes */ + word16 c_nSz, c_eSz, c_dSz, c_pSz, c_qSz, c_dP_Sz, c_dQ_Sz, c_uSz; +#endif } RsaKey; -CYASSL_API void InitRsaKey(RsaKey* key, void*); -CYASSL_API void FreeRsaKey(RsaKey* key); +CYASSL_API int InitRsaKey(RsaKey* key, void*); +CYASSL_API int FreeRsaKey(RsaKey* key); CYASSL_API int RsaPublicEncrypt(const byte* in, word32 inLen, byte* out, word32 outLen, RsaKey* key, RNG* rng); @@ -71,6 +87,50 @@ CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, CYASSL_API int RsaKeyToDer(RsaKey*, byte* output, word32 inLen); #endif +#ifdef HAVE_CAVIUM + CYASSL_API int RsaInitCavium(RsaKey*, int); + CYASSL_API void RsaFreeCavium(RsaKey*); +#endif + + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int InitRsaKey_fips(RsaKey* key, void*); + CYASSL_API int FreeRsaKey_fips(RsaKey* key); + + CYASSL_API int RsaPublicEncrypt_fips(const byte* in,word32 inLen,byte* out, + word32 outLen, RsaKey* key, RNG* rng); + CYASSL_API int RsaPrivateDecryptInline_fips(byte* in, word32 inLen, + byte** out, RsaKey* key); + CYASSL_API int RsaPrivateDecrypt_fips(const byte* in, word32 inLen, + byte* out,word32 outLen,RsaKey* key); + CYASSL_API int RsaSSL_Sign_fips(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key, RNG* rng); + CYASSL_API int RsaSSL_VerifyInline_fips(byte* in, word32 inLen, byte** out, + RsaKey* key); + CYASSL_API int RsaSSL_Verify_fips(const byte* in, word32 inLen, byte* out, + word32 outLen, RsaKey* key); + CYASSL_API int RsaEncryptSize_fips(RsaKey* key); + + CYASSL_API int RsaPrivateKeyDecode_fips(const byte* input, word32* inOutIdx, + RsaKey*, word32); + CYASSL_API int RsaPublicKeyDecode_fips(const byte* input, word32* inOutIdx, + RsaKey*, word32); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define InitRsaKey InitRsaKey_fips + #define FreeRsaKey FreeRsaKey_fips + #define RsaPublicEncrypt RsaPublicEncrypt_fips + #define RsaPrivateDecryptInline RsaPrivateDecryptInline_fips + #define RsaPrivateDecrypt RsaPrivateDecrypt_fips + #define RsaSSL_Sign RsaSSL_Sign_fips + #define RsaSSL_VerifyInline RsaSSL_VerifyInline_fips + #define RsaSSL_Verify RsaSSL_Verify_fips + #define RsaEncryptSize RsaEncryptSize_fips + /* no implicit KeyDecodes since in asn.c (not rsa.c) */ + #endif /* FIPS_NO_WRAPPERS */ + +#endif /* HAVE_FIPS */ #ifdef __cplusplus @@ -79,3 +139,4 @@ CYASSL_API int RsaPublicKeyDecode(const byte* input, word32* inOutIdx, RsaKey*, #endif /* CTAO_CRYPT_RSA_H */ +#endif /* NO_RSA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/settings.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/settings.h index ef60087aa..57bb8290e 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/settings.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/settings.h @@ -1,6 +1,6 @@ /* settings.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ /* Place OS specific preprocessor flags, defines, includes here, will be @@ -45,18 +45,50 @@ /* Uncomment next line if using Microchip PIC32 ethernet starter kit */ /* #define MICROCHIP_PIC32 */ +/* Uncomment next line if using Microchip TCP/IP stack, version 5 */ +/* #define MICROCHIP_TCPIP_V5 */ + +/* Uncomment next line if using Microchip TCP/IP stack, version 6 or later */ +/* #define MICROCHIP_TCPIP */ + +/* Uncomment next line if using PIC32MZ Crypto Engine */ +/* #define CYASSL_MICROCHIP_PIC32MZ */ + /* Uncomment next line if using FreeRTOS */ /* #define FREERTOS */ /* Uncomment next line if using FreeRTOS Windows Simulator */ /* #define FREERTOS_WINSIM */ +/* Uncomment next line if using RTIP */ +/* #define EBSNET */ + /* Uncomment next line if using lwip */ /* #define CYASSL_LWIP */ /* Uncomment next line if building CyaSSL for a game console */ /* #define CYASSL_GAME_BUILD */ +/* Uncomment next line if building CyaSSL for LSR */ +/* #define CYASSL_LSR */ + +/* Uncomment next line if building CyaSSL for Freescale MQX/RTCS/MFS */ +/* #define FREESCALE_MQX */ + +/* Uncomment next line if using STM32F2 */ +/* #define CYASSL_STM32F2 */ + +/* Uncomment next line if using Comverge settings */ +/* #define COMVERGE */ + +/* Uncomment next line if using QL SEP settings */ +/* #define CYASSL_QL */ + +/* Uncomment next line if building for EROAD */ +/* #define CYASSL_EROAD */ + +/* Uncomment next line if building for IAR EWARM */ +/* #define CYASSL_IAR_ARM */ #include @@ -64,38 +96,181 @@ #define SIZEOF_LONG_LONG 8 #endif + +#ifdef CYASSL_USER_SETTINGS + #include +#endif + + +#ifdef COMVERGE + #define THREADX + #define HAVE_NETX + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_FILESYSTEM + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_RSA + #define NO_SESSION_CACHE + #define HAVE_ECC +#endif + + #ifdef THREADX #define SIZEOF_LONG_LONG 8 #endif +#ifdef HAVE_NETX + #include "nx_api.h" +#endif + +#if defined(HAVE_LWIP_NATIVE) /* using LwIP native TCP socket */ + #define CYASSL_LWIP + #define NO_WRITEV + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_FILESYSTEM +#endif + +#if defined(CYASSL_IAR_ARM) + #define NO_MAIN_DRIVER + #define SINGLE_THREADED + #define USE_CERT_BUFFERS_1024 + #define BENCH_EMBEDDED + #define NO_FILESYSTEM + #define NO_WRITEV + #define CYASSL_USER_IO + #define BENCH_EMBEDDED +#endif + #ifdef MICROCHIP_PIC32 - /* use MBED plus no filesystem */ - #define MBED + /* #define CYASSL_MICROCHIP_PIC32MZ */ + #define SIZEOF_LONG_LONG 8 + #define SINGLE_THREADED + #define CYASSL_USER_IO + #define NO_WRITEV + #define NO_DEV_RANDOM #define NO_FILESYSTEM + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT +#endif + +#ifdef CYASSL_MICROCHIP_PIC32MZ + #define CYASSL_PIC32MZ_CE + #define CYASSL_PIC32MZ_CRYPT + #define HAVE_AES_ENGINE + #define CYASSL_PIC32MZ_RNG + /* #define CYASSL_PIC32MZ_HASH */ + #define CYASSL_AES_COUNTER + #define HAVE_AESGCM + #define NO_BIG_INT + +#endif + +#ifdef MICROCHIP_TCPIP_V5 + /* include timer functions */ + #include "TCPIP Stack/TCPIP.h" +#endif + +#ifdef MICROCHIP_TCPIP + /* include timer, NTP functions */ + #ifdef MICROCHIP_MPLAB_HARMONY + #include "tcpip/tcpip.h" + #else + #include "system/system_services.h" + #include "tcpip/sntp.h" + #endif #endif #ifdef MBED - #define SINGLE_THREADED #define CYASSL_USER_IO + #define NO_FILESYSTEM + #define NO_CERT + #define USE_CERT_BUFFERS_1024 #define NO_WRITEV #define NO_DEV_RANDOM #define NO_SHA512 #define NO_DH #define NO_DSA #define NO_HC128 -#endif /* MBED */ + #define HAVE_ECC + #define NO_SESSION_CACHE + #define CYASSL_CMSIS_RTOS +#endif + + +#ifdef CYASSL_EROAD + #define FREESCALE_MQX + #define FREESCALE_MMCAU + #define SINGLE_THREADED + #define NO_STDIO_FILESYSTEM + #define CYASSL_LEANPSK + #define HAVE_NULL_CIPHER + #define NO_OLD_TLS + #define NO_ASN + #define NO_BIG_INT + #define NO_RSA + #define NO_DSA + #define NO_DH + #define NO_CERTS + #define NO_PWDBASED + #define NO_DES3 + #define NO_MD4 + #define NO_RC4 + #define NO_MD5 + #define NO_SESSION_CACHE + #define NO_MAIN_DRIVER +#endif #ifdef FREERTOS_WINSIM #define FREERTOS #define USE_WINDOWS_API #endif + +/* Micrium will use Visual Studio for compilation but not the Win32 API */ +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) && !defined(CYASSL_EROAD) + #define USE_WINDOWS_API +#endif + + +#if defined(CYASSL_LEANPSK) && !defined(XMALLOC_USER) + #include + #define XMALLOC(s, h, type) malloc((s)) + #define XFREE(p, h, type) free((p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#endif + +#if defined(XMALLOC_USER) && defined(SSN_BUILDING_LIBYASSL) + #undef XMALLOC + #define XMALLOC yaXMALLOC + #undef XFREE + #define XFREE yaXFREE + #undef XREALLOC + #define XREALLOC yaXREALLOC +#endif + + #ifdef FREERTOS - #define NO_WRITEV - #define NO_SHA512 - #define NO_DH - #define NO_DSA - #define NO_HC128 + #ifndef NO_WRITEV + #define NO_WRITEV + #endif + #ifndef NO_SHA512 + #define NO_SHA512 + #endif + #ifndef NO_DH + #define NO_DH + #endif + #ifndef NO_DSA + #define NO_DSA + #endif + #ifndef NO_HC128 + #define NO_HC128 + #endif #ifndef SINGLE_THREADED #include "FreeRTOS.h" @@ -103,6 +278,39 @@ #endif #endif +#ifdef EBSNET + #include "rtip.h" + + /* #define DEBUG_CYASSL */ + #define NO_CYASSL_DIR /* tbd */ + + #if (POLLOS) + #define SINGLE_THREADED + #endif + + #if (RTPLATFORM) + #if (!RTP_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #else + #if (!KS_LITTLE_ENDIAN) + #define BIG_ENDIAN_ORDER + #endif + #endif + + #if (WINMSP3) + #undef SIZEOF_LONG + #define SIZEOF_LONG_LONG 8 + #else + #sslpro: settings.h - please implement SIZEOF_LONG and SIZEOF_LONG_LONG + #endif + + #define XMALLOC(s, h, type) ((void *)rtp_malloc((s), SSL_PRO_MALLOC)) + #define XFREE(p, h, type) (rtp_free(p)) + #define XREALLOC(p, n, h, t) realloc((p), (n)) + +#endif /* EBSNET */ + #ifdef CYASSL_GAME_BUILD #define SIZEOF_LONG_LONG 8 #if defined(__PPU) || defined(__XENON) @@ -110,6 +318,86 @@ #endif #endif +#ifdef CYASSL_LSR + #define HAVE_WEBSERVER + #define SIZEOF_LONG_LONG 8 + #define CYASSL_LOW_MEMORY + #define NO_WRITEV + #define NO_SHA512 + #define NO_DH + #define NO_DSA + #define NO_HC128 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #ifndef NO_FILESYSTEM + #define LSR_FS + #include "inc/hw_types.h" + #include "fs.h" + #endif + #define CYASSL_LWIP + #include /* for tcp errno */ + #define CYASSL_SAFERTOS + #if defined(__IAR_SYSTEMS_ICC__) + /* enum uses enum */ + #pragma diag_suppress=Pa089 + #endif +#endif + +#ifdef CYASSL_SAFERTOS + #ifndef SINGLE_THREADED + #include "SafeRTOS/semphr.h" + #endif + + #include "SafeRTOS/heap.h" + #define XMALLOC(s, h, type) pvPortMalloc((s)) + #define XFREE(p, h, type) vPortFree((p)) + #define XREALLOC(p, n, h, t) pvPortRealloc((p), (n)) +#endif + +#ifdef CYASSL_LOW_MEMORY + #undef RSA_LOW_MEM + #define RSA_LOW_MEM + #undef CYASSL_SMALL_STACK + #define CYASSL_SMALL_STACK + #undef TFM_TIMING_RESISTANT + #define TFM_TIMING_RESISTANT +#endif + +#ifdef FREESCALE_MQX + #define SIZEOF_LONG_LONG 8 + #define NO_WRITEV + #define NO_DEV_RANDOM + #define NO_RABBIT + #define NO_CYASSL_DIR + #define USE_FAST_MATH + #define TFM_TIMING_RESISTANT + #define FREESCALE_K70_RNGA + /* #define FREESCALE_K53_RNGB */ + #include "mqx.h" + #ifndef NO_FILESYSTEM + #include "mfs.h" + #include "fio.h" + #endif + #ifndef SINGLE_THREADED + #include "mutex.h" + #endif + + #define XMALLOC(s, h, t) (void *)_mem_alloc_system((s)) + #define XFREE(p, h, t) {void* xp = (p); if ((xp)) _mem_free((xp));} + /* Note: MQX has no realloc, using fastmath above */ +#endif + +#ifdef CYASSL_STM32F2 + #define SIZEOF_LONG_LONG 8 + #define NO_DEV_RANDOM + #define NO_CYASSL_DIR + #define NO_RABBIT + #define STM32F2_RNG + #define STM32F2_CRYPTO + #define KEIL_INTRINSICS +#endif + #ifdef MICRIUM #include "stdlib.h" @@ -306,10 +594,91 @@ #endif /* MICRIUM */ -#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) +#ifdef CYASSL_QL + #ifndef CYASSL_SEP + #define CYASSL_SEP + #endif + #ifndef OPENSSL_EXTRA + #define OPENSSL_EXTRA + #endif + #ifndef SESSION_CERTS + #define SESSION_CERTS + #endif + #ifndef HAVE_AESCCM + #define HAVE_AESCCM + #endif + #ifndef ATOMIC_USER + #define ATOMIC_USER + #endif + #ifndef CYASSL_DER_LOAD + #define CYASSL_DER_LOAD + #endif + #ifndef KEEP_PEER_CERT + #define KEEP_PEER_CERT + #endif + #ifndef HAVE_ECC + #define HAVE_ECC + #endif + #ifndef SESSION_INDEX + #define SESSION_INDEX + #endif +#endif /* CYASSL_QL */ + + +#if !defined(XMALLOC_USER) && !defined(MICRIUM_MALLOC) && \ + !defined(CYASSL_LEANPSK) && !defined(NO_CYASSL_MEMORY) #define USE_CYASSL_MEMORY #endif + +#if defined(OPENSSL_EXTRA) && !defined(NO_CERTS) + #undef KEEP_PEER_CERT + #define KEEP_PEER_CERT +#endif + + +/* stream ciphers except arc4 need 32bit alignment, intel ok without */ +#ifndef XSTREAM_ALIGNMENT + #if defined(__x86_64__) || defined(__ia64__) || defined(__i386__) + #define NO_XSTREAM_ALIGNMENT + #else + #define XSTREAM_ALIGNMENT + #endif +#endif + + +/* FreeScale MMCAU hardware crypto has 4 byte alignment */ +#ifdef FREESCALE_MMCAU + #define CYASSL_MMCAU_ALIGNMENT 4 +#endif + +/* if using hardware crypto and have alignment requirements, specify the + requirement here. The record header of SSL/TLS will prvent easy alignment. + This hint tries to help as much as possible. */ +#ifndef CYASSL_GENERAL_ALIGNMENT + #ifdef CYASSL_AESNI + #define CYASSL_GENERAL_ALIGNMENT 16 + #elif defined(XSTREAM_ALIGNMENT) + #define CYASSL_GENERAL_ALIGNMENT 4 + #elif defined(FREESCALE_MMCAU) + #define CYASSL_GENERAL_ALIGNMENT CYASSL_MMCAU_ALIGNMENT + #else + #define CYASSL_GENERAL_ALIGNMENT 0 + #endif +#endif + +#ifdef HAVE_CRL + /* not widely supported yet */ + #undef NO_SKID + #define NO_SKID +#endif + + +#ifdef __INTEL_COMPILER + #pragma warning(disable:2259) /* explicit casts to smaller sizes, disable */ +#endif + + /* Place any other flags or defines here */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha.h index 5c1b5aa60..f1820a6d9 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha.h @@ -1,6 +1,6 @@ /* sha.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,10 +16,12 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ +#ifndef NO_SHA + #ifndef CTAO_CRYPT_SHA_H #define CTAO_CRYPT_SHA_H @@ -32,31 +34,59 @@ /* in bytes */ enum { +#ifdef STM32F2_HASH + SHA_REG_SIZE = 4, /* STM32 register size, bytes */ +#endif SHA = 1, /* hash type unique */ SHA_BLOCK_SIZE = 64, SHA_DIGEST_SIZE = 20, SHA_PAD_SIZE = 56 }; +#ifdef CYASSL_PIC32MZ_HASH +#include "port/pic32/pic32mz-crypt.h" +#endif /* Sha digest */ typedef struct Sha { word32 buffLen; /* in bytes */ word32 loLen; /* length in bytes */ word32 hiLen; /* length in bytes */ - word32 digest[SHA_DIGEST_SIZE / sizeof(word32)]; word32 buffer[SHA_BLOCK_SIZE / sizeof(word32)]; + #ifndef CYASSL_PIC32MZ_HASH + word32 digest[SHA_DIGEST_SIZE / sizeof(word32)]; + #else + word32 digest[PIC32_HASH_SIZE / sizeof(word32)]; + pic32mz_desc desc; /* Crypt Engine descripter */ + #endif } Sha; -CYASSL_API void InitSha(Sha*); -CYASSL_API void ShaUpdate(Sha*, const byte*, word32); -CYASSL_API void ShaFinal(Sha*, byte*); +CYASSL_API int InitSha(Sha*); +CYASSL_API int ShaUpdate(Sha*, const byte*, word32); +CYASSL_API int ShaFinal(Sha*, byte*); +CYASSL_API int ShaHash(const byte*, word32, byte*); + + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int InitSha_fips(Sha*); + CYASSL_API int ShaUpdate_fips(Sha*, const byte*, word32); + CYASSL_API int ShaFinal_fips(Sha*, byte*); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define InitSha InitSha_fips + #define ShaUpdate ShaUpdate_fips + #define ShaFinal ShaFinal_fips + #endif /* FIPS_NO_WRAPPERS */ +#endif /* HAVE_FIPS */ + #ifdef __cplusplus } /* extern "C" */ #endif #endif /* CTAO_CRYPT_SHA_H */ +#endif /* NO_SHA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha256.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha256.h index 179a78031..c619461a3 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha256.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha256.h @@ -1,6 +1,6 @@ /* sha256.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -34,6 +34,10 @@ extern "C" { #endif +#ifdef CYASSL_PIC32MZ_HASH +#include "port/pic32/pic32mz-crypt.h" +#endif + /* in bytes */ enum { @@ -51,14 +55,33 @@ typedef struct Sha256 { word32 hiLen; /* length in bytes */ word32 digest[SHA256_DIGEST_SIZE / sizeof(word32)]; word32 buffer[SHA256_BLOCK_SIZE / sizeof(word32)]; + #ifdef CYASSL_PIC32MZ_HASH + pic32mz_desc desc ; /* Crypt Engine descripter */ + #endif } Sha256; -CYASSL_API void InitSha256(Sha256*); -CYASSL_API void Sha256Update(Sha256*, const byte*, word32); -CYASSL_API void Sha256Final(Sha256*, byte*); +CYASSL_API int InitSha256(Sha256*); +CYASSL_API int Sha256Update(Sha256*, const byte*, word32); +CYASSL_API int Sha256Final(Sha256*, byte*); +CYASSL_API int Sha256Hash(const byte*, word32, byte*); + + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int InitSha256_fips(Sha256*); + CYASSL_API int Sha256Update_fips(Sha256*, const byte*, word32); + CYASSL_API int Sha256Final_fips(Sha256*, byte*); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define InitSha256 InitSha256_fips + #define Sha256Update Sha256Update_fips + #define Sha256Final Sha256Final_fips + #endif /* FIPS_NO_WRAPPERS */ +#endif /* HAVE_FIPS */ + #ifdef __cplusplus } /* extern "C" */ #endif diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha512.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha512.h index 79861afee..143402439 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha512.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/sha512.h @@ -1,6 +1,6 @@ /* sha512.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -51,12 +51,13 @@ typedef struct Sha512 { } Sha512; -CYASSL_API void InitSha512(Sha512*); -CYASSL_API void Sha512Update(Sha512*, const byte*, word32); -CYASSL_API void Sha512Final(Sha512*, byte*); +CYASSL_API int InitSha512(Sha512*); +CYASSL_API int Sha512Update(Sha512*, const byte*, word32); +CYASSL_API int Sha512Final(Sha512*, byte*); +CYASSL_API int Sha512Hash(const byte*, word32, byte*); -#ifdef CYASSL_SHA384 +#if defined(CYASSL_SHA384) || defined(HAVE_AESGCM) /* in bytes */ enum { @@ -77,9 +78,37 @@ typedef struct Sha384 { } Sha384; -CYASSL_API void InitSha384(Sha384*); -CYASSL_API void Sha384Update(Sha384*, const byte*, word32); -CYASSL_API void Sha384Final(Sha384*, byte*); +CYASSL_API int InitSha384(Sha384*); +CYASSL_API int Sha384Update(Sha384*, const byte*, word32); +CYASSL_API int Sha384Final(Sha384*, byte*); +CYASSL_API int Sha384Hash(const byte*, word32, byte*); + + +#ifdef HAVE_FIPS + /* fips wrapper calls, user can call direct */ + CYASSL_API int InitSha512_fips(Sha512*); + CYASSL_API int Sha512Update_fips(Sha512*, const byte*, word32); + CYASSL_API int Sha512Final_fips(Sha512*, byte*); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define InitSha512 InitSha512_fips + #define Sha512Update Sha512Update_fips + #define Sha512Final Sha512Final_fips + #endif /* FIPS_NO_WRAPPERS */ + + /* fips wrapper calls, user can call direct */ + CYASSL_API int InitSha384_fips(Sha384*); + CYASSL_API int Sha384Update_fips(Sha384*, const byte*, word32); + CYASSL_API int Sha384Final_fips(Sha384*, byte*); + #ifndef FIPS_NO_WRAPPERS + /* if not impl or fips.c impl wrapper force fips calls if fips build */ + #define InitSha384 InitSha384_fips + #define Sha384Update Sha384Update_fips + #define Sha384Final Sha384Final_fips + #endif /* FIPS_NO_WRAPPERS */ + +#endif /* HAVE_FIPS */ + #endif /* CYASSL_SHA384 */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/tfm.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/tfm.h index af74a9034..f4e98c152 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/tfm.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/tfm.h @@ -1,6 +1,6 @@ /* tfm.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -54,6 +54,7 @@ #endif +#ifndef NO_64BIT /* autodetect x86-64 and make sure we are using 64-bit digits with x86-64 asm */ #if defined(__x86_64__) #if defined(TFM_X86) || defined(TFM_SSE2) || defined(TFM_ARM) @@ -72,6 +73,12 @@ #if defined(__x86_64__) && !defined(FP_64BIT) #define FP_64BIT #endif +/* if intel compiler doesn't provide 128 bit type don't turn on 64bit */ +#if defined(FP_64BIT) && defined(__INTEL_COMPILER) && !defined(HAVE___UINT128_T) + #undef FP_64BIT + #undef TFM_X86_64 +#endif +#endif /* NO_64BIT */ /* try to detect x86-32 */ #if defined(__i386__) && !defined(TFM_SSE2) @@ -198,24 +205,24 @@ */ #if defined(FP_64BIT) /* for GCC only on supported platforms */ -#ifndef CRYPT - typedef unsigned long ulong64; -#endif - typedef ulong64 fp_digit; + typedef unsigned long long fp_digit; /* 64bit, 128 uses mode(TI) below */ typedef unsigned long fp_word __attribute__ ((mode(TI))); #else - /* this is to make porting into LibTomCrypt easier :-) */ -#ifndef CRYPT #if defined(_MSC_VER) || defined(__BORLANDC__) typedef unsigned __int64 ulong64; - typedef signed __int64 long64; #else typedef unsigned long long ulong64; - typedef signed long long long64; #endif -#endif - typedef unsigned int fp_digit; - typedef ulong64 fp_word; + + #ifndef NO_64BIT + typedef unsigned int fp_digit; + typedef ulong64 fp_word; + #else + /* some procs like coldfire prefer not to place multiply into 64bit type + even though it exists */ + typedef unsigned short fp_digit; + typedef unsigned int fp_word; + #endif #endif /* # of digits this is */ @@ -291,7 +298,7 @@ typedef struct { #define TFM_MUL12 #define TFM_MUL17 #endif -#ifdef TFM_SMALL_SET +#ifdef TFM_HUGE_SET #define TFM_MUL20 #define TFM_MUL24 #define TFM_MUL28 @@ -314,7 +321,7 @@ typedef struct { #define TFM_SQR12 #define TFM_SQR17 #endif -#ifdef TFM_SMALL_SET +#ifdef TFM_HUGE_SET #define TFM_SQR20 #define TFM_SQR24 #define TFM_SQR28 @@ -357,7 +364,7 @@ typedef struct { void fp_set(fp_int *a, fp_digit b); /* copy from a to b */ -#define fp_copy(a, b) (void)(((a) != (b)) ? (XMEMCPY((b), (a), sizeof(fp_int))) : (void)0) +#define fp_copy(a, b) (void)(((a) != (b)) ? ((void)XMEMCPY((b), (a), sizeof(fp_int))) : (void)0) #define fp_init_copy(a, b) fp_copy(b, a) /* clamp digits */ @@ -370,6 +377,9 @@ void fp_set(fp_int *a, fp_digit b); /* right shift x digits */ void fp_rshd(fp_int *a, int x); +/* right shift x bits */ +void fp_rshb(fp_int *a, int x); + /* left shift x digits */ void fp_lshd(fp_int *a, int x); @@ -485,6 +495,7 @@ int fp_exptmod(fp_int *a, fp_int *b, fp_int *c, fp_int *d); /* radix conersions */ int fp_count_bits(fp_int *a); +int fp_leading_bit(fp_int *a); int fp_unsigned_bin_size(fp_int *a); void fp_read_unsigned_bin(fp_int *a, unsigned char *b, int c); @@ -504,104 +515,104 @@ void s_fp_add(fp_int *a, fp_int *b, fp_int *c); void s_fp_sub(fp_int *a, fp_int *b, fp_int *c); void fp_reverse(unsigned char *s, int len); -void fp_mul_comba(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba(fp_int *a, fp_int *b, fp_int *c); #ifdef TFM_SMALL_SET -void fp_mul_comba_small(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba_small(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL3 -void fp_mul_comba3(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba3(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL4 -void fp_mul_comba4(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba4(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL6 -void fp_mul_comba6(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba6(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL7 -void fp_mul_comba7(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba7(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL8 -void fp_mul_comba8(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba8(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL9 -void fp_mul_comba9(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba9(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL12 -void fp_mul_comba12(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba12(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL17 -void fp_mul_comba17(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba17(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL20 -void fp_mul_comba20(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba20(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL24 -void fp_mul_comba24(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba24(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL28 -void fp_mul_comba28(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba28(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL32 -void fp_mul_comba32(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba32(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL48 -void fp_mul_comba48(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba48(fp_int *a, fp_int *b, fp_int *c); #endif #ifdef TFM_MUL64 -void fp_mul_comba64(fp_int *A, fp_int *B, fp_int *C); +void fp_mul_comba64(fp_int *a, fp_int *b, fp_int *c); #endif -void fp_sqr_comba(fp_int *A, fp_int *B); +void fp_sqr_comba(fp_int *a, fp_int *b); #ifdef TFM_SMALL_SET -void fp_sqr_comba_small(fp_int *A, fp_int *B); +void fp_sqr_comba_small(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR3 -void fp_sqr_comba3(fp_int *A, fp_int *B); +void fp_sqr_comba3(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR4 -void fp_sqr_comba4(fp_int *A, fp_int *B); +void fp_sqr_comba4(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR6 -void fp_sqr_comba6(fp_int *A, fp_int *B); +void fp_sqr_comba6(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR7 -void fp_sqr_comba7(fp_int *A, fp_int *B); +void fp_sqr_comba7(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR8 -void fp_sqr_comba8(fp_int *A, fp_int *B); +void fp_sqr_comba8(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR9 -void fp_sqr_comba9(fp_int *A, fp_int *B); +void fp_sqr_comba9(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR12 -void fp_sqr_comba12(fp_int *A, fp_int *B); +void fp_sqr_comba12(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR17 -void fp_sqr_comba17(fp_int *A, fp_int *B); +void fp_sqr_comba17(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR20 -void fp_sqr_comba20(fp_int *A, fp_int *B); +void fp_sqr_comba20(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR24 -void fp_sqr_comba24(fp_int *A, fp_int *B); +void fp_sqr_comba24(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR28 -void fp_sqr_comba28(fp_int *A, fp_int *B); +void fp_sqr_comba28(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR32 -void fp_sqr_comba32(fp_int *A, fp_int *B); +void fp_sqr_comba32(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR48 -void fp_sqr_comba48(fp_int *A, fp_int *B); +void fp_sqr_comba48(fp_int *a, fp_int *b); #endif #ifdef TFM_SQR64 -void fp_sqr_comba64(fp_int *A, fp_int *B); +void fp_sqr_comba64(fp_int *a, fp_int *b); #endif /*extern const char *fp_s_rmap;*/ @@ -636,7 +647,7 @@ int mp_mul (mp_int * a, mp_int * b, mp_int * c); int mp_mulmod (mp_int * a, mp_int * b, mp_int * c, mp_int * d); int mp_mod(mp_int *a, mp_int *b, mp_int *c); int mp_invmod(mp_int *a, mp_int *b, mp_int *c); -int mp_exptmod (mp_int * G, mp_int * X, mp_int * P, mp_int * Y); +int mp_exptmod (mp_int * g, mp_int * x, mp_int * p, mp_int * y); int mp_cmp(mp_int *a, mp_int *b); int mp_cmp_d(mp_int *a, mp_digit b); @@ -650,12 +661,14 @@ int mp_copy(fp_int* a, fp_int* b); int mp_isodd(mp_int* a); int mp_iszero(mp_int* a); int mp_count_bits(mp_int *a); +int mp_leading_bit(mp_int *a); int mp_set_int(fp_int *a, fp_digit b); +void mp_rshb(mp_int *a, int x); #ifdef HAVE_ECC int mp_read_radix(mp_int* a, const char* str, int radix); int mp_set(fp_int *a, fp_digit b); - int mp_sqr(fp_int *A, fp_int *B); + int mp_sqr(fp_int *a, fp_int *b); int mp_montgomery_reduce(fp_int *a, fp_int *m, fp_digit mp); int mp_montgomery_setup(fp_int *a, fp_digit *rho); int mp_div_2(fp_int * a, fp_int * b); diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/types.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/types.h index d93df712a..33cdb780e 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/types.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/types.h @@ -1,6 +1,6 @@ /* types.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,13 +24,14 @@ #define CTAO_CRYPT_TYPES_H #include +#include #ifdef __cplusplus extern "C" { #endif -#if defined(WORDS_BIGENDIAN) || (defined(__MWERKS__) && !defined(__INTEL__)) +#if defined(WORDS_BIGENDIAN) #define BIG_ENDIAN_ORDER #endif @@ -51,10 +52,10 @@ #if !defined(_MSC_VER) && !defined(__BCPLUSPLUS__) #if !defined(SIZEOF_LONG_LONG) && !defined(SIZEOF_LONG) #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) \ - || defined(__mips64) || defined(__x86_64__)) + || defined(__mips64) || defined(__x86_64__)) /* long should be 64bit */ #define SIZEOF_LONG 8 - #elif (defined__i386__) + #elif defined(__i386__) || defined(__CORTEX_M3__) /* long long should be 64bit */ #define SIZEOF_LONG_LONG 8 #endif @@ -66,11 +67,15 @@ #define WORD64_AVAILABLE #define W64LIT(x) x##ui64 typedef unsigned __int64 word64; -#elif SIZEOF_LONG == 8 +#elif defined(SIZEOF_LONG) && SIZEOF_LONG == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL typedef unsigned long word64; -#elif SIZEOF_LONG_LONG == 8 +#elif defined(SIZEOF_LONG_LONG) && SIZEOF_LONG_LONG == 8 + #define WORD64_AVAILABLE + #define W64LIT(x) x##LL + typedef unsigned long long word64; +#elif defined(__SIZEOF_LONG_LONG__) && __SIZEOF_LONG_LONG__ == 8 #define WORD64_AVAILABLE #define W64LIT(x) x##LL typedef unsigned long long word64; @@ -82,7 +87,7 @@ /* These platforms have 64-bit CPU registers. */ #if (defined(__alpha__) || defined(__ia64__) || defined(_ARCH_PPC64) || \ - defined(__mips64) || defined(__x86_64__)) + defined(__mips64) || defined(__x86_64__) || defined(_M_X64)) typedef word64 word; #else typedef word32 word; @@ -93,11 +98,12 @@ enum { - WORD_SIZE = sizeof(word), - BIT_SIZE = 8, - WORD_BITS = WORD_SIZE * BIT_SIZE + CYASSL_WORD_SIZE = sizeof(word), + CYASSL_BIT_SIZE = 8, + CYASSL_WORD_BITS = CYASSL_WORD_SIZE * CYASSL_BIT_SIZE }; +#define CYASSL_MAX_16BIT 0xffffU /* use inlining if compiler allows */ #ifndef INLINE @@ -106,13 +112,15 @@ enum { #define INLINE __inline #elif defined(__GNUC__) #define INLINE inline + #elif defined(__IAR_SYSTEMS_ICC__) + #define INLINE inline #elif defined(THREADX) #define INLINE _Inline #else - #define INLINE + #define INLINE #endif #else - #define INLINE + #define INLINE #endif #endif @@ -131,8 +139,21 @@ enum { #endif +/* set up thread local storage if available */ +#ifdef HAVE_THREAD_LS + #if defined(_MSC_VER) + #define THREAD_LS_T __declspec(thread) + #else + #define THREAD_LS_T __thread + #endif +#else + #define THREAD_LS_T +#endif + + /* Micrium will use Visual Studio for compilation but not the Win32 API */ -#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) +#if defined(_WIN32) && !defined(MICRIUM) && !defined(FREERTOS) \ + && !defined(EBSNET) #define USE_WINDOWS_API #endif @@ -141,16 +162,24 @@ enum { /* default to libc stuff */ /* XREALLOC is used once in normal math lib, not in fast math lib */ /* XFREE on some embeded systems doesn't like free(0) so test */ -#ifdef XMALLOC_USER +#if defined(XMALLOC_USER) /* prototypes for user heap override functions */ #include /* for size_t */ extern void *XMALLOC(size_t n, void* heap, int type); extern void *XREALLOC(void *p, size_t n, void* heap, int type); extern void XFREE(void *p, void* heap, int type); -#elif !defined(MICRIUM_MALLOC) - /* default C runtime, can install different routines at runtime */ +#elif defined(NO_CYASSL_MEMORY) + /* just use plain C stdlib stuff if desired */ + #include + #define XMALLOC(s, h, t) ((void)h, (void)t, malloc((s))) + #define XFREE(p, h, t) {void* xp = (p); if((xp)) free((xp));} + #define XREALLOC(p, n, h, t) realloc((p), (n)) +#elif !defined(MICRIUM_MALLOC) && !defined(EBSNET) \ + && !defined(CYASSL_SAFERTOS) && !defined(FREESCALE_MQX) \ + && !defined(CYASSL_LEANPSK) + /* default C runtime, can install different routines at runtime via cbs */ #include - #define XMALLOC(s, h, t) CyaSSL_Malloc((s)) + #define XMALLOC(s, h, t) ((void)h, (void)t, CyaSSL_Malloc((s))) #define XFREE(p, h, t) {void* xp = (p); if((xp)) CyaSSL_Free((xp));} #define XREALLOC(p, n, h, t) CyaSSL_Realloc((p), (n)) #endif @@ -172,47 +201,83 @@ enum { #define XSTRNSTR(s1,s2,n) mystrnstr((s1),(s2),(n)) #define XSTRNCMP(s1,s2,n) strncmp((s1),(s2),(n)) #define XSTRNCAT(s1,s2,n) strncat((s1),(s2),(n)) + #ifndef USE_WINDOWS_API + #define XSTRNCASECMP(s1,s2,n) strncasecmp((s1),(s2),(n)) + #define XSNPRINTF snprintf + #else + #define XSTRNCASECMP(s1,s2,n) _strnicmp((s1),(s2),(n)) + #define XSNPRINTF _snprintf + #endif #endif -#ifdef HAVE_ECC - #ifndef CTYPE_USER - #include +#ifndef CTYPE_USER + #include + #if defined(HAVE_ECC) || defined(HAVE_OCSP) #define XTOUPPER(c) toupper((c)) + #define XISALPHA(c) isalpha((c)) #endif + /* needed by CyaSSL_check_domain_name() */ + #ifdef __CYGWIN__ + /* Cygwin uses a macro version of tolower() by default, use the + * function version. */ + #undef tolower + #endif + #define XTOLOWER(c) tolower((c)) #endif /* memory allocation types for user hints */ enum { - DYNAMIC_TYPE_CA = 1, - DYNAMIC_TYPE_CERT = 2, - DYNAMIC_TYPE_KEY = 3, - DYNAMIC_TYPE_FILE = 4, - DYNAMIC_TYPE_SUBJECT_CN = 5, - DYNAMIC_TYPE_PUBLIC_KEY = 6, - DYNAMIC_TYPE_SIGNER = 7, - DYNAMIC_TYPE_NONE = 8, - DYNAMIC_TYPE_BIGINT = 9, - DYNAMIC_TYPE_RSA = 10, - DYNAMIC_TYPE_METHOD = 11, - DYNAMIC_TYPE_OUT_BUFFER = 12, - DYNAMIC_TYPE_IN_BUFFER = 13, - DYNAMIC_TYPE_INFO = 14, - DYNAMIC_TYPE_DH = 15, - DYNAMIC_TYPE_DOMAIN = 16, - DYNAMIC_TYPE_SSL = 17, - DYNAMIC_TYPE_CTX = 18, - DYNAMIC_TYPE_WRITEV = 19, - DYNAMIC_TYPE_OPENSSL = 20, - DYNAMIC_TYPE_DSA = 21, - DYNAMIC_TYPE_CRL = 22, - DYNAMIC_TYPE_REVOKED = 23, - DYNAMIC_TYPE_CRL_ENTRY = 24, + DYNAMIC_TYPE_CA = 1, + DYNAMIC_TYPE_CERT = 2, + DYNAMIC_TYPE_KEY = 3, + DYNAMIC_TYPE_FILE = 4, + DYNAMIC_TYPE_SUBJECT_CN = 5, + DYNAMIC_TYPE_PUBLIC_KEY = 6, + DYNAMIC_TYPE_SIGNER = 7, + DYNAMIC_TYPE_NONE = 8, + DYNAMIC_TYPE_BIGINT = 9, + DYNAMIC_TYPE_RSA = 10, + DYNAMIC_TYPE_METHOD = 11, + DYNAMIC_TYPE_OUT_BUFFER = 12, + DYNAMIC_TYPE_IN_BUFFER = 13, + DYNAMIC_TYPE_INFO = 14, + DYNAMIC_TYPE_DH = 15, + DYNAMIC_TYPE_DOMAIN = 16, + DYNAMIC_TYPE_SSL = 17, + DYNAMIC_TYPE_CTX = 18, + DYNAMIC_TYPE_WRITEV = 19, + DYNAMIC_TYPE_OPENSSL = 20, + DYNAMIC_TYPE_DSA = 21, + DYNAMIC_TYPE_CRL = 22, + DYNAMIC_TYPE_REVOKED = 23, + DYNAMIC_TYPE_CRL_ENTRY = 24, DYNAMIC_TYPE_CERT_MANAGER = 25, DYNAMIC_TYPE_CRL_MONITOR = 26, DYNAMIC_TYPE_OCSP_STATUS = 27, DYNAMIC_TYPE_OCSP_ENTRY = 28, - DYNAMIC_TYPE_ALTNAME = 29 + DYNAMIC_TYPE_ALTNAME = 29, + DYNAMIC_TYPE_SUITES = 30, + DYNAMIC_TYPE_CIPHER = 31, + DYNAMIC_TYPE_RNG = 32, + DYNAMIC_TYPE_ARRAYS = 33, + DYNAMIC_TYPE_DTLS_POOL = 34, + DYNAMIC_TYPE_SOCKADDR = 35, + DYNAMIC_TYPE_LIBZ = 36, + DYNAMIC_TYPE_ECC = 37, + DYNAMIC_TYPE_TMP_BUFFER = 38, + DYNAMIC_TYPE_DTLS_MSG = 39, + DYNAMIC_TYPE_CAVIUM_TMP = 40, + DYNAMIC_TYPE_CAVIUM_RSA = 41, + DYNAMIC_TYPE_X509 = 42, + DYNAMIC_TYPE_TLSX = 43, + DYNAMIC_TYPE_OCSP = 44, + DYNAMIC_TYPE_SIGNATURE = 45 +}; + +/* max error buffer string size */ +enum { + CYASSL_MAX_ERROR_SZ = 80 }; /* stack protection */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/visibility.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/visibility.h index 0143f208d..a3b27812d 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/visibility.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/visibility.h @@ -1,6 +1,6 @@ /* visibility.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ /* Visibility control macros */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/wc_port.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/wc_port.h new file mode 100644 index 000000000..9f8a46d80 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ctaocrypt/wc_port.h @@ -0,0 +1,195 @@ +/* port.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifndef CTAO_CRYPT_PORT_H +#define CTAO_CRYPT_PORT_H + + +#ifdef __cplusplus + extern "C" { +#endif + + +#ifdef USE_WINDOWS_API + #ifdef CYASSL_GAME_BUILD + #include "system/xtl.h" + #else + #ifndef WIN32_LEAN_AND_MEAN + #define WIN32_LEAN_AND_MEAN + #endif + #if defined(_WIN32_WCE) || defined(WIN32_LEAN_AND_MEAN) + /* On WinCE winsock2.h must be included before windows.h */ + #include + #endif + #include + #endif +#elif defined(THREADX) + #ifndef SINGLE_THREADED + #include "tx_api.h" + #endif +#elif defined(MICRIUM) + /* do nothing, just don't pick Unix */ +#elif defined(FREERTOS) || defined(CYASSL_SAFERTOS) + /* do nothing */ +#elif defined(EBSNET) + /* do nothing */ +#elif defined(FREESCALE_MQX) + /* do nothing */ +#elif defined(CYASSL_MDK_ARM) + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #else + #include + #endif +#elif defined(CYASSL_CMSIS_RTOS) + #include "cmsis_os.h" +#else + #ifndef SINGLE_THREADED + #define CYASSL_PTHREADS + #include + #endif + #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) + #include /* for close of BIO */ + #endif +#endif + + +#ifdef SINGLE_THREADED + typedef int CyaSSL_Mutex; +#else /* MULTI_THREADED */ + /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */ + #ifdef FREERTOS + typedef xSemaphoreHandle CyaSSL_Mutex; + #elif defined(CYASSL_SAFERTOS) + typedef struct CyaSSL_Mutex { + signed char mutexBuffer[portQUEUE_OVERHEAD_BYTES]; + xSemaphoreHandle mutex; + } CyaSSL_Mutex; + #elif defined(USE_WINDOWS_API) + typedef CRITICAL_SECTION CyaSSL_Mutex; + #elif defined(CYASSL_PTHREADS) + typedef pthread_mutex_t CyaSSL_Mutex; + #elif defined(THREADX) + typedef TX_MUTEX CyaSSL_Mutex; + #elif defined(MICRIUM) + typedef OS_MUTEX CyaSSL_Mutex; + #elif defined(EBSNET) + typedef RTP_MUTEX CyaSSL_Mutex; + #elif defined(FREESCALE_MQX) + typedef MUTEX_STRUCT CyaSSL_Mutex; + #elif defined(CYASSL_MDK_ARM) + #if defined(CYASSL_CMSIS_RTOS) + typedef osMutexId CyaSSL_Mutex; + #else + typedef OS_MUT CyaSSL_Mutex; + #endif + #elif defined(CYASSL_CMSIS_RTOS) + typedef osMutexId CyaSSL_Mutex; + #else + #error Need a mutex type in multithreaded mode + #endif /* USE_WINDOWS_API */ +#endif /* SINGLE_THREADED */ + +CYASSL_LOCAL int InitMutex(CyaSSL_Mutex*); +CYASSL_LOCAL int FreeMutex(CyaSSL_Mutex*); +CYASSL_LOCAL int LockMutex(CyaSSL_Mutex*); +CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*); + + +/* filesystem abstraction layer, used by ssl.c */ +#ifndef NO_FILESYSTEM + +#if defined(EBSNET) + #define XFILE int + #define XFOPEN(NAME, MODE) vf_open((const char *)NAME, VO_RDONLY, 0); + #define XFSEEK vf_lseek + #define XFTELL vf_tell + #define XREWIND vf_rewind + #define XFREAD(BUF, SZ, AMT, FD) vf_read(FD, BUF, SZ*AMT) + #define XFWRITE(BUF, SZ, AMT, FD) vf_write(FD, BUF, SZ*AMT) + #define XFCLOSE vf_close + #define XSEEK_END VSEEK_END + #define XBADFILE -1 +#elif defined(LSR_FS) + #include + #define XFILE struct fs_file* + #define XFOPEN(NAME, MODE) fs_open((char*)NAME); + #define XFSEEK(F, O, W) (void)F + #define XFTELL(F) (F)->len + #define XREWIND(F) (void)F + #define XFREAD(BUF, SZ, AMT, F) fs_read(F, (char*)BUF, SZ*AMT) + #define XFWRITE(BUF, SZ, AMT, F) fs_write(F, (char*)BUF, SZ*AMT) + #define XFCLOSE fs_close + #define XSEEK_END 0 + #define XBADFILE NULL +#elif defined(FREESCALE_MQX) + #define XFILE MQX_FILE_PTR + #define XFOPEN fopen + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND(F) fseek(F, 0, IO_SEEK_SET) + #define XFREAD fread + #define XFWRITE fwrite + #define XFCLOSE fclose + #define XSEEK_END IO_SEEK_END + #define XBADFILE NULL +#elif defined(MICRIUM) + #include + #define XFILE FS_FILE* + #define XFOPEN fs_fopen + #define XFSEEK fs_fseek + #define XFTELL fs_ftell + #define XREWIND fs_rewind + #define XFREAD fs_fread + #define XFWRITE fs_fwrite + #define XFCLOSE fs_fclose + #define XSEEK_END FS_SEEK_END + #define XBADFILE NULL +#else + /* stdio, default case */ + #define XFILE FILE* + #if defined(CYASSL_MDK_ARM) + #include + extern FILE * CyaSSL_fopen(const char *name, const char *mode) ; + #define XFOPEN CyaSSL_fopen + #else + #define XFOPEN fopen + #endif + #define XFSEEK fseek + #define XFTELL ftell + #define XREWIND rewind + #define XFREAD fread + #define XFWRITE fwrite + #define XFCLOSE fclose + #define XSEEK_END SEEK_END + #define XBADFILE NULL +#endif + +#endif /* NO_FILESYSTEM */ + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + +#endif /* CTAO_CRYPT_PORT_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/error-ssl.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/error-ssl.h new file mode 100644 index 000000000..71778ec15 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/error-ssl.h @@ -0,0 +1,150 @@ +/* error-ssl.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +#ifndef CYASSL_ERROR_H +#define CYASSL_ERROR_H + +#include /* pull in CTaoCrypt errors */ + +#ifdef __cplusplus + extern "C" { +#endif + +enum CyaSSL_ErrorCodes { + INPUT_CASE_ERROR = -301, /* process input state error */ + PREFIX_ERROR = -302, /* bad index to key rounds */ + MEMORY_ERROR = -303, /* out of memory */ + VERIFY_FINISHED_ERROR = -304, /* verify problem on finished */ + VERIFY_MAC_ERROR = -305, /* verify mac problem */ + PARSE_ERROR = -306, /* parse error on header */ + UNKNOWN_HANDSHAKE_TYPE = -307, /* weird handshake type */ + SOCKET_ERROR_E = -308, /* error state on socket */ + SOCKET_NODATA = -309, /* expected data, not there */ + INCOMPLETE_DATA = -310, /* don't have enough data to + complete task */ + UNKNOWN_RECORD_TYPE = -311, /* unknown type in record hdr */ + DECRYPT_ERROR = -312, /* error during decryption */ + FATAL_ERROR = -313, /* recvd alert fatal error */ + ENCRYPT_ERROR = -314, /* error during encryption */ + FREAD_ERROR = -315, /* fread problem */ + NO_PEER_KEY = -316, /* need peer's key */ + NO_PRIVATE_KEY = -317, /* need the private key */ + RSA_PRIVATE_ERROR = -318, /* error during rsa priv op */ + NO_DH_PARAMS = -319, /* server missing DH params */ + BUILD_MSG_ERROR = -320, /* build message failure */ + + BAD_HELLO = -321, /* client hello malformed */ + DOMAIN_NAME_MISMATCH = -322, /* peer subject name mismatch */ + WANT_READ = -323, /* want read, call again */ + NOT_READY_ERROR = -324, /* handshake layer not ready */ + PMS_VERSION_ERROR = -325, /* pre m secret version error */ + VERSION_ERROR = -326, /* record layer version error */ + WANT_WRITE = -327, /* want write, call again */ + BUFFER_ERROR = -328, /* malformed buffer input */ + VERIFY_CERT_ERROR = -329, /* verify cert error */ + VERIFY_SIGN_ERROR = -330, /* verify sign error */ + CLIENT_ID_ERROR = -331, /* psk client identity error */ + SERVER_HINT_ERROR = -332, /* psk server hint error */ + PSK_KEY_ERROR = -333, /* psk key error */ + ZLIB_INIT_ERROR = -334, /* zlib init error */ + ZLIB_COMPRESS_ERROR = -335, /* zlib compression error */ + ZLIB_DECOMPRESS_ERROR = -336, /* zlib decompression error */ + + GETTIME_ERROR = -337, /* gettimeofday failed ??? */ + GETITIMER_ERROR = -338, /* getitimer failed ??? */ + SIGACT_ERROR = -339, /* sigaction failed ??? */ + SETITIMER_ERROR = -340, /* setitimer failed ??? */ + LENGTH_ERROR = -341, /* record layer length error */ + PEER_KEY_ERROR = -342, /* can't decode peer key */ + ZERO_RETURN = -343, /* peer sent close notify */ + SIDE_ERROR = -344, /* wrong client/server type */ + NO_PEER_CERT = -345, /* peer didn't send key */ + NTRU_KEY_ERROR = -346, /* NTRU key error */ + NTRU_DRBG_ERROR = -347, /* NTRU drbg error */ + NTRU_ENCRYPT_ERROR = -348, /* NTRU encrypt error */ + NTRU_DECRYPT_ERROR = -349, /* NTRU decrypt error */ + ECC_CURVETYPE_ERROR = -350, /* Bad ECC Curve Type */ + ECC_CURVE_ERROR = -351, /* Bad ECC Curve */ + ECC_PEERKEY_ERROR = -352, /* Bad Peer ECC Key */ + ECC_MAKEKEY_ERROR = -353, /* Bad Make ECC Key */ + ECC_EXPORT_ERROR = -354, /* Bad ECC Export Key */ + ECC_SHARED_ERROR = -355, /* Bad ECC Shared Secret */ + NOT_CA_ERROR = -357, /* Not a CA cert error */ + BAD_PATH_ERROR = -358, /* Bad path for opendir */ + BAD_CERT_MANAGER_ERROR = -359, /* Bad Cert Manager */ + OCSP_CERT_REVOKED = -360, /* OCSP Certificate revoked */ + CRL_CERT_REVOKED = -361, /* CRL Certificate revoked */ + CRL_MISSING = -362, /* CRL Not loaded */ + MONITOR_RUNNING_E = -363, /* CRL Monitor already running */ + THREAD_CREATE_E = -364, /* Thread Create Error */ + OCSP_NEED_URL = -365, /* OCSP need an URL for lookup */ + OCSP_CERT_UNKNOWN = -366, /* OCSP responder doesn't know */ + OCSP_LOOKUP_FAIL = -367, /* OCSP lookup not successful */ + MAX_CHAIN_ERROR = -368, /* max chain depth exceeded */ + COOKIE_ERROR = -369, /* dtls cookie error */ + SEQUENCE_ERROR = -370, /* dtls sequence error */ + SUITES_ERROR = -371, /* suites pointer error */ + SSL_NO_PEM_HEADER = -372, /* no PEM header found */ + OUT_OF_ORDER_E = -373, /* out of order message */ + BAD_KEA_TYPE_E = -374, /* bad KEA type found */ + SANITY_CIPHER_E = -375, /* sanity check on cipher error */ + RECV_OVERFLOW_E = -376, /* RXCB returned more than rqed */ + GEN_COOKIE_E = -377, /* Generate Cookie Error */ + NO_PEER_VERIFY = -378, /* Need peer cert verify Error */ + FWRITE_ERROR = -379, /* fwrite problem */ + CACHE_MATCH_ERROR = -380, /* chache hdr match error */ + UNKNOWN_SNI_HOST_NAME_E = -381, /* Unrecognized host name Error */ + UNKNOWN_MAX_FRAG_LEN_E = -382, /* Unrecognized max frag len Error */ + KEYUSE_SIGNATURE_E = -383, /* KeyUse digSignature error */ + KEYUSE_ENCIPHER_E = -385, /* KeyUse keyEncipher error */ + EXTKEYUSE_AUTH_E = -386, /* ExtKeyUse server|client_auth */ + SEND_OOB_READ_E = -387, /* Send Cb out of bounds read */ + /* add strings to SetErrorString !!!!! */ + + /* begin negotiation parameter errors */ + UNSUPPORTED_SUITE = -390, /* unsupported cipher suite */ + MATCH_SUITE_ERROR = -391 /* can't match cipher suite */ + /* end negotiation parameter errors only 10 for now */ + /* add strings to SetErrorString !!!!! */ +}; + + +#ifdef CYASSL_CALLBACKS + enum { + MIN_PARAM_ERR = UNSUPPORTED_SUITE, + MAX_PARAM_ERR = MIN_PARAM_ERR - 10 + }; +#endif + + +CYASSL_LOCAL +void SetErrorString(int err, char* buff); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* CyaSSL_ERROR_H */ + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/error.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/error.h deleted file mode 100644 index ed96361ec..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/error.h +++ /dev/null @@ -1,133 +0,0 @@ -/* error.h - * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. - * - * This file is part of CyaSSL. - * - * CyaSSL is free software; you can redistribute it and/or modify - * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or - * (at your option) any later version. - * - * CyaSSL is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU General Public License for more details. - * - * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA - */ - - -#ifndef CYASSL_ERROR_H -#define CYASSL_ERROR_H - -#include /* pull in CTaoCrypt errors */ - -#ifdef __cplusplus - extern "C" { -#endif - -enum CyaSSL_ErrorCodes { - INPUT_CASE_ERROR = -201, /* process input state error */ - PREFIX_ERROR = -202, /* bad index to key rounds */ - MEMORY_ERROR = -203, /* out of memory */ - VERIFY_FINISHED_ERROR = -204, /* verify problem on finished */ - VERIFY_MAC_ERROR = -205, /* verify mac problem */ - PARSE_ERROR = -206, /* parse error on header */ - UNKNOWN_HANDSHAKE_TYPE = -207, /* weird handshake type */ - SOCKET_ERROR_E = -208, /* error state on socket */ - SOCKET_NODATA = -209, /* expected data, not there */ - INCOMPLETE_DATA = -210, /* don't have enough data to - complete task */ - UNKNOWN_RECORD_TYPE = -211, /* unknown type in record hdr */ - DECRYPT_ERROR = -212, /* error during decryption */ - FATAL_ERROR = -213, /* recvd alert fatal error */ - ENCRYPT_ERROR = -214, /* error during encryption */ - FREAD_ERROR = -215, /* fread problem */ - NO_PEER_KEY = -216, /* need peer's key */ - NO_PRIVATE_KEY = -217, /* need the private key */ - RSA_PRIVATE_ERROR = -218, /* error during rsa priv op */ - NO_DH_PARAMS = -219, /* server missing DH params */ - BUILD_MSG_ERROR = -220, /* build message failure */ - - BAD_HELLO = -221, /* client hello malformed */ - DOMAIN_NAME_MISMATCH = -222, /* peer subject name mismatch */ - WANT_READ = -223, /* want read, call again */ - NOT_READY_ERROR = -224, /* handshake layer not ready */ - PMS_VERSION_ERROR = -225, /* pre m secret version error */ - VERSION_ERROR = -226, /* record layer version error */ - WANT_WRITE = -227, /* want write, call again */ - BUFFER_ERROR = -228, /* malformed buffer input */ - VERIFY_CERT_ERROR = -229, /* verify cert error */ - VERIFY_SIGN_ERROR = -230, /* verify sign error */ - CLIENT_ID_ERROR = -231, /* psk client identity error */ - SERVER_HINT_ERROR = -232, /* psk server hint error */ - PSK_KEY_ERROR = -233, /* psk key error */ - ZLIB_INIT_ERROR = -234, /* zlib init error */ - ZLIB_COMPRESS_ERROR = -235, /* zlib compression error */ - ZLIB_DECOMPRESS_ERROR = -236, /* zlib decompression error */ - - GETTIME_ERROR = -237, /* gettimeofday failed ??? */ - GETITIMER_ERROR = -238, /* getitimer failed ??? */ - SIGACT_ERROR = -239, /* sigaction failed ??? */ - SETITIMER_ERROR = -240, /* setitimer failed ??? */ - LENGTH_ERROR = -241, /* record layer length error */ - PEER_KEY_ERROR = -242, /* can't decode peer key */ - ZERO_RETURN = -243, /* peer sent close notify */ - SIDE_ERROR = -244, /* wrong client/server type */ - NO_PEER_CERT = -245, /* peer didn't send key */ - NTRU_KEY_ERROR = -246, /* NTRU key error */ - NTRU_DRBG_ERROR = -247, /* NTRU drbg error */ - NTRU_ENCRYPT_ERROR = -248, /* NTRU encrypt error */ - NTRU_DECRYPT_ERROR = -249, /* NTRU decrypt error */ - ECC_CURVETYPE_ERROR = -250, /* Bad ECC Curve Type */ - ECC_CURVE_ERROR = -251, /* Bad ECC Curve */ - ECC_PEERKEY_ERROR = -252, /* Bad Peer ECC Key */ - ECC_MAKEKEY_ERROR = -253, /* Bad Make ECC Key */ - ECC_EXPORT_ERROR = -254, /* Bad ECC Export Key */ - ECC_SHARED_ERROR = -255, /* Bad ECC Shared Secret */ - BAD_MUTEX_ERROR = -256, /* Bad mutex */ - NOT_CA_ERROR = -257, /* Not a CA cert error */ - BAD_PATH_ERROR = -258, /* Bad path for opendir */ - BAD_CERT_MANAGER_ERROR = -259, /* Bad Cert Manager */ - OCSP_CERT_REVOKED = -260, /* OCSP Certificate revoked */ - CRL_CERT_REVOKED = -261, /* CRL Certificate revoked */ - CRL_MISSING = -262, /* CRL Not loaded */ - MONITOR_RUNNING_E = -263, /* CRL Monitor already running */ - THREAD_CREATE_E = -264, /* Thread Create Error */ - OCSP_NEED_URL = -265, /* OCSP need an URL for lookup */ - OCSP_CERT_UNKNOWN = -266, /* OCSP responder doesn't know */ - OCSP_LOOKUP_FAIL = -267, /* OCSP lookup not successful */ - MAX_CHAIN_ERROR = -268, /* max chain depth exceeded */ - COOKIE_ERROR = -269, /* dtls cookie error */ - /* add strings to SetErrorString !!!!! */ - - /* begin negotiation parameter errors */ - UNSUPPORTED_SUITE = -290, /* unsupported cipher suite */ - MATCH_SUITE_ERROR = -291 /* can't match cipher suite */ - /* end negotiation parameter errors only 10 for now */ - /* add strings to SetErrorString !!!!! */ -}; - - -#ifdef CYASSL_CALLBACKS - enum { - MIN_PARAM_ERR = UNSUPPORTED_SUITE, - MAX_PARAM_ERR = MIN_PARAM_ERR - 10 - }; -#endif - - -CYASSL_LOCAL -void SetErrorString(int error, char* buffer); - - -#ifdef __cplusplus - } /* extern "C" */ -#endif - - -#endif /* CyaSSL_ERROR_H */ - diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/include.am b/FreeRTOS-Plus/Source/CyaSSL/cyassl/include.am index f2b07a767..db1f089ee 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/include.am @@ -8,13 +8,18 @@ include cyassl/openssl/include.am EXTRA_DIST+= cyassl/sniffer_error.rc nobase_include_HEADERS+= \ - cyassl/error.h \ - cyassl/internal.h \ + cyassl/error-ssl.h \ cyassl/ssl.h \ cyassl/sniffer_error.h \ cyassl/sniffer.h \ cyassl/callbacks.h \ + cyassl/certs_test.h \ cyassl/test.h \ cyassl/version.h \ + cyassl/options.h \ cyassl/ocsp.h \ cyassl/crl.h + +noinst_HEADERS+= \ + cyassl/internal.h + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/internal.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/internal.h index 372ca4a82..533289230 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/internal.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/internal.h @@ -1,6 +1,6 @@ /* internal.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,17 +24,23 @@ #define CYASSL_INT_H +#include #include #include -#include #include #include #include #include #include #include +#include #include +#include #include +#include +#ifndef NO_RC4 + #include +#endif #ifdef HAVE_ECC #include #endif @@ -48,8 +54,16 @@ #include #endif +#ifdef HAVE_AESGCM + #include +#endif + +#ifdef CYASSL_RIPEMD + #include +#endif + #ifdef CYASSL_CALLBACKS - #include + #include #include #endif @@ -69,8 +83,20 @@ #endif #elif defined(MICRIUM) /* do nothing, just don't pick Unix */ -#elif defined(FREERTOS) +#elif defined(FREERTOS) || defined(CYASSL_SAFERTOS) /* do nothing */ +#elif defined(EBSNET) + /* do nothing */ +#elif defined(FREESCALE_MQX) + /* do nothing */ +#elif defined(CYASSL_MDK_ARM) + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #else + #include + #endif +#elif defined(MBED) + #else #ifndef SINGLE_THREADED #define CYASSL_PTHREADS @@ -81,6 +107,7 @@ #endif #endif + #ifdef HAVE_LIBZ #include "zlib.h" #endif @@ -96,10 +123,15 @@ #endif #endif +#ifdef NO_SHA + #define SHA_DIGEST_SIZE 20 +#endif + #ifdef NO_SHA256 #define SHA256_DIGEST_SIZE 32 #endif + #ifdef __cplusplus extern "C" { #endif @@ -122,100 +154,261 @@ void c32to24(word32 in, word24 out); When adding cipher suites, add name to cipher_names, idx to cipher_name_idx */ -#ifndef NO_RC4 +#if !defined(NO_RSA) && !defined(NO_RC4) + #if !defined(NO_SHA) #define BUILD_SSL_RSA_WITH_RC4_128_SHA - #define BUILD_SSL_RSA_WITH_RC4_128_MD5 - #if !defined(NO_TLS) && defined(HAVE_NTRU) + #endif + #if !defined(NO_MD5) + #define BUILD_SSL_RSA_WITH_RC4_128_MD5 + #endif + #if !defined(NO_TLS) && defined(HAVE_NTRU) && !defined(NO_SHA) #define BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA #endif #endif -#ifndef NO_DES3 +#if !defined(NO_RSA) && !defined(NO_DES3) + #if !defined(NO_SHA) #define BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA #if !defined(NO_TLS) && defined(HAVE_NTRU) #define BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA #endif + #endif #endif -#if !defined(NO_AES) && !defined(NO_TLS) +#if !defined(NO_RSA) && !defined(NO_AES) && !defined(NO_TLS) + #if !defined(NO_SHA) #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA - #if !defined (NO_PSK) - #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA - #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA - #endif #if defined(HAVE_NTRU) #define BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA #define BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA #endif + #endif #if !defined (NO_SHA256) #define BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 #define BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 #endif #if defined (HAVE_AESGCM) #define BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 - #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 + #if defined (CYASSL_SHA384) + #define BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 + #endif + #endif + #if defined (HAVE_AESCCM) + #define BUILD_TLS_RSA_WITH_AES_128_CCM_8 + #define BUILD_TLS_RSA_WITH_AES_256_CCM_8 + #endif + #if defined(HAVE_BLAKE2) + #define BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 + #define BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 + #endif +#endif + +#if defined(HAVE_CAMELLIA) && !defined(NO_TLS) + #ifndef NO_RSA + #if !defined(NO_SHA) + #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + #define BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + #endif + #if !defined(NO_DH) + #if !defined(NO_SHA) + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + #define BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + #endif + #endif + #endif +#endif + +#if !defined(NO_PSK) && !defined(NO_AES) && !defined(NO_TLS) + #if !defined(NO_SHA) + #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA + #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 + #ifdef HAVE_AESGCM + #define BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 + #endif + #ifdef HAVE_AESCCM + #define BUILD_TLS_PSK_WITH_AES_128_CCM_8 + #define BUILD_TLS_PSK_WITH_AES_256_CCM_8 + #define BUILD_TLS_PSK_WITH_AES_128_CCM + #define BUILD_TLS_PSK_WITH_AES_256_CCM + #endif + #endif + #ifdef CYASSL_SHA384 + #define BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 + #ifdef HAVE_AESGCM + #define BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 + #endif #endif #endif -#if !defined(NO_HC128) && !defined(NO_TLS) - #define BUILD_TLS_RSA_WITH_HC_128_CBC_MD5 - #define BUILD_TLS_RSA_WITH_HC_128_CBC_SHA +#if !defined(NO_TLS) && defined(HAVE_NULL_CIPHER) + #if !defined(NO_RSA) + #if !defined(NO_SHA) + #define BUILD_TLS_RSA_WITH_NULL_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_RSA_WITH_NULL_SHA256 + #endif + #endif + #if !defined(NO_PSK) + #if !defined(NO_SHA) + #define BUILD_TLS_PSK_WITH_NULL_SHA + #endif + #ifndef NO_SHA256 + #define BUILD_TLS_PSK_WITH_NULL_SHA256 + #endif + #ifdef CYASSL_SHA384 + #define BUILD_TLS_PSK_WITH_NULL_SHA384 + #endif + #endif +#endif + +#if !defined(NO_HC128) && !defined(NO_RSA) && !defined(NO_TLS) + #define BUILD_TLS_RSA_WITH_HC_128_MD5 + #if !defined(NO_SHA) + #define BUILD_TLS_RSA_WITH_HC_128_SHA + #endif + #if defined(HAVE_BLAKE2) + #define BUILD_TLS_RSA_WITH_HC_128_B2B256 + #endif #endif -#if !defined(NO_RABBIT) && !defined(NO_TLS) - #define BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA +#if !defined(NO_RABBIT) && !defined(NO_TLS) && !defined(NO_RSA) + #if !defined(NO_SHA) + #define BUILD_TLS_RSA_WITH_RABBIT_SHA + #endif #endif -#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && defined(OPENSSL_EXTRA) +#if !defined(NO_DH) && !defined(NO_AES) && !defined(NO_TLS) && \ + !defined(NO_RSA) + #if !defined(NO_SHA) #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA + #endif #if !defined (NO_SHA256) #define BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 #define BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 #if defined (HAVE_AESGCM) #define BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 - #define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + #if defined (CYASSL_SHA384) + #define BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 + #endif + #endif + #endif +#endif + + +#if !defined(NO_DH) && !defined(NO_PSK) && !defined(NO_TLS) + #ifndef NO_SHA256 + #define BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + #ifdef HAVE_NULL_CIPHER + #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 + #endif + #ifdef HAVE_AESGCM + #define BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + #endif + #ifdef HAVE_AESCCM + #define BUILD_TLS_DHE_PSK_WITH_AES_128_CCM + #define BUILD_TLS_DHE_PSK_WITH_AES_256_CCM + #endif + #endif + #ifdef CYASSL_SHA384 + #define BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + #ifdef HAVE_NULL_CIPHER + #define BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 + #endif + #ifdef HAVE_AESGCM + #define BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 #endif #endif #endif #if defined(HAVE_ECC) && !defined(NO_TLS) #if !defined(NO_AES) - #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA - #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA - #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + #if !defined(NO_SHA) + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA + #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA + #endif + + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA + + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + #endif /* NO_SHA */ + #ifndef NO_SHA256 + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + #endif + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + #endif - #define BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA - #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA - #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA - #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA + #ifdef CYASSL_SHA384 + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + #define BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + #endif + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + #endif #if defined (HAVE_AESGCM) - #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 + #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 + #if defined(CYASSL_SHA384) + #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 + #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 + #endif + #endif + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - #define BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 #define BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 - - #define BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 - #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - #define BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 - #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + + #if defined(CYASSL_SHA384) + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 + #define BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + #endif #endif - #endif + #if defined (HAVE_AESCCM) + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + #define BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 + #endif + #endif /* NO_AES */ #if !defined(NO_RC4) - #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA - #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - - #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA - #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + #if !defined(NO_SHA) + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA + #define BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA + #endif + + #define BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA + #define BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA + #endif #endif #if !defined(NO_DES3) - #define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA - #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA + #if !defined(NO_RSA) + #define BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA + #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + #endif - #define BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA + #define BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA #define BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA #endif #endif @@ -231,29 +424,50 @@ void c32to24(word32 in, word24 out); #endif #if defined(BUILD_TLS_RSA_WITH_AES_128_CBC_SHA) || \ - defined(BUILD_TLS_RSA_WITH_AES_256_CBC_SHA) + defined(BUILD_TLS_RSA_WITH_AES_256_CBC_SHA) || \ + defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) + #undef BUILD_AES #define BUILD_AES #endif -#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) +#if defined(BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256) || \ + defined(BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256) #define BUILD_AESGCM #endif -#if defined(BUILD_TLS_RSA_WITH_HC_128_CBC_SHA) || \ - defined(BUILD_TLS_RSA_WITH_HC_128_CBC_MD5) +#if defined(BUILD_TLS_RSA_WITH_HC_128_SHA) || \ + defined(BUILD_TLS_RSA_WITH_HC_128_MD5) || \ + defined(BUILD_TLS_RSA_WITH_HC_128_B2B256) #define BUILD_HC128 #endif -#if defined(BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA) +#if defined(BUILD_TLS_RSA_WITH_RABBIT_SHA) #define BUILD_RABBIT #endif #ifdef NO_DES3 #define DES_BLOCK_SIZE 8 +#else + #undef BUILD_DES3 + #define BUILD_DES3 #endif #ifdef NO_AES #define AES_BLOCK_SIZE 16 +#else + #undef BUILD_AES + #define BUILD_AES +#endif + +#ifndef NO_RC4 + #undef BUILD_ARC4 + #define BUILD_ARC4 +#endif + + + +#if defined(BUILD_AESGCM) || defined(HAVE_AESCCM) + #define HAVE_AEAD #endif @@ -263,8 +477,14 @@ enum { TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x33, TLS_RSA_WITH_AES_256_CBC_SHA = 0x35, TLS_RSA_WITH_AES_128_CBC_SHA = 0x2F, + TLS_RSA_WITH_NULL_SHA = 0x02, TLS_PSK_WITH_AES_256_CBC_SHA = 0x8d, + TLS_PSK_WITH_AES_128_CBC_SHA256 = 0xae, + TLS_PSK_WITH_AES_256_CBC_SHA384 = 0xaf, TLS_PSK_WITH_AES_128_CBC_SHA = 0x8c, + TLS_PSK_WITH_NULL_SHA256 = 0xb0, + TLS_PSK_WITH_NULL_SHA384 = 0xb1, + TLS_PSK_WITH_NULL_SHA = 0x2c, SSL_RSA_WITH_RC4_128_SHA = 0x05, SSL_RSA_WITH_RC4_128_MD5 = 0x04, SSL_RSA_WITH_3DES_EDE_CBC_SHA = 0x0A, @@ -278,8 +498,12 @@ enum { TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0x07, TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x12, TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x08, + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0x27, + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0x23, + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0x28, + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0x24, - /* static ECDH, first byte is 0xC0 (ECC_BYTE) */ + /* static ECDH, first byte is 0xC0 (ECC_BYTE) */ TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0x0F, TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0x0E, TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0x05, @@ -288,16 +512,25 @@ enum { TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0x02, TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0D, TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0x03, + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0x29, + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0x25, + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0x2A, + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0x26, /* CyaSSL extension - eSTREAM */ - TLS_RSA_WITH_HC_128_CBC_MD5 = 0xFB, - TLS_RSA_WITH_HC_128_CBC_SHA = 0xFC, - TLS_RSA_WITH_RABBIT_CBC_SHA = 0xFD, + TLS_RSA_WITH_HC_128_MD5 = 0xFB, + TLS_RSA_WITH_HC_128_SHA = 0xFC, + TLS_RSA_WITH_RABBIT_SHA = 0xFD, + + /* CyaSSL extension - Blake2b 256 */ + TLS_RSA_WITH_AES_128_CBC_B2B256 = 0xF8, + TLS_RSA_WITH_AES_256_CBC_B2B256 = 0xF9, + TLS_RSA_WITH_HC_128_B2B256 = 0xFA, /* eSTREAM too */ /* CyaSSL extension - NTRU */ TLS_NTRU_RSA_WITH_RC4_128_SHA = 0xe5, TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA = 0xe6, - TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0xe7, /* clases w/ official SHA-256 */ + TLS_NTRU_RSA_WITH_AES_128_CBC_SHA = 0xe7, /* clashes w/official SHA-256 */ TLS_NTRU_RSA_WITH_AES_256_CBC_SHA = 0xe8, /* SHA256 */ @@ -305,12 +538,23 @@ enum { TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x67, TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x3d, TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x3c, + TLS_RSA_WITH_NULL_SHA256 = 0x3b, + TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0xb2, + TLS_DHE_PSK_WITH_NULL_SHA256 = 0xb4, + + /* SHA384 */ + TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0xb3, + TLS_DHE_PSK_WITH_NULL_SHA384 = 0xb5, /* AES-GCM */ TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x9c, TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x9d, TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x9e, TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x9f, + TLS_PSK_WITH_AES_128_GCM_SHA256 = 0xa8, + TLS_PSK_WITH_AES_256_GCM_SHA384 = 0xa9, + TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0xaa, + TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0xab, /* ECC AES-GCM, first byte is 0xC0 (ECC_BYTE) */ TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0x2b, @@ -320,14 +564,39 @@ enum { TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0x2f, TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0x30, TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0x31, - TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0x32 + TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0x32, + + /* AES-CCM, first byte is 0xC0 but isn't ECC, + * also, in some of the other AES-CCM suites + * there will be second byte number conflicts + * with non-ECC AES-GCM */ + TLS_RSA_WITH_AES_128_CCM_8 = 0xa0, + TLS_RSA_WITH_AES_256_CCM_8 = 0xa1, + TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xae, + TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xaf, + TLS_PSK_WITH_AES_128_CCM = 0xa4, + TLS_PSK_WITH_AES_256_CCM = 0xa5, + TLS_PSK_WITH_AES_128_CCM_8 = 0xa8, + TLS_PSK_WITH_AES_256_CCM_8 = 0xa9, + TLS_DHE_PSK_WITH_AES_128_CCM = 0xa6, + TLS_DHE_PSK_WITH_AES_256_CCM = 0xa7, + + /* Camellia */ + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x41, + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x84, + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xba, + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc0, + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x45, + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x88, + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xbe, + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0xc4, + + /* Renegotiation Indication Extension Special Suite */ + TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0xff }; enum Misc { - SERVER_END = 0, - CLIENT_END, - ECC_BYTE = 0xC0, /* ECC first cipher suite byte */ SEND_CERT = 1, @@ -335,38 +604,47 @@ enum Misc { DTLS_MAJOR = 0xfe, /* DTLS major version number */ DTLS_MINOR = 0xff, /* DTLS minor version number */ + DTLSv1_2_MINOR = 0xfd, /* DTLS minor version number */ SSLv3_MAJOR = 3, /* SSLv3 and TLSv1+ major version number */ SSLv3_MINOR = 0, /* TLSv1 minor version number */ TLSv1_MINOR = 1, /* TLSv1 minor version number */ TLSv1_1_MINOR = 2, /* TLSv1_1 minor version number */ TLSv1_2_MINOR = 3, /* TLSv1_2 minor version number */ + INVALID_BYTE = 0xff, /* Used to initialize cipher specs values */ NO_COMPRESSION = 0, ZLIB_COMPRESSION = 221, /* CyaSSL zlib compression */ HELLO_EXT_SIG_ALGO = 13, /* ID for the sig_algo hello extension */ SECRET_LEN = 48, /* pre RSA and all master */ ENCRYPT_LEN = 512, /* allow 4096 bit static buffer */ SIZEOF_SENDER = 4, /* clnt or srvr */ - FINISHED_SZ = MD5_DIGEST_SIZE + SHA_DIGEST_SIZE, + FINISHED_SZ = 36, /* MD5_DIGEST_SIZE + SHA_DIGEST_SIZE */ MAX_RECORD_SIZE = 16384, /* 2^14, max size by standard */ - MAX_MSG_EXTRA = 70, /* max added to msg, mac + pad from */ - /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + SHA_256 + MAX_MSG_EXTRA = 38 + MAX_DIGEST_SIZE, + /* max added to msg, mac + pad from */ + /* RECORD_HEADER_SZ + BLOCK_SZ (pad) + Max digest sz + BLOC_SZ (iv) + pad byte (1) */ MAX_COMP_EXTRA = 1024, /* max compression extra */ MAX_MTU = 1500, /* max expected MTU */ - MAX_UDP_SIZE = MAX_MTU - 100, /* don't exceed MTU w/ 100 byte header */ + MAX_UDP_SIZE = 8192 - 100, /* was MAX_MTU - 100 */ MAX_DH_SZ = 612, /* 2240 p, pub, g + 2 byte size for each */ MAX_STR_VERSION = 8, /* string rep of protocol version */ PAD_MD5 = 48, /* pad length for finished */ PAD_SHA = 40, /* pad length for finished */ + MAX_PAD_SIZE = 256, /* maximum length of padding */ + COMPRESS_DUMMY_SIZE = 64, /* compression dummy round size */ + COMPRESS_CONSTANT = 13, /* compression calc constant */ + COMPRESS_UPPER = 55, /* compression calc numerator */ + COMPRESS_LOWER = 64, /* compression calc denominator */ + PEM_LINE_LEN = 80, /* PEM line max + fudge */ LENGTH_SZ = 2, /* length field for HMAC, data only */ VERSION_SZ = 2, /* length of proctocol version */ SEQ_SZ = 8, /* 64 bit sequence number */ BYTE3_LEN = 3, /* up to 24 bit byte lengths */ ALERT_SIZE = 2, /* level + description */ - REQUEST_HEADER = 2, /* always use 2 bytes */ VERIFY_HEADER = 2, /* always use 2 bytes */ + EXT_ID_SZ = 2, /* always use 2 bytes */ MAX_DH_SIZE = 513, /* 4096 bit plus possible leading 0 */ MAX_SUITE_SZ = 200, /* 100 suites for now! */ @@ -377,30 +655,39 @@ enum Misc { COOKIE_SZ = 20, /* use a 20 byte cookie */ SUITE_LEN = 2, /* cipher suite sz length */ ENUM_LEN = 1, /* always a byte */ + OPAQUE8_LEN = 1, /* 1 byte */ + OPAQUE16_LEN = 2, /* 2 bytes */ + OPAQUE24_LEN = 3, /* 3 bytes */ COMP_LEN = 1, /* compression length */ CURVE_LEN = 2, /* ecc named curve length */ + SERVER_ID_LEN = 20, /* server session id length */ - HANDSHAKE_HEADER_SZ = 4, /* type + length(3) */ - RECORD_HEADER_SZ = 5, /* type + version + len(2) */ - CERT_HEADER_SZ = 3, /* always 3 bytes */ - REQ_HEADER_SZ = 2, /* cert request header sz */ - HINT_LEN_SZ = 2, /* length of hint size field */ - HELLO_EXT_SZ = 14, /* total length of the lazy hello extensions */ - HELLO_EXT_LEN = 12, /* length of the lazy hello extensions */ - HELLO_EXT_SIGALGO_SZ = 8, /* length of signature algo extension */ - HELLO_EXT_SIGALGO_LEN = 6, /* number of items in the signature algo list */ + HANDSHAKE_HEADER_SZ = 4, /* type + length(3) */ + RECORD_HEADER_SZ = 5, /* type + version + len(2) */ + CERT_HEADER_SZ = 3, /* always 3 bytes */ + REQ_HEADER_SZ = 2, /* cert request header sz */ + HINT_LEN_SZ = 2, /* length of hint size field */ + TRUNCATED_HMAC_SZ = 10, /* length of hmac w/ truncated hmac extension */ + HELLO_EXT_TYPE_SZ = 2, /* length of a hello extension type */ + HELLO_EXT_SZ = 8, /* total length of the lazy hello extensions */ + HELLO_EXT_LEN = 6, /* length of the lazy hello extensions */ + HELLO_EXT_SIGALGO_SZ = 2, /* length of signature algo extension */ + HELLO_EXT_SIGALGO_MAX = 32, /* number of items in the signature algo list */ DTLS_HANDSHAKE_HEADER_SZ = 12, /* normal + seq(2) + offset(3) + length(3) */ DTLS_RECORD_HEADER_SZ = 13, /* normal + epoch(2) + seq_num(6) */ DTLS_HANDSHAKE_EXTRA = 8, /* diff from normal */ DTLS_RECORD_EXTRA = 8, /* diff from normal */ + DTLS_HANDSHAKE_SEQ_SZ = 2, /* handshake header sequence number */ + DTLS_HANDSHAKE_FRAG_SZ = 3, /* fragment offset and length are 24 bit */ + DTLS_POOL_SZ = 5, /* buffers to hold in the retry pool */ FINISHED_LABEL_SZ = 15, /* TLS finished label size */ TLS_FINISHED_SZ = 12, /* TLS has a shorter size */ MASTER_LABEL_SZ = 13, /* TLS master secret label sz */ KEY_LABEL_SZ = 13, /* TLS key block expansion sz */ - MAX_PRF_HALF = 128, /* Maximum half secret len */ - MAX_PRF_LABSEED = 80, /* Maximum label + seed len */ + MAX_PRF_HALF = 256, /* Maximum half secret len */ + MAX_PRF_LABSEED = 128, /* Maximum label + seed len */ MAX_PRF_DIG = 224, /* Maximum digest len */ MAX_REQUEST_SZ = 256, /* Maximum cert req len (no auth yet */ SESSION_FLUSH_COUNT = 256, /* Flush session cache unless user turns off */ @@ -412,9 +699,6 @@ enum Misc { AES_256_KEY_SIZE = 32, /* for 256 bit */ AES_192_KEY_SIZE = 24, /* for 192 bit */ AES_IV_SIZE = 16, /* always block size */ - AES_GCM_IMP_IV_SZ = 4, /* Implicit part of IV */ - AES_GCM_EXP_IV_SZ = 8, /* Explicit part of IV */ - AES_GCM_CTR_IV_SZ = 4, /* Counter part of IV */ AES_128_KEY_SIZE = 16, /* for 128 bit */ AEAD_SEQ_OFFSET = 4, /* Auth Data: Sequence number */ @@ -422,8 +706,19 @@ enum Misc { AEAD_VMAJ_OFFSET = 9, /* Auth Data: Major Version */ AEAD_VMIN_OFFSET = 10, /* Auth Data: Minor Version */ AEAD_LEN_OFFSET = 11, /* Auth Data: Length */ - AEAD_AUTH_TAG_SZ = 16, /* Size of the authentication tag */ AEAD_AUTH_DATA_SZ = 13, /* Size of the data to authenticate */ + AEAD_IMP_IV_SZ = 4, /* Size of the implicit IV */ + AEAD_EXP_IV_SZ = 8, /* Size of the explicit IV */ + AEAD_NONCE_SZ = AEAD_EXP_IV_SZ + AEAD_IMP_IV_SZ, + + AES_GCM_AUTH_SZ = 16, /* AES-GCM Auth Tag length */ + AES_CCM_16_AUTH_SZ = 16, /* AES-CCM-16 Auth Tag length */ + AES_CCM_8_AUTH_SZ = 8, /* AES-CCM-8 Auth Tag Length */ + + CAMELLIA_128_KEY_SIZE = 16, /* for 128 bit */ + CAMELLIA_192_KEY_SIZE = 24, /* for 192 bit */ + CAMELLIA_256_KEY_SIZE = 32, /* for 256 bit */ + CAMELLIA_IV_SIZE = 16, /* always block size */ HC_128_KEY_SIZE = 16, /* 128 bits */ HC_128_IV_SIZE = 16, /* also 128 bits */ @@ -442,15 +737,19 @@ enum Misc { MAX_SUITE_NAME = 48, /* maximum length of cipher suite string */ DEFAULT_TIMEOUT = 500, /* default resumption timeout in seconds */ + DTLS_TIMEOUT_INIT = 1, /* default timeout init for DTLS receive */ + DTLS_TIMEOUT_MAX = 64, /* default max timeout for DTLS receive */ + DTLS_TIMEOUT_MULTIPLIER = 2, /* default timeout multiplier for DTLS recv */ + MAX_PSK_ID_LEN = 128, /* max psk identity/hint supported */ MAX_PSK_KEY_LEN = 64, /* max psk key supported */ + MAX_CYASSL_FILE_SIZE = 1024 * 1024 * 4, /* 4 mb file size alloc limit */ + #ifdef FORTRESS MAX_EX_DATA = 3, /* allow for three items of ex_data */ - MAX_CHAIN_DEPTH = 9, /* max cert chain peer depth, FORTRESS option */ -#else - MAX_CHAIN_DEPTH = 6, /* max cert chain peer depth */ #endif + MAX_X509_SIZE = 2048, /* max static x509 buffer size */ CERT_MIN_SIZE = 256, /* min PEM cert size with header/footer */ MAX_FILENAME_SZ = 256, /* max file name length */ @@ -465,11 +764,34 @@ enum Misc { HASH_SIG_SIZE = 2, /* default SHA1 RSA */ + NO_CAVIUM_DEVICE = -2, /* invalid cavium device id */ + NO_COPY = 0, /* should we copy static buffer for write */ COPY = 1 /* should we copy static buffer for write */ }; +#ifdef SESSION_INDEX +/* Shift values for making a session index */ +#define SESSIDX_ROW_SHIFT 4 +#define SESSIDX_IDX_MASK 0x0F +#endif + + +/* max cert chain peer depth */ +#ifndef MAX_CHAIN_DEPTH + #define MAX_CHAIN_DEPTH 9 +#endif + + +/* don't use extra 3/4k stack space unless need to */ +#ifdef HAVE_NTRU + #define MAX_ENCRYPT_SZ MAX_NTRU_ENCRYPT_SZ +#else + #define MAX_ENCRYPT_SZ ENCRYPT_LEN +#endif + + /* states */ enum states { NULL_STATE = 0, @@ -489,12 +811,17 @@ enum states { }; +#if defined(__GNUC__) + #define CYASSL_PACK __attribute__ ((packed)) +#else + #define CYASSL_PACK +#endif /* SSL Version */ typedef struct ProtocolVersion { byte major; byte minor; -} ProtocolVersion; +} CYASSL_PACK ProtocolVersion; CYASSL_LOCAL ProtocolVersion MakeSSLv3(void); @@ -504,6 +831,7 @@ CYASSL_LOCAL ProtocolVersion MakeTLSv1_2(void); #ifdef CYASSL_DTLS CYASSL_LOCAL ProtocolVersion MakeDTLSv1(void); + CYASSL_LOCAL ProtocolVersion MakeDTLSv1_2(void); #endif @@ -548,7 +876,7 @@ CYASSL_LOCAL void InitSSL_Method(CYASSL_METHOD*, ProtocolVersion); /* for sniffer */ CYASSL_LOCAL int DoFinished(CYASSL* ssl, const byte* input, word32* inOutIdx, - int sniff); + word32 size, word32 totalSz, int sniff); CYASSL_LOCAL int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx); @@ -579,8 +907,16 @@ enum { #define MTU_EXTRA 0 #endif -/* give user option to use 16K static buffers, sniffer needs them too */ -#if defined(LARGE_STATIC_BUFFERS) || defined(CYASSL_SNIFFER) + +/* embedded callbacks require large static buffers, make sure on */ +#ifdef CYASSL_CALLBACKS + #undef LARGE_STATIC_BUFFERS + #define LARGE_STATIC_BUFFERS +#endif + + +/* give user option to use 16K static buffers */ +#if defined(LARGE_STATIC_BUFFERS) #define RECORD_SIZE MAX_RECORD_SIZE #else #ifdef CYASSL_DTLS @@ -609,16 +945,22 @@ enum { The length (in bytes) of the following TLSPlaintext.fragment. The length should not exceed 2^14. */ -#define STATIC_BUFFER_LEN RECORD_HEADER_SZ + RECORD_SIZE + COMP_EXTRA + \ - MTU_EXTRA + MAX_MSG_EXTRA +#if defined(LARGE_STATIC_BUFFERS) + #define STATIC_BUFFER_LEN RECORD_HEADER_SZ + RECORD_SIZE + COMP_EXTRA + \ + MTU_EXTRA + MAX_MSG_EXTRA +#else + /* don't fragment memory from the record header */ + #define STATIC_BUFFER_LEN RECORD_HEADER_SZ +#endif typedef struct { word32 length; /* total buffer length used */ word32 idx; /* idx to part of length already consumed */ byte* buffer; /* place holder for static or dynamic buffer */ - ALIGN16 byte staticBuffer[STATIC_BUFFER_LEN]; word32 bufferSize; /* current buffer size */ + ALIGN16 byte staticBuffer[STATIC_BUFFER_LEN]; byte dynamicFlag; /* dynamic memory currently in use */ + byte offset; /* alignment offset attempt */ } bufferStatic; /* Cipher Suites holder */ @@ -626,11 +968,16 @@ typedef struct Suites { int setSuites; /* user set suites from default */ byte suites[MAX_SUITE_SZ]; word16 suiteSz; /* suite length in bytes */ + byte hashSigAlgo[HELLO_EXT_SIGALGO_MAX]; /* sig/algo to offer */ + word16 hashSigAlgoSz; /* SigAlgo extension length in bytes */ + byte hashAlgo; /* selected hash algorithm */ + byte sigAlgo; /* selected sig algorithm */ } Suites; CYASSL_LOCAL -void InitSuites(Suites*, ProtocolVersion, byte, byte, byte, byte, byte, int); +void InitSuites(Suites*, ProtocolVersion, + byte, byte, byte, byte, byte, byte, int); CYASSL_LOCAL int SetCipherList(Suites*, const char* list); @@ -642,20 +989,10 @@ int SetCipherList(Suites*, const char* list); #endif /* PSK_TYPES_DEFINED */ -#ifndef CYASSL_USER_IO - /* default IO callbacks */ - CYASSL_LOCAL - int EmbedReceive(char *buf, int sz, void *ctx); - CYASSL_LOCAL - int EmbedSend(char *buf, int sz, void *ctx); -#endif - -#ifdef CYASSL_DTLS - CYASSL_LOCAL - int EmbedGenerateCookie(byte *buf, int sz, void *ctx); - CYASSL_LOCAL - int IsUDP(void*); -#endif +#ifdef HAVE_NETX + CYASSL_LOCAL int NetX_Receive(CYASSL *ssl, char *buf, int sz, void *ctx); + CYASSL_LOCAL int NetX_Send(CYASSL *ssl, char *buf, int sz, void *ctx); +#endif /* HAVE_NETX */ /* CyaSSL Cipher type just points back to SSL */ @@ -664,61 +1001,61 @@ struct CYASSL_CIPHER { }; -#ifdef SINGLE_THREADED - typedef int CyaSSL_Mutex; -#else /* MULTI_THREADED */ - /* FREERTOS comes first to enable use of FreeRTOS Windows simulator only */ - #ifdef FREERTOS - typedef xSemaphoreHandle CyaSSL_Mutex; - #elif defined(USE_WINDOWS_API) - typedef CRITICAL_SECTION CyaSSL_Mutex; - #elif defined(CYASSL_PTHREADS) - typedef pthread_mutex_t CyaSSL_Mutex; - #elif defined(THREADX) - typedef TX_MUTEX CyaSSL_Mutex; - #elif defined(MICRIUM) - typedef OS_MUTEX CyaSSL_Mutex; - #else - #error Need a mutex type in multithreaded mode - #endif /* USE_WINDOWS_API */ -#endif /* SINGLE_THREADED */ - -CYASSL_LOCAL int InitMutex(CyaSSL_Mutex*); -CYASSL_LOCAL int FreeMutex(CyaSSL_Mutex*); -CYASSL_LOCAL int LockMutex(CyaSSL_Mutex*); -CYASSL_LOCAL int UnLockMutex(CyaSSL_Mutex*); - +typedef struct OCSP_Entry OCSP_Entry; +#ifdef SHA_DIGEST_SIZE + #define OCSP_DIGEST_SIZE SHA_DIGEST_SIZE +#else + #define OCSP_DIGEST_SIZE 160 +#endif -typedef struct OCSP_Entry OCSP_Entry; +#ifdef NO_ASN + /* no_asn won't have */ + typedef struct CertStatus CertStatus; +#endif struct OCSP_Entry { - OCSP_Entry* next; /* next entry */ - byte issuerHash[SHA_DIGEST_SIZE]; /* issuer hash */ - byte issuerKeyHash[SHA_DIGEST_SIZE]; /* issuer public key hash */ - CertStatus* status; /* OCSP response list */ - int totalStatus; /* number on list */ + OCSP_Entry* next; /* next entry */ + byte issuerHash[OCSP_DIGEST_SIZE]; /* issuer hash */ + byte issuerKeyHash[OCSP_DIGEST_SIZE]; /* issuer public key hash */ + CertStatus* status; /* OCSP response list */ + int totalStatus; /* number on list */ }; +#ifndef HAVE_OCSP + typedef struct CYASSL_OCSP CYASSL_OCSP; +#endif + /* CyaSSL OCSP controller */ struct CYASSL_OCSP { - byte enabled; - byte useOverrideUrl; - char overrideName[80]; - char overridePath[80]; - int overridePort; - OCSP_Entry* ocspList; + CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */ + OCSP_Entry* ocspList; /* OCSP response list */ + CyaSSL_Mutex ocspLock; /* OCSP list lock */ }; +#ifndef MAX_DATE_SIZE +#define MAX_DATE_SIZE 32 +#endif typedef struct CRL_Entry CRL_Entry; +#ifdef SHA_DIGEST_SIZE + #define CRL_DIGEST_SIZE SHA_DIGEST_SIZE +#else + #define CRL_DIGEST_SIZE 160 +#endif + +#ifdef NO_ASN + typedef struct RevokedCert RevokedCert; +#endif + /* Complete CRL */ struct CRL_Entry { CRL_Entry* next; /* next entry */ - byte issuerHash[SHA_DIGEST_SIZE]; /* issuer hash */ - byte crlHash[MD5_DIGEST_SIZE]; /* raw crl data hash */ + byte issuerHash[CRL_DIGEST_SIZE]; /* issuer hash */ + /* byte crlHash[CRL_DIGEST_SIZE]; raw crl data hash */ + /* restore the hash here if needed for optimized comparisons */ byte lastDate[MAX_DATE_SIZE]; /* last date updated */ byte nextDate[MAX_DATE_SIZE]; /* next update date */ byte lastDateFormat; /* last date format */ @@ -737,6 +1074,10 @@ struct CRL_Monitor { }; +#ifndef HAVE_CRL + typedef struct CYASSL_CRL CYASSL_CRL; +#endif + /* CyaSSL CRL controller */ struct CYASSL_CRL { CYASSL_CERT_MANAGER* cm; /* pointer back to cert manager */ @@ -745,13 +1086,23 @@ struct CYASSL_CRL { CRL_Monitor monitors[2]; /* PEM and DER possible */ #ifdef HAVE_CRL_MONITOR pthread_t tid; /* monitoring thread */ + int mfd; /* monitor fd, -1 if no init yet */ #endif }; +#ifdef NO_ASN + typedef struct Signer Signer; +#endif + + +#ifndef CA_TABLE_SIZE + #define CA_TABLE_SIZE 11 +#endif + /* CyaSSL Certificate Manager */ struct CYASSL_CERT_MANAGER { - Signer* caList; /* the CA signer list */ + Signer* caTable[CA_TABLE_SIZE]; /* the CA signer table */ CyaSSL_Mutex caLock; /* CA list lock */ CallbackCACache caCacheCallback; /* CA cache addition callback */ void* heap; /* heap helper */ @@ -759,14 +1110,133 @@ struct CYASSL_CERT_MANAGER { byte crlEnabled; /* is CRL on ? */ byte crlCheckAll; /* always leaf, but all ? */ CbMissingCRL cbMissingCRL; /* notify through cb of missing crl */ + CYASSL_OCSP* ocsp; /* OCSP checker */ + byte ocspEnabled; /* is OCSP on ? */ + byte ocspSendNonce; /* send the OCSP nonce ? */ + byte ocspUseOverrideURL; /* ignore cert's responder, override */ + char* ocspOverrideURL; /* use this responder */ + void* ocspIOCtx; /* I/O callback CTX */ + CbOCSPIO ocspIOCb; /* I/O callback for OCSP lookup */ + CbOCSPRespFree ocspRespFreeCb; /* Frees OCSP Response from IO Cb */ }; +CYASSL_LOCAL int CM_SaveCertCache(CYASSL_CERT_MANAGER*, const char*); +CYASSL_LOCAL int CM_RestoreCertCache(CYASSL_CERT_MANAGER*, const char*); +CYASSL_LOCAL int CM_MemSaveCertCache(CYASSL_CERT_MANAGER*, void*, int, int*); +CYASSL_LOCAL int CM_MemRestoreCertCache(CYASSL_CERT_MANAGER*, const void*, int); +CYASSL_LOCAL int CM_GetCertCacheMemSize(CYASSL_CERT_MANAGER*); + +/* CyaSSL Sock Addr */ +struct CYASSL_SOCKADDR { + unsigned int sz; /* sockaddr size */ + void* sa; /* pointer to the sockaddr_in or sockaddr_in6 */ +}; + +typedef struct CYASSL_DTLS_CTX { + CYASSL_SOCKADDR peer; + int fd; +} CYASSL_DTLS_CTX; + +/* RFC 6066 TLS Extensions */ +#ifdef HAVE_TLS_EXTENSIONS + +typedef enum { + SERVER_NAME_INDICATION = 0, + MAX_FRAGMENT_LENGTH = 1, + TRUNCATED_HMAC = 4, + ELLIPTIC_CURVES = 10 +} TLSX_Type; + +typedef struct TLSX { + TLSX_Type type; /* Extension Type */ + void* data; /* Extension Data */ + byte resp; /* IsResponse Flag */ + struct TLSX* next; /* List Behavior */ +} TLSX; + +CYASSL_LOCAL TLSX* TLSX_Find(TLSX* list, TLSX_Type type); +CYASSL_LOCAL void TLSX_FreeAll(TLSX* list); +CYASSL_LOCAL int TLSX_SupportExtensions(CYASSL* ssl); + +#ifndef NO_CYASSL_CLIENT +CYASSL_LOCAL word16 TLSX_GetRequestSize(CYASSL* ssl); +CYASSL_LOCAL word16 TLSX_WriteRequest(CYASSL* ssl, byte* output); +#endif + +#ifndef NO_CYASSL_SERVER +CYASSL_LOCAL word16 TLSX_GetResponseSize(CYASSL* ssl); +CYASSL_LOCAL word16 TLSX_WriteResponse(CYASSL* ssl, byte* output); +#endif + +CYASSL_LOCAL int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, + byte isRequest, Suites *suites); + +/* Server Name Indication */ +#ifdef HAVE_SNI + +typedef struct SNI { + byte type; /* SNI Type */ + union { char* host_name; } data; /* SNI Data */ + struct SNI* next; /* List Behavior */ +#ifndef NO_CYASSL_SERVER + byte options; /* Behaviour options */ + byte status; /* Matching result */ +#endif +} SNI; + +CYASSL_LOCAL int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, + word16 size); + +#ifndef NO_CYASSL_SERVER +CYASSL_LOCAL void TLSX_SNI_SetOptions(TLSX* extensions, byte type, + byte options); +CYASSL_LOCAL byte TLSX_SNI_Status(TLSX* extensions, byte type); +CYASSL_LOCAL word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, + void** data); +CYASSL_LOCAL int TLSX_SNI_GetFromBuffer(const byte* buffer, word32 bufferSz, + byte type, byte* sni, word32* inOutSz); +#endif + +#endif /* HAVE_SNI */ + +/* Maximum Fragment Length */ +#ifdef HAVE_MAX_FRAGMENT + +CYASSL_LOCAL int TLSX_UseMaxFragment(TLSX** extensions, byte mfl); + +#endif /* HAVE_MAX_FRAGMENT */ + +#ifdef HAVE_TRUNCATED_HMAC + +CYASSL_LOCAL int TLSX_UseTruncatedHMAC(TLSX** extensions); + +#endif /* HAVE_TRUNCATED_HMAC */ + +#ifdef HAVE_SUPPORTED_CURVES + +typedef struct EllipticCurve { + word16 name; /* CurveNames */ + struct EllipticCurve* next; /* List Behavior */ + +} EllipticCurve; + +CYASSL_LOCAL int TLSX_UseSupportedCurve(TLSX** extensions, word16 name); + +#ifndef NO_CYASSL_SERVER +CYASSL_LOCAL int TLSX_ValidateEllipticCurves(CYASSL* ssl, byte first, + byte second); +#endif + +#endif /* HAVE_SUPPORTED_CURVES */ + +#endif /* HAVE_TLS_EXTENSIONS */ /* CyaSSL context type */ struct CYASSL_CTX { CYASSL_METHOD* method; CyaSSL_Mutex countMutex; /* reference count mutex */ int refCount; /* reference count */ +#ifndef NO_CERTS buffer certificate; buffer certChain; /* chain after self, in DER, with leading size for each cert */ @@ -774,6 +1244,7 @@ struct CYASSL_CTX { buffer serverDH_P; buffer serverDH_G; CYASSL_CERT_MANAGER* cm; /* our cert manager, ctx owns SSL will use */ +#endif Suites suites; void* heap; /* for user memory overrides */ byte verifyPeer; @@ -782,6 +1253,7 @@ struct CYASSL_CTX { byte sessionCacheOff; byte sessionCacheFlushOff; byte sendVerify; /* for client side */ + byte haveRSA; /* RSA available */ byte haveDH; /* server DH parms set by user */ byte haveNTRU; /* server private NTRU key loaded */ byte haveECDSAsig; /* server cert signed w/ ECDSA */ @@ -791,10 +1263,14 @@ struct CYASSL_CTX { byte groupMessages; /* group handshake messages before sending */ CallbackIORecv CBIORecv; CallbackIOSend CBIOSend; +#ifdef CYASSL_DTLS + CallbackGenCookie CBIOCookie; /* gen cookie callback */ +#endif VerifyCallback verifyCallback; /* cert verification callback */ word32 timeout; /* session timeout */ #ifdef HAVE_ECC word16 eccTempKeySz; /* in octets 20 - 66 */ + word32 pkCurveOID; /* curve Ecc_Sum */ #endif #ifndef NO_PSK byte havePSK; /* psk key set by user */ @@ -809,6 +1285,28 @@ struct CYASSL_CTX { #ifdef HAVE_OCSP CYASSL_OCSP ocsp; #endif +#ifdef HAVE_CAVIUM + int devId; /* cavium device id to use */ +#endif +#ifdef HAVE_TLS_EXTENSIONS + TLSX* extensions; /* RFC 6066 TLS Extensions data */ +#endif +#ifdef ATOMIC_USER + CallbackMacEncrypt MacEncryptCb; /* Atomic User Mac/Encrypt Cb */ + CallbackDecryptVerify DecryptVerifyCb; /* Atomic User Decrypt/Verify Cb */ +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + CallbackEccSign EccSignCb; /* User EccSign Callback handler */ + CallbackEccVerify EccVerifyCb; /* User EccVerify Callback handler */ + #endif /* HAVE_ECC */ + #ifndef NO_RSA + CallbackRsaSign RsaSignCb; /* User RsaSign Callback handler */ + CallbackRsaVerify RsaVerifyCb; /* User RsaVerify Callback handler */ + CallbackRsaEnc RsaEncCb; /* User Rsa Public Encrypt handler */ + CallbackRsaDec RsaDecCb; /* User Rsa Private Decrypt handler */ + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ }; @@ -824,10 +1322,12 @@ int DeriveTlsKeys(CYASSL* ssl); CYASSL_LOCAL int ProcessOldClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx, word32 inSz, word16 sz); -CYASSL_LOCAL -int AddCA(CYASSL_CERT_MANAGER* ctx, buffer der, int type, int verify); -CYASSL_LOCAL -int AlreadySigner(CYASSL_CERT_MANAGER* cm, byte* hash); +#ifndef NO_CERTS + CYASSL_LOCAL + int AddCA(CYASSL_CERT_MANAGER* ctx, buffer der, int type, int verify); + CYASSL_LOCAL + int AlreadySigner(CYASSL_CERT_MANAGER* cm, byte* hash); +#endif /* All cipher suite related info */ typedef struct CipherSpecs { @@ -842,24 +1342,11 @@ typedef struct CipherSpecs { word16 key_size; word16 iv_size; word16 block_size; + word16 aead_mac_size; } CipherSpecs; - -/* Supported Ciphers from page 43 */ -enum BulkCipherAlgorithm { - cipher_null, - rc4, - rc2, - des, - triple_des, /* leading 3 (3des) not valid identifier */ - des40, - idea, - aes, - aes_gcm, - hc128, /* CyaSSL extensions */ - rabbit -}; +void InitCipherSpecs(CipherSpecs* cs); /* Supported Message Authentication Codes from page 43 */ @@ -871,7 +1358,8 @@ enum MACAlgorithm { sha256_mac, sha384_mac, sha512_mac, - rmd_mac + rmd_mac, + blake2b_mac }; @@ -882,6 +1370,7 @@ enum KeyExchangeAlgorithm { diffie_hellman_kea, fortezza_kea, psk_kea, + dhe_psk_kea, ntru_kea, ecc_diffie_hellman_kea, ecc_static_diffie_hellman_kea /* for verify suite only */ @@ -923,62 +1412,114 @@ enum ClientCertificateType { dss_fixed_dh = 4, rsa_ephemeral_dh = 5, dss_ephemeral_dh = 6, - fortezza_kea_cert = 20 + fortezza_kea_cert = 20, + ecdsa_sign = 64, + rsa_fixed_ecdh = 65, + ecdsa_fixed_ecdh = 66 }; enum CipherType { stream, block, aead }; +#ifdef CYASSL_DTLS + + #ifdef WORD64_AVAILABLE + typedef word64 DtlsSeq; + #else + typedef word32 DtlsSeq; + #endif + #define DTLS_SEQ_BITS (sizeof(DtlsSeq) * CHAR_BIT) + + typedef struct DtlsState { + DtlsSeq window; /* Sliding window for current epoch */ + word16 nextEpoch; /* Expected epoch in next record */ + word32 nextSeq; /* Expected sequence in next record */ + + word16 curEpoch; /* Received epoch in current record */ + word32 curSeq; /* Received sequence in current record */ + + DtlsSeq prevWindow; /* Sliding window for old epoch */ + word32 prevSeq; /* Next sequence in allowed old epoch */ + } DtlsState; + +#endif /* CYASSL_DTLS */ + + /* keys and secrets */ typedef struct Keys { - byte client_write_MAC_secret[SHA256_DIGEST_SIZE]; /* max sizes */ - byte server_write_MAC_secret[SHA256_DIGEST_SIZE]; + byte client_write_MAC_secret[MAX_DIGEST_SIZE]; /* max sizes */ + byte server_write_MAC_secret[MAX_DIGEST_SIZE]; byte client_write_key[AES_256_KEY_SIZE]; /* max sizes */ byte server_write_key[AES_256_KEY_SIZE]; byte client_write_IV[AES_IV_SIZE]; /* max sizes */ byte server_write_IV[AES_IV_SIZE]; +#ifdef HAVE_AEAD + byte aead_exp_IV[AEAD_EXP_IV_SZ]; + byte aead_enc_imp_IV[AEAD_IMP_IV_SZ]; + byte aead_dec_imp_IV[AEAD_IMP_IV_SZ]; +#endif word32 peer_sequence_number; word32 sequence_number; #ifdef CYASSL_DTLS - word32 dtls_sequence_number; - word32 dtls_peer_sequence_number; - word16 dtls_handshake_number; - word16 dtls_epoch; - word16 dtls_peer_epoch; + DtlsState dtls_state; /* Peer's state */ + word16 dtls_peer_handshake_number; + word16 dtls_expected_peer_handshake_number; + + word16 dtls_epoch; /* Current tx epoch */ + word32 dtls_sequence_number; /* Current tx sequence */ + word16 dtls_handshake_number; /* Current tx handshake seq */ #endif word32 encryptSz; /* last size of encrypted data */ + word32 padSz; /* how much to advance after decrypt part */ byte encryptionOn; /* true after change cipher spec */ + byte decryptedCur; /* only decrypt current record once */ } Keys; /* cipher for now */ -typedef union { +typedef struct Ciphers { #ifdef BUILD_ARC4 - Arc4 arc4; + Arc4* arc4; #endif #ifdef BUILD_DES3 - Des3 des3; + Des3* des3; #endif -#ifdef BUILD_AES - Aes aes; +#if defined(BUILD_AES) || defined(BUILD_AESGCM) + Aes* aes; +#endif +#ifdef HAVE_CAMELLIA + Camellia* cam; #endif #ifdef HAVE_HC128 - HC128 hc128; + HC128* hc128; #endif #ifdef BUILD_RABBIT - Rabbit rabbit; + Rabbit* rabbit; #endif + byte setup; /* have we set it up flag for detection */ } Ciphers; +CYASSL_LOCAL void InitCiphers(CYASSL* ssl); +CYASSL_LOCAL void FreeCiphers(CYASSL* ssl); + + /* hashes type */ typedef struct Hashes { - byte md5[MD5_DIGEST_SIZE]; + #ifndef NO_OLD_TLS + byte md5[MD5_DIGEST_SIZE]; + #endif byte sha[SHA_DIGEST_SIZE]; + #ifndef NO_SHA256 + byte sha256[SHA256_DIGEST_SIZE]; + #endif + #ifdef CYASSL_SHA384 + byte sha384[SHA384_DIGEST_SIZE]; + #endif } Hashes; @@ -998,16 +1539,20 @@ struct CYASSL_X509_CHAIN { /* CyaSSL session type */ struct CYASSL_SESSION { - byte sessionID[ID_LEN]; - byte masterSecret[SECRET_LEN]; + byte sessionID[ID_LEN]; /* id for protocol */ + byte masterSecret[SECRET_LEN]; /* stored secret */ word32 bornOn; /* create time in seconds */ word32 timeout; /* timeout in seconds */ #ifdef SESSION_CERTS - CYASSL_X509_CHAIN chain; /* peer cert chain, static */ - ProtocolVersion version; + CYASSL_X509_CHAIN chain; /* peer cert chain, static */ + ProtocolVersion version; /* which version was used */ byte cipherSuite0; /* first byte, normally 0 */ byte cipherSuite; /* 2nd byte, actual suite */ #endif +#ifndef NO_CLIENT_CACHE + byte serverID[SERVER_ID_LEN]; /* for easier client lookup */ + word16 idLen; /* serverID length */ +#endif }; @@ -1016,8 +1561,11 @@ CYASSL_SESSION* GetSession(CYASSL*, byte*); CYASSL_LOCAL int SetSession(CYASSL*, CYASSL_SESSION*); -typedef void (*hmacfp) (CYASSL*, byte*, const byte*, word32, int, int); +typedef int (*hmacfp) (CYASSL*, byte*, const byte*, word32, int, int); +#ifndef NO_CLIENT_CACHE + CYASSL_SESSION* GetSessionClient(CYASSL*, const byte*, int); +#endif /* client connect state for nonblocking restart */ enum ConnectState { @@ -1054,15 +1602,17 @@ enum AcceptState { typedef struct Buffers { +#ifndef NO_CERTS buffer certificate; /* CYASSL_CTX owns, unless we own */ buffer key; /* CYASSL_CTX owns, unless we own */ - buffer certChain; /* CYASSL_CTX owns */ + buffer certChain; /* CYASSL_CTX owns, unless we own */ /* chain after self, in DER, with leading size for each cert */ - buffer domainName; /* for client check */ buffer serverDH_P; /* CYASSL_CTX owns, unless we own */ buffer serverDH_G; /* CYASSL_CTX owns, unless we own */ buffer serverDH_Pub; buffer serverDH_Priv; +#endif + buffer domainName; /* for client check */ bufferStatic inputBuffer; bufferStatic outputBuffer; buffer clearOutputBuffer; @@ -1071,11 +1621,22 @@ typedef struct Buffers { int plainSz; /* plain text bytes in buffer to send when got WANT_WRITE */ byte weOwnCert; /* SSL own cert flag */ + byte weOwnCertChain; /* SSL own cert chain flag */ byte weOwnKey; /* SSL own key flag */ byte weOwnDH; /* SSL own dh (p,g) flag */ +#ifdef CYASSL_DTLS + CYASSL_DTLS_CTX dtlsCtx; /* DTLS connection context */ +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + buffer peerEccDsaKey; /* we own for Ecc Verify Callbacks */ + #endif /* HAVE_ECC */ + #ifndef NO_RSA + buffer peerRsaKey; /* we own for Rsa Verify Callbacks */ + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ } Buffers; - typedef struct Options { byte sessionCacheOff; byte sessionCacheFlushOff; @@ -1102,11 +1663,13 @@ typedef struct Options { byte connectState; /* nonblocking resume */ byte acceptState; /* nonblocking resume */ byte usingCompression; /* are we using compression */ + byte haveRSA; /* RSA available */ byte haveDH; /* server DH parms set by user */ byte haveNTRU; /* server NTRU private key loaded */ byte haveECDSAsig; /* server ECDSA signed cert */ byte haveStaticECC; /* static server ECC private key */ byte havePeerCert; /* do we have peer's cert */ + byte havePeerVerify; /* and peer's cert verify */ byte usingPSK_cipher; /* whether we're using psk as cipher */ byte sendAlertState; /* nonblocking resume */ byte processReply; /* nonblocking resume */ @@ -1114,6 +1677,9 @@ typedef struct Options { byte quietShutdown; /* don't send close notify */ byte certOnly; /* stop once we get cert */ byte groupMessages; /* group handshake messages */ + byte usingNonblock; /* set when using nonblocking socket */ + byte saveArrays; /* save array Memory for user get keys + or psk */ #ifndef NO_PSK byte havePSK; /* psk key set by user */ psk_client_callback client_psk_cb; @@ -1121,7 +1687,6 @@ typedef struct Options { #endif /* NO_PSK */ } Options; - typedef struct Arrays { byte clientRandom[RAN_LEN]; byte serverRandom[RAN_LEN]; @@ -1141,29 +1706,94 @@ typedef struct Arrays { word32 preMasterSz; /* differs for DH, actual size */ } Arrays; +#ifndef ASN_NAME_MAX +#define ASN_NAME_MAX 256 +#endif + +#ifndef MAX_DATE_SZ +#define MAX_DATE_SZ 32 +#endif struct CYASSL_X509_NAME { - char name[ASN_NAME_MAX]; + char *name; + char staticName[ASN_NAME_MAX]; + int dynamicName; int sz; +#ifdef OPENSSL_EXTRA + DecodedName fullName; +#endif /* OPENSSL_EXTRA */ }; +#ifndef EXTERNAL_SERIAL_SIZE + #define EXTERNAL_SERIAL_SIZE 32 +#endif + +#ifdef NO_ASN + typedef struct DNS_entry DNS_entry; +#endif struct CYASSL_X509 { + int version; CYASSL_X509_NAME issuer; CYASSL_X509_NAME subject; int serialSz; byte serial[EXTERNAL_SERIAL_SIZE]; char subjectCN[ASN_NAME_MAX]; /* common name short cut */ +#ifdef CYASSL_SEP + int deviceTypeSz; + byte deviceType[EXTERNAL_SERIAL_SIZE]; + int hwTypeSz; + byte hwType[EXTERNAL_SERIAL_SIZE]; + int hwSerialNumSz; + byte hwSerialNum[EXTERNAL_SERIAL_SIZE]; + #ifdef OPENSSL_EXTRA + byte certPolicySet; + byte certPolicyCrit; + #endif /* OPENSSL_EXTRA */ +#endif + int notBeforeSz; + byte notBefore[MAX_DATE_SZ]; + int notAfterSz; + byte notAfter[MAX_DATE_SZ]; + int sigOID; + buffer sig; + int pubKeyOID; + buffer pubKey; + #ifdef HAVE_ECC + word32 pkCurveOID; + #endif /* HAVE_ECC */ buffer derCert; /* may need */ DNS_entry* altNames; /* alt names list */ DNS_entry* altNamesNext; /* hint for retrieval */ + byte dynamicMemory; /* dynamic memory flag */ + byte isCa; +#ifdef OPENSSL_EXTRA + word32 pathLength; + word16 keyUsage; + byte basicConstSet; + byte basicConstCrit; + byte basicConstPlSet; + byte subjAltNameSet; + byte subjAltNameCrit; + byte authKeyIdSet; + byte authKeyIdCrit; + byte* authKeyId; + word32 authKeyIdSz; + byte subjKeyIdSet; + byte subjKeyIdCrit; + byte* subjKeyId; + word32 subjKeyIdSz; + byte keyUsageSet; + byte keyUsageCrit; +#endif /* OPENSSL_EXTRA */ }; /* record layer header for PlainText, Compressed, and CipherText */ typedef struct RecordLayerHeader { byte type; - ProtocolVersion version; + byte pvMajor; + byte pvMinor; byte length[2]; } RecordLayerHeader; @@ -1171,33 +1801,71 @@ typedef struct RecordLayerHeader { /* record layer header for DTLS PlainText, Compressed, and CipherText */ typedef struct DtlsRecordLayerHeader { byte type; - ProtocolVersion version; + byte pvMajor; + byte pvMinor; byte epoch[2]; /* increment on cipher state change */ byte sequence_number[6]; /* per record */ byte length[2]; } DtlsRecordLayerHeader; +typedef struct DtlsPool { + buffer buf[DTLS_POOL_SZ]; + int used; +} DtlsPool; + +typedef struct DtlsMsg { + struct DtlsMsg* next; + word32 seq; /* Handshake sequence number */ + word32 sz; /* Length of whole mesage */ + word32 fragSz; /* Length of fragments received */ + byte type; + byte* buf; + byte* msg; +} DtlsMsg; + + +#ifdef HAVE_NETX + + /* NETX I/O Callback default */ + typedef struct NetX_Ctx { + NX_TCP_SOCKET* nxSocket; /* send/recv socket handle */ + NX_PACKET* nxPacket; /* incoming packet handle for short reads */ + ULONG nxOffset; /* offset already read from nxPacket */ + ULONG nxWait; /* wait option flag */ + } NetX_Ctx; + +#endif + + /* CyaSSL ssl type */ struct CYASSL { CYASSL_CTX* ctx; int error; ProtocolVersion version; /* negotiated version */ ProtocolVersion chVersion; /* client hello version */ - Suites suites; + Suites* suites; /* only need during handshake */ Ciphers encrypt; Ciphers decrypt; CipherSpecs specs; Keys keys; int rfd; /* read file descriptor */ int wfd; /* write file descriptor */ + int rflags; /* user read flags */ + int wflags; /* user write flags */ CYASSL_BIO* biord; /* socket bio read to free/close */ CYASSL_BIO* biowr; /* socket bio write to free/close */ void* IOCB_ReadCtx; void* IOCB_WriteCtx; - RNG rng; - Md5 hashMd5; /* md5 hash of handshake msgs */ + RNG* rng; +#ifndef NO_OLD_TLS +#ifndef NO_SHA Sha hashSha; /* sha hash of handshake msgs */ +#endif +#ifndef NO_MD5 + Md5 hashMd5; /* md5 hash of handshake msgs */ +#endif +#endif #ifndef NO_SHA256 Sha256 hashSha256; /* sha256 hash of handshake msgs */ #endif @@ -1208,22 +1876,26 @@ struct CYASSL { Hashes certHashes; /* for cert verify */ Buffers buffers; Options options; - Arrays arrays; + Arrays* arrays; CYASSL_SESSION session; VerifyCallback verifyCallback; /* cert verification callback */ - RsaKey peerRsaKey; + void* verifyCbCtx; /* cert verify callback user ctx*/ +#ifndef NO_RSA + RsaKey* peerRsaKey; byte peerRsaKeyPresent; +#endif #ifdef HAVE_NTRU word16 peerNtruKeyLen; byte peerNtruKey[MAX_NTRU_PUB_KEY_SZ]; byte peerNtruKeyPresent; #endif #ifdef HAVE_ECC - ecc_key peerEccKey; /* peer's ECDHE key */ - ecc_key peerEccDsaKey; /* peer's ECDSA key */ - ecc_key eccTempKey; /* private ECDHE key */ - ecc_key eccDsaKey; /* private ECDSA key */ + ecc_key* peerEccKey; /* peer's ECDHE key */ + ecc_key* peerEccDsaKey; /* peer's ECDSA key */ + ecc_key* eccTempKey; /* private ECDHE key */ + ecc_key* eccDsaKey; /* private ECDSA key */ word16 eccTempKeySz; /* in octets 20 - 66 */ + word32 pkCurveOID; /* curve Ecc_Sum */ byte peerEccKeyPresent; byte peerEccDsaKeyPresent; byte eccTempKeyPresent; @@ -1240,18 +1912,62 @@ struct CYASSL { z_stream d_stream; /* decompression stream */ byte didStreamInit; /* for stream init and end */ #endif +#ifdef CYASSL_DTLS + int dtls_timeout_init; /* starting timeout vaule */ + int dtls_timeout_max; /* maximum timeout value */ + int dtls_timeout; /* current timeout value, changes */ + DtlsPool* dtls_pool; + DtlsMsg* dtls_msg_list; + void* IOCB_CookieCtx; /* gen cookie ctx */ + word32 dtls_expected_rx; +#endif #ifdef CYASSL_CALLBACKS HandShakeInfo handShakeInfo; /* info saved during handshake */ TimeoutInfo timeoutInfo; /* info saved during handshake */ byte hsInfoOn; /* track handshake info */ byte toInfoOn; /* track timeout info */ #endif -#ifdef OPENSSL_EXTRA +#ifdef KEEP_PEER_CERT CYASSL_X509 peerCert; /* X509 peer cert */ #endif #ifdef FORTRESS void* ex_data[MAX_EX_DATA]; /* external data, for Fortress */ #endif +#ifdef HAVE_CAVIUM + int devId; /* cavium device id to use */ +#endif +#ifdef HAVE_TLS_EXTENSIONS + TLSX* extensions; /* RFC 6066 TLS Extensions data */ +#ifdef HAVE_MAX_FRAGMENT + word16 max_fragment; +#endif +#ifdef HAVE_TRUNCATED_HMAC + byte truncated_hmac; +#endif +#endif +#ifdef HAVE_NETX + NetX_Ctx nxCtx; /* NetX IO Context */ +#endif +#ifdef SESSION_INDEX + int sessionIndex; /* Session's location in the cache. */ +#endif + CYASSL_ALERT_HISTORY alert_history; +#ifdef ATOMIC_USER + void* MacEncryptCtx; /* Atomic User Mac/Encrypt Callback Context */ + void* DecryptVerifyCtx; /* Atomic User Decrypt/Verify Callback Context */ +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + void* EccSignCtx; /* Ecc Sign Callback Context */ + void* EccVerifyCtx; /* Ecc Verify Callback Context */ + #endif /* HAVE_ECC */ + #ifndef NO_RSA + void* RsaSignCtx; /* Rsa Sign Callback Context */ + void* RsaVerifyCtx; /* Rsa Verify Callback Context */ + void* RsaEncCtx; /* Rsa Public Encrypt Callback Context */ + void* RsaDecCtx; /* Rsa Private Decrypt Callback Context */ + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ }; @@ -1264,7 +1980,7 @@ CYASSL_API void SSL_ResourceFree(CYASSL*); /* Micrium uses */ enum { IV_SZ = 32, /* max iv sz */ - NAME_SZ = 80, /* max one line */ + NAME_SZ = 80 /* max one line */ }; @@ -1277,13 +1993,16 @@ typedef struct EncryptedInfo { CYASSL_CTX* ctx; /* CTX owner */ } EncryptedInfo; -CYASSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type, - buffer* der, void* heap, EncryptedInfo* info, - int* eccKey); -CYASSL_LOCAL int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, - int type, CYASSL* ssl, int userChain, - CYASSL_CRL* crl); +#ifndef NO_CERTS + CYASSL_LOCAL int PemToDer(const unsigned char* buff, long sz, int type, + buffer* der, void* heap, EncryptedInfo* info, + int* eccKey); + + CYASSL_LOCAL int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, + int type, CYASSL* ssl, int userChain, + CYASSL_CRL* crl); +#endif #ifdef CYASSL_CALLBACKS @@ -1351,43 +2070,6 @@ enum HandShakeType { }; -/* Valid Alert types from page 16/17 */ -enum AlertDescription { - close_notify = 0, - unexpected_message = 10, - bad_record_mac = 20, - decompression_failure = 30, - handshake_failure = 40, - no_certificate = 41, - bad_certificate = 42, - unsupported_certificate = 43, - certificate_revoked = 44, - certificate_expired = 45, - certificate_unknown = 46, - illegal_parameter = 47, - decrypt_error = 51, - protocol_version = 70, - no_renegotiation = 100 -}; - - -/* I/O Callback default errors */ -enum IOerrors { - IO_ERR_GENERAL = -1, /* general unexpected err, not in below group */ - IO_ERR_WANT_READ = -2, /* need to call read again */ - IO_ERR_WANT_WRITE = -2, /* need to call write again */ - IO_ERR_CONN_RST = -3, /* connection reset */ - IO_ERR_ISR = -4, /* interrupt */ - IO_ERR_CONN_CLOSE = -5 /* connection closed or epipe */ -}; - - -enum AlertLevel { - alert_warning = 1, - alert_fatal = 2 -}; - - static const byte client[SIZEOF_SENDER] = { 0x43, 0x4C, 0x4E, 0x54 }; static const byte server[SIZEOF_SENDER] = { 0x53, 0x52, 0x56, 0x52 }; @@ -1402,7 +2084,7 @@ CYASSL_LOCAL int SendCertificate(CYASSL*); CYASSL_LOCAL int SendCertificateRequest(CYASSL*); CYASSL_LOCAL int SendServerKeyExchange(CYASSL*); CYASSL_LOCAL int SendBuffered(CYASSL*); -CYASSL_LOCAL int ReceiveData(CYASSL*, byte*, int); +CYASSL_LOCAL int ReceiveData(CYASSL*, byte*, int, int); CYASSL_LOCAL int SendFinished(CYASSL*); CYASSL_LOCAL int SendAlert(CYASSL*, int, int); CYASSL_LOCAL int ProcessReply(CYASSL*); @@ -1417,15 +2099,26 @@ CYASSL_LOCAL int StoreKeys(CYASSL* ssl, const byte* keyData); CYASSL_LOCAL int IsTLS(const CYASSL* ssl); CYASSL_LOCAL int IsAtLeastTLSv1_2(const CYASSL* ssl); +CYASSL_LOCAL void FreeHandshakeResources(CYASSL* ssl); CYASSL_LOCAL void ShrinkInputBuffer(CYASSL* ssl, int forcedFree); CYASSL_LOCAL void ShrinkOutputBuffer(CYASSL* ssl); -CYASSL_LOCAL int SendHelloVerifyRequest(CYASSL* ssl); -CYASSL_LOCAL Signer* GetCA(void* cm, byte* hash); -CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, + +CYASSL_LOCAL int VerifyClientSuite(CYASSL* ssl); +#ifndef NO_CERTS + CYASSL_LOCAL Signer* GetCA(void* cm, byte* hash); + #ifndef NO_SKID + CYASSL_LOCAL Signer* GetCAByName(void* cm, byte* hash); + #endif +#endif +CYASSL_LOCAL int BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender); +CYASSL_LOCAL void FreeArrays(CYASSL* ssl, int keep); +CYASSL_LOCAL int CheckAvailableSize(CYASSL *ssl, int size); +CYASSL_LOCAL int GrowInputBuffer(CYASSL* ssl, int size, int usedLength); + #ifndef NO_TLS CYASSL_LOCAL int MakeTlsMasterSecret(CYASSL*); - CYASSL_LOCAL void TLS_hmac(CYASSL* ssl, byte* digest, const byte* buffer, + CYASSL_LOCAL int TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, int content, int verify); #endif @@ -1443,6 +2136,23 @@ CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, #endif #endif /* NO_CYASSL_SERVER */ +#ifdef CYASSL_DTLS + CYASSL_LOCAL int DtlsPoolInit(CYASSL*); + CYASSL_LOCAL int DtlsPoolSave(CYASSL*, const byte*, int); + CYASSL_LOCAL int DtlsPoolTimeout(CYASSL*); + CYASSL_LOCAL int DtlsPoolSend(CYASSL*); + CYASSL_LOCAL void DtlsPoolReset(CYASSL*); + + CYASSL_LOCAL DtlsMsg* DtlsMsgNew(word32, void*); + CYASSL_LOCAL void DtlsMsgDelete(DtlsMsg*, void*); + CYASSL_LOCAL void DtlsMsgListDelete(DtlsMsg*, void*); + CYASSL_LOCAL void DtlsMsgSet(DtlsMsg*, word32, const byte*, byte, + word32, word32); + CYASSL_LOCAL DtlsMsg* DtlsMsgFind(DtlsMsg*, word32); + CYASSL_LOCAL DtlsMsg* DtlsMsgStore(DtlsMsg*, word32, const byte*, word32, + byte, word32, word32, void*); + CYASSL_LOCAL DtlsMsg* DtlsMsgInsert(DtlsMsg*, DtlsMsg*); +#endif /* CYASSL_DTLS */ #ifndef NO_TLS @@ -1450,12 +2160,15 @@ CYASSL_LOCAL void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, #endif /* NO_TLS */ - -typedef double timer_d; - -CYASSL_LOCAL timer_d Timer(void); CYASSL_LOCAL word32 LowResTimer(void); +CYASSL_LOCAL void InitX509Name(CYASSL_X509_NAME*, int); +CYASSL_LOCAL void FreeX509Name(CYASSL_X509_NAME* name); +CYASSL_LOCAL void InitX509(CYASSL_X509*, int); +CYASSL_LOCAL void FreeX509(CYASSL_X509*); +#ifndef NO_CERTS + CYASSL_LOCAL int CopyDecodedToX509(CYASSL_X509*, DecodedCert*); +#endif #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ocsp.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ocsp.h index 2cfd46e25..3fc4f9f01 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ocsp.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ocsp.h @@ -1,6 +1,6 @@ -/* ssl.h +/* ocsp.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -25,6 +25,7 @@ #ifndef CYASSL_OCSP_H #define CYASSL_OCSP_H +#ifdef HAVE_OCSP #include #include @@ -35,18 +36,17 @@ typedef struct CYASSL_OCSP CYASSL_OCSP; -CYASSL_LOCAL int CyaSSL_OCSP_Init(CYASSL_OCSP*); -CYASSL_LOCAL void CyaSSL_OCSP_Cleanup(CYASSL_OCSP*); - -CYASSL_LOCAL int CyaSSL_OCSP_set_override_url(CYASSL_OCSP*, const char*); -CYASSL_LOCAL int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP*, DecodedCert*); +CYASSL_LOCAL int InitOCSP(CYASSL_OCSP*, CYASSL_CERT_MANAGER*); +CYASSL_LOCAL void FreeOCSP(CYASSL_OCSP*, int dynamic); +CYASSL_LOCAL int CheckCertOCSP(CYASSL_OCSP*, DecodedCert*); #ifdef __cplusplus } /* extern "C" */ #endif +#endif /* HAVE_OCSP */ #endif /* CYASSL_OCSP_H */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/des.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/des.h index aacc276b0..848bc28b0 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/des.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/des.h @@ -1,6 +1,6 @@ /* des.h * - * Copyright (C) 2012 Sawtooth Consulting Ltd. + * Copyright (C) 2013 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/evp.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/evp.h index 3bfe4280b..ee2873c59 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/evp.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/evp.h @@ -1,6 +1,6 @@ /* evp.h * - * Copyright (C) 2012 Sawtooth Consulting Ltd. + * Copyright (C) 2013 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -95,8 +95,10 @@ typedef struct CYASSL_EVP_MD_CTX { typedef union { Aes aes; +#ifndef NO_DES3 Des des; Des3 des3; +#endif Arc4 arc4; } CYASSL_Cipher; @@ -123,7 +125,7 @@ typedef struct CYASSL_EVP_CIPHER_CTX { int keyLen; /* user may set for variable */ unsigned char enc; /* if encrypt side, then true */ unsigned char cipherType; - unsigned char iv[64]; /* working iv pointer into cipher */ + unsigned char iv[AES_BLOCK_SIZE]; /* working iv pointer into cipher */ CYASSL_Cipher cipher; } CYASSL_EVP_CIPHER_CTX; diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/hmac.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/hmac.h index 03e9bcef7..4482d1099 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/hmac.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/hmac.h @@ -1,6 +1,6 @@ /* hmac.h * - * Copyright (C) 2012 Sawtooth Consulting Ltd. + * Copyright (C) 2013 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/sha.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/sha.h index 0b37a9bbf..9545795e2 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/sha.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/sha.h @@ -54,7 +54,7 @@ CYASSL_API void CyaSSL_SHA256_Update(CYASSL_SHA256_CTX*, const void*, CYASSL_API void CyaSSL_SHA256_Final(unsigned char*, CYASSL_SHA256_CTX*); enum { - SHA256_DIGEST_LENGTH = 20 + SHA256_DIGEST_LENGTH = 32 }; diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/ssl.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/ssl.h index f268b6a37..acb6b0104 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/ssl.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/openssl/ssl.h @@ -1,6 +1,6 @@ /* ssl.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * a with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -92,6 +92,8 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX; #ifdef CYASSL_DTLS #define DTLSv1_client_method CyaDTLSv1_client_method #define DTLSv1_server_method CyaDTLSv1_server_method + #define DTLSv1_2_client_method CyaDTLSv1_2_client_method + #define DTLSv1_2_server_method CyaDTLSv1_2_server_method #endif @@ -116,6 +118,7 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX; #define SSL_write CyaSSL_write #define SSL_read CyaSSL_read +#define SSL_peek CyaSSL_peek #define SSL_accept CyaSSL_accept #define SSL_CTX_free CyaSSL_CTX_free #define SSL_free CyaSSL_free @@ -139,6 +142,7 @@ typedef CYASSL_X509_STORE_CTX X509_STORE_CTX; #define ERR_error_string CyaSSL_ERR_error_string #define ERR_error_string_n CyaSSL_ERR_error_string_n +#define ERR_reason_error_string CyaSSL_ERR_reason_error_string #define SSL_set_ex_data CyaSSL_set_ex_data #define SSL_get_shutdown CyaSSL_get_shutdown diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h new file mode 100644 index 000000000..0030ecdf8 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h @@ -0,0 +1,34 @@ +/* options.h.in + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* default blank options for autoconf */ + +#pragma once + +#ifdef __cplusplus +extern "C" { +#endif + + +#ifdef __cplusplus +} +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h.in b/FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h.in new file mode 100644 index 000000000..0030ecdf8 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/options.h.in @@ -0,0 +1,34 @@ +/* options.h.in + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +/* default blank options for autoconf */ + +#pragma once + +#ifdef __cplusplus +extern "C" { +#endif + + +#ifdef __cplusplus +} +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer.h index 0d14fbc6f..a1d0e9661 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer.h @@ -1,6 +1,6 @@ /* sniffer.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.h index 4882c7dd8..c588a568e 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.h @@ -1,6 +1,6 @@ /* sniffer_error.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -99,6 +99,9 @@ #define BAD_DECRYPT_TYPE 65 #define BAD_FINISHED_MSG 66 #define BAD_COMPRESSION_STR 67 +#define BAD_DERIVE_STR 68 +#define ACK_MISSED_STR 69 +#define BAD_DECRYPT 70 /* !!!! also add to msgTable in sniffer.c and .rc file !!!! */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.rc b/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.rc index f4af8ee5b..516f7aa11 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.rc +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/sniffer_error.rc @@ -81,5 +81,8 @@ STRINGTABLE 66, "Bad Finished Message Processing" 67, "Bad Compression Type" + 68, "Bad DeriveKeys Error" + 69, "Saw ACK for Missing Packet Error" + 70, "Bad Decrypt Operation" } diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ssl.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ssl.h index b86181380..3289445a9 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/ssl.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/ssl.h @@ -1,6 +1,6 @@ /* ssl.h * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -32,7 +32,11 @@ #ifndef NO_FILESYSTEM - #include /* ERR_printf */ + #ifdef FREESCALE_MQX + #include + #else + #include /* ERR_printf */ + #endif #endif #ifdef YASSL_PREFIX @@ -55,7 +59,6 @@ extern "C" { #endif - typedef struct CYASSL CYASSL; typedef struct CYASSL_SESSION CYASSL_SESSION; typedef struct CYASSL_METHOD CYASSL_METHOD; @@ -66,6 +69,7 @@ typedef struct CYASSL_X509_NAME CYASSL_X509_NAME; typedef struct CYASSL_X509_CHAIN CYASSL_X509_CHAIN; typedef struct CYASSL_CERT_MANAGER CYASSL_CERT_MANAGER; +typedef struct CYASSL_SOCKADDR CYASSL_SOCKADDR; /* redeclare guard */ #define CYASSL_TYPES_DEFINED @@ -91,6 +95,13 @@ typedef struct CYASSL_dynlock_value CYASSL_dynlock_value; typedef struct CYASSL_EVP_PKEY { int type; /* openssh dereference */ int save_type; /* openssh dereference */ + int pkey_sz; + union { + char* ptr; + } pkey; + #ifdef HAVE_ECC + int pkey_curve; + #endif } CYASSL_EVP_PKEY; typedef struct CYASSL_MD4_CTX { @@ -104,9 +115,19 @@ typedef struct CYASSL_COMP_METHOD { typedef struct CYASSL_X509_STORE { - int cache; /* stunnel dereference */ + int cache; /* stunnel dereference */ + CYASSL_CERT_MANAGER* cm; } CYASSL_X509_STORE; +typedef struct CYASSL_ALERT { + int code; + int level; +} CYASSL_ALERT; + +typedef struct CYASSL_ALERT_HISTORY { + CYASSL_ALERT last_rx; + CYASSL_ALERT last_tx; +} CYASSL_ALERT_HISTORY; typedef struct CYASSL_X509_REVOKED { CYASSL_ASN1_INTEGER* serialNumber; /* stunnel dereference */ @@ -121,17 +142,45 @@ typedef struct CYASSL_X509_OBJECT { } CYASSL_X509_OBJECT; -/* in internal.h too, change there !! */ typedef struct CYASSL_X509_STORE_CTX { - int error; - int error_depth; + CYASSL_X509_STORE* store; /* Store full of a CA cert chain */ CYASSL_X509* current_cert; /* stunnel dereference */ char* domain; /* subject CN domain name */ void* ex_data; /* external data, for fortress build */ - /* in internal.h too, change there !! */ + void* userCtx; /* user ctx */ + int error; /* current error */ + int error_depth; /* cert depth for this error */ + int discardSessionCerts; /* so verify callback can flag for discard */ } CYASSL_X509_STORE_CTX; +/* Valid Alert types from page 16/17 */ +enum AlertDescription { + close_notify = 0, + unexpected_message = 10, + bad_record_mac = 20, + decompression_failure = 30, + handshake_failure = 40, + no_certificate = 41, + bad_certificate = 42, + unsupported_certificate = 43, + certificate_revoked = 44, + certificate_expired = 45, + certificate_unknown = 46, + illegal_parameter = 47, + decrypt_error = 51, + protocol_version = 70, + no_renegotiation = 100, + unrecognized_name = 112 +}; + + +enum AlertLevel { + alert_warning = 1, + alert_fatal = 2 +}; + + CYASSL_API CYASSL_METHOD *CyaSSLv3_server_method(void); CYASSL_API CYASSL_METHOD *CyaSSLv3_client_method(void); CYASSL_API CYASSL_METHOD *CyaTLSv1_server_method(void); @@ -144,9 +193,11 @@ CYASSL_API CYASSL_METHOD *CyaTLSv1_2_client_method(void); #ifdef CYASSL_DTLS CYASSL_API CYASSL_METHOD *CyaDTLSv1_client_method(void); CYASSL_API CYASSL_METHOD *CyaDTLSv1_server_method(void); + CYASSL_API CYASSL_METHOD *CyaDTLSv1_2_client_method(void); + CYASSL_API CYASSL_METHOD *CyaDTLSv1_2_server_method(void); #endif -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) CYASSL_API int CyaSSL_CTX_use_certificate_file(CYASSL_CTX*, const char*, int); CYASSL_API int CyaSSL_CTX_use_PrivateKey_file(CYASSL_CTX*, const char*, int); @@ -173,30 +224,47 @@ CYASSL_API int CyaSSL_use_RSAPrivateKey_file(CYASSL*, const char*, int); CYASSL_API int CyaSSL_PemCertToDer(const char*, unsigned char*, int); -#endif /* NO_FILESYSTEM */ +#endif /* !NO_FILESYSTEM && !NO_CERTS */ CYASSL_API CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD*); CYASSL_API CYASSL* CyaSSL_new(CYASSL_CTX*); CYASSL_API int CyaSSL_set_fd (CYASSL*, int); CYASSL_API int CyaSSL_get_fd(const CYASSL*); +CYASSL_API void CyaSSL_set_using_nonblock(CYASSL*, int); +CYASSL_API int CyaSSL_get_using_nonblock(CYASSL*); CYASSL_API int CyaSSL_connect(CYASSL*); /* please see note at top of README if you get an error from connect */ CYASSL_API int CyaSSL_write(CYASSL*, const void*, int); CYASSL_API int CyaSSL_read(CYASSL*, void*, int); +CYASSL_API int CyaSSL_peek(CYASSL*, void*, int); CYASSL_API int CyaSSL_accept(CYASSL*); CYASSL_API void CyaSSL_CTX_free(CYASSL_CTX*); CYASSL_API void CyaSSL_free(CYASSL*); CYASSL_API int CyaSSL_shutdown(CYASSL*); +CYASSL_API int CyaSSL_send(CYASSL*, const void*, int sz, int flags); +CYASSL_API int CyaSSL_recv(CYASSL*, void*, int sz, int flags); CYASSL_API void CyaSSL_CTX_set_quiet_shutdown(CYASSL_CTX*, int); CYASSL_API void CyaSSL_set_quiet_shutdown(CYASSL*, int); CYASSL_API int CyaSSL_get_error(CYASSL*, int); +CYASSL_API int CyaSSL_get_alert_history(CYASSL*, CYASSL_ALERT_HISTORY *); -CYASSL_API int CyaSSL_set_session(CYASSL* ssl,CYASSL_SESSION* session); +CYASSL_API int CyaSSL_set_session(CYASSL* ssl,CYASSL_SESSION* session); CYASSL_API CYASSL_SESSION* CyaSSL_get_session(CYASSL* ssl); -CYASSL_API void CyaSSL_flush_sessions(CYASSL_CTX *ctx, long tm); +CYASSL_API void CyaSSL_flush_sessions(CYASSL_CTX *ctx, long tm); +CYASSL_API int CyaSSL_SetServerID(CYASSL* ssl, const unsigned char*, + int, int); + +#ifdef SESSION_INDEX +CYASSL_API int CyaSSL_GetSessionIndex(CYASSL* ssl); +CYASSL_API int CyaSSL_GetSessionAtIndex(int index, CYASSL_SESSION* session); +#endif /* SESSION_INDEX */ +#if defined(SESSION_INDEX) && defined(SESSION_CERTS) +CYASSL_API + CYASSL_X509_CHAIN* CyaSSL_SESSION_get_peer_chain(CYASSL_SESSION* session); +#endif /* SESSION_INDEX && SESSION_CERTS */ typedef int (*VerifyCallback)(int, CYASSL_X509_STORE_CTX*); typedef int (*pem_password_cb)(char*, int, int, void*); @@ -204,6 +272,7 @@ typedef int (*pem_password_cb)(char*, int, int, void*); CYASSL_API void CyaSSL_CTX_set_verify(CYASSL_CTX*, int, VerifyCallback verify_callback); CYASSL_API void CyaSSL_set_verify(CYASSL*, int, VerifyCallback verify_callback); +CYASSL_API void CyaSSL_SetCertCbCtx(CYASSL*, void*); CYASSL_API int CyaSSL_pending(CYASSL*); @@ -211,14 +280,39 @@ CYASSL_API void CyaSSL_load_error_strings(void); CYASSL_API int CyaSSL_library_init(void); CYASSL_API long CyaSSL_CTX_set_session_cache_mode(CYASSL_CTX*, long); +/* session cache persistence */ +CYASSL_API int CyaSSL_save_session_cache(const char*); +CYASSL_API int CyaSSL_restore_session_cache(const char*); +CYASSL_API int CyaSSL_memsave_session_cache(void*, int); +CYASSL_API int CyaSSL_memrestore_session_cache(const void*, int); +CYASSL_API int CyaSSL_get_session_cache_memsize(void); + +/* certificate cache persistence, uses ctx since certs are per ctx */ +CYASSL_API int CyaSSL_CTX_save_cert_cache(CYASSL_CTX*, const char*); +CYASSL_API int CyaSSL_CTX_restore_cert_cache(CYASSL_CTX*, const char*); +CYASSL_API int CyaSSL_CTX_memsave_cert_cache(CYASSL_CTX*, void*, int, int*); +CYASSL_API int CyaSSL_CTX_memrestore_cert_cache(CYASSL_CTX*, const void*, int); +CYASSL_API int CyaSSL_CTX_get_cert_cache_memsize(CYASSL_CTX*); + /* only supports full name from cipher_name[] delimited by : */ CYASSL_API int CyaSSL_CTX_set_cipher_list(CYASSL_CTX*, const char*); CYASSL_API int CyaSSL_set_cipher_list(CYASSL*, const char*); +/* Nonblocking DTLS helper functions */ +CYASSL_API int CyaSSL_dtls_get_current_timeout(CYASSL* ssl); +CYASSL_API int CyaSSL_dtls_set_timeout_init(CYASSL* ssl, int); +CYASSL_API int CyaSSL_dtls_set_timeout_max(CYASSL* ssl, int); +CYASSL_API int CyaSSL_dtls_got_timeout(CYASSL* ssl); +CYASSL_API int CyaSSL_dtls(CYASSL* ssl); + +CYASSL_API int CyaSSL_dtls_set_peer(CYASSL*, void*, unsigned int); +CYASSL_API int CyaSSL_dtls_get_peer(CYASSL*, void*, unsigned int*); + CYASSL_API int CyaSSL_ERR_GET_REASON(int err); CYASSL_API char* CyaSSL_ERR_error_string(unsigned long,char*); CYASSL_API void CyaSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long sz); +CYASSL_API const char* CyaSSL_ERR_reason_error_string(unsigned long); /* extras */ @@ -238,6 +332,7 @@ CYASSL_API void CyaSSL_SESSION_free(CYASSL_SESSION* session); CYASSL_API int CyaSSL_is_init_finished(CYASSL*); CYASSL_API const char* CyaSSL_get_version(CYASSL*); +CYASSL_API int CyaSSL_get_current_cipher_suite(CYASSL* ssl); CYASSL_API CYASSL_CIPHER* CyaSSL_get_current_cipher(CYASSL*); CYASSL_API char* CyaSSL_CIPHER_description(CYASSL_CIPHER*, char*, int); CYASSL_API const char* CyaSSL_CIPHER_get_name(const CYASSL_CIPHER* cipher); @@ -322,7 +417,23 @@ CYASSL_API int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX*); CYASSL_API char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME*, char*, int); CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509*); CYASSL_API CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509*); +CYASSL_API int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509*, int); +CYASSL_API int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509*, int); +CYASSL_API int CyaSSL_X509_get_isCA(CYASSL_X509*); +CYASSL_API int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509*); +CYASSL_API unsigned int CyaSSL_X509_get_pathLength(CYASSL_X509*); +CYASSL_API unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509*); +CYASSL_API unsigned char* CyaSSL_X509_get_authorityKeyID( + CYASSL_X509*, unsigned char*, int*); +CYASSL_API unsigned char* CyaSSL_X509_get_subjectKeyID( + CYASSL_X509*, unsigned char*, int*); +CYASSL_API int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME*); +CYASSL_API int CyaSSL_X509_NAME_get_text_by_NID( + CYASSL_X509_NAME*, int, char*, int); +CYASSL_API int CyaSSL_X509_verify_cert(CYASSL_X509_STORE_CTX*); CYASSL_API const char* CyaSSL_X509_verify_cert_error_string(long); +CYASSL_API int CyaSSL_X509_get_signature_type(CYASSL_X509*); +CYASSL_API int CyaSSL_X509_get_signature(CYASSL_X509*, unsigned char*, int*); CYASSL_API int CyaSSL_X509_LOOKUP_add_dir(CYASSL_X509_LOOKUP*,const char*,long); CYASSL_API int CyaSSL_X509_LOOKUP_load_file(CYASSL_X509_LOOKUP*, const char*, @@ -333,10 +444,16 @@ CYASSL_API CYASSL_X509_LOOKUP_METHOD* CyaSSL_X509_LOOKUP_file(void); CYASSL_API CYASSL_X509_LOOKUP* CyaSSL_X509_STORE_add_lookup(CYASSL_X509_STORE*, CYASSL_X509_LOOKUP_METHOD*); CYASSL_API CYASSL_X509_STORE* CyaSSL_X509_STORE_new(void); +CYASSL_API void CyaSSL_X509_STORE_free(CYASSL_X509_STORE*); +CYASSL_API int CyaSSL_X509_STORE_add_cert( + CYASSL_X509_STORE*, CYASSL_X509*); +CYASSL_API int CyaSSL_X509_STORE_set_default_paths(CYASSL_X509_STORE*); CYASSL_API int CyaSSL_X509_STORE_get_by_subject(CYASSL_X509_STORE_CTX*, int, CYASSL_X509_NAME*, CYASSL_X509_OBJECT*); +CYASSL_API CYASSL_X509_STORE_CTX* CyaSSL_X509_STORE_CTX_new(void); CYASSL_API int CyaSSL_X509_STORE_CTX_init(CYASSL_X509_STORE_CTX*, CYASSL_X509_STORE*, CYASSL_X509*, STACK_OF(CYASSL_X509)*); +CYASSL_API void CyaSSL_X509_STORE_CTX_free(CYASSL_X509_STORE_CTX*); CYASSL_API void CyaSSL_X509_STORE_CTX_cleanup(CYASSL_X509_STORE_CTX*); CYASSL_API CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_lastUpdate(CYASSL_X509_CRL*); @@ -405,7 +522,6 @@ CYASSL_API long CyaSSL_CTX_sess_timeouts(CYASSL_CTX*); CYASSL_API long CyaSSL_CTX_sess_number(CYASSL_CTX*); CYASSL_API long CyaSSL_CTX_sess_get_cache_size(CYASSL_CTX*); - #define CYASSL_DEFAULT_CIPHER_LIST "" /* default all */ #define CYASSL_RSA_F4 0x10001L @@ -428,6 +544,9 @@ enum { OCSP_RESPONSE = 8, OCSP_BASICRESP = 16, + CYASSL_OCSP_URL_OVERRIDE = 1, + CYASSL_OCSP_NO_NONCE = 2, + CYASSL_CRL_CHECKALL = 1, ASN1_GENERALIZEDTIME = 4, @@ -501,7 +620,7 @@ enum { /* extras end */ -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) /* CyaSSL extension, provide last error from SSL_get_error since not using thread storage error queue */ CYASSL_API void CyaSSL_ERR_print_errors_fp(FILE*, int err); @@ -601,8 +720,9 @@ CYASSL_API int CyaSSL_RAND_status(void); CYASSL_API int CyaSSL_RAND_bytes(unsigned char* buf, int num); CYASSL_API CYASSL_METHOD *CyaSSLv23_server_method(void); CYASSL_API long CyaSSL_CTX_set_options(CYASSL_CTX*, long); -CYASSL_API int CyaSSL_CTX_check_private_key(CYASSL_CTX*); - +#ifndef NO_CERTS + CYASSL_API int CyaSSL_CTX_check_private_key(CYASSL_CTX*); +#endif /* !NO_CERTS */ CYASSL_API void CyaSSL_ERR_free_strings(void); CYASSL_API void CyaSSL_ERR_remove_state(unsigned long); @@ -640,8 +760,8 @@ CYASSL_API void CyaSSL_CTX_sess_set_remove_cb(CYASSL_CTX*, void (*f)(CYASSL_CTX*, CYASSL_SESSION*)); CYASSL_API int CyaSSL_i2d_SSL_SESSION(CYASSL_SESSION*,unsigned char**); -CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**,const unsigned char**, - long); +CYASSL_API CYASSL_SESSION* CyaSSL_d2i_SSL_SESSION(CYASSL_SESSION**, + const unsigned char**, long); CYASSL_API long CyaSSL_SESSION_get_timeout(const CYASSL_SESSION*); CYASSL_API long CyaSSL_SESSION_get_time(const CYASSL_SESSION*); @@ -682,6 +802,10 @@ CYASSL_API int CyaSSL_get_chain_count(CYASSL_X509_CHAIN* chain); CYASSL_API int CyaSSL_get_chain_length(CYASSL_X509_CHAIN*, int idx); /* index cert */ CYASSL_API unsigned char* CyaSSL_get_chain_cert(CYASSL_X509_CHAIN*, int idx); +/* index cert in X509 */ +CYASSL_API CYASSL_X509* CyaSSL_get_chain_X509(CYASSL_X509_CHAIN*, int idx); +/* free X509 */ +CYASSL_API void CyaSSL_FreeX509(CYASSL_X509*); /* get index cert in PEM */ CYASSL_API int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN*, int idx, unsigned char* buffer, int inLen, int* outLen); @@ -689,14 +813,40 @@ CYASSL_API const unsigned char* CyaSSL_get_sessionID(const CYASSL_SESSION* s); CYASSL_API int CyaSSL_X509_get_serial_number(CYASSL_X509*,unsigned char*,int*); CYASSL_API char* CyaSSL_X509_get_subjectCN(CYASSL_X509*); CYASSL_API const unsigned char* CyaSSL_X509_get_der(CYASSL_X509*, int*); +CYASSL_API const unsigned char* CyaSSL_X509_notBefore(CYASSL_X509*); +CYASSL_API const unsigned char* CyaSSL_X509_notAfter(CYASSL_X509*); +CYASSL_API int CyaSSL_X509_version(CYASSL_X509*); +CYASSL_API CYASSL_API int CyaSSL_cmp_peer_cert_to_file(CYASSL*, const char*); CYASSL_API char* CyaSSL_X509_get_next_altname(CYASSL_X509*); +CYASSL_API CYASSL_X509* + CyaSSL_X509_d2i(CYASSL_X509** x509, const unsigned char* in, int len); +#ifndef NO_FILESYSTEM + #ifndef NO_STDIO_FILESYSTEM + CYASSL_API CYASSL_X509* + CyaSSL_X509_d2i_fp(CYASSL_X509** x509, FILE* file); + #endif +CYASSL_API CYASSL_X509* + CyaSSL_X509_load_certificate_file(const char* fname, int format); +#endif + +#ifdef CYASSL_SEP + CYASSL_API unsigned char* + CyaSSL_X509_get_device_type(CYASSL_X509*, unsigned char*, int*); + CYASSL_API unsigned char* + CyaSSL_X509_get_hw_type(CYASSL_X509*, unsigned char*, int*); + CYASSL_API unsigned char* + CyaSSL_X509_get_hw_serial_number(CYASSL_X509*, unsigned char*, int*); +#endif + /* connect enough to get peer cert */ CYASSL_API int CyaSSL_connect_cert(CYASSL* ssl); +/* XXX This should be #ifndef NO_DH */ +#ifndef NO_CERTS /* server Diffie-Hellman parameters */ CYASSL_API int CyaSSL_SetTmpDH(CYASSL*, const unsigned char* p, int pSz, const unsigned char* g, int gSz); @@ -713,23 +863,31 @@ CYASSL_API int CyaSSL_CTX_SetTmpDH(CYASSL_CTX*, const unsigned char* p, CYASSL_API int CyaSSL_CTX_SetTmpDH_buffer(CYASSL_CTX*, const unsigned char* b, long sz, int format); CYASSL_API int CyaSSL_CTX_SetTmpEC_DHE_Sz(CYASSL_CTX*, unsigned short); + #ifndef NO_FILESYSTEM CYASSL_API int CyaSSL_CTX_SetTmpDH_file(CYASSL_CTX*, const char* f, int format); #endif +#endif /* keyblock size in bytes or -1 */ +/* need to call CyaSSL_KeepArrays before handshake to save keys */ CYASSL_API int CyaSSL_get_keyblock_size(CYASSL*); CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen, unsigned char** sr, unsigned int* srLen, unsigned char** cr, unsigned int* crLen); +/* Computes EAP-TLS and EAP-TTLS keying material from the master_secret. */ +CYASSL_API int CyaSSL_make_eap_keys(CYASSL*, void* key, unsigned int len, + const char* label); + + #ifndef _WIN32 #ifndef NO_WRITEV #ifdef __PPU #include #include - #else + #elif !defined(CYASSL_MDK_ARM) && !defined(CYASSL_IAR_ARM) #include #endif /* allow writev style writing */ @@ -739,36 +897,92 @@ CYASSL_API int CyaSSL_get_keys(CYASSL*,unsigned char** ms, unsigned int* msLen, #endif -/* SSL_CTX versions */ -CYASSL_API int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX*, const unsigned char*, - long, int); -CYASSL_API int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX*, +#ifndef NO_CERTS + /* SSL_CTX versions */ + CYASSL_API int CyaSSL_CTX_UnloadCAs(CYASSL_CTX*); + CYASSL_API int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX*, const unsigned char*, long, int); -CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX*, + CYASSL_API int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX*, const unsigned char*, long, int); -CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX*, + CYASSL_API int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX*, + const unsigned char*, long, int); + CYASSL_API int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX*, const unsigned char*, long); -CYASSL_API int CyaSSL_CTX_set_group_messages(CYASSL_CTX*); -/* SSL versions */ -CYASSL_API int CyaSSL_use_certificate_buffer(CYASSL*, const unsigned char*, - long, int); -CYASSL_API int CyaSSL_use_PrivateKey_buffer(CYASSL*, const unsigned char*, long, - int); -CYASSL_API int CyaSSL_use_certificate_chain_buffer(CYASSL*, - const unsigned char*, long); + /* SSL versions */ + CYASSL_API int CyaSSL_use_certificate_buffer(CYASSL*, const unsigned char*, + long, int); + CYASSL_API int CyaSSL_use_PrivateKey_buffer(CYASSL*, const unsigned char*, + long, int); + CYASSL_API int CyaSSL_use_certificate_chain_buffer(CYASSL*, + const unsigned char*, long); + CYASSL_API int CyaSSL_UnloadCertsKeys(CYASSL*); +#endif + +CYASSL_API int CyaSSL_CTX_set_group_messages(CYASSL_CTX*); CYASSL_API int CyaSSL_set_group_messages(CYASSL*); /* I/O callbacks */ -typedef int (*CallbackIORecv)(char *buf, int sz, void *ctx); -typedef int (*CallbackIOSend)(char *buf, int sz, void *ctx); +typedef int (*CallbackIORecv)(CYASSL *ssl, char *buf, int sz, void *ctx); +typedef int (*CallbackIOSend)(CYASSL *ssl, char *buf, int sz, void *ctx); CYASSL_API void CyaSSL_SetIORecv(CYASSL_CTX*, CallbackIORecv); CYASSL_API void CyaSSL_SetIOSend(CYASSL_CTX*, CallbackIOSend); -CYASSL_API void CyaSSL_SetIOReadCtx(CYASSL* ssl, void *ctx); +CYASSL_API void CyaSSL_SetIOReadCtx( CYASSL* ssl, void *ctx); CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetIOReadCtx( CYASSL* ssl); +CYASSL_API void* CyaSSL_GetIOWriteCtx(CYASSL* ssl); + +CYASSL_API void CyaSSL_SetIOReadFlags( CYASSL* ssl, int flags); +CYASSL_API void CyaSSL_SetIOWriteFlags(CYASSL* ssl, int flags); + + +#ifndef CYASSL_USER_IO + /* default IO callbacks */ + CYASSL_API int EmbedReceive(CYASSL* ssl, char* buf, int sz, void* ctx); + CYASSL_API int EmbedSend(CYASSL* ssl, char* buf, int sz, void* ctx); + + #ifdef HAVE_OCSP + CYASSL_API int EmbedOcspLookup(void*, const char*, int, unsigned char*, + int, unsigned char**); + CYASSL_API void EmbedOcspRespFree(void*, unsigned char*); + #endif + + #ifdef CYASSL_DTLS + CYASSL_API int EmbedReceiveFrom(CYASSL* ssl, char* buf, int sz, void*); + CYASSL_API int EmbedSendTo(CYASSL* ssl, char* buf, int sz, void* ctx); + CYASSL_API int EmbedGenerateCookie(CYASSL* ssl, unsigned char* buf, + int sz, void*); + #endif /* CYASSL_DTLS */ +#endif /* CYASSL_USER_IO */ + + +#ifdef HAVE_NETX + CYASSL_API void CyaSSL_SetIO_NetX(CYASSL* ssl, NX_TCP_SOCKET* nxsocket, + ULONG waitoption); +#endif + +typedef int (*CallbackGenCookie)(CYASSL* ssl, unsigned char* buf, int sz, + void* ctx); +CYASSL_API void CyaSSL_CTX_SetGenCookie(CYASSL_CTX*, CallbackGenCookie); +CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl); + + +/* I/O Callback default errors */ +enum IOerrors { + CYASSL_CBIO_ERR_GENERAL = -1, /* general unexpected err */ + CYASSL_CBIO_ERR_WANT_READ = -2, /* need to call read again */ + CYASSL_CBIO_ERR_WANT_WRITE = -2, /* need to call write again */ + CYASSL_CBIO_ERR_CONN_RST = -3, /* connection reset */ + CYASSL_CBIO_ERR_ISR = -4, /* interrupt */ + CYASSL_CBIO_ERR_CONN_CLOSE = -5, /* connection closed or epipe */ + CYASSL_CBIO_ERR_TIMEOUT = -6 /* socket timeout */ +}; + + /* CA cache callbacks */ enum { CYASSL_SSLV3 = 0, @@ -779,42 +993,299 @@ enum { CYASSL_CHAIN_CA = 2 /* added to cache from trusted chain */ }; +CYASSL_API int CyaSSL_GetObjectSize(void); /* object size based on build */ CYASSL_API int CyaSSL_SetVersion(CYASSL* ssl, int version); CYASSL_API int CyaSSL_KeyPemToDer(const unsigned char*, int sz, unsigned char*, int, const char*); +CYASSL_API int CyaSSL_CertPemToDer(const unsigned char*, int sz, unsigned char*, + int, int); typedef void (*CallbackCACache)(unsigned char* der, int sz, int type); typedef void (*CbMissingCRL)(const char* url); +typedef int (*CbOCSPIO)(void*, const char*, int, + unsigned char*, int, unsigned char**); +typedef void (*CbOCSPRespFree)(void*,unsigned char*); + +/* User Atomic Record Layer CallBacks */ +typedef int (*CallbackMacEncrypt)(CYASSL* ssl, unsigned char* macOut, + const unsigned char* macIn, unsigned int macInSz, int macContent, + int macVerify, unsigned char* encOut, const unsigned char* encIn, + unsigned int encSz, void* ctx); +CYASSL_API void CyaSSL_CTX_SetMacEncryptCb(CYASSL_CTX*, CallbackMacEncrypt); +CYASSL_API void CyaSSL_SetMacEncryptCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetMacEncryptCtx(CYASSL* ssl); + +typedef int (*CallbackDecryptVerify)(CYASSL* ssl, + unsigned char* decOut, const unsigned char* decIn, + unsigned int decSz, int content, int verify, unsigned int* padSz, + void* ctx); +CYASSL_API void CyaSSL_CTX_SetDecryptVerifyCb(CYASSL_CTX*, + CallbackDecryptVerify); +CYASSL_API void CyaSSL_SetDecryptVerifyCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetDecryptVerifyCtx(CYASSL* ssl); + +CYASSL_API const unsigned char* CyaSSL_GetMacSecret(CYASSL*, int); +CYASSL_API const unsigned char* CyaSSL_GetClientWriteKey(CYASSL*); +CYASSL_API const unsigned char* CyaSSL_GetClientWriteIV(CYASSL*); +CYASSL_API const unsigned char* CyaSSL_GetServerWriteKey(CYASSL*); +CYASSL_API const unsigned char* CyaSSL_GetServerWriteIV(CYASSL*); +CYASSL_API int CyaSSL_GetKeySize(CYASSL*); +CYASSL_API int CyaSSL_GetIVSize(CYASSL*); +CYASSL_API int CyaSSL_GetSide(CYASSL*); +CYASSL_API int CyaSSL_IsTLSv1_1(CYASSL*); +CYASSL_API int CyaSSL_GetBulkCipher(CYASSL*); +CYASSL_API int CyaSSL_GetCipherBlockSize(CYASSL*); +CYASSL_API int CyaSSL_GetAeadMacSize(CYASSL*); +CYASSL_API int CyaSSL_GetHmacSize(CYASSL*); +CYASSL_API int CyaSSL_GetHmacType(CYASSL*); +CYASSL_API int CyaSSL_GetCipherType(CYASSL*); +CYASSL_API int CyaSSL_SetTlsHmacInner(CYASSL*, unsigned char*, + unsigned int, int, int); + +/* Atomic User Needs */ +enum { + CYASSL_SERVER_END = 0, + CYASSL_CLIENT_END = 1, + CYASSL_BLOCK_TYPE = 2, + CYASSL_STREAM_TYPE = 3, + CYASSL_AEAD_TYPE = 4, + CYASSL_TLS_HMAC_INNER_SZ = 13 /* SEQ_SZ + ENUM + VERSION_SZ + LEN_SZ */ +}; -CYASSL_API void CyaSSL_CTX_SetCACb(CYASSL_CTX*, CallbackCACache); +/* for GetBulkCipher and internal use */ +enum BulkCipherAlgorithm { + cyassl_cipher_null, + cyassl_rc4, + cyassl_rc2, + cyassl_des, + cyassl_triple_des, /* leading 3 (3des) not valid identifier */ + cyassl_des40, + cyassl_idea, + cyassl_aes, + cyassl_aes_gcm, + cyassl_aes_ccm, + cyassl_camellia, + cyassl_hc128, /* CyaSSL extensions */ + cyassl_rabbit +}; + + +/* Public Key Callback support */ +typedef int (*CallbackEccSign)(CYASSL* ssl, + const unsigned char* in, unsigned int inSz, + unsigned char* out, unsigned int* outSz, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +CYASSL_API void CyaSSL_CTX_SetEccSignCb(CYASSL_CTX*, CallbackEccSign); +CYASSL_API void CyaSSL_SetEccSignCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetEccSignCtx(CYASSL* ssl); + +typedef int (*CallbackEccVerify)(CYASSL* ssl, + const unsigned char* sig, unsigned int sigSz, + const unsigned char* hash, unsigned int hashSz, + const unsigned char* keyDer, unsigned int keySz, + int* result, void* ctx); +CYASSL_API void CyaSSL_CTX_SetEccVerifyCb(CYASSL_CTX*, CallbackEccVerify); +CYASSL_API void CyaSSL_SetEccVerifyCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetEccVerifyCtx(CYASSL* ssl); + +typedef int (*CallbackRsaSign)(CYASSL* ssl, + const unsigned char* in, unsigned int inSz, + unsigned char* out, unsigned int* outSz, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +CYASSL_API void CyaSSL_CTX_SetRsaSignCb(CYASSL_CTX*, CallbackRsaSign); +CYASSL_API void CyaSSL_SetRsaSignCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetRsaSignCtx(CYASSL* ssl); + +typedef int (*CallbackRsaVerify)(CYASSL* ssl, + unsigned char* sig, unsigned int sigSz, + unsigned char** out, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +CYASSL_API void CyaSSL_CTX_SetRsaVerifyCb(CYASSL_CTX*, CallbackRsaVerify); +CYASSL_API void CyaSSL_SetRsaVerifyCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetRsaVerifyCtx(CYASSL* ssl); + +/* RSA Public Encrypt cb */ +typedef int (*CallbackRsaEnc)(CYASSL* ssl, + const unsigned char* in, unsigned int inSz, + unsigned char* out, unsigned int* outSz, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +CYASSL_API void CyaSSL_CTX_SetRsaEncCb(CYASSL_CTX*, CallbackRsaEnc); +CYASSL_API void CyaSSL_SetRsaEncCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetRsaEncCtx(CYASSL* ssl); + +/* RSA Private Decrypt cb */ +typedef int (*CallbackRsaDec)(CYASSL* ssl, + unsigned char* in, unsigned int inSz, + unsigned char** out, + const unsigned char* keyDer, unsigned int keySz, + void* ctx); +CYASSL_API void CyaSSL_CTX_SetRsaDecCb(CYASSL_CTX*, CallbackRsaDec); +CYASSL_API void CyaSSL_SetRsaDecCtx(CYASSL* ssl, void *ctx); +CYASSL_API void* CyaSSL_GetRsaDecCtx(CYASSL* ssl); + + +#ifndef NO_CERTS + CYASSL_API void CyaSSL_CTX_SetCACb(CYASSL_CTX*, CallbackCACache); + + CYASSL_API CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void); + CYASSL_API void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER*); + + CYASSL_API int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER*, const char* f, + const char* d); + CYASSL_API int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm); + CYASSL_API int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER*, const char* f, + int format); + CYASSL_API int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, + const unsigned char* buff, long sz, int format); + CYASSL_API int CyaSSL_CertManagerCheckCRL(CYASSL_CERT_MANAGER*, + unsigned char*, int sz); + CYASSL_API int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER*, + int options); + CYASSL_API int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER*); + CYASSL_API int CyaSSL_CertManagerLoadCRL(CYASSL_CERT_MANAGER*, const char*, + int, int); + CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*, + CbMissingCRL); + CYASSL_API int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER*, + unsigned char*, int sz); + CYASSL_API int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER*, + int options); + CYASSL_API int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER*); + CYASSL_API int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER*, + const char*); + CYASSL_API int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER*, + CbOCSPIO, CbOCSPRespFree, void*); + + CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options); + CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl); + CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int); + CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL); + CYASSL_API int CyaSSL_EnableOCSP(CYASSL*, int options); + CYASSL_API int CyaSSL_DisableOCSP(CYASSL*); + CYASSL_API int CyaSSL_SetOCSP_OverrideURL(CYASSL*, const char*); + CYASSL_API int CyaSSL_SetOCSP_Cb(CYASSL*, CbOCSPIO, CbOCSPRespFree, void*); + + CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options); + CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx); + CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int); + CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL); + CYASSL_API int CyaSSL_CTX_EnableOCSP(CYASSL_CTX*, int options); + CYASSL_API int CyaSSL_CTX_DisableOCSP(CYASSL_CTX*); + CYASSL_API int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX*, const char*); + CYASSL_API int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX*, + CbOCSPIO, CbOCSPRespFree, void*); +#endif /* !NO_CERTS */ + +/* end of handshake frees temporary arrays, if user needs for get_keys or + psk hints, call KeepArrays before handshake and then FreeArrays when done + if don't want to wait for object free */ +CYASSL_API void CyaSSL_KeepArrays(CYASSL*); +CYASSL_API void CyaSSL_FreeArrays(CYASSL*); + + +/* cavium additions */ +CYASSL_API int CyaSSL_UseCavium(CYASSL*, int devId); +CYASSL_API int CyaSSL_CTX_UseCavium(CYASSL_CTX*, int devId); + +/* TLS Extensions */ + +/* Server Name Indication */ +#ifdef HAVE_SNI +/* SNI types */ +enum { + CYASSL_SNI_HOST_NAME = 0 +}; +CYASSL_API int CyaSSL_UseSNI(CYASSL* ssl, unsigned char type, const void* data, + unsigned short size); +CYASSL_API int CyaSSL_CTX_UseSNI(CYASSL_CTX* ctx, unsigned char type, + const void* data, unsigned short size); -CYASSL_API CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void); -CYASSL_API void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER*); +#ifndef NO_CYASSL_SERVER +/* SNI options */ +enum { + CYASSL_SNI_CONTINUE_ON_MISMATCH = 0x01, /* do not abort on mismatch flag */ + CYASSL_SNI_ANSWER_ON_MISMATCH = 0x02 /* fake match on mismatch flag */ +}; + +CYASSL_API void CyaSSL_SNI_SetOptions(CYASSL* ssl, unsigned char type, + unsigned char options); +CYASSL_API void CyaSSL_CTX_SNI_SetOptions(CYASSL_CTX* ctx, unsigned char type, + unsigned char options); -CYASSL_API int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER*, const char* f, - const char* d); -CYASSL_API int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER*, const char* f, - int format); -CYASSL_API int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, - const unsigned char* buff, int sz, int format); -CYASSL_API int CyaSSL_CertManagerCheckCRL(CYASSL_CERT_MANAGER*, unsigned char*, - int sz); -CYASSL_API int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER*, int options); -CYASSL_API int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER*); -CYASSL_API int CyaSSL_CertManagerLoadCRL(CYASSL_CERT_MANAGER*, const char*, int, - int); -CYASSL_API int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER*, CbMissingCRL); +/* SNI status */ +enum { + CYASSL_SNI_NO_MATCH = 0, + CYASSL_SNI_FAKE_MATCH = 1, /* if CYASSL_SNI_ANSWER_ON_MISMATCH is enabled */ + CYASSL_SNI_REAL_MATCH = 2 +}; -CYASSL_API int CyaSSL_EnableCRL(CYASSL* ssl, int options); -CYASSL_API int CyaSSL_DisableCRL(CYASSL* ssl); -CYASSL_API int CyaSSL_LoadCRL(CYASSL*, const char*, int, int); -CYASSL_API int CyaSSL_SetCRL_Cb(CYASSL*, CbMissingCRL); +CYASSL_API unsigned char CyaSSL_SNI_Status(CYASSL* ssl, unsigned char type); + +CYASSL_API unsigned short CyaSSL_SNI_GetRequest(CYASSL *ssl, unsigned char type, + void** data); + +CYASSL_API int CyaSSL_SNI_GetFromBuffer( + const unsigned char* clientHello, unsigned int helloSz, + unsigned char type, unsigned char* sni, unsigned int* inOutSz); + +#endif /* NO_CYASSL_SERVER */ +#endif /* HAVE_SNI */ + +/* Maximum Fragment Length */ +#ifdef HAVE_MAX_FRAGMENT +/* Fragment lengths */ +enum { + CYASSL_MFL_2_9 = 1, /* 512 bytes */ + CYASSL_MFL_2_10 = 2, /* 1024 bytes */ + CYASSL_MFL_2_11 = 3, /* 2048 bytes */ + CYASSL_MFL_2_12 = 4, /* 4096 bytes */ + CYASSL_MFL_2_13 = 5 /* 8192 bytes *//* CyaSSL ONLY!!! */ +}; + +#ifndef NO_CYASSL_CLIENT + +CYASSL_API int CyaSSL_UseMaxFragment(CYASSL* ssl, unsigned char mfl); +CYASSL_API int CyaSSL_CTX_UseMaxFragment(CYASSL_CTX* ctx, unsigned char mfl); + +#endif /* NO_CYASSL_CLIENT */ +#endif /* HAVE_MAX_FRAGMENT */ + +/* Truncated HMAC */ +#ifdef HAVE_TRUNCATED_HMAC +#ifndef NO_CYASSL_CLIENT + +CYASSL_API int CyaSSL_UseTruncatedHMAC(CYASSL* ssl); +CYASSL_API int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx); + +#endif /* NO_CYASSL_CLIENT */ +#endif /* HAVE_TRUNCATED_HMAC */ + +/* Elliptic Curves */ +#ifdef HAVE_SUPPORTED_CURVES + +enum { + CYASSL_ECC_SECP160R1 = 0x10, + CYASSL_ECC_SECP192R1 = 0x13, + CYASSL_ECC_SECP224R1 = 0x15, + CYASSL_ECC_SECP256R1 = 0x17, + CYASSL_ECC_SECP384R1 = 0x18, + CYASSL_ECC_SECP521R1 = 0x19 +}; + +#ifndef NO_CYASSL_CLIENT + +CYASSL_API int CyaSSL_UseSupportedCurve(CYASSL* ssl, unsigned short name); +CYASSL_API int CyaSSL_CTX_UseSupportedCurve(CYASSL_CTX* ctx, + unsigned short name); + +#endif /* NO_CYASSL_CLIENT */ +#endif /* HAVE_SUPPORTED_CURVES */ -CYASSL_API int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options); -CYASSL_API int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx); -CYASSL_API int CyaSSL_CTX_LoadCRL(CYASSL_CTX*, const char*, int, int); -CYASSL_API int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX*, CbMissingCRL); #define CYASSL_CRL_MONITOR 0x01 /* monitor this dir flag */ #define CYASSL_CRL_START_MON 0x02 /* start monitoring flag */ @@ -837,13 +1308,13 @@ CYASSL_API int CyaSSL_accept_ex(CYASSL*, HandShakeCallBack, TimeoutCallBack, #endif /* CYASSL_CALLBACKS */ -CYASSL_API long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX*, long); -CYASSL_API int CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX*, const char*); +#ifdef CYASSL_HAVE_WOLFSCEP + CYASSL_API void CyaSSL_wolfSCEP(void); +#endif /* CYASSL_HAVE_WOLFSCEP */ -/* OCSP Options */ -#define CYASSL_OCSP_ENABLE 0x0001 /* Enable OCSP lookups */ -#define CYASSL_OCSP_URL_OVERRIDE 0x0002 /* Use the override URL instead of URL - * in certificate */ +#ifdef CYASSL_HAVE_CERT_SERVICE + CYASSL_API void CyaSSL_cert_service(void); +#endif #ifdef __cplusplus diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/test.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/test.h index 82cee429e..dc00a4d06 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/test.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/test.h @@ -9,17 +9,36 @@ #include #include #include +#include + +#ifdef ATOMIC_USER + #include + #include + #include +#endif +#ifdef HAVE_PK_CALLBACKS + #include + #include + #ifdef HAVE_ECC + #include + #endif /* HAVE_ECC */ +#endif /*HAVE_PK_CALLBACKS */ #ifdef USE_WINDOWS_API #include #include #ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */ - #include + #include #include #endif - #define SOCKET_T int + #define SOCKET_T SOCKET + #define SNPRINTF _snprintf +#elif defined(CYASSL_MDK_ARM) + #include #else #include + #include +#ifndef CYASSL_LEANPSK #include #include #include @@ -27,18 +46,26 @@ #include #include #include - #include #include #include - #ifdef NON_BLOCKING - #include - #endif + #include #ifdef TEST_IPV6 #include #endif - #define SOCKET_T unsigned int +#endif + #define SOCKET_T int + #ifndef SO_NOSIGPIPE + #include /* ignore SIGPIPE */ + #endif + #define SNPRINTF snprintf #endif /* USE_WINDOWS_API */ +#ifdef HAVE_CAVIUM + #include "cavium_sysdep.h" + #include "cavium_common.h" + #include "cavium_ioctl.h" +#endif + #ifdef _MSC_VER /* disable conversion warning */ /* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */ @@ -53,17 +80,25 @@ #endif -/* HPUX doesn't use socklent_t for third parameter to accept */ -#if !defined(__hpux__) +/* HPUX doesn't use socklent_t for third parameter to accept, unless + _XOPEN_SOURCE_EXTENDED is defined */ +#if !defined(__hpux__) && !defined(CYASSL_MDK_ARM) && !defined(CYASSL_IAR_ARM) typedef socklen_t* ACCEPT_THIRD_T; #else - typedef int* ACCEPT_THIRD_T; + #if defined _XOPEN_SOURCE_EXTENDED + typedef socklen_t* ACCEPT_THIRD_T; + #else + typedef int* ACCEPT_THIRD_T; + #endif #endif #ifdef USE_WINDOWS_API #define CloseSocket(s) closesocket(s) #define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); } +#elif defined(CYASSL_MDK_ARM) + #define CloseSocket(s) closesocket(s) + #define StartTCP() #else #define CloseSocket(s) close(s) #define StartTCP() @@ -75,15 +110,19 @@ typedef void* THREAD_TYPE; #define CYASSL_THREAD #else - #ifdef _POSIX_THREADS + #if defined(_POSIX_THREADS) && !defined(__MINGW32__) typedef void* THREAD_RETURN; typedef pthread_t THREAD_TYPE; #define CYASSL_THREAD #define INFINITE -1 #define WAIT_OBJECT_0 0L + #elif defined(CYASSL_MDK_ARM) + typedef unsigned int THREAD_RETURN; + typedef int THREAD_TYPE; + #define CYASSL_THREAD #else typedef unsigned int THREAD_RETURN; - typedef HANDLE THREAD_TYPE; + typedef intptr_t THREAD_TYPE; #define CYASSL_THREAD __stdcall #endif #endif @@ -99,7 +138,11 @@ #define SERVER_DEFAULT_VERSION 3 +#define SERVER_DTLS_DEFAULT_VERSION (-2) +#define SERVER_INVALID_VERSION (-99) #define CLIENT_DEFAULT_VERSION 3 +#define CLIENT_DTLS_DEFAULT_VERSION (-2) +#define CLIENT_INVALID_VERSION (-99) /* all certs relative to CyaSSL home directory now */ #define caCert "./certs/ca-cert.pem" @@ -117,8 +160,9 @@ #define crlPemDir "./certs/crl" typedef struct tcp_ready { - int ready; /* predicate */ -#ifdef _POSIX_THREADS + word16 ready; /* predicate */ + word16 port; +#if defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_mutex_t mutex; pthread_cond_t cond; #endif @@ -128,12 +172,23 @@ typedef struct tcp_ready { void InitTcpReady(tcp_ready*); void FreeTcpReady(tcp_ready*); +typedef CYASSL_METHOD* (*method_provider)(void); +typedef void (*ctx_callback)(CYASSL_CTX* ctx); +typedef void (*ssl_callback)(CYASSL* ssl); + +typedef struct callback_functions { + method_provider method; + ctx_callback ctx_ready; + ssl_callback ssl_ready; + ssl_callback on_result; +} callback_functions; typedef struct func_args { int argc; char** argv; int return_code; tcp_ready* signal; + callback_functions *callbacks; } func_args; void wait_tcp_ready(func_args*); @@ -144,14 +199,18 @@ void start_thread(THREAD_FUNC, func_args*, THREAD_TYPE*); void join_thread(THREAD_TYPE); /* yaSSL */ -static const char* const yasslIP = "127.0.0.1"; +#ifndef TEST_IPV6 + static const char* const yasslIP = "127.0.0.1"; +#else + static const char* const yasslIP = "::1"; +#endif static const word16 yasslPort = 11111; - static INLINE void err_sys(const char* msg) { printf("yassl error: %s\n", msg); - exit(EXIT_FAILURE); + if (msg) + exit(EXIT_FAILURE); } @@ -160,7 +219,7 @@ static INLINE void err_sys(const char* msg) extern int myoptind; extern char* myoptarg; -static INLINE int mygetopt(int argc, char** argv, char* optstring) +static INLINE int mygetopt(int argc, char** argv, const char* optstring) { static char* next = NULL; @@ -199,7 +258,8 @@ static INLINE int mygetopt(int argc, char** argv, char* optstring) } c = *next++; - cp = strchr(optstring, c); + /* The C++ strchr can return a different value */ + cp = (char*)strchr(optstring, c); if (cp == NULL || c == ':') return '?'; @@ -223,10 +283,12 @@ static INLINE int mygetopt(int argc, char** argv, char* optstring) } -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata) { + (void)rw; + (void)userdata; strncpy(passwd, "yassl123", sz); return 8; } @@ -234,52 +296,60 @@ static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata) #endif -static INLINE void showPeer(CYASSL* ssl) -{ -#ifdef OPENSSL_EXTRA +#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) - CYASSL_CIPHER* cipher; - CYASSL_X509* peer = CyaSSL_get_peer_certificate(ssl); - if (peer) { - char* altName; - char* issuer = CyaSSL_X509_NAME_oneline( - CyaSSL_X509_get_issuer_name(peer), 0, 0); - char* subject = CyaSSL_X509_NAME_oneline( - CyaSSL_X509_get_subject_name(peer), 0, 0); - byte serial[32]; - int ret; - int sz = sizeof(serial); +static INLINE void ShowX509(CYASSL_X509* x509, const char* hdr) +{ + char* altName; + char* issuer = CyaSSL_X509_NAME_oneline( + CyaSSL_X509_get_issuer_name(x509), 0, 0); + char* subject = CyaSSL_X509_NAME_oneline( + CyaSSL_X509_get_subject_name(x509), 0, 0); + byte serial[32]; + int ret; + int sz = sizeof(serial); - printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer, - subject); + printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject); + + while ( (altName = CyaSSL_X509_get_next_altname(x509)) != NULL) + printf(" altname = %s\n", altName); + + ret = CyaSSL_X509_get_serial_number(x509, serial, &sz); + if (ret == SSL_SUCCESS) { + int i; + int strLen; + char serialMsg[80]; + + /* testsuite has multiple threads writing to stdout, get output + message ready to write once */ + strLen = sprintf(serialMsg, " serial number"); + for (i = 0; i < sz; i++) + sprintf(serialMsg + strLen + (i*3), ":%02x ", serial[i]); + printf("%s\n", serialMsg); + } - while ( (altName = CyaSSL_X509_get_next_altname(peer)) ) - printf(" altname = %s\n", altName); - - ret = CyaSSL_X509_get_serial_number(peer, serial, &sz); - if (ret == 0) { - int i; - int strLen; - char serialMsg[80]; - - /* testsuite has multiple threads writing to stdout, get output - message ready to write once */ - strLen = sprintf(serialMsg, " serial number"); - for (i = 0; i < sz; i++) - sprintf(serialMsg + strLen + (i*3), ":%02x ", serial[i]); - printf("%s\n", serialMsg); - } + XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL); + XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL); +} - XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL); - XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL); - } +#endif /* KEEP_PEER_CERT || SESSION_CERTS */ + + +static INLINE void showPeer(CYASSL* ssl) +{ + + CYASSL_CIPHER* cipher; +#ifdef KEEP_PEER_CERT + CYASSL_X509* peer = CyaSSL_get_peer_certificate(ssl); + if (peer) + ShowX509(peer, "peer's cert info:"); else printf("peer has no cert!\n"); +#endif printf("SSL version is %s\n", CyaSSL_get_version(ssl)); cipher = CyaSSL_get_current_cipher(ssl); printf("SSL cipher suite is %s\n", CyaSSL_CIPHER_get_name(cipher)); -#endif #if defined(SESSION_CERTS) && defined(SHOW_CERTS) { @@ -290,56 +360,117 @@ static INLINE void showPeer(CYASSL* ssl) for (i = 0; i < count; i++) { int length; unsigned char buffer[3072]; + CYASSL_X509* chainX509; CyaSSL_get_chain_cert_pem(chain,i,buffer, sizeof(buffer), &length); buffer[length] = 0; printf("cert %d has length %d data = \n%s\n", i, length, buffer); + + chainX509 = CyaSSL_get_chain_X509(chain, i); + if (chainX509) + ShowX509(chainX509, "session cert info:"); + else + printf("get_chain_X509 failed\n"); + CyaSSL_FreeX509(chainX509); } } #endif - + (void)ssl; } -static INLINE void tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr, - const char* peer, word16 port, int udp) +static INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer, + word16 port, int udp) { -#ifndef TEST_IPV6 - const char* host = peer; + int useLookup = 0; + (void)useLookup; + (void)udp; + + memset(addr, 0, sizeof(SOCKADDR_IN_T)); +#ifndef TEST_IPV6 /* peer could be in human readable form */ - if (peer != INADDR_ANY && isalpha(peer[0])) { - struct hostent* entry = gethostbyname(peer); + if ( (peer != INADDR_ANY) && isalpha((int)peer[0])) { + #ifdef CYASSL_MDK_ARM + int err; + struct hostent* entry = gethostbyname(peer, &err); + #else + struct hostent* entry = gethostbyname(peer); + #endif if (entry) { - struct sockaddr_in tmp; - memset(&tmp, 0, sizeof(struct sockaddr_in)); - memcpy(&tmp.sin_addr.s_addr, entry->h_addr_list[0], + memcpy(&addr->sin_addr.s_addr, entry->h_addr_list[0], entry->h_length); - host = inet_ntoa(tmp.sin_addr); + useLookup = 1; } else err_sys("no entry for host"); } #endif - if (udp) - *sockfd = socket(AF_INET_V, SOCK_DGRAM, 0); - else - *sockfd = socket(AF_INET_V, SOCK_STREAM, 0); - memset(addr, 0, sizeof(SOCKADDR_IN_T)); #ifndef TEST_IPV6 - addr->sin_family = AF_INET_V; + #if defined(CYASSL_MDK_ARM) + addr->sin_family = PF_INET; + #else + addr->sin_family = AF_INET_V; + #endif addr->sin_port = htons(port); - if (host == INADDR_ANY) + if (peer == INADDR_ANY) addr->sin_addr.s_addr = INADDR_ANY; - else - addr->sin_addr.s_addr = inet_addr(host); + else { + if (!useLookup) + addr->sin_addr.s_addr = inet_addr(peer); + } #else addr->sin6_family = AF_INET_V; addr->sin6_port = htons(port); - addr->sin6_addr = in6addr_loopback; + if (peer == INADDR_ANY) + addr->sin6_addr = in6addr_any; + else { + #ifdef HAVE_GETADDRINFO + struct addrinfo hints; + struct addrinfo* answer = NULL; + int ret; + char strPort[80]; + + memset(&hints, 0, sizeof(hints)); + + hints.ai_family = AF_INET_V; + hints.ai_socktype = udp ? SOCK_DGRAM : SOCK_STREAM; + hints.ai_protocol = udp ? IPPROTO_UDP : IPPROTO_TCP; + + SNPRINTF(strPort, sizeof(strPort), "%d", port); + strPort[79] = '\0'; + + ret = getaddrinfo(peer, strPort, &hints, &answer); + if (ret < 0 || answer == NULL) + err_sys("getaddrinfo failed"); + + memcpy(addr, answer->ai_addr, answer->ai_addrlen); + freeaddrinfo(answer); + #else + printf("no ipv6 getaddrinfo, loopback only tests/examples\n"); + addr->sin6_addr = in6addr_loopback; + #endif + } +#endif +} + + +static INLINE void tcp_socket(SOCKET_T* sockfd, int udp) +{ + if (udp) + *sockfd = socket(AF_INET_V, SOCK_DGRAM, 0); + else + *sockfd = socket(AF_INET_V, SOCK_STREAM, 0); + +#ifdef USE_WINDOWS_API + if (*sockfd == INVALID_SOCKET) + err_sys("socket failed\n"); +#else + if (*sockfd < 0) + err_sys("socket failed\n"); #endif #ifndef USE_WINDOWS_API @@ -351,7 +482,11 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr, if (res < 0) err_sys("setsockopt SO_NOSIGPIPE failed\n"); } -#endif +#elif defined(CYASSL_MDK_ARM) + /* nothing to define */ +#else /* no S_NOSIGPIPE */ + signal(SIGPIPE, SIG_IGN); +#endif /* S_NOSIGPIPE */ #if defined(TCP_NODELAY) if (!udp) @@ -366,35 +501,81 @@ static INLINE void tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr, #endif /* USE_WINDOWS_API */ } - static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port, int udp) { SOCKADDR_IN_T addr; - tcp_socket(sockfd, &addr, ip, port, udp); + build_addr(&addr, ip, port, udp); + tcp_socket(sockfd, udp); + + if (!udp) { + if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) + err_sys("tcp connect failed"); + } +} - if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) + +static INLINE void udp_connect(SOCKET_T* sockfd, void* addr, int addrSz) +{ + if (connect(*sockfd, (const struct sockaddr*)addr, addrSz) != 0) err_sys("tcp connect failed"); } -static INLINE void tcp_listen(SOCKET_T* sockfd, int port, int useAnyAddr, +enum { + TEST_SELECT_FAIL, + TEST_TIMEOUT, + TEST_RECV_READY, + TEST_ERROR_READY +}; + + +#if !defined(CYASSL_MDK_ARM) +static INLINE int tcp_select(SOCKET_T socketfd, int to_sec) +{ + fd_set recvfds, errfds; + SOCKET_T nfds = socketfd + 1; + struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0}; + int result; + + FD_ZERO(&recvfds); + FD_SET(socketfd, &recvfds); + FD_ZERO(&errfds); + FD_SET(socketfd, &errfds); + + result = select(nfds, &recvfds, NULL, &errfds, &timeout); + + if (result == 0) + return TEST_TIMEOUT; + else if (result > 0) { + if (FD_ISSET(socketfd, &recvfds)) + return TEST_RECV_READY; + else if(FD_ISSET(socketfd, &errfds)) + return TEST_ERROR_READY; + } + + return TEST_SELECT_FAIL; +} +#endif /* !CYASSL_MDK_ARM */ + + +static INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr, int udp) { SOCKADDR_IN_T addr; /* don't use INADDR_ANY by default, firewall may block, make user switch on */ - if (useAnyAddr) - tcp_socket(sockfd, &addr, INADDR_ANY, port, udp); - else - tcp_socket(sockfd, &addr, yasslIP, port, udp); + build_addr(&addr, (useAnyAddr ? INADDR_ANY : yasslIP), *port, udp); + tcp_socket(sockfd, udp); -#ifndef USE_WINDOWS_API +#if !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_ARM) { - int on = 1; + int res, on = 1; socklen_t len = sizeof(on); - setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); + res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); + if (res < 0) + err_sys("setsockopt SO_REUSEADDR failed\n"); } #endif @@ -404,6 +585,18 @@ static INLINE void tcp_listen(SOCKET_T* sockfd, int port, int useAnyAddr, if (listen(*sockfd, 5) != 0) err_sys("tcp listen failed"); } + #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) + if (*port == 0) { + socklen_t len = sizeof(addr); + if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) { + #ifndef TEST_IPV6 + *port = ntohs(addr.sin_port); + #else + *port = ntohs(addr.sin6_port); + #endif + } + } + #endif } @@ -414,8 +607,8 @@ static INLINE int udp_read_connect(SOCKET_T sockfd) int n; socklen_t len = sizeof(cliaddr); - n = recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK, - (struct sockaddr*)&cliaddr, &len); + n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK, + (struct sockaddr*)&cliaddr, &len); if (n > 0) { if (connect(sockfd, (const struct sockaddr*)&cliaddr, sizeof(cliaddr)) != 0) @@ -427,30 +620,49 @@ static INLINE int udp_read_connect(SOCKET_T sockfd) return sockfd; } -static INLINE void udp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args) +static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, + int useAnyAddr, word16 port, func_args* args) { SOCKADDR_IN_T addr; - tcp_socket(sockfd, &addr, yasslIP, yasslPort, 1); + (void)args; + build_addr(&addr, (useAnyAddr ? INADDR_ANY : yasslIP), port, 1); + tcp_socket(sockfd, 1); -#ifndef USE_WINDOWS_API +#if !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_ARM) { - int on = 1; + int res, on = 1; socklen_t len = sizeof(on); - setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); + res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len); + if (res < 0) + err_sys("setsockopt SO_REUSEADDR failed\n"); } #endif if (bind(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) err_sys("tcp bind failed"); -#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) + #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) + if (port == 0) { + socklen_t len = sizeof(addr); + if (getsockname(*sockfd, (struct sockaddr*)&addr, &len) == 0) { + #ifndef TEST_IPV6 + port = ntohs(addr.sin_port); + #else + port = ntohs(addr.sin6_port); + #endif + } + } + #endif + +#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) /* signal ready to accept data */ { tcp_ready* ready = args->signal; pthread_mutex_lock(&ready->mutex); ready->ready = 1; + ready->port = port; pthread_cond_signal(&ready->cond); pthread_mutex_unlock(&ready->mutex); } @@ -459,25 +671,27 @@ static INLINE void udp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args) *clientfd = udp_read_connect(*sockfd); } -static INLINE void tcp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args, - int port, int useAnyAddr, int udp) +static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd, + func_args* args, word16 port, int useAnyAddr, + int udp) { SOCKADDR_IN_T client; socklen_t client_len = sizeof(client); if (udp) { - udp_accept(sockfd, clientfd, args); + udp_accept(sockfd, clientfd, useAnyAddr, port, args); return; } - tcp_listen(sockfd, port, useAnyAddr, udp); + tcp_listen(sockfd, &port, useAnyAddr, udp); -#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) +#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) /* signal ready to tcp_accept */ { tcp_ready* ready = args->signal; pthread_mutex_lock(&ready->mutex); ready->ready = 1; + ready->port = port; pthread_cond_signal(&ready->cond); pthread_mutex_unlock(&ready->mutex); } @@ -485,22 +699,33 @@ static INLINE void tcp_accept(SOCKET_T* sockfd, int* clientfd, func_args* args, *clientfd = accept(*sockfd, (struct sockaddr*)&client, (ACCEPT_THIRD_T)&client_len); +#ifdef USE_WINDOWS_API + if (*clientfd == INVALID_SOCKET) + err_sys("tcp accept failed"); +#else if (*clientfd == -1) err_sys("tcp accept failed"); +#endif } static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd) { -#ifdef NON_BLOCKING #ifdef USE_WINDOWS_API unsigned long blocking = 1; int ret = ioctlsocket(*sockfd, FIONBIO, &blocking); + if (ret == SOCKET_ERROR) + err_sys("ioctlsocket failed"); + #elif defined(CYASSL_MDK_ARM) + /* non blocking not suppported, for now */ #else int flags = fcntl(*sockfd, F_GETFL, 0); - int ret = fcntl(*sockfd, F_SETFL, flags | O_NONBLOCK); + if (flags < 0) + err_sys("fcntl get failed"); + flags = fcntl(*sockfd, F_SETFL, flags | O_NONBLOCK); + if (flags < 0) + err_sys("fcntl set failed"); #endif -#endif } @@ -510,6 +735,10 @@ static INLINE unsigned int my_psk_client_cb(CYASSL* ssl, const char* hint, char* identity, unsigned int id_max_len, unsigned char* key, unsigned int key_max_len) { + (void)ssl; + (void)hint; + (void)key_max_len; + /* identity is OpenSSL testing default for openssl s_client, keep same */ strncpy(identity, "Client_identity", id_max_len); @@ -528,6 +757,9 @@ static INLINE unsigned int my_psk_client_cb(CYASSL* ssl, const char* hint, static INLINE unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity, unsigned char* key, unsigned int key_max_len) { + (void)ssl; + (void)key_max_len; + /* identity is OpenSSL testing default for openssl s_client, keep same */ if (strncmp(identity, "Client_identity", 15) != 0) return 0; @@ -569,20 +801,22 @@ static INLINE unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity, #else +#if !defined(CYASSL_MDK_ARM) #include - static INLINE double current_time() + static INLINE double current_time(void) { struct timeval tv; gettimeofday(&tv, 0); return (double)tv.tv_sec + (double)tv.tv_usec / 1000000; } - + +#endif #endif /* USE_WINDOWS_API */ -#ifdef NO_FILESYSTEM +#if defined(NO_FILESYSTEM) && !defined(NO_CERTS) enum { CYASSL_CA = 1, @@ -628,12 +862,17 @@ static INLINE unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity, static INLINE int myVerify(int preverify, CYASSL_X509_STORE_CTX* store) { - char buffer[80]; + (void)preverify; + char buffer[CYASSL_MAX_ERROR_SZ]; + +#ifdef OPENSSL_EXTRA + CYASSL_X509* peer; +#endif printf("In verification callback, error = %d, %s\n", store->error, CyaSSL_ERR_error_string(store->error, buffer)); #ifdef OPENSSL_EXTRA - CYASSL_X509* peer = store->current_cert; + peer = store->current_cert; if (peer) { char* issuer = CyaSSL_X509_NAME_oneline( CyaSSL_X509_get_issuer_name(peer), 0, 0); @@ -656,22 +895,44 @@ static INLINE int myVerify(int preverify, CYASSL_X509_STORE_CTX* store) #endif /* VERIFY_CALLBACK */ +static INLINE int myDateCb(int preverify, CYASSL_X509_STORE_CTX* store) +{ + char buffer[CYASSL_MAX_ERROR_SZ]; + (void)preverify; + + printf("In verification callback, error = %d, %s\n", store->error, + CyaSSL_ERR_error_string(store->error, buffer)); + printf("Subject's domain name is %s\n", store->domain); + + if (store->error == ASN_BEFORE_DATE_E || store->error == ASN_AFTER_DATE_E) { + printf("Overriding cert date error as example for bad clock testing\n"); + return 1; + } + printf("Cert error is not date error, not overriding\n"); + + return 0; +} + + #ifdef HAVE_CRL -static void INLINE CRL_CallBack(const char* url) +static INLINE void CRL_CallBack(const char* url) { printf("CRL callback url = %s\n", url); } #endif +#ifndef NO_CERTS static INLINE void CaCb(unsigned char* der, int sz, int type) { + (void)der; printf("Got CA cache add callback, derSz = %d, type = %d\n", sz, type); } +#ifndef NO_DH static INLINE void SetDH(CYASSL* ssl) { /* dh1024 p */ @@ -725,6 +986,32 @@ static INLINE void SetDHCtx(CYASSL_CTX* ctx) CyaSSL_CTX_SetTmpDH(ctx, p, sizeof(p), g, sizeof(g)); } +#endif /* NO_DH */ +#endif /* !NO_CERTS */ + +#ifdef HAVE_CAVIUM + +static INLINE int OpenNitroxDevice(int dma_mode,int dev_id) +{ + Csp1CoreAssignment core_assign; + Uint32 device; + + if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID)) + return -1; + if (Csp1GetDevType(&device)) + return -1; + if (device != NPX_DEVICE) { + if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT, + (Uint32 *)&core_assign)!= 0) + return -1; + } + CspShutdown(CAVIUM_DEV_ID); + + return CspInitialize(dma_mode, dev_id); +} + +#endif /* HAVE_CAVIUM */ + #ifdef USE_WINDOWS_API @@ -750,15 +1037,25 @@ static INLINE void ChangeDirBack(int x) /* does current dir contain str */ static INLINE int CurrentDir(const char* str) { - char path[MAX_PATH]; + char path[MAX_PATH]; + char* baseName; GetCurrentDirectoryA(sizeof(path), path); - if (strstr(path, str)) + + baseName = strrchr(path, '\\'); + if (baseName) + baseName++; + else + baseName = path; + + if (strstr(baseName, str)) return 1; return 0; } +#elif defined(CYASSL_MDK_ARM) + /* KEIL-RL File System does not support relative directry */ #else #ifndef MAX_PATH @@ -788,13 +1085,21 @@ static INLINE void ChangeDirBack(int x) /* does current dir contain str */ static INLINE int CurrentDir(const char* str) { - char path[MAX_PATH]; + char path[MAX_PATH]; + char* baseName; if (getcwd(path, sizeof(path)) == NULL) { printf("no current dir?\n"); return 0; } - if (strstr(path, str)) + + baseName = strrchr(path, '/'); + if (baseName) + baseName++; + else + baseName = path; + + if (strstr(baseName, str)) return 1; return 0; @@ -802,5 +1107,645 @@ static INLINE int CurrentDir(const char* str) #endif /* USE_WINDOWS_API */ + +#ifdef USE_CYASSL_MEMORY + + typedef struct memoryStats { + size_t totalAllocs; /* number of allocations */ + size_t totalBytes; /* total number of bytes allocated */ + size_t peakBytes; /* concurrent max bytes */ + size_t currentBytes; /* total current bytes in use */ + } memoryStats; + + typedef struct memHint { + size_t thisSize; /* size of this memory */ + void* thisMemory; /* actual memory for user */ + } memHint; + + typedef struct memoryTrack { + union { + memHint hint; + byte alignit[16]; /* make sure we have strong alignment */ + } u; + } memoryTrack; + + #if defined(CYASSL_TRACK_MEMORY) + #define DO_MEM_STATS + static memoryStats ourMemStats; + #endif + + static INLINE void* TrackMalloc(size_t sz) + { + memoryTrack* mt; + + if (sz == 0) + return NULL; + + mt = (memoryTrack*)malloc(sizeof(memoryTrack) + sz); + if (mt == NULL) + return NULL; + + mt->u.hint.thisSize = sz; + mt->u.hint.thisMemory = (byte*)mt + sizeof(memoryTrack); + +#ifdef DO_MEM_STATS + ourMemStats.totalAllocs++; + ourMemStats.totalBytes += sz; + ourMemStats.currentBytes += sz; + if (ourMemStats.currentBytes > ourMemStats.peakBytes) + ourMemStats.peakBytes = ourMemStats.currentBytes; +#endif + + return mt->u.hint.thisMemory; + } + + + static INLINE void TrackFree(void* ptr) + { + memoryTrack* mt; + + if (ptr == NULL) + return; + + mt = (memoryTrack*)ptr; + --mt; /* same as minus sizeof(memoryTrack), removes header */ + +#ifdef DO_MEM_STATS + ourMemStats.currentBytes -= mt->u.hint.thisSize; +#endif + + free(mt); + } + + + static INLINE void* TrackRealloc(void* ptr, size_t sz) + { + void* ret = TrackMalloc(sz); + + if (ptr) { + /* if realloc is bigger, don't overread old ptr */ + memoryTrack* mt = (memoryTrack*)ptr; + --mt; /* same as minus sizeof(memoryTrack), removes header */ + + if (mt->u.hint.thisSize < sz) + sz = mt->u.hint.thisSize; + } + + if (ret && ptr) + memcpy(ret, ptr, sz); + + if (ret) + TrackFree(ptr); + + return ret; + } + + static INLINE void InitMemoryTracker(void) + { + if (CyaSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc) != 0) + err_sys("CyaSSL SetAllocators failed for track memory"); + + #ifdef DO_MEM_STATS + ourMemStats.totalAllocs = 0; + ourMemStats.totalBytes = 0; + ourMemStats.peakBytes = 0; + ourMemStats.currentBytes = 0; + #endif + } + + static INLINE void ShowMemoryTracker(void) + { + #ifdef DO_MEM_STATS + printf("total Allocs = %9lu\n", + (unsigned long)ourMemStats.totalAllocs); + printf("total Bytes = %9lu\n", + (unsigned long)ourMemStats.totalBytes); + printf("peak Bytes = %9lu\n", + (unsigned long)ourMemStats.peakBytes); + printf("current Bytes = %9lu\n", + (unsigned long)ourMemStats.currentBytes); + #endif + } + +#endif /* USE_CYASSL_MEMORY */ + + +#ifdef HAVE_STACK_SIZE + +typedef THREAD_RETURN CYASSL_THREAD (*thread_func)(void* args); + + +static INLINE void StackSizeCheck(func_args* args, thread_func tf) +{ + int ret, i, used; + unsigned char* myStack; + int stackSize = 1024*128; + pthread_attr_t myAttr; + pthread_t threadId; + +#ifdef PTHREAD_STACK_MIN + if (stackSize < PTHREAD_STACK_MIN) + stackSize = PTHREAD_STACK_MIN; +#endif + + ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize); + if (ret != 0) + err_sys("posix_memalign failed\n"); + + memset(myStack, 0x01, stackSize); + + ret = pthread_attr_init(&myAttr); + if (ret != 0) + err_sys("attr_init failed"); + + ret = pthread_attr_setstack(&myAttr, myStack, stackSize); + if (ret != 0) + err_sys("attr_setstackaddr failed"); + + ret = pthread_create(&threadId, &myAttr, tf, args); + if (ret != 0) { + perror("pthread_create failed"); + exit(EXIT_FAILURE); + } + + ret = pthread_join(threadId, NULL); + if (ret != 0) + err_sys("pthread_join failed"); + + for (i = 0; i < stackSize; i++) { + if (myStack[i] != 0x01) { + break; + } + } + + used = stackSize - i; + printf("stack used = %d\n", used); +} + + +#endif /* HAVE_STACK_SIZE */ + + +#ifdef STACK_TRAP + +/* good settings + --enable-debug --disable-shared C_EXTRA_FLAGS="-DUSER_TIME -DTFM_TIMING_RESISTANT -DPOSITIVE_EXP_ONLY -DSTACK_TRAP" + +*/ + +#ifdef HAVE_STACK_SIZE + /* client only for now, setrlimit will fail if pthread_create() called */ + /* STACK_SIZE does pthread_create() on client */ + #error "can't use STACK_TRAP with STACK_SIZE, setrlimit will fail" +#endif /* HAVE_STACK_SIZE */ + +static INLINE void StackTrap(void) +{ + struct rlimit rl; + if (getrlimit(RLIMIT_STACK, &rl) != 0) + err_sys("getrlimit failed"); + printf("rlim_cur = %llu\n", rl.rlim_cur); + rl.rlim_cur = 1024*21; /* adjust trap size here */ + if (setrlimit(RLIMIT_STACK, &rl) != 0) { + perror("setrlimit"); + err_sys("setrlimit failed"); + } +} + +#else /* STACK_TRAP */ + +static INLINE void StackTrap(void) +{ +} + +#endif /* STACK_TRAP */ + + +#ifdef ATOMIC_USER + +/* Atomic Encrypt Context example */ +typedef struct AtomicEncCtx { + int keySetup; /* have we done key setup yet */ + Aes aes; /* for aes example */ +} AtomicEncCtx; + + +/* Atomic Decrypt Context example */ +typedef struct AtomicDecCtx { + int keySetup; /* have we done key setup yet */ + Aes aes; /* for aes example */ +} AtomicDecCtx; + + +static INLINE int myMacEncryptCb(CYASSL* ssl, unsigned char* macOut, + const unsigned char* macIn, unsigned int macInSz, int macContent, + int macVerify, unsigned char* encOut, const unsigned char* encIn, + unsigned int encSz, void* ctx) +{ + int ret; + Hmac hmac; + byte myInner[CYASSL_TLS_HMAC_INNER_SZ]; + AtomicEncCtx* encCtx = (AtomicEncCtx*)ctx; + const char* tlsStr = "TLS"; + + /* example supports (d)tls aes */ + if (CyaSSL_GetBulkCipher(ssl) != cyassl_aes) { + printf("myMacEncryptCb not using AES\n"); + return -1; + } + + if (strstr(CyaSSL_get_version(ssl), tlsStr) == NULL) { + printf("myMacEncryptCb not using (D)TLS\n"); + return -1; + } + + /* hmac, not needed if aead mode */ + CyaSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify); + + ret = HmacSetKey(&hmac, CyaSSL_GetHmacType(ssl), + CyaSSL_GetMacSecret(ssl, macVerify), CyaSSL_GetHmacSize(ssl)); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, myInner, sizeof(myInner)); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, macIn, macInSz); + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, macOut); + if (ret != 0) + return ret; + + + /* encrypt setup on first time */ + if (encCtx->keySetup == 0) { + int keyLen = CyaSSL_GetKeySize(ssl); + const byte* key; + const byte* iv; + + if (CyaSSL_GetSide(ssl) == CYASSL_CLIENT_END) { + key = CyaSSL_GetClientWriteKey(ssl); + iv = CyaSSL_GetClientWriteIV(ssl); + } + else { + key = CyaSSL_GetServerWriteKey(ssl); + iv = CyaSSL_GetServerWriteIV(ssl); + } + + ret = AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("AesSetKey failed in myMacEncryptCb\n"); + return ret; + } + encCtx->keySetup = 1; + } + + /* encrypt */ + return AesCbcEncrypt(&encCtx->aes, encOut, encIn, encSz); +} + + +static INLINE int myDecryptVerifyCb(CYASSL* ssl, + unsigned char* decOut, const unsigned char* decIn, + unsigned int decSz, int macContent, int macVerify, + unsigned int* padSz, void* ctx) +{ + AtomicDecCtx* decCtx = (AtomicDecCtx*)ctx; + int ret = 0; + int macInSz = 0; + int ivExtra = 0; + int digestSz = CyaSSL_GetHmacSize(ssl); + unsigned int pad = 0; + unsigned int padByte = 0; + Hmac hmac; + byte myInner[CYASSL_TLS_HMAC_INNER_SZ]; + byte verify[MAX_DIGEST_SIZE]; + const char* tlsStr = "TLS"; + + /* example supports (d)tls aes */ + if (CyaSSL_GetBulkCipher(ssl) != cyassl_aes) { + printf("myMacEncryptCb not using AES\n"); + return -1; + } + + if (strstr(CyaSSL_get_version(ssl), tlsStr) == NULL) { + printf("myMacEncryptCb not using (D)TLS\n"); + return -1; + } + + /*decrypt */ + if (decCtx->keySetup == 0) { + int keyLen = CyaSSL_GetKeySize(ssl); + const byte* key; + const byte* iv; + + /* decrypt is from other side (peer) */ + if (CyaSSL_GetSide(ssl) == CYASSL_SERVER_END) { + key = CyaSSL_GetClientWriteKey(ssl); + iv = CyaSSL_GetClientWriteIV(ssl); + } + else { + key = CyaSSL_GetServerWriteKey(ssl); + iv = CyaSSL_GetServerWriteIV(ssl); + } + + ret = AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION); + if (ret != 0) { + printf("AesSetKey failed in myDecryptVerifyCb\n"); + return ret; + } + decCtx->keySetup = 1; + } + + /* decrypt */ + ret = AesCbcDecrypt(&decCtx->aes, decOut, decIn, decSz); + + if (CyaSSL_GetCipherType(ssl) == CYASSL_AEAD_TYPE) { + *padSz = CyaSSL_GetAeadMacSize(ssl); + return 0; /* hmac, not needed if aead mode */ + } + + if (CyaSSL_GetCipherType(ssl) == CYASSL_BLOCK_TYPE) { + pad = *(decOut + decSz - 1); + padByte = 1; + if (CyaSSL_IsTLSv1_1(ssl)) + ivExtra = CyaSSL_GetCipherBlockSize(ssl); + } + + *padSz = CyaSSL_GetHmacSize(ssl) + pad + padByte; + macInSz = decSz - ivExtra - digestSz - pad - padByte; + + CyaSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify); + + ret = HmacSetKey(&hmac, CyaSSL_GetHmacType(ssl), + CyaSSL_GetMacSecret(ssl, macVerify), digestSz); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, myInner, sizeof(myInner)); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, decOut + ivExtra, macInSz); + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, verify); + if (ret != 0) + return ret; + + if (memcmp(verify, decOut + decSz - digestSz - pad - padByte, + digestSz) != 0) { + printf("myDecryptVerify verify failed\n"); + return -1; + } + + return ret; +} + + +static INLINE void SetupAtomicUser(CYASSL_CTX* ctx, CYASSL* ssl) +{ + AtomicEncCtx* encCtx; + AtomicDecCtx* decCtx; + + encCtx = (AtomicEncCtx*)malloc(sizeof(AtomicEncCtx)); + if (encCtx == NULL) + err_sys("AtomicEncCtx malloc failed"); + memset(encCtx, 0, sizeof(AtomicEncCtx)); + + decCtx = (AtomicDecCtx*)malloc(sizeof(AtomicDecCtx)); + if (decCtx == NULL) { + free(encCtx); + err_sys("AtomicDecCtx malloc failed"); + } + memset(decCtx, 0, sizeof(AtomicDecCtx)); + + CyaSSL_CTX_SetMacEncryptCb(ctx, myMacEncryptCb); + CyaSSL_SetMacEncryptCtx(ssl, encCtx); + + CyaSSL_CTX_SetDecryptVerifyCb(ctx, myDecryptVerifyCb); + CyaSSL_SetDecryptVerifyCtx(ssl, decCtx); +} + + +static INLINE void FreeAtomicUser(CYASSL* ssl) +{ + AtomicEncCtx* encCtx = CyaSSL_GetMacEncryptCtx(ssl); + AtomicDecCtx* decCtx = CyaSSL_GetDecryptVerifyCtx(ssl); + + free(decCtx); + free(encCtx); +} + +#endif /* ATOMIC_USER */ + + +#ifdef HAVE_PK_CALLBACKS + +#ifdef HAVE_ECC + +static INLINE int myEccSign(CYASSL* ssl, const byte* in, word32 inSz, + byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) +{ + RNG rng; + int ret; + word32 idx = 0; + ecc_key myKey; + + (void)ssl; + (void)ctx; + + ret = InitRng(&rng); + if (ret != 0) + return ret; + + ecc_init(&myKey); + + ret = EccPrivateKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) + ret = ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey); + ecc_free(&myKey); + + return ret; +} + + +static INLINE int myEccVerify(CYASSL* ssl, const byte* sig, word32 sigSz, + const byte* hash, word32 hashSz, const byte* key, word32 keySz, + int* result, void* ctx) +{ + int ret; + ecc_key myKey; + + (void)ssl; + (void)ctx; + + ecc_init(&myKey); + + ret = ecc_import_x963(key, keySz, &myKey); + if (ret == 0) + ret = ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey); + ecc_free(&myKey); + + return ret; +} + +#endif /* HAVE_ECC */ + +#ifndef NO_RSA + +static INLINE int myRsaSign(CYASSL* ssl, const byte* in, word32 inSz, + byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx) +{ + RNG rng; + int ret; + word32 idx = 0; + RsaKey myKey; + + (void)ssl; + (void)ctx; + + ret = InitRng(&rng); + if (ret != 0) + return ret; + + InitRsaKey(&myKey, NULL); + + ret = RsaPrivateKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) + ret = RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng); + if (ret > 0) { /* save and convert to 0 success */ + *outSz = ret; + ret = 0; + } + FreeRsaKey(&myKey); + + return ret; +} + + +static INLINE int myRsaVerify(CYASSL* ssl, byte* sig, word32 sigSz, + byte** out, + const byte* key, word32 keySz, + void* ctx) +{ + int ret; + word32 idx = 0; + RsaKey myKey; + + (void)ssl; + (void)ctx; + + InitRsaKey(&myKey, NULL); + + ret = RsaPublicKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) + ret = RsaSSL_VerifyInline(sig, sigSz, out, &myKey); + FreeRsaKey(&myKey); + + return ret; +} + + +static INLINE int myRsaEnc(CYASSL* ssl, const byte* in, word32 inSz, + byte* out, word32* outSz, const byte* key, + word32 keySz, void* ctx) +{ + int ret; + word32 idx = 0; + RsaKey myKey; + RNG rng; + + (void)ssl; + (void)ctx; + + ret = InitRng(&rng); + if (ret != 0) + return ret; + + InitRsaKey(&myKey, NULL); + + ret = RsaPublicKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) { + ret = RsaPublicEncrypt(in, inSz, out, *outSz, &myKey, &rng); + if (ret > 0) { + *outSz = ret; + ret = 0; /* reset to success */ + } + } + FreeRsaKey(&myKey); + + return ret; +} + +static INLINE int myRsaDec(CYASSL* ssl, byte* in, word32 inSz, + byte** out, + const byte* key, word32 keySz, void* ctx) +{ + int ret; + word32 idx = 0; + RsaKey myKey; + + (void)ssl; + (void)ctx; + + InitRsaKey(&myKey, NULL); + + ret = RsaPrivateKeyDecode(key, &idx, &myKey, keySz); + if (ret == 0) { + ret = RsaPrivateDecryptInline(in, inSz, out, &myKey); + } + FreeRsaKey(&myKey); + + return ret; +} + +#endif /* NO_RSA */ + +static INLINE void SetupPkCallbacks(CYASSL_CTX* ctx, CYASSL* ssl) +{ + (void)ctx; + (void)ssl; + + #ifdef HAVE_ECC + CyaSSL_CTX_SetEccSignCb(ctx, myEccSign); + CyaSSL_CTX_SetEccVerifyCb(ctx, myEccVerify); + #endif /* HAVE_ECC */ + #ifndef NO_RSA + CyaSSL_CTX_SetRsaSignCb(ctx, myRsaSign); + CyaSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify); + CyaSSL_CTX_SetRsaEncCb(ctx, myRsaEnc); + CyaSSL_CTX_SetRsaDecCb(ctx, myRsaDec); + #endif /* NO_RSA */ +} + +#endif /* HAVE_PK_CALLBACKS */ + + + + + +#if defined(__hpux__) || defined(__MINGW32__) + +/* HP/UX doesn't have strsep, needed by test/suites.c */ +static INLINE char* strsep(char **stringp, const char *delim) +{ + char* start; + char* end; + + start = *stringp; + if (start == NULL) + return NULL; + + if ((end = strpbrk(start, delim))) { + *end++ = '\0'; + *stringp = end; + } else { + *stringp = NULL; + } + + return start; +} + +#endif /* __hpux__ */ + #endif /* CyaSSL_TEST_H */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h b/FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h index eff5b718d..a2d1dea9c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h @@ -1,6 +1,6 @@ /* cyassl_version.h.in * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -26,8 +26,8 @@ extern "C" { #endif -#define LIBCYASSL_VERSION_STRING "2.3.0" -#define LIBCYASSL_VERSION_HEX 0x02003000 +#define LIBCYASSL_VERSION_STRING "3.1.0" +#define LIBCYASSL_VERSION_HEX 0x03001000 #ifdef __cplusplus } diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h.in b/FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h.in index 6af4f0ae5..ee1d639c2 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h.in +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl/version.h.in @@ -1,6 +1,6 @@ /* cyassl_version.h.in * - * Copyright (C) 2006-2011 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/cyassl64.sln b/FreeRTOS-Plus/Source/CyaSSL/cyassl64.sln new file mode 100644 index 000000000..93900cc3c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/cyassl64.sln @@ -0,0 +1,86 @@ + +Microsoft Visual Studio Solution File, Format Version 12.00 +# Visual Studio Express 2012 for Windows Desktop +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "cyassl", "cyassl.vcxproj", "{73973223-5EE8-41CA-8E88-1D60E89A237B}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "testsuite", "testsuite\testsuite.vcxproj", "{611E8971-46E0-4D0A-B5A1-632C3B00CB80}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "sslSniffer", "sslSniffer\sslSniffer.vcxproj", "{34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoserver", "examples\echoserver\echoserver.vcxproj", "{07D97C48-E08F-4E34-9F67-3064039FF2CB}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "echoclient", "examples\echoclient\echoclient.vcxproj", "{8362A816-C5DC-4E22-B5C5-9E6806387073}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "client", "examples\client\client.vcxproj", "{3ADE9549-582D-4D8E-9826-B172197A7959}" +EndProject +Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "server", "examples\server\server.vcxproj", "{E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}" +EndProject +Global + GlobalSection(SolutionConfigurationPlatforms) = preSolution + Debug|Win32 = Debug|Win32 + Debug|x64 = Debug|x64 + Release|Win32 = Release|Win32 + Release|x64 = Release|x64 + EndGlobalSection + GlobalSection(ProjectConfigurationPlatforms) = postSolution + {73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.ActiveCfg = Debug|Win32 + {73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|Win32.Build.0 = Debug|Win32 + {73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|x64.ActiveCfg = Debug|x64 + {73973223-5EE8-41CA-8E88-1D60E89A237B}.Debug|x64.Build.0 = Debug|x64 + {73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.ActiveCfg = Release|Win32 + {73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|Win32.Build.0 = Release|Win32 + {73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|x64.ActiveCfg = Release|x64 + {73973223-5EE8-41CA-8E88-1D60E89A237B}.Release|x64.Build.0 = Release|x64 + {611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.ActiveCfg = Debug|Win32 + {611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|Win32.Build.0 = Debug|Win32 + {611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|x64.ActiveCfg = Debug|x64 + {611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Debug|x64.Build.0 = Debug|x64 + {611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.ActiveCfg = Release|Win32 + {611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|Win32.Build.0 = Release|Win32 + {611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|x64.ActiveCfg = Release|x64 + {611E8971-46E0-4D0A-B5A1-632C3B00CB80}.Release|x64.Build.0 = Release|x64 + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.ActiveCfg = Debug|Win32 + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|Win32.Build.0 = Debug|Win32 + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|x64.ActiveCfg = Debug|x64 + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Debug|x64.Build.0 = Debug|x64 + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.ActiveCfg = Release|Win32 + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|Win32.Build.0 = Release|Win32 + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|x64.ActiveCfg = Release|x64 + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D}.Release|x64.Build.0 = Release|x64 + {07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.ActiveCfg = Debug|Win32 + {07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|Win32.Build.0 = Debug|Win32 + {07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|x64.ActiveCfg = Debug|x64 + {07D97C48-E08F-4E34-9F67-3064039FF2CB}.Debug|x64.Build.0 = Debug|x64 + {07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.ActiveCfg = Release|Win32 + {07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|Win32.Build.0 = Release|Win32 + {07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|x64.ActiveCfg = Release|x64 + {07D97C48-E08F-4E34-9F67-3064039FF2CB}.Release|x64.Build.0 = Release|x64 + {8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.ActiveCfg = Debug|Win32 + {8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|Win32.Build.0 = Debug|Win32 + {8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|x64.ActiveCfg = Debug|x64 + {8362A816-C5DC-4E22-B5C5-9E6806387073}.Debug|x64.Build.0 = Debug|x64 + {8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.ActiveCfg = Release|Win32 + {8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|Win32.Build.0 = Release|Win32 + {8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|x64.ActiveCfg = Release|x64 + {8362A816-C5DC-4E22-B5C5-9E6806387073}.Release|x64.Build.0 = Release|x64 + {3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.ActiveCfg = Debug|Win32 + {3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|Win32.Build.0 = Debug|Win32 + {3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|x64.ActiveCfg = Debug|x64 + {3ADE9549-582D-4D8E-9826-B172197A7959}.Debug|x64.Build.0 = Debug|x64 + {3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.ActiveCfg = Release|Win32 + {3ADE9549-582D-4D8E-9826-B172197A7959}.Release|Win32.Build.0 = Release|Win32 + {3ADE9549-582D-4D8E-9826-B172197A7959}.Release|x64.ActiveCfg = Release|x64 + {3ADE9549-582D-4D8E-9826-B172197A7959}.Release|x64.Build.0 = Release|x64 + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.ActiveCfg = Debug|Win32 + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|Win32.Build.0 = Debug|Win32 + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|x64.ActiveCfg = Debug|x64 + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Debug|x64.Build.0 = Debug|x64 + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.ActiveCfg = Release|Win32 + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|Win32.Build.0 = Release|Win32 + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|x64.ActiveCfg = Release|x64 + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1}.Release|x64.Build.0 = Release|x64 + EndGlobalSection + GlobalSection(SolutionProperties) = preSolution + HideSolutionNode = FALSE + EndGlobalSection +EndGlobal diff --git a/FreeRTOS-Plus/Source/CyaSSL/doc/include.am b/FreeRTOS-Plus/Source/CyaSSL/doc/include.am index fa44fcf8f..5bef623aa 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/doc/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/doc/include.am @@ -2,4 +2,4 @@ # included from Top Level Makefile.am # All paths should be given relative to the root -doc_DATA+= doc/README.txt +dist_doc_DATA+= doc/README.txt diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.c b/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.c index 955981040..6c268e65d 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.c +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.c @@ -1,6 +1,6 @@ /* client.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,19 +16,40 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H - #include + #include +#endif + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + +#include + +#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER) + /* in case memory tracker wants stats */ + #define CYASSL_TRACK_MEMORY #endif #include + #include -/* -#define TEST_RESUME -*/ +#include "examples/client/client.h" #ifdef CYASSL_CALLBACKS @@ -37,37 +58,57 @@ Timeval timeout; #endif -#if defined(NON_BLOCKING) || defined(CYASSL_CALLBACKS) - void NonBlockingSSL_Connect(CYASSL* ssl) - { + +static void NonBlockingSSL_Connect(CYASSL* ssl) +{ #ifndef CYASSL_CALLBACKS - int ret = CyaSSL_connect(ssl); + int ret = CyaSSL_connect(ssl); #else - int ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout); + int ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout); #endif - int error = CyaSSL_get_error(ssl, 0); - while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || - error == SSL_ERROR_WANT_WRITE)) { - if (error == SSL_ERROR_WANT_READ) - printf("... client would read block\n"); - else - printf("... client would write block\n"); - #ifdef USE_WINDOWS_API - Sleep(100); - #else - sleep(1); - #endif + int error = CyaSSL_get_error(ssl, 0); + SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl); + int select_ret; + + while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || + error == SSL_ERROR_WANT_WRITE)) { + int currTimeout = 1; + + if (error == SSL_ERROR_WANT_READ) + printf("... client would read block\n"); + else + printf("... client would write block\n"); + +#ifdef CYASSL_DTLS + currTimeout = CyaSSL_dtls_get_current_timeout(ssl); +#endif + select_ret = tcp_select(sockfd, currTimeout); + + if ((select_ret == TEST_RECV_READY) || + (select_ret == TEST_ERROR_READY)) { #ifndef CYASSL_CALLBACKS - ret = CyaSSL_connect(ssl); + ret = CyaSSL_connect(ssl); #else - ret = CyaSSL_connect_ex(ssl, handShakeCB, timeoutCB, timeout); + ret = CyaSSL_connect_ex(ssl,handShakeCB,timeoutCB,timeout); #endif error = CyaSSL_get_error(ssl, 0); } - if (ret != SSL_SUCCESS) - err_sys("SSL_connect failed"); - } + else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) { + error = SSL_ERROR_WANT_READ; + } +#ifdef CYASSL_DTLS + else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) && + CyaSSL_dtls_got_timeout(ssl) >= 0) { + error = SSL_ERROR_WANT_READ; + } #endif + else { + error = SSL_FATAL_ERROR; + } + } + if (ret != SSL_SUCCESS) + err_sys("SSL_connect failed"); +} static void Usage(void) @@ -76,7 +117,7 @@ static void Usage(void) " NOTE: All files relative to CyaSSL home dir\n"); printf("-? Help, print this usage\n"); printf("-h Host to connect to, default %s\n", yasslIP); - printf("-p Port to connect on, default %d\n", yasslPort); + printf("-p Port to connect on, not 0, default %d\n", yasslPort); printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", CLIENT_DEFAULT_VERSION); printf("-l Cipher list\n"); @@ -85,14 +126,42 @@ static void Usage(void) printf("-A Certificate Authority file, default %s\n", caCert); printf("-b Benchmark connections and print stats\n"); printf("-s Use pre Shared keys\n"); + printf("-t Track CyaSSL memory use\n"); printf("-d Disable peer checks\n"); + printf("-D Override Date Errors example\n"); printf("-g Send server HTTP GET\n"); - printf("-u Use UDP DTLS\n"); + printf("-u Use UDP DTLS," + " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); printf("-m Match domain name in cert\n"); + printf("-N Use Non-blocking sockets\n"); + printf("-r Resume session\n"); + printf("-f Fewer packets/group messages\n"); + printf("-x Disable client cert/key loading\n"); +#ifdef SHOW_SIZES + printf("-z Print structure sizes\n"); +#endif +#ifdef HAVE_SNI + printf("-S Use Host Name Indication\n"); +#endif +#ifdef HAVE_MAX_FRAGMENT + printf("-L Use Maximum Fragment Length [1-5]\n"); +#endif +#ifdef HAVE_TRUNCATED_HMAC + printf("-T Use Truncated HMAC\n"); +#endif +#ifdef HAVE_OCSP + printf("-o Perform OCSP lookup on peer certificate\n"); + printf("-O Perform OCSP lookup using as responder\n"); +#endif +#ifdef ATOMIC_USER + printf("-U Atomic User Record Layer Callbacks\n"); +#endif +#ifdef HAVE_PK_CALLBACKS + printf("-P Public Key Callbacks\n"); +#endif } - -void client_test(void* args) +THREAD_RETURN CYASSL_THREAD client_test(void* args) { SOCKET_T sockfd = 0; @@ -100,41 +169,78 @@ void client_test(void* args) CYASSL_CTX* ctx = 0; CYASSL* ssl = 0; -#ifdef TEST_RESUME CYASSL* sslResume = 0; CYASSL_SESSION* session = 0; char resumeMsg[] = "resuming cyassl!"; int resumeSz = sizeof(resumeMsg); -#endif - char msg[64] = "hello cyassl!"; - char reply[1024]; + char msg[32] = "hello cyassl!"; /* GET may make bigger */ + char reply[80]; int input; - int msgSz = strlen(msg); + int msgSz = (int)strlen(msg); - int port = yasslPort; + word16 port = yasslPort; char* host = (char*)yasslIP; - char* domain = "www.yassl.com"; + const char* domain = "www.yassl.com"; int ch; - int version = CLIENT_DEFAULT_VERSION; + int version = CLIENT_INVALID_VERSION; int usePsk = 0; int sendGET = 0; int benchmark = 0; int doDTLS = 0; int matchName = 0; int doPeerCheck = 1; + int nonBlocking = 0; + int resumeSession = 0; + int trackMemory = 0; + int useClientCert = 1; + int fewerPackets = 0; + int atomicUser = 0; + int pkCallbacks = 0; + int overrideDateErrors = 0; char* cipherList = NULL; - char* verifyCert = (char*)caCert; - char* ourCert = (char*)cliCert; - char* ourKey = (char*)cliKey; + const char* verifyCert = caCert; + const char* ourCert = cliCert; + const char* ourKey = cliKey; + +#ifdef HAVE_SNI + char* sniHostName = NULL; +#endif +#ifdef HAVE_MAX_FRAGMENT + byte maxFragment = 0; +#endif +#ifdef HAVE_TRUNCATED_HMAC + byte truncatedHMAC = 0; +#endif + + +#ifdef HAVE_OCSP + int useOcsp = 0; + char* ocspUrl = NULL; +#endif int argc = ((func_args*)args)->argc; char** argv = ((func_args*)args)->argv; ((func_args*)args)->return_code = -1; /* error state */ - while ((ch = mygetopt(argc, argv, "?gdusmh:p:v:l:A:c:k:b:")) != -1) { +#ifdef NO_RSA + verifyCert = (char*)eccCert; + ourCert = (char*)cliEccCert; + ourKey = (char*)cliEccKey; +#endif + (void)resumeSz; + (void)session; + (void)sslResume; + (void)trackMemory; + (void)atomicUser; + (void)pkCallbacks; + + StackTrap(); + + while ((ch = mygetopt(argc, argv, + "?gdDusmNrtfxUPh:p:v:l:A:c:k:b:zS:L:ToO:")) != -1) { switch (ch) { case '?' : Usage(); @@ -148,26 +254,59 @@ void client_test(void* args) doPeerCheck = 0; break; + case 'D' : + overrideDateErrors = 1; + break; + case 'u' : doDTLS = 1; - version = -1; /* DTLS flag */ break; case 's' : usePsk = 1; break; + case 't' : + #ifdef USE_CYASSL_MEMORY + trackMemory = 1; + #endif + break; + case 'm' : matchName = 1; break; + case 'x' : + useClientCert = 0; + break; + + case 'f' : + fewerPackets = 1; + break; + + case 'U' : + #ifdef ATOMIC_USER + atomicUser = 1; + #endif + break; + + case 'P' : + #ifdef HAVE_PK_CALLBACKS + pkCallbacks = 1; + #endif + break; + case 'h' : host = myoptarg; domain = myoptarg; break; case 'p' : - port = atoi(myoptarg); + port = (word16)atoi(myoptarg); + #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API) + if (port == 0) + err_sys("port number cannot be 0"); + #endif break; case 'v' : @@ -176,8 +315,6 @@ void client_test(void* args) Usage(); exit(MY_EX_USAGE); } - if (doDTLS) - version = -1; /* DTLS flag */ break; case 'l' : @@ -204,21 +341,93 @@ void client_test(void* args) } break; + case 'N' : + nonBlocking = 1; + break; + + case 'r' : + resumeSession = 1; + break; + + case 'z' : + #ifndef CYASSL_LEANPSK + CyaSSL_GetObjectSize(); + #endif + break; + + case 'S' : + #ifdef HAVE_SNI + sniHostName = myoptarg; + #endif + break; + + case 'L' : + #ifdef HAVE_MAX_FRAGMENT + maxFragment = atoi(myoptarg); + if (maxFragment < CYASSL_MFL_2_9 || + maxFragment > CYASSL_MFL_2_13) { + Usage(); + exit(MY_EX_USAGE); + } + #endif + break; + + case 'T' : + #ifdef HAVE_TRUNCATED_HMAC + truncatedHMAC = 1; + #endif + break; + + case 'o' : + #ifdef HAVE_OCSP + useOcsp = 1; + #endif + break; + + case 'O' : + #ifdef HAVE_OCSP + useOcsp = 1; + ocspUrl = myoptarg; + #endif + break; + default: Usage(); exit(MY_EX_USAGE); } } - argc -= myoptind; - argv += myoptind; myoptind = 0; /* reset for test cases */ + /* sort out DTLS versus TLS versions */ + if (version == CLIENT_INVALID_VERSION) { + if (doDTLS) + version = CLIENT_DTLS_DEFAULT_VERSION; + else + version = CLIENT_DEFAULT_VERSION; + } + else { + if (doDTLS) { + if (version == 3) + version = -2; + else + version = -1; + } + } + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + InitMemoryTracker(); +#endif + switch (version) { +#ifndef NO_OLD_TLS case 0: method = CyaSSLv3_client_method(); break; - + + + #ifndef NO_TLS case 1: method = CyaTLSv1_client_method(); break; @@ -226,19 +435,29 @@ void client_test(void* args) case 2: method = CyaTLSv1_1_client_method(); break; - + #endif /* NO_TLS */ + +#endif /* NO_OLD_TLS */ + +#ifndef NO_TLS case 3: method = CyaTLSv1_2_client_method(); break; +#endif #ifdef CYASSL_DTLS case -1: method = CyaDTLSv1_client_method(); break; + + case -2: + method = CyaDTLSv1_2_client_method(); + break; #endif default: err_sys("Bad SSL version"); + break; } if (method == NULL) @@ -250,22 +469,59 @@ void client_test(void* args) if (cipherList) if (CyaSSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) - err_sys("can't set cipher list"); + err_sys("client can't set cipher list 1"); + +#ifdef CYASSL_LEANPSK + usePsk = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + usePsk = 1; +#endif + + if (fewerPackets) + CyaSSL_CTX_set_group_messages(ctx); + if (usePsk) { #ifndef NO_PSK - if (usePsk) CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + if (cipherList == NULL) { + const char *defaultCipherList; + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("client can't set cipher list 2"); + } #endif + useClientCert = 0; + } -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) - /* don't use EDH, can't sniff tmp keys */ - if (cipherList == NULL) - if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) - err_sys("can't set cipher list"); + if (cipherList == NULL) { + /* don't use EDH, can't sniff tmp keys */ + if (CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) { + err_sys("client can't set cipher list 3"); + } + } +#endif + +#ifdef HAVE_OCSP + if (useOcsp) { + if (ocspUrl != NULL) { + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); + } + else + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); + } #endif #ifdef USER_CA_CB @@ -275,22 +531,50 @@ void client_test(void* args) #ifdef VERIFY_CALLBACK CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myVerify); #endif +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + if (useClientCert){ + if (CyaSSL_CTX_use_certificate_chain_file(ctx, ourCert) != SSL_SUCCESS) + err_sys("can't load client cert file, check file and run from" + " CyaSSL home dir"); + + if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load client private key file, check file and run " + "from CyaSSL home dir"); + } - if (CyaSSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - err_sys("can't load client cert file, check file and run from" - " CyaSSL home dir"); - - if (CyaSSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - err_sys("can't load client cert file, check file and run from" - " CyaSSL home dir"); + if (!usePsk) { + if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS) + err_sys("can't load ca file, Please run from CyaSSL home dir"); + } +#endif +#if !defined(NO_CERTS) + if (!usePsk && doPeerCheck == 0) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + if (!usePsk && overrideDateErrors == 1) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, myDateCb); +#endif - if (CyaSSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS) - err_sys("can't load ca file, Please run from CyaSSL home dir"); +#ifdef HAVE_CAVIUM + CyaSSL_CTX_UseCavium(ctx, CAVIUM_DEV_ID); +#endif - if (doPeerCheck == 0) - CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); +#ifdef HAVE_SNI + if (sniHostName) + if (CyaSSL_CTX_UseSNI(ctx, 0, sniHostName, XSTRLEN(sniHostName)) + != SSL_SUCCESS) + err_sys("UseSNI failed"); +#endif +#ifdef HAVE_MAX_FRAGMENT + if (maxFragment) + if (CyaSSL_CTX_UseMaxFragment(ctx, maxFragment) != SSL_SUCCESS) + err_sys("UseMaxFragment failed"); +#endif +#ifdef HAVE_TRUNCATED_HMAC + if (truncatedHMAC) + if (CyaSSL_CTX_UseTruncatedHMAC(ctx) != SSL_SUCCESS) + err_sys("UseTruncatedHMAC failed"); +#endif if (benchmark) { /* time passed in number of connects give average */ @@ -301,6 +585,7 @@ void client_test(void* args) for (i = 0; i < times; i++) { tcp_connect(&sockfd, host, port, doDTLS); + ssl = CyaSSL_new(ctx); CyaSSL_set_fd(ssl, sockfd); if (CyaSSL_connect(ssl) != SSL_SUCCESS) @@ -320,11 +605,23 @@ void client_test(void* args) exit(EXIT_SUCCESS); } - - tcp_connect(&sockfd, host, port, doDTLS); + + #if defined(CYASSL_MDK_ARM) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + #endif + ssl = CyaSSL_new(ctx); if (ssl == NULL) err_sys("unable to get SSL object"); + if (doDTLS) { + SOCKADDR_IN_T addr; + build_addr(&addr, host, port, 1); + CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, host, port, 0); + } CyaSSL_set_fd(ssl, sockfd); #ifdef HAVE_CRL if (CyaSSL_EnableCRL(ssl, CYASSL_CRL_CHECKALL) != SSL_SUCCESS) @@ -333,44 +630,56 @@ void client_test(void* args) err_sys("can't load crl, check crlfile and date validity"); if (CyaSSL_SetCRL_Cb(ssl, CRL_CallBack) != SSL_SUCCESS) err_sys("can't set crl callback"); +#endif +#ifdef ATOMIC_USER + if (atomicUser) + SetupAtomicUser(ctx, ssl); +#endif +#ifdef HAVE_PK_CALLBACKS + if (pkCallbacks) + SetupPkCallbacks(ctx, ssl); #endif if (matchName && doPeerCheck) CyaSSL_check_domain_name(ssl, domain); -#ifdef NON_BLOCKING - tcp_set_nonblocking(&sockfd); - NonBlockingSSL_Connect(ssl); +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(ssl, 1); + tcp_set_nonblocking(&sockfd); + NonBlockingSSL_Connect(ssl); + } + else if (CyaSSL_connect(ssl) != SSL_SUCCESS) { + /* see note at top of README */ + int err = CyaSSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("err = %d, %s\n", err, + CyaSSL_ERR_error_string(err, buffer)); + err_sys("SSL_connect failed"); + /* if you're getting an error here */ + } #else - #ifndef CYASSL_CALLBACKS - if (CyaSSL_connect(ssl) != SSL_SUCCESS) {/* see note at top of README */ - int err = CyaSSL_get_error(ssl, 0); - char buffer[80]; - printf("err = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer)); - err_sys("SSL_connect failed");/* if you're getting an error here */ - } - #else - timeout.tv_sec = 2; - timeout.tv_usec = 0; - NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ - #endif + timeout.tv_sec = 2; + timeout.tv_usec = 0; + NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ #endif showPeer(ssl); - + if (sendGET) { printf("SSL connect ok, sending GET...\n"); msgSz = 28; strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz); + msg[msgSz] = '\0'; } if (CyaSSL_write(ssl, msg, msgSz) != msgSz) err_sys("SSL_write failed"); - input = CyaSSL_read(ssl, reply, sizeof(reply)); + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); if (input > 0) { reply[input] = 0; printf("Server response: %s\n", reply); if (sendGET) { /* get html */ while (1) { - input = CyaSSL_read(ssl, reply, sizeof(reply)); + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); if (input > 0) { reply[input] = 0; printf("%s\n", reply); @@ -380,64 +689,110 @@ void client_test(void* args) } } } - -#ifdef TEST_RESUME - if (doDTLS) { - strncpy(msg, "break", 6); - msgSz = (int)strlen(msg); - /* try to send session close */ - CyaSSL_write(ssl, msg, msgSz); + else if (input < 0) { + int readErr = CyaSSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) + err_sys("CyaSSL_read failed"); + } + +#ifndef NO_SESSION_CACHE + if (resumeSession) { + if (doDTLS) { + strncpy(msg, "break", 6); + msgSz = (int)strlen(msg); + /* try to send session close */ + CyaSSL_write(ssl, msg, msgSz); + } + session = CyaSSL_get_session(ssl); + sslResume = CyaSSL_new(ctx); } - session = CyaSSL_get_session(ssl); - sslResume = CyaSSL_new(ctx); #endif - CyaSSL_shutdown(ssl); + if (doDTLS == 0) /* don't send alert after "break" command */ + CyaSSL_shutdown(ssl); /* echoserver will interpret as new conn */ +#ifdef ATOMIC_USER + if (atomicUser) + FreeAtomicUser(ssl); +#endif CyaSSL_free(ssl); CloseSocket(sockfd); -#ifdef TEST_RESUME - if (doDTLS) { - #ifdef USE_WINDOWS_API - Sleep(500); - #else - sleep(1); - #endif - } - tcp_connect(&sockfd, host, port); - CyaSSL_set_fd(sslResume, sockfd); - CyaSSL_set_session(sslResume, session); - - showPeer(sslResume); - if (CyaSSL_connect(sslResume) != SSL_SUCCESS) err_sys("SSL resume failed"); - -#ifdef OPENSSL_EXTRA - if (CyaSSL_session_reused(sslResume)) - printf("reused session id\n"); - else - printf("didn't reuse session id!!!\n"); +#ifndef NO_SESSION_CACHE + if (resumeSession) { + if (doDTLS) { + SOCKADDR_IN_T addr; + #ifdef USE_WINDOWS_API + Sleep(500); + #else + sleep(1); + #endif + build_addr(&addr, host, port, 1); + CyaSSL_dtls_set_peer(sslResume, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, host, port, 0); + } + CyaSSL_set_fd(sslResume, sockfd); + CyaSSL_set_session(sslResume, session); + + showPeer(sslResume); +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(sslResume, 1); + tcp_set_nonblocking(&sockfd); + NonBlockingSSL_Connect(sslResume); + } + else if (CyaSSL_connect(sslResume) != SSL_SUCCESS) + err_sys("SSL resume failed"); +#else + timeout.tv_sec = 2; + timeout.tv_usec = 0; + NonBlockingSSL_Connect(ssl); /* will keep retrying on timeout */ #endif - - if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz) - err_sys("SSL_write failed"); - input = CyaSSL_read(sslResume, reply, sizeof(reply)); - if (input > 0) { - reply[input] = 0; - printf("Server resume response: %s\n", reply); - } + if (CyaSSL_session_reused(sslResume)) + printf("reused session id\n"); + else + printf("didn't reuse session id!!!\n"); + + if (CyaSSL_write(sslResume, resumeMsg, resumeSz) != resumeSz) + err_sys("SSL_write failed"); + + if (nonBlocking) { + /* give server a chance to bounce a message back to client */ + #ifdef USE_WINDOWS_API + Sleep(500); + #else + sleep(1); + #endif + } - /* try to send session break */ - CyaSSL_write(sslResume, msg, msgSz); + input = CyaSSL_read(sslResume, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("Server resume response: %s\n", reply); + } - CyaSSL_shutdown(sslResume); - CyaSSL_free(sslResume); -#endif /* TEST_RESUME */ + /* try to send session break */ + CyaSSL_write(sslResume, msg, msgSz); + + CyaSSL_shutdown(sslResume); + CyaSSL_free(sslResume); + CloseSocket(sockfd); + } +#endif /* NO_SESSION_CACHE */ CyaSSL_CTX_free(ctx); - CloseSocket(sockfd); ((func_args*)args)->return_code = 0; + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + ShowMemoryTracker(); +#endif /* USE_CYASSL_MEMORY */ + + return 0; } @@ -448,21 +803,36 @@ void client_test(void* args) { func_args args; +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + StartTCP(); args.argc = argc; args.argv = argv; CyaSSL_Init(); -#ifdef DEBUG_CYASSL +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) && !defined(STACK_TRAP) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("client") || CurrentDir("build")) + if (CurrentDir("client")) ChangeDirBack(2); - + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); + +#ifdef HAVE_STACK_SIZE + StackSizeCheck(&args, client_test); +#else client_test(&args); +#endif CyaSSL_Cleanup(); +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif return args.return_code; } @@ -477,17 +847,16 @@ void client_test(void* args) int handShakeCB(HandShakeInfo* info) { - + (void)info; return 0; } int timeoutCB(TimeoutInfo* info) { - + (void)info; return 0; } #endif - diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.h b/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.h new file mode 100644 index 000000000..61f0e8cc1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.h @@ -0,0 +1,25 @@ +/* client.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#pragma once + +THREAD_RETURN CYASSL_THREAD client_test(void* args); + diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.vcxproj b/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.vcxproj new file mode 100644 index 000000000..75f0f16bb --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/client/client.vcxproj @@ -0,0 +1,175 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + {3ADE9549-582D-4D8E-9826-B172197A7959} + client + Win32Proj + + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + + + Application + v110 + Unicode + + + + + + + + + + + + + + + + + + + <_ProjectFileVersion>11.0.61030.0 + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + true + + + true + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + false + + + false + + + + Disabled + ../../;%(AdditionalIncludeDirectories) + WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + true + EnableFastChecks + MultiThreadedDebugDLL + + Level3 + EditAndContinue + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + MachineX86 + + + + + Disabled + ../../;%(AdditionalIncludeDirectories) + WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + EnableFastChecks + MultiThreadedDebugDLL + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + + + + + MaxSpeed + true + ../../;%(AdditionalIncludeDirectories) + WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + MachineX86 + + + + + MaxSpeed + true + ../../;%(AdditionalIncludeDirectories) + WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + + + + + + + + {73973223-5ee8-41ca-8e88-1d60e89a237b} + false + + + + + + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/client/include.am b/FreeRTOS-Plus/Source/CyaSSL/examples/client/include.am index 0b900c221..8b81e2c47 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/examples/client/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/client/include.am @@ -1,12 +1,17 @@ # vim:ft=automake # All paths should be given relative to the root +if BUILD_EXAMPLES noinst_PROGRAMS += examples/client/client +noinst_HEADERS += examples/client/client.h examples_client_client_SOURCES = examples/client/client.c examples_client_client_LDADD = src/libcyassl.la examples_client_client_DEPENDENCIES = src/libcyassl.la +endif EXTRA_DIST += examples/client/client.sln EXTRA_DIST += examples/client/client-ntru.vcproj EXTRA_DIST += examples/client/client.vcproj +EXTRA_DIST += examples/client/client.vcxproj -example_DATA+= examples/client/client.c +dist_example_DATA+= examples/client/client.c +DISTCLEANFILES+= examples/client/.libs/client diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.c b/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.c index d93ca3fe2..24a02febc 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.c +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.c @@ -1,6 +1,6 @@ /* echoclient.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,42 +16,66 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #include + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + #include +#include "examples/echoclient/echoclient.h" void echoclient_test(void* args) { SOCKET_T sockfd = 0; - FILE* fin = stdin; + FILE* fin = stdin ; FILE* fout = stdout; int inCreated = 0; int outCreated = 0; - char send[1024]; - char reply[1024]; + char msg[1024]; + char reply[1024+1]; SSL_METHOD* method = 0; SSL_CTX* ctx = 0; SSL* ssl = 0; int doDTLS = 0; + int doPSK = 0; int sendSz; int argc = 0; char** argv = 0; + word16 port = yasslPort; ((func_args*)args)->return_code = -1; /* error state */ + +#ifndef CYASSL_MDK_SHELL argc = ((func_args*)args)->argc; argv = ((func_args*)args)->argv; +#endif if (argc >= 2) { fin = fopen(argv[1], "r"); @@ -69,7 +93,17 @@ void echoclient_test(void* args) doDTLS = 1; #endif - tcp_connect(&sockfd, yasslIP, yasslPort, doDTLS); +#ifdef CYASSL_LEANPSK + doPSK = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + doPSK = 1; +#endif + +#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_SHELL) + port = ((func_args*)args)->signal->port; +#endif #if defined(CYASSL_DTLS) method = DTLSv1_client_method(); @@ -81,67 +115,115 @@ void echoclient_test(void* args) ctx = SSL_CTX_new(method); #ifndef NO_FILESYSTEM + #ifndef NO_RSA if (SSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) err_sys("can't load ca file, Please run from CyaSSL home dir"); + #endif #ifdef HAVE_ECC if (SSL_CTX_load_verify_locations(ctx, eccCert, 0) != SSL_SUCCESS) err_sys("can't load ca file, Please run from CyaSSL home dir"); #endif -#else - load_buffer(ctx, caCert, CYASSL_CA); +#elif !defined(NO_CERTS) + if (!doPSK) + load_buffer(ctx, caCert, CYASSL_CA); #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) /* don't use EDH, can't sniff tmp keys */ SSL_CTX_set_cipher_list(ctx, "AES256-SHA"); #endif + if (doPSK) { +#ifndef NO_PSK + const char *defaultCipherList; + + CyaSSL_CTX_set_psk_client_callback(ctx, my_psk_client_cb); + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx,defaultCipherList) !=SSL_SUCCESS) + err_sys("client can't set cipher list 2"); +#endif + } -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif + + #if defined(CYASSL_MDK_ARM) + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, 0); + #endif + ssl = SSL_new(ctx); + + if (doDTLS) { + SOCKADDR_IN_T addr; + build_addr(&addr, yasslIP, port, 1); + CyaSSL_dtls_set_peer(ssl, &addr, sizeof(addr)); + tcp_socket(&sockfd, 1); + } + else { + tcp_connect(&sockfd, yasslIP, port, 0); + } + SSL_set_fd(ssl, sockfd); #if defined(USE_WINDOWS_API) && defined(CYASSL_DTLS) && defined(NO_MAIN_DRIVER) /* let echoserver bind first, TODO: add Windows signal like pthreads does */ Sleep(100); #endif - if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); - while (fgets(send, sizeof(send), fin)) { + if (SSL_connect(ssl) != SSL_SUCCESS) err_sys("SSL_connect failed"); - sendSz = (int)strlen(send); + while (fgets(msg, sizeof(msg), fin) != 0) { + + sendSz = (int)strlen(msg); - if (SSL_write(ssl, send, sendSz) != sendSz) + if (SSL_write(ssl, msg, sendSz) != sendSz) err_sys("SSL_write failed"); - if (strncmp(send, "quit", 4) == 0) { + if (strncmp(msg, "quit", 4) == 0) { fputs("sending server shutdown command: quit!\n", fout); break; } - if (strncmp(send, "break", 5) == 0) { + if (strncmp(msg, "break", 5) == 0) { fputs("sending server session close: break!\n", fout); break; } + #ifndef CYASSL_MDK_SHELL while (sendSz) { int got; - if ( (got = SSL_read(ssl, reply, sizeof(reply))) > 0) { + if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { reply[got] = 0; fputs(reply, fout); + fflush(fout) ; sendSz -= got; } else break; } + #else + { + int got; + if ( (got = SSL_read(ssl, reply, sizeof(reply)-1)) > 0) { + reply[got] = 0; + fputs(reply, fout); + fflush(fout) ; + sendSz -= got; + } + } + #endif } + #ifdef CYASSL_DTLS - strncpy(send, "break", 6); - sendSz = (int)strlen(send); + strncpy(msg, "break", 6); + sendSz = (int)strlen(msg); /* try to tell server done */ - SSL_write(ssl, send, sendSz); + SSL_write(ssl, msg, sendSz); #else SSL_shutdown(ssl); #endif @@ -165,27 +247,36 @@ void echoclient_test(void* args) { func_args args; +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + StartTCP(); args.argc = argc; args.argv = argv; CyaSSL_Init(); -#ifdef DEBUG_CYASSL +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("echoclient") || CurrentDir("build")) + + if (CurrentDir("echoclient")) ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); echoclient_test(&args); + CyaSSL_Cleanup(); +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif return args.return_code; } - - int myoptind = 0; - char* myoptarg = NULL; - + #endif /* NO_MAIN_DRIVER */ - diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.h b/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.h new file mode 100644 index 000000000..ad60ad40e --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.h @@ -0,0 +1,23 @@ +/* echoclient.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#pragma once +void echoclient_test(void* args); diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.vcxproj b/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.vcxproj new file mode 100644 index 000000000..273c5714d --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/echoclient.vcxproj @@ -0,0 +1,175 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + {8362A816-C5DC-4E22-B5C5-9E6806387073} + echoclient + Win32Proj + + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + + + Application + v110 + Unicode + + + + + + + + + + + + + + + + + + + <_ProjectFileVersion>11.0.61030.0 + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + true + + + true + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + false + + + false + + + + Disabled + ../../;%(AdditionalIncludeDirectories) + WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + true + EnableFastChecks + MultiThreadedDebugDLL + + Level3 + EditAndContinue + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + MachineX86 + + + + + Disabled + ../../;%(AdditionalIncludeDirectories) + WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + EnableFastChecks + MultiThreadedDebugDLL + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + + + + + MaxSpeed + true + ../../;%(AdditionalIncludeDirectories) + WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + MachineX86 + + + + + MaxSpeed + true + ../../;%(AdditionalIncludeDirectories) + WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + + + + + + + + {73973223-5ee8-41ca-8e88-1d60e89a237b} + false + + + + + + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/include.am b/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/include.am index 8f09c24d3..210429009 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/echoclient/include.am @@ -3,12 +3,18 @@ # All paths should be given relative to the root +if BUILD_EXAMPLES noinst_PROGRAMS += examples/echoclient/echoclient +noinst_HEADERS += examples/echoclient/echoclient.h examples_echoclient_echoclient_SOURCES = examples/echoclient/echoclient.c examples_echoclient_echoclient_LDADD = src/libcyassl.la examples_echoclient_echoclient_DEPENDENCIES = src/libcyassl.la +endif EXTRA_DIST += examples/echoclient/echoclient.sln EXTRA_DIST += examples/echoclient/echoclient-ntru.vcproj EXTRA_DIST += examples/echoclient/echoclient.vcproj +EXTRA_DIST += examples/echoclient/echoclient.vcxproj + +dist_example_DATA+= examples/echoclient/echoclient.c +DISTCLEANFILES+= examples/echoclient/.libs/echoclient -example_DATA+= examples/echoclient/echoclient.c diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.c b/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.c index 3bf51bc9f..214284eb8 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.c +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.c @@ -1,6 +1,6 @@ /* echoserver.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,13 +16,30 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif + #include #include @@ -30,23 +47,29 @@ #define ECHO_OUT #endif +#include "examples/echoserver/echoserver.h" + #ifdef SESSION_STATS CYASSL_API void PrintSessionStats(void); #endif +#define SVR_COMMAND_SIZE 256 -static void SignalReady(void* args) +static void SignalReady(void* args, word16 port) { -#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) +#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__) /* signal ready to tcp_accept */ func_args* server_args = (func_args*)args; tcp_ready* ready = server_args->signal; pthread_mutex_lock(&ready->mutex); ready->ready = 1; + ready->port = port; pthread_cond_signal(&ready->cond); pthread_mutex_unlock(&ready->mutex); #endif + (void)args; + (void)port; } @@ -57,9 +80,11 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) CYASSL_CTX* ctx = 0; int doDTLS = 0; + int doPSK = 0; int outCreated = 0; - int shutdown = 0; + int shutDown = 0; int useAnyAddr = 0; + word16 port = yasslPort; int argc = ((func_args*)args)->argc; char** argv = ((func_args*)args)->argv; @@ -71,6 +96,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) } if (!fout) err_sys("can't open output file"); #endif + (void)outCreated; + (void)argc; + (void)argv; ((func_args*)args)->return_code = -1; /* error state */ @@ -78,7 +106,22 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) doDTLS = 1; #endif - tcp_listen(&sockfd, yasslPort, useAnyAddr, doDTLS); +#ifdef CYASSL_LEANPSK + doPSK = 1; +#endif + +#if defined(NO_RSA) && !defined(HAVE_ECC) + doPSK = 1; +#endif + + #if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \ + !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL) + port = 0; + #endif + #if defined(USE_ANY_ADDR) + useAnyAddr = 1; + #endif + tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); #if defined(CYASSL_DTLS) method = CyaDTLSv1_server_method(); @@ -90,11 +133,12 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) ctx = CyaSSL_CTX_new(method); /* CyaSSL_CTX_set_session_cache_mode(ctx, SSL_SESS_CACHE_OFF); */ -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif #ifndef NO_FILESYSTEM + if (doPSK == 0) { #ifdef HAVE_NTRU /* ntru */ if (CyaSSL_CTX_use_certificate_file(ctx, ntruCert, SSL_FILETYPE_PEM) @@ -106,7 +150,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) != SSL_SUCCESS) err_sys("can't load ntru key file, " "Please run from CyaSSL home dir"); - #elif HAVE_ECC + #elif defined(HAVE_ECC) /* ecc */ if (CyaSSL_CTX_use_certificate_file(ctx, eccCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) @@ -117,6 +161,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) != SSL_SUCCESS) err_sys("can't load server key file, " "Please run from CyaSSL home dir"); + #elif defined(NO_CERTS) + /* do nothing, just don't load cert files */ #else /* normal */ if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) @@ -129,9 +175,12 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) err_sys("can't load server key file, " "Please run from CyaSSL home dir"); #endif -#else - load_buffer(ctx, svrCert, CYASSL_CERT); - load_buffer(ctx, svrKey, CYASSL_KEY); + } /* doPSK */ +#elif !defined(NO_CERTS) + if (!doPSK) { + load_buffer(ctx, svrCert, CYASSL_CERT); + load_buffer(ctx, svrKey, CYASSL_KEY); + } #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) @@ -139,11 +188,27 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) CyaSSL_CTX_set_cipher_list(ctx, "AES256-SHA"); #endif - SignalReady(args); + if (doPSK) { +#ifndef NO_PSK + const char *defaultCipherList; + + CyaSSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); + CyaSSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (CyaSSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) + err_sys("server can't set cipher list 2"); +#endif + } - while (!shutdown) { + SignalReady(args, port); + + while (!shutDown) { CYASSL* ssl = 0; - char command[1024]; + char command[SVR_COMMAND_SIZE+1]; int echoSz = 0; int clientfd; int firstRead = 1; @@ -162,9 +227,9 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) ssl = CyaSSL_new(ctx); if (ssl == NULL) err_sys("SSL_new failed"); CyaSSL_set_fd(ssl, clientfd); - #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) + #if !defined(NO_FILESYSTEM) && !defined(NO_DH) CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); - #else + #elif !defined(NO_DH) SetDH(ssl); /* will repick suites with DHE, higher than PSK */ #endif if (CyaSSL_accept(ssl) != SSL_SUCCESS) { @@ -177,7 +242,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) showPeer(ssl); #endif - while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command))) > 0) { + while ( (echoSz = CyaSSL_read(ssl, command, sizeof(command)-1)) > 0) { if (firstRead == 1) { firstRead = 0; /* browser may send 1 byte 'G' to start */ @@ -193,7 +258,7 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) if ( strncmp(command, "quit", 4) == 0) { printf("client sent quit command: shutting down!\n"); - shutdown = 1; + shutDown = 1; break; } if ( strncmp(command, "break", 5) == 0) { @@ -217,11 +282,11 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) echoSz = sizeof(type) - 1; strncpy(&command[echoSz], header, sizeof(header)); - echoSz += sizeof(header) - 1; + echoSz += (int)sizeof(header) - 1; strncpy(&command[echoSz], body, sizeof(body)); - echoSz += sizeof(body) - 1; + echoSz += (int)sizeof(body) - 1; strncpy(&command[echoSz], footer, sizeof(footer)); - echoSz += sizeof(footer); + echoSz += (int)sizeof(footer); if (CyaSSL_write(ssl, command, echoSz) != echoSz) err_sys("SSL_write failed"); @@ -242,8 +307,8 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) CyaSSL_free(ssl); CloseSocket(clientfd); #ifdef CYASSL_DTLS - tcp_listen(&sockfd, yasslPort, useAnyAddr, doDTLS); - SignalReady(args); + tcp_listen(&sockfd, &port, useAnyAddr, doDTLS); + SignalReady(args, port); #endif } @@ -267,27 +332,37 @@ THREAD_RETURN CYASSL_THREAD echoserver_test(void* args) { func_args args; +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + StartTCP(); args.argc = argc; args.argv = argv; CyaSSL_Init(); -#ifdef DEBUG_CYASSL +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("echoserver") || CurrentDir("build")) + if (CurrentDir("echoserver")) ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); echoserver_test(&args); CyaSSL_Cleanup(); +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif return args.return_code; } - int myoptind = 0; - char* myoptarg = NULL; - + #endif /* NO_MAIN_DRIVER */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.h b/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.h new file mode 100644 index 000000000..2e229ac0f --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.h @@ -0,0 +1,24 @@ +/* echoserver.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#pragma once + +THREAD_RETURN CYASSL_THREAD echoserver_test(void* args); diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.vcxproj b/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.vcxproj new file mode 100644 index 000000000..7df166512 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/echoserver.vcxproj @@ -0,0 +1,175 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + {07D97C48-E08F-4E34-9F67-3064039FF2CB} + echoserver + Win32Proj + + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + + + Application + v110 + Unicode + + + + + + + + + + + + + + + + + + + <_ProjectFileVersion>11.0.61030.0 + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + true + + + true + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + false + + + false + + + + Disabled + ../../;%(AdditionalIncludeDirectories) + USE_ANY_ADDR;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + true + EnableFastChecks + MultiThreadedDebugDLL + + Level3 + EditAndContinue + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + MachineX86 + + + + + Disabled + ../../;%(AdditionalIncludeDirectories) + USE_ANY_ADDR;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + EnableFastChecks + MultiThreadedDebugDLL + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + + + + + MaxSpeed + true + ../../;%(AdditionalIncludeDirectories) + USE_ANY_ADDR;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + MachineX86 + + + + + MaxSpeed + true + ../../;%(AdditionalIncludeDirectories) + USE_ANY_ADDR;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + + + + + + + + {73973223-5ee8-41ca-8e88-1d60e89a237b} + false + + + + + + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/include.am b/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/include.am index c998c56ef..d0080fd0c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/echoserver/include.am @@ -3,12 +3,17 @@ # All paths should be given relative to the root +if BUILD_EXAMPLES noinst_PROGRAMS += examples/echoserver/echoserver +noinst_HEADERS += examples/echoserver/echoserver.h examples_echoserver_echoserver_SOURCES = examples/echoserver/echoserver.c examples_echoserver_echoserver_LDADD = src/libcyassl.la examples_echoserver_echoserver_DEPENDENCIES = src/libcyassl.la +endif EXTRA_DIST += examples/echoserver/echoserver.sln EXTRA_DIST += examples/echoserver/echoserver-ntru.vcproj EXTRA_DIST += examples/echoserver/echoserver.vcproj +EXTRA_DIST += examples/echoserver/echoserver.vcxproj -example_DATA+= examples/echoserver/echoserver.c +dist_example_DATA+= examples/echoserver/echoserver.c +DISTCLEANFILES+= examples/echoserver/.libs/echoserver diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/server/include.am b/FreeRTOS-Plus/Source/CyaSSL/examples/server/include.am index fab37fd0f..181ef05cf 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/examples/server/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/server/include.am @@ -3,12 +3,18 @@ # All paths should be given relative to the root +if BUILD_EXAMPLES noinst_PROGRAMS += examples/server/server +noinst_HEADERS += examples/server/server.h examples_server_server_SOURCES = examples/server/server.c examples_server_server_LDADD = src/libcyassl.la examples_server_server_DEPENDENCIES = src/libcyassl.la +endif EXTRA_DIST += examples/server/server.sln EXTRA_DIST += examples/server/server-ntru.vcproj EXTRA_DIST += examples/server/server.vcproj +EXTRA_DIST += examples/server/server.vcxproj + +dist_example_DATA+= examples/server/server.c +DISTCLEANFILES+= examples/server/.libs/server -example_DATA+= examples/server/server.c diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.c b/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.c index a33a4efb9..43a5ad7fb 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.c +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.c @@ -1,6 +1,6 @@ /* server.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,16 +16,39 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + +#if !defined(CYASSL_TRACK_MEMORY) && !defined(NO_MAIN_DRIVER) + /* in case memory tracker wants stats */ + #define CYASSL_TRACK_MEMORY +#endif + +#if defined(CYASSL_MDK_ARM) + #include + #include + + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include "rtl.h" + #endif + + #include "cyassl_MDK_ARM.h" +#endif #include #include +#include "examples/server/server.h" + #ifdef CYASSL_CALLBACKS int srvHandShakeCB(HandShakeInfo*); @@ -33,34 +56,57 @@ Timeval srvTo; #endif -#if defined(NON_BLOCKING) || defined(CYASSL_CALLBACKS) - void NonBlockingSSL_Accept(SSL* ssl) - { - #ifndef CYASSL_CALLBACKS - int ret = SSL_accept(ssl); - #else - int ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo); - #endif - int error = SSL_get_error(ssl, 0); - while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || - error == SSL_ERROR_WANT_WRITE)) { - printf("... server would block\n"); - #ifdef USE_WINDOWS_API - Sleep(1000); - #else - sleep(1); - #endif +static void NonBlockingSSL_Accept(SSL* ssl) +{ +#ifndef CYASSL_CALLBACKS + int ret = SSL_accept(ssl); +#else + int ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB, srvTo); +#endif + int error = SSL_get_error(ssl, 0); + SOCKET_T sockfd = (SOCKET_T)CyaSSL_get_fd(ssl); + int select_ret; + + while (ret != SSL_SUCCESS && (error == SSL_ERROR_WANT_READ || + error == SSL_ERROR_WANT_WRITE)) { + int currTimeout = 1; + + if (error == SSL_ERROR_WANT_READ) + printf("... server would read block\n"); + else + printf("... server would write block\n"); + +#ifdef CYASSL_DTLS + currTimeout = CyaSSL_dtls_get_current_timeout(ssl); +#endif + select_ret = tcp_select(sockfd, currTimeout); + + if ((select_ret == TEST_RECV_READY) || + (select_ret == TEST_ERROR_READY)) { #ifndef CYASSL_CALLBACKS ret = SSL_accept(ssl); #else - ret = CyaSSL_accept_ex(ssl, srvHandShakeCB, srvTimeoutCB,srvTo); + ret = CyaSSL_accept_ex(ssl, + srvHandShakeCB, srvTimeoutCB, srvTo); #endif error = SSL_get_error(ssl, 0); } - if (ret != SSL_SUCCESS) - err_sys("SSL_accept failed"); - } + else if (select_ret == TEST_TIMEOUT && !CyaSSL_dtls(ssl)) { + error = SSL_ERROR_WANT_READ; + } +#ifdef CYASSL_DTLS + else if (select_ret == TEST_TIMEOUT && CyaSSL_dtls(ssl) && + CyaSSL_dtls_got_timeout(ssl) >= 0) { + error = SSL_ERROR_WANT_READ; + } #endif + else { + error = SSL_FATAL_ERROR; + } + } + if (ret != SSL_SUCCESS) + err_sys("SSL_accept failed"); +} static void Usage(void) @@ -68,7 +114,7 @@ static void Usage(void) printf("server " LIBCYASSL_VERSION_STRING " NOTE: All files relative to CyaSSL home dir\n"); printf("-? Help, print this usage\n"); - printf("-p Port to listen on, default %d\n", yasslPort); + printf("-p Port to listen on, not 0, default %d\n", yasslPort); printf("-v SSL version [0-3], SSLv3(0) - TLS1.2(3)), default %d\n", SERVER_DEFAULT_VERSION); printf("-l Cipher list\n"); @@ -78,40 +124,72 @@ static void Usage(void) printf("-d Disable client cert check\n"); printf("-b Bind to any interface instead of localhost only\n"); printf("-s Use pre Shared keys\n"); - printf("-u Use UDP DTLS\n"); + printf("-t Track CyaSSL memory use\n"); + printf("-u Use UDP DTLS," + " add -v 2 for DTLSv1 (default), -v 3 for DTLSv1.2\n"); + printf("-f Fewer packets/group messages\n"); + printf("-N Use Non-blocking sockets\n"); + printf("-S Use Host Name Indication\n"); +#ifdef HAVE_OCSP + printf("-o Perform OCSP lookup on peer certificate\n"); + printf("-O Perform OCSP lookup using as responder\n"); +#endif +#ifdef HAVE_PK_CALLBACKS + printf("-P Public Key Callbacks\n"); +#endif } - THREAD_RETURN CYASSL_THREAD server_test(void* args) { SOCKET_T sockfd = 0; - int clientfd = 0; + SOCKET_T clientfd = 0; SSL_METHOD* method = 0; SSL_CTX* ctx = 0; SSL* ssl = 0; char msg[] = "I hear you fa shizzle!"; - char input[1024]; + char input[80]; int idx; int ch; int version = SERVER_DEFAULT_VERSION; int doCliCertCheck = 1; int useAnyAddr = 0; - int port = yasslPort; + word16 port = yasslPort; int usePsk = 0; int doDTLS = 0; - int useNtruKey = 0; + int useNtruKey = 0; + int nonBlocking = 0; + int trackMemory = 0; + int fewerPackets = 0; + int pkCallbacks = 0; char* cipherList = NULL; - char* verifyCert = (char*)cliCert; - char* ourCert = (char*)svrCert; - char* ourKey = (char*)svrKey; + const char* verifyCert = cliCert; + const char* ourCert = svrCert; + const char* ourKey = svrKey; int argc = ((func_args*)args)->argc; char** argv = ((func_args*)args)->argv; +#ifdef HAVE_SNI + char* sniHostName = NULL; +#endif + +#ifdef HAVE_OCSP + int useOcsp = 0; + char* ocspUrl = NULL; +#endif + ((func_args*)args)->return_code = -1; /* error state */ - while ((ch = mygetopt(argc, argv, "?dbsnup:v:l:A:c:k:")) != -1) { +#ifdef NO_RSA + verifyCert = (char*)cliEccCert; + ourCert = (char*)eccCert; + ourKey = (char*)eccKey; +#endif + (void)trackMemory; + (void)pkCallbacks; + + while ((ch = mygetopt(argc, argv, "?dbstnNufPp:v:l:A:c:k:S:oO:")) != -1) { switch (ch) { case '?' : Usage(); @@ -129,17 +207,36 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) usePsk = 1; break; + case 't' : + #ifdef USE_CYASSL_MEMORY + trackMemory = 1; + #endif + break; + case 'n' : useNtruKey = 1; break; case 'u' : doDTLS = 1; - version = -1; /* DTLS flag */ + break; + + case 'f' : + fewerPackets = 1; + break; + + case 'P' : + #ifdef HAVE_PK_CALLBACKS + pkCallbacks = 1; + #endif break; case 'p' : - port = atoi(myoptarg); + port = (word16)atoi(myoptarg); + #if !defined(NO_MAIN_DRIVER) || defined(USE_WINDOWS_API) + if (port == 0) + err_sys("port number cannot be 0"); + #endif break; case 'v' : @@ -148,8 +245,6 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) Usage(); exit(MY_EX_USAGE); } - if (doDTLS) - version = -1; /* stay with DTLS */ break; case 'l' : @@ -168,37 +263,91 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) ourKey = myoptarg; break; + case 'N': + nonBlocking = 1; + break; + + case 'S' : + #ifdef HAVE_SNI + sniHostName = myoptarg; + #endif + break; + + case 'o' : + #ifdef HAVE_OCSP + useOcsp = 1; + #endif + break; + + case 'O' : + #ifdef HAVE_OCSP + useOcsp = 1; + ocspUrl = myoptarg; + #endif + break; + default: Usage(); exit(MY_EX_USAGE); } } - argc -= myoptind; - argv += myoptind; myoptind = 0; /* reset for test cases */ + /* sort out DTLS versus TLS versions */ + if (version == CLIENT_INVALID_VERSION) { + if (doDTLS) + version = CLIENT_DTLS_DEFAULT_VERSION; + else + version = CLIENT_DEFAULT_VERSION; + } + else { + if (doDTLS) { + if (version == 3) + version = -2; + else + version = -1; + } + } + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + InitMemoryTracker(); +#endif + switch (version) { +#ifndef NO_OLD_TLS case 0: method = SSLv3_server_method(); break; + #ifndef NO_TLS case 1: method = TLSv1_server_method(); break; + case 2: method = TLSv1_1_server_method(); break; + #endif +#endif + +#ifndef NO_TLS case 3: method = TLSv1_2_server_method(); break; - +#endif + #ifdef CYASSL_DTLS case -1: method = DTLSv1_server_method(); break; + + case -2: + method = DTLSv1_2_server_method(); + break; #endif default: @@ -214,13 +363,31 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) if (cipherList) if (SSL_CTX_set_cipher_list(ctx, cipherList) != SSL_SUCCESS) - err_sys("can't set cipher list"); + err_sys("server can't set cipher list 1"); - if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) - != SSL_SUCCESS) - err_sys("can't load server cert file, check file and run from" - " CyaSSL home dir"); +#ifdef CYASSL_LEANPSK + usePsk = 1; +#endif +#if defined(NO_RSA) && !defined(HAVE_ECC) + usePsk = 1; +#endif + + if (fewerPackets) + CyaSSL_CTX_set_group_messages(ctx); + +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + if (!usePsk) { + if (SSL_CTX_use_certificate_file(ctx, ourCert, SSL_FILETYPE_PEM) + != SSL_SUCCESS) + err_sys("can't load server cert file, check file and run from" + " CyaSSL home dir"); + } +#endif #ifdef HAVE_NTRU if (useNtruKey) { @@ -231,23 +398,33 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) } #endif - if (!useNtruKey) { +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + if (!useNtruKey && !usePsk) { if (SSL_CTX_use_PrivateKey_file(ctx, ourKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) - err_sys("can't load server cert file, check file and run from" - " CyaSSL home dir"); + err_sys("can't load server private key file, check file and run " + "from CyaSSL home dir"); } +#endif -#ifndef NO_PSK if (usePsk) { +#ifndef NO_PSK SSL_CTX_set_psk_server_callback(ctx, my_psk_server_cb); SSL_CTX_use_psk_identity_hint(ctx, "cyassl server"); - if (cipherList == NULL) - if (SSL_CTX_set_cipher_list(ctx,"PSK-AES256-CBC-SHA") !=SSL_SUCCESS) - err_sys("can't set cipher list"); - } + if (cipherList == NULL) { + const char *defaultCipherList; + #ifdef HAVE_NULL_CIPHER + defaultCipherList = "PSK-NULL-SHA256"; + #else + defaultCipherList = "PSK-AES128-CBC-SHA256"; + #endif + if (SSL_CTX_set_cipher_list(ctx, defaultCipherList) != SSL_SUCCESS) + err_sys("server can't set cipher list 2"); + } #endif + } +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) /* if not using PSK, verify peer with certs */ if (doCliCertCheck && usePsk == 0) { SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | @@ -255,15 +432,21 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) if (SSL_CTX_load_verify_locations(ctx, verifyCert, 0) != SSL_SUCCESS) err_sys("can't load ca file, Please run from CyaSSL home dir"); } - -#ifdef OPENSSL_EXTRA - SSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); #endif #if defined(CYASSL_SNIFFER) && !defined(HAVE_NTRU) && !defined(HAVE_ECC) /* don't use EDH, can't sniff tmp keys */ - if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA") != SSL_SUCCESS) - err_sys("can't set cipher list"); + if (cipherList == NULL) { + if (SSL_CTX_set_cipher_list(ctx, "AES256-SHA256") != SSL_SUCCESS) + err_sys("server can't set cipher list 3"); + } +#endif + +#ifdef HAVE_SNI + if (sniHostName) + if (CyaSSL_CTX_UseSNI(ctx, CYASSL_SNI_HOST_NAME, sniHostName, + XSTRLEN(sniHostName)) != SSL_SUCCESS) + err_sys("UseSNI failed"); #endif ssl = SSL_new(ctx); @@ -276,44 +459,69 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) CYASSL_CRL_START_MON); CyaSSL_SetCRL_Cb(ssl, CRL_CallBack); #endif +#ifdef HAVE_OCSP + if (useOcsp) { + if (ocspUrl != NULL) { + CyaSSL_CTX_SetOCSP_OverrideURL(ctx, ocspUrl); + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE + | CYASSL_OCSP_URL_OVERRIDE); + } + else + CyaSSL_CTX_EnableOCSP(ctx, CYASSL_OCSP_NO_NONCE); + } +#endif +#ifdef HAVE_PK_CALLBACKS + if (pkCallbacks) + SetupPkCallbacks(ctx, ssl); +#endif + tcp_accept(&sockfd, &clientfd, (func_args*)args, port, useAnyAddr, doDTLS); if (!doDTLS) CloseSocket(sockfd); SSL_set_fd(ssl, clientfd); -#ifdef NO_PSK - #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) - CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); - #else - SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */ - #endif -#endif + if (usePsk == 0 || cipherList != NULL) { + #if !defined(NO_FILESYSTEM) && !defined(NO_DH) + CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); + #elif !defined(NO_DH) + SetDH(ssl); /* repick suites with DHE, higher priority than PSK */ + #endif + } -#ifdef NON_BLOCKING - tcp_set_nonblocking(&clientfd); - NonBlockingSSL_Accept(ssl); -#else - #ifndef CYASSL_CALLBACKS - if (SSL_accept(ssl) != SSL_SUCCESS) { - int err = SSL_get_error(ssl, 0); - char buffer[80]; - printf("error = %d, %s\n", err, ERR_error_string(err, buffer)); - err_sys("SSL_accept failed"); - } - #else +#ifndef CYASSL_CALLBACKS + if (nonBlocking) { + CyaSSL_set_using_nonblock(ssl, 1); + tcp_set_nonblocking(&clientfd); NonBlockingSSL_Accept(ssl); - #endif + } else if (SSL_accept(ssl) != SSL_SUCCESS) { + int err = SSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("error = %d, %s\n", err, ERR_error_string(err, buffer)); + err_sys("SSL_accept failed"); + } +#else + NonBlockingSSL_Accept(ssl); #endif showPeer(ssl); - idx = SSL_read(ssl, input, sizeof(input)); + idx = SSL_read(ssl, input, sizeof(input)-1); if (idx > 0) { input[idx] = 0; printf("Client message: %s\n", input); + } - + else if (idx < 0) { + int readErr = SSL_get_error(ssl, 0); + if (readErr != SSL_ERROR_WANT_READ) + err_sys("SSL_read failed"); + } + if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) err_sys("SSL_write failed"); + + #if defined(CYASSL_MDK_SHELL) && defined(HAVE_MDK_RTX) + os_dly_wait(500) ; + #endif SSL_shutdown(ssl); SSL_free(ssl); @@ -321,6 +529,12 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) CloseSocket(clientfd); ((func_args*)args)->return_code = 0; + +#ifdef USE_CYASSL_MEMORY + if (trackMemory) + ShowMemoryTracker(); +#endif /* USE_CYASSL_MEMORY */ + return 0; } @@ -332,21 +546,36 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) { func_args args; +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + StartTCP(); args.argc = argc; args.argv = argv; CyaSSL_Init(); -#ifdef DEBUG_CYASSL +#if defined(DEBUG_CYASSL) && !defined(CYASSL_MDK_SHELL) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("server") || CurrentDir("build")) + if (CurrentDir("server")) ChangeDirBack(2); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); +#ifdef HAVE_STACK_SIZE + StackSizeCheck(&args, server_test); +#else server_test(&args); +#endif CyaSSL_Cleanup(); +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif return args.return_code; } @@ -360,17 +589,16 @@ THREAD_RETURN CYASSL_THREAD server_test(void* args) int srvHandShakeCB(HandShakeInfo* info) { - + (void)info; return 0; } int srvTimeoutCB(TimeoutInfo* info) { - + (void)info; return 0; } #endif - diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.h b/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.h new file mode 100644 index 000000000..559b2bbe3 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.h @@ -0,0 +1,24 @@ +/* server.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#pragma once + +THREAD_RETURN CYASSL_THREAD server_test(void* args); diff --git a/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.vcxproj b/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.vcxproj new file mode 100644 index 000000000..3196fd40e --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/examples/server/server.vcxproj @@ -0,0 +1,175 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + {E9FB0BA5-BA46-4A59-A953-39C18CD1DCB1} + server + Win32Proj + + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + + + Application + v110 + Unicode + + + + + + + + + + + + + + + + + + + <_ProjectFileVersion>11.0.61030.0 + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + true + + + true + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + false + + + false + + + + Disabled + ../../;%(AdditionalIncludeDirectories) + WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + true + EnableFastChecks + MultiThreadedDebugDLL + + Level3 + EditAndContinue + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + MachineX86 + + + + + Disabled + ../../;%(AdditionalIncludeDirectories) + WIN32;_DEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + EnableFastChecks + MultiThreadedDebugDLL + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + + + + + MaxSpeed + true + ../../;%(AdditionalIncludeDirectories) + WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + MachineX86 + + + + + MaxSpeed + true + ../../;%(AdditionalIncludeDirectories) + WIN32;NDEBUG;_CONSOLE;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + + + + + + + + {73973223-5ee8-41ca-8e88-1d60e89a237b} + false + + + + + + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/gencertbuf.pl b/FreeRTOS-Plus/Source/CyaSSL/gencertbuf.pl new file mode 100644 index 000000000..9e12c8209 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/gencertbuf.pl @@ -0,0 +1,124 @@ +#!/usr/bin/perl + +# gencertbuf.pl +# version 1.1 +# Updated 07/01/2014 +# +# Copyright (C) 2006-2014 wolfSSL Inc. +# + +use strict; +use warnings; + +# ---- SCRIPT SETTINGS ------------------------------------------------------- + +# output C header file to write cert/key buffers to +my $outputFile = "./cyassl/certs_test.h"; + +# 1024-bit certs/keys to be converted +# Used with USE_CERT_BUFFERS_1024 define. + +my @fileList_1024 = ( + [ "./certs/1024/client-key.der", "client_key_der_1024" ], + [ "./certs/1024/client-cert.der", "client_cert_der_1024" ], + [ "./certs/1024/dh1024.der", "dh_key_der_1024" ], + [ "./certs/1024/dsa1024.der", "dsa_key_der_1024" ], + [ "./certs/1024/rsa1024.der", "rsa_key_der_1024" ] + ); + +# 2048-bit certs/keys to be converted +# Used with USE_CERT_BUFFERS_2048 define. + +my @fileList_2048 = ( + [ "./certs/client-key.der", "client_key_der_2048" ], + [ "./certs/client-cert.der", "client_cert_der_2048" ], + [ "./certs/dh2048.der", "dh_key_der_2048" ], + [ "./certs/dsa2048.der", "dsa_key_der_2048" ], + [ "./certs/rsa2048.der", "rsa_key_der_2048" ], + [ "./certs/ca-cert.der", "ca_cert_der_2048" ], + [ "./certs/server-key.der", "server_key_der_2048" ], + [ "./certs/server-cert.der", "server_cert_der_2048" ] + ); + +# ---------------------------------------------------------------------------- + +my $num_1024 = @fileList_1024; +my $num_2048 = @fileList_2048; + +# open our output file, "+>" creates and/or truncates +open OUT_FILE, "+>", $outputFile or die $!; + +print OUT_FILE "/* certs_test.h */\n\n"; +print OUT_FILE "#ifndef CYASSL_CERTS_TEST_H\n"; +print OUT_FILE "#define CYASSL_CERTS_TEST_H\n\n"; + +# convert and print 1024-bit cert/keys +print OUT_FILE "#ifdef USE_CERT_BUFFERS_1024\n\n"; +for (my $i = 0; $i < $num_1024; $i++) { + + my $fname = $fileList_1024[$i][0]; + my $sname = $fileList_1024[$i][1]; + + print OUT_FILE "/* $fname, 1024-bit */\n"; + print OUT_FILE "const unsigned char $sname\[] =\n"; + print OUT_FILE "{\n"; + file_to_hex($fname); + print OUT_FILE "};\n"; + print OUT_FILE "const int sizeof_$sname = sizeof($sname);\n\n"; +} + +# convert and print 2048-bit certs/keys +print OUT_FILE "#elif defined(USE_CERT_BUFFERS_2048)\n\n"; +for (my $i = 0; $i < $num_2048; $i++) { + + my $fname = $fileList_2048[$i][0]; + my $sname = $fileList_2048[$i][1]; + + print OUT_FILE "/* $fname, 2048-bit */\n"; + print OUT_FILE "const unsigned char $sname\[] =\n"; + print OUT_FILE "{\n"; + file_to_hex($fname); + print OUT_FILE "};\n"; + print OUT_FILE "const int sizeof_$sname = sizeof($sname);\n\n"; +} + +print OUT_FILE "#endif /* USE_CERT_BUFFERS_1024 */\n\n"; +print OUT_FILE "#endif /* CYASSL_CERTS_TEST_H */\n\n"; + +# close certs_test.h file +close OUT_FILE or die $!; + +# print file as hex, comma-separated, as needed by C buffer +sub file_to_hex { + my $fileName = $_[0]; + + open my $fp, "<", $fileName or die $!; + binmode($fp); + + my $fileLen = -s $fileName; + my $byte; + + for (my $i = 0, my $j = 1; $i < $fileLen; $i++, $j++) + { + if ($j == 1) { + print OUT_FILE "\t"; + } + read($fp, $byte, 1) or die "Error reading $fileName"; + my $output = sprintf("0x%02X", ord($byte)); + print OUT_FILE $output; + + if ($i != ($fileLen - 1)) { + print OUT_FILE ", "; + } + + if ($j == 10) { + $j = 0; + print OUT_FILE "\n"; + } + } + + print OUT_FILE "\n"; + + close($fp); +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_add_am_macro.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_add_am_macro.m4 new file mode 100644 index 000000000..51ce0d0c2 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_add_am_macro.m4 @@ -0,0 +1,29 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_add_am_macro.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_ADD_AM_MACRO([RULE]) +# +# DESCRIPTION +# +# Adds the specified rule to $AMINCLUDE. This macro will only work +# properly with implementations of Make which allow include statements. +# See also AX_ADD_AM_MACRO_STATIC. +# +# LICENSE +# +# Copyright (c) 2009 Tom Howard +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 9 + +AC_DEFUN([AX_ADD_AM_MACRO],[ + AC_REQUIRE([AX_AM_MACROS]) + AX_APPEND_TO_FILE([$AMINCLUDE],[$1]) +]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_am_jobserver.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_am_jobserver.m4 new file mode 100644 index 000000000..0bee7ab67 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_am_jobserver.m4 @@ -0,0 +1,55 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_am_jobserver.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_AM_JOBSERVER([default_value]) +# +# DESCRIPTION +# +# Enables the use of make's jobserver for the purpose of parallel building +# by passing the -j option to make. +# +# The option --enable-jobserver is added to configure which can accept a +# yes, no, or an integer. The integer is the number of separate jobs to +# allow. If 'yes' is given, then the is assumed to be one more than the +# number of CPUs (determined through AX_COUNT_CPUS). If the value of no is +# given, then the jobserver is disabled. The default value is given by the +# first argument of the macro, or 'yes' if the argument is omitted. +# +# This macro makes use of AX_AM_MACROS, so you must add the following line +# +# @INC_AMINCLUDE@ +# +# to your Makefile.am files. +# +# LICENSE +# +# Copyright (c) 2008 Michael Paul Bailey +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 7 + +AC_DEFUN([AX_AM_JOBSERVER], [ + AC_REQUIRE([AX_COUNT_CPUS]) + AC_REQUIRE([AX_AM_MACROS]) + AC_ARG_ENABLE( jobserver, + [ --enable-jobserver@<:@=no/yes/@%:@@:>@ default=m4_ifval([$1],[$1],[yes]) + Enable up to @%:@ make jobs + yes: enable one more than CPU count + ],, [enable_jobserver=m4_ifval([$1],[$1],[yes])]) + if test "x$enable_jobserver" = "xyes"; then + enable_jobserver=$CPU_COUNT + ((enable_jobserver++)) + fi + m4_pattern_allow(AM_MAKEFLAGS) + if test "x$enable_jobserver" != "xno"; then + AC_MSG_NOTICE([added jobserver support to make for $enable_jobserver jobs]) + AX_ADD_AM_MACRO( AM_MAKEFLAGS += -j$enable_jobserver ) + fi +]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_am_macros.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_am_macros.m4 new file mode 100644 index 000000000..6b4bd2239 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_am_macros.m4 @@ -0,0 +1,44 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_am_macros.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_AM_MACROS +# +# DESCRIPTION +# +# Adds support for macros that create Make rules. You must manually add +# the following line +# +# @INC_AMINCLUDE@ +# +# to your Makefile.in (or Makefile.am if you use Automake) files. +# +# LICENSE +# +# Copyright (c) 2009 Tom Howard +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 9 + +AC_DEFUN([AX_AM_MACROS], +[ +AC_MSG_NOTICE([adding automake macro support]) +AMINCLUDE="aminclude.am" +AC_SUBST(AMINCLUDE) +AC_MSG_NOTICE([creating $AMINCLUDE]) +AMINCLUDE_TIME=`date` +AX_PRINT_TO_FILE([$AMINCLUDE],[[ +# generated automatically by configure from AX_AUTOMAKE_MACROS +# on $AMINCLUDE_TIME + +]]) + +INC_AMINCLUDE="include \$(top_builddir)/$AMINCLUDE" +AC_SUBST(INC_AMINCLUDE) +]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_compile_flags.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_compile_flags.m4 new file mode 100644 index 000000000..1f8e70845 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_compile_flags.m4 @@ -0,0 +1,65 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_append_compile_flags.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_APPEND_COMPILE_FLAGS([FLAG1 FLAG2 ...], [FLAGS-VARIABLE], [EXTRA-FLAGS]) +# +# DESCRIPTION +# +# For every FLAG1, FLAG2 it is checked whether the compiler works with the +# flag. If it does, the flag is added FLAGS-VARIABLE +# +# If FLAGS-VARIABLE is not specified, the current language's flags (e.g. +# CFLAGS) is used. During the check the flag is always added to the +# current language's flags. +# +# If EXTRA-FLAGS is defined, it is added to the current language's default +# flags (e.g. CFLAGS) when the check is done. The check is thus made with +# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to +# force the compiler to issue an error when a bad flag is given. +# +# NOTE: This macro depends on the AX_APPEND_FLAG and +# AX_CHECK_COMPILE_FLAG. Please keep this macro in sync with +# AX_APPEND_LINK_FLAGS. +# +# LICENSE +# +# Copyright (c) 2011 Maarten Bosmans +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 3 + +AC_DEFUN([AX_APPEND_COMPILE_FLAGS], +[AC_REQUIRE([AX_CHECK_COMPILE_FLAG]) +AC_REQUIRE([AX_APPEND_FLAG]) +for flag in $1; do + AX_CHECK_COMPILE_FLAG([$flag], [AX_APPEND_FLAG([$flag], [$2])], [], [$3]) +done +])dnl AX_APPEND_COMPILE_FLAGS diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_flag.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_flag.m4 new file mode 100644 index 000000000..1d38b76fb --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_flag.m4 @@ -0,0 +1,69 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_append_flag.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_APPEND_FLAG(FLAG, [FLAGS-VARIABLE]) +# +# DESCRIPTION +# +# FLAG is appended to the FLAGS-VARIABLE shell variable, with a space +# added in between. +# +# If FLAGS-VARIABLE is not specified, the current language's flags (e.g. +# CFLAGS) is used. FLAGS-VARIABLE is not changed if it already contains +# FLAG. If FLAGS-VARIABLE is unset in the shell, it is set to exactly +# FLAG. +# +# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. +# +# LICENSE +# +# Copyright (c) 2008 Guido U. Draheim +# Copyright (c) 2011 Maarten Bosmans +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 2 + +AC_DEFUN([AX_APPEND_FLAG], +[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX +AS_VAR_PUSHDEF([FLAGS], [m4_default($2,_AC_LANG_PREFIX[FLAGS])])dnl +AS_VAR_SET_IF(FLAGS, + [case " AS_VAR_GET(FLAGS) " in + *" $1 "*) + AC_RUN_LOG([: FLAGS already contains $1]) + ;; + *) + AC_RUN_LOG([: FLAGS="$FLAGS $1"]) + AS_VAR_SET(FLAGS, ["AS_VAR_GET(FLAGS) $1"]) + ;; + esac], + [AS_VAR_SET(FLAGS,["$1"])]) +AS_VAR_POPDEF([FLAGS])dnl +])dnl AX_APPEND_FLAG diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_to_file.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_to_file.m4 new file mode 100644 index 000000000..f9f54e088 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_append_to_file.m4 @@ -0,0 +1,27 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_append_to_file.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_APPEND_TO_FILE([FILE],[DATA]) +# +# DESCRIPTION +# +# Appends the specified data to the specified file. +# +# LICENSE +# +# Copyright (c) 2008 Tom Howard +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 8 + +AC_DEFUN([AX_APPEND_TO_FILE],[ +AC_REQUIRE([AX_FILE_ESCAPES]) +printf "$2\n" >> "$1" +]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_check_compile_flag.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_check_compile_flag.m4 new file mode 100644 index 000000000..c3a8d695a --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_check_compile_flag.m4 @@ -0,0 +1,72 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_check_compile_flag.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_COMPILE_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS]) +# +# DESCRIPTION +# +# Check whether the given FLAG works with the current language's compiler +# or gives an error. (Warnings, however, are ignored) +# +# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on +# success/failure. +# +# If EXTRA-FLAGS is defined, it is added to the current language's default +# flags (e.g. CFLAGS) when the check is done. The check is thus made with +# the flags: "CFLAGS EXTRA-FLAGS FLAG". This can for example be used to +# force the compiler to issue an error when a bad flag is given. +# +# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this +# macro in sync with AX_CHECK_{PREPROC,LINK}_FLAG. +# +# LICENSE +# +# Copyright (c) 2008 Guido U. Draheim +# Copyright (c) 2011 Maarten Bosmans +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 2 + +AC_DEFUN([AX_CHECK_COMPILE_FLAG], +[AC_PREREQ(2.59)dnl for _AC_LANG_PREFIX +AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_[]_AC_LANG_ABBREV[]flags_$4_$1])dnl +AC_CACHE_CHECK([whether _AC_LANG compiler accepts $1], CACHEVAR, [ + ax_check_save_flags=$[]_AC_LANG_PREFIX[]FLAGS + _AC_LANG_PREFIX[]FLAGS="$[]_AC_LANG_PREFIX[]FLAGS $4 $1" + AC_COMPILE_IFELSE([AC_LANG_PROGRAM()], + [AS_VAR_SET(CACHEVAR,[yes])], + [AS_VAR_SET(CACHEVAR,[no])]) + _AC_LANG_PREFIX[]FLAGS=$ax_check_save_flags]) +AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes], + [m4_default([$2], :)], + [m4_default([$3], :)]) +AS_VAR_POPDEF([CACHEVAR])dnl +])dnl AX_CHECK_COMPILE_FLAGS diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_check_link_flag.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_check_link_flag.m4 new file mode 100644 index 000000000..e2d0d363e --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_check_link_flag.m4 @@ -0,0 +1,71 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_check_link_flag.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_CHECK_LINK_FLAG(FLAG, [ACTION-SUCCESS], [ACTION-FAILURE], [EXTRA-FLAGS]) +# +# DESCRIPTION +# +# Check whether the given FLAG works with the linker or gives an error. +# (Warnings, however, are ignored) +# +# ACTION-SUCCESS/ACTION-FAILURE are shell commands to execute on +# success/failure. +# +# If EXTRA-FLAGS is defined, it is added to the linker's default flags +# when the check is done. The check is thus made with the flags: "LDFLAGS +# EXTRA-FLAGS FLAG". This can for example be used to force the linker to +# issue an error when a bad flag is given. +# +# NOTE: Implementation based on AX_CFLAGS_GCC_OPTION. Please keep this +# macro in sync with AX_CHECK_{PREPROC,COMPILE}_FLAG. +# +# LICENSE +# +# Copyright (c) 2008 Guido U. Draheim +# Copyright (c) 2011 Maarten Bosmans +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 2 + +AC_DEFUN([AX_CHECK_LINK_FLAG], +[AS_VAR_PUSHDEF([CACHEVAR],[ax_cv_check_ldflags_$4_$1])dnl +AC_CACHE_CHECK([whether the linker accepts $1], CACHEVAR, [ + ax_check_save_flags=$LDFLAGS + LDFLAGS="$LDFLAGS $4 $1" + AC_LINK_IFELSE([AC_LANG_PROGRAM()], + [AS_VAR_SET(CACHEVAR,[yes])], + [AS_VAR_SET(CACHEVAR,[no])]) + LDFLAGS=$ax_check_save_flags]) +AS_IF([test x"AS_VAR_GET(CACHEVAR)" = xyes], + [m4_default([$2], :)], + [m4_default([$3], :)]) +AS_VAR_POPDEF([CACHEVAR])dnl +])dnl AX_CHECK_LINK_FLAGS diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_count_cpus.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_count_cpus.m4 new file mode 100644 index 000000000..d4f3d290f --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_count_cpus.m4 @@ -0,0 +1,57 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_count_cpus.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_COUNT_CPUS +# +# DESCRIPTION +# +# Attempt to count the number of processors present on the machine. If the +# detection fails, then a value of 1 is assumed. +# +# The value is placed in the CPU_COUNT variable. +# +# LICENSE +# +# Copyright (c) 2012 Brian Aker +# Copyright (c) 2008 Michael Paul Bailey +# Copyright (c) 2008 Christophe Tournayre +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 10 + + AC_DEFUN([AX_COUNT_CPUS],[ + AC_REQUIRE([AC_CANONICAL_HOST]) + AC_REQUIRE([AC_PROG_EGREP]) + AC_MSG_CHECKING([the number of available CPUs]) + CPU_COUNT="0" + + AS_CASE([$host_os],[ + *darwin*],[ + AS_IF([test -x /usr/sbin/sysctl],[ + sysctl_a=`/usr/sbin/sysctl -a 2>/dev/null| grep -c hw.cpu` + AS_IF([test sysctl_a],[ + CPU_COUNT=`/usr/sbin/sysctl -n hw.ncpu` + ]) + ])],[ + *linux*],[ + AS_IF([test "x$CPU_COUNT" = "x0" -a -e /proc/cpuinfo],[ + AS_IF([test "x$CPU_COUNT" = "x0" -a -e /proc/cpuinfo],[ + CPU_COUNT=`$EGREP -c '^processor' /proc/cpuinfo` + ]) + ]) + ]) + + AS_IF([test "x$CPU_COUNT" = "x0"],[ + CPU_COUNT="1" + AC_MSG_RESULT( [unable to detect (assuming 1)] ) + ],[ + AC_MSG_RESULT( $CPU_COUNT ) + ]) + ]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_create_generic_config.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_create_generic_config.m4 new file mode 100644 index 000000000..535838f46 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_create_generic_config.m4 @@ -0,0 +1,195 @@ +# ============================================================================ +# http://www.gnu.org/software/autoconf-archive/ax_create_generic_config.html +# ============================================================================ +# +# SYNOPSIS +# +# AX_CREATE_GENERIC_CONFIG [(PACKAGEnlibs [, VERSION])] +# +# DESCRIPTION +# +# Creates a generic PACKAGE-config file that has all the things that you +# want, hmm, well, atleast it has --cflags, --version, --libs. Ahhm, did +# you see ax_path_generic in the autoconf-archive? ;-) +# +# this macros saves you all the typing for a pkg-config.in script, you +# don't even need to distribute one along. Place this macro in your +# configure.ac, et voila, you got one that you want to install. +# +# oh, btw, if the first arg looks like "mylib -lwhat' then it will go to +# be added to the --libs, and mylib is extracted. +# +# the defaults: $1 = $PACKAGE $LIBS $2 = $VERSION there is also an +# AC_SUBST(GENERIC_CONFIG) that will be set to the name of the file that +# we did output in this macro. Use as: +# +# install-exec-local: install-generic-config +# +# install-generic-config: +# $(mkinstalldirs) $(DESTDIR)$(bindir) +# $(INSTALL_SCRIPT) @GENERIC_CONFIG@ $(DESTDIR)$(bindir) +# +# LICENSE +# +# Copyright (c) 2008 Guido U. Draheim +# +# This program is free software; you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation; either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 6 + +AU_ALIAS([AC_CREATE_GENERIC_CONFIG], [AX_CREATE_GENERIC_CONFIG]) +AC_DEFUN([AX_CREATE_GENERIC_CONFIG],[# create a generic PACKAGE-config file +L=`echo ifelse($1, , $PACKAGE $LIBS, $1)` +P=`echo $L | sed -e 's/ -.*//'` +P=`echo $P` +V=`echo ifelse($2, , $VERSION, $2)` +F=`echo $P-config` +L=`echo -l$L | sed -e 's/^-llib/-l/'` +AC_MSG_RESULT(creating $F - generic $V for $L) +test "x$prefix" = xNONE && prefix="$ac_default_prefix" +test "x$exec_prefix" = xNONE && exec_prefix='${prefix}' +echo '#! /bin/sh' >$F +echo ' ' >>$F +echo 'package="'$P'"' >>$F +echo 'version="'$V'"' >>$F +echo 'libs="'$L'"' >>$F +echo ' ' >>$F +# in the order of occurence a standard automake Makefile +echo 'prefix="'$prefix'"' >>$F +echo 'exec_prefix="'$exec_prefix'"' >>$F +echo 'bindir="'$bindir'"' >>$F +echo 'sbindir="'$sbindir'"' >>$F +echo 'libexecdir="'$libexecdir'"' >>$F +echo 'datadir="'$datadir'"' >>$F +echo 'sysconfdir="'$sysconfdir'"' >>$F +echo 'sharedstatedir="'$sharedstatedir'"' >>$F +echo 'localstatedir="'$localstatedir'"' >>$F +echo 'libdir="'$libdir'"' >>$F +echo 'infodir="'$infodir'"' >>$F +echo 'mandir="'$mandir'"' >>$F +echo 'includedir="'$includedir'"' >>$F +echo 'target="'$target'"' >>$F +echo 'host="'$host'"' >>$F +echo 'build="'$build'"' >>$F +echo ' ' >>$F +echo 'if test "'"\$""#"'" -eq 0; then' >>$F +echo ' cat <>$F +echo 'Usage: $package-config [OPTIONS]' >>$F +echo 'Options:' >>$F +echo ' --prefix[=DIR]) : \$prefix' >>$F +echo ' --package) : \$package' >>$F +echo ' --version) : \$version' >>$F +echo ' --cflags) : -I\$includedir' >>$F +echo ' --libs) : -L\$libdir -l\$package' >>$F +echo ' --help) print all the options (not just these)' >>$F +echo 'EOF' >>$F +echo 'fi' >>$F +echo ' ' >>$F +echo 'o=""' >>$F +echo 'h=""' >>$F +echo 'for i in "[$]@"; do' >>$F +echo ' case $i in' >>$F +echo ' --prefix=*) prefix=`echo $i | sed -e "s/--prefix=//"` ;;' >>$F +echo ' --prefix) o="$o $prefix" ;;' >>$F +echo ' --package) o="$o $package" ;;' >>$F +echo ' --version) o="$o $version" ;;' >>$F +echo ' --cflags) if test "_$includedir" != "_/usr/include"' >>$F +echo ' then o="$o -I$includedir" ; fi' >>$F +echo ' ;;' >>$F +echo ' --libs) o="$o -L$libdir $libs" ;;' >>$F +echo ' --exec_prefix|--eprefix) o="$o $exec_prefix" ;;' >>$F +echo ' --bindir) o="$o $bindir" ;;' >>$F +echo ' --sbindir) o="$o $sbindir" ;;' >>$F +echo ' --libexecdir) o="$o $libexecdir" ;;' >>$F +echo ' --datadir) o="$o $datadir" ;;' >>$F +echo ' --datainc) o="$o -I$datadir" ;;' >>$F +echo ' --datalib) o="$o -L$datadir" ;;' >>$F +echo ' --sysconfdir) o="$o $sysconfdir" ;;' >>$F +echo ' --sharedstatedir) o="$o $sharedstatedir" ;;' >>$F +echo ' --localstatedir) o="$o $localstatedir" ;;' >>$F +echo ' --libdir) o="$o $libdir" ;;' >>$F +echo ' --libadd) o="$o -L$libdir" ;;' >>$F +echo ' --infodir) o="$o $infodir" ;;' >>$F +echo ' --mandir) o="$o $mandir" ;;' >>$F +echo ' --target) o="$o $target" ;;' >>$F +echo ' --host) o="$o $host" ;;' >>$F +echo ' --build) o="$o $build" ;;' >>$F +echo ' --data) o="$o -I$datadir/$package" ;;' >>$F +echo ' --pkgdatadir) o="$o $datadir/$package" ;;' >>$F +echo ' --pkgdatainc) o="$o -I$datadir/$package" ;;' >>$F +echo ' --pkgdatalib) o="$o -L$datadir/$package" ;;' >>$F +echo ' --pkglibdir) o="$o $libdir/$package" ;;' >>$F +echo ' --pkglibinc) o="$o -I$libinc/$package" ;;' >>$F +echo ' --pkglibadd) o="$o -L$libadd/$package" ;;' >>$F +echo ' --pkgincludedir) o="$o $includedir/$package" ;;' >>$F +echo ' --help) h="1" ;;' >>$F +echo ' -?//*|-?/*//*|-?./*//*|//*|/*//*|./*//*) ' >>$F +echo ' v=`echo $i | sed -e s://:\$:g`' >>$F +echo ' v=`eval "echo $v"` ' >>$F +echo ' o="$o $v" ;; ' >>$F +echo ' esac' >>$F +echo 'done' >>$F +echo ' ' >>$F +echo 'o=`eval "echo $o"`' >>$F +echo 'o=`eval "echo $o"`' >>$F +echo 'eval "echo $o"' >>$F +echo ' ' >>$F +echo 'if test ! -z "$h" ; then ' >>$F +echo 'cat <>$F +echo ' --prefix=xxx) (what is that for anyway?)' >>$F +echo ' --prefix) \$prefix $prefix' >>$F +echo ' --package) \$package $package' >>$F +echo ' --version) \$version $version' >>$F +echo ' --cflags) -I\$includedir unless it is /usr/include' >>$F +echo ' --libs) -L\$libdir -l\$PACKAGE \$LIBS' >>$F +echo ' --exec_prefix) or... ' >>$F +echo ' --eprefix) \$exec_prefix $exec_prefix' >>$F +echo ' --bindir) \$bindir $bindir' >>$F +echo ' --sbindir) \$sbindir $sbindir' >>$F +echo ' --libexecdir) \$libexecdir $libexecdir' >>$F +echo ' --datadir) \$datadir $datadir' >>$F +echo ' --sysconfdir) \$sysconfdir $sysconfdir' >>$F +echo ' --sharedstatedir) \$sharedstatedir$sharedstatedir' >>$F +echo ' --localstatedir) \$localstatedir $localstatedir' >>$F +echo ' --libdir) \$libdir $libdir' >>$F +echo ' --infodir) \$infodir $infodir' >>$F +echo ' --mandir) \$mandir $mandir' >>$F +echo ' --target) \$target $target' >>$F +echo ' --host) \$host $host' >>$F +echo ' --build) \$build $build' >>$F +echo ' --data) -I\$datadir/\$package' >>$F +echo ' --pkgdatadir) \$datadir/\$package' >>$F +echo ' --pkglibdir) \$libdir/\$package' >>$F +echo ' --pkgincludedir) \$includedir/\$package' >>$F +echo ' --help) generated by ax_create_generic_config.m4' >>$F +echo ' -I//varname and other inc-targets like --pkgdatainc supported' >>$F +echo ' -L//varname and other lib-targets, e.g. --pkgdatalib or --libadd' >>$F +echo 'EOF' >>$F +echo 'fi' >>$F +GENERIC_CONFIG="$F" +AC_SUBST(GENERIC_CONFIG) +]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_debug.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_debug.m4 new file mode 100644 index 000000000..94e4c9cb6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_debug.m4 @@ -0,0 +1,63 @@ +# =========================================================================== +# https://github.com/BrianAker/ddm4/ +# =========================================================================== +# +# SYNOPSIS +# +# AX_DEBUG() +# +# DESCRIPTION +# +# --enable-debug +# +# LICENSE +# +# Copyright (C) 2012 Brian Aker +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following disclaimer +# in the documentation and/or other materials provided with the +# distribution. +# +# * The names of its contributors may not be used to endorse or +# promote products derived from this software without specific prior +# written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#serial 6.1 + +AC_DEFUN([AX_DEBUG], + [AC_PREREQ([2.63])dnl + AC_ARG_ENABLE([debug], + [AS_HELP_STRING([--enable-debug], + [Add debug code/turns off optimizations (yes|no) @<:@default=no@:>@])], + [ax_enable_debug=$enableval], + [ax_enable_debug=no]) + + AS_IF([test "x$ax_enable_debug" = xyes], + [AC_DEFINE([DEBUG],[1],[Define to 1 to enable debugging code.])], + [AC_SUBST([MCHECK]) + AC_DEFINE([DEBUG],[0],[Define to 1 to enable debugging code.])]) + + AC_MSG_CHECKING([for debug]) + AC_MSG_RESULT([$ax_enable_debug]) + AM_CONDITIONAL([DEBUG],[test "x${ax_enable_debug}" = xyes])]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_file_escapes.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_file_escapes.m4 new file mode 100644 index 000000000..f4c6a06ae --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_file_escapes.m4 @@ -0,0 +1,30 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_file_escapes.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_FILE_ESCAPES +# +# DESCRIPTION +# +# Writes the specified data to the specified file. +# +# LICENSE +# +# Copyright (c) 2008 Tom Howard +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 7 + +AC_DEFUN([AX_FILE_ESCAPES],[ +AX_DOLLAR="\$" +AX_SRB="\\135" +AX_SLB="\\133" +AX_BS="\\\\" +AX_DQ="\"" +]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_harden_compiler_flags.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_harden_compiler_flags.m4 new file mode 100644 index 000000000..932406074 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_harden_compiler_flags.m4 @@ -0,0 +1,238 @@ +# =========================================================================== +# https://github.com/BrianAker/ddm4/ +# =========================================================================== +# +# SYNOPSIS +# +# AX_HARDEN_COMPILER_FLAGS() +# AX_HARDEN_LINKER_FLAGS() +# AX_HARDEN_CC_COMPILER_FLAGS() +# AX_HARDEN_CXX_COMPILER_FLAGS() +# +# DESCRIPTION +# +# Any compiler flag that "hardens" or tests code. C99 is assumed. +# +# NOTE: Implementation based on AX_APPEND_FLAG. +# +# LICENSE +# +# Copyright (C) 2012 Brian Aker +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following disclaimer +# in the documentation and/or other materials provided with the +# distribution. +# +# * The names of its contributors may not be used to endorse or +# promote products derived from this software without specific prior +# written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +# The Following flags are not checked for +# -Wdeclaration-after-statement is counter to C99 +# AX_APPEND_COMPILE_FLAGS([-std=c++11]) -- Not ready yet +# AX_APPEND_COMPILE_FLAGS([-pedantic]) -- ? +# AX_APPEND_COMPILE_FLAGS([-Wstack-protector]) -- Issues on 32bit compile +# AX_APPEND_COMPILE_FLAGS([-fstack-protector-all]) -- Issues on 32bit compile +# AX_APPEND_COMPILE_FLAGS([-Wlong-long]) -- Don't turn on for compatibility issues memcached_stat_st +# AX_APPEND_COMPILE_FLAGS([-Wold-style-definition],,[$ax_append_compile_cflags_extra]) +# AX_APPEND_COMPILE_FLAGS([-std=c99],,[$ax_append_compile_cflags_extra]) +# AX_APPEND_COMPILE_FLAGS([-Wlogical-op],,[$ax_append_compile_cflags_extra]) +# AX_APPEND_COMPILE_FLAGS([-fstack-check],,[$ax_append_compile_cflags_extra]) -- problems with fastmath stack size checks +# AX_APPEND_COMPILE_FLAGS([-floop-parallelize-all],,[$ax_append_compile_cflags_extra]) -- causes RSA verify problem on x64 +# AX_APPEND_COMPILE_FLAGS([-Wunreachable-code],,[$ax_append_compile_cflags_extra]) -- older clang and when gcc had it are buggy + +#serial 4 + + AC_DEFUN([AX_HARDEN_LINKER_FLAGS], [ + AC_REQUIRE([AX_CHECK_LINK_FLAG]) + AC_REQUIRE([AX_VCS_CHECKOUT]) + AC_REQUIRE([AX_DEBUG]) + + dnl If we are inside of VCS we append -Werror, otherwise we just use it to test other flags + AX_HARDEN_LIB= + ax_append_compile_link_flags_extra= + AS_IF([test "x$ac_cv_vcs_checkout" = "xyes"],[ + AX_CHECK_LINK_FLAG([-Werror],[ + AX_HARDEN_LIB="-Werror $AX_HARDEN_LIB" + ]) + ],[ + AX_CHECK_LINK_FLAG([-Werror],[ + ax_append_compile_link_flags_extra='-Werror' + ]) + ]) + + AX_CHECK_LINK_FLAG([-z relro -z now],[ + AX_HARDEN_LIB="-z relro -z now $AX_HARDEN_LIB" + ],,[$ax_append_compile_link_flags_extra]) + + AX_CHECK_LINK_FLAG([-pie],[ + AX_HARDEN_LIB="-pie $AX_HARDEN_LIB" + ],,[$ax_append_compile_link_flags_extra]) + + LIB="$LIB $AX_HARDEN_LIB" + ]) + + AC_DEFUN([AX_HARDEN_CC_COMPILER_FLAGS], [ + AC_REQUIRE([AX_APPEND_COMPILE_FLAGS]) + AC_REQUIRE([AX_HARDEN_LINKER_FLAGS]) + + AC_LANG_PUSH([C]) + + CFLAGS= + ac_cv_warnings_as_errors=no + ax_append_compile_cflags_extra= + AS_IF([test "$ac_cv_vcs_checkout" = "yes"],[ + AX_APPEND_COMPILE_FLAGS([-Werror]) + ac_cv_warnings_as_errors=yes + ],[ + AX_APPEND_COMPILE_FLAGS([-Werror],[ax_append_compile_cflags_extra]) + ]) + + AS_IF([test "$ax_enable_debug" = "yes"], [ + AX_APPEND_COMPILE_FLAGS([-g]) + AX_APPEND_COMPILE_FLAGS([-ggdb],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_cflags_extra]) + ],[]) + + AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cflags_extra]) + + AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wextra],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunknown-pragmas],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wthis-test-should-fail],,[$ax_append_compile_cflags_extra]) + dnl Anything below this comment please keep sorted. + AS_IF([test "$CC" = "clang"],[],[ + AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1],,[$ax_append_compile_cflags_extra]) + ]) + AX_APPEND_COMPILE_FLAGS([-Waddress],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Warray-bounds],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wbad-function-cast],,[$ax_append_compile_cflags_extra]) + dnl Not in use -Wc++-compat + AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wcomment],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wfloat-equal],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wformat-security],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wformat=2],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-prototypes],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wnested-externs],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wnormalized=id],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Woverride-init],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wpointer-sign],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-prototypes],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wundef],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused-result],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused-variable],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wwrite-strings],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-fwrapv],,[$ax_append_compile_cflags_extra]) + AX_APPEND_COMPILE_FLAGS([-fPIE],,[$ax_append_compile_cflags_extra]) + AC_LANG_POP + ]) + + AC_DEFUN([AX_HARDEN_CXX_COMPILER_FLAGS], [ + AC_REQUIRE([AX_HARDEN_CC_COMPILER_FLAGS]) + AC_LANG_PUSH([C++]) + + ax_append_compile_cxxflags_extra= + AS_IF([test "$ac_cv_warnings_as_errors" = "yes"],[ + AX_APPEND_COMPILE_FLAGS([-Werror]) + ],[ + AX_APPEND_COMPILE_FLAGS([-Werror],[ax_append_compile_cxxflags_extra]) + ]) + + AS_IF([test "$ax_enable_debug" = "yes" ], [ + AX_APPEND_COMPILE_FLAGS([-g],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-O0],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-ggdb],,[$ax_append_compile_cxxflags_extra]) + ],[ + AX_APPEND_COMPILE_FLAGS([-D_FORTIFY_SOURCE=2],,[$ax_append_compile_cxxflags_extra]) + ]) + + AS_IF([test "$ac_cv_vcs_checkout" = "yes" ], [ + AX_APPEND_COMPILE_FLAGS([-Werror],,[$ax_append_compile_cxxflags_extra]) + ],[ + AX_APPEND_COMPILE_FLAGS([-Wno-pragmas],,[$ax_append_compile_cxxflags_extra]) + ]) + + AX_APPEND_COMPILE_FLAGS([-Wall],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wno-strict-aliasing],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wextra],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunknown-pragmas],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wthis-test-should-fail],,[$ax_append_compile_cxxflags_extra]) + dnl Anything below this comment please keep sorted. + AX_APPEND_COMPILE_FLAGS([--param=ssp-buffer-size=1],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Waddress],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Warray-bounds],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wchar-subscripts],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wcomment],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wctor-dtor-privacy],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wfloat-equal],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wformat=2],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmaybe-uninitialized],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-field-initializers],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wmissing-noreturn],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wnon-virtual-dtor],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wnormalized=id],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Woverloaded-virtual],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wpointer-arith],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wredundant-decls],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wshadow],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wshorten-64-to-32],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wsign-compare],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wstrict-overflow=1],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wswitch-enum],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wundef],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wc++11-compat],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused-result],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wunused-variable],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wwrite-strings],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-Wformat-security],,[$ax_append_compile_cxxflags_extra]) + AX_APPEND_COMPILE_FLAGS([-fwrapv],,[$ax_append_compile_cxxflags_extra]) + AC_LANG_POP + ]) + + AC_DEFUN([AX_HARDEN_COMPILER_FLAGS], [ + AC_REQUIRE([AX_HARDEN_CXX_COMPILER_FLAGS]) + ]) + + AC_DEFUN([AX_CC_OTHER_FLAGS], [ + AC_REQUIRE([AX_APPEND_COMPILE_FLAGS]) + AC_REQUIRE([AX_HARDEN_CC_COMPILER_FLAGS]) + + AC_LANG_PUSH([C]) + AX_APPEND_COMPILE_FLAGS([-pipe],,[$ax_append_compile_cflags_extra]) + AC_LANG_POP + ]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_print_to_file.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_print_to_file.m4 new file mode 100644 index 000000000..5b9d1c391 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_print_to_file.m4 @@ -0,0 +1,27 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_print_to_file.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_PRINT_TO_FILE([FILE],[DATA]) +# +# DESCRIPTION +# +# Writes the specified data to the specified file. +# +# LICENSE +# +# Copyright (c) 2008 Tom Howard +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 7 + +AC_DEFUN([AX_PRINT_TO_FILE],[ +AC_REQUIRE([AX_FILE_ESCAPES]) +printf "$2" > "$1" +]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_pthread.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_pthread.m4 index a6bf596c3..bdb34b0ae 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_pthread.m4 +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_pthread.m4 @@ -82,7 +82,7 @@ # modified version of the Autoconf Macro, you may extend this special # exception to the GPL to apply to your modified version as well. -#serial 16 +#serial 20 AU_ALIAS([ACX_PTHREAD], [AX_PTHREAD]) AC_DEFUN([AX_PTHREAD], [ @@ -145,8 +145,8 @@ ax_pthread_flags="pthreads none -Kthread -kthread lthread -pthread -pthreads -mt # --thread-safe: KAI C++ # pthread-config: use pthread-config program (for GNU Pth library) -case "${host_cpu}-${host_os}" in - *solaris*) +case ${host_os} in + solaris*) # On Solaris (at least, for some versions), libc contains stubbed # (non-functional) versions of the pthreads routines, so link-based @@ -159,8 +159,11 @@ case "${host_cpu}-${host_os}" in ax_pthread_flags="-pthreads pthread -mt -pthread $ax_pthread_flags" ;; - *-darwin*) - ax_pthread_flags="-pthread $ax_pthread_flags" + darwin*) + AC_REQUIRE([WOLFSSL_DARWIN_USING_CLANG]) + AS_IF([test x"$wolfssl_darwin_clang" = x"yes"], + [ax_pthread_flags="$ax_pthread_flags"], + [ax_pthread_flags="-pthread $ax_pthread_flags"]) ;; esac @@ -254,9 +257,16 @@ if test "x$ax_pthread_ok" = xyes; then AC_MSG_CHECKING([if more special flags are required for pthreads]) flag=no - case "${host_cpu}-${host_os}" in - *-aix* | *-freebsd* | *-darwin*) flag="-D_THREAD_SAFE";; - *solaris* | *-osf* | *-hpux*) flag="-D_REENTRANT";; + case ${host_os} in + aix* | freebsd* | darwin*) flag="-D_THREAD_SAFE";; + osf* | hpux*) flag="-D_REENTRANT";; + solaris*) + if test "$GCC" = "yes"; then + flag="-D_REENTRANT" + else + flag="-mt -D_REENTRANT" + fi + ;; esac AC_MSG_RESULT(${flag}) if test "x$flag" != xno; then @@ -276,16 +286,24 @@ if test "x$ax_pthread_ok" = xyes; then LIBS="$save_LIBS" CFLAGS="$save_CFLAGS" - # More AIX lossage: must compile with xlc_r or cc_r - if test x"$GCC" != xyes; then - AC_CHECK_PROGS(PTHREAD_CC, xlc_r cc_r, ${CC}) - else - PTHREAD_CC=$CC + # More AIX lossage: compile with *_r variant + if test "x$GCC" != xyes; then + case $host_os in + aix*) + AS_CASE(["x/$CC"], + [x*/c89|x*/c89_128|x*/c99|x*/c99_128|x*/cc|x*/cc128|x*/xlc|x*/xlc_v6|x*/xlc128|x*/xlc128_v6], + [#handle absolute path differently from PATH based program lookup + AS_CASE(["x$CC"], + [x/*], + [AS_IF([AS_EXECUTABLE_P([${CC}_r])],[PTHREAD_CC="${CC}_r"])], + [AC_CHECK_PROGS([PTHREAD_CC],[${CC}_r],[$CC])])]) + ;; + esac fi -else - PTHREAD_CC="$CC" fi +test -n "$PTHREAD_CC" || PTHREAD_CC="$CC" + AC_SUBST(PTHREAD_LIBS) AC_SUBST(PTHREAD_CFLAGS) AC_SUBST(PTHREAD_CC) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_tls.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_tls.m4 new file mode 100644 index 000000000..3f6b5e10b --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_tls.m4 @@ -0,0 +1,92 @@ +# =========================================================================== +# http://www.gnu.org/software/autoconf-archive/ax_tls.html +# =========================================================================== +# +# SYNOPSIS +# +# AX_TLS([action-if-found], [action-if-not-found]) +# +# DESCRIPTION +# +# Provides a test for the compiler support of thread local storage (TLS) +# extensions. Defines TLS if it is found. Currently knows about GCC/ICC +# and MSVC. I think SunPro uses the same as GCC, and Borland apparently +# supports either. +# +# LICENSE +# +# Copyright (c) 2008 Alan Woodland +# Copyright (c) 2010 Diego Elio Petteno` +# +# This program is free software: you can redistribute it and/or modify it +# under the terms of the GNU General Public License as published by the +# Free Software Foundation, either version 3 of the License, or (at your +# option) any later version. +# +# This program is distributed in the hope that it will be useful, but +# WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General +# Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . +# +# As a special exception, the respective Autoconf Macro's copyright owner +# gives unlimited permission to copy, distribute and modify the configure +# scripts that are the output of Autoconf when processing the Macro. You +# need not follow the terms of the GNU General Public License when using +# or distributing such scripts, even though portions of the text of the +# Macro appear in them. The GNU General Public License (GPL) does govern +# all other use of the material that constitutes the Autoconf Macro. +# +# This special exception to the GPL applies to versions of the Autoconf +# Macro released by the Autoconf Archive. When you make and distribute a +# modified version of the Autoconf Macro, you may extend this special +# exception to the GPL to apply to your modified version as well. + +#serial 11 + +# Define m4_ifblank and m4_ifnblank macros from introduced in +# autotools 2.64 m4sugar.m4 if using an earlier autotools. + +ifdef([m4_ifblank], [], [ + m4_define([m4_ifblank], + [m4_if(m4_translit([[$1]], [ ][ ][ +]), [], [$2], [$3])]) + ]) + + +ifdef([m4_ifnblank], [], [ + m4_define([m4_ifnblank], + [m4_if(m4_translit([[$1]], [ ][ ][ +]), [], [$3], [$2])]) + ]) + +AC_DEFUN([AX_TLS], [ + AC_MSG_CHECKING(for thread local storage (TLS) class) + AC_CACHE_VAL(ac_cv_tls, [ + ax_tls_keywords="__thread __declspec(thread) none" + for ax_tls_keyword in $ax_tls_keywords; do + AS_CASE([$ax_tls_keyword], + [none], [ac_cv_tls=none ; break], + [AC_TRY_COMPILE( + [#include + static void + foo(void) { + static ] $ax_tls_keyword [ int bar; + exit(1); + }], + [], + [ac_cv_tls=$ax_tls_keyword ; break], + ac_cv_tls=none + )]) + done + ]) + AC_MSG_RESULT($ac_cv_tls) + + AS_IF([test "$ac_cv_tls" != "none"], + AC_DEFINE_UNQUOTED([TLS], $ac_cv_tls, [If the compiler supports a TLS storage class define it to that here]) + m4_ifnblank([$1], [$1]), + m4_ifnblank([$2], [$2]) + ) +]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ax_vcs_checkout.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_vcs_checkout.m4 new file mode 100644 index 000000000..8047b65ec --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ax_vcs_checkout.m4 @@ -0,0 +1,75 @@ +# =========================================================================== +# http:// +# =========================================================================== +# +# SYNOPSIS +# +# AX_VCS_CHECKOUT +# +# DESCRIPTION +# +# Discover whether or not we are operating with a tree which +# has been checked out of a version control system. +# +# +# LICENSE +# +# Copyright (C) 2012 Brian Aker +# All rights reserved. +# +# Redistribution and use in source and binary forms, with or without +# modification, are permitted provided that the following conditions are +# met: +# +# * Redistributions of source code must retain the above copyright +# notice, this list of conditions and the following disclaimer. +# +# * Redistributions in binary form must reproduce the above +# copyright notice, this list of conditions and the following disclaimer +# in the documentation and/or other materials provided with the +# distribution. +# +# * The names of its contributors may not be used to endorse or +# promote products derived from this software without specific prior +# written permission. +# +# THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +# "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +# LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +# A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +# OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +# SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +# LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +# DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +# THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +# (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +# OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. + +#serial 6 + +AC_DEFUN([AX_VCS_SYSTEM], + [AC_PREREQ([2.63])dnl + AC_CACHE_CHECK([for vcs system], [ac_cv_vcs_system], + [ac_cv_vcs_system="none" + AS_IF([test -d ".bzr"],[ac_cv_vcs_system="bazaar"]) + AS_IF([test -d ".svn"],[ac_cv_vcs_system="svn"]) + AS_IF([test -d ".hg"],[ac_cv_vcs_system="mercurial"]) + AS_IF([test -d ".git"],[ac_cv_vcs_system="git"]) + ]) + AC_DEFINE_UNQUOTED([VCS_SYSTEM],["$ac_cv_vcs_system"],[VCS system]) + ]) + +AC_DEFUN([AX_VCS_CHECKOUT], + [AC_PREREQ([2.63])dnl + AC_REQUIRE([AX_VCS_SYSTEM]) + AC_CACHE_CHECK([for vcs checkout],[ac_cv_vcs_checkout], + [AS_IF([test "x$ac_cv_vcs_system" != "xnone"], + [ac_cv_vcs_checkout=yes], + [ac_cv_vcs_checkout=no]) + ]) + + AM_CONDITIONAL([IS_VCS_CHECKOUT],[test "x$ac_cv_vcs_checkout" = "xyes"]) + AS_IF([test "x$ac_cv_vcs_checkout" = "xyes"], + [AC_DEFINE([VCS_CHECKOUT],[1],[Define if the code was built from VCS.])], + [AC_DEFINE([VCS_CHECKOUT],[0],[Define if the code was built from VCS.])]) + ]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/libtool.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/libtool.m4 index dfd481729..44e0ecff1 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/m4/libtool.m4 +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/libtool.m4 @@ -1,8 +1,8 @@ # libtool.m4 - Configure libtool for the host system. -*-Autoconf-*- # # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, -# Inc. +# 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is free software; the Free Software Foundation gives @@ -11,8 +11,8 @@ m4_define([_LT_COPYING], [dnl # Copyright (C) 1996, 1997, 1998, 1999, 2000, 2001, 2003, 2004, 2005, -# 2006, 2007, 2008, 2009, 2010 Free Software Foundation, -# Inc. +# 2006, 2007, 2008, 2009, 2010, 2011 Free Software +# Foundation, Inc. # Written by Gordon Matzigkeit, 1996 # # This file is part of GNU Libtool. @@ -146,6 +146,8 @@ AC_REQUIRE([AC_CANONICAL_BUILD])dnl AC_REQUIRE([_LT_PREPARE_SED_QUOTE_VARS])dnl AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH])dnl +_LT_DECL([], [PATH_SEPARATOR], [1], [The PATH separator for the build system])dnl +dnl _LT_DECL([], [host_alias], [0], [The host system])dnl _LT_DECL([], [host], [0])dnl _LT_DECL([], [host_os], [0])dnl @@ -168,10 +170,13 @@ _LT_DECL([], [exeext], [0], [Executable file suffix (normally "")])dnl dnl m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_CHECK_SHELL_FEATURES])dnl +m4_require([_LT_PATH_CONVERSION_FUNCTIONS])dnl m4_require([_LT_CMD_RELOAD])dnl m4_require([_LT_CHECK_MAGIC_METHOD])dnl +m4_require([_LT_CHECK_SHAREDLIB_FROM_LINKLIB])dnl m4_require([_LT_CMD_OLD_ARCHIVE])dnl m4_require([_LT_CMD_GLOBAL_SYMBOLS])dnl +m4_require([_LT_WITH_SYSROOT])dnl _LT_CONFIG_LIBTOOL_INIT([ # See if we are running on zsh, and set the options which allow our @@ -634,7 +639,7 @@ m4_ifset([AC_PACKAGE_NAME], [AC_PACKAGE_NAME ])config.lt[]dnl m4_ifset([AC_PACKAGE_VERSION], [ AC_PACKAGE_VERSION]) configured by $[0], generated by m4_PACKAGE_STRING. -Copyright (C) 2010 Free Software Foundation, Inc. +Copyright (C) 2011 Free Software Foundation, Inc. This config.lt script is free software; the Free Software Foundation gives unlimited permision to copy, distribute and modify it." @@ -707,8 +712,8 @@ _LT_CONFIG_SAVE_COMMANDS([ fi cfgfile="${ofile}T" - trap "$RM -f \"$cfgfile\"; exit 1" 1 2 15 - $RM -f "$cfgfile" + trap "$RM \"$cfgfile\"; exit 1" 1 2 15 + $RM "$cfgfile" cat <<_LT_EOF >> "$cfgfile" #! $SHELL @@ -748,15 +753,12 @@ _LT_EOF # if finds mixed CR/LF and LF-only lines. Since sed operates in # text mode, it properly converts lines to CR/LF. This bash problem # is reportedly fixed, but why not run on old versions too? - sed '/^# Generated shell functions inserted here/q' "$ltmain" >> "$cfgfile" \ - || (rm -f "$cfgfile"; exit 1) - - _LT_PROG_XSI_SHELLFNS + sed '$q' "$ltmain" >> "$cfgfile" \ + || (rm -f "$cfgfile"; exit 1) - sed -n '/^# Generated shell functions inserted here/,$p' "$ltmain" >> "$cfgfile" \ - || (rm -f "$cfgfile"; exit 1) + _LT_PROG_REPLACE_SHELLFNS - mv -f "$cfgfile" "$ofile" || + mv -f "$cfgfile" "$ofile" || (rm -f "$ofile" && cp "$cfgfile" "$ofile" && rm -f "$cfgfile") chmod +x "$ofile" ], @@ -801,6 +803,7 @@ AC_DEFUN([LT_LANG], m4_case([$1], [C], [_LT_LANG(C)], [C++], [_LT_LANG(CXX)], + [Go], [_LT_LANG(GO)], [Java], [_LT_LANG(GCJ)], [Fortran 77], [_LT_LANG(F77)], [Fortran], [_LT_LANG(FC)], @@ -822,6 +825,31 @@ m4_defun([_LT_LANG], ])# _LT_LANG +m4_ifndef([AC_PROG_GO], [ +############################################################ +# NOTE: This macro has been submitted for inclusion into # +# GNU Autoconf as AC_PROG_GO. When it is available in # +# a released version of Autoconf we should remove this # +# macro and use it instead. # +############################################################ +m4_defun([AC_PROG_GO], +[AC_LANG_PUSH(Go)dnl +AC_ARG_VAR([GOC], [Go compiler command])dnl +AC_ARG_VAR([GOFLAGS], [Go compiler flags])dnl +_AC_ARG_VAR_LDFLAGS()dnl +AC_CHECK_TOOL(GOC, gccgo) +if test -z "$GOC"; then + if test -n "$ac_tool_prefix"; then + AC_CHECK_PROG(GOC, [${ac_tool_prefix}gccgo], [${ac_tool_prefix}gccgo]) + fi +fi +if test -z "$GOC"; then + AC_CHECK_PROG(GOC, gccgo, gccgo, false) +fi +])#m4_defun +])#m4_ifndef + + # _LT_LANG_DEFAULT_CONFIG # ----------------------- m4_defun([_LT_LANG_DEFAULT_CONFIG], @@ -852,6 +880,10 @@ AC_PROVIDE_IFELSE([AC_PROG_GCJ], m4_ifdef([LT_PROG_GCJ], [m4_define([LT_PROG_GCJ], defn([LT_PROG_GCJ])[LT_LANG(GCJ)])])])])]) +AC_PROVIDE_IFELSE([AC_PROG_GO], + [LT_LANG(GO)], + [m4_define([AC_PROG_GO], defn([AC_PROG_GO])[LT_LANG(GO)])]) + AC_PROVIDE_IFELSE([LT_PROG_RC], [LT_LANG(RC)], [m4_define([LT_PROG_RC], defn([LT_PROG_RC])[LT_LANG(RC)])]) @@ -902,7 +934,7 @@ ac_outfile=conftest.$ac_objext echo "$lt_simple_compile_test_code" >conftest.$ac_ext eval "$ac_compile" 2>&1 >/dev/null | $SED '/^$/d; /^ *+/d' >conftest.err _lt_compiler_boilerplate=`cat conftest.err` -$RM -r conftest* +$RM conftest* ])# _LT_COMPILER_BOILERPLATE @@ -954,7 +986,13 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ $LTCC $LTCFLAGS $LDFLAGS -o libconftest.dylib \ -dynamiclib -Wl,-single_module conftest.c 2>conftest.err _lt_result=$? - if test -f libconftest.dylib && test ! -s conftest.err && test $_lt_result = 0; then + # If there is a non-empty error log, and "single_module" + # appears in it, assume the flag caused a linker warning + if test -s conftest.err && $GREP single_module conftest.err; then + cat conftest.err >&AS_MESSAGE_LOG_FD + # Otherwise, if the output was created with a 0 exit code from + # the compiler, it worked. + elif test -f libconftest.dylib && test $_lt_result -eq 0; then lt_cv_apple_cc_single_mod=yes else cat conftest.err >&AS_MESSAGE_LOG_FD @@ -962,6 +1000,7 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ rm -rf libconftest.dylib* rm -f conftest.* fi]) + AC_CACHE_CHECK([for -exported_symbols_list linker flag], [lt_cv_ld_exported_symbols_list], [lt_cv_ld_exported_symbols_list=no @@ -973,6 +1012,7 @@ m4_defun_once([_LT_REQUIRED_DARWIN_CHECKS],[ [lt_cv_ld_exported_symbols_list=no]) LDFLAGS="$save_LDFLAGS" ]) + AC_CACHE_CHECK([for -force_load linker flag],[lt_cv_ld_force_load], [lt_cv_ld_force_load=no cat > conftest.c << _LT_EOF @@ -990,7 +1030,9 @@ _LT_EOF echo "$LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a" >&AS_MESSAGE_LOG_FD $LTCC $LTCFLAGS $LDFLAGS -o conftest conftest.c -Wl,-force_load,./libconftest.a 2>conftest.err _lt_result=$? - if test -f conftest && test ! -s conftest.err && test $_lt_result = 0 && $GREP forced_load conftest 2>&1 >/dev/null; then + if test -s conftest.err && $GREP force_load conftest.err; then + cat conftest.err >&AS_MESSAGE_LOG_FD + elif test -f conftest && test $_lt_result -eq 0 && $GREP forced_load conftest >/dev/null 2>&1 ; then lt_cv_ld_force_load=yes else cat conftest.err >&AS_MESSAGE_LOG_FD @@ -1035,8 +1077,8 @@ _LT_EOF ]) -# _LT_DARWIN_LINKER_FEATURES -# -------------------------- +# _LT_DARWIN_LINKER_FEATURES([TAG]) +# --------------------------------- # Checks for linker and compiler features on darwin m4_defun([_LT_DARWIN_LINKER_FEATURES], [ @@ -1047,6 +1089,8 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES], _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported if test "$lt_cv_ld_force_load" = "yes"; then _LT_TAGVAR(whole_archive_flag_spec, $1)='`for conv in $convenience\"\"; do test -n \"$conv\" && new_convenience=\"$new_convenience ${wl}-force_load,$conv\"; done; func_echo_all \"$new_convenience\"`' + m4_case([$1], [F77], [_LT_TAGVAR(compiler_needs_object, $1)=yes], + [FC], [_LT_TAGVAR(compiler_needs_object, $1)=yes]) else _LT_TAGVAR(whole_archive_flag_spec, $1)='' fi @@ -1073,30 +1117,41 @@ m4_defun([_LT_DARWIN_LINKER_FEATURES], fi ]) -# _LT_SYS_MODULE_PATH_AIX -# ----------------------- +# _LT_SYS_MODULE_PATH_AIX([TAGNAME]) +# ---------------------------------- # Links a minimal program and checks the executable # for the system default hardcoded library path. In most cases, # this is /usr/lib:/lib, but when the MPI compilers are used # the location of the communication and MPI libs are included too. # If we don't find anything, use the default library path according # to the aix ld manual. +# Store the results from the different compilers for each TAGNAME. +# Allow to override them for all tags through lt_cv_aix_libpath. m4_defun([_LT_SYS_MODULE_PATH_AIX], [m4_require([_LT_DECL_SED])dnl -AC_LINK_IFELSE(AC_LANG_PROGRAM,[ -lt_aix_libpath_sed=' - /Import File Strings/,/^$/ { - /^0/ { - s/^0 *\(.*\)$/\1/ - p - } - }' -aix_libpath=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -# Check for a 64-bit object if we didn't find anything. -if test -z "$aix_libpath"; then - aix_libpath=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` -fi],[]) -if test -z "$aix_libpath"; then aix_libpath="/usr/lib:/lib"; fi +if test "${lt_cv_aix_libpath+set}" = set; then + aix_libpath=$lt_cv_aix_libpath +else + AC_CACHE_VAL([_LT_TAGVAR([lt_cv_aix_libpath_], [$1])], + [AC_LINK_IFELSE([AC_LANG_PROGRAM],[ + lt_aix_libpath_sed='[ + /Import File Strings/,/^$/ { + /^0/ { + s/^0 *\([^ ]*\) *$/\1/ + p + } + }]' + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -H conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + # Check for a 64-bit object if we didn't find anything. + if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])=`dump -HX64 conftest$ac_exeext 2>/dev/null | $SED -n -e "$lt_aix_libpath_sed"` + fi],[]) + if test -z "$_LT_TAGVAR([lt_cv_aix_libpath_], [$1])"; then + _LT_TAGVAR([lt_cv_aix_libpath_], [$1])="/usr/lib:/lib" + fi + ]) + aix_libpath=$_LT_TAGVAR([lt_cv_aix_libpath_], [$1]) +fi ])# _LT_SYS_MODULE_PATH_AIX @@ -1121,7 +1176,7 @@ ECHO=$ECHO$ECHO$ECHO$ECHO$ECHO$ECHO AC_MSG_CHECKING([how to print strings]) # Test print first, because it will be a builtin if present. -if test "X`print -r -- -n 2>/dev/null`" = X-n && \ +if test "X`( print -r -- -n ) 2>/dev/null`" = X-n && \ test "X`print -r -- $ECHO 2>/dev/null`" = "X$ECHO"; then ECHO='print -r --' elif test "X`printf %s $ECHO 2>/dev/null`" = "X$ECHO"; then @@ -1165,6 +1220,39 @@ _LT_DECL([], [ECHO], [1], [An echo program that protects backslashes]) ])# _LT_PROG_ECHO_BACKSLASH +# _LT_WITH_SYSROOT +# ---------------- +AC_DEFUN([_LT_WITH_SYSROOT], +[AC_MSG_CHECKING([for sysroot]) +AC_ARG_WITH([sysroot], +[ --with-sysroot[=DIR] Search for dependent libraries within DIR + (or the compiler's sysroot if not specified).], +[], [with_sysroot=no]) + +dnl lt_sysroot will always be passed unquoted. We quote it here +dnl in case the user passed a directory name. +lt_sysroot= +case ${with_sysroot} in #( + yes) + if test "$GCC" = yes; then + lt_sysroot=`$CC --print-sysroot 2>/dev/null` + fi + ;; #( + /*) + lt_sysroot=`echo "$with_sysroot" | sed -e "$sed_quote_subst"` + ;; #( + no|'') + ;; #( + *) + AC_MSG_RESULT([${with_sysroot}]) + AC_MSG_ERROR([The sysroot must be an absolute path.]) + ;; +esac + + AC_MSG_RESULT([${lt_sysroot:-no}]) +_LT_DECL([], [lt_sysroot], [0], [The root where to search for ]dnl +[dependent libraries, and in which our libraries should be installed.])]) + # _LT_ENABLE_LOCK # --------------- m4_defun([_LT_ENABLE_LOCK], @@ -1286,14 +1374,27 @@ s390*-*linux*|s390*-*tpf*|sparc*-*linux*) CFLAGS="$SAVE_CFLAGS" fi ;; -sparc*-*solaris*) +*-*solaris*) # Find out which ABI we are using. echo 'int i;' > conftest.$ac_ext if AC_TRY_EVAL(ac_compile); then case `/usr/bin/file conftest.o` in *64-bit*) case $lt_cv_prog_gnu_ld in - yes*) LD="${LD-ld} -m elf64_sparc" ;; + yes*) + case $host in + i?86-*-solaris*) + LD="${LD-ld} -m elf_x86_64" + ;; + sparc*-*-solaris*) + LD="${LD-ld} -m elf64_sparc" + ;; + esac + # GNU ld 2.21 introduced _sol2 emulations. Use them if available. + if ${LD-ld} -V | grep _sol2 >/dev/null 2>&1; then + LD="${LD-ld}_sol2" + fi + ;; *) if ${LD-ld} -64 -r -o conftest2.o conftest.o >/dev/null 2>&1; then LD="${LD-ld} -64" @@ -1311,14 +1412,47 @@ need_locks="$enable_libtool_lock" ])# _LT_ENABLE_LOCK +# _LT_PROG_AR +# ----------- +m4_defun([_LT_PROG_AR], +[AC_CHECK_TOOLS(AR, [ar], false) +: ${AR=ar} +: ${AR_FLAGS=cru} +_LT_DECL([], [AR], [1], [The archiver]) +_LT_DECL([], [AR_FLAGS], [1], [Flags to create an archive]) + +AC_CACHE_CHECK([for archiver @FILE support], [lt_cv_ar_at_file], + [lt_cv_ar_at_file=no + AC_COMPILE_IFELSE([AC_LANG_PROGRAM], + [echo conftest.$ac_objext > conftest.lst + lt_ar_try='$AR $AR_FLAGS libconftest.a @conftest.lst >&AS_MESSAGE_LOG_FD' + AC_TRY_EVAL([lt_ar_try]) + if test "$ac_status" -eq 0; then + # Ensure the archiver fails upon bogus file names. + rm -f conftest.$ac_objext libconftest.a + AC_TRY_EVAL([lt_ar_try]) + if test "$ac_status" -ne 0; then + lt_cv_ar_at_file=@ + fi + fi + rm -f conftest.* libconftest.a + ]) + ]) + +if test "x$lt_cv_ar_at_file" = xno; then + archiver_list_spec= +else + archiver_list_spec=$lt_cv_ar_at_file +fi +_LT_DECL([], [archiver_list_spec], [1], + [How to feed a file listing to the archiver]) +])# _LT_PROG_AR + + # _LT_CMD_OLD_ARCHIVE # ------------------- m4_defun([_LT_CMD_OLD_ARCHIVE], -[AC_CHECK_TOOL(AR, ar, false) -test -z "$AR" && AR=ar -test -z "$AR_FLAGS" && AR_FLAGS=cru -_LT_DECL([], [AR], [1], [The archiver]) -_LT_DECL([], [AR_FLAGS], [1]) +[_LT_PROG_AR AC_CHECK_TOOL(STRIP, strip, :) test -z "$STRIP" && STRIP=: @@ -1337,13 +1471,13 @@ old_postuninstall_cmds= if test -n "$RANLIB"; then case $host_os in openbsd*) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$oldlib" + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB -t \$tool_oldlib" ;; *) - old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$oldlib" + old_postinstall_cmds="$old_postinstall_cmds~\$RANLIB \$tool_oldlib" ;; esac - old_archive_cmds="$old_archive_cmds~\$RANLIB \$oldlib" + old_archive_cmds="$old_archive_cmds~\$RANLIB \$tool_oldlib" fi case $host_os in @@ -1396,7 +1530,7 @@ AC_CACHE_CHECK([$1], [$2], $2=yes fi fi - $RM -r conftest* + $RM conftest* ]) if test x"[$]$2" = xyes; then @@ -1523,6 +1657,11 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl lt_cv_sys_max_cmd_len=196608 ;; + os2*) + # The test takes a long time on OS/2. + lt_cv_sys_max_cmd_len=8192 + ;; + osf*) # Dr. Hans Ekkehard Plesser reports seeing a kernel panic running configure # due to this test when exec_disable_arg_limit is 1 on Tru64. It is not @@ -1562,7 +1701,7 @@ AC_CACHE_VAL([lt_cv_sys_max_cmd_len], [dnl # If test is not a shell built-in, we'll probably end up computing a # maximum length that is only half of the actual maximum length, but # we can't tell. - while { test "X"`func_fallback_echo "$teststring$teststring" 2>/dev/null` \ + while { test "X"`env echo "$teststring$teststring" 2>/dev/null` \ = "X$teststring$teststring"; } >/dev/null 2>&1 && test $i != 17 # 1/2 MB should be enough do @@ -1658,10 +1797,10 @@ else /* When -fvisbility=hidden is used, assume the code has been annotated correspondingly for the symbols needed. */ #if defined(__GNUC__) && (((__GNUC__ == 3) && (__GNUC_MINOR__ >= 3)) || (__GNUC__ > 3)) -void fnord () __attribute__((visibility("default"))); +int fnord () __attribute__((visibility("default"))); #endif -void fnord () { int i=42; } +int fnord () { return 42; } int main () { void *self = dlopen (0, LT_DLGLOBAL|LT_DLLAZY_OR_NOW); @@ -1866,14 +2005,14 @@ AC_CACHE_CHECK([if $compiler supports -c -o file.$ac_objext], fi fi chmod u+w . 2>&AS_MESSAGE_LOG_FD - $RM -r conftest* + $RM conftest* # SGI C++ compiler will create directory out/ii_files/ for # template instantiation test -d out/ii_files && $RM out/ii_files/* && rmdir out/ii_files $RM out/* && rmdir out cd .. $RM -r conftest - $RM -r conftest* + $RM conftest* ]) _LT_TAGDECL([compiler_c_o], [lt_cv_prog_compiler_c_o], [1], [Does compiler simultaneously support -c and -o options?]) @@ -1893,7 +2032,7 @@ if test "$_LT_TAGVAR(lt_cv_prog_compiler_c_o, $1)" = no && test "$need_locks" != # do not overwrite the value of need_locks provided by the user AC_MSG_CHECKING([if we can lock with hard links]) hard_links=yes - $RM -r conftest* + $RM conftest* ln conftest.a conftest.b 2>/dev/null && hard_links=no touch conftest.a ln conftest.a conftest.b 2>&5 || hard_links=no @@ -2108,7 +2247,7 @@ need_version=unknown case $host_os in aix3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix $libname.a' shlibpath_var=LIBPATH @@ -2117,7 +2256,7 @@ aix3*) ;; aix[[4-9]]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no hardcode_into_libs=yes @@ -2182,7 +2321,7 @@ beos*) ;; bsdi[[45]]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' @@ -2201,8 +2340,9 @@ cygwin* | mingw* | pw32* | cegcc*) need_version=no need_lib_prefix=no - case $GCC,$host_os in - yes,cygwin* | yes,mingw* | yes,pw32* | yes,cegcc*) + case $GCC,$cc_basename in + yes,*) + # gcc library_names_spec='$libname.dll.a' # DLL is installed to $(libdir)/../bin by postinstall_cmds postinstall_cmds='base_file=`basename \${file}`~ @@ -2235,13 +2375,71 @@ m4_if([$1], [],[ library_names_spec='`echo ${libname} | sed -e 's/^lib/pw/'``echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' ;; esac + dynamic_linker='Win32 ld.exe' + ;; + + *,cl*) + # Native MSVC + libname_spec='$name' + soname_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext}' + library_names_spec='${libname}.dll.lib' + + case $build_os in + mingw*) + sys_lib_search_path_spec= + lt_save_ifs=$IFS + IFS=';' + for lt_path in $LIB + do + IFS=$lt_save_ifs + # Let DOS variable expansion print the short 8.3 style file name. + lt_path=`cd "$lt_path" 2>/dev/null && cmd //C "for %i in (".") do @echo %~si"` + sys_lib_search_path_spec="$sys_lib_search_path_spec $lt_path" + done + IFS=$lt_save_ifs + # Convert to MSYS style. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | sed -e 's|\\\\|/|g' -e 's| \\([[a-zA-Z]]\\):| /\\1|g' -e 's|^ ||'` + ;; + cygwin*) + # Convert to unix form, then to dos form, then back to unix form + # but this time dos style (no spaces!) so that the unix form looks + # like /cygdrive/c/PROGRA~1:/cygdr... + sys_lib_search_path_spec=`cygpath --path --unix "$LIB"` + sys_lib_search_path_spec=`cygpath --path --dos "$sys_lib_search_path_spec" 2>/dev/null` + sys_lib_search_path_spec=`cygpath --path --unix "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + ;; + *) + sys_lib_search_path_spec="$LIB" + if $ECHO "$sys_lib_search_path_spec" | [$GREP ';[c-zC-Z]:/' >/dev/null]; then + # It is most probably a Windows format PATH. + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e 's/;/ /g'` + else + sys_lib_search_path_spec=`$ECHO "$sys_lib_search_path_spec" | $SED -e "s/$PATH_SEPARATOR/ /g"` + fi + # FIXME: find the short name or the path components, as spaces are + # common. (e.g. "Program Files" -> "PROGRA~1") + ;; + esac + + # DLL is installed to $(libdir)/../bin by postinstall_cmds + postinstall_cmds='base_file=`basename \${file}`~ + dlpath=`$SHELL 2>&1 -c '\''. $dir/'\''\${base_file}'\''i; echo \$dlname'\''`~ + dldir=$destdir/`dirname \$dlpath`~ + test -d \$dldir || mkdir -p \$dldir~ + $install_prog $dir/$dlname \$dldir/$dlname' + postuninstall_cmds='dldll=`$SHELL 2>&1 -c '\''. $file; echo \$dlname'\''`~ + dlpath=$dir/\$dldll~ + $RM \$dlpath' + shlibpath_overrides_runpath=yes + dynamic_linker='Win32 link.exe' ;; *) + # Assume MSVC wrapper library_names_spec='${libname}`echo ${release} | $SED -e 's/[[.]]/-/g'`${versuffix}${shared_ext} $libname.lib' + dynamic_linker='Win32 ld.exe' ;; esac - dynamic_linker='Win32 ld.exe' # FIXME: first we should search . and the directory the executable is in shlibpath_var=PATH ;; @@ -2251,7 +2449,7 @@ darwin* | rhapsody*) version_type=darwin need_lib_prefix=no need_version=no - library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext ${libname}${release}${versuffix}$shared_ext' + library_names_spec='${libname}${release}${major}$shared_ext ${libname}$shared_ext' soname_spec='${libname}${release}${major}$shared_ext' shlibpath_overrides_runpath=yes shlibpath_var=DYLD_LIBRARY_PATH @@ -2262,7 +2460,7 @@ m4_if([$1], [],[ ;; dgux*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname$shared_ext' @@ -2270,10 +2468,6 @@ dgux*) shlibpath_var=LD_LIBRARY_PATH ;; -freebsd1*) - dynamic_linker=no - ;; - freebsd* | dragonfly*) # DragonFly does not have aout. When/if they implement a new # versioning mechanism, adjust this. @@ -2281,7 +2475,7 @@ freebsd* | dragonfly*) objformat=`/usr/bin/objformat` else case $host_os in - freebsd[[123]]*) objformat=aout ;; + freebsd[[23]].*) objformat=aout ;; *) objformat=elf ;; esac fi @@ -2299,7 +2493,7 @@ freebsd* | dragonfly*) esac shlibpath_var=LD_LIBRARY_PATH case $host_os in - freebsd2*) + freebsd2.*) shlibpath_overrides_runpath=yes ;; freebsd3.[[01]]* | freebsdelf3.[[01]]*) @@ -2319,17 +2513,18 @@ freebsd* | dragonfly*) ;; gnu*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}${major} ${libname}${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH + shlibpath_overrides_runpath=no hardcode_into_libs=yes ;; haiku*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no dynamic_linker="$host_os runtime_loader" @@ -2390,7 +2585,7 @@ hpux9* | hpux10* | hpux11*) ;; interix[[3-9]]*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major ${libname}${shared_ext}' @@ -2406,7 +2601,7 @@ irix5* | irix6* | nonstopux*) nonstopux*) version_type=nonstopux ;; *) if test "$lt_cv_prog_gnu_ld" = yes; then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor else version_type=irix fi ;; @@ -2443,9 +2638,9 @@ linux*oldld* | linux*aout* | linux*coff*) dynamic_linker=no ;; -# This must be Linux ELF. +# This must be glibc/ELF. linux* | k*bsd*-gnu | kopensolaris*-gnu) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2508,7 +2703,7 @@ netbsd*) ;; newsos6) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' shlibpath_var=LD_LIBRARY_PATH shlibpath_overrides_runpath=yes @@ -2577,7 +2772,7 @@ rdos*) ;; solaris*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2602,7 +2797,7 @@ sunos4*) ;; sysv4 | sysv4.3*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -2626,7 +2821,7 @@ sysv4 | sysv4.3*) sysv4*MP*) if test -d /usr/nec ;then - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='$libname${shared_ext}.$versuffix $libname${shared_ext}.$major $libname${shared_ext}' soname_spec='$libname${shared_ext}.$major' shlibpath_var=LD_LIBRARY_PATH @@ -2657,7 +2852,7 @@ sysv5* | sco3.2v5* | sco5v6* | unixware* | OpenUNIX* | sysv4*uw2*) tpf*) # TPF is a cross-target only. Preferred cross-host = GNU/Linux. - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor need_lib_prefix=no need_version=no library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' @@ -2667,7 +2862,7 @@ tpf*) ;; uts4*) - version_type=linux + version_type=linux # correct to gnu/linux during the next big refactor library_names_spec='${libname}${release}${shared_ext}$versuffix ${libname}${release}${shared_ext}$major $libname${shared_ext}' soname_spec='${libname}${release}${shared_ext}$major' shlibpath_var=LD_LIBRARY_PATH @@ -2945,6 +3140,11 @@ case $reload_flag in esac reload_cmds='$LD$reload_flag -o $output$reload_objs' case $host_os in + cygwin* | mingw* | pw32* | cegcc*) + if test "$GCC" != yes; then + reload_cmds=false + fi + ;; darwin*) if test "$GCC" = yes; then reload_cmds='$LTCC $LTCFLAGS -nostdlib ${wl}-r -o $output$reload_objs' @@ -3084,7 +3284,7 @@ irix5* | irix6* | nonstopux*) lt_cv_deplibs_check_method=pass_all ;; -# This must be Linux ELF. +# This must be glibc/ELF. linux* | k*bsd*-gnu | kopensolaris*-gnu) lt_cv_deplibs_check_method=pass_all ;; @@ -3163,6 +3363,21 @@ tpf*) ;; esac ]) + +file_magic_glob= +want_nocaseglob=no +if test "$build" = "$host"; then + case $host_os in + mingw* | pw32*) + if ( shopt | grep nocaseglob ) >/dev/null 2>&1; then + want_nocaseglob=yes + else + file_magic_glob=`echo aAbBcCdDeEfFgGhHiIjJkKlLmMnNoOpPqQrRsStTuUvVwWxXyYzZ | $SED -e "s/\(..\)/s\/[[\1]]\/[[\1]]\/g;/g"` + fi + ;; + esac +fi + file_magic_cmd=$lt_cv_file_magic_cmd deplibs_check_method=$lt_cv_deplibs_check_method test -z "$deplibs_check_method" && deplibs_check_method=unknown @@ -3170,7 +3385,11 @@ test -z "$deplibs_check_method" && deplibs_check_method=unknown _LT_DECL([], [deplibs_check_method], [1], [Method to check whether dependent libraries are shared objects]) _LT_DECL([], [file_magic_cmd], [1], - [Command to use when deplibs_check_method == "file_magic"]) + [Command to use when deplibs_check_method = "file_magic"]) +_LT_DECL([], [file_magic_glob], [1], + [How to find potential files when deplibs_check_method = "file_magic"]) +_LT_DECL([], [want_nocaseglob], [1], + [Find potential files using nocaseglob when deplibs_check_method = "file_magic"]) ])# _LT_CHECK_MAGIC_METHOD @@ -3263,7 +3482,7 @@ AC_CACHE_CHECK([the name lister ($NM) interface], [lt_cv_nm_interface], if $GREP 'External.*some_variable' conftest.out > /dev/null; then lt_cv_nm_interface="MS dumpbin" fi - rm -r -f conftest*]) + rm -f conftest*]) ])# LT_PATH_NM # Old names: @@ -3273,6 +3492,67 @@ dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([AM_PROG_NM], []) dnl AC_DEFUN([AC_PROG_NM], []) +# _LT_CHECK_SHAREDLIB_FROM_LINKLIB +# -------------------------------- +# how to determine the name of the shared library +# associated with a specific link library. +# -- PORTME fill in with the dynamic library characteristics +m4_defun([_LT_CHECK_SHAREDLIB_FROM_LINKLIB], +[m4_require([_LT_DECL_EGREP]) +m4_require([_LT_DECL_OBJDUMP]) +m4_require([_LT_DECL_DLLTOOL]) +AC_CACHE_CHECK([how to associate runtime and link libraries], +lt_cv_sharedlib_from_linklib_cmd, +[lt_cv_sharedlib_from_linklib_cmd='unknown' + +case $host_os in +cygwin* | mingw* | pw32* | cegcc*) + # two different shell functions defined in ltmain.sh + # decide which to use based on capabilities of $DLLTOOL + case `$DLLTOOL --help 2>&1` in + *--identify-strict*) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib + ;; + *) + lt_cv_sharedlib_from_linklib_cmd=func_cygming_dll_for_implib_fallback + ;; + esac + ;; +*) + # fallback: assume linklib IS sharedlib + lt_cv_sharedlib_from_linklib_cmd="$ECHO" + ;; +esac +]) +sharedlib_from_linklib_cmd=$lt_cv_sharedlib_from_linklib_cmd +test -z "$sharedlib_from_linklib_cmd" && sharedlib_from_linklib_cmd=$ECHO + +_LT_DECL([], [sharedlib_from_linklib_cmd], [1], + [Command to associate shared and link libraries]) +])# _LT_CHECK_SHAREDLIB_FROM_LINKLIB + + +# _LT_PATH_MANIFEST_TOOL +# ---------------------- +# locate the manifest tool +m4_defun([_LT_PATH_MANIFEST_TOOL], +[AC_CHECK_TOOL(MANIFEST_TOOL, mt, :) +test -z "$MANIFEST_TOOL" && MANIFEST_TOOL=mt +AC_CACHE_CHECK([if $MANIFEST_TOOL is a manifest tool], [lt_cv_path_mainfest_tool], + [lt_cv_path_mainfest_tool=no + echo "$as_me:$LINENO: $MANIFEST_TOOL '-?'" >&AS_MESSAGE_LOG_FD + $MANIFEST_TOOL '-?' 2>conftest.err > conftest.out + cat conftest.err >&AS_MESSAGE_LOG_FD + if $GREP 'Manifest Tool' conftest.out > /dev/null; then + lt_cv_path_mainfest_tool=yes + fi + rm -f conftest*]) +if test "x$lt_cv_path_mainfest_tool" != xyes; then + MANIFEST_TOOL=: +fi +_LT_DECL([], [MANIFEST_TOOL], [1], [Manifest tool])dnl +])# _LT_PATH_MANIFEST_TOOL + # LT_LIB_M # -------- @@ -3399,8 +3679,8 @@ esac lt_cv_sys_global_symbol_to_cdecl="sed -n -e 's/^T .* \(.*\)$/extern int \1();/p' -e 's/^$symcode* .* \(.*\)$/extern char \1;/p'" # Transform an extracted symbol line into symbol name and symbol address -lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p'" -lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\) $/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"lib\2\", (void *) \&\2},/p'" +lt_cv_sys_global_symbol_to_c_name_address="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p'" +lt_cv_sys_global_symbol_to_c_name_address_lib_prefix="sed -n -e 's/^: \([[^ ]]*\)[[ ]]*$/ {\\\"\1\\\", (void *) 0},/p' -e 's/^$symcode* \([[^ ]]*\) \(lib[[^ ]]*\)$/ {\"\2\", (void *) \&\2},/p' -e 's/^$symcode* \([[^ ]]*\) \([[^ ]]*\)$/ {\"lib\2\", (void *) \&\2},/p'" # Handle CRLF in mingw tool chain opt_cr= @@ -3424,6 +3704,7 @@ for ac_symprfx in "" "_"; do # which start with @ or ?. lt_cv_sys_global_symbol_pipe="$AWK ['"\ " {last_section=section; section=\$ 3};"\ +" /^COFF SYMBOL TABLE/{for(i in hide) delete hide[i]};"\ " /Section length .*#relocs.*(pick any)/{hide[last_section]=1};"\ " \$ 0!~/External *\|/{next};"\ " / 0+ UNDEF /{next}; / UNDEF \([^|]\)*()/{next};"\ @@ -3436,11 +3717,12 @@ for ac_symprfx in "" "_"; do else lt_cv_sys_global_symbol_pipe="sed -n -e 's/^.*[[ ]]\($symcode$symcode*\)[[ ]][[ ]]*$ac_symprfx$sympat$opt_cr$/$symxfrm/p'" fi + lt_cv_sys_global_symbol_pipe="$lt_cv_sys_global_symbol_pipe | sed '/ __gnu_lto/d'" # Check to see that the pipe works correctly. pipe_works=no - rm -r -f conftest* + rm -f conftest* cat > conftest.$ac_ext <<_LT_EOF #ifdef __cplusplus extern "C" { @@ -3469,6 +3751,18 @@ _LT_EOF if $GREP ' nm_test_var$' "$nlist" >/dev/null; then if $GREP ' nm_test_func$' "$nlist" >/dev/null; then cat <<_LT_EOF > conftest.$ac_ext +/* Keep this code in sync between libtool.m4, ltmain, lt_system.h, and tests. */ +#if defined(_WIN32) || defined(__CYGWIN__) || defined(_WIN32_WCE) +/* DATA imports from DLLs on WIN32 con't be const, because runtime + relocations are performed -- see ld's documentation on pseudo-relocs. */ +# define LT@&t@_DLSYM_CONST +#elif defined(__osf__) +/* This system does not cope well with relocations in const data. */ +# define LT@&t@_DLSYM_CONST +#else +# define LT@&t@_DLSYM_CONST const +#endif + #ifdef __cplusplus extern "C" { #endif @@ -3480,7 +3774,7 @@ _LT_EOF cat <<_LT_EOF >> conftest.$ac_ext /* The mapping between symbol names and symbols. */ -const struct { +LT@&t@_DLSYM_CONST struct { const char *name; void *address; } @@ -3506,15 +3800,15 @@ static const void *lt_preloaded_setup() { _LT_EOF # Now try linking the two files. mv conftest.$ac_objext conftstm.$ac_objext - lt_save_LIBS="$LIBS" - lt_save_CFLAGS="$CFLAGS" + lt_globsym_save_LIBS=$LIBS + lt_globsym_save_CFLAGS=$CFLAGS LIBS="conftstm.$ac_objext" CFLAGS="$CFLAGS$_LT_TAGVAR(lt_prog_compiler_no_builtin_flag, $1)" if AC_TRY_EVAL(ac_link) && test -s conftest${ac_exeext}; then pipe_works=yes fi - LIBS="$lt_save_LIBS" - CFLAGS="$lt_save_CFLAGS" + LIBS=$lt_globsym_save_LIBS + CFLAGS=$lt_globsym_save_CFLAGS else echo "cannot find nm_test_func in $nlist" >&AS_MESSAGE_LOG_FD fi @@ -3547,6 +3841,13 @@ else AC_MSG_RESULT(ok) fi +# Response file support. +if test "$lt_cv_nm_interface" = "MS dumpbin"; then + nm_file_list_spec='@' +elif $NM --help 2>/dev/null | grep '[[@]]FILE' >/dev/null; then + nm_file_list_spec='@' +fi + _LT_DECL([global_symbol_pipe], [lt_cv_sys_global_symbol_pipe], [1], [Take the output of nm and produce a listing of raw symbols and C names]) _LT_DECL([global_symbol_to_cdecl], [lt_cv_sys_global_symbol_to_cdecl], [1], @@ -3557,6 +3858,8 @@ _LT_DECL([global_symbol_to_c_name_address], _LT_DECL([global_symbol_to_c_name_address_lib_prefix], [lt_cv_sys_global_symbol_to_c_name_address_lib_prefix], [1], [Transform the output of nm in a C name address pair when lib prefix is needed]) +_LT_DECL([], [nm_file_list_spec], [1], + [Specify filename containing input files for $NM]) ]) # _LT_CMD_GLOBAL_SYMBOLS @@ -3568,7 +3871,6 @@ _LT_TAGVAR(lt_prog_compiler_wl, $1)= _LT_TAGVAR(lt_prog_compiler_pic, $1)= _LT_TAGVAR(lt_prog_compiler_static, $1)= -AC_MSG_CHECKING([for $compiler option to produce PIC]) m4_if([$1], [CXX], [ # C++ specific cases for pic, static, wl, etc. if test "$GXX" = yes; then @@ -3673,6 +3975,12 @@ m4_if([$1], [CXX], [ ;; esac ;; + mingw* | cygwin* | os2* | pw32* | cegcc*) + # This hack is so that the source file can tell whether it is being + # built for inclusion in a dll (and should export symbols for example). + m4_if([$1], [GCJ], [], + [_LT_TAGVAR(lt_prog_compiler_pic, $1)='-DDLL_EXPORT']) + ;; dgux*) case $cc_basename in ec++*) @@ -3981,7 +4289,9 @@ m4_if([$1], [CXX], [ case $cc_basename in nvcc*) # Cuda Compiler Driver 2.2 _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Xlinker ' - _LT_TAGVAR(lt_prog_compiler_pic, $1)='-Xcompiler -fPIC' + if test -n "$_LT_TAGVAR(lt_prog_compiler_pic, $1)"; then + _LT_TAGVAR(lt_prog_compiler_pic, $1)="-Xcompiler $_LT_TAGVAR(lt_prog_compiler_pic, $1)" + fi ;; esac else @@ -4047,6 +4357,12 @@ m4_if([$1], [CXX], [ _LT_TAGVAR(lt_prog_compiler_pic, $1)='--shared' _LT_TAGVAR(lt_prog_compiler_static, $1)='--static' ;; + nagfor*) + # NAG Fortran compiler + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,-Wl,,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-PIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; pgcc* | pgf77* | pgf90* | pgf95* | pgfortran*) # Portland Group compilers (*not* the Pentium gcc compiler, # which looks to be a dead project) @@ -4067,18 +4383,33 @@ m4_if([$1], [CXX], [ ;; *) case `$CC -V 2>&1 | sed 5q` in - *Sun\ F* | *Sun*Fortran*) + *Sun\ Ceres\ Fortran* | *Sun*Fortran*\ [[1-7]].* | *Sun*Fortran*\ 8.[[0-3]]*) # Sun Fortran 8.3 passes all unrecognized flags to the linker _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='' ;; + *Sun\ F* | *Sun*Fortran*) + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Qoption ld ' + ;; *Sun\ C*) # Sun C 5.9 _LT_TAGVAR(lt_prog_compiler_pic, $1)='-KPIC' _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' ;; + *Intel*\ [[CF]]*Compiler*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fPIC' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-static' + ;; + *Portland\ Group*) + _LT_TAGVAR(lt_prog_compiler_wl, $1)='-Wl,' + _LT_TAGVAR(lt_prog_compiler_pic, $1)='-fpic' + _LT_TAGVAR(lt_prog_compiler_static, $1)='-Bstatic' + ;; esac ;; esac @@ -4166,9 +4497,11 @@ case $host_os in _LT_TAGVAR(lt_prog_compiler_pic, $1)="$_LT_TAGVAR(lt_prog_compiler_pic, $1)@&t@m4_if([$1],[],[ -DPIC],[m4_if([$1],[CXX],[ -DPIC],[])])" ;; esac -AC_MSG_RESULT([$_LT_TAGVAR(lt_prog_compiler_pic, $1)]) -_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1], - [How to pass a linker flag through the compiler]) + +AC_CACHE_CHECK([for $compiler option to produce PIC], + [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)], + [_LT_TAGVAR(lt_cv_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_prog_compiler_pic, $1)]) +_LT_TAGVAR(lt_prog_compiler_pic, $1)=$_LT_TAGVAR(lt_cv_prog_compiler_pic, $1) # # Check to make sure the PIC flag actually works. @@ -4187,6 +4520,8 @@ fi _LT_TAGDECL([pic_flag], [lt_prog_compiler_pic], [1], [Additional compiler flags for building library objects]) +_LT_TAGDECL([wl], [lt_prog_compiler_wl], [1], + [How to pass a linker flag through the compiler]) # # Check to make sure the static flag actually works. # @@ -4207,6 +4542,7 @@ _LT_TAGDECL([link_static_flag], [lt_prog_compiler_static], [1], m4_defun([_LT_LINKER_SHLIBS], [AC_REQUIRE([LT_PATH_LD])dnl AC_REQUIRE([LT_PATH_NM])dnl +m4_require([_LT_PATH_MANIFEST_TOOL])dnl m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_DECL_EGREP])dnl m4_require([_LT_DECL_SED])dnl @@ -4215,6 +4551,7 @@ m4_require([_LT_TAG_COMPILER])dnl AC_MSG_CHECKING([whether the $compiler linker ($LD) supports shared libraries]) m4_if([$1], [CXX], [ _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] case $host_os in aix[[4-9]]*) # If we're using GNU nm, then we don't want the "-C" option. @@ -4229,15 +4566,22 @@ m4_if([$1], [CXX], [ ;; pw32*) _LT_TAGVAR(export_symbols_cmds, $1)="$ltdll_cmds" - ;; + ;; cygwin* | mingw* | cegcc*) - _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;/^.*[[ ]]__nm__/s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' - ;; + case $cc_basename in + cl*) + _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' + ;; + *) + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] + ;; + esac + ;; *) _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED '\''s/.* //'\'' | sort | uniq > $export_symbols' - ;; + ;; esac - _LT_TAGVAR(exclude_expsyms, $1)=['_GLOBAL_OFFSET_TABLE_|_GLOBAL__F[ID]_.*'] ], [ runpath_var= _LT_TAGVAR(allow_undefined_flag, $1)= @@ -4252,7 +4596,6 @@ m4_if([$1], [CXX], [ _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported @@ -4405,7 +4748,8 @@ _LT_EOF _LT_TAGVAR(allow_undefined_flag, $1)=unsupported _LT_TAGVAR(always_export_symbols, $1)=no _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1 DATA/;s/^.*[[ ]]__nm__\([[^ ]]*\)[[ ]][[^ ]]*/\1 DATA/;/^I[[ ]]/d;/^[[AITW]][[ ]]/s/.* //'\'' | sort | uniq > $export_symbols' + _LT_TAGVAR(exclude_expsyms, $1)=['[_]+GLOBAL_OFFSET_TABLE_|[_]+GLOBAL__[FID]_.*|[_]+head_[A-Za-z0-9_]+_dll|[A-Za-z0-9_]+_dll_iname'] if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' @@ -4453,7 +4797,7 @@ _LT_EOF if $LD --help 2>&1 | $EGREP ': supported targets:.* elf' > /dev/null \ && test "$tmp_diet" = no then - tmp_addflag= + tmp_addflag=' $pic_flag' tmp_sharedflag='-shared' case $cc_basename,$host_cpu in pgcc*) # Portland Group C compiler @@ -4502,8 +4846,7 @@ _LT_EOF xlf* | bgf* | bgxlf* | mpixlf*) # IBM XL Fortran 10.1 on PPC cannot create shared libs itself _LT_TAGVAR(whole_archive_flag_spec, $1)='--whole-archive$convenience --no-whole-archive' - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= - _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='-rpath $libdir' + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' _LT_TAGVAR(archive_cmds, $1)='$LD -shared $libobjs $deplibs $linker_flags -soname $soname -o $lib' if test "x$supports_anon_versioning" = xyes; then _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $output_objdir/$libname.ver~ @@ -4523,8 +4866,8 @@ _LT_EOF _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable $libobjs $deplibs $linker_flags -o $lib' wlarc= else - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' fi ;; @@ -4542,8 +4885,8 @@ _LT_EOF _LT_EOF elif $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi @@ -4589,8 +4932,8 @@ _LT_EOF *) if $LD --help 2>&1 | $GREP ': supported targets:.* elf' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' else _LT_TAGVAR(ld_shlibs, $1)=no fi @@ -4720,7 +5063,7 @@ _LT_EOF _LT_TAGVAR(allow_undefined_flag, $1)='-berok' # Determine the default libpath from the value encoded in an # empty executable. - _LT_SYS_MODULE_PATH_AIX + _LT_SYS_MODULE_PATH_AIX([$1]) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" else @@ -4731,7 +5074,7 @@ _LT_EOF else # Determine the default libpath from the value encoded in an # empty executable. - _LT_SYS_MODULE_PATH_AIX + _LT_SYS_MODULE_PATH_AIX([$1]) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" # Warning - without using the other run time loading flags, # -berok will link without error, but may produce a broken library. @@ -4775,20 +5118,64 @@ _LT_EOF # Microsoft Visual C++. # hardcode_libdir_flag_spec is actually meaningless, as there is # no search path for DLLs. - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - # Tell ltmain to make .lib files, not .a files. - libext=lib - # Tell ltmain to make .dll files, not .so files. - shrext_cmds=".dll" - # FIXME: Setting linknames here is a bad hack. - _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' - # The linker will automatically build a .lib file if we build a DLL. - _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' - # FIXME: Should let the user specify the lib program. - _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs' - _LT_TAGVAR(fix_srcfile_path, $1)='`cygpath -w "$srcfile"`' - _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + case $cc_basename in + cl*) + # Native MSVC + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + sed -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + sed -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + _LT_TAGVAR(exclude_expsyms, $1)='_NULL_IMPORT_DESCRIPTOR|_IMPORT_DESCRIPTOR_.*' + _LT_TAGVAR(export_symbols_cmds, $1)='$NM $libobjs $convenience | $global_symbol_pipe | $SED -e '\''/^[[BCDGRS]][[ ]]/s/.*[[ ]]\([[^ ]]*\)/\1,DATA/'\'' | $SED -e '\''/^[[AITW]][[ ]]/s/.*[[ ]]//'\'' | sort | uniq > $export_symbols' + # Don't use ranlib + _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' + _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # Assume MSVC wrapper + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $lib $libobjs $compiler_flags `func_echo_all "$deplibs" | $SED '\''s/ -lc$//'\''` -link -dll~linknames=' + # The linker will automatically build a .lib file if we build a DLL. + _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + # FIXME: Should let the user specify the lib program. + _LT_TAGVAR(old_archive_cmds, $1)='lib -OUT:$oldlib$oldobjs$old_deplibs' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + ;; + esac ;; darwin* | rhapsody*) @@ -4801,10 +5188,6 @@ _LT_EOF _LT_TAGVAR(hardcode_shlibpath_var, $1)=no ;; - freebsd1*) - _LT_TAGVAR(ld_shlibs, $1)=no - ;; - # FreeBSD 2.2.[012] allows us to include c++rt0.o to get C++ constructor # support. Future versions do this automatically, but an explicit c++rt0.o # does not break anything, and helps significantly (at the cost of a little @@ -4817,7 +5200,7 @@ _LT_EOF ;; # Unfortunately, older versions of FreeBSD 2 do not have this feature. - freebsd2*) + freebsd2.*) _LT_TAGVAR(archive_cmds, $1)='$LD -Bshareable -o $lib $libobjs $deplibs $linker_flags' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_minus_L, $1)=yes @@ -4826,7 +5209,7 @@ _LT_EOF # FreeBSD 3 and greater uses gcc -shared to do shared libraries. freebsd* | dragonfly*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-R$libdir' _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_shlibpath_var, $1)=no @@ -4834,7 +5217,7 @@ _LT_EOF hpux9*) if test "$GCC" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $libobjs $deplibs $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' else _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$LD -b +b $install_libdir -o $output_objdir/$soname $libobjs $deplibs $linker_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' fi @@ -4850,13 +5233,12 @@ _LT_EOF hpux10*) if test "$GCC" = yes && test "$with_gnu_ld" = no; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' else _LT_TAGVAR(archive_cmds, $1)='$LD -b +h $soname +b $install_libdir -o $lib $libobjs $deplibs $linker_flags' fi if test "$with_gnu_ld" = no; then _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}+b ${wl}$libdir' - _LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)='+b $libdir' _LT_TAGVAR(hardcode_libdir_separator, $1)=: _LT_TAGVAR(hardcode_direct, $1)=yes _LT_TAGVAR(hardcode_direct_absolute, $1)=yes @@ -4874,10 +5256,10 @@ _LT_EOF _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}+h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' ;; ia64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $libobjs $deplibs $compiler_flags' ;; *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $libobjs $deplibs $compiler_flags' ;; esac else @@ -4924,16 +5306,31 @@ _LT_EOF irix5* | irix6* | nonstopux*) if test "$GCC" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' # Try to use the -exported_symbol ld option, if it does not # work, assume that -exports_file does not work either and # implicitly export all symbols. - save_LDFLAGS="$LDFLAGS" - LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" - AC_LINK_IFELSE(int foo(void) {}, - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' - ) - LDFLAGS="$save_LDFLAGS" + # This should be the same for all languages, so no per-tag cache variable. + AC_CACHE_CHECK([whether the $host_os linker accepts -exported_symbol], + [lt_cv_irix_exported_symbol], + [save_LDFLAGS="$LDFLAGS" + LDFLAGS="$LDFLAGS -shared ${wl}-exported_symbol ${wl}foo ${wl}-update_registry ${wl}/dev/null" + AC_LINK_IFELSE( + [AC_LANG_SOURCE( + [AC_LANG_CASE([C], [[int foo (void) { return 0; }]], + [C++], [[int foo (void) { return 0; }]], + [Fortran 77], [[ + subroutine foo + end]], + [Fortran], [[ + subroutine foo + end]])])], + [lt_cv_irix_exported_symbol=yes], + [lt_cv_irix_exported_symbol=no]) + LDFLAGS="$save_LDFLAGS"]) + if test "$lt_cv_irix_exported_symbol" = yes; then + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $pic_flag $libobjs $deplibs $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations ${wl}-exports_file ${wl}$export_symbols -o $lib' + fi else _LT_TAGVAR(archive_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared $libobjs $deplibs $compiler_flags -soname $soname `test -n "$verstring" && func_echo_all "-set_version $verstring"` -update_registry ${output_objdir}/so_locations -exports_file $export_symbols -o $lib' @@ -5018,7 +5415,7 @@ _LT_EOF osf4* | osf5*) # as osf3* with the addition of -msym flag if test "$GCC" = yes; then _LT_TAGVAR(allow_undefined_flag, $1)=' ${wl}-expect_unresolved ${wl}\*' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared${allow_undefined_flag} $pic_flag $libobjs $deplibs $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' else _LT_TAGVAR(allow_undefined_flag, $1)=' -expect_unresolved \*' @@ -5037,9 +5434,9 @@ _LT_EOF _LT_TAGVAR(no_undefined_flag, $1)=' -z defs' if test "$GCC" = yes; then wlarc='${wl}' - _LT_TAGVAR(archive_cmds, $1)='$CC -shared ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags' _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -shared ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' + $CC -shared $pic_flag ${wl}-z ${wl}text ${wl}-M ${wl}$lib.exp ${wl}-h ${wl}$soname -o $lib $libobjs $deplibs $compiler_flags~$RM $lib.exp' else case `$CC -V 2>&1` in *"Compilers 5.0"*) @@ -5217,7 +5614,7 @@ x|xyes) # to ld, don't add -lc before -lgcc. AC_CACHE_CHECK([whether -lc should be explicitly linked in], [lt_cv_]_LT_TAGVAR(archive_cmds_need_lc, $1), - [$RM -r conftest* + [$RM conftest* echo "$lt_simple_compile_test_code" > conftest.$ac_ext if AC_TRY_EVAL(ac_compile) 2>conftest.err; then @@ -5244,7 +5641,7 @@ x|xyes) else cat conftest.err 1>&5 fi - $RM -r conftest* + $RM conftest* ]) _LT_TAGVAR(archive_cmds_need_lc, $1)=$lt_cv_[]_LT_TAGVAR(archive_cmds_need_lc, $1) ;; @@ -5283,9 +5680,6 @@ _LT_TAGDECL([], [no_undefined_flag], [1], _LT_TAGDECL([], [hardcode_libdir_flag_spec], [1], [Flag to hardcode $libdir into a binary during linking. This must work even if $libdir does not exist]) -_LT_TAGDECL([], [hardcode_libdir_flag_spec_ld], [1], - [[If ld is used when linking, flag to hardcode $libdir into a binary - during linking. This must work even if $libdir does not exist]]) _LT_TAGDECL([], [hardcode_libdir_separator], [1], [Whether we need a single "-rpath" flag with a separated argument]) _LT_TAGDECL([], [hardcode_direct], [0], @@ -5311,8 +5705,6 @@ _LT_TAGDECL([], [inherit_rpath], [0], to runtime path list]) _LT_TAGDECL([], [link_all_deplibs], [0], [Whether libtool must link a program against all its dependency libraries]) -_LT_TAGDECL([], [fix_srcfile_path], [1], - [Fix the shell variable $srcfile for the compiler]) _LT_TAGDECL([], [always_export_symbols], [0], [Set to "yes" if exported symbols are required]) _LT_TAGDECL([], [export_symbols_cmds], [2], @@ -5323,6 +5715,8 @@ _LT_TAGDECL([], [include_expsyms], [1], [Symbols that must always be exported]) _LT_TAGDECL([], [prelink_cmds], [2], [Commands necessary for linking programs (against libraries) with templates]) +_LT_TAGDECL([], [postlink_cmds], [2], + [Commands necessary for finishing linking programs]) _LT_TAGDECL([], [file_list_spec], [1], [Specify filename containing input files]) dnl FIXME: Not yet implemented @@ -5424,6 +5818,7 @@ CC="$lt_save_CC" m4_defun([_LT_LANG_CXX_CONFIG], [m4_require([_LT_FILEUTILS_DEFAULTS])dnl m4_require([_LT_DECL_EGREP])dnl +m4_require([_LT_PATH_MANIFEST_TOOL])dnl if test -n "$CXX" && ( test "X$CXX" != "Xno" && ( (test "X$CXX" = "Xg++" && `g++ -v >/dev/null 2>&1` ) || (test "X$CXX" != "Xg++"))) ; then @@ -5442,7 +5837,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_shlibpath_var, $1)=unsupported @@ -5485,6 +5879,7 @@ if test "$_lt_caught_CXX_error" != yes; then # Allow CC to be a program name with arguments. lt_save_CC=$CC + lt_save_CFLAGS=$CFLAGS lt_save_LD=$LD lt_save_GCC=$GCC GCC=$GXX @@ -5502,6 +5897,7 @@ if test "$_lt_caught_CXX_error" != yes; then fi test -z "${LDCXX+set}" || LD=$LDCXX CC=${CXX-"c++"} + CFLAGS=$CXXFLAGS compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_CC_BASENAME([$compiler]) @@ -5523,8 +5919,8 @@ if test "$_lt_caught_CXX_error" != yes; then # Check if GNU C++ uses GNU ld as the underlying linker, since the # archiving commands below assume that GNU ld is being used. if test "$with_gnu_ld" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' - _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname -o $lib' + _LT_TAGVAR(archive_expsym_cmds, $1)='$CC $pic_flag -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname $wl$soname ${wl}-retain-symbols-file $wl$export_symbols -o $lib' _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-rpath ${wl}$libdir' _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-dynamic' @@ -5665,7 +6061,7 @@ if test "$_lt_caught_CXX_error" != yes; then _LT_TAGVAR(allow_undefined_flag, $1)='-berok' # Determine the default libpath from the value encoded in an empty # executable. - _LT_SYS_MODULE_PATH_AIX + _LT_SYS_MODULE_PATH_AIX([$1]) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" _LT_TAGVAR(archive_expsym_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $deplibs '"\${wl}$no_entry_flag"' $compiler_flags `if test "x${allow_undefined_flag}" != "x"; then func_echo_all "${wl}${allow_undefined_flag}"; else :; fi` '"\${wl}$exp_sym_flag:\$export_symbols $shared_flag" @@ -5677,7 +6073,7 @@ if test "$_lt_caught_CXX_error" != yes; then else # Determine the default libpath from the value encoded in an # empty executable. - _LT_SYS_MODULE_PATH_AIX + _LT_SYS_MODULE_PATH_AIX([$1]) _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='${wl}-blibpath:$libdir:'"$aix_libpath" # Warning - without using the other run time loading flags, # -berok will link without error, but may produce a broken library. @@ -5719,29 +6115,75 @@ if test "$_lt_caught_CXX_error" != yes; then ;; cygwin* | mingw* | pw32* | cegcc*) - # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, - # as there is no search path for DLLs. - _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' - _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols' - _LT_TAGVAR(allow_undefined_flag, $1)=unsupported - _LT_TAGVAR(always_export_symbols, $1)=no - _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes - - if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - # If the export-symbols file already is a .def file (1st line - # is EXPORTS), use it as is; otherwise, prepend... - _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then - cp $export_symbols $output_objdir/$soname.def; - else - echo EXPORTS > $output_objdir/$soname.def; - cat $export_symbols >> $output_objdir/$soname.def; - fi~ - $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' - else - _LT_TAGVAR(ld_shlibs, $1)=no - fi - ;; + case $GXX,$cc_basename in + ,cl* | no,cl*) + # Native MSVC + # hardcode_libdir_flag_spec is actually meaningless, as there is + # no search path for DLLs. + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)=' ' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=yes + _LT_TAGVAR(file_list_spec, $1)='@' + # Tell ltmain to make .lib files, not .a files. + libext=lib + # Tell ltmain to make .dll files, not .so files. + shrext_cmds=".dll" + # FIXME: Setting linknames here is a bad hack. + _LT_TAGVAR(archive_cmds, $1)='$CC -o $output_objdir/$soname $libobjs $compiler_flags $deplibs -Wl,-dll~linknames=' + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + $SED -n -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' -e '1\\\!p' < $export_symbols > $output_objdir/$soname.exp; + else + $SED -e 's/\\\\\\\(.*\\\\\\\)/-link\\\ -EXPORT:\\\\\\\1/' < $export_symbols > $output_objdir/$soname.exp; + fi~ + $CC -o $tool_output_objdir$soname $libobjs $compiler_flags $deplibs "@$tool_output_objdir$soname.exp" -Wl,-DLL,-IMPLIB:"$tool_output_objdir$libname.dll.lib"~ + linknames=' + # The linker will not automatically build a static lib if we build a DLL. + # _LT_TAGVAR(old_archive_from_new_cmds, $1)='true' + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + # Don't use ranlib + _LT_TAGVAR(old_postinstall_cmds, $1)='chmod 644 $oldlib' + _LT_TAGVAR(postlink_cmds, $1)='lt_outputfile="@OUTPUT@"~ + lt_tool_outputfile="@TOOL_OUTPUT@"~ + case $lt_outputfile in + *.exe|*.EXE) ;; + *) + lt_outputfile="$lt_outputfile.exe" + lt_tool_outputfile="$lt_tool_outputfile.exe" + ;; + esac~ + func_to_tool_file "$lt_outputfile"~ + if test "$MANIFEST_TOOL" != ":" && test -f "$lt_outputfile.manifest"; then + $MANIFEST_TOOL -manifest "$lt_tool_outputfile.manifest" -outputresource:"$lt_tool_outputfile" || exit 1; + $RM "$lt_outputfile.manifest"; + fi' + ;; + *) + # g++ + # _LT_TAGVAR(hardcode_libdir_flag_spec, $1) is actually meaningless, + # as there is no search path for DLLs. + _LT_TAGVAR(hardcode_libdir_flag_spec, $1)='-L$libdir' + _LT_TAGVAR(export_dynamic_flag_spec, $1)='${wl}--export-all-symbols' + _LT_TAGVAR(allow_undefined_flag, $1)=unsupported + _LT_TAGVAR(always_export_symbols, $1)=no + _LT_TAGVAR(enable_shared_with_static_runtimes, $1)=yes + + if $LD --help 2>&1 | $GREP 'auto-import' > /dev/null; then + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + # If the export-symbols file already is a .def file (1st line + # is EXPORTS), use it as is; otherwise, prepend... + _LT_TAGVAR(archive_expsym_cmds, $1)='if test "x`$SED 1q $export_symbols`" = xEXPORTS; then + cp $export_symbols $output_objdir/$soname.def; + else + echo EXPORTS > $output_objdir/$soname.def; + cat $export_symbols >> $output_objdir/$soname.def; + fi~ + $CC -shared -nostdlib $output_objdir/$soname.def $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags -o $output_objdir/$soname ${wl}--enable-auto-image-base -Xlinker --out-implib -Xlinker $lib' + else + _LT_TAGVAR(ld_shlibs, $1)=no + fi + ;; + esac + ;; darwin* | rhapsody*) _LT_DARWIN_LINKER_FEATURES($1) ;; @@ -5764,7 +6206,7 @@ if test "$_lt_caught_CXX_error" != yes; then esac ;; - freebsd[[12]]*) + freebsd2.*) # C++ shared libraries reported to be fairly broken before # switch to ELF _LT_TAGVAR(ld_shlibs, $1)=no @@ -5816,7 +6258,7 @@ if test "$_lt_caught_CXX_error" != yes; then ;; *) if test "$GXX" = yes; then - _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib -fPIC ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' + _LT_TAGVAR(archive_cmds, $1)='$RM $output_objdir/$soname~$CC -shared -nostdlib $pic_flag ${wl}+b ${wl}$install_libdir -o $output_objdir/$soname $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~test $output_objdir/$soname = $lib || mv $output_objdir/$soname $lib' else # FIXME: insert proper C++ library support _LT_TAGVAR(ld_shlibs, $1)=no @@ -5887,10 +6329,10 @@ if test "$_lt_caught_CXX_error" != yes; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; ia64*) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+nodefaultrpath -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib -fPIC ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $pic_flag ${wl}+h ${wl}$soname ${wl}+b ${wl}$install_libdir -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags' ;; esac fi @@ -5931,9 +6373,9 @@ if test "$_lt_caught_CXX_error" != yes; then *) if test "$GXX" = yes; then if test "$with_gnu_ld" = no; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' else - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` -o $lib' fi fi _LT_TAGVAR(link_all_deplibs, $1)=yes @@ -6211,7 +6653,7 @@ if test "$_lt_caught_CXX_error" != yes; then _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' ;; *) - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib ${allow_undefined_flag} $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-msym ${wl}-soname ${wl}$soname `test -n "$verstring" && func_echo_all "${wl}-set_version ${wl}$verstring"` ${wl}-update_registry ${wl}${output_objdir}/so_locations -o $lib' ;; esac @@ -6298,9 +6740,9 @@ if test "$_lt_caught_CXX_error" != yes; then if test "$GXX" = yes && test "$with_gnu_ld" = no; then _LT_TAGVAR(no_undefined_flag, $1)=' ${wl}-z ${wl}defs' if $CC --version | $GREP -v '^2\.7' > /dev/null; then - _LT_TAGVAR(archive_cmds, $1)='$CC -shared -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' + _LT_TAGVAR(archive_cmds, $1)='$CC -shared $pic_flag -nostdlib $LDFLAGS $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags ${wl}-h $wl$soname -o $lib' _LT_TAGVAR(archive_expsym_cmds, $1)='echo "{ global:" > $lib.exp~cat $export_symbols | $SED -e "s/\(.*\)/\1;/" >> $lib.exp~echo "local: *; };" >> $lib.exp~ - $CC -shared -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' + $CC -shared $pic_flag -nostdlib ${wl}-M $wl$lib.exp -o $lib $predep_objects $libobjs $deplibs $postdep_objects $compiler_flags~$RM $lib.exp' # Commands to make compiler produce verbose output that lists # what "hidden" libraries, object files and flags are used when @@ -6429,6 +6871,7 @@ if test "$_lt_caught_CXX_error" != yes; then fi # test -n "$compiler" CC=$lt_save_CC + CFLAGS=$lt_save_CFLAGS LDCXX=$LD LD=$lt_save_LD GCC=$lt_save_GCC @@ -6443,6 +6886,29 @@ AC_LANG_POP ])# _LT_LANG_CXX_CONFIG +# _LT_FUNC_STRIPNAME_CNF +# ---------------------- +# func_stripname_cnf prefix suffix name +# strip PREFIX and SUFFIX off of NAME. +# PREFIX and SUFFIX must not contain globbing or regex special +# characters, hashes, percent signs, but SUFFIX may contain a leading +# dot (in which case that matches only a dot). +# +# This function is identical to the (non-XSI) version of func_stripname, +# except this one can be used by m4 code that may be executed by configure, +# rather than the libtool script. +m4_defun([_LT_FUNC_STRIPNAME_CNF],[dnl +AC_REQUIRE([_LT_DECL_SED]) +AC_REQUIRE([_LT_PROG_ECHO_BACKSLASH]) +func_stripname_cnf () +{ + case ${2} in + .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; + *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; + esac +} # func_stripname_cnf +])# _LT_FUNC_STRIPNAME_CNF + # _LT_SYS_HIDDEN_LIBDEPS([TAGNAME]) # --------------------------------- # Figure out "hidden" library dependencies from verbose @@ -6451,6 +6917,7 @@ AC_LANG_POP # objects, libraries and library flags. m4_defun([_LT_SYS_HIDDEN_LIBDEPS], [m4_require([_LT_FILEUTILS_DEFAULTS])dnl +AC_REQUIRE([_LT_FUNC_STRIPNAME_CNF])dnl # Dependencies to place before and after the object being linked: _LT_TAGVAR(predep_objects, $1)= _LT_TAGVAR(postdep_objects, $1)= @@ -6500,7 +6967,20 @@ public class foo { } }; _LT_EOF +], [$1], [GO], [cat > conftest.$ac_ext <<_LT_EOF +package foo +func foo() { +} +_LT_EOF ]) + +_lt_libdeps_save_CFLAGS=$CFLAGS +case "$CC $CFLAGS " in #( +*\ -flto*\ *) CFLAGS="$CFLAGS -fno-lto" ;; +*\ -fwhopr*\ *) CFLAGS="$CFLAGS -fno-whopr" ;; +*\ -fuse-linker-plugin*\ *) CFLAGS="$CFLAGS -fno-use-linker-plugin" ;; +esac + dnl Parse the compiler output and extract the necessary dnl objects, libraries and library flags. if AC_TRY_EVAL(ac_compile); then @@ -6512,7 +6992,7 @@ if AC_TRY_EVAL(ac_compile); then pre_test_object_deps_done=no for p in `eval "$output_verbose_link_cmd"`; do - case $p in + case ${prev}${p} in -L* | -R* | -l*) # Some compilers place space between "-{L,R}" and the path. @@ -6521,13 +7001,22 @@ if AC_TRY_EVAL(ac_compile); then test $p = "-R"; then prev=$p continue - else - prev= fi + # Expand the sysroot to ease extracting the directories later. + if test -z "$prev"; then + case $p in + -L*) func_stripname_cnf '-L' '' "$p"; prev=-L; p=$func_stripname_result ;; + -R*) func_stripname_cnf '-R' '' "$p"; prev=-R; p=$func_stripname_result ;; + -l*) func_stripname_cnf '-l' '' "$p"; prev=-l; p=$func_stripname_result ;; + esac + fi + case $p in + =*) func_stripname_cnf '=' '' "$p"; p=$lt_sysroot$func_stripname_result ;; + esac if test "$pre_test_object_deps_done" = no; then - case $p in - -L* | -R*) + case ${prev} in + -L | -R) # Internal compiler library paths should come after those # provided the user. The postdeps already come after the # user supplied libs so there is no need to process them. @@ -6547,8 +7036,10 @@ if AC_TRY_EVAL(ac_compile); then _LT_TAGVAR(postdeps, $1)="${_LT_TAGVAR(postdeps, $1)} ${prev}${p}" fi fi + prev= ;; + *.lto.$objext) ;; # Ignore GCC LTO objects *.$objext) # This assumes that the test object file only shows up # once in the compiler output. @@ -6584,6 +7075,7 @@ else fi $RM -f confest.$objext +CFLAGS=$_lt_libdeps_save_CFLAGS # PORTME: override above test on systems where it is broken m4_if([$1], [CXX], @@ -6683,7 +7175,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=no @@ -6733,7 +7224,9 @@ if test "$_lt_disable_F77" != yes; then # Allow CC to be a program name with arguments. lt_save_CC="$CC" lt_save_GCC=$GCC + lt_save_CFLAGS=$CFLAGS CC=${F77-"f77"} + CFLAGS=$FFLAGS compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_CC_BASENAME([$compiler]) @@ -6787,6 +7280,7 @@ if test "$_lt_disable_F77" != yes; then GCC=$lt_save_GCC CC="$lt_save_CC" + CFLAGS="$lt_save_CFLAGS" fi # test "$_lt_disable_F77" != yes AC_LANG_POP @@ -6813,7 +7307,6 @@ _LT_TAGVAR(export_dynamic_flag_spec, $1)= _LT_TAGVAR(hardcode_direct, $1)=no _LT_TAGVAR(hardcode_direct_absolute, $1)=no _LT_TAGVAR(hardcode_libdir_flag_spec, $1)= -_LT_TAGVAR(hardcode_libdir_flag_spec_ld, $1)= _LT_TAGVAR(hardcode_libdir_separator, $1)= _LT_TAGVAR(hardcode_minus_L, $1)=no _LT_TAGVAR(hardcode_automatic, $1)=no @@ -6863,7 +7356,9 @@ if test "$_lt_disable_FC" != yes; then # Allow CC to be a program name with arguments. lt_save_CC="$CC" lt_save_GCC=$GCC + lt_save_CFLAGS=$CFLAGS CC=${FC-"f95"} + CFLAGS=$FCFLAGS compiler=$CC GCC=$ac_cv_fc_compiler_gnu @@ -6919,7 +7414,8 @@ if test "$_lt_disable_FC" != yes; then fi # test -n "$compiler" GCC=$lt_save_GCC - CC="$lt_save_CC" + CC=$lt_save_CC + CFLAGS=$lt_save_CFLAGS fi # test "$_lt_disable_FC" != yes AC_LANG_POP @@ -6956,10 +7452,12 @@ _LT_COMPILER_BOILERPLATE _LT_LINKER_BOILERPLATE # Allow CC to be a program name with arguments. -lt_save_CC="$CC" +lt_save_CC=$CC +lt_save_CFLAGS=$CFLAGS lt_save_GCC=$GCC GCC=yes CC=${GCJ-"gcj"} +CFLAGS=$GCJFLAGS compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_TAGVAR(LD, $1)="$LD" @@ -6990,10 +7488,82 @@ fi AC_LANG_RESTORE GCC=$lt_save_GCC -CC="$lt_save_CC" +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS ])# _LT_LANG_GCJ_CONFIG +# _LT_LANG_GO_CONFIG([TAG]) +# -------------------------- +# Ensure that the configuration variables for the GNU Go compiler +# are suitably defined. These variables are subsequently used by _LT_CONFIG +# to write the compiler configuration to `libtool'. +m4_defun([_LT_LANG_GO_CONFIG], +[AC_REQUIRE([LT_PROG_GO])dnl +AC_LANG_SAVE + +# Source file extension for Go test sources. +ac_ext=go + +# Object file extension for compiled Go test sources. +objext=o +_LT_TAGVAR(objext, $1)=$objext + +# Code to be used in simple compile tests +lt_simple_compile_test_code="package main; func main() { }" + +# Code to be used in simple link tests +lt_simple_link_test_code='package main; func main() { }' + +# ltmain only uses $CC for tagged configurations so make sure $CC is set. +_LT_TAG_COMPILER + +# save warnings/boilerplate of simple test code +_LT_COMPILER_BOILERPLATE +_LT_LINKER_BOILERPLATE + +# Allow CC to be a program name with arguments. +lt_save_CC=$CC +lt_save_CFLAGS=$CFLAGS +lt_save_GCC=$GCC +GCC=yes +CC=${GOC-"gccgo"} +CFLAGS=$GOFLAGS +compiler=$CC +_LT_TAGVAR(compiler, $1)=$CC +_LT_TAGVAR(LD, $1)="$LD" +_LT_CC_BASENAME([$compiler]) + +# Go did not exist at the time GCC didn't implicitly link libc in. +_LT_TAGVAR(archive_cmds_need_lc, $1)=no + +_LT_TAGVAR(old_archive_cmds, $1)=$old_archive_cmds +_LT_TAGVAR(reload_flag, $1)=$reload_flag +_LT_TAGVAR(reload_cmds, $1)=$reload_cmds + +## CAVEAT EMPTOR: +## There is no encapsulation within the following macros, do not change +## the running order or otherwise move them around unless you know exactly +## what you are doing... +if test -n "$compiler"; then + _LT_COMPILER_NO_RTTI($1) + _LT_COMPILER_PIC($1) + _LT_COMPILER_C_O($1) + _LT_COMPILER_FILE_LOCKS($1) + _LT_LINKER_SHLIBS($1) + _LT_LINKER_HARDCODE_LIBPATH($1) + + _LT_CONFIG($1) +fi + +AC_LANG_RESTORE + +GCC=$lt_save_GCC +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS +])# _LT_LANG_GO_CONFIG + + # _LT_LANG_RC_CONFIG([TAG]) # ------------------------- # Ensure that the configuration variables for the Windows resource compiler @@ -7025,9 +7595,11 @@ _LT_LINKER_BOILERPLATE # Allow CC to be a program name with arguments. lt_save_CC="$CC" +lt_save_CFLAGS=$CFLAGS lt_save_GCC=$GCC GCC= CC=${RC-"windres"} +CFLAGS= compiler=$CC _LT_TAGVAR(compiler, $1)=$CC _LT_CC_BASENAME([$compiler]) @@ -7040,7 +7612,8 @@ fi GCC=$lt_save_GCC AC_LANG_RESTORE -CC="$lt_save_CC" +CC=$lt_save_CC +CFLAGS=$lt_save_CFLAGS ])# _LT_LANG_RC_CONFIG @@ -7060,6 +7633,13 @@ dnl aclocal-1.4 backwards compatibility: dnl AC_DEFUN([LT_AC_PROG_GCJ], []) +# LT_PROG_GO +# ---------- +AC_DEFUN([LT_PROG_GO], +[AC_CHECK_TOOL(GOC, gccgo,) +]) + + # LT_PROG_RC # ---------- AC_DEFUN([LT_PROG_RC], @@ -7099,6 +7679,15 @@ _LT_DECL([], [OBJDUMP], [1], [An object symbol dumper]) AC_SUBST([OBJDUMP]) ]) +# _LT_DECL_DLLTOOL +# ---------------- +# Ensure DLLTOOL variable is set. +m4_defun([_LT_DECL_DLLTOOL], +[AC_CHECK_TOOL(DLLTOOL, dlltool, false) +test -z "$DLLTOOL" && DLLTOOL=dlltool +_LT_DECL([], [DLLTOOL], [1], [DLL creation program]) +AC_SUBST([DLLTOOL]) +]) # _LT_DECL_SED # ------------ @@ -7192,8 +7781,8 @@ m4_defun([_LT_CHECK_SHELL_FEATURES], # Try some XSI features xsi_shell=no ( _lt_dummy="a/b/c" - test "${_lt_dummy##*/},${_lt_dummy%/*},"${_lt_dummy%"$_lt_dummy"}, \ - = c,a/b,, \ + test "${_lt_dummy##*/},${_lt_dummy%/*},${_lt_dummy#??}"${_lt_dummy%"$_lt_dummy"}, \ + = c,a/b,b/c, \ && eval 'test $(( 1 + 1 )) -eq 2 \ && test "${#_lt_dummy}" -eq 5' ) >/dev/null 2>&1 \ && xsi_shell=yes @@ -7232,206 +7821,162 @@ _LT_DECL([NL2SP], [lt_NL2SP], [1], [turn newlines into spaces])dnl ])# _LT_CHECK_SHELL_FEATURES -# _LT_PROG_XSI_SHELLFNS -# --------------------- -# Bourne and XSI compatible variants of some useful shell functions. -m4_defun([_LT_PROG_XSI_SHELLFNS], -[case $xsi_shell in - yes) - cat << \_LT_EOF >> "$cfgfile" - -# func_dirname file append nondir_replacement -# Compute the dirname of FILE. If nonempty, add APPEND to the result, -# otherwise set result to NONDIR_REPLACEMENT. -func_dirname () -{ - case ${1} in - */*) func_dirname_result="${1%/*}${2}" ;; - * ) func_dirname_result="${3}" ;; - esac -} - -# func_basename file -func_basename () -{ - func_basename_result="${1##*/}" -} - -# func_dirname_and_basename file append nondir_replacement -# perform func_basename and func_dirname in a single function -# call: -# dirname: Compute the dirname of FILE. If nonempty, -# add APPEND to the result, otherwise set result -# to NONDIR_REPLACEMENT. -# value returned in "$func_dirname_result" -# basename: Compute filename of FILE. -# value retuned in "$func_basename_result" -# Implementation must be kept synchronized with func_dirname -# and func_basename. For efficiency, we do not delegate to -# those functions but instead duplicate the functionality here. -func_dirname_and_basename () -{ - case ${1} in - */*) func_dirname_result="${1%/*}${2}" ;; - * ) func_dirname_result="${3}" ;; - esac - func_basename_result="${1##*/}" -} - -# func_stripname prefix suffix name -# strip PREFIX and SUFFIX off of NAME. -# PREFIX and SUFFIX must not contain globbing or regex special -# characters, hashes, percent signs, but SUFFIX may contain a leading -# dot (in which case that matches only a dot). -func_stripname () -{ - # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are - # positional parameters, so assign one to ordinary parameter first. - func_stripname_result=${3} - func_stripname_result=${func_stripname_result#"${1}"} - func_stripname_result=${func_stripname_result%"${2}"} -} - -# func_opt_split -func_opt_split () -{ - func_opt_split_opt=${1%%=*} - func_opt_split_arg=${1#*=} -} - -# func_lo2o object -func_lo2o () -{ - case ${1} in - *.lo) func_lo2o_result=${1%.lo}.${objext} ;; - *) func_lo2o_result=${1} ;; - esac -} - -# func_xform libobj-or-source -func_xform () -{ - func_xform_result=${1%.*}.lo -} - -# func_arith arithmetic-term... -func_arith () -{ - func_arith_result=$(( $[*] )) -} - -# func_len string -# STRING may not start with a hyphen. -func_len () -{ - func_len_result=${#1} -} +# _LT_PROG_FUNCTION_REPLACE (FUNCNAME, REPLACEMENT-BODY) +# ------------------------------------------------------ +# In `$cfgfile', look for function FUNCNAME delimited by `^FUNCNAME ()$' and +# '^} FUNCNAME ', and replace its body with REPLACEMENT-BODY. +m4_defun([_LT_PROG_FUNCTION_REPLACE], +[dnl { +sed -e '/^$1 ()$/,/^} # $1 /c\ +$1 ()\ +{\ +m4_bpatsubsts([$2], [$], [\\], [^\([ ]\)], [\\\1]) +} # Extended-shell $1 implementation' "$cfgfile" > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") +test 0 -eq $? || _lt_function_replace_fail=: +]) -_LT_EOF - ;; - *) # Bourne compatible functions. - cat << \_LT_EOF >> "$cfgfile" -# func_dirname file append nondir_replacement -# Compute the dirname of FILE. If nonempty, add APPEND to the result, -# otherwise set result to NONDIR_REPLACEMENT. -func_dirname () -{ - # Extract subdirectory from the argument. - func_dirname_result=`$ECHO "${1}" | $SED "$dirname"` - if test "X$func_dirname_result" = "X${1}"; then - func_dirname_result="${3}" - else - func_dirname_result="$func_dirname_result${2}" - fi -} +# _LT_PROG_REPLACE_SHELLFNS +# ------------------------- +# Replace existing portable implementations of several shell functions with +# equivalent extended shell implementations where those features are available.. +m4_defun([_LT_PROG_REPLACE_SHELLFNS], +[if test x"$xsi_shell" = xyes; then + _LT_PROG_FUNCTION_REPLACE([func_dirname], [dnl + case ${1} in + */*) func_dirname_result="${1%/*}${2}" ;; + * ) func_dirname_result="${3}" ;; + esac]) + + _LT_PROG_FUNCTION_REPLACE([func_basename], [dnl + func_basename_result="${1##*/}"]) + + _LT_PROG_FUNCTION_REPLACE([func_dirname_and_basename], [dnl + case ${1} in + */*) func_dirname_result="${1%/*}${2}" ;; + * ) func_dirname_result="${3}" ;; + esac + func_basename_result="${1##*/}"]) -# func_basename file -func_basename () -{ - func_basename_result=`$ECHO "${1}" | $SED "$basename"` -} + _LT_PROG_FUNCTION_REPLACE([func_stripname], [dnl + # pdksh 5.2.14 does not do ${X%$Y} correctly if both X and Y are + # positional parameters, so assign one to ordinary parameter first. + func_stripname_result=${3} + func_stripname_result=${func_stripname_result#"${1}"} + func_stripname_result=${func_stripname_result%"${2}"}]) -dnl func_dirname_and_basename -dnl A portable version of this function is already defined in general.m4sh -dnl so there is no need for it here. + _LT_PROG_FUNCTION_REPLACE([func_split_long_opt], [dnl + func_split_long_opt_name=${1%%=*} + func_split_long_opt_arg=${1#*=}]) -# func_stripname prefix suffix name -# strip PREFIX and SUFFIX off of NAME. -# PREFIX and SUFFIX must not contain globbing or regex special -# characters, hashes, percent signs, but SUFFIX may contain a leading -# dot (in which case that matches only a dot). -# func_strip_suffix prefix name -func_stripname () -{ - case ${2} in - .*) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%\\\\${2}\$%%"`;; - *) func_stripname_result=`$ECHO "${3}" | $SED "s%^${1}%%; s%${2}\$%%"`;; - esac -} + _LT_PROG_FUNCTION_REPLACE([func_split_short_opt], [dnl + func_split_short_opt_arg=${1#??} + func_split_short_opt_name=${1%"$func_split_short_opt_arg"}]) -# sed scripts: -my_sed_long_opt='1s/^\(-[[^=]]*\)=.*/\1/;q' -my_sed_long_arg='1s/^-[[^=]]*=//' + _LT_PROG_FUNCTION_REPLACE([func_lo2o], [dnl + case ${1} in + *.lo) func_lo2o_result=${1%.lo}.${objext} ;; + *) func_lo2o_result=${1} ;; + esac]) -# func_opt_split -func_opt_split () -{ - func_opt_split_opt=`$ECHO "${1}" | $SED "$my_sed_long_opt"` - func_opt_split_arg=`$ECHO "${1}" | $SED "$my_sed_long_arg"` -} + _LT_PROG_FUNCTION_REPLACE([func_xform], [ func_xform_result=${1%.*}.lo]) -# func_lo2o object -func_lo2o () -{ - func_lo2o_result=`$ECHO "${1}" | $SED "$lo2o"` -} + _LT_PROG_FUNCTION_REPLACE([func_arith], [ func_arith_result=$(( $[*] ))]) -# func_xform libobj-or-source -func_xform () -{ - func_xform_result=`$ECHO "${1}" | $SED 's/\.[[^.]]*$/.lo/'` -} + _LT_PROG_FUNCTION_REPLACE([func_len], [ func_len_result=${#1}]) +fi -# func_arith arithmetic-term... -func_arith () -{ - func_arith_result=`expr "$[@]"` -} +if test x"$lt_shell_append" = xyes; then + _LT_PROG_FUNCTION_REPLACE([func_append], [ eval "${1}+=\\${2}"]) -# func_len string -# STRING may not start with a hyphen. -func_len () -{ - func_len_result=`expr "$[1]" : ".*" 2>/dev/null || echo $max_cmd_len` -} + _LT_PROG_FUNCTION_REPLACE([func_append_quoted], [dnl + func_quote_for_eval "${2}" +dnl m4 expansion turns \\\\ into \\, and then the shell eval turns that into \ + eval "${1}+=\\\\ \\$func_quote_for_eval_result"]) -_LT_EOF -esac + # Save a `func_append' function call where possible by direct use of '+=' + sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1+="%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +else + # Save a `func_append' function call even when '+=' is not available + sed -e 's%func_append \([[a-zA-Z_]]\{1,\}\) "%\1="$\1%g' $cfgfile > $cfgfile.tmp \ + && mv -f "$cfgfile.tmp" "$cfgfile" \ + || (rm -f "$cfgfile" && cp "$cfgfile.tmp" "$cfgfile" && rm -f "$cfgfile.tmp") + test 0 -eq $? || _lt_function_replace_fail=: +fi -case $lt_shell_append in - yes) - cat << \_LT_EOF >> "$cfgfile" +if test x"$_lt_function_replace_fail" = x":"; then + AC_MSG_WARN([Unable to substitute extended shell functions in $ofile]) +fi +]) -# func_append var value -# Append VALUE to the end of shell variable VAR. -func_append () -{ - eval "$[1]+=\$[2]" -} -_LT_EOF +# _LT_PATH_CONVERSION_FUNCTIONS +# ----------------------------- +# Determine which file name conversion functions should be used by +# func_to_host_file (and, implicitly, by func_to_host_path). These are needed +# for certain cross-compile configurations and native mingw. +m4_defun([_LT_PATH_CONVERSION_FUNCTIONS], +[AC_REQUIRE([AC_CANONICAL_HOST])dnl +AC_REQUIRE([AC_CANONICAL_BUILD])dnl +AC_MSG_CHECKING([how to convert $build file names to $host format]) +AC_CACHE_VAL(lt_cv_to_host_file_cmd, +[case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_w32 + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_cygwin_to_w32 + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_w32 + ;; + esac ;; - *) - cat << \_LT_EOF >> "$cfgfile" - -# func_append var value -# Append VALUE to the end of shell variable VAR. -func_append () -{ - eval "$[1]=\$$[1]\$[2]" -} - -_LT_EOF + *-*-cygwin* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_host_file_cmd=func_convert_file_msys_to_cygwin + ;; + *-*-cygwin* ) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; + * ) # otherwise, assume *nix + lt_cv_to_host_file_cmd=func_convert_file_nix_to_cygwin + ;; + esac ;; - esac + * ) # unhandled hosts (and "normal" native builds) + lt_cv_to_host_file_cmd=func_convert_file_noop + ;; +esac +]) +to_host_file_cmd=$lt_cv_to_host_file_cmd +AC_MSG_RESULT([$lt_cv_to_host_file_cmd]) +_LT_DECL([to_host_file_cmd], [lt_cv_to_host_file_cmd], + [0], [convert $build file names to $host format])dnl + +AC_MSG_CHECKING([how to convert $build file names to toolchain format]) +AC_CACHE_VAL(lt_cv_to_tool_file_cmd, +[#assume ordinary cross tools, or native build. +lt_cv_to_tool_file_cmd=func_convert_file_noop +case $host in + *-*-mingw* ) + case $build in + *-*-mingw* ) # actually msys + lt_cv_to_tool_file_cmd=func_convert_file_msys_to_w32 + ;; + esac + ;; +esac ]) +to_tool_file_cmd=$lt_cv_to_tool_file_cmd +AC_MSG_RESULT([$lt_cv_to_tool_file_cmd]) +_LT_DECL([to_tool_file_cmd], [lt_cv_to_tool_file_cmd], + [0], [convert $build files to toolchain format])dnl +])# _LT_PATH_CONVERSION_FUNCTIONS diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ltoptions.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ltoptions.m4 index 17cfd51c0..5d9acd8e2 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/m4/ltoptions.m4 +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ltoptions.m4 @@ -326,9 +326,24 @@ dnl AC_DEFUN([AM_DISABLE_FAST_INSTALL], []) # MODE is either `yes' or `no'. If omitted, it defaults to `both'. m4_define([_LT_WITH_PIC], [AC_ARG_WITH([pic], - [AS_HELP_STRING([--with-pic], + [AS_HELP_STRING([--with-pic@<:@=PKGS@:>@], [try to use only PIC/non-PIC objects @<:@default=use both@:>@])], - [pic_mode="$withval"], + [lt_p=${PACKAGE-default} + case $withval in + yes|no) pic_mode=$withval ;; + *) + pic_mode=default + # Look at the argument we got. We use all the common list separators. + lt_save_ifs="$IFS"; IFS="${IFS}$PATH_SEPARATOR," + for lt_pkg in $withval; do + IFS="$lt_save_ifs" + if test "X$lt_pkg" = "X$lt_p"; then + pic_mode=yes + fi + done + IFS="$lt_save_ifs" + ;; + esac], [pic_mode=default]) test -z "$pic_mode" && pic_mode=m4_default([$1], [default]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/ltversion.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/ltversion.m4 index 93fc77124..07a8602d4 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/m4/ltversion.m4 +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/ltversion.m4 @@ -7,17 +7,17 @@ # unlimited permission to copy and/or distribute it, with or without # modifications, as long as this notice is preserved. -# Generated from ltversion.in. +# @configure_input@ -# serial 3175 ltversion.m4 +# serial 3337 ltversion.m4 # This file is part of GNU Libtool -m4_define([LT_PACKAGE_VERSION], [2.2.10]) -m4_define([LT_PACKAGE_REVISION], [1.3175]) +m4_define([LT_PACKAGE_VERSION], [2.4.2]) +m4_define([LT_PACKAGE_REVISION], [1.3337]) AC_DEFUN([LTVERSION_VERSION], -[macro_version='2.2.10' -macro_revision='1.3175' +[macro_version='2.4.2' +macro_revision='1.3337' _LT_DECL(, macro_version, 0, [Which release of libtool.m4 was used?]) _LT_DECL(, macro_revision, 0) ]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/visibility.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/visibility.m4 index 077c4765e..75c34b6e1 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/m4/visibility.m4 +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/visibility.m4 @@ -1,5 +1,5 @@ -# visibility.m4 serial 3 (gettext-0.18) -dnl Copyright (C) 2005, 2008-2010 Free Software Foundation, Inc. +# visibility.m4 serial 4 (gettext-0.18.2) +dnl Copyright (C) 2005, 2008, 2010-2011 Free Software Foundation, Inc. dnl This file is free software; the Free Software Foundation dnl gives unlimited permission to copy and/or distribute it, dnl with or without modifications, as long as this notice is preserved. @@ -33,7 +33,8 @@ AC_DEFUN([gl_VISIBILITY], AC_CACHE_VAL([gl_cv_cc_vis_werror], [ gl_save_CFLAGS="$CFLAGS" CFLAGS="$CFLAGS -Werror" - AC_TRY_COMPILE([], [], + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM([[]], [[]])], [gl_cv_cc_vis_werror=yes], [gl_cv_cc_vis_werror=no]) CFLAGS="$gl_save_CFLAGS"]) @@ -51,13 +52,15 @@ AC_DEFUN([gl_VISIBILITY], if test $gl_cv_cc_vis_werror = yes; then CFLAGS="$CFLAGS -Werror" fi - AC_TRY_COMPILE( - [extern __attribute__((__visibility__("hidden"))) int hiddenvar; - extern __attribute__((__visibility__("default"))) int exportedvar; - extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void); - extern __attribute__((__visibility__("default"))) int exportedfunc (void); - void dummyfunc (void) {}], - [], + AC_COMPILE_IFELSE( + [AC_LANG_PROGRAM( + [[extern __attribute__((__visibility__("hidden"))) int hiddenvar; + extern __attribute__((__visibility__("default"))) int exportedvar; + extern __attribute__((__visibility__("hidden"))) int hiddenfunc (void); + extern __attribute__((__visibility__("default"))) int exportedfunc (void); + void dummyfunc (void) {} + ]], + [[]])], [gl_cv_cc_visibility=yes], [gl_cv_cc_visibility=no]) CFLAGS="$gl_save_CFLAGS"]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/m4/wolfssl_darwin_clang.m4 b/FreeRTOS-Plus/Source/CyaSSL/m4/wolfssl_darwin_clang.m4 new file mode 100644 index 000000000..fee9b6ae0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/m4/wolfssl_darwin_clang.m4 @@ -0,0 +1,37 @@ +# =========================================================================== +# +# SYNOPSIS +# +# WOLFSSL_DARWIN_USING_CLANG +# +# DESCRIPTION +# +# With the advent of Apple Xcode v5.0, the old tool sets are missing from +# the distribution. The provided "gcc" executable wrapper accepts the +# "-pthread" flag, and passes it to the underlying "clang" which chokes +# on it. This script checks the version of the gcc executable to see if +# it reports it is really "clang". +# +# The value is placed in the wolfssl_darwin_clang variable. +# +# LICENSE +# +# Copyright (c) 2013 John Safranek +# +# Copying and distribution of this file, with or without modification, are +# permitted in any medium without royalty provided the copyright notice +# and this notice are preserved. This file is offered as-is, without any +# warranty. + +#serial 1 + +AC_DEFUN([WOLFSSL_DARWIN_USING_CLANG], + [ + if test x"$CC" = xclang; then + wolfssl_darwin_clang=yes + elif test x"$CC" = x || test x"$CC" = xgcc; then + if /usr/bin/gcc -v 2>&1 | grep 'clang' >/dev/null 2>&1; then + wolfssl_darwin_clang=yes + fi + fi + ]) diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/PIC32MZ-serial.h b/FreeRTOS-Plus/Source/CyaSSL/mcapi/PIC32MZ-serial.h new file mode 100644 index 000000000..323de525b --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/PIC32MZ-serial.h @@ -0,0 +1,28 @@ +void _mon_putc(char c); + +static void init_serial() { + #ifdef MICROCHIP_PIC32 +#if defined (__32MZ2048ECH144__) || (__32MZ2048ECM144__) + /* Set up PB2 divisor for UART2 */ + SYSKEY = 0x00000000; + SYSKEY = 0xAA996655; + SYSKEY = 0x556699AA; + PB2DIV = 0x00008018; + SYSKEY = 0x33333333; + + /* UART2 Init */ +// U2BRG = 0x0C; + U2BRG = 0x7; + ANSELBCLR = 0x4000; + ANSELGCLR = 0x0040; + RPB14R = 0x02; + U2RXR = 0x01; + U2MODE = 0x8000; + U2STA = 0x400; +#elif defined __PIC32MX__ + SYSTEMConfigPerformance(80000000); + DBINIT(); +#endif + +#endif +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/README b/FreeRTOS-Plus/Source/CyaSSL/mcapi/README new file mode 100644 index 000000000..01776dc2a --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/README @@ -0,0 +1,79 @@ +CyaSSL MPLAB X Project Files + +This directory contains project files for the Microchip MPLAB X IDE. These +projects have been set up to use the Microchip PIC32 Ethernet Starter Kit +and the Microchip XC32 compiler, and have been created specifically to test +the Microchip-specific CTaoCrypt API with compression support. For MPLAB X +projects that don't use compression and are generic to the CTaoCrypt API, +please see the /mplabx directory. + +In order to generate the necessary auto-generated MPLAB X files, make sure +to import the cyassl.X and zlib.X projects into your MPLAB X workspace before +trying to build either the CTaoCrypt test or benchmark applications. This will +correctly set up the respective project's Makefiles. + +Included Project Files +----------------------- + +1. CyaSSL library (cyassl.X) + + This project builds a static CyaSSL library. Prior to building this + project, uncomment the MICROCHIP_PIC32 define located in: + + /cyassl/ctaocrypt/settings.h + + After this project has been built, the compiled library will be located + at: + + /mplabx/cyassl.X/dist/default/production/cyassl.X.a + + Note that this project includes the zlib header location in the project's + include paths. This is because this project has been set up to be compiled + with zlib support to enable compression and decompression features. + +2. CTaoCrypt Test App (ctaocrypt_test.X) + + This project tests the CTaoCrypt cryptography modules. It is generally + a good idea to run this first on an embedded system after compiling + CyaSSL in order to verify all underlying crypto is working correctly. + +3. CTaoCrypt Benchmark App (ctaocrypt_benchmark.X) + + This project builds the CTaoCrypt benchmark application. If the CyaSSL + project (cyassl.X) has been compiled with libz support and is being + used to build this project, the zlib.X project will need to added to + the "Libraries" folder under the ctaocrypt_benchmark.X project before + it will compile successfully. + +4. CTaoCrypt MCAPI Test App (ctaocrypt_mcapi.X) + + This project tests the Microchip crytpo API layer. The Microchip crypto + layer is located under the /mcapi directory. + +5. zlib library (zlib.X) + + This project builds the zlib library for use in the ctaocrypt_test.X + and ctaocrypt_mcapi.X projects. This project expects the zlib sources + to be located under the CyaSSL root directory. Currently it is set up + to work with zlib 1.2.8, and looks for sources under: + + /zlib-1.2.8 + +PIC32MX/PIC32MZ +--------------- + +The projects are set for PIC32MX by default. For PIC32MZ, change project +properties->Devices and add "CYASSL_MICROCHIP_PIC32M" to +XC32-gcc->Preprocessing and messages-> Preprocessor macros. + +MIPS16 and MIPS32 Support +------------------------- + +These projects support both MIPS16 and MIPS32 instruction sets. Switching +between these two instruction sets can be done in each project's properties +settings by checking the "Generate 16-bit code" checkbox. + +Support +------- +Please send questions or comments to support@wolfssl.com + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.c b/FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.c new file mode 100644 index 000000000..d72324494 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.c @@ -0,0 +1,703 @@ +/* crypto.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/* Implements Microchip CRYPTO API layer */ + + + +#include "crypto.h" + +#include + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + + +/* Initialize MD5 */ +int CRYPT_MD5_Initialize(CRYPT_MD5_CTX* md5) +{ + typedef char md5_test[sizeof(CRYPT_MD5_CTX) >= sizeof(Md5) ? 1 : -1]; + (void)sizeof(md5_test); + + if (md5 == NULL) + return BAD_FUNC_ARG; + + InitMd5((Md5*)md5); + + return 0; +} + + +/* Add data to MD5 */ +int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX* md5, const unsigned char* input, + unsigned int sz) +{ + if (md5 == NULL || input == NULL) + return BAD_FUNC_ARG; + + Md5Update((Md5*)md5, input, sz); + + return 0; +} + + +/* Get MD5 Final into digest */ +int CRYPT_MD5_Finalize(CRYPT_MD5_CTX* md5, unsigned char* digest) +{ + if (md5 == NULL || digest == NULL) + return BAD_FUNC_ARG; + + Md5Final((Md5*)md5, digest); + + return 0; +} + + +/* Initialize SHA */ +int CRYPT_SHA_Initialize(CRYPT_SHA_CTX* sha) +{ + typedef char sha_test[sizeof(CRYPT_SHA_CTX) >= sizeof(Sha) ? 1 : -1]; + (void)sizeof(sha_test); + + if (sha == NULL) + return BAD_FUNC_ARG; + + return InitSha((Sha*)sha); +} + + +/* Add data to SHA */ +int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX* sha, const unsigned char* input, + unsigned int sz) +{ + if (sha == NULL || input == NULL) + return BAD_FUNC_ARG; + + return ShaUpdate((Sha*)sha, input, sz); +} + + +/* Get SHA Final into digest */ +int CRYPT_SHA_Finalize(CRYPT_SHA_CTX* sha, unsigned char* digest) +{ + if (sha == NULL || digest == NULL) + return BAD_FUNC_ARG; + + return ShaFinal((Sha*)sha, digest); +} + + +/* Initialize SHA-256 */ +int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX* sha256) +{ + typedef char sha_test[sizeof(CRYPT_SHA256_CTX) >= sizeof(Sha256) ? 1 : -1]; + (void)sizeof(sha_test); + + if (sha256 == NULL) + return BAD_FUNC_ARG; + + return InitSha256((Sha256*)sha256); +} + + +/* Add data to SHA-256 */ +int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX* sha256, const unsigned char* input, + unsigned int sz) +{ + if (sha256 == NULL || input == NULL) + return BAD_FUNC_ARG; + + return Sha256Update((Sha256*)sha256, input, sz); +} + + +/* Get SHA-256 Final into digest */ +int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX* sha256, unsigned char* digest) +{ + if (sha256 == NULL || digest == NULL) + return BAD_FUNC_ARG; + + return Sha256Final((Sha256*)sha256, digest); +} + + +/* Initialize SHA-384 */ +int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX* sha384) +{ + typedef char sha_test[sizeof(CRYPT_SHA384_CTX) >= sizeof(Sha384) ? 1 : -1]; + (void)sizeof(sha_test); + + if (sha384 == NULL) + return BAD_FUNC_ARG; + + return InitSha384((Sha384*)sha384); +} + + +/* Add data to SHA-384 */ +int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX* sha384, const unsigned char* input, + unsigned int sz) +{ + if (sha384 == NULL || input == NULL) + return BAD_FUNC_ARG; + + return Sha384Update((Sha384*)sha384, input, sz); +} + + +/* Get SHA-384 Final into digest */ +int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX* sha384, unsigned char* digest) +{ + if (sha384 == NULL || digest == NULL) + return BAD_FUNC_ARG; + + return Sha384Final((Sha384*)sha384, digest); +} + + +/* Initialize SHA-512 */ +int CRYPT_SHA512_Initialize(CRYPT_SHA512_CTX* sha512) +{ + typedef char sha_test[sizeof(CRYPT_SHA512_CTX) >= sizeof(Sha512) ? 1 : -1]; + (void)sizeof(sha_test); + + if (sha512 == NULL) + return BAD_FUNC_ARG; + + return InitSha512((Sha512*)sha512); +} + + +/* Add data to SHA-512 */ +int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX* sha512, const unsigned char* input, + unsigned int sz) +{ + if (sha512 == NULL || input == NULL) + return BAD_FUNC_ARG; + + return Sha512Update((Sha512*)sha512, input, sz); +} + + +/* Get SHA-512 Final into digest */ +int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX* sha512, unsigned char* digest) +{ + if (sha512 == NULL || digest == NULL) + return BAD_FUNC_ARG; + + return Sha512Final((Sha512*)sha512, digest); +} + + +/* Set HMAC key with type */ +int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX* hmac, int type, const unsigned char* key, + unsigned int sz) +{ + typedef char hmac_test[sizeof(CRYPT_HMAC_CTX) >= sizeof(Hmac) ? 1 : -1]; + (void)sizeof(hmac_test); + + if (hmac == NULL || key == NULL) + return BAD_FUNC_ARG; + + if (type != CRYPT_HMAC_SHA && type != CRYPT_HMAC_SHA256 && + type != CRYPT_HMAC_SHA384 && type != CRYPT_HMAC_SHA512) { + return BAD_FUNC_ARG; /* bad hmac type */ + } + + return HmacSetKey((Hmac*)hmac, type, key, sz); +} + + +int CRYPT_HMAC_DataAdd(CRYPT_HMAC_CTX* hmac, const unsigned char* input, + unsigned int sz) +{ + if (hmac == NULL || input == NULL) + return BAD_FUNC_ARG; + + return HmacUpdate((Hmac*)hmac, input, sz); +} + + +/* Get HMAC Final into digest */ +int CRYPT_HMAC_Finalize(CRYPT_HMAC_CTX* hmac, unsigned char* digest) +{ + if (hmac == NULL || digest == NULL) + return BAD_FUNC_ARG; + + return HmacFinal((Hmac*)hmac, digest); +} + + +/* Huffman Compression, set flag to do static, otherwise dynamic */ +/* return compressed size, otherwise < 0 for error */ +int CRYPT_HUFFMAN_Compress(unsigned char* out, unsigned int outSz, + const unsigned char* in, unsigned int inSz, + unsigned int flags) +{ + if (out == NULL || in == NULL) + return BAD_FUNC_ARG; + + return Compress(out, outSz, in, inSz, flags); +} + + +/* Huffman DeCompression, self determines type */ +/* return decompressed size, otherwise < 0 for error */ +int CRYPT_HUFFMAN_DeCompress(unsigned char* out, unsigned int outSz, + const unsigned char* in, unsigned int inSz) +{ + if (out == NULL || in == NULL) + return BAD_FUNC_ARG; + + return DeCompress(out, outSz, in, inSz); +} + + +/* RNG Initialize, < 0 on error */ +int CRYPT_RNG_Initialize(CRYPT_RNG_CTX* rng) +{ + typedef char rng_test[sizeof(CRYPT_RNG_CTX) >= sizeof(RNG) ? 1 : -1]; + (void)sizeof(rng_test); + + if (rng == NULL) + return BAD_FUNC_ARG; + + return InitRng((RNG*)rng); +} + + +/* RNG Get single bytes, < 0 on error */ +int CRYPT_RNG_Get(CRYPT_RNG_CTX* rng, unsigned char* b) +{ + if (rng == NULL || b == NULL) + return BAD_FUNC_ARG; + + return RNG_GenerateByte((RNG*)rng, (byte*)b); +} + + +/* RNG Block Generation of sz bytes, < 0 on error */ +int CRYPT_RNG_BlockGenerate(CRYPT_RNG_CTX* rng, unsigned char* b, + unsigned int sz) +{ + if (rng == NULL || b == NULL) + return BAD_FUNC_ARG; + + return RNG_GenerateBlock((RNG*)rng, b, sz); +} + + +/* Triple DES Key Set, may have iv, will have direction */ +int CRYPT_TDES_KeySet(CRYPT_TDES_CTX* tdes, const unsigned char* key, + const unsigned char* iv, int dir) +{ + typedef char tdes_test[sizeof(CRYPT_TDES_CTX) >= sizeof(Des3) ? 1 : -1]; + (void)sizeof(tdes_test); + + if (tdes == NULL || key == NULL) + return BAD_FUNC_ARG; + + return Des3_SetKey((Des3*)tdes, key, iv, dir); +} + + +/* Triple DES Iv Set, sometimes added later */ +int CRYPT_TDES_IvSet(CRYPT_TDES_CTX* tdes, const unsigned char* iv) +{ + if (tdes == NULL || iv == NULL) + return BAD_FUNC_ARG; + + return Des3_SetIV((Des3*)tdes, iv); +} + + +/* Triple DES CBC Encrypt */ +int CRYPT_TDES_CBC_Encrypt(CRYPT_TDES_CTX* tdes, unsigned char* out, + const unsigned char* in, unsigned int inSz) +{ + if (tdes == NULL || out == NULL || in == NULL) + return BAD_FUNC_ARG; + + return Des3_CbcEncrypt((Des3*)tdes, out, in, inSz); +} + + +/* Triple DES CBC Decrypt */ +int CRYPT_TDES_CBC_Decrypt(CRYPT_TDES_CTX* tdes, unsigned char* out, + const unsigned char* in, unsigned int inSz) +{ + if (tdes == NULL || out == NULL || in == NULL) + return BAD_FUNC_ARG; + + return Des3_CbcDecrypt((Des3*)tdes, out, in, inSz); +} + + +/* AES Key Set, may have iv, will have direction */ +int CRYPT_AES_KeySet(CRYPT_AES_CTX* aes, const unsigned char* key, + unsigned int keyLen, const unsigned char* iv, int dir) +{ + typedef char aes_test[sizeof(CRYPT_AES_CTX) >= sizeof(Aes) ? 1 : -1]; + (void)sizeof(aes_test); + + if (aes == NULL || key == NULL) + return BAD_FUNC_ARG; + + return AesSetKey((Aes*)aes, key, keyLen, iv, dir); +} + + +/* AES Iv Set, sometimes added later */ +int CRYPT_AES_IvSet(CRYPT_AES_CTX* aes, const unsigned char* iv) +{ + if (aes == NULL || iv == NULL) + return BAD_FUNC_ARG; + + return AesSetIV((Aes*)aes, iv); +} + + +/* AES CBC Encrypt */ +int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out, + const unsigned char* in, unsigned int inSz) +{ + if (aes == NULL || out == NULL || in == NULL) + return BAD_FUNC_ARG; + + return AesCbcEncrypt((Aes*)aes, out, in, inSz); +} + + +/* AES CBC Decrypt */ +int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out, + const unsigned char* in, unsigned int inSz) +{ + if (aes == NULL || out == NULL || in == NULL) + return BAD_FUNC_ARG; + + return AesCbcDecrypt((Aes*)aes, out, in, inSz); +} + + +/* AES CTR Encrypt (used for decrypt too, with ENCRYPT key setup) */ +int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out, + const unsigned char* in, unsigned int inSz) +{ + if (aes == NULL || out == NULL || in == NULL) + return BAD_FUNC_ARG; + + AesCtrEncrypt((Aes*)aes, out, in, inSz); + + return 0; +} + + +/* AES Direct mode encrypt, one block at a time */ +int CRYPT_AES_DIRECT_Encrypt(CRYPT_AES_CTX* aes, unsigned char* out, + const unsigned char* in) +{ + if (aes == NULL || out == NULL || in == NULL) + return BAD_FUNC_ARG; + + AesEncryptDirect((Aes*)aes, out, in); + + return 0; +} + + +/* AES Direct mode decrypt, one block at a time */ +int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX* aes, unsigned char* out, + const unsigned char* in) +{ + if (aes == NULL || out == NULL || in == NULL) + return BAD_FUNC_ARG; + + AesDecryptDirect((Aes*)aes, out, in); + + return 0; +} + + +/* RSA Initialize */ +int CRYPT_RSA_Initialize(CRYPT_RSA_CTX* rsa) +{ + if (rsa == NULL) + return BAD_FUNC_ARG; + + rsa->holder = (RsaKey*)XMALLOC(sizeof(RsaKey), NULL, DYNAMIC_TYPE_RSA); + if (rsa->holder == NULL) + return -1; + + return InitRsaKey((RsaKey*)rsa->holder, NULL); +} + + +/* RSA Free resources */ +int CRYPT_RSA_Free(CRYPT_RSA_CTX* rsa) +{ + if (rsa == NULL) + return BAD_FUNC_ARG; + + FreeRsaKey((RsaKey*)rsa->holder); + XFREE(rsa->holder, NULL, DYNAMIC_TYPE_RSA); + rsa->holder = NULL; + + return 0; +} + + +/* RSA Public key decode ASN.1 */ +int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in, + unsigned int inSz) +{ + unsigned int idx = 0; + (void)idx; + + if (rsa == NULL || in == NULL) + return BAD_FUNC_ARG; + + return RsaPublicKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz); +} + + +/* RSA Private key decode ASN.1 */ +int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX* rsa, const unsigned char* in, + unsigned int inSz) +{ + unsigned int idx = 0; + (void)idx; + + if (rsa == NULL || in == NULL) + return BAD_FUNC_ARG; + + return RsaPrivateKeyDecode(in, &idx, (RsaKey*)rsa->holder, inSz); +} + + +/* RSA Public Encrypt */ +int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX* rsa, unsigned char* out, + unsigned int outSz, const unsigned char* in, + unsigned int inSz, CRYPT_RNG_CTX* rng) +{ + if (rsa == NULL || in == NULL || out == NULL || rng == NULL) + return BAD_FUNC_ARG; + + return RsaPublicEncrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder, + (RNG*)rng); +} + + +/* RSA Private Decrypt */ +int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX* rsa, unsigned char* out, + unsigned int outSz, const unsigned char* in, + unsigned int inSz) +{ + if (rsa == NULL || in == NULL || out == NULL) + return BAD_FUNC_ARG; + + return RsaPrivateDecrypt(in, inSz, out, outSz, (RsaKey*)rsa->holder); +} + + +/* RSA Get Encrypt size helper */ +int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX* rsa) +{ + if (rsa == NULL) + return BAD_FUNC_ARG; + + return RsaEncryptSize((RsaKey*)rsa->holder); +} + + +/* ECC init */ +int CRYPT_ECC_Initialize(CRYPT_ECC_CTX* ecc) +{ + if (ecc == NULL) + return BAD_FUNC_ARG; + + ecc->holder = (ecc_key*)XMALLOC(sizeof(ecc_key), NULL, DYNAMIC_TYPE_ECC); + if (ecc->holder == NULL) + return -1; + + ecc_init((ecc_key*)ecc->holder); + + return 0; +} + + +/* ECC free resources */ +int CRYPT_ECC_Free(CRYPT_ECC_CTX* ecc) +{ + if (ecc == NULL) + return BAD_FUNC_ARG; + + ecc_free((ecc_key*)ecc->holder); + XFREE(ecc->holder, NULL, DYNAMIC_TYPE_ECC); + ecc->holder = NULL; + + return 0; +} + + +/* ECC Public x963 Export */ +int CRYPT_ECC_PublicExport(CRYPT_ECC_CTX* ecc, unsigned char* out, + unsigned int outSz, unsigned int* usedSz) +{ + int ret; + unsigned int inOut = outSz; + + if (ecc == NULL || out == NULL) + return BAD_FUNC_ARG; + + ret = ecc_export_x963((ecc_key*)ecc->holder, out, &inOut); + *usedSz = inOut; + + return ret; +} + + +/* ECC Public x963 Import */ +int CRYPT_ECC_PublicImport(CRYPT_ECC_CTX* ecc, const unsigned char* in, + unsigned int inSz) +{ + if (ecc == NULL || in == NULL) + return BAD_FUNC_ARG; + + return ecc_import_x963(in, inSz, (ecc_key*)ecc->holder); +} + + +/* ECC Private x963 Import */ +int CRYPT_ECC_PrivateImport(CRYPT_ECC_CTX* ecc, const unsigned char* priv, + unsigned int privSz, const unsigned char* pub, unsigned int pubSz) +{ + if (ecc == NULL || priv == NULL || pub == NULL) + return BAD_FUNC_ARG; + + return ecc_import_private_key(priv, privSz, pub, pubSz, + (ecc_key*)ecc->holder); +} + + +/* ECC DHE Make key */ +int CRYPT_ECC_DHE_KeyMake(CRYPT_ECC_CTX* ecc, CRYPT_RNG_CTX* rng, int keySz) +{ + if (ecc == NULL || rng == NULL) + return BAD_FUNC_ARG; + + return ecc_make_key((RNG*)rng, keySz, (ecc_key*)ecc->holder); +} + + +/* ECC DHE Make shared secret with our private and peer public */ +int CRYPT_ECC_DHE_SharedSecretMake(CRYPT_ECC_CTX* priv, CRYPT_ECC_CTX* pub, + unsigned char* out, unsigned int outSz, unsigned int* usedSz) +{ + int ret; + unsigned int inOut = outSz; + + if (priv == NULL || pub == NULL || out == NULL || usedSz == NULL) + return BAD_FUNC_ARG; + + ret = ecc_shared_secret((ecc_key*)priv->holder, (ecc_key*)pub->holder, + out, &inOut); + *usedSz = inOut; + + return ret; +} + + +/* ECC DSA Hash Sign */ +int CRYPT_ECC_DSA_HashSign(CRYPT_ECC_CTX* ecc, CRYPT_RNG_CTX* rng, + unsigned char* sig, unsigned int sigSz, + unsigned int* usedSz, const unsigned char* in, + unsigned int inSz) +{ + int ret; + unsigned int inOut = sigSz; + + if (ecc == NULL || rng == NULL || sig == NULL || usedSz == NULL || + in == NULL) + return BAD_FUNC_ARG; + + ret = ecc_sign_hash(in, inSz, sig, &inOut, (RNG*)rng, + (ecc_key*)ecc->holder); + *usedSz = inOut; + + return ret; +} + + +/* ECC DSA Hash Verify */ +int CRYPT_ECC_DSA_HashVerify(CRYPT_ECC_CTX* ecc, const unsigned char* sig, + unsigned int sigSz, unsigned char* hash, + unsigned int hashSz, int* status) +{ + if (ecc == NULL || sig == NULL || hash == NULL || status == NULL) + return BAD_FUNC_ARG; + + return ecc_verify_hash(sig, sigSz, hash, hashSz, status, + (ecc_key*)ecc->holder); +} + + +/* ECC get key size helper */ +int CRYPT_ECC_KeySizeGet(CRYPT_ECC_CTX* ecc) +{ + if (ecc == NULL) + return BAD_FUNC_ARG; + + return ecc_size((ecc_key*)ecc->holder); +} + + +/* ECC get signature size helper */ +int CRYPT_ECC_SignatureSizeGet(CRYPT_ECC_CTX* ecc) +{ + if (ecc == NULL) + return BAD_FUNC_ARG; + + return ecc_sig_size((ecc_key*)ecc->holder); +} + + +/* Save error string from err to str which needs to be >= 80 chars */ +int CRYPT_ERROR_StringGet(int err, char* str) +{ + if (str == NULL) + return BAD_FUNC_ARG; + + CTaoCryptErrorString(err, str); + + return 0; +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.h b/FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.h new file mode 100644 index 000000000..0838b5373 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/crypto.h @@ -0,0 +1,268 @@ +/* crypto.h + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/* Defines Microchip CRYPTO API layer */ + + +#ifndef MC_CRYPTO_API_H +#define MC_CRYPTO_API_H + + +#ifdef __cplusplus + extern "C" { +#endif + +/* MD5 */ +typedef struct CRYPT_MD5_CTX { + int holder[24]; /* big enough to hold internal, but check on init */ +} CRYPT_MD5_CTX; + +int CRYPT_MD5_Initialize(CRYPT_MD5_CTX*); +int CRYPT_MD5_DataAdd(CRYPT_MD5_CTX*, const unsigned char*, unsigned int); +int CRYPT_MD5_Finalize(CRYPT_MD5_CTX*, unsigned char*); + +enum { + CRYPT_MD5_DIGEST_SIZE = 16 +}; + + +/* SHA */ +typedef struct CRYPT_SHA_CTX { + int holder[24]; /* big enough to hold internal, but check on init */ +} CRYPT_SHA_CTX; + +int CRYPT_SHA_Initialize(CRYPT_SHA_CTX*); +int CRYPT_SHA_DataAdd(CRYPT_SHA_CTX*, const unsigned char*, unsigned int); +int CRYPT_SHA_Finalize(CRYPT_SHA_CTX*, unsigned char*); + +enum { + CRYPT_SHA_DIGEST_SIZE = 20 +}; + + +/* SHA-256 */ +typedef struct CRYPT_SHA256_CTX { + int holder[28]; /* big enough to hold internal, but check on init */ +} CRYPT_SHA256_CTX; + +int CRYPT_SHA256_Initialize(CRYPT_SHA256_CTX*); +int CRYPT_SHA256_DataAdd(CRYPT_SHA256_CTX*, const unsigned char*, unsigned int); +int CRYPT_SHA256_Finalize(CRYPT_SHA256_CTX*, unsigned char*); + +enum { + CRYPT_SHA256_DIGEST_SIZE = 32 +}; + + +/* SHA-384 */ +typedef struct CRYPT_SHA384_CTX { + long long holder[32]; /* big enough to hold internal, but check on init */ +} CRYPT_SHA384_CTX; + +int CRYPT_SHA384_Initialize(CRYPT_SHA384_CTX*); +int CRYPT_SHA384_DataAdd(CRYPT_SHA384_CTX*, const unsigned char*, unsigned int); +int CRYPT_SHA384_Finalize(CRYPT_SHA384_CTX*, unsigned char*); + +enum { + CRYPT_SHA384_DIGEST_SIZE = 48 +}; + + +/* SHA-512 */ +typedef struct CRYPT_SHA512_CTX { + long long holder[36]; /* big enough to hold internal, but check on init */ +} CRYPT_SHA512_CTX; + +int CRYPT_SHA512_Initialize(CRYPT_SHA512_CTX*); +int CRYPT_SHA512_DataAdd(CRYPT_SHA512_CTX*, const unsigned char*, unsigned int); +int CRYPT_SHA512_Finalize(CRYPT_SHA512_CTX*, unsigned char*); + +enum { + CRYPT_SHA512_DIGEST_SIZE = 64 +}; + + +/* HMAC */ +typedef struct CRYPT_HMAC_CTX { + long long holder[67]; /* big enough to hold internal, but check on init */ +} CRYPT_HMAC_CTX; + +int CRYPT_HMAC_SetKey(CRYPT_HMAC_CTX*, int, const unsigned char*, unsigned int); +int CRYPT_HMAC_DataAdd(CRYPT_HMAC_CTX*, const unsigned char*, unsigned int); +int CRYPT_HMAC_Finalize(CRYPT_HMAC_CTX*, unsigned char*); + +/* HMAC types */ +enum { + CRYPT_HMAC_SHA = 1, + CRYPT_HMAC_SHA256 = 2, + CRYPT_HMAC_SHA384 = 5, + CRYPT_HMAC_SHA512 = 4 +}; + + +/* Huffman */ +int CRYPT_HUFFMAN_Compress(unsigned char*, unsigned int, const unsigned char*, + unsigned int, unsigned int); +int CRYPT_HUFFMAN_DeCompress(unsigned char*, unsigned int, const unsigned char*, + unsigned int); + +/* flag to use static huffman */ +enum { + CRYPT_HUFFMAN_COMPRESS_STATIC = 1 +}; + + +/* RNG */ +typedef struct CRYPT_RNG_CTX { + int holder[66]; /* big enough to hold internal, but check on init */ +} CRYPT_RNG_CTX; + +int CRYPT_RNG_Initialize(CRYPT_RNG_CTX*); +int CRYPT_RNG_Get(CRYPT_RNG_CTX*, unsigned char*); +int CRYPT_RNG_BlockGenerate(CRYPT_RNG_CTX*, unsigned char*, unsigned int); + + +/* TDES */ +typedef struct CRYPT_TDES_CTX { + int holder[100]; /* big enough to hold internal, but check on init */ +} CRYPT_TDES_CTX; + +int CRYPT_TDES_KeySet(CRYPT_TDES_CTX*, const unsigned char*, + const unsigned char*, int); +int CRYPT_TDES_IvSet(CRYPT_TDES_CTX*, const unsigned char*); +int CRYPT_TDES_CBC_Encrypt(CRYPT_TDES_CTX*, unsigned char*, + const unsigned char*, unsigned int); +int CRYPT_TDES_CBC_Decrypt(CRYPT_TDES_CTX*, unsigned char*, + const unsigned char*, unsigned int); + +/* key direction flags for setup */ +enum { + CRYPT_TDES_ENCRYPTION = 0, + CRYPT_TDES_DECRYPTION = 1 +}; + + +/* AES */ +typedef struct CRYPT_AES_CTX { + int holder[70]; /* big enough to hold internal, but check on init */ +} CRYPT_AES_CTX; + +/* key */ +int CRYPT_AES_KeySet(CRYPT_AES_CTX*, const unsigned char*, unsigned int, + const unsigned char*, int); +int CRYPT_AES_IvSet(CRYPT_AES_CTX*, const unsigned char*); + +/* cbc */ +int CRYPT_AES_CBC_Encrypt(CRYPT_AES_CTX*, unsigned char*, + const unsigned char*, unsigned int); +int CRYPT_AES_CBC_Decrypt(CRYPT_AES_CTX*, unsigned char*, + const unsigned char*, unsigned int); + +/* ctr (counter), use Encrypt both ways with ENCRYPT key setup */ +int CRYPT_AES_CTR_Encrypt(CRYPT_AES_CTX*, unsigned char*, + const unsigned char*, unsigned int); + +/* direct, one block at a time */ +int CRYPT_AES_DIRECT_Encrypt(CRYPT_AES_CTX*, unsigned char*, + const unsigned char*); +int CRYPT_AES_DIRECT_Decrypt(CRYPT_AES_CTX*, unsigned char*, + const unsigned char*); + +/* key direction flags for setup, ctr always uses ENCRYPT flag */ +enum { + CRYPT_AES_ENCRYPTION = 0, + CRYPT_AES_DECRYPTION = 1, + CRYPT_AES_BLOCK_SIZE = 16 +}; + + + +/* RSA */ +typedef struct CRYPT_RSA_CTX { + void* holder; +} CRYPT_RSA_CTX; + +/* init/free */ +int CRYPT_RSA_Initialize(CRYPT_RSA_CTX*); +int CRYPT_RSA_Free(CRYPT_RSA_CTX*); + +/* key decode */ +int CRYPT_RSA_PublicKeyDecode(CRYPT_RSA_CTX*, const unsigned char*, + unsigned int); +int CRYPT_RSA_PrivateKeyDecode(CRYPT_RSA_CTX*, const unsigned char*, + unsigned int); + +/* encrypt/decrypt */ +int CRYPT_RSA_PublicEncrypt(CRYPT_RSA_CTX*, unsigned char*, + unsigned int, const unsigned char*, unsigned int, + CRYPT_RNG_CTX*); +int CRYPT_RSA_PrivateDecrypt(CRYPT_RSA_CTX*, unsigned char*, + unsigned int, const unsigned char*, unsigned int); + +/* helpers */ +int CRYPT_RSA_EncryptSizeGet(CRYPT_RSA_CTX*); + + + +/* ECC */ +typedef struct CRYPT_ECC_CTX { + void* holder; +} CRYPT_ECC_CTX; + +/* init/free */ +int CRYPT_ECC_Initialize(CRYPT_ECC_CTX*); +int CRYPT_ECC_Free(CRYPT_ECC_CTX*); + +/* key coders */ +int CRYPT_ECC_PublicExport(CRYPT_ECC_CTX*, unsigned char*, unsigned int, + unsigned int*); +int CRYPT_ECC_PublicImport(CRYPT_ECC_CTX*, const unsigned char*, unsigned int); +int CRYPT_ECC_PrivateImport(CRYPT_ECC_CTX*, const unsigned char*, unsigned int, + const unsigned char*, unsigned int); + +/* dhe */ +int CRYPT_ECC_DHE_KeyMake(CRYPT_ECC_CTX*, CRYPT_RNG_CTX*, int); +int CRYPT_ECC_DHE_SharedSecretMake(CRYPT_ECC_CTX*, CRYPT_ECC_CTX*, + unsigned char*, unsigned int, unsigned int*); + +/* dsa */ +int CRYPT_ECC_DSA_HashSign(CRYPT_ECC_CTX*, CRYPT_RNG_CTX*, unsigned char*, + unsigned int, unsigned int*, const unsigned char*, unsigned int); +int CRYPT_ECC_DSA_HashVerify(CRYPT_ECC_CTX*, const unsigned char*, + unsigned int, unsigned char*, unsigned int, int*); + +/* helpers */ +int CRYPT_ECC_KeySizeGet(CRYPT_ECC_CTX*); +int CRYPT_ECC_SignatureSizeGet(CRYPT_ECC_CTX*); + + +/* Error string helper, string needs to be >= 80 chars */ +int CRYPT_ERROR_StringGet(int, char*); + + +#ifdef __cplusplus + } /* extern "C" */ +#endif + + +#endif /* MC_CRYPTO_API_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/Makefile b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/Makefile new file mode 100644 index 000000000..05a3fb1b6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/Makefile @@ -0,0 +1,108 @@ +# +# There exist several targets which are by default empty and which can be +# used for execution of your targets. These targets are usually executed +# before and after some main targets. They are: +# +# .build-pre: called before 'build' target +# .build-post: called after 'build' target +# .clean-pre: called before 'clean' target +# .clean-post: called after 'clean' target +# .clobber-pre: called before 'clobber' target +# .clobber-post: called after 'clobber' target +# .all-pre: called before 'all' target +# .all-post: called after 'all' target +# .help-pre: called before 'help' target +# .help-post: called after 'help' target +# +# Targets beginning with '.' are not intended to be called on their own. +# +# Main targets can be executed directly, and they are: +# +# build build a specific configuration +# clean remove built files from a configuration +# clobber remove all built files +# all build all configurations +# help print help mesage +# +# Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and +# .help-impl are implemented in nbproject/makefile-impl.mk. +# +# Available make variables: +# +# CND_BASEDIR base directory for relative paths +# CND_DISTDIR default top distribution directory (build artifacts) +# CND_BUILDDIR default top build directory (object files, ...) +# CONF name of current configuration +# CND_ARTIFACT_DIR_${CONF} directory of build artifact (current configuration) +# CND_ARTIFACT_NAME_${CONF} name of build artifact (current configuration) +# CND_ARTIFACT_PATH_${CONF} path to build artifact (current configuration) +# CND_PACKAGE_DIR_${CONF} directory of package (current configuration) +# CND_PACKAGE_NAME_${CONF} name of package (current configuration) +# CND_PACKAGE_PATH_${CONF} path to package (current configuration) +# +# NOCDDL + + +# Environment +MKDIR=mkdir +CP=cp +CCADMIN=CCadmin +RANLIB=ranlib + + +# build +build: .build-post + +.build-pre: +# Add your pre 'build' code here... + +.build-post: .build-impl +# Add your post 'build' code here... + + +# clean +clean: .clean-post + +.clean-pre: +# Add your pre 'clean' code here... + +.clean-post: .clean-impl +# Add your post 'clean' code here... + + +# clobber +clobber: .clobber-post + +.clobber-pre: +# Add your pre 'clobber' code here... + +.clobber-post: .clobber-impl +# Add your post 'clobber' code here... + + +# all +all: .all-post + +.all-pre: +# Add your pre 'all' code here... + +.all-post: .all-impl +# Add your post 'all' code here... + + +# help +help: .help-post + +.help-pre: +# Add your pre 'help' code here... + +.help-post: .help-impl +# Add your post 'help' code here... + + + +# include project implementation makefile +include nbproject/Makefile-impl.mk + +# include project make variables +include nbproject/Makefile-variables.mk diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml new file mode 100644 index 000000000..e9792ab63 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml @@ -0,0 +1,175 @@ + + + + + + + + + ../mcapi_test.c + + + Makefile + + + + .. + + Makefile + + + + localhost + PIC32MX795F512L + + + SKDEPIC32PlatformTool + XC32 + 1.30 + 3 + + + + + + + + + + + + + + + + false + + + + + false + + false + + false + false + false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/include.am b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/include.am new file mode 100644 index 000000000..4e2ba8afd --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/include.am @@ -0,0 +1,11 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mcapi/ctaocrypt_mcapi.X/Makefile + +EXTRA_DIST += \ + mcapi/ctaocrypt_mcapi.X/nbproject/configurations.xml \ + mcapi/ctaocrypt_mcapi.X/nbproject/project.xml + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/project.xml b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/project.xml new file mode 100644 index 000000000..ee5e120b0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_mcapi.X/nbproject/project.xml @@ -0,0 +1,18 @@ + + com.microchip.mplab.nbide.embedded.makeproject + + + ctaocrypt_mcapi + 2ca6ab9b-e225-4ad3-b48e-9ea7b47a4ca4 + 0 + c + + + ISO-8859-1 + + ../zlib.X + ../cyassl.X + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/Makefile b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/Makefile new file mode 100644 index 000000000..05a3fb1b6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/Makefile @@ -0,0 +1,108 @@ +# +# There exist several targets which are by default empty and which can be +# used for execution of your targets. These targets are usually executed +# before and after some main targets. They are: +# +# .build-pre: called before 'build' target +# .build-post: called after 'build' target +# .clean-pre: called before 'clean' target +# .clean-post: called after 'clean' target +# .clobber-pre: called before 'clobber' target +# .clobber-post: called after 'clobber' target +# .all-pre: called before 'all' target +# .all-post: called after 'all' target +# .help-pre: called before 'help' target +# .help-post: called after 'help' target +# +# Targets beginning with '.' are not intended to be called on their own. +# +# Main targets can be executed directly, and they are: +# +# build build a specific configuration +# clean remove built files from a configuration +# clobber remove all built files +# all build all configurations +# help print help mesage +# +# Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and +# .help-impl are implemented in nbproject/makefile-impl.mk. +# +# Available make variables: +# +# CND_BASEDIR base directory for relative paths +# CND_DISTDIR default top distribution directory (build artifacts) +# CND_BUILDDIR default top build directory (object files, ...) +# CONF name of current configuration +# CND_ARTIFACT_DIR_${CONF} directory of build artifact (current configuration) +# CND_ARTIFACT_NAME_${CONF} name of build artifact (current configuration) +# CND_ARTIFACT_PATH_${CONF} path to build artifact (current configuration) +# CND_PACKAGE_DIR_${CONF} directory of package (current configuration) +# CND_PACKAGE_NAME_${CONF} name of package (current configuration) +# CND_PACKAGE_PATH_${CONF} path to package (current configuration) +# +# NOCDDL + + +# Environment +MKDIR=mkdir +CP=cp +CCADMIN=CCadmin +RANLIB=ranlib + + +# build +build: .build-post + +.build-pre: +# Add your pre 'build' code here... + +.build-post: .build-impl +# Add your post 'build' code here... + + +# clean +clean: .clean-post + +.clean-pre: +# Add your pre 'clean' code here... + +.clean-post: .clean-impl +# Add your post 'clean' code here... + + +# clobber +clobber: .clobber-post + +.clobber-pre: +# Add your pre 'clobber' code here... + +.clobber-post: .clobber-impl +# Add your post 'clobber' code here... + + +# all +all: .all-post + +.all-pre: +# Add your pre 'all' code here... + +.all-post: .all-impl +# Add your post 'all' code here... + + +# help +help: .help-post + +.help-pre: +# Add your pre 'help' code here... + +.help-post: .help-impl +# Add your post 'help' code here... + + + +# include project implementation makefile +include nbproject/Makefile-impl.mk + +# include project make variables +include nbproject/Makefile-variables.mk diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/configurations.xml b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/configurations.xml new file mode 100644 index 000000000..d5b8d3e85 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/configurations.xml @@ -0,0 +1,192 @@ + + + + + ../../ctaocrypt/test/test.h + + + + + ../../ctaocrypt/test/test.c + ../../mplabx/test_main.c + + + Makefile + + + + ../../mplabx + + Makefile + + + + localhost + PIC32MX795F512L + + + SKDEPIC32PlatformTool + XC32 + 1.30 + 3 + + + + + + + + + + + + + + + + false + + + + + false + + false + + false + false + false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/include.am b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/include.am new file mode 100644 index 000000000..dc3d2f9a2 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/include.am @@ -0,0 +1,11 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mcapi/ctaocrypt_test.X/Makefile + +EXTRA_DIST += \ + mcapi/ctaocrypt_test.X/nbproject/configurations.xml \ + mcapi/ctaocrypt_test.X/nbproject/project.xml + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/project.xml b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/project.xml new file mode 100644 index 000000000..d60fdcdb0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/ctaocrypt_test.X/nbproject/project.xml @@ -0,0 +1,18 @@ + + com.microchip.mplab.nbide.embedded.makeproject + + + ctaocrypt_test + b34c4937-7042-4352-88b1-7717bcdf8aeb + 0 + c + + h + ISO-8859-1 + + ../zlib.X + ../cyassl.X + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/Makefile b/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/Makefile new file mode 100644 index 000000000..05a3fb1b6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/Makefile @@ -0,0 +1,108 @@ +# +# There exist several targets which are by default empty and which can be +# used for execution of your targets. These targets are usually executed +# before and after some main targets. They are: +# +# .build-pre: called before 'build' target +# .build-post: called after 'build' target +# .clean-pre: called before 'clean' target +# .clean-post: called after 'clean' target +# .clobber-pre: called before 'clobber' target +# .clobber-post: called after 'clobber' target +# .all-pre: called before 'all' target +# .all-post: called after 'all' target +# .help-pre: called before 'help' target +# .help-post: called after 'help' target +# +# Targets beginning with '.' are not intended to be called on their own. +# +# Main targets can be executed directly, and they are: +# +# build build a specific configuration +# clean remove built files from a configuration +# clobber remove all built files +# all build all configurations +# help print help mesage +# +# Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and +# .help-impl are implemented in nbproject/makefile-impl.mk. +# +# Available make variables: +# +# CND_BASEDIR base directory for relative paths +# CND_DISTDIR default top distribution directory (build artifacts) +# CND_BUILDDIR default top build directory (object files, ...) +# CONF name of current configuration +# CND_ARTIFACT_DIR_${CONF} directory of build artifact (current configuration) +# CND_ARTIFACT_NAME_${CONF} name of build artifact (current configuration) +# CND_ARTIFACT_PATH_${CONF} path to build artifact (current configuration) +# CND_PACKAGE_DIR_${CONF} directory of package (current configuration) +# CND_PACKAGE_NAME_${CONF} name of package (current configuration) +# CND_PACKAGE_PATH_${CONF} path to package (current configuration) +# +# NOCDDL + + +# Environment +MKDIR=mkdir +CP=cp +CCADMIN=CCadmin +RANLIB=ranlib + + +# build +build: .build-post + +.build-pre: +# Add your pre 'build' code here... + +.build-post: .build-impl +# Add your post 'build' code here... + + +# clean +clean: .clean-post + +.clean-pre: +# Add your pre 'clean' code here... + +.clean-post: .clean-impl +# Add your post 'clean' code here... + + +# clobber +clobber: .clobber-post + +.clobber-pre: +# Add your pre 'clobber' code here... + +.clobber-post: .clobber-impl +# Add your post 'clobber' code here... + + +# all +all: .all-post + +.all-pre: +# Add your pre 'all' code here... + +.all-post: .all-impl +# Add your post 'all' code here... + + +# help +help: .help-post + +.help-pre: +# Add your pre 'help' code here... + +.help-post: .help-impl +# Add your post 'help' code here... + + + +# include project implementation makefile +include nbproject/Makefile-impl.mk + +# include project make variables +include nbproject/Makefile-variables.mk diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/configurations.xml b/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/configurations.xml new file mode 100644 index 000000000..8eafc4c55 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/configurations.xml @@ -0,0 +1,192 @@ + + + + + + + + + ../../src/crl.c + ../../src/internal.c + ../../src/io.c + ../../src/keys.c + ../../src/ocsp.c + ../../src/sniffer.c + ../../src/ssl.c + ../../src/tls.c + ../../ctaocrypt/src/aes.c + ../../ctaocrypt/src/arc4.c + ../../ctaocrypt/src/asm.c + ../../ctaocrypt/src/asn.c + ../../ctaocrypt/src/coding.c + ../../ctaocrypt/src/des3.c + ../../ctaocrypt/src/dh.c + ../../ctaocrypt/src/dsa.c + ../../ctaocrypt/src/ecc.c + ../../ctaocrypt/src/ecc_fp.c + ../../ctaocrypt/src/error.c + ../../ctaocrypt/src/hc128.c + ../../ctaocrypt/src/hmac.c + ../../ctaocrypt/src/integer.c + ../../ctaocrypt/src/logging.c + ../../ctaocrypt/src/md2.c + ../../ctaocrypt/src/md4.c + ../../ctaocrypt/src/md5.c + ../../ctaocrypt/src/memory.c + ../../ctaocrypt/src/misc.c + ../../ctaocrypt/src/pwdbased.c + ../../ctaocrypt/src/rabbit.c + ../../ctaocrypt/src/random.c + ../../ctaocrypt/src/ripemd.c + ../../ctaocrypt/src/rsa.c + ../../ctaocrypt/src/sha.c + ../../ctaocrypt/src/sha256.c + ../../ctaocrypt/src/sha512.c + ../../ctaocrypt/src/tfm.c + ../../mcapi/crypto.c + ../../ctaocrypt/src/compress.c + ../../ctaocrypt/src/camellia.c + ../../ctaocrypt/src/wc_port.c + + + Makefile + + + + .. + ../../ctaocrypt/src + + Makefile + + + + localhost + PIC32MX795F512L + + + SKDEPIC32PlatformTool + XC32 + 1.30 + 3 + + + + + + + false + + false + + false + false + false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/include.am b/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/include.am new file mode 100644 index 000000000..fc7e8d972 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/include.am @@ -0,0 +1,11 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mcapi/cyassl.X/Makefile + +EXTRA_DIST += \ + mcapi/cyassl.X/nbproject/configurations.xml \ + mcapi/cyassl.X/nbproject/project.xml + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/project.xml b/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/project.xml new file mode 100644 index 000000000..c7604d711 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/cyassl.X/nbproject/project.xml @@ -0,0 +1,15 @@ + + com.microchip.mplab.nbide.embedded.makeproject + + + cyassl + 93bbfc3a-a0fa-4d48-bbc8-6cd47a2bd05b + 0 + c + + + ISO-8859-1 + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/include.am b/FreeRTOS-Plus/Source/CyaSSL/mcapi/include.am new file mode 100644 index 000000000..993ba29c0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/include.am @@ -0,0 +1,19 @@ +# vim:ft=automake +# included from Top Level Makefile.am +# All paths should be given relative to the root + +if BUILD_MCAPI +check_PROGRAMS += mcapi/test +noinst_PROGRAMS += mcapi/test +mcapi_test_SOURCES = mcapi/crypto.c \ + mcapi/mcapi_test.c +mcapi_test_LDADD = src/libcyassl.la +mcapi_test_DEPENDENCIES = src/libcyassl.la +endif + +noinst_HEADERS += mcapi/crypto.h + +EXTRA_DIST += \ + mcapi/README \ + mcapi/PIC32MZ-serial.h + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/mcapi_test.c b/FreeRTOS-Plus/Source/CyaSSL/mcapi/mcapi_test.c new file mode 100644 index 000000000..5610a650e --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/mcapi_test.c @@ -0,0 +1,1482 @@ +/* test.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + + +/* Tests Microchip CRYPTO API layer */ + + + +/* mc api header */ +#include "crypto.h" + +#include + +/* sanity test against our default implementation, cyassl headers */ +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include +#define USE_CERT_BUFFERS_1024 +#include + +#if defined(CYASSL_MICROCHIP_PIC32MZ) + #define MICROCHIP_PIC32 + #include + #pragma config ICESEL = ICS_PGx2 + /* ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2) */ + #include + #include + #include "PIC32MZ-serial.h" + #define SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */ +#elif defined(MICROCHIP_PIC32) + #define PIC32_STARTER_KIT + #include + #include + #include + #include + #include + #define init_serial() /* void out init_serial() */ +#else + #include /* order matters above ? */ +#endif +#define OUR_DATA_SIZE 1024 +static byte ourData[OUR_DATA_SIZE]; +static byte* key = NULL; +static byte* iv = NULL; +static CRYPT_RNG_CTX mcRng; +static RNG defRng; + +static int check_md5(void); +static int check_sha(void); +static int check_sha256(void); +static int check_sha384(void); +static int check_sha512(void); +static int check_hmac(void); +static int check_compress(void); +static int check_rng(void); +static int check_des3(void); +static int check_aescbc(void); +static int check_aesctr(void); +static int check_aesdirect(void); +static int check_rsa(void); +static int check_ecc(void); + + +int main(int argc, char** argv) +{ + int ret; + int i; + + (void)argc; + (void)argv; + +#if defined(MICROCHIP_PIC32) + init_serial() ; /* initialize PIC32MZ serial I/O */ + SYSTEMConfigPerformance(80000000); + DBINIT(); +#endif + + /* align key, iv pointers */ + key = (byte*)XMALLOC(32, NULL, DYNAMIC_TYPE_KEY); + if (key == NULL) { + printf("mcapi key alloc failed\n"); + return -1; + } + + iv = (byte*)XMALLOC(16, NULL, DYNAMIC_TYPE_KEY); + if (iv == NULL) { + printf("mcapi iv alloc failed\n"); + return -1; + } + + for (i = 0; i < OUR_DATA_SIZE; i++) + ourData[i] = (byte)i; + + ret = check_md5(); + if (ret != 0) { + printf("mcapi check_md5 failed\n"); + return -1; + } + + ret = check_sha(); + if (ret != 0) { + printf("mcapi check_sha failed\n"); + return -1; + } + + ret = check_sha256(); + if (ret != 0) { + printf("mcapi check_sha256 failed\n"); + return -1; + } + + ret = check_sha384(); + if (ret != 0) { + printf("mcapi check_sha384 failed\n"); + return -1; + } + + ret = check_sha512(); + if (ret != 0) { + printf("mcapi check_sha512 failed\n"); + return -1; + } + + ret = check_hmac(); + if (ret != 0) { + printf("mcapi check_hmac failed\n"); + return -1; + } + + ret = check_compress(); + if (ret != 0) { + printf("mcapi check_compress failed\n"); + return -1; + } + + ret = check_rng(); + if (ret != 0) { + printf("mcapi check_rng failed\n"); + return -1; + } + + ret = check_des3(); + if (ret != 0) { + printf("mcapi check_des3 failed\n"); + return -1; + } + + ret = check_aescbc(); + if (ret != 0) { + printf("mcapi check_aes cbc failed\n"); + return -1; + } + + ret = check_aesctr(); + if (ret != 0) { + printf("mcapi check_aes ctr failed\n"); + return -1; + } + + ret = check_aesdirect(); + if (ret != 0) { + printf("mcapi check_aes direct failed\n"); + return -1; + } + + ret = check_rsa(); + if (ret != 0) { + printf("mcapi check_rsa failed\n"); + return -1; + } + + ret = check_ecc(); + if (ret != 0) { + printf("mcapi check_ecc failed\n"); + return -1; + } + + XFREE(iv, NULL, DYNAMIC_TYPE_KEY); + XFREE(key, NULL, DYNAMIC_TYPE_KEY); + + return 0; +} + + +/* check mcapi md5 against internal */ +static int check_md5(void) +{ + CRYPT_MD5_CTX mcMd5; + Md5 defMd5; + byte mcDigest[CRYPT_MD5_DIGEST_SIZE]; + byte defDigest[MD5_DIGEST_SIZE]; + + CRYPT_MD5_Initialize(&mcMd5); + InitMd5(&defMd5); + + CRYPT_MD5_DataAdd(&mcMd5, ourData, OUR_DATA_SIZE); + Md5Update(&defMd5, ourData, OUR_DATA_SIZE); + + CRYPT_MD5_Finalize(&mcMd5, mcDigest); + Md5Final(&defMd5, defDigest); + + if (memcmp(mcDigest, defDigest, CRYPT_MD5_DIGEST_SIZE) != 0) { + printf("md5 final memcmp fialed\n"); + return -1; + } + printf("md5 mcapi test passed\n"); + + return 0; +} + + +/* check mcapi sha against internal */ +static int check_sha(void) +{ + CRYPT_SHA_CTX mcSha; + Sha defSha; + int ret = 0; + byte mcDigest[CRYPT_SHA_DIGEST_SIZE]; + byte defDigest[SHA_DIGEST_SIZE]; + + CRYPT_SHA_Initialize(&mcSha); + ret = InitSha(&defSha); + if (ret != 0) { + printf("sha init default failed\n"); + return -1; + } + + CRYPT_SHA_DataAdd(&mcSha, ourData, OUR_DATA_SIZE); + ShaUpdate(&defSha, ourData, OUR_DATA_SIZE); + + CRYPT_SHA_Finalize(&mcSha, mcDigest); + ShaFinal(&defSha, defDigest); + + if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) { + printf("sha final memcmp failed\n"); + return -1; + } + printf("sha mcapi test passed\n"); + + return 0; +} + + +/* check mcapi sha256 against internal */ +static int check_sha256(void) +{ + CRYPT_SHA256_CTX mcSha256; + Sha256 defSha256; + int ret; + byte mcDigest[CRYPT_SHA256_DIGEST_SIZE]; + byte defDigest[SHA256_DIGEST_SIZE]; + + CRYPT_SHA256_Initialize(&mcSha256); + ret = InitSha256(&defSha256); + if (ret != 0) { + printf("sha256 init default failed\n"); + return -1; + } + + CRYPT_SHA256_DataAdd(&mcSha256, ourData, OUR_DATA_SIZE); + ret = Sha256Update(&defSha256, ourData, OUR_DATA_SIZE); + if (ret != 0) { + printf("sha256 update default failed\n"); + return -1; + } + + CRYPT_SHA256_Finalize(&mcSha256, mcDigest); + ret = Sha256Final(&defSha256, defDigest); + if (ret != 0) { + printf("sha256 final default failed\n"); + return -1; + } + + if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) { + printf("sha256 final memcmp fialed\n"); + return -1; + } + printf("sha256 mcapi test passed\n"); + + return 0; +} + + +/* check mcapi sha384 against internal */ +static int check_sha384(void) +{ + CRYPT_SHA384_CTX mcSha384; + Sha384 defSha384; + int ret; + byte mcDigest[CRYPT_SHA384_DIGEST_SIZE]; + byte defDigest[SHA384_DIGEST_SIZE]; + + CRYPT_SHA384_Initialize(&mcSha384); + ret = InitSha384(&defSha384); + if (ret != 0) { + printf("sha384 init default failed\n"); + return -1; + } + + CRYPT_SHA384_DataAdd(&mcSha384, ourData, OUR_DATA_SIZE); + ret = Sha384Update(&defSha384, ourData, OUR_DATA_SIZE); + if (ret != 0) { + printf("sha384 update default failed\n"); + return -1; + } + + CRYPT_SHA384_Finalize(&mcSha384, mcDigest); + ret = Sha384Final(&defSha384, defDigest); + if (ret != 0) { + printf("sha384 final default failed\n"); + return -1; + } + + if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) { + printf("sha384 final memcmp fialed\n"); + return -1; + } + printf("sha384 mcapi test passed\n"); + + return 0; +} + + +/* check mcapi sha512 against internal */ +static int check_sha512(void) +{ + CRYPT_SHA512_CTX mcSha512; + Sha512 defSha512; + int ret; + byte mcDigest[CRYPT_SHA512_DIGEST_SIZE]; + byte defDigest[SHA512_DIGEST_SIZE]; + + CRYPT_SHA512_Initialize(&mcSha512); + ret = InitSha512(&defSha512); + if (ret != 0) { + printf("sha512 init default failed\n"); + return -1; + } + + CRYPT_SHA512_DataAdd(&mcSha512, ourData, OUR_DATA_SIZE); + ret = Sha512Update(&defSha512, ourData, OUR_DATA_SIZE); + if (ret != 0) { + printf("sha512 update default failed\n"); + return -1; + } + + CRYPT_SHA512_Finalize(&mcSha512, mcDigest); + ret = Sha512Final(&defSha512, defDigest); + if (ret != 0) { + printf("sha512 final default failed\n"); + return -1; + } + + if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) { + printf("sha512 final memcmp fialed\n"); + return -1; + } + printf("sha512 mcapi test passed\n"); + + return 0; +} + + +/* check mcapi hmac against internal */ +static int check_hmac(void) +{ + CRYPT_HMAC_CTX mcHmac; + Hmac defHmac; + int ret; + byte mcDigest[CRYPT_SHA512_DIGEST_SIZE]; + byte defDigest[SHA512_DIGEST_SIZE]; + + strncpy((char*)key, "Jefe", 4); + + /* SHA1 */ + CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA, key, 4); + ret = HmacSetKey(&defHmac, SHA, key, 4); + if (ret != 0) { + printf("hmac sha setkey default failed\n"); + return -1; + } + + CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); + ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); + if (ret != 0) { + printf("hmac sha update default failed\n"); + return -1; + } + + CRYPT_HMAC_Finalize(&mcHmac, mcDigest); + ret = HmacFinal(&defHmac, defDigest); + if (ret != 0) { + printf("hmac sha final default failed\n"); + return -1; + } + + if (memcmp(mcDigest, defDigest, CRYPT_SHA_DIGEST_SIZE) != 0) { + printf("hmac sha final memcmp fialed\n"); + return -1; + } + printf("hmac sha mcapi test passed\n"); + + /* SHA-256 */ + CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA256, key, 4); + ret = HmacSetKey(&defHmac, SHA256, key, 4); + if (ret != 0) { + printf("hmac sha256 setkey default failed\n"); + return -1; + } + + CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); + ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); + if (ret != 0) { + printf("hmac sha256 update default failed\n"); + return -1; + } + + CRYPT_HMAC_Finalize(&mcHmac, mcDigest); + ret = HmacFinal(&defHmac, defDigest); + if (ret != 0) { + printf("hmac sha256 final default failed\n"); + return -1; + } + + if (memcmp(mcDigest, defDigest, CRYPT_SHA256_DIGEST_SIZE) != 0) { + printf("hmac sha256 final memcmp fialed\n"); + return -1; + } + printf("hmac sha256 mcapi test passed\n"); + + /* SHA-384 */ + CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA384, key, 4); + ret = HmacSetKey(&defHmac, SHA384, key, 4); + if (ret != 0) { + printf("hmac sha384 setkey default failed\n"); + return -1; + } + + CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); + ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); + if (ret != 0) { + printf("hmac sha384 update default failed\n"); + return -1; + } + + CRYPT_HMAC_Finalize(&mcHmac, mcDigest); + ret = HmacFinal(&defHmac, defDigest); + if (ret != 0) { + printf("hmac sha384 final default failed\n"); + return -1; + } + + if (memcmp(mcDigest, defDigest, CRYPT_SHA384_DIGEST_SIZE) != 0) { + printf("hmac sha384 final memcmp fialed\n"); + return -1; + } + printf("hmac sha384 mcapi test passed\n"); + + /* SHA-512 */ + CRYPT_HMAC_SetKey(&mcHmac, CRYPT_HMAC_SHA512, key, 4); + ret = HmacSetKey(&defHmac, SHA512, key, 4); + if (ret != 0) { + printf("hmac sha512 setkey default failed\n"); + return -1; + } + + CRYPT_HMAC_DataAdd(&mcHmac, ourData, OUR_DATA_SIZE); + ret = HmacUpdate(&defHmac, ourData, OUR_DATA_SIZE); + if (ret != 0) { + printf("hmac sha512 update default failed\n"); + return -1; + } + + CRYPT_HMAC_Finalize(&mcHmac, mcDigest); + ret = HmacFinal(&defHmac, defDigest); + if (ret != 0) { + printf("hmac sha512 final default failed\n"); + return -1; + } + + if (memcmp(mcDigest, defDigest, CRYPT_SHA512_DIGEST_SIZE) != 0) { + printf("hmac sha512 final memcmp fialed\n"); + return -1; + } + printf("hmac sha512 mcapi test passed\n"); + + return 0; +} + + +/* check mcapi compress against internal */ +static int check_compress(void) +{ + const unsigned char text[] = + "Biodiesel cupidatat marfa, cliche aute put a bird on it incididunt elit\n" + "polaroid. Sunt tattooed bespoke reprehenderit. Sint twee organic id\n" + "marfa. Commodo veniam ad esse gastropub. 3 wolf moon sartorial vero,\n" + "plaid delectus biodiesel squid +1 vice. Post-ironic keffiyeh leggings\n" + "selfies cray fap hoodie, forage anim. Carles cupidatat shoreditch, VHS\n" + "small batch meggings kogi dolore food truck bespoke gastropub.\n" + "\n" + "Terry richardson adipisicing actually typewriter tumblr, twee whatever\n" + "four loko you probably haven't heard of them high life. Messenger bag\n" + "whatever tattooed deep v mlkshk. Brooklyn pinterest assumenda chillwave\n" + "et, banksy ullamco messenger bag umami pariatur direct trade forage.\n" + "Typewriter culpa try-hard, pariatur sint brooklyn meggings. Gentrify\n" + "food truck next level, tousled irony non semiotics PBR ethical anim cred\n" + "readymade. Mumblecore brunch lomo odd future, portland organic terry\n" + "four loko whatever street art yr farm-to-table.\n"; + + unsigned int inSz = sizeof(text); + unsigned int outSz; + unsigned char cBuffer[1024]; + unsigned char dBuffer[1024]; + + int ret1, ret2; + + /* dynamic */ + ret1 = CRYPT_HUFFMAN_Compress(cBuffer, sizeof(cBuffer), text, inSz, 0); + ret2 = Compress(dBuffer, sizeof(dBuffer), text, inSz, 0); + + if (ret1 != ret2 || ret1 < 0) { + printf("compress dynamic ret failed\n"); + return -1; + } + + if (memcmp(cBuffer, dBuffer, ret1) != 0) { + printf("compress dynamic cmp failed\n"); + return -1; + } + + outSz = ret1; + + ret1 = CRYPT_HUFFMAN_DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz); + + if (memcmp(dBuffer, text, inSz) != 0) { + printf("mcapi decompress dynamic cmp failed\n"); + return -1; + } + + memset(dBuffer, 0, sizeof(dBuffer)); + + ret1 = DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz); + + if (memcmp(dBuffer, text, inSz) != 0) { + printf("decompress dynamic cmp failed\n"); + return -1; + } + + memset(cBuffer, 0, sizeof(cBuffer)); + memset(dBuffer, 0, sizeof(dBuffer)); + + /* static */ + ret1 = CRYPT_HUFFMAN_Compress(cBuffer, sizeof(cBuffer), text, inSz, 1); + ret2 = Compress(dBuffer, sizeof(dBuffer), text, inSz, 1); + + if (ret1 != ret2 || ret1 < 0) { + printf("compress static ret failed\n"); + return -1; + } + + if (memcmp(cBuffer, dBuffer, ret1) != 0) { + printf("compress static cmp failed\n"); + return -1; + } + + outSz = ret1; + + ret1 = CRYPT_HUFFMAN_DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz); + + if (memcmp(dBuffer, text, inSz) != 0) { + printf("mcapi decompress static cmp failed\n"); + return -1; + } + + memset(dBuffer, 0, sizeof(dBuffer)); + + ret1 = DeCompress(dBuffer, sizeof(dBuffer), cBuffer, outSz); + + if (memcmp(dBuffer, text, inSz) != 0) { + printf("decompress static cmp failed\n"); + return -1; + } + + printf("huffman mcapi test passed\n"); + + return 0; +} + + +#define RANDOM_BYTE_SZ 32 + +/* check mcapi rng */ +static int check_rng(void) +{ + int ret; + int i; + byte in[RANDOM_BYTE_SZ]; + byte out[RANDOM_BYTE_SZ]; + + for (i = 0; i < RANDOM_BYTE_SZ; i++) + in[i] = (byte)i; + + for (i = 0; i < RANDOM_BYTE_SZ; i++) + out[i] = (byte)i; + + ret = InitRng(&defRng); + if (ret != 0) { + printf("default rng init failed\n"); + return -1; + } + + ret = CRYPT_RNG_Initialize(&mcRng); + if (ret != 0) { + printf("mcapi rng init failed\n"); + return -1; + } + + ret = CRYPT_RNG_Get(&mcRng, &out[0]); + if (ret != 0) { + printf("mcapi rng get failed\n"); + return -1; + } + + ret = CRYPT_RNG_BlockGenerate(&mcRng, out, RANDOM_BYTE_SZ); + if (ret != 0) { + printf("mcapi rng block gen failed\n"); + return -1; + } + + if (memcmp(in, out, RANDOM_BYTE_SZ) == 0) { + printf("mcapi rng block gen output failed\n"); + return -1; + } + + printf("rng mcapi test passed\n"); + + return 0; +} + + +#define TDES_TEST_SIZE 32 + +/* check mcapi des3 */ +static int check_des3(void) +{ + CRYPT_TDES_CTX mcDes3; + Des3 defDes3; + int ret; + byte out1[TDES_TEST_SIZE]; + byte out2[TDES_TEST_SIZE]; + + strncpy((char*)key, "1234567890abcdefghijklmn", 24); + strncpy((char*)iv, "12345678", 8); + + /* cbc encrypt */ + ret = CRYPT_TDES_KeySet(&mcDes3, key, iv, CRYPT_TDES_ENCRYPTION); + if (ret != 0) { + printf("mcapi tdes key set failed\n"); + return -1; + } + ret = Des3_SetKey(&defDes3, key, iv, DES_ENCRYPTION); + if (ret != 0) { + printf("default des3 key set failed\n"); + return -1; + } + + ret = CRYPT_TDES_CBC_Encrypt(&mcDes3, out1, ourData, TDES_TEST_SIZE); + if (ret != 0) { + printf("mcapi tdes cbc encrypt failed\n"); + return -1; + } + ret = Des3_CbcEncrypt(&defDes3, out2, ourData, TDES_TEST_SIZE); + if (ret != 0) { + printf("mcapi default tdes cbc encrypt failed\n"); + return -1; + } + + if (memcmp(out1, out2, TDES_TEST_SIZE) != 0) { + printf("mcapi tdes cbc encrypt cmp failed\n"); + return -1; + } + + /* cbc decrypt */ + ret = CRYPT_TDES_KeySet(&mcDes3, key, iv, CRYPT_TDES_DECRYPTION); + if (ret != 0) { + printf("mcapi tdes key set failed\n"); + return -1; + } + ret = Des3_SetKey(&defDes3, key, iv, DES_DECRYPTION); + if (ret != 0) { + printf("default des3 key set failed\n"); + return -1; + } + + ret = CRYPT_TDES_CBC_Decrypt(&mcDes3, out2, out1, TDES_TEST_SIZE); + if (ret != 0) { + printf("mcapi tdes cbc decrypt failed\n"); + return -1; + } + ret = Des3_CbcDecrypt(&defDes3, out1, out1, TDES_TEST_SIZE); + if (ret != 0) { + printf("mcapi default tdes cbc decrypt failed\n"); + return -1; + } + + if (memcmp(out1, out2, TDES_TEST_SIZE) != 0) { + printf("mcapi tdes cbc decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, TDES_TEST_SIZE) != 0) { + printf("mcapi tdes cbc decrypt orig cmp failed\n"); + return -1; + } + + printf("tdes mcapi test passed\n"); + + return 0; +} + + +#define AES_TEST_SIZE 32 + +/* check mcapi aes cbc */ +static int check_aescbc(void) +{ + CRYPT_AES_CTX mcAes; + Aes defAes; + int ret; + byte out1[AES_TEST_SIZE]; + byte out2[AES_TEST_SIZE]; + + strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); + strncpy((char*)iv, "1234567890abcdef", 16); + + /* 128 cbc encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-128 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-128 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-128 cbc encrypt failed\n"); + return -1; + } + AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-128 cbc encrypt cmp failed\n"); + return -1; + } + + /* 128 cbc decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-128 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION); + if (ret != 0) { + printf("default aes-128 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-128 cbc decrypt failed\n"); + return -1; + } + AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-128 cbc decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-128 cbc decrypt orig cmp failed\n"); + return -1; + } + + /* 192 cbc encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-192 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-192 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-192 cbc encrypt failed\n"); + return -1; + } + AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-192 cbc encrypt cmp failed\n"); + return -1; + } + + /* 192 cbc decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-192 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); + if (ret != 0) { + printf("default aes-192 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-192 cbc decrypt failed\n"); + return -1; + } + AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-192 cbc decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-192 cbc decrypt orig cmp failed\n"); + return -1; + } + + /* 256 cbc encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-256 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-256 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-256 cbc encrypt failed\n"); + return -1; + } + AesCbcEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-256 cbc encrypt cmp failed\n"); + return -1; + } + + /* 256 cbc decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-256 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION); + if (ret != 0) { + printf("default aes-256 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CBC_Decrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-256 cbc decrypt failed\n"); + return -1; + } + AesCbcDecrypt(&defAes, out1, out1, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-256 cbc decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-256 cbc decrypt orig cmp failed\n"); + return -1; + } + + printf("aes-cbc mcapi test passed\n"); + + return 0; +} + + +/* check mcapi aes ctr */ +static int check_aesctr(void) +{ + CRYPT_AES_CTX mcAes; + Aes defAes; + int ret; + byte out1[AES_TEST_SIZE]; + byte out2[AES_TEST_SIZE]; + + strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); + strncpy((char*)iv, "1234567890abcdef", 16); + + /* 128 ctr encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-128 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-128 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-128 ctr encrypt failed\n"); + return -1; + } + AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-128 ctr encrypt cmp failed\n"); + return -1; + } + + /* 128 ctr decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-128 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-128 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-128 ctr decrypt failed\n"); + return -1; + } + + if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-128 ctr decrypt orig cmp failed\n"); + return -1; + } + + /* 192 ctr encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-192 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-192 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-192 ctr encrypt failed\n"); + return -1; + } + AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-192 ctr encrypt cmp failed\n"); + return -1; + } + + /* 192 ctr decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-192 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); + if (ret != 0) { + printf("default aes-192 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-192 ctr decrypt failed\n"); + return -1; + } + + if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-192 ctr decrypt orig cmp failed\n"); + return -1; + } + + /* 256 ctr encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-256 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-256 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CTR_Encrypt(&mcAes, out1, ourData, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-256 ctr encrypt failed\n"); + return -1; + } + AesCtrEncrypt(&defAes, out2, ourData, AES_TEST_SIZE); + + if (memcmp(out1, out2, AES_TEST_SIZE) != 0) { + printf("mcapi aes-256 ctr encrypt cmp failed\n"); + return -1; + } + + /* 256 ctr decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-256 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-256 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_CTR_Encrypt(&mcAes, out2, out1, AES_TEST_SIZE); + if (ret != 0) { + printf("mcapi aes-256 ctr decrypt failed\n"); + return -1; + } + + if (memcmp(out2, ourData, AES_TEST_SIZE) != 0) { + printf("mcapi aes-256 ctr decrypt orig cmp failed\n"); + return -1; + } + + printf("aes-ctr mcapi test passed\n"); + + return 0; +} + + +/* check mcapi aes direct */ +static int check_aesdirect(void) +{ + CRYPT_AES_CTX mcAes; + Aes defAes; + int ret; + byte out1[CRYPT_AES_BLOCK_SIZE]; + byte out2[16]; /* one block at a time */ + + strncpy((char*)key, "1234567890abcdefghijklmnopqrstuv", 32); + strncpy((char*)iv, "1234567890abcdef", 16); + + /* 128 direct encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-128 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 16, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-128 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); + if (ret != 0) { + printf("mcapi aes-128 direct encrypt failed\n"); + return -1; + } + AesEncryptDirect(&defAes, out2, ourData); + + if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-128 direct encrypt cmp failed\n"); + return -1; + } + + /* 128 direct decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 16, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-128 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 16, iv, DES_DECRYPTION); + if (ret != 0) { + printf("default aes-128 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); + if (ret != 0) { + printf("mcapi aes-128 direct decrypt failed\n"); + return -1; + } + AesDecryptDirect(&defAes, out1, out1); + + if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-128 direct decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-128 direct decrypt orig cmp failed\n"); + return -1; + } + + /* 192 direct encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-192 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 24, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-192 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); + if (ret != 0) { + printf("mcapi aes-192 direct encrypt failed\n"); + return -1; + } + AesEncryptDirect(&defAes, out2, ourData); + + if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-192 direct encrypt cmp failed\n"); + return -1; + } + + /* 192 direct decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 24, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-192 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 24, iv, AES_DECRYPTION); + if (ret != 0) { + printf("default aes-192 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); + if (ret != 0) { + printf("mcapi aes-192 direct decrypt failed\n"); + return -1; + } + AesDecryptDirect(&defAes, out1, out1); + + if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-192 direct decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-192 direct decrypt orig cmp failed\n"); + return -1; + } + + /* 256 direct encrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_ENCRYPTION); + if (ret != 0) { + printf("mcapi aes-256 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 32, iv, AES_ENCRYPTION); + if (ret != 0) { + printf("default aes-256 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_DIRECT_Encrypt(&mcAes, out1, ourData); + if (ret != 0) { + printf("mcapi aes-256 direct encrypt failed\n"); + return -1; + } + AesEncryptDirect(&defAes, out2, ourData); + + if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-256 direct encrypt cmp failed\n"); + return -1; + } + + /* 256 direct decrypt */ + ret = CRYPT_AES_KeySet(&mcAes, key, 32, iv, CRYPT_AES_DECRYPTION); + if (ret != 0) { + printf("mcapi aes-256 key set failed\n"); + return -1; + } + ret = AesSetKey(&defAes, key, 32, iv, AES_DECRYPTION); + if (ret != 0) { + printf("default aes-256 key set failed\n"); + return -1; + } + + ret = CRYPT_AES_DIRECT_Decrypt(&mcAes, out2, out1); + if (ret != 0) { + printf("mcapi aes-256 direct decrypt failed\n"); + return -1; + } + AesDecryptDirect(&defAes, out1, out1); + + if (memcmp(out1, out2, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-256 direct decrypt cmp failed\n"); + return -1; + } + + if (memcmp(out1, ourData, CRYPT_AES_BLOCK_SIZE) != 0) { + printf("mcapi aes-256 direct decrypt orig cmp failed\n"); + return -1; + } + + printf("aes-direct mcapi test passed\n"); + + return 0; +} + + +#define RSA_TEST_SIZE 64 + +/* check mcapi rsa */ +static int check_rsa(void) +{ + CRYPT_RSA_CTX mcRsa; + RsaKey defRsa; + int ret; + int ret2; + unsigned int keySz = (unsigned int)sizeof(client_key_der_1024); + unsigned int idx = 0; + byte out1[256]; + byte out2[256]; + + ret = InitRsaKey(&defRsa, NULL); + if (ret == 0) + ret = CRYPT_RSA_Initialize(&mcRsa); + if (ret != 0) { + printf("mcapi rsa init failed\n"); + return -1; + } + + ret = CRYPT_RSA_PrivateKeyDecode(&mcRsa, client_key_der_1024, keySz); + if (ret != 0) { + printf("mcapi rsa private key decode failed\n"); + return -1; + } + + ret = RsaPrivateKeyDecode(client_key_der_1024, &idx, &defRsa, keySz); + if (ret != 0) { + printf("default rsa private key decode failed\n"); + return -1; + } + + ret = CRYPT_RSA_PublicEncrypt(&mcRsa, out1, sizeof(out1), ourData, + RSA_TEST_SIZE, &mcRng); + if (ret < 0) { + printf("mcapi rsa public encrypt failed\n"); + return -1; + } + + ret2 = RsaPublicEncrypt(ourData, RSA_TEST_SIZE, out2, sizeof(out2), + &defRsa, &defRng); + if (ret2 < 0) { + printf("default rsa public encrypt failed\n"); + return -1; + } + + if (ret != ret2) { + printf("default rsa public encrypt sz != mcapi sz\n"); + return -1; + } + + if (ret != CRYPT_RSA_EncryptSizeGet(&mcRsa)) { + printf("mcapi encrypt sz get != mcapi sz\n"); + return -1; + } + + ret = CRYPT_RSA_PrivateDecrypt(&mcRsa, out2, sizeof(out2), out1, ret); + if (ret < 0) { + printf("mcapi rsa private derypt failed\n"); + return -1; + } + + if (ret != RSA_TEST_SIZE) { + printf("mcapi rsa private derypt plain size wrong\n"); + return -1; + } + + if (memcmp(out2, ourData, ret) != 0) { + printf("mcapi rsa private derypt plain text bad\n"); + return -1; + } + + FreeRsaKey(&defRsa); + ret = CRYPT_RSA_Free(&mcRsa); + if (ret != 0) { + printf("mcapi rsa free failed\n"); + return -1; + } + + printf("rsa mcapi test passed\n"); + + return 0; +} + + +/* check mcapi ecc */ +static int check_ecc(void) +{ + CRYPT_ECC_CTX userA; + CRYPT_ECC_CTX userB; + int ret; + byte sharedA[100]; + byte sharedB[100]; + byte sig[100]; + unsigned int aSz = (unsigned int)sizeof(sharedA); + unsigned int bSz = (unsigned int)sizeof(sharedB); + unsigned int sigSz = (unsigned int)sizeof(sig); + unsigned int usedA = 0; + unsigned int usedB = 0; + int verifyStatus = 0; + + /* init */ + ret = CRYPT_ECC_Initialize(&userA); + if (ret != 0) { + printf("mcapi ecc init failed\n"); + return -1; + } + + ret = CRYPT_ECC_Initialize(&userB); + if (ret != 0) { + printf("mcapi ecc init b failed\n"); + return -1; + } + + /* dhe + helpers */ + ret = CRYPT_ECC_DHE_KeyMake(&userA, &mcRng, 32); + if (ret != 0) { + printf("mcapi ecc make key failed\n"); + return -1; + } + + ret = CRYPT_ECC_DHE_KeyMake(&userB, &mcRng, 32); + if (ret != 0) { + printf("mcapi ecc make key b failed\n"); + return -1; + } + + ret = CRYPT_ECC_KeySizeGet(&userA); + if (ret <= 0) { + printf("mcapi ecc key size get failed\n"); + return -1; + } + + ret = CRYPT_ECC_SignatureSizeGet(&userA); + if (ret <= 0) { + printf("mcapi ecc signature size get failed\n"); + return -1; + } + + ret = CRYPT_ECC_DHE_SharedSecretMake(&userA, &userB, sharedA, aSz, &usedA); + if (ret != 0) { + printf("mcapi ecc make shared secret failed\n"); + return -1; + } + + ret = CRYPT_ECC_DHE_SharedSecretMake(&userB, &userA, sharedB, bSz, &usedB); + if (ret != 0) { + printf("mcapi ecc make shared secret failed\n"); + return -1; + } + + if (usedA != usedB || usedA <= 0) { + printf("mcapi ecc make shared secret output size match failed\n"); + return -1; + } + + if (memcmp(sharedA, sharedB, usedA) != 0) { + printf("mcapi ecc make shared secret output match cmp failed\n"); + return -1; + } + + /* dsa */ + ret = CRYPT_ECC_DSA_HashSign(&userA, &mcRng, sig, sigSz, &usedA, ourData, + CRYPT_SHA_DIGEST_SIZE); + if (ret != 0) { + printf("mcapi ecc sign hash failed\n"); + return -1; + } + + sigSz = usedA; + if (sigSz <= 0) { + printf("mcapi ecc sign hash bad sig size\n"); + return -1; + } + + ret = CRYPT_ECC_DSA_HashVerify(&userA, sig, sigSz, ourData, + CRYPT_SHA_DIGEST_SIZE, &verifyStatus); + if (ret != 0) { + printf("mcapi ecc verify hash failed\n"); + return -1; + } + if (verifyStatus != 1) { + printf("mcapi ecc verify hash status failed\n"); + return -1; + } + + /* import / export */ + usedA = 0; + ret = CRYPT_ECC_PublicExport(&userA, sharedA, aSz, &usedA); + if (ret != 0) { + printf("mcapi ecc public export failed\n"); + return -1; + } + + ret = CRYPT_ECC_PublicImport(&userB, sharedA, usedA); + if (ret != 0) { + printf("mcapi ecc public import failed\n"); + return -1; + } + + ret = CRYPT_ECC_Free(&userA); + if (ret != 0) { + printf("mcapi ecc free failed\n"); + return -1; + } + + ret = CRYPT_ECC_Free(&userB); + if (ret != 0) { + printf("mcapi ecc free b failed\n"); + return -1; + } + + printf("ecc mcapi test passed\n"); + + return 0; +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/Makefile b/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/Makefile new file mode 100644 index 000000000..05a3fb1b6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/Makefile @@ -0,0 +1,108 @@ +# +# There exist several targets which are by default empty and which can be +# used for execution of your targets. These targets are usually executed +# before and after some main targets. They are: +# +# .build-pre: called before 'build' target +# .build-post: called after 'build' target +# .clean-pre: called before 'clean' target +# .clean-post: called after 'clean' target +# .clobber-pre: called before 'clobber' target +# .clobber-post: called after 'clobber' target +# .all-pre: called before 'all' target +# .all-post: called after 'all' target +# .help-pre: called before 'help' target +# .help-post: called after 'help' target +# +# Targets beginning with '.' are not intended to be called on their own. +# +# Main targets can be executed directly, and they are: +# +# build build a specific configuration +# clean remove built files from a configuration +# clobber remove all built files +# all build all configurations +# help print help mesage +# +# Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and +# .help-impl are implemented in nbproject/makefile-impl.mk. +# +# Available make variables: +# +# CND_BASEDIR base directory for relative paths +# CND_DISTDIR default top distribution directory (build artifacts) +# CND_BUILDDIR default top build directory (object files, ...) +# CONF name of current configuration +# CND_ARTIFACT_DIR_${CONF} directory of build artifact (current configuration) +# CND_ARTIFACT_NAME_${CONF} name of build artifact (current configuration) +# CND_ARTIFACT_PATH_${CONF} path to build artifact (current configuration) +# CND_PACKAGE_DIR_${CONF} directory of package (current configuration) +# CND_PACKAGE_NAME_${CONF} name of package (current configuration) +# CND_PACKAGE_PATH_${CONF} path to package (current configuration) +# +# NOCDDL + + +# Environment +MKDIR=mkdir +CP=cp +CCADMIN=CCadmin +RANLIB=ranlib + + +# build +build: .build-post + +.build-pre: +# Add your pre 'build' code here... + +.build-post: .build-impl +# Add your post 'build' code here... + + +# clean +clean: .clean-post + +.clean-pre: +# Add your pre 'clean' code here... + +.clean-post: .clean-impl +# Add your post 'clean' code here... + + +# clobber +clobber: .clobber-post + +.clobber-pre: +# Add your pre 'clobber' code here... + +.clobber-post: .clobber-impl +# Add your post 'clobber' code here... + + +# all +all: .all-post + +.all-pre: +# Add your pre 'all' code here... + +.all-post: .all-impl +# Add your post 'all' code here... + + +# help +help: .help-post + +.help-pre: +# Add your pre 'help' code here... + +.help-post: .help-impl +# Add your post 'help' code here... + + + +# include project implementation makefile +include nbproject/Makefile-impl.mk + +# include project make variables +include nbproject/Makefile-variables.mk diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/configurations.xml b/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/configurations.xml new file mode 100644 index 000000000..1078d1e2b --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/configurations.xml @@ -0,0 +1,157 @@ + + + + + + + + + ../../zlib-1.2.8/adler32.c + ../../zlib-1.2.8/compress.c + ../../zlib-1.2.8/crc32.c + ../../zlib-1.2.8/deflate.c + ../../zlib-1.2.8/gzclose.c + ../../zlib-1.2.8/gzlib.c + ../../zlib-1.2.8/gzread.c + ../../zlib-1.2.8/gzwrite.c + ../../zlib-1.2.8/infback.c + ../../zlib-1.2.8/inffast.c + ../../zlib-1.2.8/inflate.c + ../../zlib-1.2.8/inftrees.c + ../../zlib-1.2.8/trees.c + ../../zlib-1.2.8/uncompr.c + ../../zlib-1.2.8/zutil.c + + + Makefile + + + Makefile + + + + localhost + PIC32MX795F512L + + + SKDEPIC32PlatformTool + XC32 + 1.10 + 4 + + + + + + + false + + false + + false + false + false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/include.am b/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/include.am new file mode 100644 index 000000000..9d855dde7 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/include.am @@ -0,0 +1,11 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mcapi/zlib.X/Makefile + +EXTRA_DIST += \ + mcapi/zlib.X/nbproject/configurations.xml \ + mcapi/zlib.X/nbproject/project.xml + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/project.xml b/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/project.xml new file mode 100644 index 000000000..b0da527da --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mcapi/zlib.X/nbproject/project.xml @@ -0,0 +1,15 @@ + + com.microchip.mplab.nbide.embedded.makeproject + + + zlib + 8eef651d-e634-46ae-9183-39443c98e390 + 0 + c + + + ISO-8859-1 + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/PIC32MZ-serial.h b/FreeRTOS-Plus/Source/CyaSSL/mplabx/PIC32MZ-serial.h new file mode 100644 index 000000000..97bd1e0b5 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/PIC32MZ-serial.h @@ -0,0 +1,28 @@ +void _mon_putc(char c); + +static void init_serial() { + #ifdef MICROCHIP_PIC32 +#if defined (__32MZ2048ECH144__) || (__32MZ2048ECM144__) + /* Set up PB2 divisor for UART2 */ + SYSKEY = 0x00000000; + SYSKEY = 0xAA996655; + SYSKEY = 0x556699AA; + PB2DIV = 0x00008808; + SYSKEY = 0x33333333; + + /* UART2 Init */ +// U2BRG = 0x0C; + U2BRG = 0x047; + ANSELBCLR = 0x4000; + ANSELGCLR = 0x0040; + RPB14R = 0x02; + U2RXR = 0x01; + U2MODE = 0x8000; + U2STA = 0x400; +#elif defined __PIC32MX__ + SYSTEMConfigPerformance(80000000); + DBINIT(); +#endif + +#endif +} diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/README b/FreeRTOS-Plus/Source/CyaSSL/mplabx/README new file mode 100644 index 000000000..ab1e70609 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/README @@ -0,0 +1,57 @@ +CyaSSL MPLAB X Project Files + +This directory contains project files for the Microchip MPLAB X IDE. These +projects have been set up to use the Microchip PIC32 Ethernet Starter Kit +and the Microchip XC32 compiler. + +In order to generate the necessary auto-generated MPLAB X files, make sure +to import the cyassl.X project into your MPLAB X workspace before trying to +build either the CTaoCrypt test or benchmark applications. This will +correctly set up the respective project's Makefiles. + +Included Project Files +----------------------- + +1. CyaSSL library (cyassl.X) + + This project builds a static CyaSSL library. Prior to building this + project, uncomment the MICROCHIP_PIC32 define located in: + + /cyassl/ctaocrypt/settings.h + + After this project has been built, the compiled library will be located + at: + + /mplabx/cyassl.X/dist/default/production/cyassl.X.a + +2. CTaoCrypt Test App (ctaocrypt_test.X) + + This project tests the CTaoCrypt cryptography modules. It is generally + a good idea to run this first on an embedded system after compiling + CyaSSL in order to verify all underlying crypto is working correctly. + +3. CTaoCrypt Benchmark App (ctaocrypt_benchmark.X) + + This project builds the CTaoCrypt benchmark application. + For the benchmark timer, adjust CLOCK value under + "#elif defined MICROCHIP_PIC32" in ctaocrypt/benchmark/benchmark.c + +PIC32MX/PIC32MZ +--------------- + +The projects are set for PIC32MX by default. For PIC32MZ, change project +properties->Devices and add "CYASSL_MICROCHIP_PIC32M" to +XC32-gcc->Preprocessing and messages-> Preprocessor macros. + + +MIPS16 and MIPS32 Support +------------------------- + +These projects support both MIPS16 and MIPS32 instruction sets. Switching +between these two instruction sets can be done in each project's properties +settings by checking the "Generate 16-bit code" checkbox. + +Support +------- +Please send questions or comments to support@wolfssl.com + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/benchmark_main.c b/FreeRTOS-Plus/Source/CyaSSL/mplabx/benchmark_main.c new file mode 100644 index 000000000..7610a3142 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/benchmark_main.c @@ -0,0 +1,141 @@ +/* benchmark_main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#if defined(CYASSL_MICROCHIP_PIC32MZ) + #define MICROCHIP_PIC32 + #include + + #include "MZ-configBits.h" + + #include "PIC32MZ-serial.h" + #define SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */ +#else + #define PIC32_STARTER_KIT + #include + #include + #include + #define init_serial() /* void out init_serial() ; */ +#endif + +void bench_des(void); +void bench_arc4(void); +void bench_hc128(void); +void bench_rabbit(void); +void bench_aes(int); +void bench_aesgcm(void); + +void bench_md5(void); +void bench_sha(void); +void bench_sha256(void); +void bench_sha512(void); +void bench_ripemd(void); + +void bench_rsa(void); +void bench_rsaKeyGen(void); +void bench_dh(void); +#ifdef HAVE_ECC +void bench_eccKeyGen(void); +void bench_eccKeyAgree(void); +#endif + +/* + * Main driver for CTaoCrypt benchmarks. + */ +int main(int argc, char** argv) { + volatile int i ; + int j ; + + PRECONbits.PFMWS = 2; + PRECONbits.PREFEN = 0b11; + + init_serial() ; /* initialize PIC32MZ serial I/O */ + SYSTEMConfigPerformance(80000000); + DBINIT(); + + for(j=0; j<100; j++) { + for(i=0; i<10000000; i++); + printf("time=%f\n", current_time(0)) ; + } + printf("wolfCrypt Benchmark:\n"); + +#ifndef NO_AES + bench_aes(0); + bench_aes(1); +#endif +#ifdef HAVE_AESGCM + bench_aesgcm(); +#endif +#ifndef NO_RC4 + bench_arc4(); +#endif +#ifdef HAVE_HC128 + bench_hc128(); +#endif +#ifndef NO_RABBIT + bench_rabbit(); +#endif +#ifndef NO_DES3 + bench_des(); +#endif + + printf("\n"); + +#ifndef NO_MD5 + bench_md5(); +#endif + bench_sha(); +#ifndef NO_SHA256 + bench_sha256(); +#endif +#ifdef CYASSL_SHA512 + bench_sha512(); +#endif +#ifdef CYASSL_RIPEMD + bench_ripemd(); +#endif + + printf("\n"); + +#ifndef NO_RSA + bench_rsa(); +#endif + +#ifndef NO_DH + bench_dh(); +#endif + +#if defined(CYASSL_KEY_GEN) && !defined(NO_RSA) + bench_rsaKeyGen(); +#endif + +#ifdef HAVE_ECC + bench_eccKeyGen(); + bench_eccKeyAgree(); +#endif + printf("End of wolfCrypt Benchmark:\n"); + return 0; +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/Makefile b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/Makefile new file mode 100644 index 000000000..05a3fb1b6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/Makefile @@ -0,0 +1,108 @@ +# +# There exist several targets which are by default empty and which can be +# used for execution of your targets. These targets are usually executed +# before and after some main targets. They are: +# +# .build-pre: called before 'build' target +# .build-post: called after 'build' target +# .clean-pre: called before 'clean' target +# .clean-post: called after 'clean' target +# .clobber-pre: called before 'clobber' target +# .clobber-post: called after 'clobber' target +# .all-pre: called before 'all' target +# .all-post: called after 'all' target +# .help-pre: called before 'help' target +# .help-post: called after 'help' target +# +# Targets beginning with '.' are not intended to be called on their own. +# +# Main targets can be executed directly, and they are: +# +# build build a specific configuration +# clean remove built files from a configuration +# clobber remove all built files +# all build all configurations +# help print help mesage +# +# Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and +# .help-impl are implemented in nbproject/makefile-impl.mk. +# +# Available make variables: +# +# CND_BASEDIR base directory for relative paths +# CND_DISTDIR default top distribution directory (build artifacts) +# CND_BUILDDIR default top build directory (object files, ...) +# CONF name of current configuration +# CND_ARTIFACT_DIR_${CONF} directory of build artifact (current configuration) +# CND_ARTIFACT_NAME_${CONF} name of build artifact (current configuration) +# CND_ARTIFACT_PATH_${CONF} path to build artifact (current configuration) +# CND_PACKAGE_DIR_${CONF} directory of package (current configuration) +# CND_PACKAGE_NAME_${CONF} name of package (current configuration) +# CND_PACKAGE_PATH_${CONF} path to package (current configuration) +# +# NOCDDL + + +# Environment +MKDIR=mkdir +CP=cp +CCADMIN=CCadmin +RANLIB=ranlib + + +# build +build: .build-post + +.build-pre: +# Add your pre 'build' code here... + +.build-post: .build-impl +# Add your post 'build' code here... + + +# clean +clean: .clean-post + +.clean-pre: +# Add your pre 'clean' code here... + +.clean-post: .clean-impl +# Add your post 'clean' code here... + + +# clobber +clobber: .clobber-post + +.clobber-pre: +# Add your pre 'clobber' code here... + +.clobber-post: .clobber-impl +# Add your post 'clobber' code here... + + +# all +all: .all-post + +.all-pre: +# Add your pre 'all' code here... + +.all-post: .all-impl +# Add your post 'all' code here... + + +# help +help: .help-post + +.help-pre: +# Add your pre 'help' code here... + +.help-post: .help-impl +# Add your post 'help' code here... + + + +# include project implementation makefile +include nbproject/Makefile-impl.mk + +# include project make variables +include nbproject/Makefile-variables.mk diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml new file mode 100644 index 000000000..89dad9242 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml @@ -0,0 +1,193 @@ + + + + + + + + + ../../ctaocrypt/benchmark/benchmark.c + ../benchmark_main.c + + + Makefile + + + + .. + + Makefile + + + + localhost + PIC32MX795F512L + + + PKOBSKDEPlatformTool + XC32 + 1.10 + 3 + + + + + + + + + + + + false + + + + + false + + false + + false + false + false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/include.am b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/include.am new file mode 100644 index 000000000..9af74c3b8 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/include.am @@ -0,0 +1,11 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mplabx/ctaocrypt_benchmark.X/Makefile + +EXTRA_DIST += \ + mplabx/ctaocrypt_benchmark.X/nbproject/configurations.xml \ + mplabx/ctaocrypt_benchmark.X/nbproject/project.xml + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/project.xml b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/project.xml new file mode 100644 index 000000000..131e4cf97 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_benchmark.X/nbproject/project.xml @@ -0,0 +1,19 @@ + + + com.microchip.mplab.nbide.embedded.makeproject + + + ctaocrypt_benchmark + 22e4138b-5f20-4957-ac0a-c181b94d3342 + 0 + c + + + ISO-8859-1 + + + ../cyassl.X + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/Makefile b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/Makefile new file mode 100644 index 000000000..05a3fb1b6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/Makefile @@ -0,0 +1,108 @@ +# +# There exist several targets which are by default empty and which can be +# used for execution of your targets. These targets are usually executed +# before and after some main targets. They are: +# +# .build-pre: called before 'build' target +# .build-post: called after 'build' target +# .clean-pre: called before 'clean' target +# .clean-post: called after 'clean' target +# .clobber-pre: called before 'clobber' target +# .clobber-post: called after 'clobber' target +# .all-pre: called before 'all' target +# .all-post: called after 'all' target +# .help-pre: called before 'help' target +# .help-post: called after 'help' target +# +# Targets beginning with '.' are not intended to be called on their own. +# +# Main targets can be executed directly, and they are: +# +# build build a specific configuration +# clean remove built files from a configuration +# clobber remove all built files +# all build all configurations +# help print help mesage +# +# Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and +# .help-impl are implemented in nbproject/makefile-impl.mk. +# +# Available make variables: +# +# CND_BASEDIR base directory for relative paths +# CND_DISTDIR default top distribution directory (build artifacts) +# CND_BUILDDIR default top build directory (object files, ...) +# CONF name of current configuration +# CND_ARTIFACT_DIR_${CONF} directory of build artifact (current configuration) +# CND_ARTIFACT_NAME_${CONF} name of build artifact (current configuration) +# CND_ARTIFACT_PATH_${CONF} path to build artifact (current configuration) +# CND_PACKAGE_DIR_${CONF} directory of package (current configuration) +# CND_PACKAGE_NAME_${CONF} name of package (current configuration) +# CND_PACKAGE_PATH_${CONF} path to package (current configuration) +# +# NOCDDL + + +# Environment +MKDIR=mkdir +CP=cp +CCADMIN=CCadmin +RANLIB=ranlib + + +# build +build: .build-post + +.build-pre: +# Add your pre 'build' code here... + +.build-post: .build-impl +# Add your post 'build' code here... + + +# clean +clean: .clean-post + +.clean-pre: +# Add your pre 'clean' code here... + +.clean-post: .clean-impl +# Add your post 'clean' code here... + + +# clobber +clobber: .clobber-post + +.clobber-pre: +# Add your pre 'clobber' code here... + +.clobber-post: .clobber-impl +# Add your post 'clobber' code here... + + +# all +all: .all-post + +.all-pre: +# Add your pre 'all' code here... + +.all-post: .all-impl +# Add your post 'all' code here... + + +# help +help: .help-post + +.help-pre: +# Add your pre 'help' code here... + +.help-post: .help-impl +# Add your post 'help' code here... + + + +# include project implementation makefile +include nbproject/Makefile-impl.mk + +# include project make variables +include nbproject/Makefile-variables.mk diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/configurations.xml b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/configurations.xml new file mode 100644 index 000000000..284040b81 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/configurations.xml @@ -0,0 +1,194 @@ + + + + + ../../ctaocrypt/test/test.h + + + + + ../../ctaocrypt/test/test.c + ../test_main.c + + + Makefile + + + + .. + + Makefile + + + + localhost + PIC32MX795F512L + + + PKOBSKDEPlatformTool + XC32 + 1.10 + 3 + + + + + + + + + + + + false + + + + + false + + false + + false + false + false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/include.am b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/include.am new file mode 100644 index 000000000..ea0df611c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/include.am @@ -0,0 +1,11 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mplabx/ctaocrypt_test.X/Makefile + +EXTRA_DIST += \ + mplabx/ctaocrypt_test.X/nbproject/configurations.xml \ + mplabx/ctaocrypt_test.X/nbproject/project.xml + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/project.xml b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/project.xml new file mode 100644 index 000000000..1f0921a97 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/ctaocrypt_test.X/nbproject/project.xml @@ -0,0 +1,19 @@ + + + com.microchip.mplab.nbide.embedded.makeproject + + + ctaocrypt_test + b34c4937-7042-4352-88b1-7717bcdf8aeb + 0 + c + + h + ISO-8859-1 + + + ../cyassl.X + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/Makefile b/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/Makefile new file mode 100644 index 000000000..05a3fb1b6 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/Makefile @@ -0,0 +1,108 @@ +# +# There exist several targets which are by default empty and which can be +# used for execution of your targets. These targets are usually executed +# before and after some main targets. They are: +# +# .build-pre: called before 'build' target +# .build-post: called after 'build' target +# .clean-pre: called before 'clean' target +# .clean-post: called after 'clean' target +# .clobber-pre: called before 'clobber' target +# .clobber-post: called after 'clobber' target +# .all-pre: called before 'all' target +# .all-post: called after 'all' target +# .help-pre: called before 'help' target +# .help-post: called after 'help' target +# +# Targets beginning with '.' are not intended to be called on their own. +# +# Main targets can be executed directly, and they are: +# +# build build a specific configuration +# clean remove built files from a configuration +# clobber remove all built files +# all build all configurations +# help print help mesage +# +# Targets .build-impl, .clean-impl, .clobber-impl, .all-impl, and +# .help-impl are implemented in nbproject/makefile-impl.mk. +# +# Available make variables: +# +# CND_BASEDIR base directory for relative paths +# CND_DISTDIR default top distribution directory (build artifacts) +# CND_BUILDDIR default top build directory (object files, ...) +# CONF name of current configuration +# CND_ARTIFACT_DIR_${CONF} directory of build artifact (current configuration) +# CND_ARTIFACT_NAME_${CONF} name of build artifact (current configuration) +# CND_ARTIFACT_PATH_${CONF} path to build artifact (current configuration) +# CND_PACKAGE_DIR_${CONF} directory of package (current configuration) +# CND_PACKAGE_NAME_${CONF} name of package (current configuration) +# CND_PACKAGE_PATH_${CONF} path to package (current configuration) +# +# NOCDDL + + +# Environment +MKDIR=mkdir +CP=cp +CCADMIN=CCadmin +RANLIB=ranlib + + +# build +build: .build-post + +.build-pre: +# Add your pre 'build' code here... + +.build-post: .build-impl +# Add your post 'build' code here... + + +# clean +clean: .clean-post + +.clean-pre: +# Add your pre 'clean' code here... + +.clean-post: .clean-impl +# Add your post 'clean' code here... + + +# clobber +clobber: .clobber-post + +.clobber-pre: +# Add your pre 'clobber' code here... + +.clobber-post: .clobber-impl +# Add your post 'clobber' code here... + + +# all +all: .all-post + +.all-pre: +# Add your pre 'all' code here... + +.all-post: .all-impl +# Add your post 'all' code here... + + +# help +help: .help-post + +.help-pre: +# Add your pre 'help' code here... + +.help-post: .help-impl +# Add your post 'help' code here... + + + +# include project implementation makefile +include nbproject/Makefile-impl.mk + +# include project make variables +include nbproject/Makefile-variables.mk diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/configurations.xml b/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/configurations.xml new file mode 100644 index 000000000..85dc8dead --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/configurations.xml @@ -0,0 +1,208 @@ + + + + + + + + + ../../src/crl.c + ../../src/internal.c + ../../src/io.c + ../../src/keys.c + ../../src/ocsp.c + ../../src/sniffer.c + ../../src/ssl.c + ../../src/tls.c + ../../ctaocrypt/src/aes.c + ../../ctaocrypt/src/arc4.c + ../../ctaocrypt/src/asm.c + ../../ctaocrypt/src/asn.c + ../../ctaocrypt/src/coding.c + ../../ctaocrypt/src/des3.c + ../../ctaocrypt/src/dh.c + ../../ctaocrypt/src/dsa.c + ../../ctaocrypt/src/ecc.c + ../../ctaocrypt/src/ecc_fp.c + ../../ctaocrypt/src/error.c + ../../ctaocrypt/src/hc128.c + ../../ctaocrypt/src/hmac.c + ../../ctaocrypt/src/integer.c + ../../ctaocrypt/src/logging.c + ../../ctaocrypt/src/md2.c + ../../ctaocrypt/src/md4.c + ../../ctaocrypt/src/md5.c + ../../ctaocrypt/src/memory.c + ../../ctaocrypt/src/misc.c + ../../ctaocrypt/src/pwdbased.c + ../../ctaocrypt/src/rabbit.c + ../../ctaocrypt/src/random.c + ../../ctaocrypt/src/ripemd.c + ../../ctaocrypt/src/rsa.c + ../../ctaocrypt/src/sha.c + ../../ctaocrypt/src/sha256.c + ../../ctaocrypt/src/sha512.c + ../../ctaocrypt/src/tfm.c + ../../ctaocrypt/src/wc_port.c + + + Makefile + + + + .. + ../../cyassl/ctaocrypt + ../../ctaocrypt/src + + Makefile + + + + localhost + PIC32MX795F512L + + + PKOBSKDEPlatformTool + XC32 + 1.10 + 3 + + + + + + + false + + false + + false + false + false + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/include.am b/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/include.am new file mode 100644 index 000000000..7d0b98793 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/include.am @@ -0,0 +1,11 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mplabx/cyassl.X/Makefile + +EXTRA_DIST += \ + mplabx/cyassl.X/nbproject/configurations.xml \ + mplabx/cyassl.X/nbproject/project.xml + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/project.xml b/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/project.xml new file mode 100644 index 000000000..a3711bf2d --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/cyassl.X/nbproject/project.xml @@ -0,0 +1,17 @@ + + + com.microchip.mplab.nbide.embedded.makeproject + + + cyassl + 93bbfc3a-a0fa-4d48-bbc8-6cd47a2bd05b + 0 + c + + + ISO-8859-1 + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/include.am b/FreeRTOS-Plus/Source/CyaSSL/mplabx/include.am new file mode 100644 index 000000000..b63cdecaa --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/include.am @@ -0,0 +1,10 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mplabx/PIC32MZ-serial.h \ + mplabx/README \ + mplabx/benchmark_main.c \ + mplabx/test_main.c + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mplabx/test_main.c b/FreeRTOS-Plus/Source/CyaSSL/mplabx/test_main.c new file mode 100644 index 000000000..b77f4f5de --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mplabx/test_main.c @@ -0,0 +1,77 @@ +/* main.c + * + * Copyright (C) 2006-2014 wolfSSL Inc. + * + * This file is part of CyaSSL. + * + * CyaSSL is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * CyaSSL is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA + */ + +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + +#if defined(CYASSL_MICROCHIP_PIC32MZ) + #define MICROCHIP_PIC32 + #include + #pragma config ICESEL = ICS_PGx2 + /* ICE/ICD Comm Channel Select (Communicate on PGEC2/PGED2) */ + #include + #include + #include "PIC32MZ-serial.h" + #define SYSTEMConfigPerformance /* void out SYSTEMConfigPerformance(); */ +#else + #define PIC32_STARTER_KIT + #include + #include + #include + #include + #include + #define init_serial() /* void out init_serial() */ +#endif + +/* func_args from test.h, so don't have to pull in other junk */ +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +/* + * Main driver for CTaoCrypt tests. + */ +int main(int argc, char** argv) { + int i ; + + init_serial() ; /* initialize PIC32MZ serial I/O */ + SYSTEMConfigPerformance(80000000); + DBINIT(); + printf("CTaoCrypt Test:\n"); + func_args args; + + args.argc = argc; + args.argv = argv; + + ctaocrypt_test(&args); + + if (args.return_code == 0) { + printf("All tests passed!\n"); + } + + return 0; +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/README b/FreeRTOS-Plus/Source/CyaSSL/mqx/README new file mode 100644 index 000000000..3765ba57b --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/README @@ -0,0 +1,37 @@ +CyaSSL Freescale CodeWarrior Project Files + +This directory contains project files for Freescale CodeWarrior 10.2. These +project have been created to use MQX, RTCS, and MFS on the Freescale +Kinetis K70 Tower System. + +Included Project Files +----------------------- + +1. CyaSSL library (/cyassl) + + Prior to building this project, uncomment the FREESCALE_MQX define + located in: + + /cyassl/ctaocrypt/settings.h + +2. CTaoCrypt Test App (/ctaocrypt_test) + +3. Example CyaSSL Client (/cyassl_client) + + +Importing into CodeWarrior Workspace +------------------------------------ + +These projects can be imported into a CodeWarrior workspace using the standard +"Import Project" feature. To import a project from CodeWarrior, follow +these steps: + +1. File -> Import +2. General -> Existing Projects into Workspace +3. Select Root Directory (browse to this "/mqx" directory) +4. Select desired projects -> Finish + +Keep in mind that the projects above reference CyaSSL source files and header +files with relative paths to the projects' current location in the +/mqx directory. + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/.cproject b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/.cproject new file mode 100644 index 000000000..6a742b34d --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/.cproject @@ -0,0 +1,2542 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/.project b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/.project new file mode 100644 index 000000000..82a85749d --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/.project @@ -0,0 +1,98 @@ + + + ctaocrypt_test + + + +cyassl + +util_lib + + + + org.eclipse.cdt.managedbuilder.core.genmakebuilder + clean,full,incremental, + + + ?name? + + + + org.eclipse.cdt.make.core.append_environment + true + + + org.eclipse.cdt.make.core.buildArguments + -j6 + + + org.eclipse.cdt.make.core.buildCommand + ${system:ECLIPSE_HOME}/../gnu/bin/mingw32-make + + + org.eclipse.cdt.make.core.buildLocation + ${ProjDirPath}/twrk70f120m_Int_Flash_SramData_Debug + + + org.eclipse.cdt.make.core.contents + org.eclipse.cdt.make.core.activeConfigSettings + + + org.eclipse.cdt.make.core.enableAutoBuild + false + + + org.eclipse.cdt.make.core.enableCleanBuild + true + + + org.eclipse.cdt.make.core.enableFullBuild + true + + + org.eclipse.cdt.make.core.stopOnError + true + + + org.eclipse.cdt.make.core.useDefaultBuildCmd + true + + + + + org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder + full,incremental, + + + + + + org.eclipse.cdt.core.cnature + org.eclipse.cdt.managedbuilder.core.managedBuildNature + org.eclipse.cdt.managedbuilder.core.ScannerConfigNature + + + + Sources/ctaocrypt-test + 2 + PARENT-2-PROJECT_LOC/ctaocrypt/test + + + + + 1351803045734 + Sources/ctaocrypt-test + 5 + + org.eclipse.ui.ide.multiFilter + 1.0-name-matches-false-true-(.*?)\.(c)$ + + + + + + MQX_ROOT_DIR + file:/C:/Freescale/Freescale%20MQX%203.8 + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ReferencedRSESystems.xml b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ReferencedRSESystems.xml new file mode 100644 index 000000000..3df5e1711 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ReferencedRSESystems.xml @@ -0,0 +1,144 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/include.am b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/include.am new file mode 100644 index 000000000..b167955e2 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/include.am @@ -0,0 +1,15 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mqx/ctaocrypt_test/.cproject \ + mqx/ctaocrypt_test/.project \ + mqx/ctaocrypt_test/ReferencedRSESystems.xml \ + mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch \ + mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch + +EXTRA_DIST += \ + mqx/ctaocrypt_test/Sources/main.c \ + mqx/ctaocrypt_test/Sources/main.h + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/main.c b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/main.c new file mode 100644 index 000000000..bb3304320 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/main.c @@ -0,0 +1,103 @@ +/* main.c */ + +#include "main.h" + +/* SD card open/close utility functions */ +#include "util.h" + +#if !BSPCFG_ENABLE_IO_SUBSYSTEM +#error This application requires BSPCFG_ENABLE_IO_SUBSYSTEM defined \ + non-zero in user_config.h. Please recompile BSP with this option. +#endif + +#ifndef BSP_DEFAULT_IO_CHANNEL_DEFINED +#error This application requires BSP_DEFAULT_IO_CHANNEL to be not NULL. \ + Please set corresponding BSPCFG_ENABLE_TTYx to non-zero in \ + user_config.h and recompile BSP with this option. +#endif + + +TASK_TEMPLATE_STRUCT MQX_template_list[] = +{ +/* Task number, Entry point, Stack, Pri, String, Auto? */ + {MAIN_TASK, Main_task, 20000, 9, "main", MQX_AUTO_START_TASK}, + {0, 0, 0, 0, 0, 0, } +}; + +/*TASK*----------------------------------------------------- +* +* Task Name : Main_task +* Comments : +* This task opens the SD card device and runs the +* CTaoCrypt test functions located in test.c. +* +*END*-----------------------------------------------------*/ + +#if defined BSP_SDCARD_ESDHC_CHANNEL + #if ! BSPCFG_ENABLE_ESDHC + #error This application requires BSPCFG_ENABLE_ESDHC defined \ + non-zero in user_config.h. Please recompile libraries with \ + this option. + #endif + +#elif defined BSP_SDCARD_SDHC_CHANNEL + #if ! BSPCFG_ENABLE_SDHC + #error This application requires BSPCFG_ENABLE_SDHC defined \ + non-zero in user_config.h. Please recompile libraries with \ + this option. + #endif +#endif + +#if defined (BSP_SDCARD_SPI_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_SPI_CHANNEL +#elif defined (BSP_SDCARD_ESDHC_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_ESDHC_CHANNEL +#elif defined (BSP_SDCARD_SDHC_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_SDHC_CHANNEL +#else + #error "SDCARD low level communication device not defined!" +#endif + +/* func_args from test.h */ +typedef struct func_args { + int argc; + char** argv; + int return_code; +} func_args; + +void Main_task(uint_32 initial_data) +{ + int ret = 0; + func_args args; + _mqx_int error_code, bytes; + _mqx_uint sz; + char filesystem_name[] = "a:"; + char partman_name[] = "pm:"; + MQX_FILE_PTR com_handle, sdcard_handle, filesystem_handle, partman_handle; + MQX_FILE_PTR cert_file = NULL; + const char* fileName = "a:\certs\\client-key.der"; + + ret = sdcard_open(&com_handle, &sdcard_handle, &partman_handle, + &filesystem_handle, partman_name, filesystem_name); + + if (ret != 0) { + printf("error: sdcard_open(), ret = %d\n", ret); + _mqx_exit(1); + } + printf("SD card installed to %s\n", filesystem_name); + + ctaocrypt_test(&args); + + ret = sdcard_close(&sdcard_handle, &partman_handle, + &filesystem_handle, partman_name, filesystem_name); + + if (ret != 0) { + printf("error: sdcard_close(), ret = %d\n", ret); + _mqx_exit(1); + } + printf("SD card uninstalled.\n"); + + _mqx_exit(0); +} + +/* EOF */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/main.h b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/main.h new file mode 100644 index 000000000..2ea7c9133 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/Sources/main.h @@ -0,0 +1,21 @@ +/* main.h */ + +#ifndef __main_h_ +#define __main_h_ + +#include +#include + +#include +#include +#include +#include +#include +#include + +#define MAIN_TASK 1 + +extern void Main_task(uint_32); + +#endif /* __main_h_ */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch new file mode 100644 index 000000000..6c74d9ae1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch @@ -0,0 +1,162 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch new file mode 100644 index 000000000..8a56e79c0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/ctaocrypt_test/ctaocrypt_test_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch @@ -0,0 +1,158 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/.cproject b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/.cproject new file mode 100644 index 000000000..14a6d3b85 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/.cproject @@ -0,0 +1,2579 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/.project b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/.project new file mode 100644 index 000000000..1ab3cb41d --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/.project @@ -0,0 +1,103 @@ + + + cyassl + + + + + + org.eclipse.cdt.managedbuilder.core.genmakebuilder + clean,full,incremental, + + + ?name? + + + + org.eclipse.cdt.make.core.append_environment + true + + + org.eclipse.cdt.make.core.buildArguments + -j6 + + + org.eclipse.cdt.make.core.buildCommand + ${system:ECLIPSE_HOME}/../gnu/bin/mingw32-make + + + org.eclipse.cdt.make.core.buildLocation + ${ProjDirPath}/twrk70f120m_Int_Flash_SramData_Debug + + + org.eclipse.cdt.make.core.contents + org.eclipse.cdt.make.core.activeConfigSettings + + + org.eclipse.cdt.make.core.enableAutoBuild + false + + + org.eclipse.cdt.make.core.enableCleanBuild + true + + + org.eclipse.cdt.make.core.enableFullBuild + true + + + org.eclipse.cdt.make.core.stopOnError + true + + + org.eclipse.cdt.make.core.useDefaultBuildCmd + true + + + + + org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder + full,incremental, + + + + + + org.eclipse.cdt.core.cnature + org.eclipse.cdt.managedbuilder.core.managedBuildNature + org.eclipse.cdt.managedbuilder.core.ScannerConfigNature + + + + Sources/ctaocrypt_src + 2 + PARENT-2-PROJECT_LOC/ctaocrypt/src + + + Sources/cyassl_src + 2 + PARENT-2-PROJECT_LOC/src + + + + + 1351802255000 + Sources/ctaocrypt_src + 6 + + org.eclipse.ui.ide.multiFilter + 1.0-name-matches-false-false-aes_asm.s + + + + + + CYASSL_SOURCES + PARENT-2-PROJECT_LOC + + + MQX_ROOT_DIR + file:/C:/Freescale/Freescale%20MQX%203.8 + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/include.am b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/include.am new file mode 100644 index 000000000..509e078a5 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl/include.am @@ -0,0 +1,11 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mqx/README + +EXTRA_DIST += \ + mqx/cyassl/.cproject \ + mqx/cyassl/.project + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/.cproject b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/.cproject new file mode 100644 index 000000000..f75ed3280 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/.cproject @@ -0,0 +1,2585 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/.project b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/.project new file mode 100644 index 000000000..a2241849c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/.project @@ -0,0 +1,80 @@ + + + cyassl_client + + + +cyassl + +util_lib + + + + org.eclipse.cdt.managedbuilder.core.genmakebuilder + clean,full,incremental, + + + ?name? + + + + org.eclipse.cdt.make.core.append_environment + true + + + org.eclipse.cdt.make.core.buildArguments + -j6 + + + org.eclipse.cdt.make.core.buildCommand + ${system:ECLIPSE_HOME}/../gnu/bin/mingw32-make + + + org.eclipse.cdt.make.core.buildLocation + ${ProjDirPath}/twrk70f120m_Int_Flash_SramData_Debug + + + org.eclipse.cdt.make.core.contents + org.eclipse.cdt.make.core.activeConfigSettings + + + org.eclipse.cdt.make.core.enableAutoBuild + false + + + org.eclipse.cdt.make.core.enableCleanBuild + true + + + org.eclipse.cdt.make.core.enableFullBuild + true + + + org.eclipse.cdt.make.core.stopOnError + true + + + org.eclipse.cdt.make.core.useDefaultBuildCmd + true + + + + + org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder + full,incremental, + + + + + + org.eclipse.cdt.core.cnature + org.eclipse.cdt.managedbuilder.core.managedBuildNature + org.eclipse.cdt.managedbuilder.core.ScannerConfigNature + + + + MQX_ROOT_DIR + file:/C:/Freescale/Freescale%20MQX%203.8 + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/ReferencedRSESystems.xml b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/ReferencedRSESystems.xml new file mode 100644 index 000000000..0f4419bd0 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/ReferencedRSESystems.xml @@ -0,0 +1,144 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/include.am b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/include.am new file mode 100644 index 000000000..dd4b2ffd9 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/include.am @@ -0,0 +1,15 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mqx/cyassl_client/.cproject \ + mqx/cyassl_client/.project \ + mqx/cyassl_client/ReferencedRSESystems.xml \ + mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch \ + mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch + +EXTRA_DIST += \ + mqx/cyassl_client/Sources/main.c \ + mqx/cyassl_client/Sources/main.h + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/main.c b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/main.c new file mode 100644 index 000000000..3938a87ac --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/main.c @@ -0,0 +1,239 @@ +/* + * main.c + */ + +#include "main.h" +#include "util.h" + +#if !BSPCFG_ENABLE_IO_SUBSYSTEM +#error This application requires BSPCFG_ENABLE_IO_SUBSYSTEM defined \ + non-zero in user_config.h. Please recompile BSP with this option. +#endif + +#ifndef BSP_DEFAULT_IO_CHANNEL_DEFINED +#error This application requires BSP_DEFAULT_IO_CHANNEL to be not NULL. \ + Please set corresponding BSPCFG_ENABLE_TTYx to non-zero in \ + user_config.h and recompile BSP with this option. +#endif + +#if defined BSP_SDCARD_ESDHC_CHANNEL +#if ! BSPCFG_ENABLE_ESDHC +#error This application requires BSPCFG_ENABLE_ESDHC defined non-zero in \ + user_config.h. Please recompile libraries with this option. +#endif + +#elif defined BSP_SDCARD_SDHC_CHANNEL + +#if ! BSPCFG_ENABLE_SDHC +#error This application requires BSPCFG_ENABLE_SDHC defined non-zero in \ + user_config.h. Please recompile libraries with this option. +#endif + +#endif + +#if defined (BSP_SDCARD_SPI_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_SPI_CHANNEL +#elif defined (BSP_SDCARD_ESDHC_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_ESDHC_CHANNEL +#elif defined (BSP_SDCARD_SDHC_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_SDHC_CHANNEL +#else + #error "SDCARD low level communication device not defined!" +#endif + +TASK_TEMPLATE_STRUCT MQX_template_list[] = +{ +/* Task number, Entry point, Stack, Pri, String, Auto? */ + {MAIN_TASK, Main_task, 20000, 9, "main", MQX_AUTO_START_TASK}, + {0, 0, 0, 0, 0, 0, } +}; + +/*TASK*----------------------------------------------------- +* +* Task Name : Main_task +* Comments : +* This task sets up the SD card and Ethernet devices, +* then starts the example CyaSSL client. The example +* CyaSSL client connects to a server over SSL and sends +* a simple HTTP GET message, then prints out the reply +* from the server. +* +* To change the IP address and port of the server, +* change the yasslIP and yasslPort variables in +* client_test(). Note that yasslIP needs to be given +* in hexadecimal. +* +*END*-----------------------------------------------------*/ + +void Main_task(uint_32 initial_data) +{ + int ret = 0; + _mqx_int error_code, bytes; + _mqx_uint param; + _mqx_uint sz; + MQX_FILE_PTR com_handle, sdcard_handle, filesystem_handle, partman_handle; + MQX_FILE_PTR cert_file = NULL; + char filesystem_name[] = "a:"; + char partman_name[] = "pm:"; + const char* fileName = "a:\certs\\client-key.der"; + + printf("Starting client example... \n"); + + ret = sdcard_open(&com_handle, &sdcard_handle, &partman_handle, + &filesystem_handle, partman_name, filesystem_name); + + if (ret != 0) { + printf("error: sdcard_open(), ret = %d\n", ret); + _mqx_exit(1); + } + printf("SD card installed to %s\n", filesystem_name); + + setup_ethernet(); + client_test(); + + ret = sdcard_close(&sdcard_handle, &partman_handle, &filesystem_handle, + partman_name, filesystem_name); + + if (ret != 0) { + printf("error: sdcard_close(), ret = %d\n", ret); + _mqx_exit(1); + } + printf("SD card uninstalled.\n"); + + _mqx_exit(0); +} + +void setup_ethernet(void) { + + int error; + _enet_handle ehandle; /* for Ethernet driver */ + _rtcs_if_handle ihandle; + _enet_address address; + + error = RTCS_create(); + if (error) { + err_sys("failed to create RTCS"); + } + + ENET_get_mac_address(BSP_DEFAULT_ENET_DEVICE, ENET_IPADDR, address); + + /* Set up the Ethernet driver */ + error = ENET_initialize(BSP_DEFAULT_ENET_DEVICE, address, 0, &ehandle); + if (error) + err_sys("failed to initialize Ethernet driver"); + + error = RTCS_if_add(ehandle, RTCS_IF_ENET, &ihandle); + if (error) + err_sys("failed to add interface for Ethernet"); + + error = RTCS_if_bind(ihandle, ENET_IPADDR, ENET_IPMASK); + if (error) + err_sys("failed to bind interface for Ethernet"); + +#ifdef GATE_IPADDR + RTCS_gate_add(GATE_IPADDR, INADDR_ANY, INADDR_ANY); +#endif + + printf("Ethernet device %d bound to %X\n", BSP_DEFAULT_ENET_DEVICE, + ENET_IPADDR); +} + +void client_test(void) { + + char msg[64]; + char reply[1024]; + int sockfd, input; + int ret = 0, msgSz = 0; + struct sockaddr_in servaddr; + CYASSL_CTX* ctx; + CYASSL* ssl; + + long yasslIP = 0xa9fea662; /* 169.254.166.98 */ + long yasslPort = 11111; + + CyaSSL_Debugging_ON(); + CyaSSL_Init(); + + ctx = CyaSSL_CTX_new(CyaSSLv3_client_method()); + + if (ctx == 0) + err_sys("setting up ctx"); + + ret = CyaSSL_CTX_use_certificate_file(ctx, clientCert, SSL_FILETYPE_PEM); + if (ret != SSL_SUCCESS) { + err_sys("can't load client cert file, check file"); + } + + ret = CyaSSL_CTX_use_PrivateKey_file(ctx, clientKey, SSL_FILETYPE_PEM); + if (ret != SSL_SUCCESS) { + err_sys("can't load client key file, check file"); + } + + ret = CyaSSL_CTX_load_verify_locations(ctx, caCert, 0); + if (ret != SSL_SUCCESS) { + err_sys("can't load CA cert file, check file"); + } + + /* create socket descriptor */ + sockfd = socket(AF_INET, SOCK_STREAM, 0); + if (sockfd == RTCS_SOCKET_ERROR) { + err_sys("socket creation failed"); + } else { + printf("socket created successfully\n"); + } + + /* Unlike most TCP/IP stacks, RTCS requires that sin_port and + * sin_addr needs to be in Host Byte Order, not Network Byte Order. + * This means we shouldn't use htons() when setting these values. */ + memset((char*)&servaddr, 0, sizeof(servaddr)); + servaddr.sin_family = AF_INET; + servaddr.sin_port = yasslPort; + servaddr.sin_addr.s_addr = yasslIP; + + ret = connect(sockfd, &servaddr, sizeof(servaddr)); + if (ret != RTCS_OK) { + err_sys("connect() failed"); + } else { + printf("Connected to %lx, port %d.\n", servaddr.sin_addr.s_addr, + servaddr.sin_port); + } + + if( (ssl = CyaSSL_new(ctx)) == NULL) { + err_sys("CyaSSL_new failed"); + } + + CyaSSL_set_fd(ssl, sockfd); + + ret = CyaSSL_connect(ssl); + if (ret != SSL_SUCCESS) + err_sys("CyaSSL_connect failed"); + + printf("CyaSSL_connect() ok, sending GET...\n"); + msgSz = 28; + strncpy(msg, "GET /index.html HTTP/1.0\r\n\r\n", msgSz); + if (CyaSSL_write(ssl, msg, msgSz) != msgSz) + err_sys("CyaSSL_write() failed"); + + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("Server response: %s\n", reply); + + while(1) { + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); + if (input > 0) { + reply[input] = 0; + printf("%s\n", reply); + } else { + break; + } + } + } + + CyaSSL_shutdown(ssl); + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); + CyaSSL_Cleanup(); +} + +/* EOF */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/main.h b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/main.h new file mode 100644 index 000000000..91c11b339 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/Sources/main.h @@ -0,0 +1,61 @@ +/* main.h */ + +#ifndef __main_h_ +#define __main_h_ + +#include +#include +#include +#include +#include +#include +#include +#include +#include +#include + +#include + +#define MAIN_TASK 1 + +extern void Main_task(uint_32); +extern void setup_ethernet(void); +extern void client_test(void); + +/* cert file locations */ +static const char* fileName = "a:\certs\\ca-cert.pem"; +static const char* caCert = "a:\certs\\ca-cert.pem"; +static const char* clientCert = "a:\certs\\client-cert.pem"; +static const char* clientKey = "a:\certs\\client-key.pem"; + +static inline void err_sys(const char* msg) +{ + printf("yassl error: %s\n", msg); + if (msg) + _mqx_exit(1); +} + +/* PPP device must be set manually and +** must be different from the default IO channel (BSP_DEFAULT_IO_CHANNEL) +*/ +#define PPP_DEVICE "ittyb:" + +/* +** Define PPP_DEVICE_DUN only when using PPP to communicate +** to Win9x Dial-Up Networking over a null-modem +** This is ignored if PPP_DEVICE is not #define'd +*/ +#define PPP_DEVICE_DUN 1 + +#ifndef ENET_IPADDR + #define ENET_IPADDR IPADDR(169,254,3,3) +#endif + +#ifndef ENET_IPMASK + #define ENET_IPMASK IPADDR(255,255,0,0) +#endif + +#define GATE_IPADDR IPADDR(192,168,0,1) + +#endif /* __main_h_ */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch new file mode 100644 index 000000000..9aa53216f --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Debug_PnE_U-MultiLink.launch @@ -0,0 +1,162 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch new file mode 100644 index 000000000..cff2bff7c --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/cyassl_client/cyassl_client_twrk70f120m_Int_Flash_SramData_Release_PnE_U-MultiLink.launch @@ -0,0 +1,164 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/.cproject b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/.cproject new file mode 100644 index 000000000..139b9a354 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/.cproject @@ -0,0 +1,2538 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/.project b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/.project new file mode 100644 index 000000000..4e538b6e1 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/.project @@ -0,0 +1,76 @@ + + + util_lib + + + + + + org.eclipse.cdt.managedbuilder.core.genmakebuilder + clean,full,incremental, + + + ?name? + + + + org.eclipse.cdt.make.core.append_environment + true + + + org.eclipse.cdt.make.core.buildArguments + -j6 + + + org.eclipse.cdt.make.core.buildCommand + ${system:ECLIPSE_HOME}/../gnu/bin/mingw32-make + + + org.eclipse.cdt.make.core.buildLocation + ${ProjDirPath}/twrk70f120m_Int_Flash_SramData_Debug + + + org.eclipse.cdt.make.core.contents + org.eclipse.cdt.make.core.activeConfigSettings + + + org.eclipse.cdt.make.core.enableAutoBuild + false + + + org.eclipse.cdt.make.core.enableCleanBuild + true + + + org.eclipse.cdt.make.core.enableFullBuild + true + + + org.eclipse.cdt.make.core.stopOnError + true + + + org.eclipse.cdt.make.core.useDefaultBuildCmd + true + + + + + org.eclipse.cdt.managedbuilder.core.ScannerConfigBuilder + full,incremental, + + + + + + org.eclipse.cdt.core.cnature + org.eclipse.cdt.managedbuilder.core.managedBuildNature + org.eclipse.cdt.managedbuilder.core.ScannerConfigNature + + + + MQX_ROOT_DIR + file:/C:/Freescale/Freescale%20MQX%203.8 + + + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/include.am b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/include.am new file mode 100644 index 000000000..4b54a5a60 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/include.am @@ -0,0 +1,12 @@ +# vim:ft=automake +# All paths should be given relative to the root +# + +EXTRA_DIST += \ + mqx/util_lib/.cproject \ + mqx/util_lib/.project + +EXTRA_DIST += \ + mqx/util_lib/Sources/util.c \ + mqx/util_lib/Sources/util.h + diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/util.c b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/util.c new file mode 100644 index 000000000..0a3f396b5 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/util.c @@ -0,0 +1,178 @@ +/* util.c */ + +#include +#include +#include +#include + +#include "util.h" + +#if !BSPCFG_ENABLE_IO_SUBSYSTEM + #error This application requires BSPCFG_ENABLE_IO_SUBSYSTEM defined \ + non-zero in user_config.h. Please recompile BSP with this option. +#endif + +#ifndef BSP_DEFAULT_IO_CHANNEL_DEFINED + #error This application requires BSP_DEFAULT_IO_CHANNEL to be not \ + NULL. Please set corresponding BSPCFG_ENABLE_TTYx to non-zero \ + in user_config.h and recompile BSP with this option. +#endif + +#if defined BSP_SDCARD_ESDHC_CHANNEL + #if ! BSPCFG_ENABLE_ESDHC + #error This application requires BSPCFG_ENABLE_ESDHC defined \ + non-zero in user_config.h. Please recompile libraries with \ + this option. + #endif +#elif defined BSP_SDCARD_SDHC_CHANNEL + #if ! BSPCFG_ENABLE_SDHC + #error This application requires BSPCFG_ENABLE_SDHC defined \ + non-zero in user_config.h. Please recompile libraries with \ + this option. + #endif +#endif + +#if defined (BSP_SDCARD_SPI_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_SPI_CHANNEL +#elif defined (BSP_SDCARD_ESDHC_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_ESDHC_CHANNEL +#elif defined (BSP_SDCARD_SDHC_CHANNEL) + #define SDCARD_COM_CHANNEL BSP_SDCARD_SDHC_CHANNEL +#else + #error "SDCARD low level communication device not defined!" +#endif + +int sdcard_open(MQX_FILE_PTR *com_handle, MQX_FILE_PTR *sdcard_handle, + MQX_FILE_PTR *partman_handle, MQX_FILE_PTR *filesystem_handle, + char *partman_name, char *filesystem_name) +{ + + _mqx_int error_code; + _mqx_uint param; + + /* Open low level communication device */ + *com_handle = fopen(SDCARD_COM_CHANNEL, NULL); + + if (NULL == *com_handle) { + printf("Error installing communication handle.\n"); + return -60; + } + + /* Install SD card device */ + error_code = _io_sdcard_install("sdcard:", (pointer) &_bsp_sdcard0_init, + *com_handle); + if (error_code != MQX_OK) { + printf("Error installing SD card device (0x%x)\n", error_code); + return -61; + } + + _time_delay(200); + + /* Open the device which MFS will be installed on */ + *sdcard_handle = fopen("sdcard:", 0); + if (*sdcard_handle == NULL) { + printf("Unable to open SD card device.\n"); + return -62; + } + + /* Install partition manager over SD card driver */ + error_code = _io_part_mgr_install(*sdcard_handle, partman_name, 0); + if (error_code != MFS_NO_ERROR) { + printf("Error installing partition manager: %s\n", MFS_Error_text( + (uint_32) error_code)); + return -63; + } + + /* Open partition manager */ + *partman_handle = fopen(partman_name, NULL); + if (*partman_handle == NULL) { + error_code = ferror(*partman_handle); + printf("Error opening partition manager: %s\n", MFS_Error_text( + (uint_32) error_code)); + return -64; + } + + /* Validate partition 1 */ + param = 1; + error_code = _io_ioctl(*partman_handle, IO_IOCTL_VAL_PART, ¶m); + if (error_code == MQX_OK) { + /* Install MFS over partition 1 */ + error_code = _io_mfs_install(*partman_handle, filesystem_name, param); + if (error_code != MFS_NO_ERROR) { + printf("Error initializing MFS over partition: %s\n", + MFS_Error_text((uint_32) error_code)); + return -65; + } + + } else { + /* Install MFS over SD card driver */ + error_code = _io_mfs_install(*sdcard_handle, filesystem_name, + (_file_size) 0); + if (error_code != MFS_NO_ERROR) { + printf("Error initializing MFS: %s\n", MFS_Error_text( + (uint_32) error_code)); + return -66; + } + } /* end Validate partition 1 */ + + /* Open file system */ + *filesystem_handle = fopen(filesystem_name, NULL); + error_code = ferror(*filesystem_handle); + if ((error_code != MFS_NO_ERROR) && (error_code != MFS_NOT_A_DOS_DISK)) { + printf("Error opening filesystem: %s\n", MFS_Error_text( + (uint_32) error_code)); + return -67; + } + if (error_code == MFS_NOT_A_DOS_DISK) { + printf("NOT A DOS DISK! You must format to continue.\n"); + return -68; + } + + return 0; +} + +int sdcard_close(MQX_FILE_PTR *sdcard_handle, MQX_FILE_PTR *partman_handle, + MQX_FILE_PTR *filesystem_handle, + char *partman_name, char *filesystem_name) +{ + _mqx_int error_code; + + /* Close the filesystem */ + if (MQX_OK != fclose(*filesystem_handle)) { + printf("Error closing filesystem.\n"); + return -69; + } + *filesystem_handle = NULL; + + /* Uninstall MFS */ + error_code = _io_dev_uninstall(filesystem_name); + if (error_code != MFS_NO_ERROR) { + printf("Error uninstalling filesystem.\n"); + return -70; + } + + /* Close partition manager */ + if (MQX_OK != fclose(*partman_handle)) { + printf("Unable to close partition manager.\n"); + return -71; + } + *partman_handle = NULL; + + /* Uninstall partition manager */ + error_code = _io_dev_uninstall(partman_name); + if (error_code != MFS_NO_ERROR) { + printf("Error uninstalling partition manager.\n"); + return -72; + } + + /* Close the SD card device */ + if (MQX_OK != fclose(*sdcard_handle)) { + printf("Unable to close SD card device.\n"); + return -73; + } + *sdcard_handle = NULL; + + return 0; +} + +/* EOF */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/util.h b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/util.h new file mode 100644 index 000000000..67bdca2fe --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/mqx/util_lib/Sources/util.h @@ -0,0 +1,14 @@ +/* util.h */ + +#ifndef UTIL_H_ +#define UTIL_H_ + +int sdcard_open(MQX_FILE_PTR *com_handle, MQX_FILE_PTR *sdcard_handle, + MQX_FILE_PTR *partman_handle, MQX_FILE_PTR *filesystem_handle, + char *partman_name, char *filesystem_name); + +int sdcard_close(MQX_FILE_PTR *sdcard_handle, MQX_FILE_PTR *partman_handle, + MQX_FILE_PTR *filesystem_handle, + char *partman_name, char *filesystem_name); + +#endif /* UTIL_H_ */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/rpm/include.am b/FreeRTOS-Plus/Source/CyaSSL/rpm/include.am new file mode 100644 index 000000000..e5253dd15 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/rpm/include.am @@ -0,0 +1,37 @@ +# vim:ft=automake + +rpm-build: rpm/spec dist + @rm -f *.rpm + @rm -f ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm + @rm -f ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm + @mkdir -p ~/rpmbuild/BUILD/ + @mkdir -p ~/rpmbuild/RPMS/i386/ + @mkdir -p ~/rpmbuild/RPMS/i686/ + @mkdir -p ~/rpmbuild/RPMS/noarch/ + @mkdir -p ~/rpmbuild/RPMS/x86_64/ + @mkdir -p ~/rpmbuild/SOURCES/ + @mkdir -p ~/rpmbuild/SPECS/ + @mkdir -p ~/rpmbuild/SRPMS/ + @cp $(PACKAGE)-$(VERSION).tar.gz ~/rpmbuild/SOURCES/ + @rpmbuild -ba --clean rpm/spec + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-$(VERSION)*.rpm . + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-devel-$(VERSION)*.rpm . + @cp ~/rpmbuild/RPMS/x86_64/$(PACKAGE)-debuginfo-$(VERSION)*.rpm . + @cp ~/rpmbuild/SRPMS/$(PACKAGE)-$(VERSION)*.rpm . + +rpm-sign: rpm-build + @rpm --addsign *.rpm + @rpm --checksig *.rpm + +clean-rpm: + @rm -f *.tar.gz + @rm -f *.src.rpm + @rm -f *.rpm + +rpm: rpm-build + +release: rpm-sign + +auto-rpmbuild: + @auto-br-rpmbuild -ba rpm/spec + diff --git a/FreeRTOS-Plus/Source/CyaSSL/rpm/spec.in b/FreeRTOS-Plus/Source/CyaSSL/rpm/spec.in new file mode 100644 index 000000000..9435c6cfa --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/rpm/spec.in @@ -0,0 +1,166 @@ +Summary: Embedded SSL Library +Name: @PACKAGE@ +Version: @VERSION@ +Release: 1 +License: GPLv2 +Group: System Environment/Libraries +BuildRequires: gcc +BuildRequires: glibc +BuildRequires: glibc-common +BuildRequires: glibc-devel +BuildRequires: glibc-headers +BuildRequires: make +BuildRequires: pkgconfig +BuildRequires: sed +BuildRequires: tar +URL: http://www.yassl.com/yaSSL/Home.html + +Packager: Brian Aker + +Source: http://yassl.com/yaSSL/download/%{name}-%{version}.tar.gz +BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot + +%description +Misc tools for Yassl. + +%package devel +Summary: Header files and development libraries for %{name} +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} + +%description devel +This package contains the header files and development libraries +for %{name}. If you like to develop programs using %{name}, +you will need to install %{name}-devel. + +%prep +%setup -q + +%configure + + +%build +%{__make} %{?_smp_mflags} + +%install +%{__rm} -rf %{buildroot} +%{__make} install DESTDIR="%{buildroot}" AM_INSTALL_PROGRAM_FLAGS="" +mkdir -p $RPM_BUILD_ROOT/ + +%check + + +%clean +%{__rm} -rf %{buildroot} + +%post -p /sbin/ldconfig + +%postun -p /sbin/ldconfig + +%files +%defattr(-,root,root,-) +%doc AUTHORS ChangeLog COPYING NEWS README +%{_docdir}/cyassl/taoCert.txt +%{_docdir}/cyassl/example/echoserver.c +%{_docdir}/cyassl/example/server.c +%{_docdir}/cyassl/example/echoclient.c +%{_docdir}/cyassl/example/client.c +%{_docdir}/cyassl/README.txt +%{_libdir}/libcyassl.la +%{_libdir}/libcyassl.so +%{_libdir}/libcyassl.so.5 +%{_libdir}/libcyassl.so.5.0.5 + +%files devel +%defattr(-,root,root,-) +%doc AUTHORS ChangeLog COPYING NEWS README +%{_bindir}/cyassl-config +%{_includedir}/cyassl/callbacks.h +%{_includedir}/cyassl/certs_test.h +%{_includedir}/cyassl/crl.h +%{_includedir}/cyassl/ctaocrypt/aes.h +%{_includedir}/cyassl/ctaocrypt/arc4.h +%{_includedir}/cyassl/ctaocrypt/asn.h +%{_includedir}/cyassl/ctaocrypt/asn_public.h +%{_includedir}/cyassl/ctaocrypt/blake2-impl.h +%{_includedir}/cyassl/ctaocrypt/blake2-int.h +%{_includedir}/cyassl/ctaocrypt/blake2.h +%{_includedir}/cyassl/ctaocrypt/camellia.h +%{_includedir}/cyassl/ctaocrypt/coding.h +%{_includedir}/cyassl/ctaocrypt/compress.h +%{_includedir}/cyassl/ctaocrypt/des3.h +%{_includedir}/cyassl/ctaocrypt/dh.h +%{_includedir}/cyassl/ctaocrypt/dsa.h +%{_includedir}/cyassl/ctaocrypt/ecc.h +%{_includedir}/cyassl/ctaocrypt/error-crypt.h +%{_includedir}/cyassl/ctaocrypt/fips_test.h +%{_includedir}/cyassl/ctaocrypt/hc128.h +%{_includedir}/cyassl/ctaocrypt/hmac.h +%{_includedir}/cyassl/ctaocrypt/integer.h +%{_includedir}/cyassl/ctaocrypt/logging.h +%{_includedir}/cyassl/ctaocrypt/md2.h +%{_includedir}/cyassl/ctaocrypt/md4.h +%{_includedir}/cyassl/ctaocrypt/md5.h +%{_includedir}/cyassl/ctaocrypt/memory.h +%{_includedir}/cyassl/ctaocrypt/misc.h +%{_includedir}/cyassl/ctaocrypt/mpi_class.h +%{_includedir}/cyassl/ctaocrypt/mpi_superclass.h +%{_includedir}/cyassl/ctaocrypt/pkcs7.h +%{_includedir}/cyassl/ctaocrypt/wc_port.h +%{_includedir}/cyassl/ctaocrypt/pwdbased.h +%{_includedir}/cyassl/ctaocrypt/rabbit.h +%{_includedir}/cyassl/ctaocrypt/random.h +%{_includedir}/cyassl/ctaocrypt/ripemd.h +%{_includedir}/cyassl/ctaocrypt/rsa.h +%{_includedir}/cyassl/ctaocrypt/settings.h +%{_includedir}/cyassl/ctaocrypt/sha.h +%{_includedir}/cyassl/ctaocrypt/sha256.h +%{_includedir}/cyassl/ctaocrypt/sha512.h +%{_includedir}/cyassl/ctaocrypt/tfm.h +%{_includedir}/cyassl/ctaocrypt/types.h +%{_includedir}/cyassl/ctaocrypt/visibility.h +%{_includedir}/cyassl/error-ssl.h +%{_includedir}/cyassl/ocsp.h +%{_includedir}/cyassl/openssl/asn1.h +%{_includedir}/cyassl/openssl/bio.h +%{_includedir}/cyassl/openssl/bn.h +%{_includedir}/cyassl/openssl/conf.h +%{_includedir}/cyassl/openssl/crypto.h +%{_includedir}/cyassl/openssl/des.h +%{_includedir}/cyassl/openssl/dh.h +%{_includedir}/cyassl/openssl/dsa.h +%{_includedir}/cyassl/openssl/ec.h +%{_includedir}/cyassl/openssl/ecdsa.h +%{_includedir}/cyassl/openssl/engine.h +%{_includedir}/cyassl/openssl/err.h +%{_includedir}/cyassl/openssl/evp.h +%{_includedir}/cyassl/openssl/hmac.h +%{_includedir}/cyassl/openssl/lhash.h +%{_includedir}/cyassl/openssl/md4.h +%{_includedir}/cyassl/openssl/md5.h +%{_includedir}/cyassl/openssl/ocsp.h +%{_includedir}/cyassl/openssl/opensslconf.h +%{_includedir}/cyassl/openssl/opensslv.h +%{_includedir}/cyassl/openssl/ossl_typ.h +%{_includedir}/cyassl/openssl/pem.h +%{_includedir}/cyassl/openssl/pkcs12.h +%{_includedir}/cyassl/openssl/rand.h +%{_includedir}/cyassl/openssl/ripemd.h +%{_includedir}/cyassl/openssl/rsa.h +%{_includedir}/cyassl/openssl/sha.h +%{_includedir}/cyassl/openssl/ssl.h +%{_includedir}/cyassl/openssl/stack.h +%{_includedir}/cyassl/openssl/ui.h +%{_includedir}/cyassl/openssl/x509.h +%{_includedir}/cyassl/openssl/x509v3.h +%{_includedir}/cyassl/options.h +%{_includedir}/cyassl/sniffer.h +%{_includedir}/cyassl/sniffer_error.h +%{_includedir}/cyassl/ssl.h +%{_includedir}/cyassl/test.h +%{_includedir}/cyassl/version.h +%{_libdir}/pkgconfig/cyassl.pc + +%changelog +* Fri Oct 20 2012 Brian Aker +- Initial package diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/crl.c b/FreeRTOS-Plus/Source/CyaSSL/src/crl.c index 40759a4f1..9b94aab7b 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/crl.c +++ b/FreeRTOS-Plus/Source/CyaSSL/src/crl.c @@ -1,6 +1,6 @@ /* crl.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,22 +16,28 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include #ifdef HAVE_CRL #include -#include +#include #include +#include #include +#ifdef HAVE_CRL_MONITOR + static int StopMonitor(int mfd); +#endif + /* Initialze CRL members */ int InitCRL(CYASSL_CRL* crl, CYASSL_CERT_MANAGER* cm) @@ -43,10 +49,11 @@ int InitCRL(CYASSL_CRL* crl, CYASSL_CERT_MANAGER* cm) crl->monitors[0].path = NULL; crl->monitors[1].path = NULL; #ifdef HAVE_CRL_MONITOR - crl->tid = 0; + crl->tid = 0; + crl->mfd = -1; /* mfd for bsd is kqueue fd, eventfd for linux */ #endif if (InitMutex(&crl->crlLock) != 0) - return BAD_MUTEX_ERROR; + return BAD_MUTEX_E; return 0; } @@ -58,7 +65,8 @@ static int InitCRL_Entry(CRL_Entry* crle, DecodedCRL* dcrl) CYASSL_ENTER("InitCRL_Entry"); XMEMCPY(crle->issuerHash, dcrl->issuerHash, SHA_DIGEST_SIZE); - XMEMCPY(crle->crlHash, dcrl->crlHash, MD5_DIGEST_SIZE); + /* XMEMCPY(crle->crlHash, dcrl->crlHash, SHA_DIGEST_SIZE); + * copy the hash here if needed for optimized comparisons */ XMEMCPY(crle->lastDate, dcrl->lastDate, MAX_DATE_SIZE); XMEMCPY(crle->nextDate, dcrl->nextDate, MAX_DATE_SIZE); crle->lastDateFormat = dcrl->lastDateFormat; @@ -89,7 +97,7 @@ static void FreeCRL_Entry(CRL_Entry* crle) /* Free all CRL resources */ -void FreeCRL(CYASSL_CRL* crl) +void FreeCRL(CYASSL_CRL* crl, int dynamic) { CRL_Entry* tmp = crl->crlList; @@ -110,11 +118,18 @@ void FreeCRL(CYASSL_CRL* crl) #ifdef HAVE_CRL_MONITOR if (crl->tid != 0) { - CYASSL_MSG("Canceling monitor thread"); - pthread_cancel(crl->tid); + CYASSL_MSG("stopping monitor thread"); + if (StopMonitor(crl->mfd) == 0) + pthread_join(crl->tid, NULL); + else { + CYASSL_MSG("stop monitor failed, cancel instead"); + pthread_cancel(crl->tid); + } } #endif FreeMutex(&crl->crlLock); + if (dynamic) /* free self */ + XFREE(crl, NULL, DYNAMIC_TYPE_CRL); } @@ -123,14 +138,13 @@ int CheckCertCRL(CYASSL_CRL* crl, DecodedCert* cert) { CRL_Entry* crle; int foundEntry = 0; - int revoked = 0; int ret = 0; CYASSL_ENTER("CheckCertCRL"); if (LockMutex(&crl->crlLock) != 0) { CYASSL_MSG("LockMutex failed"); - return BAD_MUTEX_ERROR; + return BAD_MUTEX_E; } crle = crl->crlList; @@ -157,7 +171,6 @@ int CheckCertCRL(CYASSL_CRL* crl, DecodedCert* cert) while (rc) { if (XMEMCMP(rc->serialNumber, cert->serial, rc->serialSz) == 0) { CYASSL_MSG("Cert revoked"); - revoked = 1; ret = CRL_CERT_REVOKED; break; } @@ -214,7 +227,7 @@ static int AddCRL(CYASSL_CRL* crl, DecodedCRL* dcrl) CYASSL_MSG("LockMutex failed"); FreeCRL_Entry(crle); XFREE(crle, NULL, DYNAMIC_TYPE_CRL_ENTRY); - return BAD_MUTEX_ERROR; + return BAD_MUTEX_E; } crle->next = crl->crlList; crl->crlList = crle; @@ -256,7 +269,7 @@ int BufferLoadCRL(CYASSL_CRL* crl, const byte* buff, long sz, int type) } InitDecodedCRL(&dcrl); - ret = ParseCRL(&dcrl, myBuffer, sz, crl->cm); + ret = ParseCRL(&dcrl, myBuffer, (word32)sz, crl->cm); if (ret != 0) { CYASSL_MSG("ParseCRL error"); } @@ -296,7 +309,7 @@ static int SwapLists(CYASSL_CRL* crl) ret = LoadCRL(&tmp, crl->monitors[0].path, SSL_FILETYPE_PEM, 0); if (ret != SSL_SUCCESS) { CYASSL_MSG("PEM LoadCRL on dir change failed"); - FreeCRL(&tmp); + FreeCRL(&tmp, 0); return -1; } } @@ -305,14 +318,14 @@ static int SwapLists(CYASSL_CRL* crl) ret = LoadCRL(&tmp, crl->monitors[1].path, SSL_FILETYPE_ASN1, 0); if (ret != SSL_SUCCESS) { CYASSL_MSG("DER LoadCRL on dir change failed"); - FreeCRL(&tmp); + FreeCRL(&tmp, 0); return -1; } } if (LockMutex(&crl->crlLock) != 0) { CYASSL_MSG("LockMutex failed"); - FreeCRL(&tmp); + FreeCRL(&tmp, 0); return -1; } @@ -324,49 +337,91 @@ static int SwapLists(CYASSL_CRL* crl) UnLockMutex(&crl->crlLock); - FreeCRL(&tmp); + FreeCRL(&tmp, 0); return 0; } -#ifdef __MACH__ +#if (defined(__MACH__) || defined(__FreeBSD__)) +#include #include #include #include +#include + +#ifdef __MACH__ + #define XEVENT_MODE O_EVTONLY +#elif defined(__FreeBSD__) + #define XEVENT_MODE EVFILT_VNODE +#endif + + +/* we need a unique kqueue user filter fd for crl in case user is doing custom + * events too */ +#ifndef CRL_CUSTOM_FD + #define CRL_CUSTOM_FD 123456 +#endif + + +/* shutdown monitor thread, 0 on success */ +static int StopMonitor(int mfd) +{ + struct kevent change; + + /* trigger custom shutdown */ + EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, 0, NOTE_TRIGGER, 0, NULL); + if (kevent(mfd, &change, 1, NULL, 0, NULL) < 0) { + CYASSL_MSG("kevent trigger customer event failed"); + return -1; + } + + return 0; +} + /* OS X monitoring */ static void* DoMonitor(void* arg) { - int fPEM, fDER, kq; + int fPEM, fDER; struct kevent change; CYASSL_CRL* crl = (CYASSL_CRL*)arg; CYASSL_ENTER("DoMonitor"); - kq = kqueue(); - if (kq == -1) { + crl->mfd = kqueue(); + if (crl->mfd == -1) { CYASSL_MSG("kqueue failed"); return NULL; } + /* listen for custom shutdown event */ + EV_SET(&change, CRL_CUSTOM_FD, EVFILT_USER, EV_ADD, 0, 0, NULL); + if (kevent(crl->mfd, &change, 1, NULL, 0, NULL) < 0) { + CYASSL_MSG("kevent monitor customer event failed"); + close(crl->mfd); + return NULL; + } + fPEM = -1; fDER = -1; if (crl->monitors[0].path) { - fPEM = open(crl->monitors[0].path, O_EVTONLY); + fPEM = open(crl->monitors[0].path, XEVENT_MODE); if (fPEM == -1) { CYASSL_MSG("PEM event dir open failed"); + close(crl->mfd); return NULL; } } if (crl->monitors[1].path) { - fDER = open(crl->monitors[1].path, O_EVTONLY); + fDER = open(crl->monitors[1].path, XEVENT_MODE); if (fDER == -1) { CYASSL_MSG("DER event dir open failed"); + close(crl->mfd); return NULL; } } @@ -381,7 +436,7 @@ static void* DoMonitor(void* arg) for (;;) { struct kevent event; - int numEvents = kevent(kq, &change, 1, &event, 1, NULL); + int numEvents = kevent(crl->mfd, &change, 1, &event, 1, NULL); CYASSL_MSG("Got kevent"); @@ -390,33 +445,77 @@ static void* DoMonitor(void* arg) continue; } + if (event.filter == EVFILT_USER) { + CYASSL_MSG("Got user shutdown event, breaking out"); + break; + } + if (SwapLists(crl) < 0) { CYASSL_MSG("SwapLists problem, continue"); } } + if (fPEM != -1) + close(fPEM); + if (fDER != -1) + close(fDER); + + close(crl->mfd); + return NULL; } -#elif __linux__ +#elif defined(__linux__) #include #include +#include #include + +#ifndef max + static INLINE int max(int a, int b) + { + return a > b ? a : b; + } +#endif /* max */ + + +/* shutdown monitor thread, 0 on success */ +static int StopMonitor(int mfd) +{ + word64 w64 = 1; + + /* write to our custom event */ + if (write(mfd, &w64, sizeof(w64)) < 0) { + CYASSL_MSG("StopMonitor write failed"); + return -1; + } + + return 0; +} + + /* linux monitoring */ static void* DoMonitor(void* arg) { int notifyFd; - int wd; + int wd = -1; CYASSL_CRL* crl = (CYASSL_CRL*)arg; CYASSL_ENTER("DoMonitor"); + crl->mfd = eventfd(0, 0); /* our custom shutdown event */ + if (crl->mfd < 0) { + CYASSL_MSG("eventfd failed"); + return NULL; + } + notifyFd = inotify_init(); if (notifyFd < 0) { CYASSL_MSG("inotify failed"); + close(crl->mfd); return NULL; } @@ -425,6 +524,8 @@ static void* DoMonitor(void* arg) IN_DELETE); if (wd < 0) { CYASSL_MSG("PEM notify add watch failed"); + close(crl->mfd); + close(notifyFd); return NULL; } } @@ -434,16 +535,36 @@ static void* DoMonitor(void* arg) IN_DELETE); if (wd < 0) { CYASSL_MSG("DER notify add watch failed"); + close(crl->mfd); + close(notifyFd); return NULL; } } for (;;) { - char buffer[8192]; - int length = read(notifyFd, buffer, sizeof(buffer)); + fd_set readfds; + char buff[8192]; + int result, length; + + FD_ZERO(&readfds); + FD_SET(notifyFd, &readfds); + FD_SET(crl->mfd, &readfds); + + result = select(max(notifyFd, crl->mfd) + 1, &readfds, NULL, NULL,NULL); CYASSL_MSG("Got notify event"); + if (result < 0) { + CYASSL_MSG("select problem, continue"); + continue; + } + + if (FD_ISSET(crl->mfd, &readfds)) { + CYASSL_MSG("got custom shutdown event, breaking out"); + break; + } + + length = read(notifyFd, buff, sizeof(buff)); if (length < 0) { CYASSL_MSG("notify read problem, continue"); continue; @@ -454,10 +575,18 @@ static void* DoMonitor(void* arg) } } + if (wd > 0) + inotify_rm_watch(notifyFd, wd); + close(crl->mfd); + close(notifyFd); + return NULL; } +#else + +#error "CRL monitor only currently supported on linux or mach" #endif /* MACH or linux */ @@ -492,6 +621,8 @@ static int StartMonitorCRL(CYASSL_CRL* crl) static int StartMonitorCRL(CYASSL_CRL* crl) { + (void)crl; + CYASSL_ENTER("StartMonitorCRL"); CYASSL_MSG("Not compiled in"); @@ -518,8 +649,19 @@ int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor) return BAD_PATH_ERROR; } while ( (entry = readdir(dir)) != NULL) { - if (entry->d_type & DT_REG) { - char name[MAX_FILENAME_SZ]; + char name[MAX_FILENAME_SZ]; + struct stat s; + + XMEMSET(name, 0, sizeof(name)); + XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2); + XSTRNCAT(name, "/", 1); + XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2); + + if (stat(name, &s) != 0) { + CYASSL_MSG("stat on name failed"); + continue; + } + if (s.st_mode & S_IFREG) { if (type == SSL_FILETYPE_PEM) { if (strstr(entry->d_name, ".pem") == NULL) { @@ -536,11 +678,6 @@ int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor) } } - XMEMSET(name, 0, sizeof(name)); - XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2); - XSTRNCAT(name, "/", 1); - XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2); - if (ProcessFile(NULL, name, type, CRL_TYPE, NULL, 0, crl) != SSL_SUCCESS) { CYASSL_MSG("CRL file load failed, continuing"); @@ -569,6 +706,8 @@ int LoadCRL(CYASSL_CRL* crl, const char* path, int type, int monitor) ret = StartMonitorCRL(crl); } } + + closedir(dir); return ret; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/include.am b/FreeRTOS-Plus/Source/CyaSSL/src/include.am index c6ce57491..d4a32684b 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/src/include.am @@ -3,39 +3,94 @@ # All paths should be given relative to the root lib_LTLIBRARIES+= src/libcyassl.la -src_libcyassl_la_SOURCES = \ - src/internal.c \ - src/io.c \ - src/keys.c \ - src/ssl.c \ - src/tls.c \ - ctaocrypt/src/asn.c \ - ctaocrypt/src/coding.c \ - ctaocrypt/src/des3.c \ - ctaocrypt/src/hmac.c \ - ctaocrypt/src/md5.c \ - ctaocrypt/src/md4.c \ - ctaocrypt/src/random.c \ - ctaocrypt/src/rsa.c \ - ctaocrypt/src/sha.c \ - ctaocrypt/src/aes.c \ - ctaocrypt/src/sha256.c \ - ctaocrypt/src/dh.c \ - ctaocrypt/src/dsa.c \ - ctaocrypt/src/arc4.c \ - ctaocrypt/src/rabbit.c \ - ctaocrypt/src/pwdbased.c \ - ctaocrypt/src/logging.c \ - ctaocrypt/src/memory.c +src_libcyassl_la_SOURCES = + +if BUILD_FIPS +src_libcyassl_la_SOURCES += ctaocrypt/src/wolfcrypt_first.c +endif + +src_libcyassl_la_SOURCES += \ + src/internal.c \ + src/io.c \ + src/keys.c \ + src/ssl.c \ + src/tls.c \ + ctaocrypt/src/hmac.c \ + ctaocrypt/src/random.c \ + ctaocrypt/src/sha256.c \ + ctaocrypt/src/logging.c \ + ctaocrypt/src/wc_port.c \ + ctaocrypt/src/error.c src_libcyassl_la_LDFLAGS = ${AM_LDFLAGS} -no-undefined -version-info ${CYASSL_LIBRARY_VERSION} src_libcyassl_la_LIBADD = $(LIBM) src_libcyassl_la_CFLAGS = -DBUILDING_CYASSL $(AM_CFLAGS) src_libcyassl_la_CPPFLAGS = -DBUILDING_CYASSL $(AM_CPPFLAGS) +if BUILD_MEMORY +src_libcyassl_la_SOURCES += ctaocrypt/src/memory.c +endif + +if BUILD_RSA +src_libcyassl_la_SOURCES += ctaocrypt/src/rsa.c +endif + +if BUILD_DH +src_libcyassl_la_SOURCES += ctaocrypt/src/dh.c +endif + +if BUILD_ASN +src_libcyassl_la_SOURCES += ctaocrypt/src/asn.c +endif + +if BUILD_FIPS +src_libcyassl_la_SOURCES += ctaocrypt/src/fips.c +src_libcyassl_la_SOURCES += ctaocrypt/src/fips_test.c +endif + +if BUILD_CODING +src_libcyassl_la_SOURCES += ctaocrypt/src/coding.c +endif + +if BUILD_AES +src_libcyassl_la_SOURCES += ctaocrypt/src/aes.c +endif + +if BUILD_DES3 +src_libcyassl_la_SOURCES += ctaocrypt/src/des3.c +endif + +if BUILD_SHA +src_libcyassl_la_SOURCES += ctaocrypt/src/sha.c +endif + +if BUILD_RC4 +src_libcyassl_la_SOURCES += ctaocrypt/src/arc4.c +endif + +if BUILD_MD4 +src_libcyassl_la_SOURCES += ctaocrypt/src/md4.c +endif + +if BUILD_MD5 +src_libcyassl_la_SOURCES += ctaocrypt/src/md5.c +endif + +if BUILD_PWDBASED +src_libcyassl_la_SOURCES += ctaocrypt/src/pwdbased.c +endif + +if BUILD_DSA +src_libcyassl_la_SOURCES += ctaocrypt/src/dsa.c +endif + if BUILD_AESNI src_libcyassl_la_SOURCES += ctaocrypt/src/aes_asm.s endif +if BUILD_CAMELLIA +src_libcyassl_la_SOURCES += ctaocrypt/src/camellia.c +endif + if BUILD_MD2 src_libcyassl_la_SOURCES += ctaocrypt/src/md2.c endif @@ -48,6 +103,10 @@ if BUILD_SHA512 src_libcyassl_la_SOURCES += ctaocrypt/src/sha512.c endif +if BUILD_BLAKE2 +src_libcyassl_la_SOURCES += ctaocrypt/src/blake2b.c +endif + if BUILD_SNIFFER src_libcyassl_la_SOURCES += src/sniffer.c endif @@ -56,13 +115,19 @@ if BUILD_HC128 src_libcyassl_la_SOURCES += ctaocrypt/src/hc128.c endif -if BUILD_NOINLINE +if BUILD_RABBIT +src_libcyassl_la_SOURCES += ctaocrypt/src/rabbit.c +endif + +if !BUILD_INLINE src_libcyassl_la_SOURCES += ctaocrypt/src/misc.c endif if BUILD_FASTMATH src_libcyassl_la_SOURCES += ctaocrypt/src/tfm.c -else +endif + +if BUILD_SLOWMATH src_libcyassl_la_SOURCES += ctaocrypt/src/integer.c endif @@ -78,8 +143,15 @@ if BUILD_CRL src_libcyassl_la_SOURCES += src/crl.c endif -if BUILD_CRL_MONITOR -src_libcyassl_la_CFLAGS += $(PTHREAD_CFLAGS) -src_libcyassl_la_LIBADD += $(PTHREAD_LIBS) +if BUILD_LIBZ +src_libcyassl_la_SOURCES += ctaocrypt/src/compress.c +endif + +if BUILD_PKCS7 +src_libcyassl_la_SOURCES += ctaocrypt/src/pkcs7.c +endif + +if BUILD_FIPS +src_libcyassl_la_SOURCES += ctaocrypt/src/wolfcrypt_last.c endif diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/internal.c b/FreeRTOS-Plus/Source/CyaSSL/src/internal.c index ff73e0bfd..a8b31df26 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/internal.c +++ b/FreeRTOS-Plus/Source/CyaSSL/src/internal.c @@ -1,6 +1,6 @@ /* internal.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,8 +24,10 @@ #include #endif +#include + #include -#include +#include #include #ifdef HAVE_LIBZ @@ -33,41 +35,63 @@ #endif #ifdef HAVE_NTRU - #include "crypto_ntru.h" + #include "ntru_crypto.h" #endif #if defined(DEBUG_CYASSL) || defined(SHOW_SECRETS) - #include + #ifdef FREESCALE_MQX + #include + #else + #include + #endif #endif #ifdef __sun #include #endif -#define TRUE 1 -#define FALSE 0 +#ifndef TRUE + #define TRUE 1 +#endif +#ifndef FALSE + #define FALSE 0 +#endif -#if defined(OPENSSL_EXTRA) && defined(NO_DH) - #error OPENSSL_EXTRA needs DH, please remove NO_DH +#if defined(CYASSL_CALLBACKS) && !defined(LARGE_STATIC_BUFFERS) + #error \ +CYASSL_CALLBACKS needs LARGE_STATIC_BUFFERS, please add LARGE_STATIC_BUFFERS #endif #ifndef NO_CYASSL_CLIENT - static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, word32*); + static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, word32*, + word32); static int DoServerHello(CYASSL* ssl, const byte* input, word32*, word32); - static int DoCertificateRequest(CYASSL* ssl, const byte* input, word32*); - static int DoServerKeyExchange(CYASSL* ssl, const byte* input, word32*); + static int DoServerKeyExchange(CYASSL* ssl, const byte* input, word32*, + word32); + #ifndef NO_CERTS + static int DoCertificateRequest(CYASSL* ssl, const byte* input, word32*, + word32); + #endif #endif #ifndef NO_CYASSL_SERVER - static int DoClientHello(CYASSL* ssl, const byte* input, word32*, word32, - word32); - static int DoCertificateVerify(CYASSL* ssl, byte*, word32*, word32); - static int DoClientKeyExchange(CYASSL* ssl, byte* input, word32*); + static int DoClientHello(CYASSL* ssl, const byte* input, word32*, word32); + static int DoClientKeyExchange(CYASSL* ssl, byte* input, word32*, word32); + #if !defined(NO_RSA) || defined(HAVE_ECC) + static int DoCertificateVerify(CYASSL* ssl, byte*, word32*, word32); + #endif +#endif + + +#ifdef CYASSL_DTLS + static INLINE int DtlsCheckWindow(DtlsState* state); + static INLINE int DtlsUpdateWindow(DtlsState* state); #endif + typedef enum { doProcessInit = 0, #ifndef NO_CYASSL_SERVER @@ -78,11 +102,18 @@ typedef enum { runProcessingOneMessage } processReply; -static void Hmac(CYASSL* ssl, byte* digest, const byte* buffer, word32 sz, - int content, int verify); +#ifndef NO_OLD_TLS +static int SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, + int content, int verify); + +#endif -static void BuildCertHashes(CYASSL* ssl, Hashes* hashes); +#ifndef NO_CERTS +static int BuildCertHashes(CYASSL* ssl, Hashes* hashes); +#endif +static void PickHashSigAlgo(CYASSL* ssl, + const byte* hashSigAlgo, word32 hashSigAlgoSz); #ifndef min @@ -107,6 +138,8 @@ int IsAtLeastTLSv1_2(const CYASSL* ssl) { if (ssl->version.major == SSLv3_MAJOR && ssl->version.minor >=TLSv1_2_MINOR) return 1; + if (ssl->version.major == DTLS_MAJOR && ssl->version.minor <= DTLSv1_2_MINOR) + return 1; return 0; } @@ -119,21 +152,14 @@ static byte GetEntropy(ENTROPY_CMD cmd, byte* out) /* TODO: add locking? */ static RNG rng; - if (cmd == INIT) { - int ret = InitRng(&rng); - if (ret == 0) - return 1; - else - return 0; - } + if (cmd == INIT) + return (InitRng(&rng) == 0) ? 1 : 0; if (out == NULL) return 0; - if (cmd == GET_BYTE_OF_ENTROPY) { - RNG_GenerateBlock(&rng, out, 1); - return 1; - } + if (cmd == GET_BYTE_OF_ENTROPY) + return (RNG_GenerateBlock(&rng, out, 1) == 0) ? 1 : 0; if (cmd == GET_NUM_BYTES_PER_BYTE_OF_ENTROPY) { *out = 1; @@ -190,7 +216,6 @@ static INLINE void c32toa(word32 u32, byte* c) /* convert a 24 bit integer into a 32 bit one */ static INLINE void c24to32(const word24 u24, word32* u32) { - *u32 = 0; *u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2]; } @@ -198,8 +223,7 @@ static INLINE void c24to32(const word24 u24, word32* u32) /* convert opaque to 16 bit integer */ static INLINE void ato16(const byte* c, word16* u16) { - *u16 = 0; - *u16 = (c[0] << 8) | (c[1]); + *u16 = (word16) ((c[0] << 8) | (c[1])); } @@ -208,7 +232,6 @@ static INLINE void ato16(const byte* c, word16* u16) /* convert opaque to 32 bit integer */ static INLINE void ato32(const byte* c, word32* u32) { - *u32 = 0; *u32 = (c[0] << 24) | (c[1] << 16) | (c[2] << 8) | c[3]; } @@ -264,10 +287,10 @@ static INLINE void ato32(const byte* c, word32* u32) /* compress in to out, return out size or error */ - static int Compress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz) + static int myCompress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz) { int err; - int currTotal = ssl->c_stream.total_out; + int currTotal = (int)ssl->c_stream.total_out; ssl->c_stream.next_in = in; ssl->c_stream.avail_in = inSz; @@ -277,15 +300,15 @@ static INLINE void ato32(const byte* c, word32* u32) err = deflate(&ssl->c_stream, Z_SYNC_FLUSH); if (err != Z_OK && err != Z_STREAM_END) return ZLIB_COMPRESS_ERROR; - return ssl->c_stream.total_out - currTotal; + return (int)ssl->c_stream.total_out - currTotal; } /* decompress in to out, returnn out size or error */ - static int DeCompress(CYASSL* ssl, byte* in, int inSz, byte* out, int outSz) + static int myDeCompress(CYASSL* ssl, byte* in,int inSz, byte* out,int outSz) { int err; - int currTotal = ssl->d_stream.total_out; + int currTotal = (int)ssl->d_stream.total_out; ssl->d_stream.next_in = in; ssl->d_stream.avail_in = inSz; @@ -295,7 +318,7 @@ static INLINE void ato32(const byte* c, word32* u32) err = inflate(&ssl->d_stream, Z_SYNC_FLUSH); if (err != Z_OK && err != Z_STREAM_END) return ZLIB_DECOMPRESS_ERROR; - return ssl->d_stream.total_out - currTotal; + return (int)ssl->d_stream.total_out - currTotal; } #endif /* HAVE_LIBZ */ @@ -304,7 +327,7 @@ static INLINE void ato32(const byte* c, word32* u32) void InitSSL_Method(CYASSL_METHOD* method, ProtocolVersion pv) { method->version = pv; - method->side = CLIENT_END; + method->side = CYASSL_CLIENT_END; method->downgrade = 0; } @@ -314,11 +337,13 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method) { ctx->method = method; ctx->refCount = 1; /* so either CTX_free or SSL_free can release */ +#ifndef NO_CERTS ctx->certificate.buffer = 0; ctx->certChain.buffer = 0; ctx->privateKey.buffer = 0; ctx->serverDH_P.buffer = 0; ctx->serverDH_G.buffer = 0; +#endif ctx->haveDH = 0; ctx->haveNTRU = 0; /* start off */ ctx->haveECDSAsig = 0; /* start off */ @@ -334,7 +359,7 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method) ctx->eccTempKeySz = ECDHE_SIZE; #endif -#ifdef OPENSSL_EXTRA +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) ctx->passwd_cb = 0; ctx->userdata = 0; #endif /* OPENSSL_EXTRA */ @@ -344,29 +369,45 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method) #ifndef CYASSL_USER_IO ctx->CBIORecv = EmbedReceive; ctx->CBIOSend = EmbedSend; + #ifdef CYASSL_DTLS + if (method->version.major == DTLS_MAJOR) { + ctx->CBIORecv = EmbedReceiveFrom; + ctx->CBIOSend = EmbedSendTo; + ctx->CBIOCookie = EmbedGenerateCookie; + } + #endif #else /* user will set */ - ctx->CBIORecv = NULL; - ctx->CBIOSend = NULL; + ctx->CBIORecv = NULL; + ctx->CBIOSend = NULL; + #ifdef CYASSL_DTLS + ctx->CBIOCookie = NULL; + #endif +#endif /* CYASSL_USER_IO */ +#ifdef HAVE_NETX + ctx->CBIORecv = NetX_Receive; + ctx->CBIOSend = NetX_Send; #endif ctx->partialWrite = 0; ctx->verifyCallback = 0; +#ifndef NO_CERTS ctx->cm = CyaSSL_CertManagerNew(); +#endif #ifdef HAVE_NTRU - if (method->side == CLIENT_END) + if (method->side == CYASSL_CLIENT_END) ctx->haveNTRU = 1; /* always on cliet side */ /* server can turn on by loading key */ #endif #ifdef HAVE_ECC - if (method->side == CLIENT_END) { + if (method->side == CYASSL_CLIENT_END) { ctx->haveECDSAsig = 1; /* always on cliet side */ ctx->haveStaticECC = 1; /* server can turn on by loading key */ } #endif ctx->suites.setSuites = 0; /* user hasn't set yet */ /* remove DH later if server didn't set, add psk later */ - InitSuites(&ctx->suites, method->version, TRUE, FALSE, ctx->haveNTRU, + InitSuites(&ctx->suites, method->version, TRUE, FALSE, TRUE, ctx->haveNTRU, ctx->haveECDSAsig, ctx->haveStaticECC, method->side); ctx->verifyPeer = 0; ctx->verifyNone = 0; @@ -376,18 +417,39 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method) ctx->sendVerify = 0; ctx->quietShutdown = 0; ctx->groupMessages = 0; -#ifdef HAVE_OCSP - CyaSSL_OCSP_Init(&ctx->ocsp); +#ifdef HAVE_CAVIUM + ctx->devId = NO_CAVIUM_DEVICE; +#endif +#ifdef HAVE_TLS_EXTENSIONS + ctx->extensions = NULL; +#endif +#ifdef ATOMIC_USER + ctx->MacEncryptCb = NULL; + ctx->DecryptVerifyCb = NULL; #endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + ctx->EccSignCb = NULL; + ctx->EccVerifyCb = NULL; + #endif /* HAVE_ECC */ + #ifndef NO_RSA + ctx->RsaSignCb = NULL; + ctx->RsaVerifyCb = NULL; + ctx->RsaEncCb = NULL; + ctx->RsaDecCb = NULL; + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ if (InitMutex(&ctx->countMutex) < 0) { CYASSL_MSG("Mutex error on CTX init"); - return BAD_MUTEX_ERROR; + return BAD_MUTEX_E; } +#ifndef NO_CERTS if (ctx->cm == NULL) { CYASSL_MSG("Bad Cert Manager New"); return BAD_CERT_MANAGER_ERROR; } +#endif return 0; } @@ -395,17 +457,18 @@ int InitSSL_Ctx(CYASSL_CTX* ctx, CYASSL_METHOD* method) /* In case contexts are held in array and don't want to free actual ctx */ void SSL_CtxResourceFree(CYASSL_CTX* ctx) { + XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD); + +#ifndef NO_CERTS XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH); XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH); XFREE(ctx->privateKey.buffer, ctx->heap, DYNAMIC_TYPE_KEY); XFREE(ctx->certificate.buffer, ctx->heap, DYNAMIC_TYPE_CERT); XFREE(ctx->certChain.buffer, ctx->heap, DYNAMIC_TYPE_CERT); - XFREE(ctx->method, ctx->heap, DYNAMIC_TYPE_METHOD); - CyaSSL_CertManagerFree(ctx->cm); - -#ifdef HAVE_OCSP - CyaSSL_OCSP_Cleanup(&ctx->ocsp); +#endif +#ifdef HAVE_TLS_EXTENSIONS + TLSX_FreeAll(ctx->extensions); #endif } @@ -426,6 +489,7 @@ void FreeSSL_Ctx(CYASSL_CTX* ctx) if (doFree) { CYASSL_MSG("CTX ref count down to 0, doing full free"); SSL_CtxResourceFree(ctx); + FreeMutex(&ctx->countMutex); XFREE(ctx, ctx->heap, DYNAMIC_TYPE_CTX); } else { @@ -434,34 +498,150 @@ void FreeSSL_Ctx(CYASSL_CTX* ctx) } } - -void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, - byte haveNTRU, byte haveECDSAsig, byte haveStaticECC, int side) + +/* Set cipher pointers to null */ +void InitCiphers(CYASSL* ssl) +{ +#ifdef BUILD_ARC4 + ssl->encrypt.arc4 = NULL; + ssl->decrypt.arc4 = NULL; +#endif +#ifdef BUILD_DES3 + ssl->encrypt.des3 = NULL; + ssl->decrypt.des3 = NULL; +#endif +#ifdef BUILD_AES + ssl->encrypt.aes = NULL; + ssl->decrypt.aes = NULL; +#endif +#ifdef HAVE_CAMELLIA + ssl->encrypt.cam = NULL; + ssl->decrypt.cam = NULL; +#endif +#ifdef HAVE_HC128 + ssl->encrypt.hc128 = NULL; + ssl->decrypt.hc128 = NULL; +#endif +#ifdef BUILD_RABBIT + ssl->encrypt.rabbit = NULL; + ssl->decrypt.rabbit = NULL; +#endif + ssl->encrypt.setup = 0; + ssl->decrypt.setup = 0; +} + + +/* Free ciphers */ +void FreeCiphers(CYASSL* ssl) +{ + (void)ssl; +#ifdef BUILD_ARC4 + #ifdef HAVE_CAVIUM + if (ssl->devId != NO_CAVIUM_DEVICE) { + Arc4FreeCavium(ssl->encrypt.arc4); + Arc4FreeCavium(ssl->decrypt.arc4); + } + #endif + XFREE(ssl->encrypt.arc4, ssl->heap, DYNAMIC_TYPE_CIPHER); + XFREE(ssl->decrypt.arc4, ssl->heap, DYNAMIC_TYPE_CIPHER); +#endif +#ifdef BUILD_DES3 + #ifdef HAVE_CAVIUM + if (ssl->devId != NO_CAVIUM_DEVICE) { + Des3_FreeCavium(ssl->encrypt.des3); + Des3_FreeCavium(ssl->decrypt.des3); + } + #endif + XFREE(ssl->encrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER); + XFREE(ssl->decrypt.des3, ssl->heap, DYNAMIC_TYPE_CIPHER); +#endif +#ifdef BUILD_AES + #ifdef HAVE_CAVIUM + if (ssl->devId != NO_CAVIUM_DEVICE) { + AesFreeCavium(ssl->encrypt.aes); + AesFreeCavium(ssl->decrypt.aes); + } + #endif + XFREE(ssl->encrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER); + XFREE(ssl->decrypt.aes, ssl->heap, DYNAMIC_TYPE_CIPHER); +#endif +#ifdef HAVE_CAMELLIA + XFREE(ssl->encrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER); + XFREE(ssl->decrypt.cam, ssl->heap, DYNAMIC_TYPE_CIPHER); +#endif +#ifdef HAVE_HC128 + XFREE(ssl->encrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER); + XFREE(ssl->decrypt.hc128, ssl->heap, DYNAMIC_TYPE_CIPHER); +#endif +#ifdef BUILD_RABBIT + XFREE(ssl->encrypt.rabbit, ssl->heap, DYNAMIC_TYPE_CIPHER); + XFREE(ssl->decrypt.rabbit, ssl->heap, DYNAMIC_TYPE_CIPHER); +#endif +} + + +void InitCipherSpecs(CipherSpecs* cs) +{ + cs->bulk_cipher_algorithm = INVALID_BYTE; + cs->cipher_type = INVALID_BYTE; + cs->mac_algorithm = INVALID_BYTE; + cs->kea = INVALID_BYTE; + cs->sig_algo = INVALID_BYTE; + + cs->hash_size = 0; + cs->static_ecdh = 0; + cs->key_size = 0; + cs->iv_size = 0; + cs->block_size = 0; +} + + +void InitSuites(Suites* suites, ProtocolVersion pv, byte haveRSA, byte havePSK, + byte haveDH, byte haveNTRU, byte haveECDSAsig, + byte haveStaticECC, int side) { word16 idx = 0; int tls = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_MINOR; int tls1_2 = pv.major == SSLv3_MAJOR && pv.minor >= TLSv1_2_MINOR; - int haveRSA = 1; int haveRSAsig = 1; (void)tls; /* shut up compiler */ + (void)tls1_2; (void)haveDH; (void)havePSK; (void)haveNTRU; (void)haveStaticECC; + if (suites == NULL) { + CYASSL_MSG("InitSuites pointer error"); + return; + } + if (suites->setSuites) return; /* trust user settings, don't override */ - if (side == SERVER_END && haveStaticECC) + if (side == CYASSL_SERVER_END && haveStaticECC) { haveRSA = 0; /* can't do RSA with ECDSA key */ + (void)haveRSA; /* some builds won't read */ + } - if (side == SERVER_END && haveECDSAsig) - haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */ + if (side == CYASSL_SERVER_END && haveECDSAsig) { + haveRSAsig = 0; /* can't have RSA sig if signed by ECDSA */ + (void)haveRSAsig; /* non ecc builds won't read */ + } #ifdef CYASSL_DTLS - if (pv.major == DTLS_MAJOR && pv.minor == DTLS_MINOR) - tls = 1; + if (pv.major == DTLS_MAJOR) { + tls = 1; + tls1_2 = pv.minor <= DTLSv1_2_MINOR; + } +#endif + +#ifdef HAVE_RENEGOTIATION_INDICATION + if (side == CYASSL_CLIENT_END) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_EMPTY_RENEGOTIATION_INFO_SCSV; + } #endif #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA @@ -492,15 +672,71 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, } #endif +#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + if (tls1_2 && haveRSAsig) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + if (tls1_2 && haveECDSAsig) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + if (tls1_2 && haveRSAsig && haveStaticECC) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + if (tls1_2 && haveECDSAsig && haveStaticECC) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + if (tls1_2 && haveRSAsig) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384; + } +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + if (tls1_2 && haveECDSAsig) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384; + } +#endif + +#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + if (tls1_2 && haveRSAsig && haveStaticECC) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384; + } +#endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + if (tls1_2 && haveECDSAsig && haveStaticECC) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384; + } +#endif + #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 - if (tls1_2 && haveStaticECC) { + if (tls1_2 && haveECDSAsig) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384; } #endif #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA - if (tls && haveStaticECC) { + if (tls && haveECDSAsig) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA; } @@ -521,14 +757,14 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, #endif #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 - if (tls1_2 && haveStaticECC) { + if (tls1_2 && haveECDSAsig) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256; } #endif #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA - if (tls && haveStaticECC) { + if (tls && haveECDSAsig) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA; } @@ -549,7 +785,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, #endif #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA - if (tls && haveStaticECC) { + if (tls && haveECDSAsig) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_RC4_128_SHA; } @@ -563,7 +799,7 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, #endif #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA - if (tls && haveStaticECC) { + if (tls && haveECDSAsig) { suites->suites[idx++] = ECC_BYTE; suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA; } @@ -667,6 +903,34 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, } #endif +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + if (tls1_2 && haveECDSAsig) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8; + } +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 + if (tls1_2 && haveECDSAsig) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8 + if (tls1_2 && haveRSA) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_RSA_WITH_AES_128_CCM_8; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8 + if (tls1_2 && haveRSA) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_RSA_WITH_AES_256_CCM_8; + } +#endif + #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 if (tls1_2 && haveDH && haveRSA) { suites->suites[idx++] = 0; @@ -744,6 +1008,34 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, } #endif +#ifdef BUILD_TLS_RSA_WITH_NULL_SHA + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_NULL_SHA; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256 + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_NULL_SHA256; + } +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + if (tls1_2 && haveDH && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_GCM_SHA384; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 + if (tls1_2 && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_PSK_WITH_AES_256_GCM_SHA384; + } +#endif + #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA if (tls && havePSK) { suites->suites[idx++] = 0; @@ -751,6 +1043,48 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, } #endif +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + if (tls && haveDH && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CBC_SHA384; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 + if (tls && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_PSK_WITH_AES_256_CBC_SHA384; + } +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + if (tls1_2 && haveDH && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_GCM_SHA256; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 + if (tls1_2 && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_PSK_WITH_AES_128_GCM_SHA256; + } +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + if (tls && haveDH && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 + if (tls && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_PSK_WITH_AES_128_CBC_SHA256; + } +#endif + #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA if (tls && havePSK) { suites->suites[idx++] = 0; @@ -758,6 +1092,83 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, } #endif +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM + if (tls && haveDH && havePSK) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_128_CCM; + } +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM + if (tls && haveDH && havePSK) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_DHE_PSK_WITH_AES_256_CCM; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM + if (tls && havePSK) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_PSK_WITH_AES_128_CCM; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM + if (tls && havePSK) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_PSK_WITH_AES_256_CCM; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8 + if (tls && havePSK) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_PSK_WITH_AES_128_CCM_8; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8 + if (tls && havePSK) { + suites->suites[idx++] = ECC_BYTE; + suites->suites[idx++] = TLS_PSK_WITH_AES_256_CCM_8; + } +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 + if (tls && haveDH && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA384; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384 + if (tls && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA384; + } +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 + if (tls && haveDH && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_PSK_WITH_NULL_SHA256; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 + if (tls && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA256; + } +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA + if (tls && havePSK) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_PSK_WITH_NULL_SHA; + } +#endif + #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA if (haveRSA ) { suites->suites[idx++] = 0; @@ -779,108 +1190,371 @@ void InitSuites(Suites* suites, ProtocolVersion pv, byte haveDH, byte havePSK, } #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_MD5 +#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5 if (tls && haveRSA) { suites->suites[idx++] = 0; - suites->suites[idx++] = TLS_RSA_WITH_HC_128_CBC_MD5; + suites->suites[idx++] = TLS_RSA_WITH_HC_128_MD5; } #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_SHA +#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA if (tls && haveRSA) { suites->suites[idx++] = 0; - suites->suites[idx++] = TLS_RSA_WITH_HC_128_CBC_SHA; + suites->suites[idx++] = TLS_RSA_WITH_HC_128_SHA; } #endif -#ifdef BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA +#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 if (tls && haveRSA) { suites->suites[idx++] = 0; - suites->suites[idx++] = TLS_RSA_WITH_RABBIT_CBC_SHA; + suites->suites[idx++] = TLS_RSA_WITH_HC_128_B2B256; } #endif - suites->suiteSz = idx; -} - +#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_AES_128_CBC_B2B256; + } +#endif -/* init everything to 0, NULL, default values before calling anything that may - fail so that desctructor has a "good" state to cleanup */ -int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) -{ - int ret; - byte havePSK = 0; +#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_AES_256_CBC_B2B256; + } +#endif - ssl->ctx = ctx; /* only for passing to calls, options could change */ - ssl->version = ctx->method->version; - ssl->suites = ctx->suites; +#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_RABBIT_SHA; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA; + } +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + if (tls && haveDH && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA; + } +#endif + +#ifdef BUILD_TLS_DHE_WITH_RSA_CAMELLIA_256_CBC_SHA + if (tls && haveDH && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + if (tls && haveDH && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + if (tls && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256; + } +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + if (tls && haveDH && haveRSA) { + suites->suites[idx++] = 0; + suites->suites[idx++] = TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256; + } +#endif + + suites->suiteSz = idx; + + { + idx = 0; + + if (haveECDSAsig) { + #ifdef CYASSL_SHA384 + suites->hashSigAlgo[idx++] = sha384_mac; + suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo; + #endif + #ifndef NO_SHA256 + suites->hashSigAlgo[idx++] = sha256_mac; + suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo; + #endif + #ifndef NO_SHA + suites->hashSigAlgo[idx++] = sha_mac; + suites->hashSigAlgo[idx++] = ecc_dsa_sa_algo; + #endif + } + + if (haveRSAsig) { + #ifdef CYASSL_SHA384 + suites->hashSigAlgo[idx++] = sha384_mac; + suites->hashSigAlgo[idx++] = rsa_sa_algo; + #endif + #ifndef NO_SHA256 + suites->hashSigAlgo[idx++] = sha256_mac; + suites->hashSigAlgo[idx++] = rsa_sa_algo; + #endif + #ifndef NO_SHA + suites->hashSigAlgo[idx++] = sha_mac; + suites->hashSigAlgo[idx++] = rsa_sa_algo; + #endif + } + + suites->hashSigAlgoSz = idx; + } +} + + +#ifndef NO_CERTS + + +void InitX509Name(CYASSL_X509_NAME* name, int dynamicFlag) +{ + (void)dynamicFlag; + + if (name != NULL) { + name->name = name->staticName; + name->dynamicName = 0; +#ifdef OPENSSL_EXTRA + XMEMSET(&name->fullName, 0, sizeof(DecodedName)); +#endif /* OPENSSL_EXTRA */ + } +} + + +void FreeX509Name(CYASSL_X509_NAME* name) +{ + if (name != NULL) { + if (name->dynamicName) + XFREE(name->name, NULL, DYNAMIC_TYPE_SUBJECT_CN); +#ifdef OPENSSL_EXTRA + if (name->fullName.fullName != NULL) + XFREE(name->fullName.fullName, NULL, DYNAMIC_TYPE_X509); +#endif /* OPENSSL_EXTRA */ + } +} + + +/* Initialize CyaSSL X509 type */ +void InitX509(CYASSL_X509* x509, int dynamicFlag) +{ + InitX509Name(&x509->issuer, 0); + InitX509Name(&x509->subject, 0); + x509->version = 0; + x509->pubKey.buffer = NULL; + x509->sig.buffer = NULL; + x509->derCert.buffer = NULL; + x509->altNames = NULL; + x509->altNamesNext = NULL; + x509->dynamicMemory = (byte)dynamicFlag; + x509->isCa = 0; +#ifdef HAVE_ECC + x509->pkCurveOID = 0; +#endif /* HAVE_ECC */ +#ifdef OPENSSL_EXTRA + x509->pathLength = 0; + x509->basicConstSet = 0; + x509->basicConstCrit = 0; + x509->basicConstPlSet = 0; + x509->subjAltNameSet = 0; + x509->subjAltNameCrit = 0; + x509->authKeyIdSet = 0; + x509->authKeyIdCrit = 0; + x509->authKeyId = NULL; + x509->authKeyIdSz = 0; + x509->subjKeyIdSet = 0; + x509->subjKeyIdCrit = 0; + x509->subjKeyId = NULL; + x509->subjKeyIdSz = 0; + x509->keyUsageSet = 0; + x509->keyUsageCrit = 0; + x509->keyUsage = 0; + #ifdef CYASSL_SEP + x509->certPolicySet = 0; + x509->certPolicyCrit = 0; + #endif /* CYASSL_SEP */ +#endif /* OPENSSL_EXTRA */ +} + + +/* Free CyaSSL X509 type */ +void FreeX509(CYASSL_X509* x509) +{ + if (x509 == NULL) + return; + + FreeX509Name(&x509->issuer); + FreeX509Name(&x509->subject); + if (x509->pubKey.buffer) + XFREE(x509->pubKey.buffer, NULL, DYNAMIC_TYPE_PUBLIC_KEY); + XFREE(x509->derCert.buffer, NULL, DYNAMIC_TYPE_SUBJECT_CN); + XFREE(x509->sig.buffer, NULL, DYNAMIC_TYPE_SIGNATURE); + #ifdef OPENSSL_EXTRA + XFREE(x509->authKeyId, NULL, 0); + XFREE(x509->subjKeyId, NULL, 0); + #endif /* OPENSSL_EXTRA */ + if (x509->altNames) + FreeAltNames(x509->altNames, NULL); + if (x509->dynamicMemory) + XFREE(x509, NULL, DYNAMIC_TYPE_X509); +} + +#endif /* NO_CERTS */ + + +/* init everything to 0, NULL, default values before calling anything that may + fail so that desctructor has a "good" state to cleanup */ +int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) +{ + int ret; + byte haveRSA = 0; + byte havePSK = 0; + + ssl->ctx = ctx; /* only for passing to calls, options could change */ + ssl->version = ctx->method->version; + ssl->suites = NULL; #ifdef HAVE_LIBZ ssl->didStreamInit = 0; #endif +#ifndef NO_RSA + haveRSA = 1; +#endif +#ifndef NO_CERTS ssl->buffers.certificate.buffer = 0; ssl->buffers.key.buffer = 0; ssl->buffers.certChain.buffer = 0; +#endif ssl->buffers.inputBuffer.length = 0; ssl->buffers.inputBuffer.idx = 0; ssl->buffers.inputBuffer.buffer = ssl->buffers.inputBuffer.staticBuffer; ssl->buffers.inputBuffer.bufferSize = STATIC_BUFFER_LEN; ssl->buffers.inputBuffer.dynamicFlag = 0; + ssl->buffers.inputBuffer.offset = 0; ssl->buffers.outputBuffer.length = 0; ssl->buffers.outputBuffer.idx = 0; ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer; ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN; ssl->buffers.outputBuffer.dynamicFlag = 0; + ssl->buffers.outputBuffer.offset = 0; ssl->buffers.domainName.buffer = 0; +#ifndef NO_CERTS ssl->buffers.serverDH_P.buffer = 0; ssl->buffers.serverDH_G.buffer = 0; ssl->buffers.serverDH_Pub.buffer = 0; ssl->buffers.serverDH_Priv.buffer = 0; +#endif ssl->buffers.clearOutputBuffer.buffer = 0; ssl->buffers.clearOutputBuffer.length = 0; ssl->buffers.prevSent = 0; ssl->buffers.plainSz = 0; +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + ssl->buffers.peerEccDsaKey.buffer = 0; + ssl->buffers.peerEccDsaKey.length = 0; + #endif /* HAVE_ECC */ + #ifndef NO_RSA + ssl->buffers.peerRsaKey.buffer = 0; + ssl->buffers.peerRsaKey.length = 0; + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ -#ifdef OPENSSL_EXTRA - ssl->peerCert.derCert.buffer = NULL; - ssl->peerCert.altNames = NULL; - ssl->peerCert.altNamesNext = NULL; +#ifdef KEEP_PEER_CERT + InitX509(&ssl->peerCert, 0); #endif #ifdef HAVE_ECC ssl->eccTempKeySz = ctx->eccTempKeySz; + ssl->pkCurveOID = ctx->pkCurveOID; ssl->peerEccKeyPresent = 0; ssl->peerEccDsaKeyPresent = 0; ssl->eccDsaKeyPresent = 0; ssl->eccTempKeyPresent = 0; - ecc_init(&ssl->peerEccKey); - ecc_init(&ssl->peerEccDsaKey); - ecc_init(&ssl->eccDsaKey); - ecc_init(&ssl->eccTempKey); + ssl->peerEccKey = NULL; + ssl->peerEccDsaKey = NULL; + ssl->eccDsaKey = NULL; + ssl->eccTempKey = NULL; #endif ssl->timeout = ctx->timeout; ssl->rfd = -1; /* set to invalid descriptor */ ssl->wfd = -1; + ssl->rflags = 0; /* no user flags yet */ + ssl->wflags = 0; /* no user flags yet */ ssl->biord = 0; ssl->biowr = 0; - ssl->IOCB_ReadCtx = &ssl->rfd; /* prevent invalid pointer acess if not */ - ssl->IOCB_WriteCtx = &ssl->wfd; /* correctly set */ + ssl->IOCB_ReadCtx = &ssl->rfd; /* prevent invalid pointer access if not */ + ssl->IOCB_WriteCtx = &ssl->wfd; /* correctly set */ +#ifdef HAVE_NETX + ssl->nxCtx.nxSocket = NULL; + ssl->nxCtx.nxPacket = NULL; + ssl->nxCtx.nxOffset = 0; + ssl->nxCtx.nxWait = 0; + ssl->IOCB_ReadCtx = &ssl->nxCtx; /* default NetX IO ctx, same for read */ + ssl->IOCB_WriteCtx = &ssl->nxCtx; /* and write */ +#endif +#ifdef CYASSL_DTLS + ssl->IOCB_CookieCtx = NULL; /* we don't use for default cb */ + ssl->dtls_expected_rx = MAX_MTU; + ssl->keys.dtls_state.window = 0; + ssl->keys.dtls_state.nextEpoch = 0; + ssl->keys.dtls_state.nextSeq = 0; +#endif +#ifndef NO_OLD_TLS +#ifndef NO_MD5 InitMd5(&ssl->hashMd5); - InitSha(&ssl->hashSha); +#endif +#ifndef NO_SHA + ret = InitSha(&ssl->hashSha); + if (ret != 0) { + return ret; + } +#endif +#endif #ifndef NO_SHA256 - InitSha256(&ssl->hashSha256); + ret = InitSha256(&ssl->hashSha256); + if (ret != 0) { + return ret; + } #endif #ifdef CYASSL_SHA384 - InitSha384(&ssl->hashSha384); + ret = InitSha384(&ssl->hashSha384); + if (ret != 0) { + return ret; + } #endif - InitRsaKey(&ssl->peerRsaKey, ctx->heap); - - ssl->verifyCallback = ctx->verifyCallback; +#ifndef NO_RSA + ssl->peerRsaKey = NULL; ssl->peerRsaKeyPresent = 0; +#endif + ssl->verifyCallback = ctx->verifyCallback; + ssl->verifyCbCtx = NULL; ssl->options.side = ctx->method->side; ssl->options.downgrade = ctx->method->downgrade; ssl->error = 0; @@ -889,14 +1563,15 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->options.closeNotify = 0; ssl->options.sentNotify = 0; ssl->options.usingCompression = 0; - if (ssl->options.side == SERVER_END) + if (ssl->options.side == CYASSL_SERVER_END) ssl->options.haveDH = ctx->haveDH; else ssl->options.haveDH = 0; ssl->options.haveNTRU = ctx->haveNTRU; ssl->options.haveECDSAsig = ctx->haveECDSAsig; ssl->options.haveStaticECC = ctx->haveStaticECC; - ssl->options.havePeerCert = 0; + ssl->options.havePeerCert = 0; + ssl->options.havePeerVerify = 0; ssl->options.usingPSK_cipher = 0; ssl->options.sendAlertState = 0; #ifndef NO_PSK @@ -914,14 +1589,24 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->options.processReply = doProcessInit; #ifdef CYASSL_DTLS - ssl->keys.dtls_sequence_number = 0; - ssl->keys.dtls_peer_sequence_number = 0; - ssl->keys.dtls_handshake_number = 0; - ssl->keys.dtls_epoch = 0; - ssl->keys.dtls_peer_epoch = 0; - ssl->arrays.cookieSz = 0; -#endif + ssl->keys.dtls_sequence_number = 0; + ssl->keys.dtls_state.curSeq = 0; + ssl->keys.dtls_state.nextSeq = 0; + ssl->keys.dtls_handshake_number = 0; + ssl->keys.dtls_expected_peer_handshake_number = 0; + ssl->keys.dtls_epoch = 0; + ssl->keys.dtls_state.curEpoch = 0; + ssl->keys.dtls_state.nextEpoch = 0; + ssl->dtls_timeout_init = DTLS_TIMEOUT_INIT; + ssl->dtls_timeout_max = DTLS_TIMEOUT_MAX; + ssl->dtls_timeout = ssl->dtls_timeout_init; + ssl->dtls_pool = NULL; + ssl->dtls_msg_list = NULL; +#endif + ssl->keys.encryptSz = 0; + ssl->keys.padSz = 0; ssl->keys.encryptionOn = 0; /* initially off */ + ssl->keys.decryptedCur = 0; /* initially off */ ssl->options.sessionCacheOff = ctx->sessionCacheOff; ssl->options.sessionCacheFlushOff = ctx->sessionCacheFlushOff; @@ -932,29 +1617,44 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->options.resuming = 0; ssl->options.haveSessionId = 0; - ssl->hmac = Hmac; /* default to SSLv3 */ + #ifndef NO_OLD_TLS + ssl->hmac = SSL_hmac; /* default to SSLv3 */ + #else + ssl->hmac = TLS_hmac; + #endif ssl->heap = ctx->heap; /* defaults to self */ ssl->options.tls = 0; ssl->options.tls1_1 = 0; - ssl->options.dtls = 0; + ssl->options.dtls = ssl->version.major == DTLS_MAJOR; ssl->options.partialWrite = ctx->partialWrite; ssl->options.quietShutdown = ctx->quietShutdown; ssl->options.certOnly = 0; ssl->options.groupMessages = ctx->groupMessages; + ssl->options.usingNonblock = 0; + ssl->options.saveArrays = 0; +#ifndef NO_CERTS /* ctx still owns certificate, certChain, key, dh, and cm */ ssl->buffers.certificate = ctx->certificate; ssl->buffers.certChain = ctx->certChain; ssl->buffers.key = ctx->privateKey; - if (ssl->options.side == SERVER_END) { + if (ssl->options.side == CYASSL_SERVER_END) { ssl->buffers.serverDH_P = ctx->serverDH_P; ssl->buffers.serverDH_G = ctx->serverDH_G; } - ssl->buffers.weOwnCert = 0; - ssl->buffers.weOwnKey = 0; - ssl->buffers.weOwnDH = 0; +#endif + ssl->buffers.weOwnCert = 0; + ssl->buffers.weOwnCertChain = 0; + ssl->buffers.weOwnKey = 0; + ssl->buffers.weOwnDH = 0; -#ifdef OPENSSL_EXTRA +#ifdef CYASSL_DTLS + ssl->buffers.dtlsCtx.fd = -1; + ssl->buffers.dtlsCtx.peer.sa = NULL; + ssl->buffers.dtlsCtx.peer.sz = 0; +#endif + +#ifdef KEEP_PEER_CERT ssl->peerCert.issuer.sz = 0; ssl->peerCert.subject.sz = 0; #endif @@ -963,6 +1663,10 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->session.chain.count = 0; #endif +#ifndef NO_CLIENT_CACHE + ssl->session.idLen = 0; +#endif + ssl->cipher.ssl = ssl; #ifdef FORTRESS @@ -976,43 +1680,160 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) ssl->toInfoOn = 0; #endif -#ifndef NO_PSK - ssl->arrays.client_identity[0] = 0; - if (ctx->server_hint[0]) { /* set in CTX */ - XSTRNCPY(ssl->arrays.server_hint, ctx->server_hint, MAX_PSK_ID_LEN); - ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = '\0'; - } - else - ssl->arrays.server_hint[0] = 0; -#endif /* NO_PSK */ +#ifdef HAVE_CAVIUM + ssl->devId = ctx->devId; +#endif + +#ifdef HAVE_TLS_EXTENSIONS + ssl->extensions = NULL; +#ifdef HAVE_MAX_FRAGMENT + ssl->max_fragment = MAX_RECORD_SIZE; +#endif +#ifdef HAVE_TRUNCATED_HMAC + ssl->truncated_hmac = 0; +#endif +#endif + + ssl->rng = NULL; + ssl->arrays = NULL; + + /* default alert state (none) */ + ssl->alert_history.last_rx.code = -1; + ssl->alert_history.last_rx.level = -1; + ssl->alert_history.last_tx.code = -1; + ssl->alert_history.last_tx.level = -1; + + InitCiphers(ssl); + InitCipherSpecs(&ssl->specs); +#ifdef ATOMIC_USER + ssl->MacEncryptCtx = NULL; + ssl->DecryptVerifyCtx = NULL; +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + ssl->EccSignCtx = NULL; + ssl->EccVerifyCtx = NULL; + #endif /* HAVE_ECC */ + #ifndef NO_RSA + ssl->RsaSignCtx = NULL; + ssl->RsaVerifyCtx = NULL; + ssl->RsaEncCtx = NULL; + ssl->RsaDecCtx = NULL; + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ /* all done with init, now can return errors, call other stuff */ /* increment CTX reference count */ if (LockMutex(&ctx->countMutex) != 0) { CYASSL_MSG("Couldn't lock CTX count mutex"); - return BAD_MUTEX_ERROR; + return BAD_MUTEX_E; } ctx->refCount++; UnLockMutex(&ctx->countMutex); - if ( (ret = InitRng(&ssl->rng)) != 0) + /* arrays */ + ssl->arrays = (Arrays*)XMALLOC(sizeof(Arrays), ssl->heap, + DYNAMIC_TYPE_ARRAYS); + if (ssl->arrays == NULL) { + CYASSL_MSG("Arrays Memory error"); + return MEMORY_E; + } + XMEMSET(ssl->arrays, 0, sizeof(Arrays)); + +#ifndef NO_PSK + ssl->arrays->client_identity[0] = 0; + if (ctx->server_hint[0]) { /* set in CTX */ + XSTRNCPY(ssl->arrays->server_hint, ctx->server_hint, MAX_PSK_ID_LEN); + ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0'; + } + else + ssl->arrays->server_hint[0] = 0; +#endif /* NO_PSK */ + +#ifdef CYASSL_DTLS + ssl->arrays->cookieSz = 0; +#endif + + /* RNG */ + ssl->rng = (RNG*)XMALLOC(sizeof(RNG), ssl->heap, DYNAMIC_TYPE_RNG); + if (ssl->rng == NULL) { + CYASSL_MSG("RNG Memory error"); + return MEMORY_E; + } + + if ( (ret = InitRng(ssl->rng)) != 0) { + CYASSL_MSG("RNG Init error"); return ret; + } + + /* suites */ + ssl->suites = (Suites*)XMALLOC(sizeof(Suites), ssl->heap, + DYNAMIC_TYPE_SUITES); + if (ssl->suites == NULL) { + CYASSL_MSG("Suites Memory error"); + return MEMORY_E; + } + *ssl->suites = ctx->suites; + /* peer key */ +#ifndef NO_RSA + ssl->peerRsaKey = (RsaKey*)XMALLOC(sizeof(RsaKey), ssl->heap, + DYNAMIC_TYPE_RSA); + if (ssl->peerRsaKey == NULL) { + CYASSL_MSG("PeerRsaKey Memory error"); + return MEMORY_E; + } + ret = InitRsaKey(ssl->peerRsaKey, ctx->heap); + if (ret != 0) return ret; +#endif +#ifndef NO_CERTS /* make sure server has cert and key unless using PSK */ - if (ssl->options.side == SERVER_END && !havePSK) + if (ssl->options.side == CYASSL_SERVER_END && !havePSK) if (!ssl->buffers.certificate.buffer || !ssl->buffers.key.buffer) { CYASSL_MSG("Server missing certificate and/or private key"); return NO_PRIVATE_KEY; } +#endif +#ifdef HAVE_ECC + ssl->peerEccKey = (ecc_key*)XMALLOC(sizeof(ecc_key), + ctx->heap, DYNAMIC_TYPE_ECC); + if (ssl->peerEccKey == NULL) { + CYASSL_MSG("PeerEccKey Memory error"); + return MEMORY_E; + } + ssl->peerEccDsaKey = (ecc_key*)XMALLOC(sizeof(ecc_key), + ctx->heap, DYNAMIC_TYPE_ECC); + if (ssl->peerEccDsaKey == NULL) { + CYASSL_MSG("PeerEccDsaKey Memory error"); + return MEMORY_E; + } + ssl->eccDsaKey = (ecc_key*)XMALLOC(sizeof(ecc_key), + ctx->heap, DYNAMIC_TYPE_ECC); + if (ssl->eccDsaKey == NULL) { + CYASSL_MSG("EccDsaKey Memory error"); + return MEMORY_E; + } + ssl->eccTempKey = (ecc_key*)XMALLOC(sizeof(ecc_key), + ctx->heap, DYNAMIC_TYPE_ECC); + if (ssl->eccTempKey == NULL) { + CYASSL_MSG("EccTempKey Memory error"); + return MEMORY_E; + } + ecc_init(ssl->peerEccKey); + ecc_init(ssl->peerEccDsaKey); + ecc_init(ssl->eccDsaKey); + ecc_init(ssl->eccTempKey); +#endif /* make sure server has DH parms, and add PSK if there, add NTRU too */ - if (ssl->options.side == SERVER_END) - InitSuites(&ssl->suites, ssl->version,ssl->options.haveDH, havePSK, - ssl->options.haveNTRU, ssl->options.haveECDSAsig, - ssl->options.haveStaticECC, ssl->options.side); + if (ssl->options.side == CYASSL_SERVER_END) + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveStaticECC, + ssl->options.side); else - InitSuites(&ssl->suites, ssl->version, TRUE, havePSK, + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, TRUE, ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveStaticECC, ssl->options.side); @@ -1020,33 +1841,69 @@ int InitSSL(CYASSL* ssl, CYASSL_CTX* ctx) } +/* free use of temporary arrays */ +void FreeArrays(CYASSL* ssl, int keep) +{ + if (ssl->arrays && keep) { + /* keeps session id for user retrieval */ + XMEMCPY(ssl->session.sessionID, ssl->arrays->sessionID, ID_LEN); + } + XFREE(ssl->arrays, ssl->heap, DYNAMIC_TYPE_ARRAYS); + ssl->arrays = NULL; +} + + /* In case holding SSL object in array and don't want to free actual ssl */ void SSL_ResourceFree(CYASSL* ssl) { + FreeCiphers(ssl); + FreeArrays(ssl, 0); + XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); + XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES); + XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN); + +#ifndef NO_CERTS XFREE(ssl->buffers.serverDH_Priv.buffer, ssl->heap, DYNAMIC_TYPE_DH); XFREE(ssl->buffers.serverDH_Pub.buffer, ssl->heap, DYNAMIC_TYPE_DH); /* parameters (p,g) may be owned by ctx */ - if (ssl->buffers.weOwnDH || ssl->options.side == CLIENT_END) { + if (ssl->buffers.weOwnDH || ssl->options.side == CYASSL_CLIENT_END) { XFREE(ssl->buffers.serverDH_G.buffer, ssl->heap, DYNAMIC_TYPE_DH); XFREE(ssl->buffers.serverDH_P.buffer, ssl->heap, DYNAMIC_TYPE_DH); } - XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN); - /* CYASSL_CTX always owns certChain */ if (ssl->buffers.weOwnCert) XFREE(ssl->buffers.certificate.buffer, ssl->heap, DYNAMIC_TYPE_CERT); + if (ssl->buffers.weOwnCertChain) + XFREE(ssl->buffers.certChain.buffer, ssl->heap, DYNAMIC_TYPE_CERT); if (ssl->buffers.weOwnKey) XFREE(ssl->buffers.key.buffer, ssl->heap, DYNAMIC_TYPE_KEY); - - FreeRsaKey(&ssl->peerRsaKey); +#endif +#ifndef NO_RSA + if (ssl->peerRsaKey) { + FreeRsaKey(ssl->peerRsaKey); + XFREE(ssl->peerRsaKey, ssl->heap, DYNAMIC_TYPE_RSA); + } +#endif if (ssl->buffers.inputBuffer.dynamicFlag) ShrinkInputBuffer(ssl, FORCED_FREE); if (ssl->buffers.outputBuffer.dynamicFlag) ShrinkOutputBuffer(ssl); +#ifdef CYASSL_DTLS + if (ssl->dtls_pool != NULL) { + DtlsPoolReset(ssl); + XFREE(ssl->dtls_pool, ssl->heap, DYNAMIC_TYPE_NONE); + } + if (ssl->dtls_msg_list != NULL) { + DtlsMsgListDelete(ssl->dtls_msg_list, ssl->heap); + ssl->dtls_msg_list = NULL; + } + XFREE(ssl->buffers.dtlsCtx.peer.sa, ssl->heap, DYNAMIC_TYPE_SOCKADDR); + ssl->buffers.dtlsCtx.peer.sa = NULL; +#endif +#if defined(KEEP_PEER_CERT) || defined(GOAHEAD_WS) + FreeX509(&ssl->peerCert); +#endif #if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) - XFREE(ssl->peerCert.derCert.buffer, ssl->heap, DYNAMIC_TYPE_CERT); - if (ssl->peerCert.altNames) - FreeAltNames(ssl->peerCert.altNames, ssl->heap); CyaSSL_BIO_free(ssl->biord); if (ssl->biord != ssl->biowr) /* in case same as write */ CyaSSL_BIO_free(ssl->biowr); @@ -1055,80 +1912,487 @@ void SSL_ResourceFree(CYASSL* ssl) FreeStreams(ssl); #endif #ifdef HAVE_ECC - ecc_free(&ssl->peerEccKey); - ecc_free(&ssl->peerEccDsaKey); - ecc_free(&ssl->eccTempKey); - ecc_free(&ssl->eccDsaKey); + if (ssl->peerEccKey) { + if (ssl->peerEccKeyPresent) + ecc_free(ssl->peerEccKey); + XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC); + } + if (ssl->peerEccDsaKey) { + if (ssl->peerEccDsaKeyPresent) + ecc_free(ssl->peerEccDsaKey); + XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC); + } + if (ssl->eccTempKey) { + if (ssl->eccTempKeyPresent) + ecc_free(ssl->eccTempKey); + XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC); + } + if (ssl->eccDsaKey) { + if (ssl->eccDsaKeyPresent) + ecc_free(ssl->eccDsaKey); + XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC); + } +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + XFREE(ssl->buffers.peerEccDsaKey.buffer, ssl->heap, DYNAMIC_TYPE_ECC); + #endif /* HAVE_ECC */ + #ifndef NO_RSA + XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA); + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ +#ifdef HAVE_TLS_EXTENSIONS + TLSX_FreeAll(ssl->extensions); +#endif +#ifdef HAVE_NETX + if (ssl->nxCtx.nxPacket) + nx_packet_release(ssl->nxCtx.nxPacket); #endif } -void FreeSSL(CYASSL* ssl) -{ - FreeSSL_Ctx(ssl->ctx); /* will decrement and free underyling CTX if 0 */ - SSL_ResourceFree(ssl); - XFREE(ssl, ssl->heap, DYNAMIC_TYPE_SSL); -} - - -ProtocolVersion MakeSSLv3(void) +/* Free any handshake resources no longer needed */ +void FreeHandshakeResources(CYASSL* ssl) { - ProtocolVersion pv; - pv.major = SSLv3_MAJOR; - pv.minor = SSLv3_MINOR; + /* input buffer */ + if (ssl->buffers.inputBuffer.dynamicFlag) + ShrinkInputBuffer(ssl, NO_FORCED_FREE); - return pv; -} + /* suites */ + XFREE(ssl->suites, ssl->heap, DYNAMIC_TYPE_SUITES); + ssl->suites = NULL; + /* RNG */ + if (ssl->specs.cipher_type == stream || ssl->options.tls1_1 == 0) { + XFREE(ssl->rng, ssl->heap, DYNAMIC_TYPE_RNG); + ssl->rng = NULL; + } #ifdef CYASSL_DTLS + /* DTLS_POOL */ + if (ssl->options.dtls && ssl->dtls_pool != NULL) { + DtlsPoolReset(ssl); + XFREE(ssl->dtls_pool, ssl->heap, DYNAMIC_TYPE_DTLS_POOL); + ssl->dtls_pool = NULL; + } +#endif -ProtocolVersion MakeDTLSv1(void) -{ - ProtocolVersion pv; - pv.major = DTLS_MAJOR; - pv.minor = DTLS_MINOR; - - return pv; -} - -#endif /* CYASSL_DTLS */ - - - + /* arrays */ + if (ssl->options.saveArrays) + FreeArrays(ssl, 1); -#ifdef USE_WINDOWS_API +#ifndef NO_RSA + /* peerRsaKey */ + if (ssl->peerRsaKey) { + FreeRsaKey(ssl->peerRsaKey); + XFREE(ssl->peerRsaKey, ssl->heap, DYNAMIC_TYPE_RSA); + ssl->peerRsaKey = NULL; + } +#endif - timer_d Timer(void) +#ifdef HAVE_ECC + if (ssl->peerEccKey) { - static int init = 0; - static LARGE_INTEGER freq; - LARGE_INTEGER count; - - if (!init) { - QueryPerformanceFrequency(&freq); - init = 1; + if (ssl->peerEccKeyPresent) { + ecc_free(ssl->peerEccKey); + ssl->peerEccKeyPresent = 0; } - - QueryPerformanceCounter(&count); - - return (double)count.QuadPart / freq.QuadPart; + XFREE(ssl->peerEccKey, ssl->heap, DYNAMIC_TYPE_ECC); + ssl->peerEccKey = NULL; } - - - word32 LowResTimer(void) + if (ssl->peerEccDsaKey) { - return (word32)Timer(); + if (ssl->peerEccDsaKeyPresent) { + ecc_free(ssl->peerEccDsaKey); + ssl->peerEccDsaKeyPresent = 0; + } + XFREE(ssl->peerEccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC); + ssl->peerEccDsaKey = NULL; } - - -#elif defined(THREADX) - - #include "rtptime.h" - - word32 LowResTimer(void) + if (ssl->eccTempKey) { - return (word32)rtp_get_system_sec(); + if (ssl->eccTempKeyPresent) { + ecc_free(ssl->eccTempKey); + ssl->eccTempKeyPresent = 0; + } + XFREE(ssl->eccTempKey, ssl->heap, DYNAMIC_TYPE_ECC); + ssl->eccTempKey = NULL; + } + if (ssl->eccDsaKey) + { + if (ssl->eccDsaKeyPresent) { + ecc_free(ssl->eccDsaKey); + ssl->eccDsaKeyPresent = 0; + } + XFREE(ssl->eccDsaKey, ssl->heap, DYNAMIC_TYPE_ECC); + ssl->eccDsaKey = NULL; + } +#endif +#ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + XFREE(ssl->buffers.peerEccDsaKey.buffer, ssl->heap, DYNAMIC_TYPE_ECC); + ssl->buffers.peerEccDsaKey.buffer = NULL; + #endif /* HAVE_ECC */ + #ifndef NO_RSA + XFREE(ssl->buffers.peerRsaKey.buffer, ssl->heap, DYNAMIC_TYPE_RSA); + ssl->buffers.peerRsaKey.buffer = NULL; + #endif /* NO_RSA */ +#endif /* HAVE_PK_CALLBACKS */ +} + + +void FreeSSL(CYASSL* ssl) +{ + FreeSSL_Ctx(ssl->ctx); /* will decrement and free underyling CTX if 0 */ + SSL_ResourceFree(ssl); + XFREE(ssl, ssl->heap, DYNAMIC_TYPE_SSL); +} + + +#ifdef CYASSL_DTLS + +int DtlsPoolInit(CYASSL* ssl) +{ + if (ssl->dtls_pool == NULL) { + DtlsPool *pool = (DtlsPool*)XMALLOC(sizeof(DtlsPool), + ssl->heap, DYNAMIC_TYPE_DTLS_POOL); + if (pool == NULL) { + CYASSL_MSG("DTLS Buffer Pool Memory error"); + return MEMORY_E; + } + else { + int i; + + for (i = 0; i < DTLS_POOL_SZ; i++) { + pool->buf[i].length = 0; + pool->buf[i].buffer = NULL; + } + pool->used = 0; + ssl->dtls_pool = pool; + } + } + return 0; +} + + +int DtlsPoolSave(CYASSL* ssl, const byte *src, int sz) +{ + DtlsPool *pool = ssl->dtls_pool; + if (pool != NULL && pool->used < DTLS_POOL_SZ) { + buffer *pBuf = &pool->buf[pool->used]; + pBuf->buffer = (byte*)XMALLOC(sz, ssl->heap, DYNAMIC_TYPE_DTLS_POOL); + if (pBuf->buffer == NULL) { + CYASSL_MSG("DTLS Buffer Memory error"); + return MEMORY_ERROR; + } + XMEMCPY(pBuf->buffer, src, sz); + pBuf->length = (word32)sz; + pool->used++; + } + return 0; +} + + +void DtlsPoolReset(CYASSL* ssl) +{ + DtlsPool *pool = ssl->dtls_pool; + if (pool != NULL) { + buffer *pBuf; + int i, used; + + used = pool->used; + for (i = 0, pBuf = &pool->buf[0]; i < used; i++, pBuf++) { + XFREE(pBuf->buffer, ssl->heap, DYNAMIC_TYPE_DTLS_POOL); + pBuf->buffer = NULL; + pBuf->length = 0; + } + pool->used = 0; + } + ssl->dtls_timeout = ssl->dtls_timeout_init; +} + + +int DtlsPoolTimeout(CYASSL* ssl) +{ + int result = -1; + if (ssl->dtls_timeout < ssl->dtls_timeout_max) { + ssl->dtls_timeout *= DTLS_TIMEOUT_MULTIPLIER; + result = 0; + } + return result; +} + + +int DtlsPoolSend(CYASSL* ssl) +{ + int ret; + DtlsPool *pool = ssl->dtls_pool; + + if (pool != NULL && pool->used > 0) { + int i; + for (i = 0; i < pool->used; i++) { + int sendResult; + buffer* buf = &pool->buf[i]; + + DtlsRecordLayerHeader* dtls = (DtlsRecordLayerHeader*)buf->buffer; + + word16 message_epoch; + ato16(dtls->epoch, &message_epoch); + if (message_epoch == ssl->keys.dtls_epoch) { + /* Increment record sequence number on retransmitted handshake + * messages */ + c32to48(ssl->keys.dtls_sequence_number, dtls->sequence_number); + ssl->keys.dtls_sequence_number++; + } + else { + /* The Finished message is sent with the next epoch, keep its + * sequence number */ + } + + if ((ret = CheckAvailableSize(ssl, buf->length)) != 0) + return ret; + + XMEMCPY(ssl->buffers.outputBuffer.buffer, buf->buffer, buf->length); + ssl->buffers.outputBuffer.idx = 0; + ssl->buffers.outputBuffer.length = buf->length; + + sendResult = SendBuffered(ssl); + if (sendResult < 0) { + return sendResult; + } + } + } + return 0; +} + + +/* functions for managing DTLS datagram reordering */ + +/* Need to allocate space for the handshake message header. The hashing + * routines assume the message pointer is still within the buffer that + * has the headers, and will include those headers in the hash. The store + * routines need to take that into account as well. New will allocate + * extra space for the headers. */ +DtlsMsg* DtlsMsgNew(word32 sz, void* heap) +{ + DtlsMsg* msg = NULL; + + msg = (DtlsMsg*)XMALLOC(sizeof(DtlsMsg), heap, DYNAMIC_TYPE_DTLS_MSG); + + if (msg != NULL) { + msg->buf = (byte*)XMALLOC(sz + DTLS_HANDSHAKE_HEADER_SZ, + heap, DYNAMIC_TYPE_NONE); + if (msg->buf != NULL) { + msg->next = NULL; + msg->seq = 0; + msg->sz = sz; + msg->fragSz = 0; + msg->msg = msg->buf + DTLS_HANDSHAKE_HEADER_SZ; + } + else { + XFREE(msg, heap, DYNAMIC_TYPE_DTLS_MSG); + msg = NULL; + } + } + + return msg; +} + +void DtlsMsgDelete(DtlsMsg* item, void* heap) +{ + (void)heap; + + if (item != NULL) { + if (item->buf != NULL) + XFREE(item->buf, heap, DYNAMIC_TYPE_NONE); + XFREE(item, heap, DYNAMIC_TYPE_DTLS_MSG); + } +} + + +void DtlsMsgListDelete(DtlsMsg* head, void* heap) +{ + DtlsMsg* next; + while (head) { + next = head->next; + DtlsMsgDelete(head, heap); + head = next; + } +} + + +void DtlsMsgSet(DtlsMsg* msg, word32 seq, const byte* data, byte type, + word32 fragOffset, word32 fragSz) +{ + if (msg != NULL && data != NULL && msg->fragSz <= msg->sz) { + msg->seq = seq; + msg->type = type; + msg->fragSz += fragSz; + /* If fragOffset is zero, this is either a full message that is out + * of order, or the first fragment of a fragmented message. Copy the + * handshake message header as well as the message data. */ + if (fragOffset == 0) + XMEMCPY(msg->buf, data - DTLS_HANDSHAKE_HEADER_SZ, + fragSz + DTLS_HANDSHAKE_HEADER_SZ); + else { + /* If fragOffet is non-zero, this is an additional fragment that + * needs to be copied to its location in the message buffer. Also + * copy the total size of the message over the fragment size. The + * hash routines look at a defragmented message if it had actually + * come across as a single handshake message. */ + XMEMCPY(msg->msg + fragOffset, data, fragSz); + c32to24(msg->sz, msg->msg - DTLS_HANDSHAKE_FRAG_SZ); + } + } +} + + +DtlsMsg* DtlsMsgFind(DtlsMsg* head, word32 seq) +{ + while (head != NULL && head->seq != seq) { + head = head->next; + } + return head; +} + + +DtlsMsg* DtlsMsgStore(DtlsMsg* head, word32 seq, const byte* data, + word32 dataSz, byte type, word32 fragOffset, word32 fragSz, void* heap) +{ + + /* See if seq exists in the list. If it isn't in the list, make + * a new item of size dataSz, copy fragSz bytes from data to msg->msg + * starting at offset fragOffset, and add fragSz to msg->fragSz. If + * the seq is in the list and it isn't full, copy fragSz bytes from + * data to msg->msg starting at offset fragOffset, and add fragSz to + * msg->fragSz. The new item should be inserted into the list in its + * proper position. + * + * 1. Find seq in list, or where seq should go in list. If seq not in + * list, create new item and insert into list. Either case, keep + * pointer to item. + * 2. If msg->fragSz + fragSz < sz, copy data to msg->msg at offset + * fragOffset. Add fragSz to msg->fragSz. + */ + + if (head != NULL) { + DtlsMsg* cur = DtlsMsgFind(head, seq); + if (cur == NULL) { + cur = DtlsMsgNew(dataSz, heap); + if (cur != NULL) { + DtlsMsgSet(cur, seq, data, type, fragOffset, fragSz); + head = DtlsMsgInsert(head, cur); + } + } + else { + DtlsMsgSet(cur, seq, data, type, fragOffset, fragSz); + } + } + else { + head = DtlsMsgNew(dataSz, heap); + DtlsMsgSet(head, seq, data, type, fragOffset, fragSz); + } + + return head; +} + + +/* DtlsMsgInsert() is an in-order insert. */ +DtlsMsg* DtlsMsgInsert(DtlsMsg* head, DtlsMsg* item) +{ + if (head == NULL || item->seq < head->seq) { + item->next = head; + head = item; + } + else if (head->next == NULL) { + head->next = item; + } + else { + DtlsMsg* cur = head->next; + DtlsMsg* prev = head; + while (cur) { + if (item->seq < cur->seq) { + item->next = cur; + prev->next = item; + break; + } + prev = cur; + cur = cur->next; + } + if (cur == NULL) { + prev->next = item; + } + } + + return head; +} + +#endif /* CYASSL_DTLS */ + +#ifndef NO_OLD_TLS + +ProtocolVersion MakeSSLv3(void) +{ + ProtocolVersion pv; + pv.major = SSLv3_MAJOR; + pv.minor = SSLv3_MINOR; + + return pv; +} + +#endif /* NO_OLD_TLS */ + + +#ifdef CYASSL_DTLS + +ProtocolVersion MakeDTLSv1(void) +{ + ProtocolVersion pv; + pv.major = DTLS_MAJOR; + pv.minor = DTLS_MINOR; + + return pv; +} + +ProtocolVersion MakeDTLSv1_2(void) +{ + ProtocolVersion pv; + pv.major = DTLS_MAJOR; + pv.minor = DTLSv1_2_MINOR; + + return pv; +} + +#endif /* CYASSL_DTLS */ + + + + +#ifdef USE_WINDOWS_API + + word32 LowResTimer(void) + { + static int init = 0; + static LARGE_INTEGER freq; + LARGE_INTEGER count; + + if (!init) { + QueryPerformanceFrequency(&freq); + init = 1; + } + + QueryPerformanceCounter(&count); + + return (word32)(count.QuadPart / freq.QuadPart); + } + +#elif defined(HAVE_RTP_SYS) + + #include "rtptime.h" + + word32 LowResTimer(void) + { + return (word32)rtp_get_system_sec(); } @@ -1144,8 +2408,49 @@ ProtocolVersion MakeDTLSv1(void) return (word32)clk; } -#elif defined(USER_TICKS) +#elif defined(MICROCHIP_TCPIP_V5) + + word32 LowResTimer(void) + { + return (word32) TickGet(); + } + + +#elif defined(MICROCHIP_TCPIP) + + #if defined(MICROCHIP_MPLAB_HARMONY) + + #include + + word32 LowResTimer(void) + { + return (word32) SYS_TMR_TickCountGet(); + } + + #else + + word32 LowResTimer(void) + { + return (word32) SYS_TICK_Get(); + } + + #endif + +#elif defined(FREESCALE_MQX) + + word32 LowResTimer(void) + { + TIME_STRUCT mqxTime; + + _time_get_elapsed(&mqxTime); + + return (word32) mqxTime.SECONDS; + } + + +#elif defined(USER_TICKS) +#if 0 word32 LowResTimer(void) { /* @@ -1153,14 +2458,14 @@ ProtocolVersion MakeDTLSv1(void) needs second accuracy but doesn't have to correlated to EPOCH */ } - -#else /* !USE_WINDOWS_API && !THREADX && !MICRIUM && !USER_TICKS */ +#endif +#else /* !USE_WINDOWS_API && !HAVE_RTP_SYS && !MICRIUM && !USER_TICKS */ #include word32 LowResTimer(void) { - return time(0); + return (word32)time(0); } @@ -1168,7 +2473,7 @@ ProtocolVersion MakeDTLSv1(void) /* add output to md5 and sha handshake hashes, exclude record header */ -static void HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz) +static int HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz) { const byte* adj = output + RECORD_HEADER_SZ + ivSz; sz -= RECORD_HEADER_SZ; @@ -1179,22 +2484,36 @@ static void HashOutput(CYASSL* ssl, const byte* output, int sz, int ivSz) sz -= DTLS_RECORD_EXTRA; } #endif - - Md5Update(&ssl->hashMd5, adj, sz); +#ifndef NO_OLD_TLS +#ifndef NO_SHA ShaUpdate(&ssl->hashSha, adj, sz); +#endif +#ifndef NO_MD5 + Md5Update(&ssl->hashMd5, adj, sz); +#endif +#endif + if (IsAtLeastTLSv1_2(ssl)) { + int ret; + #ifndef NO_SHA256 - Sha256Update(&ssl->hashSha256, adj, sz); + ret = Sha256Update(&ssl->hashSha256, adj, sz); + if (ret != 0) + return ret; #endif #ifdef CYASSL_SHA384 - Sha384Update(&ssl->hashSha384, adj, sz); + ret = Sha384Update(&ssl->hashSha384, adj, sz); + if (ret != 0) + return ret; #endif } + + return 0; } /* add input to md5 and sha handshake hashes, include handshake header */ -static void HashInput(CYASSL* ssl, const byte* input, int sz) +static int HashInput(CYASSL* ssl, const byte* input, int sz) { const byte* adj = input - HANDSHAKE_HEADER_SZ; sz += HANDSHAKE_HEADER_SZ; @@ -1206,16 +2525,31 @@ static void HashInput(CYASSL* ssl, const byte* input, int sz) } #endif - Md5Update(&ssl->hashMd5, adj, sz); +#ifndef NO_OLD_TLS +#ifndef NO_SHA ShaUpdate(&ssl->hashSha, adj, sz); +#endif +#ifndef NO_MD5 + Md5Update(&ssl->hashMd5, adj, sz); +#endif +#endif + if (IsAtLeastTLSv1_2(ssl)) { + int ret; + #ifndef NO_SHA256 - Sha256Update(&ssl->hashSha256, adj, sz); + ret = Sha256Update(&ssl->hashSha256, adj, sz); + if (ret != 0) + return ret; #endif #ifdef CYASSL_SHA384 - Sha384Update(&ssl->hashSha384, adj, sz); + ret = Sha384Update(&ssl->hashSha384, adj, sz); + if (ret != 0) + return ret; #endif } + + return 0; } @@ -1227,7 +2561,8 @@ static void AddRecordHeader(byte* output, word32 length, byte type, CYASSL* ssl) /* record layer header */ rl = (RecordLayerHeader*)output; rl->type = type; - rl->version = ssl->version; /* type and version same in each */ + rl->pvMajor = ssl->version.major; /* type and version same in each */ + rl->pvMinor = ssl->version.minor; if (!ssl->options.dtls) c16toa((word16)length, rl->length); @@ -1291,21 +2626,31 @@ static int Receive(CYASSL* ssl, byte* buf, word32 sz) { int recvd; + if (ssl->ctx->CBIORecv == NULL) { + CYASSL_MSG("Your IO Recv callback is null, please set"); + return -1; + } + retry: - recvd = ssl->ctx->CBIORecv((char *)buf, (int)sz, ssl->IOCB_ReadCtx); + recvd = ssl->ctx->CBIORecv(ssl, (char *)buf, (int)sz, ssl->IOCB_ReadCtx); if (recvd < 0) switch (recvd) { - case IO_ERR_GENERAL: /* general/unknown error */ + case CYASSL_CBIO_ERR_GENERAL: /* general/unknown error */ return -1; - case IO_ERR_WANT_READ: /* want read, would block */ + case CYASSL_CBIO_ERR_WANT_READ: /* want read, would block */ return WANT_READ; - case IO_ERR_CONN_RST: /* connection reset */ + case CYASSL_CBIO_ERR_CONN_RST: /* connection reset */ + #ifdef USE_WINDOWS_API + if (ssl->options.dtls) { + goto retry; + } + #endif ssl->options.connReset = 1; return -1; - case IO_ERR_ISR: /* interrupt */ + case CYASSL_CBIO_ERR_ISR: /* interrupt */ /* see if we got our timeout */ #ifdef CYASSL_CALLBACKS if (ssl->toInfoOn) { @@ -1322,10 +2667,18 @@ retry: #endif goto retry; - case IO_ERR_CONN_CLOSE: /* peer closed connection */ + case CYASSL_CBIO_ERR_CONN_CLOSE: /* peer closed connection */ ssl->options.isClosed = 1; return -1; + case CYASSL_CBIO_ERR_TIMEOUT: +#ifdef CYASSL_DTLS + if (DtlsPoolTimeout(ssl) == 0 && DtlsPoolSend(ssl) == 0) + goto retry; + else +#endif + return -1; + default: return recvd; } @@ -1338,10 +2691,12 @@ retry: void ShrinkOutputBuffer(CYASSL* ssl) { CYASSL_MSG("Shrinking output buffer\n"); - XFREE(ssl->buffers.outputBuffer.buffer, ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); + XFREE(ssl->buffers.outputBuffer.buffer - ssl->buffers.outputBuffer.offset, + ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); ssl->buffers.outputBuffer.buffer = ssl->buffers.outputBuffer.staticBuffer; ssl->buffers.outputBuffer.bufferSize = STATIC_BUFFER_LEN; ssl->buffers.outputBuffer.dynamicFlag = 0; + ssl->buffers.outputBuffer.offset = 0; } @@ -1361,10 +2716,12 @@ void ShrinkInputBuffer(CYASSL* ssl, int forcedFree) ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx, usedLength); - XFREE(ssl->buffers.inputBuffer.buffer, ssl->heap, DYNAMIC_TYPE_IN_BUFFER); + XFREE(ssl->buffers.inputBuffer.buffer - ssl->buffers.inputBuffer.offset, + ssl->heap, DYNAMIC_TYPE_IN_BUFFER); ssl->buffers.inputBuffer.buffer = ssl->buffers.inputBuffer.staticBuffer; ssl->buffers.inputBuffer.bufferSize = STATIC_BUFFER_LEN; ssl->buffers.inputBuffer.dynamicFlag = 0; + ssl->buffers.inputBuffer.offset = 0; ssl->buffers.inputBuffer.idx = 0; ssl->buffers.inputBuffer.length = usedLength; } @@ -1372,22 +2729,28 @@ void ShrinkInputBuffer(CYASSL* ssl, int forcedFree) int SendBuffered(CYASSL* ssl) { + if (ssl->ctx->CBIOSend == NULL) { + CYASSL_MSG("Your IO Send callback is null, please set"); + return SOCKET_ERROR_E; + } + while (ssl->buffers.outputBuffer.length > 0) { - int sent = ssl->ctx->CBIOSend((char*)ssl->buffers.outputBuffer.buffer + + int sent = ssl->ctx->CBIOSend(ssl, + (char*)ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.idx, (int)ssl->buffers.outputBuffer.length, ssl->IOCB_WriteCtx); if (sent < 0) { switch (sent) { - case IO_ERR_WANT_WRITE: /* would block */ + case CYASSL_CBIO_ERR_WANT_WRITE: /* would block */ return WANT_WRITE; - case IO_ERR_CONN_RST: /* connection reset */ + case CYASSL_CBIO_ERR_CONN_RST: /* connection reset */ ssl->options.connReset = 1; break; - case IO_ERR_ISR: /* interrupt */ + case CYASSL_CBIO_ERR_ISR: /* interrupt */ /* see if we got our timeout */ #ifdef CYASSL_CALLBACKS if (ssl->toInfoOn) { @@ -1404,8 +2767,8 @@ int SendBuffered(CYASSL* ssl) #endif continue; - case IO_ERR_CONN_CLOSE: /* epipe / conn closed, same as reset */ - ssl->options.connReset = 1; + case CYASSL_CBIO_ERR_CONN_CLOSE: /* epipe / conn closed */ + ssl->options.connReset = 1; /* treat same as reset */ break; default: @@ -1415,6 +2778,11 @@ int SendBuffered(CYASSL* ssl) return SOCKET_ERROR_E; } + if (sent > (int)ssl->buffers.outputBuffer.length) { + CYASSL_MSG("SendBuffered() out of bounds read"); + return SEND_OOB_READ_E; + } + ssl->buffers.outputBuffer.idx += sent; ssl->buffers.outputBuffer.length -= sent; } @@ -1431,20 +2799,40 @@ int SendBuffered(CYASSL* ssl) /* Grow the output buffer */ static INLINE int GrowOutputBuffer(CYASSL* ssl, int size) { - byte* tmp = (byte*) XMALLOC(size + ssl->buffers.outputBuffer.length, - ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); - CYASSL_MSG("growing output buffer\n"); - + byte* tmp; + byte hdrSz = ssl->options.dtls ? DTLS_RECORD_HEADER_SZ : + RECORD_HEADER_SZ; + byte align = CYASSL_GENERAL_ALIGNMENT; + /* the encrypted data will be offset from the front of the buffer by + the header, if the user wants encrypted alignment they need + to define their alignment requirement */ + + if (align) { + while (align < hdrSz) + align *= 2; + } + + tmp = (byte*) XMALLOC(size + ssl->buffers.outputBuffer.length + align, + ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); + CYASSL_MSG("growing output buffer\n"); + if (!tmp) return MEMORY_E; + if (align) + tmp += align - hdrSz; if (ssl->buffers.outputBuffer.length) XMEMCPY(tmp, ssl->buffers.outputBuffer.buffer, ssl->buffers.outputBuffer.length); if (ssl->buffers.outputBuffer.dynamicFlag) - XFREE(ssl->buffers.outputBuffer.buffer, ssl->heap, + XFREE(ssl->buffers.outputBuffer.buffer - + ssl->buffers.outputBuffer.offset, ssl->heap, DYNAMIC_TYPE_OUT_BUFFER); ssl->buffers.outputBuffer.dynamicFlag = 1; + if (align) + ssl->buffers.outputBuffer.offset = align - hdrSz; + else + ssl->buffers.outputBuffer.offset = 0; ssl->buffers.outputBuffer.buffer = tmp; ssl->buffers.outputBuffer.bufferSize = size + ssl->buffers.outputBuffer.length; @@ -1453,22 +2841,41 @@ static INLINE int GrowOutputBuffer(CYASSL* ssl, int size) /* Grow the input buffer, should only be to read cert or big app data */ -static INLINE int GrowInputBuffer(CYASSL* ssl, int size, int usedLength) +int GrowInputBuffer(CYASSL* ssl, int size, int usedLength) { - byte* tmp = (byte*) XMALLOC(size + usedLength, ssl->heap, - DYNAMIC_TYPE_IN_BUFFER); + byte* tmp; + byte hdrSz = DTLS_RECORD_HEADER_SZ; + byte align = ssl->options.dtls ? CYASSL_GENERAL_ALIGNMENT : 0; + /* the encrypted data will be offset from the front of the buffer by + the dtls record header, if the user wants encrypted alignment they need + to define their alignment requirement. in tls we read record header + to get size of record and put actual data back at front, so don't need */ + + if (align) { + while (align < hdrSz) + align *= 2; + } + tmp = (byte*) XMALLOC(size + usedLength + align, ssl->heap, + DYNAMIC_TYPE_IN_BUFFER); CYASSL_MSG("growing input buffer\n"); if (!tmp) return MEMORY_E; + if (align) + tmp += align - hdrSz; if (usedLength) XMEMCPY(tmp, ssl->buffers.inputBuffer.buffer + ssl->buffers.inputBuffer.idx, usedLength); if (ssl->buffers.inputBuffer.dynamicFlag) - XFREE(ssl->buffers.inputBuffer.buffer,ssl->heap,DYNAMIC_TYPE_IN_BUFFER); + XFREE(ssl->buffers.inputBuffer.buffer - ssl->buffers.inputBuffer.offset, + ssl->heap,DYNAMIC_TYPE_IN_BUFFER); ssl->buffers.inputBuffer.dynamicFlag = 1; + if (align) + ssl->buffers.inputBuffer.offset = align - hdrSz; + else + ssl->buffers.inputBuffer.offset = 0; ssl->buffers.inputBuffer.buffer = tmp; ssl->buffers.inputBuffer.bufferSize = size + usedLength; ssl->buffers.inputBuffer.idx = 0; @@ -1478,8 +2885,8 @@ static INLINE int GrowInputBuffer(CYASSL* ssl, int size, int usedLength) } -/* check avalaible size into output buffer, make room if needed */ -static INLINE int CheckAvalaibleSize(CYASSL *ssl, int size) +/* check available size into output buffer, make room if needed */ +int CheckAvailableSize(CYASSL *ssl, int size) { if (ssl->buffers.outputBuffer.bufferSize - ssl->buffers.outputBuffer.length < (word32)size) { @@ -1490,6 +2897,7 @@ static INLINE int CheckAvalaibleSize(CYASSL *ssl, int size) return 0; } + /* do all verify and sanity checks on record header */ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, RecordLayerHeader* rh, word16 *size) @@ -1504,8 +2912,9 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, /* type and version in same sport */ XMEMCPY(rh, input + *inOutIdx, ENUM_LEN + VERSION_SZ); *inOutIdx += ENUM_LEN + VERSION_SZ; - *inOutIdx += 4; /* skip epoch and first 2 seq bytes for now */ - ato32(input + *inOutIdx, &ssl->keys.dtls_peer_sequence_number); + ato16(input + *inOutIdx, &ssl->keys.dtls_state.curEpoch); + *inOutIdx += 4; /* advance past epoch, skip first 2 seq bytes for now */ + ato32(input + *inOutIdx, &ssl->keys.dtls_state.curSeq); *inOutIdx += 4; /* advance past rest of seq */ ato16(input + *inOutIdx, size); *inOutIdx += LENGTH_SZ; @@ -1513,14 +2922,13 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, } /* catch version mismatch */ - if (rh->version.major != ssl->version.major || - rh->version.minor != ssl->version.minor) { - - if (ssl->options.side == SERVER_END && + if (rh->pvMajor != ssl->version.major || rh->pvMinor != ssl->version.minor){ + if (ssl->options.side == CYASSL_SERVER_END && ssl->options.acceptState == ACCEPT_BEGIN) CYASSL_MSG("Client attempting to connect with different version"); - else if (ssl->options.side == CLIENT_END && ssl->options.downgrade && - ssl->options.connectState < FIRST_REPLY_DONE) + else if (ssl->options.side == CYASSL_CLIENT_END && + ssl->options.downgrade && + ssl->options.connectState < FIRST_REPLY_DONE) CYASSL_MSG("Server attempting to accept with different version"); else { CYASSL_MSG("SSL version error"); @@ -1528,12 +2936,24 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, } } +#ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if (DtlsCheckWindow(&ssl->keys.dtls_state) != 1) + return SEQUENCE_ERROR; + } +#endif + /* record layer length check */ +#ifdef HAVE_MAX_FRAGMENT + if (*size > (ssl->max_fragment + MAX_COMP_EXTRA + MAX_MSG_EXTRA)) + return LENGTH_ERROR; +#else if (*size > (MAX_RECORD_SIZE + MAX_COMP_EXTRA + MAX_MSG_EXTRA)) return LENGTH_ERROR; +#endif /* verify record type here as well */ - switch ((enum ContentType)rh->type) { + switch (rh->type) { case handshake: case change_cipher_spec: case application_data: @@ -1545,6 +2965,9 @@ static int GetRecordHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, return UNKNOWN_RECORD_TYPE; } + /* haven't decrypted this record yet */ + ssl->keys.decryptedCur = 0; + return 0; } @@ -1556,11 +2979,6 @@ static int GetHandShakeHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, (void)ssl; *inOutIdx += HANDSHAKE_HEADER_SZ; -#ifdef CYASSL_DTLS - if (ssl->options.dtls) - *inOutIdx += DTLS_HANDSHAKE_EXTRA; -#endif - *type = ptr[0]; c24to32(&ptr[1], size); @@ -1568,6 +2986,32 @@ static int GetHandShakeHeader(CYASSL* ssl, const byte* input, word32* inOutIdx, } +#ifdef CYASSL_DTLS +static int GetDtlsHandShakeHeader(CYASSL* ssl, const byte* input, + word32* inOutIdx, byte *type, word32 *size, + word32 *fragOffset, word32 *fragSz) +{ + word32 idx = *inOutIdx; + + *inOutIdx += HANDSHAKE_HEADER_SZ + DTLS_HANDSHAKE_EXTRA; + + *type = input[idx++]; + c24to32(input + idx, size); + idx += BYTE3_LEN; + + ato16(input + idx, &ssl->keys.dtls_peer_handshake_number); + idx += DTLS_HANDSHAKE_SEQ_SZ; + + c24to32(input + idx, fragOffset); + idx += DTLS_HANDSHAKE_FRAG_SZ; + c24to32(input + idx, fragSz); + + return 0; +} +#endif + + +#ifndef NO_OLD_TLS /* fill with MD5 pad size since biggest required */ static const byte PAD1[PAD_MD5] = { 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, 0x36, @@ -1593,12 +3037,12 @@ static void BuildMD5(CYASSL* ssl, Hashes* hashes, const byte* sender) /* make md5 inner */ Md5Update(&ssl->hashMd5, sender, SIZEOF_SENDER); - Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); + Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, PAD1, PAD_MD5); Md5Final(&ssl->hashMd5, md5_result); /* make md5 outer */ - Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); + Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, PAD2, PAD_MD5); Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE); @@ -1613,907 +3057,2355 @@ static void BuildSHA(CYASSL* ssl, Hashes* hashes, const byte* sender) /* make sha inner */ ShaUpdate(&ssl->hashSha, sender, SIZEOF_SENDER); - ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); + ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); ShaFinal(&ssl->hashSha, sha_result); /* make sha outer */ - ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); + ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); ShaFinal(&ssl->hashSha, hashes->sha); } +#endif -static void BuildFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) +static int BuildFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) { /* store current states, building requires get_digest which resets state */ +#ifndef NO_OLD_TLS +#ifndef NO_MD5 Md5 md5 = ssl->hashMd5; +#endif +#ifndef NO_SHA Sha sha = ssl->hashSha; -#ifndef NO_SHA256 - Sha256 sha256; #endif -#ifdef CYASSL_SHA384 - Sha384 sha384; #endif - #ifndef NO_SHA256 - InitSha256(&sha256); - if (IsAtLeastTLSv1_2(ssl)) - sha256 = ssl->hashSha256; + Sha256 sha256 = ssl->hashSha256; #endif #ifdef CYASSL_SHA384 - InitSha384(&sha384); - if (IsAtLeastTLSv1_2(ssl)) - sha384 = ssl->hashSha384; + Sha384 sha384 = ssl->hashSha384; #endif - if (ssl->options.tls) - BuildTlsFinished(ssl, hashes, sender); - else { + int ret = 0; + +#ifndef NO_TLS + if (ssl->options.tls) { + ret = BuildTlsFinished(ssl, hashes, sender); + } +#endif +#ifndef NO_OLD_TLS + if (!ssl->options.tls) { BuildMD5(ssl, hashes, sender); BuildSHA(ssl, hashes, sender); } +#endif /* restore */ - ssl->hashMd5 = md5; +#ifndef NO_OLD_TLS + #ifndef NO_MD5 + ssl->hashMd5 = md5; + #endif + #ifndef NO_SHA ssl->hashSha = sha; + #endif +#endif if (IsAtLeastTLSv1_2(ssl)) { -#ifndef NO_SHA256 + #ifndef NO_SHA256 ssl->hashSha256 = sha256; -#endif -#ifdef CYASSL_SHA384 + #endif + #ifdef CYASSL_SHA384 ssl->hashSha384 = sha384; -#endif + #endif } + + return ret; } -static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx) -{ - word32 listSz, i = *inOutIdx; - int ret = 0; - int anyError = 0; - int totalCerts = 0; /* number of certs in certs buffer */ - int count; - char domain[ASN_NAME_MAX]; - buffer certs[MAX_CHAIN_DEPTH]; + /* cipher requirements */ + enum { + REQUIRES_RSA, + REQUIRES_DHE, + REQUIRES_ECC_DSA, + REQUIRES_ECC_STATIC, + REQUIRES_PSK, + REQUIRES_NTRU, + REQUIRES_RSA_SIG + }; - #ifdef CYASSL_CALLBACKS - if (ssl->hsInfoOn) AddPacketName("Certificate", &ssl->handShakeInfo); - if (ssl->toInfoOn) AddLateName("Certificate", &ssl->timeoutInfo); - #endif - c24to32(&input[i], &listSz); - i += CERT_HEADER_SZ; - CYASSL_MSG("Loading peer's cert chain"); - /* first put cert chain into buffer so can verify top down - we're sent bottom up */ - while (listSz) { - /* cert size */ - word32 certSz; - if (totalCerts >= MAX_CHAIN_DEPTH) - return MAX_CHAIN_ERROR; + /* Does this cipher suite (first, second) have the requirement + an ephemeral key exchange will still require the key for signing + the key exchange so ECHDE_RSA requires an rsa key thus rsa_kea */ + static int CipherRequires(byte first, byte second, int requirement) + { + /* ECC extensions */ + if (first == ECC_BYTE) { - c24to32(&input[i], &certSz); - i += CERT_HEADER_SZ; - - if (listSz > MAX_RECORD_SIZE || certSz > MAX_RECORD_SIZE) - return BUFFER_E; + switch (second) { - certs[totalCerts].length = certSz; - certs[totalCerts].buffer = input + i; +#ifndef NO_RSA + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; -#ifdef SESSION_CERTS - if (ssl->session.chain.count < MAX_CHAIN_DEPTH && - certSz < MAX_X509_SIZE) { - ssl->session.chain.certs[ssl->session.chain.count].length = certSz; - XMEMCPY(ssl->session.chain.certs[ssl->session.chain.count].buffer, - input + i, certSz); - ssl->session.chain.count++; - } else { - CYASSL_MSG("Couldn't store chain cert for session"); - } -#endif + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + break; - i += certSz; - listSz -= certSz + CERT_HEADER_SZ; +#ifndef NO_DES3 + case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; - totalCerts++; - CYASSL_MSG(" Put another cert into chain"); - } + case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + break; +#endif - count = totalCerts; +#ifndef NO_RC4 + case TLS_ECDHE_RSA_WITH_RC4_128_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; - /* verify up to peer's first */ - while (count > 1) { - buffer myCert = certs[count - 1]; - DecodedCert dCert; + case TLS_ECDH_RSA_WITH_RC4_128_SHA : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + break; +#endif +#endif /* NO_RSA */ - InitDecodedCert(&dCert, myCert.buffer, myCert.length, ssl->heap); - ret = ParseCertRelative(&dCert, CERT_TYPE, !ssl->options.verifyNone, - ssl->ctx->cm); - if (ret == 0 && dCert.isCA == 0) { - CYASSL_MSG("Chain cert is not a CA, not adding as one"); - } - else if (ret == 0 && ssl->options.verifyNone) { - CYASSL_MSG("Chain cert not verified by option, not adding as CA"); - } - else if (ret == 0 && !AlreadySigner(ssl->ctx->cm, dCert.subjectHash)) { - buffer add; - add.length = myCert.length; - add.buffer = (byte*)XMALLOC(myCert.length, ssl->heap, - DYNAMIC_TYPE_CA); - CYASSL_MSG("Adding CA from chain"); +#ifndef NO_DES3 + case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; - if (add.buffer == NULL) - return MEMORY_E; - XMEMCPY(add.buffer, myCert.buffer, myCert.length); + case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + break; +#endif +#ifndef NO_RC4 + case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; - ret = AddCA(ssl->ctx->cm, add, CYASSL_CHAIN_CA, - ssl->ctx->verifyPeer); - if (ret == 1) ret = 0; /* SSL_SUCCESS for external */ - } - else if (ret != 0) { - CYASSL_MSG("Failed to verify CA from chain"); - } - else { - CYASSL_MSG("Verified CA from chain and already had it"); - } + case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + break; +#endif +#ifndef NO_RSA + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; -#ifdef HAVE_CRL - if (ret == 0 && ssl->ctx->cm->crlEnabled && ssl->ctx->cm->crlCheckAll) { - CYASSL_MSG("Doing Non Leaf CRL check"); - ret = CheckCertCRL(ssl->ctx->cm->crl, &dCert); + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + break; +#endif - if (ret != 0) { - CYASSL_MSG("\tCRL check not ok"); - } - } -#endif /* HAVE_CRL */ + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; - if (ret != 0 && anyError == 0) - anyError = ret; /* save error from last time */ + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + break; - FreeDecodedCert(&dCert); - count--; - } + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; - /* peer's, may not have one if blank client cert sent by TLSv1.2 */ - if (count) { - buffer myCert = certs[0]; - DecodedCert dCert; - int fatal = 0; + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + break; - CYASSL_MSG("Veriying Peer's cert"); + case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; - InitDecodedCert(&dCert, myCert.buffer, myCert.length, ssl->heap); - ret = ParseCertRelative(&dCert, CERT_TYPE, !ssl->options.verifyNone, - ssl->ctx->cm); - if (ret == 0) { - CYASSL_MSG("Verified Peer's cert"); - fatal = 0; - } - else if (ret == ASN_PARSE_E) { - CYASSL_MSG("Got Peer cert ASN PARSE ERROR, fatal"); - fatal = 1; - } - else { - CYASSL_MSG("Failed to verify Peer's cert"); - if (ssl->verifyCallback) { - CYASSL_MSG("\tCallback override availalbe, will continue"); - fatal = 0; - } - else { - CYASSL_MSG("\tNo callback override availalbe, fatal"); - fatal = 1; - } - } - -#ifdef HAVE_OCSP - ret = CyaSSL_OCSP_Lookup_Cert(&ssl->ctx->ocsp, &dCert); - if (ret != 0) { - CYASSL_MSG("\tOCSP Lookup not ok"); - fatal = 0; - } -#endif + case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; -#ifdef HAVE_CRL - if (fatal == 0 && ssl->ctx->cm->crlEnabled) { - CYASSL_MSG("Doing Leaf CRL check"); - ret = CheckCertCRL(ssl->ctx->cm->crl, &dCert); + case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + break; - if (ret != 0) { - CYASSL_MSG("\tCRL check not ok"); - fatal = 0; - } - } -#endif /* HAVE_CRL */ + case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + break; -#ifdef OPENSSL_EXTRA - /* set X509 format for peer cert even if fatal */ - XSTRNCPY(ssl->peerCert.issuer.name, dCert.issuer, ASN_NAME_MAX); - ssl->peerCert.issuer.name[ASN_NAME_MAX - 1] = '\0'; - ssl->peerCert.issuer.sz = (int)XSTRLEN(ssl->peerCert.issuer.name) + 1; +#ifndef NO_RSA + case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + break; - XSTRNCPY(ssl->peerCert.subject.name, dCert.subject, ASN_NAME_MAX); - ssl->peerCert.subject.name[ASN_NAME_MAX - 1] = '\0'; - ssl->peerCert.subject.sz = (int)XSTRLEN(ssl->peerCert.subject.name) + 1; + case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : + if (requirement == REQUIRES_RSA) + return 1; + break; - XMEMCPY(ssl->peerCert.serial, dCert.serial, EXTERNAL_SERIAL_SIZE); - ssl->peerCert.serialSz = dCert.serialSz; - if (dCert.subjectCNLen < ASN_NAME_MAX) { - XMEMCPY(ssl->peerCert.subjectCN,dCert.subjectCN,dCert.subjectCNLen); - ssl->peerCert.subjectCN[dCert.subjectCNLen] = '\0'; - } - else - ssl->peerCert.subjectCN[0] = '\0'; + case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + break; - /* store cert for potential retrieval */ - ssl->peerCert.derCert.buffer = (byte*)XMALLOC(myCert.length, ssl->heap, - DYNAMIC_TYPE_CERT); - if (ssl->peerCert.derCert.buffer == NULL) { - ret = MEMORY_E; - fatal = 1; - } - else { - XMEMCPY(ssl->peerCert.derCert.buffer, myCert.buffer, myCert.length); - ssl->peerCert.derCert.length = myCert.length; - } + case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 : + if (requirement == REQUIRES_ECC_STATIC) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + break; - ssl->peerCert.altNames = dCert.altNames; - dCert.altNames = NULL; /* takes ownership */ - ssl->peerCert.altNamesNext = ssl->peerCert.altNames; /* index hint */ -#endif + case TLS_RSA_WITH_AES_128_CCM_8 : + case TLS_RSA_WITH_AES_256_CCM_8 : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + break; - if (fatal) { - FreeDecodedCert(&dCert); - ssl->error = ret; - return ret; - } - ssl->options.havePeerCert = 1; + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + break; - /* store for callback use */ - if (dCert.subjectCNLen < ASN_NAME_MAX) { - XMEMCPY(domain, dCert.subjectCN, dCert.subjectCNLen); - domain[dCert.subjectCNLen] = '\0'; - } - else - domain[0] = '\0'; + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 : + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 : + if (requirement == REQUIRES_RSA_SIG) + return 1; + if (requirement == REQUIRES_ECC_STATIC) + return 1; + break; +#endif - if (!ssl->options.verifyNone && ssl->buffers.domainName.buffer) - if (XSTRNCMP((char*)ssl->buffers.domainName.buffer, - dCert.subjectCN, - ssl->buffers.domainName.length - 1)) { - ret = DOMAIN_NAME_MISMATCH; /* try to get peer key still */ - } + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : + case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; - /* decode peer key */ - if (dCert.keyOID == RSAk) { - word32 idx = 0; - if (RsaPublicKeyDecode(dCert.publicKey, &idx, - &ssl->peerRsaKey, dCert.pubKeySize) != 0) { - ret = PEER_KEY_ERROR; - } - else - ssl->peerRsaKeyPresent = 1; - } -#ifdef HAVE_NTRU - else if (dCert.keyOID == NTRUk) { - if (dCert.pubKeySize > sizeof(ssl->peerNtruKey)) { - ret = PEER_KEY_ERROR; - } - else { - XMEMCPY(ssl->peerNtruKey, dCert.publicKey, dCert.pubKeySize); - ssl->peerNtruKeyLen = (word16)dCert.pubKeySize; - ssl->peerNtruKeyPresent = 1; - } - } -#endif /* HAVE_NTRU */ -#ifdef HAVE_ECC - else if (dCert.keyOID == ECDSAk) { - if (ecc_import_x963(dCert.publicKey, dCert.pubKeySize, - &ssl->peerEccDsaKey) != 0) { - ret = PEER_KEY_ERROR; - } - else - ssl->peerEccDsaKeyPresent = 1; - } -#endif /* HAVE_ECC */ + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 : + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 : + if (requirement == REQUIRES_ECC_DSA) + return 1; + break; - FreeDecodedCert(&dCert); - } - - if (anyError != 0 && ret == 0) - ret = anyError; + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 : + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 : + if (requirement == REQUIRES_ECC_DSA) + return 1; + if (requirement == REQUIRES_ECC_STATIC) + return 1; + break; - if (ret == 0 && ssl->options.side == CLIENT_END) - ssl->options.serverState = SERVER_CERT_COMPLETE; + case TLS_PSK_WITH_AES_128_CCM: + case TLS_PSK_WITH_AES_256_CCM: + case TLS_PSK_WITH_AES_128_CCM_8: + case TLS_PSK_WITH_AES_256_CCM_8: + if (requirement == REQUIRES_PSK) + return 1; + break; - if (ret != 0) { - if (!ssl->options.verifyNone) { - int why = bad_certificate; - if (ret == ASN_AFTER_DATE_E || ret == ASN_BEFORE_DATE_E) - why = certificate_expired; - if (ssl->verifyCallback) { - int ok; - CYASSL_X509_STORE_CTX store; + case TLS_DHE_PSK_WITH_AES_128_CCM: + case TLS_DHE_PSK_WITH_AES_256_CCM: + if (requirement == REQUIRES_PSK) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; - store.error = ret; - store.error_depth = totalCerts; - store.domain = domain; -#ifdef OPENSSL_EXTRA - store.current_cert = &ssl->peerCert; -#else - store.current_cert = NULL; -#endif -#ifdef FORTRESS - store.ex_data = ssl; -#endif - ok = ssl->verifyCallback(0, &store); - if (ok) { - CYASSL_MSG("Verify callback overriding error!"); - ret = 0; - } - } - if (ret != 0) { - SendAlert(ssl, alert_fatal, why); /* try to send */ - ssl->options.isClosed = 1; - } - } - ssl->error = ret; - } -#ifdef FORTRESS - else { - if (ssl->verifyCallback) { - int ok; - CYASSL_X509_STORE_CTX store; + default: + CYASSL_MSG("Unsupported cipher suite, CipherRequires ECC"); + return 0; + } /* switch */ + } /* if */ + if (first != ECC_BYTE) { /* normal suites */ + switch (second) { - store.error = ret; - store.error_depth = totalCerts; - store.domain = domain; - store.current_cert = &ssl->peerCert; - store.ex_data = ssl; +#ifndef NO_RSA + case SSL_RSA_WITH_RC4_128_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; - ok = ssl->verifyCallback(1, &store); - if (!ok) { - CYASSL_MSG("Verify callback overriding valid certificate!"); - ret = -1; - SendAlert(ssl, alert_fatal, bad_certificate); - ssl->options.isClosed = 1; - } - } - } -#endif + case TLS_NTRU_RSA_WITH_RC4_128_SHA : + if (requirement == REQUIRES_NTRU) + return 1; + break; - *inOutIdx = i; - return ret; -} + case SSL_RSA_WITH_RC4_128_MD5 : + if (requirement == REQUIRES_RSA) + return 1; + break; + case SSL_RSA_WITH_3DES_EDE_CBC_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; -static int DoHelloRequest(CYASSL* ssl, const byte* input, word32* inOutIdx) -{ - if (ssl->keys.encryptionOn) { - const byte* mac; - int padSz = ssl->keys.encryptSz - HANDSHAKE_HEADER_SZ - - ssl->specs.hash_size; - byte verify[SHA256_DIGEST_SIZE]; - - ssl->hmac(ssl, verify, input + *inOutIdx - HANDSHAKE_HEADER_SZ, - HANDSHAKE_HEADER_SZ, handshake, 1); - /* read mac and fill */ - mac = input + *inOutIdx; - *inOutIdx += ssl->specs.hash_size; + case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : + if (requirement == REQUIRES_NTRU) + return 1; + break; - if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) - padSz -= ssl->specs.block_size; + case TLS_RSA_WITH_AES_128_CBC_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; - *inOutIdx += padSz; + case TLS_RSA_WITH_AES_128_CBC_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + break; - /* verify */ - if (XMEMCMP(mac, verify, ssl->specs.hash_size)) { - CYASSL_MSG(" hello_request verify mac error"); - return VERIFY_MAC_ERROR; - } - } + case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : + if (requirement == REQUIRES_NTRU) + return 1; + break; - return SendAlert(ssl, alert_warning, no_renegotiation); -} + case TLS_RSA_WITH_AES_256_CBC_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; + case TLS_RSA_WITH_AES_256_CBC_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + break; -int DoFinished(CYASSL* ssl, const byte* input, word32* inOutIdx, int sniff) -{ - byte verifyMAC[SHA256_DIGEST_SIZE]; - int finishedSz = ssl->options.tls ? TLS_FINISHED_SZ : FINISHED_SZ; - int headerSz = HANDSHAKE_HEADER_SZ; - word32 macSz = finishedSz + HANDSHAKE_HEADER_SZ, - idx = *inOutIdx, - padSz = ssl->keys.encryptSz - HANDSHAKE_HEADER_SZ - finishedSz - - ssl->specs.hash_size; - const byte* mac; + case TLS_RSA_WITH_NULL_SHA : + case TLS_RSA_WITH_NULL_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + break; - #ifdef CYASSL_DTLS - if (ssl->options.dtls) { - headerSz += DTLS_HANDSHAKE_EXTRA; - macSz += DTLS_HANDSHAKE_EXTRA; - padSz -= DTLS_HANDSHAKE_EXTRA; - } - #endif + case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : + if (requirement == REQUIRES_NTRU) + return 1; + break; +#endif - #ifdef CYASSL_CALLBACKS - if (ssl->hsInfoOn) AddPacketName("Finished", &ssl->handShakeInfo); - if (ssl->toInfoOn) AddLateName("Finished", &ssl->timeoutInfo); - #endif - if (sniff == NO_SNIFF) { - if (XMEMCMP(input + idx, &ssl->verifyHashes, finishedSz)) { - CYASSL_MSG("Verify finished error on hashes"); - return VERIFY_FINISHED_ERROR; - } - } + case TLS_PSK_WITH_AES_128_GCM_SHA256 : + case TLS_PSK_WITH_AES_256_GCM_SHA384 : + case TLS_PSK_WITH_AES_128_CBC_SHA256 : + case TLS_PSK_WITH_AES_256_CBC_SHA384 : + case TLS_PSK_WITH_AES_128_CBC_SHA : + case TLS_PSK_WITH_AES_256_CBC_SHA : + case TLS_PSK_WITH_NULL_SHA384 : + case TLS_PSK_WITH_NULL_SHA256 : + case TLS_PSK_WITH_NULL_SHA : + if (requirement == REQUIRES_PSK) + return 1; + break; - if (ssl->specs.cipher_type != aead) { - ssl->hmac(ssl, verifyMAC, input + idx - headerSz, macSz, - handshake, 1); - idx += finishedSz; + case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 : + case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 : + case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 : + case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 : + case TLS_DHE_PSK_WITH_NULL_SHA384 : + case TLS_DHE_PSK_WITH_NULL_SHA256 : + if (requirement == REQUIRES_DHE) + return 1; + if (requirement == REQUIRES_PSK) + return 1; + break; - /* read mac and fill */ - mac = input + idx; - idx += ssl->specs.hash_size; +#ifndef NO_RSA + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; - if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) - padSz -= ssl->specs.block_size; + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; - idx += padSz; + case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; - /* verify mac */ - if (XMEMCMP(mac, verifyMAC, ssl->specs.hash_size)) { - CYASSL_MSG("Verify finished error on mac"); - return VERIFY_MAC_ERROR; - } - } - else { - idx += (finishedSz + AEAD_AUTH_TAG_SZ); - } + case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; - if (ssl->options.side == CLIENT_END) { - ssl->options.serverState = SERVER_FINISHED_COMPLETE; - if (!ssl->options.resuming) - ssl->options.handShakeState = HANDSHAKE_DONE; - } - else { - ssl->options.clientState = CLIENT_FINISHED_COMPLETE; - if (ssl->options.resuming) - ssl->options.handShakeState = HANDSHAKE_DONE; - } + case TLS_RSA_WITH_HC_128_MD5 : + if (requirement == REQUIRES_RSA) + return 1; + break; - *inOutIdx = idx; - return 0; -} + case TLS_RSA_WITH_HC_128_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; + case TLS_RSA_WITH_HC_128_B2B256: + if (requirement == REQUIRES_RSA) + return 1; + break; -static int DoHandShakeMsg(CYASSL* ssl, byte* input, word32* inOutIdx, - word32 totalSz) -{ - byte type; - word32 size; - int ret = 0; + case TLS_RSA_WITH_AES_128_CBC_B2B256: + case TLS_RSA_WITH_AES_256_CBC_B2B256: + if (requirement == REQUIRES_RSA) + return 1; + break; - CYASSL_ENTER("DoHandShakeMsg()"); + case TLS_RSA_WITH_RABBIT_SHA : + if (requirement == REQUIRES_RSA) + return 1; + break; - if (GetHandShakeHeader(ssl, input, inOutIdx, &type, &size) != 0) - return PARSE_ERROR; + case TLS_RSA_WITH_AES_128_GCM_SHA256 : + case TLS_RSA_WITH_AES_256_GCM_SHA384 : + if (requirement == REQUIRES_RSA) + return 1; + break; - if (*inOutIdx + size > totalSz) - return INCOMPLETE_DATA; - - HashInput(ssl, input + *inOutIdx, size); -#ifdef CYASSL_CALLBACKS - /* add name later, add on record and handshake header part back on */ - if (ssl->toInfoOn) { - int add = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; - AddPacketInfo(0, &ssl->timeoutInfo, input + *inOutIdx - add, - size + add, ssl->heap); - AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo); - } + case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 : + case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; + + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + break; + + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + if (requirement == REQUIRES_RSA) + return 1; + if (requirement == REQUIRES_RSA_SIG) + return 1; + if (requirement == REQUIRES_DHE) + return 1; + break; #endif - switch (type) { + default: + CYASSL_MSG("Unsupported cipher suite, CipherRequires"); + return 0; + } /* switch */ + } /* if ECC / Normal suites else */ - case hello_request: - CYASSL_MSG("processing hello request"); - ret = DoHelloRequest(ssl, input, inOutIdx); - break; + return 0; + } -#ifndef NO_CYASSL_CLIENT - case hello_verify_request: - CYASSL_MSG("processing hello verify request"); - ret = DoHelloVerifyRequest(ssl, input,inOutIdx); - break; - - case server_hello: - CYASSL_MSG("processing server hello"); - ret = DoServerHello(ssl, input, inOutIdx, size); - break; - case certificate_request: - CYASSL_MSG("processing certificate request"); - ret = DoCertificateRequest(ssl, input, inOutIdx); - break; +#ifndef NO_CERTS - case server_key_exchange: - CYASSL_MSG("processing server key exchange"); - ret = DoServerKeyExchange(ssl, input, inOutIdx); - break; -#endif - case certificate: - CYASSL_MSG("processing certificate"); - ret = DoCertificate(ssl, input, inOutIdx); - break; +/* Match names with wildcards, each wildcard can represent a single name + component or fragment but not mulitple names, i.e., + *.z.com matches y.z.com but not x.y.z.com - case server_hello_done: - CYASSL_MSG("processing server hello done"); - #ifdef CYASSL_CALLBACKS - if (ssl->hsInfoOn) - AddPacketName("ServerHelloDone", &ssl->handShakeInfo); - if (ssl->toInfoOn) - AddLateName("ServerHelloDone", &ssl->timeoutInfo); - #endif - ssl->options.serverState = SERVER_HELLODONE_COMPLETE; - break; + return 1 on success */ +static int MatchDomainName(const char* pattern, int len, const char* str) +{ + char p, s; - case finished: - CYASSL_MSG("processing finished"); - ret = DoFinished(ssl, input, inOutIdx, NO_SNIFF); - break; + if (pattern == NULL || str == NULL || len <= 0) + return 0; -#ifndef NO_CYASSL_SERVER - case client_hello: - CYASSL_MSG("processing client hello"); - ret = DoClientHello(ssl, input, inOutIdx, totalSz, size); - break; + while (len > 0) { - case client_key_exchange: - CYASSL_MSG("processing client key exchange"); - ret = DoClientKeyExchange(ssl, input, inOutIdx); - break; + p = (char)XTOLOWER(*pattern++); + if (p == 0) + break; - case certificate_verify: - CYASSL_MSG("processing certificate verify"); - ret = DoCertificateVerify(ssl, input, inOutIdx, totalSz); - break; + if (p == '*') { + while (--len > 0 && (p = (char)XTOLOWER(*pattern++)) == '*') + ; -#endif + if (len == 0) + p = '\0'; - default: - CYASSL_MSG("Unknown handshake message type"); - ret = UNKNOWN_HANDSHAKE_TYPE; + while ( (s = (char)XTOLOWER(*str)) != '\0') { + if (s == p) + break; + if (s == '.') + return 0; + str++; + } + } + else { + if (p != (char)XTOLOWER(*str)) + return 0; + } + + if (*str != '\0') + str++; + + if (len > 0) + len--; } - CYASSL_LEAVE("DoHandShakeMsg()", ret); - return ret; + return *str == '\0'; } -static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify) +/* try to find an altName match to domain, return 1 on success */ +static int CheckAltNames(DecodedCert* dCert, char* domain) { - if (verify) - return ssl->keys.peer_sequence_number++; - else - return ssl->keys.sequence_number++; -} + int match = 0; + DNS_entry* altName = NULL; + CYASSL_MSG("Checking AltNames"); -static INLINE void Encrypt(CYASSL* ssl, byte* out, const byte* input, word32 sz) -{ - switch (ssl->specs.bulk_cipher_algorithm) { - #ifdef BUILD_ARC4 - case rc4: - Arc4Process(&ssl->encrypt.arc4, out, input, sz); - break; - #endif + if (dCert) + altName = dCert->altNames; - #ifdef BUILD_DES3 - case triple_des: - Des3_CbcEncrypt(&ssl->encrypt.des3, out, input, sz); - break; - #endif + while (altName) { + CYASSL_MSG(" individual AltName check"); - #ifdef BUILD_AES - case aes: - #ifdef CYASSL_AESNI - if ((word)input % 16) { - byte buffer[MAX_RECORD_SIZE + MAX_COMP_EXTRA+MAX_MSG_EXTRA]; - XMEMCPY(buffer, input, sz); - AesCbcEncrypt(&ssl->encrypt.aes, buffer, buffer, sz); - XMEMCPY(out, buffer, sz); - break; - } - #endif - AesCbcEncrypt(&ssl->encrypt.aes, out, input, sz); - break; - #endif + if (MatchDomainName(altName->name,(int)XSTRLEN(altName->name), domain)){ + match = 1; + break; + } - #ifdef BUILD_AESGCM - case aes_gcm: - { - byte additional[AES_BLOCK_SIZE]; + altName = altName->next; + } - XMEMSET(additional, 0, AES_BLOCK_SIZE); + return match; +} - /* sequence number field is 64-bits, we only use 32-bits */ - c32toa(GetSEQIncrement(ssl, 0), - additional + AEAD_SEQ_OFFSET); - /* Store the type, version. Unfortunately, they are in - * the input buffer ahead of the plaintext. */ - XMEMCPY(additional + AEAD_TYPE_OFFSET, input - 5, 3); +#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) - /* Store the length of the plain text minus the explicit - * IV length minus the authentication tag size. */ - c16toa(sz - AES_GCM_EXP_IV_SZ - AEAD_AUTH_TAG_SZ, - additional + AEAD_LEN_OFFSET); - AesGcmEncrypt(&ssl->encrypt.aes, - out + AES_GCM_EXP_IV_SZ, input + AES_GCM_EXP_IV_SZ, - sz - AES_GCM_EXP_IV_SZ - AEAD_AUTH_TAG_SZ, - out + sz - AEAD_AUTH_TAG_SZ, AEAD_AUTH_TAG_SZ, - additional, AEAD_AUTH_DATA_SZ); - AesGcmIncExpIV(&ssl->encrypt.aes); - } - break; - #endif +/* Copy parts X509 needs from Decoded cert, 0 on success */ +int CopyDecodedToX509(CYASSL_X509* x509, DecodedCert* dCert) +{ + int ret = 0; - #ifdef HAVE_HC128 - case hc128: - Hc128_Process(&ssl->encrypt.hc128, out, input, sz); - break; - #endif + if (x509 == NULL || dCert == NULL) + return BAD_FUNC_ARG; - #ifdef BUILD_RABBIT - case rabbit: - RabbitProcess(&ssl->encrypt.rabbit, out, input, sz); - break; - #endif + x509->version = dCert->version + 1; - default: - CYASSL_MSG("CyaSSL Encrypt programming error"); + XSTRNCPY(x509->issuer.name, dCert->issuer, ASN_NAME_MAX); + x509->issuer.name[ASN_NAME_MAX - 1] = '\0'; + x509->issuer.sz = (int)XSTRLEN(x509->issuer.name) + 1; +#ifdef OPENSSL_EXTRA + if (dCert->issuerName.fullName != NULL) { + XMEMCPY(&x509->issuer.fullName, + &dCert->issuerName, sizeof(DecodedName)); + x509->issuer.fullName.fullName = (char*)XMALLOC( + dCert->issuerName.fullNameLen, NULL, DYNAMIC_TYPE_X509); + if (x509->issuer.fullName.fullName != NULL) + XMEMCPY(x509->issuer.fullName.fullName, + dCert->issuerName.fullName, dCert->issuerName.fullNameLen); } -} +#endif /* OPENSSL_EXTRA */ + XSTRNCPY(x509->subject.name, dCert->subject, ASN_NAME_MAX); + x509->subject.name[ASN_NAME_MAX - 1] = '\0'; + x509->subject.sz = (int)XSTRLEN(x509->subject.name) + 1; +#ifdef OPENSSL_EXTRA + if (dCert->subjectName.fullName != NULL) { + XMEMCPY(&x509->subject.fullName, + &dCert->subjectName, sizeof(DecodedName)); + x509->subject.fullName.fullName = (char*)XMALLOC( + dCert->subjectName.fullNameLen, NULL, DYNAMIC_TYPE_X509); + if (x509->subject.fullName.fullName != NULL) + XMEMCPY(x509->subject.fullName.fullName, + dCert->subjectName.fullName, dCert->subjectName.fullNameLen); + } +#endif /* OPENSSL_EXTRA */ -static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, - word32 sz) -{ - switch (ssl->specs.bulk_cipher_algorithm) { - #ifdef BUILD_ARC4 - case rc4: - Arc4Process(&ssl->decrypt.arc4, plain, input, sz); - break; - #endif + XMEMCPY(x509->serial, dCert->serial, EXTERNAL_SERIAL_SIZE); + x509->serialSz = dCert->serialSz; + if (dCert->subjectCNLen < ASN_NAME_MAX) { + XMEMCPY(x509->subjectCN, dCert->subjectCN, dCert->subjectCNLen); + x509->subjectCN[dCert->subjectCNLen] = '\0'; + } + else + x509->subjectCN[0] = '\0'; - #ifdef BUILD_DES3 - case triple_des: - Des3_CbcDecrypt(&ssl->decrypt.des3, plain, input, sz); - break; - #endif - - #ifdef BUILD_AES - case aes: - AesCbcDecrypt(&ssl->decrypt.aes, plain, input, sz); - break; - #endif - - #ifdef BUILD_AESGCM - case aes_gcm: - { - byte additional[AES_BLOCK_SIZE]; +#ifdef CYASSL_SEP + { + int minSz = min(dCert->deviceTypeSz, EXTERNAL_SERIAL_SIZE); + if (minSz > 0) { + x509->deviceTypeSz = minSz; + XMEMCPY(x509->deviceType, dCert->deviceType, minSz); + } + else + x509->deviceTypeSz = 0; + minSz = min(dCert->hwTypeSz, EXTERNAL_SERIAL_SIZE); + if (minSz != 0) { + x509->hwTypeSz = minSz; + XMEMCPY(x509->hwType, dCert->hwType, minSz); + } + else + x509->hwTypeSz = 0; + minSz = min(dCert->hwSerialNumSz, EXTERNAL_SERIAL_SIZE); + if (minSz != 0) { + x509->hwSerialNumSz = minSz; + XMEMCPY(x509->hwSerialNum, dCert->hwSerialNum, minSz); + } + else + x509->hwSerialNumSz = 0; + } +#endif /* CYASSL_SEP */ + { + int minSz = min(dCert->beforeDateLen, MAX_DATE_SZ); + if (minSz != 0) { + x509->notBeforeSz = minSz; + XMEMCPY(x509->notBefore, dCert->beforeDate, minSz); + } + else + x509->notBeforeSz = 0; + minSz = min(dCert->afterDateLen, MAX_DATE_SZ); + if (minSz != 0) { + x509->notAfterSz = minSz; + XMEMCPY(x509->notAfter, dCert->afterDate, minSz); + } + else + x509->notAfterSz = 0; + } - AesGcmSetExpIV(&ssl->decrypt.aes, input); - XMEMSET(additional, 0, AES_BLOCK_SIZE); + if (dCert->publicKey != NULL && dCert->pubKeySize != 0) { + x509->pubKey.buffer = (byte*)XMALLOC( + dCert->pubKeySize, NULL, DYNAMIC_TYPE_PUBLIC_KEY); + if (x509->pubKey.buffer != NULL) { + x509->pubKeyOID = dCert->keyOID; + x509->pubKey.length = dCert->pubKeySize; + XMEMCPY(x509->pubKey.buffer, dCert->publicKey, dCert->pubKeySize); + } + else + ret = MEMORY_E; + } - /* sequence number field is 64-bits, we only use 32-bits */ - c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET); - - additional[AEAD_TYPE_OFFSET] = ssl->curRL.type; - additional[AEAD_VMAJ_OFFSET] = ssl->curRL.version.major; - additional[AEAD_VMIN_OFFSET] = ssl->curRL.version.minor; + if (dCert->signature != NULL && dCert->sigLength != 0) { + x509->sig.buffer = (byte*)XMALLOC( + dCert->sigLength, NULL, DYNAMIC_TYPE_SIGNATURE); + if (x509->sig.buffer == NULL) { + ret = MEMORY_E; + } + else { + XMEMCPY(x509->sig.buffer, dCert->signature, dCert->sigLength); + x509->sig.length = dCert->sigLength; + x509->sigOID = dCert->signatureOID; + } + } - c16toa(sz - AES_GCM_EXP_IV_SZ - AEAD_AUTH_TAG_SZ, - additional + AEAD_LEN_OFFSET); - if (AesGcmDecrypt(&ssl->decrypt.aes, - plain + AES_GCM_EXP_IV_SZ, - input + AES_GCM_EXP_IV_SZ, - sz - AES_GCM_EXP_IV_SZ - AEAD_AUTH_TAG_SZ, - input + sz - AEAD_AUTH_TAG_SZ, AEAD_AUTH_TAG_SZ, - additional, AEAD_AUTH_DATA_SZ) < 0) { - SendAlert(ssl, alert_fatal, bad_record_mac); - return VERIFY_MAC_ERROR; - } - break; - } - #endif + /* store cert for potential retrieval */ + x509->derCert.buffer = (byte*)XMALLOC(dCert->maxIdx, NULL, + DYNAMIC_TYPE_CERT); + if (x509->derCert.buffer == NULL) { + ret = MEMORY_E; + } + else { + XMEMCPY(x509->derCert.buffer, dCert->source, dCert->maxIdx); + x509->derCert.length = dCert->maxIdx; + } - #ifdef HAVE_HC128 - case hc128: - Hc128_Process(&ssl->decrypt.hc128, plain, input, sz); - break; - #endif + x509->altNames = dCert->altNames; + dCert->altNames = NULL; /* takes ownership */ + x509->altNamesNext = x509->altNames; /* index hint */ - #ifdef BUILD_RABBIT - case rabbit: - RabbitProcess(&ssl->decrypt.rabbit, plain, input, sz); - break; - #endif + x509->isCa = dCert->isCA; +#ifdef OPENSSL_EXTRA + x509->pathLength = dCert->pathLength; + x509->keyUsage = dCert->extKeyUsage; + + x509->basicConstSet = dCert->extBasicConstSet; + x509->basicConstCrit = dCert->extBasicConstCrit; + x509->basicConstPlSet = dCert->extBasicConstPlSet; + x509->subjAltNameSet = dCert->extSubjAltNameSet; + x509->subjAltNameCrit = dCert->extSubjAltNameCrit; + x509->authKeyIdSet = dCert->extAuthKeyIdSet; + x509->authKeyIdCrit = dCert->extAuthKeyIdCrit; + if (dCert->extAuthKeyIdSrc != NULL && dCert->extAuthKeyIdSz != 0) { + x509->authKeyId = (byte*)XMALLOC(dCert->extAuthKeyIdSz, NULL, 0); + if (x509->authKeyId != NULL) { + XMEMCPY(x509->authKeyId, + dCert->extAuthKeyIdSrc, dCert->extAuthKeyIdSz); + x509->authKeyIdSz = dCert->extAuthKeyIdSz; + } + else + ret = MEMORY_E; + } + x509->subjKeyIdSet = dCert->extSubjKeyIdSet; + x509->subjKeyIdCrit = dCert->extSubjKeyIdCrit; + if (dCert->extSubjKeyIdSrc != NULL && dCert->extSubjKeyIdSz != 0) { + x509->subjKeyId = (byte*)XMALLOC(dCert->extSubjKeyIdSz, NULL, 0); + if (x509->subjKeyId != NULL) { + XMEMCPY(x509->subjKeyId, + dCert->extSubjKeyIdSrc, dCert->extSubjKeyIdSz); + x509->subjKeyIdSz = dCert->extSubjKeyIdSz; + } + else + ret = MEMORY_E; + } + x509->keyUsageSet = dCert->extKeyUsageSet; + x509->keyUsageCrit = dCert->extKeyUsageCrit; + #ifdef CYASSL_SEP + x509->certPolicySet = dCert->extCertPolicySet; + x509->certPolicyCrit = dCert->extCertPolicyCrit; + #endif /* CYASSL_SEP */ +#endif /* OPENSSL_EXTRA */ +#ifdef HAVE_ECC + x509->pkCurveOID = dCert->pkCurveOID; +#endif /* HAVE_ECC */ - default: - CYASSL_MSG("CyaSSL Decrypt programming error"); - } - return 0; + return ret; } +#endif /* KEEP_PEER_CERT || SESSION_CERTS */ + -/* decrypt input message in place */ -static int DecryptMessage(CYASSL* ssl, byte* input, word32 sz, word32* idx) +static int DoCertificate(CYASSL* ssl, byte* input, word32* inOutIdx, + word32 size) { - int decryptResult = Decrypt(ssl, input, input, sz); + word32 listSz, begin = *inOutIdx; + int ret = 0; + int anyError = 0; + int totalCerts = 0; /* number of certs in certs buffer */ + int count; + char domain[ASN_NAME_MAX]; + buffer certs[MAX_CHAIN_DEPTH]; - if (decryptResult == 0) - { - ssl->keys.encryptSz = sz; - if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) - *idx += ssl->specs.block_size; /* go past TLSv1.1 IV */ - if (ssl->specs.cipher_type == aead) - *idx += AES_GCM_EXP_IV_SZ; - } + #ifdef CYASSL_CALLBACKS + if (ssl->hsInfoOn) AddPacketName("Certificate", &ssl->handShakeInfo); + if (ssl->toInfoOn) AddLateName("Certificate", &ssl->timeoutInfo); + #endif - return decryptResult; -} + if ((*inOutIdx - begin) + OPAQUE24_LEN > size) + return BUFFER_ERROR; + c24to32(input + *inOutIdx, &listSz); + *inOutIdx += OPAQUE24_LEN; -int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx) -{ - word32 msgSz = ssl->keys.encryptSz; - word32 pad = 0, - padByte = 0, - idx = *inOutIdx, - digestSz = ssl->specs.hash_size; - int dataSz; - int ivExtra = 0; - byte* rawData = input + idx; /* keep current for hmac */ -#ifdef HAVE_LIBZ - byte decomp[MAX_RECORD_SIZE + MAX_COMP_EXTRA]; +#ifdef HAVE_MAX_FRAGMENT + if (listSz > ssl->max_fragment) + return BUFFER_E; +#else + if (listSz > MAX_RECORD_SIZE) + return BUFFER_E; #endif - byte verify[SHA256_DIGEST_SIZE]; - const byte* mac; + if ((*inOutIdx - begin) + listSz != size) + return BUFFER_ERROR; - if (ssl->specs.cipher_type == block) { - if (ssl->options.tls1_1) - ivExtra = ssl->specs.block_size; - pad = *(input + idx + msgSz - ivExtra - 1); - padByte = 1; - } - if (ssl->specs.cipher_type == aead) { - ivExtra = AES_GCM_EXP_IV_SZ; - digestSz = AEAD_AUTH_TAG_SZ; - } + CYASSL_MSG("Loading peer's cert chain"); + /* first put cert chain into buffer so can verify top down + we're sent bottom up */ + while (listSz) { + word32 certSz; - dataSz = msgSz - ivExtra - digestSz - pad - padByte; - if (dataSz < 0) { - CYASSL_MSG("App data buffer error, malicious input?"); - return BUFFER_ERROR; - } + if (totalCerts >= MAX_CHAIN_DEPTH) + return MAX_CHAIN_ERROR; - /* read data */ - if (dataSz) { - int rawSz = dataSz; /* keep raw size for hmac */ + if ((*inOutIdx - begin) + OPAQUE24_LEN > size) + return BUFFER_ERROR; - if (ssl->specs.cipher_type != aead) - ssl->hmac(ssl, verify, rawData, rawSz, application_data, 1); + c24to32(input + *inOutIdx, &certSz); + *inOutIdx += OPAQUE24_LEN; -#ifdef HAVE_LIBZ - if (ssl->options.usingCompression) { - dataSz = DeCompress(ssl, rawData, dataSz, decomp, sizeof(decomp)); - if (dataSz < 0) return dataSz; + if ((*inOutIdx - begin) + certSz > size) + return BUFFER_ERROR; + + certs[totalCerts].length = certSz; + certs[totalCerts].buffer = input + *inOutIdx; + +#ifdef SESSION_CERTS + if (ssl->session.chain.count < MAX_CHAIN_DEPTH && + certSz < MAX_X509_SIZE) { + ssl->session.chain.certs[ssl->session.chain.count].length = certSz; + XMEMCPY(ssl->session.chain.certs[ssl->session.chain.count].buffer, + input + *inOutIdx, certSz); + ssl->session.chain.count++; + } else { + CYASSL_MSG("Couldn't store chain cert for session"); } #endif - if (ssl->options.usingCompression) - idx += rawSz; - else - idx += dataSz; + *inOutIdx += certSz; + listSz -= certSz + CERT_HEADER_SZ; - ssl->buffers.clearOutputBuffer.buffer = rawData; - ssl->buffers.clearOutputBuffer.length = dataSz; + totalCerts++; + CYASSL_MSG(" Put another cert into chain"); } - /* read mac and fill */ - mac = input + idx; - idx += digestSz; - - idx += pad; - if (padByte) - idx++; + count = totalCerts; - /* verify */ - if (dataSz) { - if (ssl->specs.cipher_type != aead && XMEMCMP(mac, verify, digestSz)) { - CYASSL_MSG("App data verify mac error"); - return VERIFY_MAC_ERROR; + /* verify up to peer's first */ + while (count > 1) { + buffer myCert = certs[count - 1]; + DecodedCert dCert; + byte* subjectHash; + + InitDecodedCert(&dCert, myCert.buffer, myCert.length, ssl->heap); + ret = ParseCertRelative(&dCert, CERT_TYPE, !ssl->options.verifyNone, + ssl->ctx->cm); + #ifndef NO_SKID + subjectHash = dCert.extSubjKeyId; + #else + subjectHash = dCert.subjectHash; + #endif + + if (ret == 0 && dCert.isCA == 0) { + CYASSL_MSG("Chain cert is not a CA, not adding as one"); } - } - else - GetSEQIncrement(ssl, 1); /* even though no data, increment verify */ + else if (ret == 0 && ssl->options.verifyNone) { + CYASSL_MSG("Chain cert not verified by option, not adding as CA"); + } + else if (ret == 0 && !AlreadySigner(ssl->ctx->cm, subjectHash)) { + buffer add; + add.length = myCert.length; + add.buffer = (byte*)XMALLOC(myCert.length, ssl->heap, + DYNAMIC_TYPE_CA); + CYASSL_MSG("Adding CA from chain"); -#ifdef HAVE_LIBZ - /* decompress could be bigger, overwrite after verify */ - if (ssl->options.usingCompression) - XMEMMOVE(rawData, decomp, dataSz); -#endif + if (add.buffer == NULL) + return MEMORY_E; + XMEMCPY(add.buffer, myCert.buffer, myCert.length); - *inOutIdx = idx; - return 0; -} + ret = AddCA(ssl->ctx->cm, add, CYASSL_CHAIN_CA, + ssl->ctx->verifyPeer); + if (ret == 1) ret = 0; /* SSL_SUCCESS for external */ + } + else if (ret != 0) { + CYASSL_MSG("Failed to verify CA from chain"); + } + else { + CYASSL_MSG("Verified CA from chain and already had it"); + } +#ifdef HAVE_CRL + if (ret == 0 && ssl->ctx->cm->crlEnabled && ssl->ctx->cm->crlCheckAll) { + CYASSL_MSG("Doing Non Leaf CRL check"); + ret = CheckCertCRL(ssl->ctx->cm->crl, &dCert); -/* process alert, return level */ -static int DoAlert(CYASSL* ssl, byte* input, word32* inOutIdx, int* type) -{ - byte level; + if (ret != 0) { + CYASSL_MSG("\tCRL check not ok"); + } + } +#endif /* HAVE_CRL */ - #ifdef CYASSL_CALLBACKS - if (ssl->hsInfoOn) - AddPacketName("Alert", &ssl->handShakeInfo); - if (ssl->toInfoOn) - /* add record header back on to info + 2 byte level, data */ - AddPacketInfo("Alert", &ssl->timeoutInfo, input + *inOutIdx - - RECORD_HEADER_SZ, 2 + RECORD_HEADER_SZ, ssl->heap); - #endif - level = input[(*inOutIdx)++]; - *type = (int)input[(*inOutIdx)++]; + if (ret != 0 && anyError == 0) + anyError = ret; /* save error from last time */ - CYASSL_MSG("Got alert"); - if (*type == close_notify) { - CYASSL_MSG(" close notify"); - ssl->options.closeNotify = 1; + FreeDecodedCert(&dCert); + count--; } - CYASSL_ERROR(*type); - if (ssl->keys.encryptionOn) { - if (ssl->specs.cipher_type != aead) { - int aSz = ALERT_SIZE; - const byte* mac; - byte verify[SHA256_DIGEST_SIZE]; - int padSz = ssl->keys.encryptSz - aSz - ssl->specs.hash_size; + /* peer's, may not have one if blank client cert sent by TLSv1.2 */ + if (count) { + buffer myCert = certs[0]; + DecodedCert dCert; + int fatal = 0; - ssl->hmac(ssl, verify, input + *inOutIdx - aSz, aSz, alert, 1); - - /* read mac and fill */ - mac = input + *inOutIdx; - *inOutIdx += (ssl->specs.hash_size + padSz); - - /* verify */ - if (XMEMCMP(mac, verify, ssl->specs.hash_size)) { - CYASSL_MSG(" alert verify mac error"); - return VERIFY_MAC_ERROR; - } + CYASSL_MSG("Verifying Peer's cert"); + + InitDecodedCert(&dCert, myCert.buffer, myCert.length, ssl->heap); + ret = ParseCertRelative(&dCert, CERT_TYPE, !ssl->options.verifyNone, + ssl->ctx->cm); + if (ret == 0) { + CYASSL_MSG("Verified Peer's cert"); + fatal = 0; + } + else if (ret == ASN_PARSE_E) { + CYASSL_MSG("Got Peer cert ASN PARSE ERROR, fatal"); + fatal = 1; } else { - *inOutIdx += AEAD_AUTH_TAG_SZ; + CYASSL_MSG("Failed to verify Peer's cert"); + if (ssl->verifyCallback) { + CYASSL_MSG("\tCallback override available, will continue"); + fatal = 0; + } + else { + CYASSL_MSG("\tNo callback override available, fatal"); + fatal = 1; + } } - } - return level; -} +#ifdef HAVE_OCSP + if (fatal == 0 && ssl->ctx->cm->ocspEnabled) { + ret = CheckCertOCSP(ssl->ctx->cm->ocsp, &dCert); + if (ret != 0) { + CYASSL_MSG("\tOCSP Lookup not ok"); + fatal = 0; + } + } +#endif -static int GetInputData(CYASSL *ssl, word32 size) -{ - int in; - int inSz; - int maxLength; - int usedLength; +#ifdef HAVE_CRL + if (fatal == 0 && ssl->ctx->cm->crlEnabled) { + int doCrlLookup = 1; + + #ifdef HAVE_OCSP + if (ssl->ctx->cm->ocspEnabled) { + doCrlLookup = (ret == OCSP_CERT_UNKNOWN); + } + #endif /* HAVE_OCSP */ + + if (doCrlLookup) { + CYASSL_MSG("Doing Leaf CRL check"); + ret = CheckCertCRL(ssl->ctx->cm->crl, &dCert); + + if (ret != 0) { + CYASSL_MSG("\tCRL check not ok"); + fatal = 0; + } + } + } + +#endif /* HAVE_CRL */ + +#ifdef KEEP_PEER_CERT + { + /* set X509 format for peer cert even if fatal */ + int copyRet = CopyDecodedToX509(&ssl->peerCert, &dCert); + if (copyRet == MEMORY_E) + fatal = 1; + } +#endif + +#ifndef IGNORE_KEY_EXTENSIONS + if (dCert.extKeyUsageSet) { + if ((ssl->specs.kea == rsa_kea) && + (dCert.extKeyUsage & KEYUSE_KEY_ENCIPHER) == 0) { + ret = KEYUSE_ENCIPHER_E; + } + if ((ssl->specs.sig_algo == rsa_sa_algo || + ssl->specs.sig_algo == ecc_dsa_sa_algo) && + (dCert.extKeyUsage & KEYUSE_DIGITAL_SIG) == 0) { + CYASSL_MSG("KeyUse Digital Sig not set"); + ret = KEYUSE_SIGNATURE_E; + } + } + + if (dCert.extExtKeyUsageSet) { + if (ssl->options.side == CYASSL_CLIENT_END) { + if ((dCert.extExtKeyUsage & + (EXTKEYUSE_ANY | EXTKEYUSE_SERVER_AUTH)) == 0) { + CYASSL_MSG("ExtKeyUse Server Auth not set"); + ret = EXTKEYUSE_AUTH_E; + } + } + else { + if ((dCert.extExtKeyUsage & + (EXTKEYUSE_ANY | EXTKEYUSE_CLIENT_AUTH)) == 0) { + CYASSL_MSG("ExtKeyUse Client Auth not set"); + ret = EXTKEYUSE_AUTH_E; + } + } + } +#endif /* IGNORE_KEY_EXTENSIONS */ + + if (fatal) { + FreeDecodedCert(&dCert); + ssl->error = ret; + return ret; + } + ssl->options.havePeerCert = 1; + + /* store for callback use */ + if (dCert.subjectCNLen < ASN_NAME_MAX) { + XMEMCPY(domain, dCert.subjectCN, dCert.subjectCNLen); + domain[dCert.subjectCNLen] = '\0'; + } + else + domain[0] = '\0'; + + if (!ssl->options.verifyNone && ssl->buffers.domainName.buffer) { + if (MatchDomainName(dCert.subjectCN, dCert.subjectCNLen, + (char*)ssl->buffers.domainName.buffer) == 0) { + CYASSL_MSG("DomainName match on common name failed"); + if (CheckAltNames(&dCert, + (char*)ssl->buffers.domainName.buffer) == 0 ) { + CYASSL_MSG("DomainName match on alt names failed too"); + ret = DOMAIN_NAME_MISMATCH; /* try to get peer key still */ + } + } + } + + /* decode peer key */ + switch (dCert.keyOID) { + #ifndef NO_RSA + case RSAk: + { + word32 idx = 0; + if (RsaPublicKeyDecode(dCert.publicKey, &idx, + ssl->peerRsaKey, dCert.pubKeySize) != 0) { + ret = PEER_KEY_ERROR; + } + else { + ssl->peerRsaKeyPresent = 1; + #ifdef HAVE_PK_CALLBACKS + #ifndef NO_RSA + ssl->buffers.peerRsaKey.buffer = + XMALLOC(dCert.pubKeySize, + ssl->heap, DYNAMIC_TYPE_RSA); + if (ssl->buffers.peerRsaKey.buffer == NULL) + ret = MEMORY_ERROR; + else { + XMEMCPY(ssl->buffers.peerRsaKey.buffer, + dCert.publicKey, dCert.pubKeySize); + ssl->buffers.peerRsaKey.length = + dCert.pubKeySize; + } + #endif /* NO_RSA */ + #endif /*HAVE_PK_CALLBACKS */ + } + } + break; + #endif /* NO_RSA */ + #ifdef HAVE_NTRU + case NTRUk: + { + if (dCert.pubKeySize > sizeof(ssl->peerNtruKey)) { + ret = PEER_KEY_ERROR; + } + else { + XMEMCPY(ssl->peerNtruKey, dCert.publicKey, dCert.pubKeySize); + ssl->peerNtruKeyLen = (word16)dCert.pubKeySize; + ssl->peerNtruKeyPresent = 1; + } + } + break; + #endif /* HAVE_NTRU */ + #ifdef HAVE_ECC + case ECDSAk: + { + if (ecc_import_x963(dCert.publicKey, dCert.pubKeySize, + ssl->peerEccDsaKey) != 0) { + ret = PEER_KEY_ERROR; + } + else { + ssl->peerEccDsaKeyPresent = 1; + #ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + ssl->buffers.peerEccDsaKey.buffer = + XMALLOC(dCert.pubKeySize, + ssl->heap, DYNAMIC_TYPE_ECC); + if (ssl->buffers.peerEccDsaKey.buffer == NULL) + ret = MEMORY_ERROR; + else { + XMEMCPY(ssl->buffers.peerEccDsaKey.buffer, + dCert.publicKey, dCert.pubKeySize); + ssl->buffers.peerEccDsaKey.length = + dCert.pubKeySize; + } + #endif /* HAVE_ECC */ + #endif /*HAVE_PK_CALLBACKS */ + } + } + break; + #endif /* HAVE_ECC */ + default: + break; + } + + FreeDecodedCert(&dCert); + } + + if (anyError != 0 && ret == 0) + ret = anyError; + + + if (ret != 0) { + if (!ssl->options.verifyNone) { + int why = bad_certificate; + if (ret == ASN_AFTER_DATE_E || ret == ASN_BEFORE_DATE_E) + why = certificate_expired; + if (ssl->verifyCallback) { + int ok; + CYASSL_X509_STORE_CTX store; + + store.error = ret; + store.error_depth = totalCerts; + store.discardSessionCerts = 0; + store.domain = domain; + store.userCtx = ssl->verifyCbCtx; +#ifdef KEEP_PEER_CERT + store.current_cert = &ssl->peerCert; +#else + store.current_cert = NULL; +#endif +#ifdef FORTRESS + store.ex_data = ssl; +#endif + ok = ssl->verifyCallback(0, &store); + if (ok) { + CYASSL_MSG("Verify callback overriding error!"); + ret = 0; + } + #ifdef SESSION_CERTS + if (store.discardSessionCerts) { + CYASSL_MSG("Verify callback requested discard sess certs"); + ssl->session.chain.count = 0; + } + #endif + } + if (ret != 0) { + SendAlert(ssl, alert_fatal, why); /* try to send */ + ssl->options.isClosed = 1; + } + } + ssl->error = ret; + } +#ifdef CYASSL_ALWAYS_VERIFY_CB + else { + if (ssl->verifyCallback) { + int ok; + CYASSL_X509_STORE_CTX store; + + store.error = ret; + store.error_depth = totalCerts; + store.discardSessionCerts = 0; + store.domain = domain; + store.userCtx = ssl->verifyCbCtx; +#ifdef KEEP_PEER_CERT + store.current_cert = &ssl->peerCert; +#endif + store.ex_data = ssl; + + ok = ssl->verifyCallback(1, &store); + if (!ok) { + CYASSL_MSG("Verify callback overriding valid certificate!"); + ret = -1; + SendAlert(ssl, alert_fatal, bad_certificate); + ssl->options.isClosed = 1; + } + #ifdef SESSION_CERTS + if (store.discardSessionCerts) { + CYASSL_MSG("Verify callback requested discard sess certs"); + ssl->session.chain.count = 0; + } + #endif + } + } +#endif + + if (ssl->options.verifyNone && + (ret == CRL_MISSING || ret == CRL_CERT_REVOKED)) { + CYASSL_MSG("Ignoring CRL problem based on verify setting"); + ret = ssl->error = 0; + } + + if (ret == 0 && ssl->options.side == CYASSL_CLIENT_END) + ssl->options.serverState = SERVER_CERT_COMPLETE; + + return ret; +} + +#endif /* !NO_CERTS */ + + +static int DoHelloRequest(CYASSL* ssl, const byte* input, word32* inOutIdx, + word32 size, word32 totalSz) +{ + int ret = 0; + + if (size) /* must be 0 */ + return BUFFER_ERROR; + + if (ssl->keys.encryptionOn) { + byte verify[MAX_DIGEST_SIZE]; + int padSz = ssl->keys.encryptSz - HANDSHAKE_HEADER_SZ - + ssl->specs.hash_size; + + ret = ssl->hmac(ssl, verify, input + *inOutIdx - HANDSHAKE_HEADER_SZ, + HANDSHAKE_HEADER_SZ, handshake, 1); + if (ret != 0) + return ret; + + if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) + padSz -= ssl->specs.block_size; + + /* access beyond input + size should be checked against totalSz */ + if ((word32) (*inOutIdx + ssl->specs.hash_size + padSz) > totalSz) + return INCOMPLETE_DATA; + + /* verify */ + if (XMEMCMP(input + *inOutIdx, verify, ssl->specs.hash_size) != 0) { + CYASSL_MSG(" hello_request verify mac error"); + return VERIFY_MAC_ERROR; + } + + *inOutIdx += ssl->specs.hash_size + padSz; + } + + if (ssl->options.side == CYASSL_SERVER_END) { + SendAlert(ssl, alert_fatal, unexpected_message); /* try */ + return FATAL_ERROR; + } + else + return SendAlert(ssl, alert_warning, no_renegotiation); +} + + +int DoFinished(CYASSL* ssl, const byte* input, word32* inOutIdx, word32 size, + word32 totalSz, int sniff) +{ + word32 finishedSz = (ssl->options.tls ? TLS_FINISHED_SZ : FINISHED_SZ); + + if (finishedSz != size) + return BUFFER_ERROR; + + #ifdef CYASSL_CALLBACKS + if (ssl->hsInfoOn) AddPacketName("Finished", &ssl->handShakeInfo); + if (ssl->toInfoOn) AddLateName("Finished", &ssl->timeoutInfo); + #endif + + if (sniff == NO_SNIFF) { + if (XMEMCMP(input + *inOutIdx, &ssl->verifyHashes, size) != 0) { + CYASSL_MSG("Verify finished error on hashes"); + return VERIFY_FINISHED_ERROR; + } + } + + /* increment beyond input + size should be checked against totalSz */ + if (*inOutIdx + size + ssl->keys.padSz > totalSz) + return INCOMPLETE_DATA; + + /* force input exhaustion at ProcessReply consuming padSz */ + *inOutIdx += size + ssl->keys.padSz; + + if (ssl->options.side == CYASSL_CLIENT_END) { + ssl->options.serverState = SERVER_FINISHED_COMPLETE; + if (!ssl->options.resuming) { + ssl->options.handShakeState = HANDSHAKE_DONE; + +#ifdef CYASSL_DTLS + if (ssl->options.dtls) { + /* Other side has received our Finished, go to next epoch */ + ssl->keys.dtls_epoch++; + ssl->keys.dtls_sequence_number = 1; + } +#endif + } + } + else { + ssl->options.clientState = CLIENT_FINISHED_COMPLETE; + if (ssl->options.resuming) { + ssl->options.handShakeState = HANDSHAKE_DONE; + +#ifdef CYASSL_DTLS + if (ssl->options.dtls) { + /* Other side has received our Finished, go to next epoch */ + ssl->keys.dtls_epoch++; + ssl->keys.dtls_sequence_number = 1; + } +#endif + } + } + + return 0; +} + + +static int DoHandShakeMsgType(CYASSL* ssl, byte* input, word32* inOutIdx, + byte type, word32 size, word32 totalSz) +{ + int ret = 0; + (void)totalSz; + + CYASSL_ENTER("DoHandShakeMsgType"); + + /* make sure can read the message */ + if (*inOutIdx + size > totalSz) + return INCOMPLETE_DATA; + + ret = HashInput(ssl, input + *inOutIdx, size); + if (ret != 0) + return ret; + +#ifdef CYASSL_CALLBACKS + /* add name later, add on record and handshake header part back on */ + if (ssl->toInfoOn) { + int add = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; + AddPacketInfo(0, &ssl->timeoutInfo, input + *inOutIdx - add, + size + add, ssl->heap); + AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo); + } +#endif + + if (ssl->options.handShakeState == HANDSHAKE_DONE && type != hello_request){ + CYASSL_MSG("HandShake message after handshake complete"); + SendAlert(ssl, alert_fatal, unexpected_message); + return OUT_OF_ORDER_E; + } + + if (ssl->options.side == CYASSL_CLIENT_END && ssl->options.dtls == 0 && + ssl->options.serverState == NULL_STATE && type != server_hello) { + CYASSL_MSG("First server message not server hello"); + SendAlert(ssl, alert_fatal, unexpected_message); + return OUT_OF_ORDER_E; + } + + if (ssl->options.side == CYASSL_CLIENT_END && ssl->options.dtls && + type == server_hello_done && + ssl->options.serverState < SERVER_HELLO_COMPLETE) { + CYASSL_MSG("Server hello done received before server hello in DTLS"); + SendAlert(ssl, alert_fatal, unexpected_message); + return OUT_OF_ORDER_E; + } + + if (ssl->options.side == CYASSL_SERVER_END && + ssl->options.clientState == NULL_STATE && type != client_hello) { + CYASSL_MSG("First client message not client hello"); + SendAlert(ssl, alert_fatal, unexpected_message); + return OUT_OF_ORDER_E; + } + + + switch (type) { + + case hello_request: + CYASSL_MSG("processing hello request"); + ret = DoHelloRequest(ssl, input, inOutIdx, size, totalSz); + break; + +#ifndef NO_CYASSL_CLIENT + case hello_verify_request: + CYASSL_MSG("processing hello verify request"); + ret = DoHelloVerifyRequest(ssl, input,inOutIdx, size); + break; + + case server_hello: + CYASSL_MSG("processing server hello"); + ret = DoServerHello(ssl, input, inOutIdx, size); + break; + +#ifndef NO_CERTS + case certificate_request: + CYASSL_MSG("processing certificate request"); + ret = DoCertificateRequest(ssl, input, inOutIdx, size); + break; +#endif + + case server_key_exchange: + CYASSL_MSG("processing server key exchange"); + ret = DoServerKeyExchange(ssl, input, inOutIdx, size); + break; +#endif + +#ifndef NO_CERTS + case certificate: + CYASSL_MSG("processing certificate"); + ret = DoCertificate(ssl, input, inOutIdx, size); + break; +#endif + + case server_hello_done: + CYASSL_MSG("processing server hello done"); + #ifdef CYASSL_CALLBACKS + if (ssl->hsInfoOn) + AddPacketName("ServerHelloDone", &ssl->handShakeInfo); + if (ssl->toInfoOn) + AddLateName("ServerHelloDone", &ssl->timeoutInfo); + #endif + ssl->options.serverState = SERVER_HELLODONE_COMPLETE; + break; + + case finished: + CYASSL_MSG("processing finished"); + ret = DoFinished(ssl, input, inOutIdx, size, totalSz, NO_SNIFF); + break; + +#ifndef NO_CYASSL_SERVER + case client_hello: + CYASSL_MSG("processing client hello"); + ret = DoClientHello(ssl, input, inOutIdx, size); + break; + + case client_key_exchange: + CYASSL_MSG("processing client key exchange"); + ret = DoClientKeyExchange(ssl, input, inOutIdx, size); + break; + +#if !defined(NO_RSA) || defined(HAVE_ECC) + case certificate_verify: + CYASSL_MSG("processing certificate verify"); + ret = DoCertificateVerify(ssl, input, inOutIdx, size); + break; +#endif /* !NO_RSA || HAVE_ECC */ + +#endif /* !NO_CYASSL_SERVER */ + + default: + CYASSL_MSG("Unknown handshake message type"); + ret = UNKNOWN_HANDSHAKE_TYPE; + break; + } + + CYASSL_LEAVE("DoHandShakeMsgType()", ret); + return ret; +} + + +static int DoHandShakeMsg(CYASSL* ssl, byte* input, word32* inOutIdx, + word32 totalSz) +{ + byte type; + word32 size; + int ret = 0; + + CYASSL_ENTER("DoHandShakeMsg()"); + + if (GetHandShakeHeader(ssl, input, inOutIdx, &type, &size) != 0) + return PARSE_ERROR; + + ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz); + + CYASSL_LEAVE("DoHandShakeMsg()", ret); + return ret; +} + + +#ifdef CYASSL_DTLS + +static INLINE int DtlsCheckWindow(DtlsState* state) +{ + word32 cur; + word32 next; + DtlsSeq window; + + if (state->curEpoch == state->nextEpoch) { + next = state->nextSeq; + window = state->window; + } + else if (state->curEpoch < state->nextEpoch) { + next = state->prevSeq; + window = state->prevWindow; + } + else { + return 0; + } + + cur = state->curSeq; + + if ((next > DTLS_SEQ_BITS) && (cur < next - DTLS_SEQ_BITS)) { + return 0; + } + else if ((cur < next) && (window & ((DtlsSeq)1 << (next - cur - 1)))) { + return 0; + } + + return 1; +} + + +static INLINE int DtlsUpdateWindow(DtlsState* state) +{ + word32 cur; + word32* next; + DtlsSeq* window; + + if (state->curEpoch == state->nextEpoch) { + next = &state->nextSeq; + window = &state->window; + } + else { + next = &state->prevSeq; + window = &state->prevWindow; + } + + cur = state->curSeq; + + if (cur < *next) { + *window |= ((DtlsSeq)1 << (*next - cur - 1)); + } + else { + *window <<= (1 + cur - *next); + *window |= 1; + *next = cur + 1; + } + + return 1; +} + + +static int DtlsMsgDrain(CYASSL* ssl) +{ + DtlsMsg* item = ssl->dtls_msg_list; + int ret = 0; + + /* While there is an item in the store list, and it is the expected + * message, and it is complete, and there hasn't been an error in the + * last messge... */ + while (item != NULL && + ssl->keys.dtls_expected_peer_handshake_number == item->seq && + item->fragSz == item->sz && + ret == 0) { + word32 idx = 0; + ssl->keys.dtls_expected_peer_handshake_number++; + ret = DoHandShakeMsgType(ssl, item->msg, + &idx, item->type, item->sz, item->sz); + ssl->dtls_msg_list = item->next; + DtlsMsgDelete(item, ssl->heap); + item = ssl->dtls_msg_list; + } + + return ret; +} + + +static int DoDtlsHandShakeMsg(CYASSL* ssl, byte* input, word32* inOutIdx, + word32 totalSz) +{ + byte type; + word32 size; + word32 fragOffset, fragSz; + int ret = 0; + + CYASSL_ENTER("DoDtlsHandShakeMsg()"); + if (GetDtlsHandShakeHeader(ssl, input, inOutIdx, &type, + &size, &fragOffset, &fragSz) != 0) + return PARSE_ERROR; + + if (*inOutIdx + fragSz > totalSz) + return INCOMPLETE_DATA; + + /* Check the handshake sequence number first. If out of order, + * add the current message to the list. If the message is in order, + * but it is a fragment, add the current message to the list, then + * check the head of the list to see if it is complete, if so, pop + * it out as the current message. If the message is complete and in + * order, process it. Check the head of the list to see if it is in + * order, if so, process it. (Repeat until list exhausted.) If the + * head is out of order, return for more processing. + */ + if (ssl->keys.dtls_peer_handshake_number > + ssl->keys.dtls_expected_peer_handshake_number) { + /* Current message is out of order. It will get stored in the list. + * Storing also takes care of defragmentation. */ + ssl->dtls_msg_list = DtlsMsgStore(ssl->dtls_msg_list, + ssl->keys.dtls_peer_handshake_number, input + *inOutIdx, + size, type, fragOffset, fragSz, ssl->heap); + *inOutIdx += fragSz; + ret = 0; + } + else if (ssl->keys.dtls_peer_handshake_number < + ssl->keys.dtls_expected_peer_handshake_number) { + /* Already saw this message and processed it. It can be ignored. */ + *inOutIdx += fragSz; + ret = 0; + } + else if (fragSz < size) { + /* Since this branch is in order, but fragmented, dtls_msg_list will be + * pointing to the message with this fragment in it. Check it to see + * if it is completed. */ + ssl->dtls_msg_list = DtlsMsgStore(ssl->dtls_msg_list, + ssl->keys.dtls_peer_handshake_number, input + *inOutIdx, + size, type, fragOffset, fragSz, ssl->heap); + *inOutIdx += fragSz; + ret = 0; + if (ssl->dtls_msg_list != NULL && + ssl->dtls_msg_list->fragSz >= ssl->dtls_msg_list->sz) + ret = DtlsMsgDrain(ssl); + } + else { + /* This branch is in order next, and a complete message. */ + ssl->keys.dtls_expected_peer_handshake_number++; + ret = DoHandShakeMsgType(ssl, input, inOutIdx, type, size, totalSz); + if (ret == 0 && ssl->dtls_msg_list != NULL) + ret = DtlsMsgDrain(ssl); + } + + CYASSL_LEAVE("DoDtlsHandShakeMsg()", ret); + return ret; +} +#endif + + +static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify) +{ + if (verify) + return ssl->keys.peer_sequence_number++; + else + return ssl->keys.sequence_number++; +} + + +#ifdef HAVE_AEAD +static INLINE void AeadIncrementExpIV(CYASSL* ssl) +{ + int i; + for (i = AEAD_EXP_IV_SZ-1; i >= 0; i--) { + if (++ssl->keys.aead_exp_IV[i]) return; + } +} +#endif + + +static INLINE int Encrypt(CYASSL* ssl, byte* out, const byte* input, word16 sz) +{ + (void)out; + (void)input; + (void)sz; + + if (ssl->encrypt.setup == 0) { + CYASSL_MSG("Encrypt ciphers not setup"); + return ENCRYPT_ERROR; + } + + switch (ssl->specs.bulk_cipher_algorithm) { + #ifdef BUILD_ARC4 + case cyassl_rc4: + Arc4Process(ssl->encrypt.arc4, out, input, sz); + break; + #endif + + #ifdef BUILD_DES3 + case cyassl_triple_des: + return Des3_CbcEncrypt(ssl->encrypt.des3, out, input, sz); + #endif + + #ifdef BUILD_AES + case cyassl_aes: + return AesCbcEncrypt(ssl->encrypt.aes, out, input, sz); + #endif + + #ifdef BUILD_AESGCM + case cyassl_aes_gcm: + { + byte additional[AEAD_AUTH_DATA_SZ]; + byte nonce[AEAD_NONCE_SZ]; + const byte* additionalSrc = input - 5; + + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); + + /* sequence number field is 64-bits, we only use 32-bits */ + c32toa(GetSEQIncrement(ssl, 0), + additional + AEAD_SEQ_OFFSET); + + /* Store the type, version. Unfortunately, they are in + * the input buffer ahead of the plaintext. */ + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + c16toa(ssl->keys.dtls_epoch, additional); + additionalSrc -= DTLS_HANDSHAKE_EXTRA; + } + #endif + XMEMCPY(additional + AEAD_TYPE_OFFSET, additionalSrc, 3); + + /* Store the length of the plain text minus the explicit + * IV length minus the authentication tag size. */ + c16toa(sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + additional + AEAD_LEN_OFFSET); + XMEMCPY(nonce, + ssl->keys.aead_enc_imp_IV, AEAD_IMP_IV_SZ); + XMEMCPY(nonce + AEAD_IMP_IV_SZ, + ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ); + AesGcmEncrypt(ssl->encrypt.aes, + out + AEAD_EXP_IV_SZ, input + AEAD_EXP_IV_SZ, + sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + nonce, AEAD_NONCE_SZ, + out + sz - ssl->specs.aead_mac_size, + ssl->specs.aead_mac_size, + additional, AEAD_AUTH_DATA_SZ); + AeadIncrementExpIV(ssl); + XMEMSET(nonce, 0, AEAD_NONCE_SZ); + } + break; + #endif + + #ifdef HAVE_AESCCM + case cyassl_aes_ccm: + { + byte additional[AEAD_AUTH_DATA_SZ]; + byte nonce[AEAD_NONCE_SZ]; + const byte* additionalSrc = input - 5; + + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); + + /* sequence number field is 64-bits, we only use 32-bits */ + c32toa(GetSEQIncrement(ssl, 0), + additional + AEAD_SEQ_OFFSET); + + /* Store the type, version. Unfortunately, they are in + * the input buffer ahead of the plaintext. */ + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + c16toa(ssl->keys.dtls_epoch, additional); + additionalSrc -= DTLS_HANDSHAKE_EXTRA; + } + #endif + XMEMCPY(additional + AEAD_TYPE_OFFSET, additionalSrc, 3); + + /* Store the length of the plain text minus the explicit + * IV length minus the authentication tag size. */ + c16toa(sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + additional + AEAD_LEN_OFFSET); + XMEMCPY(nonce, + ssl->keys.aead_enc_imp_IV, AEAD_IMP_IV_SZ); + XMEMCPY(nonce + AEAD_IMP_IV_SZ, + ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ); + AesCcmEncrypt(ssl->encrypt.aes, + out + AEAD_EXP_IV_SZ, input + AEAD_EXP_IV_SZ, + sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + nonce, AEAD_NONCE_SZ, + out + sz - ssl->specs.aead_mac_size, + ssl->specs.aead_mac_size, + additional, AEAD_AUTH_DATA_SZ); + AeadIncrementExpIV(ssl); + XMEMSET(nonce, 0, AEAD_NONCE_SZ); + } + break; + #endif + + #ifdef HAVE_CAMELLIA + case cyassl_camellia: + CamelliaCbcEncrypt(ssl->encrypt.cam, out, input, sz); + break; + #endif + + #ifdef HAVE_HC128 + case cyassl_hc128: + return Hc128_Process(ssl->encrypt.hc128, out, input, sz); + #endif + + #ifdef BUILD_RABBIT + case cyassl_rabbit: + return RabbitProcess(ssl->encrypt.rabbit, out, input, sz); + #endif + + #ifdef HAVE_NULL_CIPHER + case cyassl_cipher_null: + if (input != out) { + XMEMMOVE(out, input, sz); + } + break; + #endif + + default: + CYASSL_MSG("CyaSSL Encrypt programming error"); + return ENCRYPT_ERROR; + } + + return 0; +} + + + +static INLINE int Decrypt(CYASSL* ssl, byte* plain, const byte* input, + word16 sz) +{ + (void)plain; + (void)input; + (void)sz; + + if (ssl->decrypt.setup == 0) { + CYASSL_MSG("Decrypt ciphers not setup"); + return DECRYPT_ERROR; + } + + switch (ssl->specs.bulk_cipher_algorithm) { + #ifdef BUILD_ARC4 + case cyassl_rc4: + Arc4Process(ssl->decrypt.arc4, plain, input, sz); + break; + #endif + + #ifdef BUILD_DES3 + case cyassl_triple_des: + return Des3_CbcDecrypt(ssl->decrypt.des3, plain, input, sz); + #endif + + #ifdef BUILD_AES + case cyassl_aes: + return AesCbcDecrypt(ssl->decrypt.aes, plain, input, sz); + #endif + + #ifdef BUILD_AESGCM + case cyassl_aes_gcm: + { + byte additional[AEAD_AUTH_DATA_SZ]; + byte nonce[AEAD_NONCE_SZ]; + + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); + + /* sequence number field is 64-bits, we only use 32-bits */ + c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET); + + #ifdef CYASSL_DTLS + if (ssl->options.dtls) + c16toa(ssl->keys.dtls_state.curEpoch, additional); + #endif + + additional[AEAD_TYPE_OFFSET] = ssl->curRL.type; + additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor; + additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor; + + c16toa(sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + additional + AEAD_LEN_OFFSET); + XMEMCPY(nonce, ssl->keys.aead_dec_imp_IV, AEAD_IMP_IV_SZ); + XMEMCPY(nonce + AEAD_IMP_IV_SZ, input, AEAD_EXP_IV_SZ); + if (AesGcmDecrypt(ssl->decrypt.aes, + plain + AEAD_EXP_IV_SZ, + input + AEAD_EXP_IV_SZ, + sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + nonce, AEAD_NONCE_SZ, + input + sz - ssl->specs.aead_mac_size, + ssl->specs.aead_mac_size, + additional, AEAD_AUTH_DATA_SZ) < 0) { + SendAlert(ssl, alert_fatal, bad_record_mac); + XMEMSET(nonce, 0, AEAD_NONCE_SZ); + return VERIFY_MAC_ERROR; + } + XMEMSET(nonce, 0, AEAD_NONCE_SZ); + } + break; + #endif + + #ifdef HAVE_AESCCM + case cyassl_aes_ccm: + { + byte additional[AEAD_AUTH_DATA_SZ]; + byte nonce[AEAD_NONCE_SZ]; + + XMEMSET(additional, 0, AEAD_AUTH_DATA_SZ); + + /* sequence number field is 64-bits, we only use 32-bits */ + c32toa(GetSEQIncrement(ssl, 1), additional + AEAD_SEQ_OFFSET); + + #ifdef CYASSL_DTLS + if (ssl->options.dtls) + c16toa(ssl->keys.dtls_state.curEpoch, additional); + #endif + + additional[AEAD_TYPE_OFFSET] = ssl->curRL.type; + additional[AEAD_VMAJ_OFFSET] = ssl->curRL.pvMajor; + additional[AEAD_VMIN_OFFSET] = ssl->curRL.pvMinor; + + c16toa(sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + additional + AEAD_LEN_OFFSET); + XMEMCPY(nonce, ssl->keys.aead_dec_imp_IV, AEAD_IMP_IV_SZ); + XMEMCPY(nonce + AEAD_IMP_IV_SZ, input, AEAD_EXP_IV_SZ); + if (AesCcmDecrypt(ssl->decrypt.aes, + plain + AEAD_EXP_IV_SZ, + input + AEAD_EXP_IV_SZ, + sz - AEAD_EXP_IV_SZ - ssl->specs.aead_mac_size, + nonce, AEAD_NONCE_SZ, + input + sz - ssl->specs.aead_mac_size, + ssl->specs.aead_mac_size, + additional, AEAD_AUTH_DATA_SZ) < 0) { + SendAlert(ssl, alert_fatal, bad_record_mac); + XMEMSET(nonce, 0, AEAD_NONCE_SZ); + return VERIFY_MAC_ERROR; + } + XMEMSET(nonce, 0, AEAD_NONCE_SZ); + } + break; + #endif + + #ifdef HAVE_CAMELLIA + case cyassl_camellia: + CamelliaCbcDecrypt(ssl->decrypt.cam, plain, input, sz); + break; + #endif + + #ifdef HAVE_HC128 + case cyassl_hc128: + return Hc128_Process(ssl->decrypt.hc128, plain, input, sz); + #endif + + #ifdef BUILD_RABBIT + case cyassl_rabbit: + return RabbitProcess(ssl->decrypt.rabbit, plain, input, sz); + #endif + + #ifdef HAVE_NULL_CIPHER + case cyassl_cipher_null: + if (input != plain) { + XMEMMOVE(plain, input, sz); + } + break; + #endif + + default: + CYASSL_MSG("CyaSSL Decrypt programming error"); + return DECRYPT_ERROR; + } + return 0; +} + + +/* check cipher text size for sanity */ +static int SanityCheckCipherText(CYASSL* ssl, word32 encryptSz) +{ +#ifdef HAVE_TRUNCATED_HMAC + word32 minLength = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ + : ssl->specs.hash_size; +#else + word32 minLength = ssl->specs.hash_size; /* covers stream */ +#endif + + if (ssl->specs.cipher_type == block) { + if (encryptSz % ssl->specs.block_size) { + CYASSL_MSG("Block ciphertext not block size"); + return SANITY_CIPHER_E; + } + + minLength++; /* pad byte */ + + if (ssl->specs.block_size > minLength) + minLength = ssl->specs.block_size; + + if (ssl->options.tls1_1) + minLength += ssl->specs.block_size; /* explicit IV */ + } + else if (ssl->specs.cipher_type == aead) { + minLength = ssl->specs.aead_mac_size + AEAD_EXP_IV_SZ; + /* explicit IV + authTag size */ + } + + if (encryptSz < minLength) { + CYASSL_MSG("Ciphertext not minimum size"); + return SANITY_CIPHER_E; + } + + return 0; +} + + +#ifndef NO_OLD_TLS + +static INLINE void Md5Rounds(int rounds, const byte* data, int sz) +{ + Md5 md5; + int i; + + InitMd5(&md5); + + for (i = 0; i < rounds; i++) + Md5Update(&md5, data, sz); +} + + + +/* do a dummy sha round */ +static INLINE void ShaRounds(int rounds, const byte* data, int sz) +{ + Sha sha; + int i; + + InitSha(&sha); /* no error check on purpose, dummy round */ + + for (i = 0; i < rounds; i++) + ShaUpdate(&sha, data, sz); +} +#endif + + +#ifndef NO_SHA256 + +static INLINE void Sha256Rounds(int rounds, const byte* data, int sz) +{ + Sha256 sha256; + int i; + + InitSha256(&sha256); /* no error check on purpose, dummy round */ + + for (i = 0; i < rounds; i++) { + Sha256Update(&sha256, data, sz); + /* no error check on purpose, dummy round */ + } + +} + +#endif + + +#ifdef CYASSL_SHA384 + +static INLINE void Sha384Rounds(int rounds, const byte* data, int sz) +{ + Sha384 sha384; + int i; + + InitSha384(&sha384); /* no error check on purpose, dummy round */ + + for (i = 0; i < rounds; i++) { + Sha384Update(&sha384, data, sz); + /* no error check on purpose, dummy round */ + } +} + +#endif + + +#ifdef CYASSL_SHA512 + +static INLINE void Sha512Rounds(int rounds, const byte* data, int sz) +{ + Sha512 sha512; + int i; + + InitSha512(&sha512); /* no error check on purpose, dummy round */ + + for (i = 0; i < rounds; i++) { + Sha512Update(&sha512, data, sz); + /* no error check on purpose, dummy round */ + } +} + +#endif + + +#ifdef CYASSL_RIPEMD + +static INLINE void RmdRounds(int rounds, const byte* data, int sz) +{ + RipeMd ripemd; + int i; + + InitRipeMd(&ripemd); + + for (i = 0; i < rounds; i++) + RipeMdUpdate(&ripemd, data, sz); +} + +#endif + + +/* Do dummy rounds */ +static INLINE void DoRounds(int type, int rounds, const byte* data, int sz) +{ + switch (type) { + + case no_mac : + break; + +#ifndef NO_OLD_TLS +#ifndef NO_MD5 + case md5_mac : + Md5Rounds(rounds, data, sz); + break; +#endif + +#ifndef NO_SHA + case sha_mac : + ShaRounds(rounds, data, sz); + break; +#endif +#endif + +#ifndef NO_SHA256 + case sha256_mac : + Sha256Rounds(rounds, data, sz); + break; +#endif + +#ifdef CYASSL_SHA384 + case sha384_mac : + Sha384Rounds(rounds, data, sz); + break; +#endif + +#ifdef CYASSL_SHA512 + case sha512_mac : + Sha512Rounds(rounds, data, sz); + break; +#endif + +#ifdef CYASSL_RIPEMD + case rmd_mac : + RmdRounds(rounds, data, sz); + break; +#endif + + default: + CYASSL_MSG("Bad round type"); + break; + } +} + + +/* do number of compression rounds on dummy data */ +static INLINE void CompressRounds(CYASSL* ssl, int rounds, const byte* dummy) +{ + if (rounds) + DoRounds(ssl->specs.mac_algorithm, rounds, dummy, COMPRESS_LOWER); +} + + +/* check all length bytes for equality, return 0 on success */ +static int ConstantCompare(const byte* a, const byte* b, int length) +{ + int i; + int good = 0; + int bad = 0; + + for (i = 0; i < length; i++) { + if (a[i] == b[i]) + good++; + else + bad++; + } + + if (good == length) + return 0; + else + return 0 - bad; /* compare failed */ +} + + +/* check all length bytes for the pad value, return 0 on success */ +static int PadCheck(const byte* input, byte pad, int length) +{ + int i; + int good = 0; + int bad = 0; + + for (i = 0; i < length; i++) { + if (input[i] == pad) + good++; + else + bad++; + } + + if (good == length) + return 0; + else + return 0 - bad; /* pad check failed */ +} + + +/* get compression extra rounds */ +static INLINE int GetRounds(int pLen, int padLen, int t) +{ + int roundL1 = 1; /* round up flags */ + int roundL2 = 1; + + int L1 = COMPRESS_CONSTANT + pLen - t; + int L2 = COMPRESS_CONSTANT + pLen - padLen - 1 - t; + + L1 -= COMPRESS_UPPER; + L2 -= COMPRESS_UPPER; + + if ( (L1 % COMPRESS_LOWER) == 0) + roundL1 = 0; + if ( (L2 % COMPRESS_LOWER) == 0) + roundL2 = 0; + + L1 /= COMPRESS_LOWER; + L2 /= COMPRESS_LOWER; + + L1 += roundL1; + L2 += roundL2; + + return L1 - L2; +} + + +/* timing resistant pad/verify check, return 0 on success */ +static int TimingPadVerify(CYASSL* ssl, const byte* input, int padLen, int t, + int pLen, int content) +{ + byte verify[MAX_DIGEST_SIZE]; + byte dummy[MAX_PAD_SIZE]; + int ret = 0; + + XMEMSET(dummy, 1, sizeof(dummy)); + + if ( (t + padLen + 1) > pLen) { + CYASSL_MSG("Plain Len not long enough for pad/mac"); + PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE); + ssl->hmac(ssl, verify, input, pLen - t, content, 1); /* still compare */ + ConstantCompare(verify, input + pLen - t, t); + + return VERIFY_MAC_ERROR; + } + + if (PadCheck(input + pLen - (padLen + 1), (byte)padLen, padLen + 1) != 0) { + CYASSL_MSG("PadCheck failed"); + PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); + ssl->hmac(ssl, verify, input, pLen - t, content, 1); /* still compare */ + ConstantCompare(verify, input + pLen - t, t); + + return VERIFY_MAC_ERROR; + } + + PadCheck(dummy, (byte)padLen, MAX_PAD_SIZE - padLen - 1); + ret = ssl->hmac(ssl, verify, input, pLen - padLen - 1 - t, content, 1); + + CompressRounds(ssl, GetRounds(pLen, padLen, t), dummy); + + if (ConstantCompare(verify, input + (pLen - padLen - 1 - t), t) != 0) { + CYASSL_MSG("Verify MAC compare failed"); + return VERIFY_MAC_ERROR; + } + + if (ret != 0) + return VERIFY_MAC_ERROR; + return 0; +} + + +int DoApplicationData(CYASSL* ssl, byte* input, word32* inOutIdx) +{ + word32 msgSz = ssl->keys.encryptSz; + word32 idx = *inOutIdx; + int dataSz; + int ivExtra = 0; + byte* rawData = input + idx; /* keep current for hmac */ +#ifdef HAVE_LIBZ + byte decomp[MAX_RECORD_SIZE + MAX_COMP_EXTRA]; +#endif + + if (ssl->options.handShakeState != HANDSHAKE_DONE) { + CYASSL_MSG("Received App data before handshake complete"); + SendAlert(ssl, alert_fatal, unexpected_message); + return OUT_OF_ORDER_E; + } + + if (ssl->specs.cipher_type == block) { + if (ssl->options.tls1_1) + ivExtra = ssl->specs.block_size; + } + else if (ssl->specs.cipher_type == aead) { + ivExtra = AEAD_EXP_IV_SZ; + } + + dataSz = msgSz - ivExtra - ssl->keys.padSz; + if (dataSz < 0) { + CYASSL_MSG("App data buffer error, malicious input?"); + return BUFFER_ERROR; + } + + /* read data */ + if (dataSz) { + int rawSz = dataSz; /* keep raw size for idx adjustment */ + +#ifdef HAVE_LIBZ + if (ssl->options.usingCompression) { + dataSz = myDeCompress(ssl, rawData, dataSz, decomp, sizeof(decomp)); + if (dataSz < 0) return dataSz; + } +#endif + idx += rawSz; + + ssl->buffers.clearOutputBuffer.buffer = rawData; + ssl->buffers.clearOutputBuffer.length = dataSz; + } + + idx += ssl->keys.padSz; + +#ifdef HAVE_LIBZ + /* decompress could be bigger, overwrite after verify */ + if (ssl->options.usingCompression) + XMEMMOVE(rawData, decomp, dataSz); +#endif + + *inOutIdx = idx; + return 0; +} + + +/* process alert, return level */ +static int DoAlert(CYASSL* ssl, byte* input, word32* inOutIdx, int* type, + word32 totalSz) +{ + byte level; + byte code; + + #ifdef CYASSL_CALLBACKS + if (ssl->hsInfoOn) + AddPacketName("Alert", &ssl->handShakeInfo); + if (ssl->toInfoOn) + /* add record header back on to info + 2 byte level, data */ + AddPacketInfo("Alert", &ssl->timeoutInfo, input + *inOutIdx - + RECORD_HEADER_SZ, 2 + RECORD_HEADER_SZ, ssl->heap); + #endif + + /* make sure can read the message */ + if (*inOutIdx + ALERT_SIZE > totalSz) + return BUFFER_E; + + level = input[(*inOutIdx)++]; + code = input[(*inOutIdx)++]; + ssl->alert_history.last_rx.code = code; + ssl->alert_history.last_rx.level = level; + *type = code; + if (level == alert_fatal) { + ssl->options.isClosed = 1; /* Don't send close_notify */ + } + + CYASSL_MSG("Got alert"); + if (*type == close_notify) { + CYASSL_MSG(" close notify"); + ssl->options.closeNotify = 1; + } + CYASSL_ERROR(*type); + + if (ssl->keys.encryptionOn) { + if (*inOutIdx + ssl->keys.padSz > totalSz) + return BUFFER_E; + *inOutIdx += ssl->keys.padSz; + } + + return level; +} + +static int GetInputData(CYASSL *ssl, word32 size) +{ + int in; + int inSz; + int maxLength; + int usedLength; + int dtlsExtra = 0; /* check max input length */ @@ -2522,12 +5414,15 @@ static int GetInputData(CYASSL *ssl, word32 size) inSz = (int)(size - usedLength); /* from last partial read */ #ifdef CYASSL_DTLS - if (ssl->options.dtls) - inSz = MAX_MTU; /* read ahead up to MTU */ + if (ssl->options.dtls) { + if (size < ssl->dtls_expected_rx) + dtlsExtra = (int)(ssl->dtls_expected_rx - size); + inSz = ssl->dtls_expected_rx; + } #endif if (inSz > maxLength) { - if (GrowInputBuffer(ssl, size, usedLength) < 0) + if (GrowInputBuffer(ssl, size + dtlsExtra, usedLength) < 0) return MEMORY_E; } @@ -2555,6 +5450,9 @@ static int GetInputData(CYASSL *ssl, word32 size) if (in == WANT_READ) return WANT_READ; + + if (in > inSz) + return RECV_OVERFLOW_E; ssl->buffers.inputBuffer.length += in; inSz -= in; @@ -2564,11 +5462,82 @@ static int GetInputData(CYASSL *ssl, word32 size) return 0; } + +static INLINE int VerifyMac(CYASSL* ssl, const byte* input, word32 msgSz, + int content, word32* padSz) +{ + int ivExtra = 0; + int ret; + word32 pad = 0; + word32 padByte = 0; +#ifdef HAVE_TRUNCATED_HMAC + word32 digestSz = ssl->truncated_hmac ? TRUNCATED_HMAC_SZ + : ssl->specs.hash_size; +#else + word32 digestSz = ssl->specs.hash_size; +#endif + byte verify[MAX_DIGEST_SIZE]; + + if (ssl->specs.cipher_type == block) { + if (ssl->options.tls1_1) + ivExtra = ssl->specs.block_size; + pad = *(input + msgSz - ivExtra - 1); + padByte = 1; + + if (ssl->options.tls) { + ret = TimingPadVerify(ssl, input, pad, digestSz, msgSz - ivExtra, + content); + if (ret != 0) + return ret; + } + else { /* sslv3, some implementations have bad padding, but don't + * allow bad read */ + int badPadLen = 0; + byte dummy[MAX_PAD_SIZE]; + + XMEMSET(dummy, 1, sizeof(dummy)); + + if (pad > (msgSz - digestSz - 1)) { + CYASSL_MSG("Plain Len not long enough for pad/mac"); + pad = 0; /* no bad read */ + badPadLen = 1; + } + PadCheck(dummy, (byte)pad, MAX_PAD_SIZE); /* timing only */ + ret = ssl->hmac(ssl, verify, input, msgSz - digestSz - pad - 1, + content, 1); + if (ConstantCompare(verify, input + msgSz - digestSz - pad - 1, + digestSz) != 0) + return VERIFY_MAC_ERROR; + if (ret != 0 || badPadLen) + return VERIFY_MAC_ERROR; + } + } + else if (ssl->specs.cipher_type == stream) { + ret = ssl->hmac(ssl, verify, input, msgSz - digestSz, content, 1); + if (ConstantCompare(verify, input + msgSz - digestSz, digestSz) != 0){ + return VERIFY_MAC_ERROR; + } + if (ret != 0) + return VERIFY_MAC_ERROR; + } + + if (ssl->specs.cipher_type == aead) { + *padSz = ssl->specs.aead_mac_size; + } + else { + *padSz = digestSz + pad + padByte; + } + + return 0; +} + + /* process input requests, return 0 is done, 1 is call again to complete, and negative number is error */ int ProcessReply(CYASSL* ssl) { - int ret, type, readSz; + int ret = 0, type, readSz; + int atomicUser = 0; word32 startIdx = 0; #ifndef NO_CYASSL_SERVER byte b0, b1; @@ -2577,8 +5546,18 @@ int ProcessReply(CYASSL* ssl) int used; #endif +#ifdef ATOMIC_USER + if (ssl->ctx->DecryptVerifyCb) + atomicUser = 1; +#endif + + if (ssl->error != 0 && ssl->error != WANT_READ && ssl->error != WANT_WRITE){ + CYASSL_MSG("ProcessReply retry in error state, not allowed"); + return ssl->error; + } + for (;;) { - switch ((processReply)ssl->options.processReply) { + switch (ssl->options.processReply) { /* in the CYASSL_SERVER case, get the first byte for detecting * old client hello */ @@ -2609,7 +5588,7 @@ int ProcessReply(CYASSL* ssl) #ifndef NO_CYASSL_SERVER /* see if sending SSLv2 client hello */ - if ( ssl->options.side == SERVER_END && + if ( ssl->options.side == CYASSL_SERVER_END && ssl->options.clientState == NULL_STATE && ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx] != handshake) { @@ -2620,7 +5599,7 @@ int ProcessReply(CYASSL* ssl) ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++]; b1 = ssl->buffers.inputBuffer.buffer[ssl->buffers.inputBuffer.idx++]; - ssl->curSize = ((b0 & 0x7f) << 8) | b1; + ssl->curSize = (word16)(((b0 & 0x7f) << 8) | b1); } else { ssl->options.processReply = getRecordLayerHeader; @@ -2667,6 +5646,14 @@ int ProcessReply(CYASSL* ssl) ret = GetRecordHeader(ssl, ssl->buffers.inputBuffer.buffer, &ssl->buffers.inputBuffer.idx, &ssl->curRL, &ssl->curSize); +#ifdef CYASSL_DTLS + if (ssl->options.dtls && ret == SEQUENCE_ERROR) { + ssl->options.processReply = doProcessInit; + ssl->buffers.inputBuffer.length = 0; + ssl->buffers.inputBuffer.idx = 0; + continue; + } +#endif if (ret != 0) return ret; @@ -2696,23 +5683,89 @@ int ProcessReply(CYASSL* ssl) /* the record layer is here */ case runProcessingOneMessage: - if (ssl->keys.encryptionOn) - if (DecryptMessage(ssl, ssl->buffers.inputBuffer.buffer + - ssl->buffers.inputBuffer.idx, - ssl->curSize, - &ssl->buffers.inputBuffer.idx) < 0) + #ifdef CYASSL_DTLS + if (ssl->options.dtls && + ssl->keys.dtls_state.curEpoch < ssl->keys.dtls_state.nextEpoch) + ssl->keys.decryptedCur = 1; + #endif + + if (ssl->keys.encryptionOn && ssl->keys.decryptedCur == 0) + { + ret = SanityCheckCipherText(ssl, ssl->curSize); + if (ret < 0) + return ret; + + if (atomicUser) { + #ifdef ATOMIC_USER + ret = ssl->ctx->DecryptVerifyCb(ssl, + ssl->buffers.inputBuffer.buffer + + ssl->buffers.inputBuffer.idx, + ssl->buffers.inputBuffer.buffer + + ssl->buffers.inputBuffer.idx, + ssl->curSize, ssl->curRL.type, 1, + &ssl->keys.padSz, ssl->DecryptVerifyCtx); + if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) + ssl->buffers.inputBuffer.idx += ssl->specs.block_size; + /* go past TLSv1.1 IV */ + if (ssl->specs.cipher_type == aead) + ssl->buffers.inputBuffer.idx += AEAD_EXP_IV_SZ; + #endif /* ATOMIC_USER */ + } + else { + ret = Decrypt(ssl, ssl->buffers.inputBuffer.buffer + + ssl->buffers.inputBuffer.idx, + ssl->buffers.inputBuffer.buffer + + ssl->buffers.inputBuffer.idx, + ssl->curSize); + if (ret < 0) { + CYASSL_ERROR(ret); + return DECRYPT_ERROR; + } + if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) + ssl->buffers.inputBuffer.idx += ssl->specs.block_size; + /* go past TLSv1.1 IV */ + if (ssl->specs.cipher_type == aead) + ssl->buffers.inputBuffer.idx += AEAD_EXP_IV_SZ; + + ret = VerifyMac(ssl, ssl->buffers.inputBuffer.buffer + + ssl->buffers.inputBuffer.idx, + ssl->curSize, ssl->curRL.type, + &ssl->keys.padSz); + } + if (ret < 0) { + CYASSL_ERROR(ret); return DECRYPT_ERROR; + } + ssl->keys.encryptSz = ssl->curSize; + ssl->keys.decryptedCur = 1; + } + + if (ssl->options.dtls) { + #ifdef CYASSL_DTLS + DtlsUpdateWindow(&ssl->keys.dtls_state); + #endif /* CYASSL_DTLS */ + } CYASSL_MSG("received record layer msg"); switch (ssl->curRL.type) { case handshake : /* debugging in DoHandShakeMsg */ - if ((ret = DoHandShakeMsg(ssl, - ssl->buffers.inputBuffer.buffer, - &ssl->buffers.inputBuffer.idx, - ssl->buffers.inputBuffer.length)) - != 0) + if (!ssl->options.dtls) { + ret = DoHandShakeMsg(ssl, + ssl->buffers.inputBuffer.buffer, + &ssl->buffers.inputBuffer.idx, + ssl->buffers.inputBuffer.length); + } + else { +#ifdef CYASSL_DTLS + ret = DoDtlsHandShakeMsg(ssl, + ssl->buffers.inputBuffer.buffer, + &ssl->buffers.inputBuffer.idx, + ssl->buffers.inputBuffer.length); +#endif + } + if (ret != 0) return ret; break; @@ -2730,12 +5783,31 @@ int ProcessReply(CYASSL* ssl) AddLateRecordHeader(&ssl->curRL, &ssl->timeoutInfo); } #endif + + if (ssl->curSize != 1) { + CYASSL_MSG("Malicious or corrupted ChangeCipher msg"); + return LENGTH_ERROR; + } + #ifndef NO_CERTS + if (ssl->options.side == CYASSL_SERVER_END && + ssl->options.verifyPeer && + ssl->options.havePeerCert) + if (!ssl->options.havePeerVerify) { + CYASSL_MSG("client didn't send cert verify"); + return NO_PEER_VERIFY; + } + #endif + + ssl->buffers.inputBuffer.idx++; ssl->keys.encryptionOn = 1; #ifdef CYASSL_DTLS - if (ssl->options.dtls) - ssl->keys.dtls_peer_epoch++; + if (ssl->options.dtls) { + DtlsPoolReset(ssl); + ssl->keys.dtls_state.nextEpoch++; + ssl->keys.dtls_state.nextSeq = 0; + } #endif #ifdef HAVE_LIBZ @@ -2744,11 +5816,13 @@ int ProcessReply(CYASSL* ssl) return ret; #endif if (ssl->options.resuming && ssl->options.side == - CLIENT_END) - BuildFinished(ssl, &ssl->verifyHashes, server); + CYASSL_CLIENT_END) + ret = BuildFinished(ssl, &ssl->verifyHashes, server); else if (!ssl->options.resuming && ssl->options.side == - SERVER_END) - BuildFinished(ssl, &ssl->verifyHashes, client); + CYASSL_SERVER_END) + ret = BuildFinished(ssl, &ssl->verifyHashes, client); + if (ret != 0) + return ret; break; case application_data: @@ -2764,9 +5838,13 @@ int ProcessReply(CYASSL* ssl) case alert: CYASSL_MSG("got ALERT!"); - if (DoAlert(ssl, ssl->buffers.inputBuffer.buffer, - &ssl->buffers.inputBuffer.idx, &type) == alert_fatal) + ret = DoAlert(ssl, ssl->buffers.inputBuffer.buffer, + &ssl->buffers.inputBuffer.idx, &type, + ssl->buffers.inputBuffer.length); + if (ret == alert_fatal) return FATAL_ERROR; + else if (ret < 0) + return ret; /* catch warnings that are handled as errors */ if (type == close_notify) @@ -2805,6 +5883,7 @@ int ProcessReply(CYASSL* ssl) ssl->options.processReply = doProcessInit; continue; } + default: CYASSL_MSG("Bad process input state, programming error"); return INPUT_CASE_ERROR; @@ -2828,7 +5907,7 @@ int SendChangeCipher(CYASSL* ssl) #endif /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) return ret; /* get ouput buffer */ @@ -2839,6 +5918,12 @@ int SendChangeCipher(CYASSL* ssl) output[idx] = 1; /* turn it on */ + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } + #endif #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("ChangeCipher", &ssl->handShakeInfo); if (ssl->toInfoOn) @@ -2849,36 +5934,36 @@ int SendChangeCipher(CYASSL* ssl) if (ssl->options.groupMessages) return 0; + #ifdef CYASSL_DTLS + else if (ssl->options.dtls) { + /* If using DTLS, force the ChangeCipherSpec message to be in the + * same datagram as the finished message. */ + return 0; + } + #endif else return SendBuffered(ssl); } -static INLINE const byte* GetMacSecret(CYASSL* ssl, int verify) -{ - if ( (ssl->options.side == CLIENT_END && !verify) || - (ssl->options.side == SERVER_END && verify) ) - return ssl->keys.client_write_MAC_secret; - else - return ssl->keys.server_write_MAC_secret; -} - - -static void Hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, +#ifndef NO_OLD_TLS +static int SSL_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, int content, int verify) { - byte result[SHA256_DIGEST_SIZE]; /* max possible sizes */ + byte result[MAX_DIGEST_SIZE]; word32 digestSz = ssl->specs.hash_size; /* actual sizes */ word32 padSz = ssl->specs.pad_size; + int ret = 0; Md5 md5; Sha sha; /* data */ - byte seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 }; + byte seq[SEQ_SZ]; byte conLen[ENUM_LEN + LENGTH_SZ]; /* content & length */ - const byte* macSecret = GetMacSecret(ssl, verify); + const byte* macSecret = CyaSSL_GetMacSecret(ssl, verify); + XMEMSET(seq, 0, SEQ_SZ); conLen[0] = (byte)content; c16toa((word16)sz, &conLen[ENUM_LEN]); c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]); @@ -2900,7 +5985,9 @@ static void Hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, Md5Final(&md5, digest); } else { - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + return ret; /* inner */ ShaUpdate(&sha, macSecret, digestSz); ShaUpdate(&sha, PAD1, padSz); @@ -2915,20 +6002,21 @@ static void Hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, ShaUpdate(&sha, result, digestSz); ShaFinal(&sha, digest); } + return 0; } - +#ifndef NO_CERTS static void BuildMD5_CertVerify(CYASSL* ssl, byte* digest) { byte md5_result[MD5_DIGEST_SIZE]; /* make md5 inner */ - Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); + Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, PAD1, PAD_MD5); Md5Final(&ssl->hashMd5, md5_result); /* make md5 outer */ - Md5Update(&ssl->hashMd5, ssl->arrays.masterSecret, SECRET_LEN); + Md5Update(&ssl->hashMd5, ssl->arrays->masterSecret, SECRET_LEN); Md5Update(&ssl->hashMd5, PAD2, PAD_MD5); Md5Update(&ssl->hashMd5, md5_result, MD5_DIGEST_SIZE); @@ -2941,35 +6029,58 @@ static void BuildSHA_CertVerify(CYASSL* ssl, byte* digest) byte sha_result[SHA_DIGEST_SIZE]; /* make sha inner */ - ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); + ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, PAD1, PAD_SHA); ShaFinal(&ssl->hashSha, sha_result); /* make sha outer */ - ShaUpdate(&ssl->hashSha, ssl->arrays.masterSecret, SECRET_LEN); + ShaUpdate(&ssl->hashSha, ssl->arrays->masterSecret, SECRET_LEN); ShaUpdate(&ssl->hashSha, PAD2, PAD_SHA); ShaUpdate(&ssl->hashSha, sha_result, SHA_DIGEST_SIZE); ShaFinal(&ssl->hashSha, digest); } +#endif /* NO_CERTS */ +#endif /* NO_OLD_TLS */ -static void BuildCertHashes(CYASSL* ssl, Hashes* hashes) +#ifndef NO_CERTS + +static int BuildCertHashes(CYASSL* ssl, Hashes* hashes) { /* store current states, building requires get_digest which resets state */ + #ifndef NO_OLD_TLS Md5 md5 = ssl->hashMd5; Sha sha = ssl->hashSha; -#ifndef NO_SHA256 /* for possible future changes */ - Sha256 sha256; - InitSha256(&sha256); - if (IsAtLeastTLSv1_2(ssl)) - sha256 = ssl->hashSha256; -#endif - + #endif + #ifndef NO_SHA256 + Sha256 sha256 = ssl->hashSha256; + #endif + #ifdef CYASSL_SHA384 + Sha384 sha384 = ssl->hashSha384; + #endif + if (ssl->options.tls) { +#if ! defined( NO_OLD_TLS ) Md5Final(&ssl->hashMd5, hashes->md5); ShaFinal(&ssl->hashSha, hashes->sha); +#endif + if (IsAtLeastTLSv1_2(ssl)) { + int ret; + + #ifndef NO_SHA256 + ret = Sha256Final(&ssl->hashSha256, hashes->sha256); + if (ret != 0) + return ret; + #endif + #ifdef CYASSL_SHA384 + ret = Sha384Final(&ssl->hashSha384, hashes->sha384); + if (ret != 0) + return ret; + #endif + } } +#if ! defined( NO_OLD_TLS ) else { BuildMD5_CertVerify(ssl, hashes->md5); BuildSHA_CertVerify(ssl, hashes->sha); @@ -2978,18 +6089,31 @@ static void BuildCertHashes(CYASSL* ssl, Hashes* hashes) /* restore */ ssl->hashMd5 = md5; ssl->hashSha = sha; -#ifndef NO_SHA256 - if (IsAtLeastTLSv1_2(ssl)) - ssl->hashSha256 = sha256; #endif + if (IsAtLeastTLSv1_2(ssl)) { + #ifndef NO_SHA256 + ssl->hashSha256 = sha256; + #endif + #ifdef CYASSL_SHA384 + ssl->hashSha384 = sha384; + #endif + } + + return 0; } +#endif /* CYASSL_LEANPSK */ /* Build SSL Message, encrypted */ -static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, - int type) +static int BuildMessage(CYASSL* ssl, byte* output, int outSz, + const byte* input, int inSz, int type) { +#ifdef HAVE_TRUNCATED_HMAC + word32 digestSz = min(ssl->specs.hash_size, + ssl->truncated_hmac ? TRUNCATED_HMAC_SZ : ssl->specs.hash_size); +#else word32 digestSz = ssl->specs.hash_size; +#endif word32 sz = RECORD_HEADER_SZ + inSz + digestSz; word32 pad = 0, i; word32 idx = RECORD_HEADER_SZ; @@ -2997,6 +6121,8 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, word32 headerSz = RECORD_HEADER_SZ; word16 size; byte iv[AES_BLOCK_SIZE]; /* max size */ + int ret = 0; + int atomicUser = 0; #ifdef CYASSL_DTLS if (ssl->options.dtls) { @@ -3006,12 +6132,21 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, } #endif +#ifdef ATOMIC_USER + if (ssl->ctx->MacEncryptCb) + atomicUser = 1; +#endif + if (ssl->specs.cipher_type == block) { word32 blockSz = ssl->specs.block_size; if (ssl->options.tls1_1) { ivSz = blockSz; sz += ivSz; - RNG_GenerateBlock(&ssl->rng, iv, ivSz); + + ret = RNG_GenerateBlock(ssl->rng, iv, ivSz); + if (ret != 0) + return ret; + } sz += 1; /* pad byte */ pad = (sz - headerSz) % blockSz; @@ -3019,13 +6154,17 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, sz += pad; } -#ifdef BUILD_AESGCM +#ifdef HAVE_AEAD if (ssl->specs.cipher_type == aead) { - ivSz = AES_GCM_EXP_IV_SZ; - sz += (ivSz + 16 - digestSz); - AesGcmGetExpIV(&ssl->encrypt.aes, iv); + ivSz = AEAD_EXP_IV_SZ; + sz += (ivSz + ssl->specs.aead_mac_size - digestSz); + XMEMCPY(iv, ssl->keys.aead_exp_IV, AEAD_EXP_IV_SZ); } #endif + if (sz > (word32)outSz) { + CYASSL_MSG("Oops, want to write past output buffer size"); + return BUFFER_E; + } size = (word16)(sz - headerSz); /* include mac and digest */ AddRecordHeader(output, size, (byte)type, ssl); @@ -3037,18 +6176,48 @@ static int BuildMessage(CYASSL* ssl, byte* output, const byte* input, int inSz, XMEMCPY(output + idx, input, inSz); idx += inSz; - if (type == handshake) - HashOutput(ssl, output, headerSz + inSz, ivSz); - if (ssl->specs.cipher_type != aead) { - ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz, type, 0); - idx += digestSz; + if (type == handshake) { + ret = HashOutput(ssl, output, headerSz + inSz, ivSz); + if (ret != 0) + return ret; } - if (ssl->specs.cipher_type == block) + if (ssl->specs.cipher_type == block) { + word32 tmpIdx = idx + digestSz; + for (i = 0; i <= pad; i++) - output[idx++] = (byte)pad; /* pad byte gets pad value too */ + output[tmpIdx++] = (byte)pad; /* pad byte gets pad value too */ + } + + if (atomicUser) { /* User Record Layer Callback handling */ +#ifdef ATOMIC_USER + if ( (ret = ssl->ctx->MacEncryptCb(ssl, output + idx, + output + headerSz + ivSz, inSz, type, 0, + output + headerSz, output + headerSz, size, + ssl->MacEncryptCtx)) != 0) + return ret; +#endif + } + else { + if (ssl->specs.cipher_type != aead) { +#ifdef HAVE_TRUNCATED_HMAC + if (ssl->truncated_hmac && ssl->specs.hash_size > digestSz) { + byte hmac[MAX_DIGEST_SIZE]; + + ret = ssl->hmac(ssl, hmac, output + headerSz + ivSz, inSz, + type, 0); + XMEMCPY(output + idx, hmac, digestSz); + } else +#endif + ret = ssl->hmac(ssl, output+idx, output + headerSz + ivSz, inSz, + type, 0); + } + if (ret != 0) + return ret; - Encrypt(ssl, output + headerSz, output + headerSz, size); + if ( (ret = Encrypt(ssl, output + headerSz, output+headerSz,size)) != 0) + return ret; + } return sz; } @@ -3064,19 +6233,28 @@ int SendFinished(CYASSL* ssl) Hashes* hashes; int ret; int headerSz = HANDSHAKE_HEADER_SZ; + int outputSz; + #ifdef CYASSL_DTLS + word32 sequence_number = ssl->keys.dtls_sequence_number; + word16 epoch = ssl->keys.dtls_epoch; + #endif + + + /* check for available size */ + outputSz = sizeof(input) + MAX_MSG_EXTRA; + if ((ret = CheckAvailableSize(ssl, outputSz)) != 0) + return ret; #ifdef CYASSL_DTLS if (ssl->options.dtls) { + /* Send Finished message with the next epoch, but don't commit that + * change until the other end confirms its reception. */ headerSz += DTLS_HANDSHAKE_EXTRA; ssl->keys.dtls_epoch++; ssl->keys.dtls_sequence_number = 0; /* reset after epoch change */ } #endif - - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sizeof(input) + MAX_MSG_EXTRA)) != 0) - return ret; /* get ouput buffer */ output = ssl->buffers.outputBuffer.buffer + @@ -3086,28 +6264,65 @@ int SendFinished(CYASSL* ssl) /* make finished hashes */ hashes = (Hashes*)&input[headerSz]; - BuildFinished(ssl, hashes, ssl->options.side == CLIENT_END ? client : - server); + ret = BuildFinished(ssl, hashes, + ssl->options.side == CYASSL_CLIENT_END ? client : server); + if (ret != 0) return ret; - if ( (sendSz = BuildMessage(ssl, output, input, headerSz + - finishedSz, handshake)) < 0) + sendSz = BuildMessage(ssl, output, outputSz, input, headerSz + finishedSz, + handshake); + if (sendSz < 0) return BUILD_MSG_ERROR; + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + ssl->keys.dtls_epoch = epoch; + ssl->keys.dtls_sequence_number = sequence_number; + } + #endif + if (!ssl->options.resuming) { #ifndef NO_SESSION_CACHE AddSession(ssl); /* just try */ #endif - if (ssl->options.side == CLIENT_END) - BuildFinished(ssl, &ssl->verifyHashes, server); - else + if (ssl->options.side == CYASSL_CLIENT_END) { + ret = BuildFinished(ssl, &ssl->verifyHashes, server); + if (ret != 0) return ret; + } + else { ssl->options.handShakeState = HANDSHAKE_DONE; + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + /* Other side will soon receive our Finished, go to next + * epoch. */ + ssl->keys.dtls_epoch++; + ssl->keys.dtls_sequence_number = 1; + } + #endif + } } else { - if (ssl->options.side == CLIENT_END) + if (ssl->options.side == CYASSL_CLIENT_END) { ssl->options.handShakeState = HANDSHAKE_DONE; - else - BuildFinished(ssl, &ssl->verifyHashes, client); + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + /* Other side will soon receive our Finished, go to next + * epoch. */ + ssl->keys.dtls_epoch++; + ssl->keys.dtls_sequence_number = 1; + } + #endif + } + else { + ret = BuildFinished(ssl, &ssl->verifyHashes, client); + if (ret != 0) return ret; + } } + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } + #endif #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("Finished", &ssl->handShakeInfo); @@ -3121,7 +6336,7 @@ int SendFinished(CYASSL* ssl) return SendBuffered(ssl); } - +#ifndef NO_CERTS int SendCertificate(CYASSL* ssl) { int sendSz, length, ret = 0; @@ -3157,8 +6372,8 @@ int SendCertificate(CYASSL* ssl) } #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) return ret; /* get ouput buffer */ @@ -3182,10 +6397,21 @@ int SendCertificate(CYASSL* ssl) if (ssl->buffers.certChain.buffer) { XMEMCPY(output + i, ssl->buffers.certChain.buffer, ssl->buffers.certChain.length); - i += ssl->buffers.certChain.length; + /* if add more to output adjust i + i += ssl->buffers.certChain.length; */ } } - HashOutput(ssl, output, sendSz, 0); + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } + #endif + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; + #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("Certificate", &ssl->handShakeInfo); if (ssl->toInfoOn) @@ -3193,7 +6419,7 @@ int SendCertificate(CYASSL* ssl) ssl->heap); #endif - if (ssl->options.side == SERVER_END) + if (ssl->options.side == CYASSL_SERVER_END) ssl->options.serverState = SERVER_CERT_COMPLETE; ssl->buffers.outputBuffer.length += sendSz; @@ -3211,11 +6437,11 @@ int SendCertificateRequest(CYASSL* ssl) int sendSz; word32 i = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; - int typeTotal = 1; /* only rsa for now */ + int typeTotal = 1; /* only 1 for now */ int reqSz = ENUM_LEN + typeTotal + REQ_HEADER_SZ; /* add auth later */ if (IsAtLeastTLSv1_2(ssl)) - reqSz += LENGTH_SZ + HASH_SIG_SIZE; + reqSz += LENGTH_SZ + ssl->suites->hashSigAlgoSz; if (ssl->options.usingPSK_cipher) return 0; /* not needed */ @@ -3227,8 +6453,8 @@ int SendCertificateRequest(CYASSL* ssl) i += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; } #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) return ret; /* get ouput buffer */ @@ -3239,21 +6465,40 @@ int SendCertificateRequest(CYASSL* ssl) /* write to output */ output[i++] = (byte)typeTotal; /* # of types */ - output[i++] = rsa_sign; +#ifdef HAVE_ECC + if (ssl->options.cipherSuite0 == ECC_BYTE && + ssl->specs.sig_algo == ecc_dsa_sa_algo) { + output[i++] = ecdsa_sign; + } else +#endif /* HAVE_ECC */ + { + output[i++] = rsa_sign; + } /* supported hash/sig */ if (IsAtLeastTLSv1_2(ssl)) { - c16toa(HASH_SIG_SIZE, &output[i]); + c16toa(ssl->suites->hashSigAlgoSz, &output[i]); i += LENGTH_SZ; - output[i++] = sha_mac; /* hash */ - output[i++] = rsa_sa_algo; /* sig */ + XMEMCPY(&output[i], + ssl->suites->hashSigAlgo, ssl->suites->hashSigAlgoSz); + i += ssl->suites->hashSigAlgoSz; } c16toa(0, &output[i]); /* auth's */ - i += REQ_HEADER_SZ; + /* if add more to output, adjust i + i += REQ_HEADER_SZ; */ + + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } + #endif - HashOutput(ssl, output, sendSz, 0); + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -3268,13 +6513,15 @@ int SendCertificateRequest(CYASSL* ssl) else return SendBuffered(ssl); } +#endif /* !NO_CERTS */ int SendData(CYASSL* ssl, const void* data, int sz) { int sent = 0, /* plainText size */ sendSz, - ret; + ret, + dtlsExtra = 0; if (ssl->error == WANT_WRITE) ssl->error = 0; @@ -3282,7 +6529,7 @@ int SendData(CYASSL* ssl, const void* data, int sz) if (ssl->options.handShakeState != HANDSHAKE_DONE) { int err; CYASSL_MSG("handshake not complete, trying to finish"); - if ( (err = CyaSSL_negotiate(ssl)) != 0) + if ( (err = CyaSSL_negotiate(ssl)) != SSL_SUCCESS) return err; } @@ -3302,11 +6549,22 @@ int SendData(CYASSL* ssl, const void* data, int sz) } } +#ifdef CYASSL_DTLS + if (ssl->options.dtls) { + dtlsExtra = DTLS_RECORD_EXTRA; + } +#endif + for (;;) { +#ifdef HAVE_MAX_FRAGMENT + int len = min(sz - sent, min(ssl->max_fragment, OUTPUT_RECORD_SIZE)); +#else int len = min(sz - sent, OUTPUT_RECORD_SIZE); +#endif byte* out; byte* sendBuffer = (byte*)data + sent; /* may switch on comp */ - int buffSz = len; /* may switch on comp */ + int buffSz = len; /* may switch on comp */ + int outputSz; #ifdef HAVE_LIBZ byte comp[MAX_RECORD_SIZE + MAX_COMP_EXTRA]; #endif @@ -3320,10 +6578,10 @@ int SendData(CYASSL* ssl, const void* data, int sz) } #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, len + COMP_EXTRA + - MAX_MSG_EXTRA)) != 0) - return ret; + /* check for available size */ + outputSz = len + COMP_EXTRA + dtlsExtra + MAX_MSG_EXTRA; + if ((ret = CheckAvailableSize(ssl, outputSz)) != 0) + return ssl->error = ret; /* get ouput buffer */ out = ssl->buffers.outputBuffer.buffer + @@ -3331,15 +6589,17 @@ int SendData(CYASSL* ssl, const void* data, int sz) #ifdef HAVE_LIBZ if (ssl->options.usingCompression) { - buffSz = Compress(ssl, sendBuffer, buffSz, comp, sizeof(comp)); + buffSz = myCompress(ssl, sendBuffer, buffSz, comp, sizeof(comp)); if (buffSz < 0) { return buffSz; } sendBuffer = comp; } #endif - sendSz = BuildMessage(ssl, out, sendBuffer, buffSz, + sendSz = BuildMessage(ssl, out, outputSz, sendBuffer, buffSz, application_data); + if (sendSz < 0) + return BUILD_MSG_ERROR; ssl->buffers.outputBuffer.length += sendSz; @@ -3367,7 +6627,7 @@ int SendData(CYASSL* ssl, const void* data, int sz) } /* process input data */ -int ReceiveData(CYASSL* ssl, byte* output, int sz) +int ReceiveData(CYASSL* ssl, byte* output, int sz, int peek) { int size; @@ -3376,10 +6636,15 @@ int ReceiveData(CYASSL* ssl, byte* output, int sz) if (ssl->error == WANT_READ) ssl->error = 0; + if (ssl->error != 0 && ssl->error != WANT_WRITE) { + CYASSL_MSG("User calling CyaSSL_read in error state, not allowed"); + return ssl->error; + } + if (ssl->options.handShakeState != HANDSHAKE_DONE) { int err; CYASSL_MSG("Handshake not complete, trying to finish"); - if ( (err = CyaSSL_negotiate(ssl)) != 0) + if ( (err = CyaSSL_negotiate(ssl)) != SSL_SUCCESS) return err; } @@ -3388,7 +6653,6 @@ int ReceiveData(CYASSL* ssl, byte* output, int sz) CYASSL_ERROR(ssl->error); if (ssl->error == ZERO_RETURN) { CYASSL_MSG("Zero return, no more data coming"); - ssl->options.isClosed = 1; return 0; /* no more data coming */ } if (ssl->error == SOCKET_ERROR_E) { @@ -3406,8 +6670,11 @@ int ReceiveData(CYASSL* ssl, byte* output, int sz) size = ssl->buffers.clearOutputBuffer.length; XMEMCPY(output, ssl->buffers.clearOutputBuffer.buffer, size); - ssl->buffers.clearOutputBuffer.length -= size; - ssl->buffers.clearOutputBuffer.buffer += size; + + if (peek == 0) { + ssl->buffers.clearOutputBuffer.length -= size; + ssl->buffers.clearOutputBuffer.buffer += size; + } if (ssl->buffers.clearOutputBuffer.length == 0 && ssl->buffers.inputBuffer.dynamicFlag) @@ -3425,6 +6692,8 @@ int SendAlert(CYASSL* ssl, int severity, int type) byte *output; int sendSz; int ret; + int outputSz; + int dtlsExtra = 0; /* if sendalert is called again for nonbloking */ if (ssl->options.sendAlertState != 0) { @@ -3434,8 +6703,14 @@ int SendAlert(CYASSL* ssl, int severity, int type) return ret; } - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, ALERT_SIZE + MAX_MSG_EXTRA)) != 0) + #ifdef CYASSL_DTLS + if (ssl->options.dtls) + dtlsExtra = DTLS_RECORD_EXTRA; + #endif + + /* check for available size */ + outputSz = ALERT_SIZE + MAX_MSG_EXTRA + dtlsExtra; + if ((ret = CheckAvailableSize(ssl, outputSz)) != 0) return ret; /* get ouput buffer */ @@ -3444,18 +6719,34 @@ int SendAlert(CYASSL* ssl, int severity, int type) input[0] = (byte)severity; input[1] = (byte)type; + ssl->alert_history.last_tx.code = type; + ssl->alert_history.last_tx.level = severity; + if (severity == alert_fatal) { + ssl->options.isClosed = 1; /* Don't send close_notify */ + } - if (ssl->keys.encryptionOn) - sendSz = BuildMessage(ssl, output, input, ALERT_SIZE, alert); + /* only send encrypted alert if handshake actually complete, otherwise + other side may not be able to handle it */ + if (ssl->keys.encryptionOn && ssl->options.handShakeState == HANDSHAKE_DONE) + sendSz = BuildMessage(ssl, output, outputSz, input, ALERT_SIZE, alert); else { - RecordLayerHeader *const rl = (RecordLayerHeader*)output; - rl->type = alert; - rl->version = ssl->version; - c16toa(ALERT_SIZE, rl->length); - XMEMCPY(output + RECORD_HEADER_SZ, input, ALERT_SIZE); + AddRecordHeader(output, ALERT_SIZE, alert, ssl); + output += RECORD_HEADER_SZ; + #ifdef CYASSL_DTLS + if (ssl->options.dtls) + output += DTLS_RECORD_EXTRA; + #endif + XMEMCPY(output, input, ALERT_SIZE); + sendSz = RECORD_HEADER_SZ + ALERT_SIZE; + #ifdef CYASSL_DTLS + if (ssl->options.dtls) + sendSz += DTLS_RECORD_EXTRA; + #endif } + if (sendSz < 0) + return BUILD_MSG_ERROR; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -3470,321 +6761,300 @@ int SendAlert(CYASSL* ssl, int severity, int type) return SendBuffered(ssl); } - - -void SetErrorString(int error, char* str) +const char* CyaSSL_ERR_reason_error_string(unsigned long e) { - const int max = MAX_ERROR_SZ; /* shorthand */ - #ifdef NO_ERROR_STRINGS - XSTRNCPY(str, "no support for error strings built in", max); + (void)e; + return "no support for error strings built in"; #else + int error = (int)e; + /* pass to CTaoCrypt */ if (error < MAX_CODE_E && error > MIN_CODE_E) { - CTaoCryptErrorString(error, str); - return; + return CTaoCryptGetErrorString(error); } switch (error) { case UNSUPPORTED_SUITE : - XSTRNCPY(str, "unsupported cipher suite", max); - break; + return "unsupported cipher suite"; case INPUT_CASE_ERROR : - XSTRNCPY(str, "input state error", max); - break; + return "input state error"; case PREFIX_ERROR : - XSTRNCPY(str, "bad index to key rounds", max); - break; + return "bad index to key rounds"; case MEMORY_ERROR : - XSTRNCPY(str, "out of memory", max); - break; + return "out of memory"; case VERIFY_FINISHED_ERROR : - XSTRNCPY(str, "verify problem on finished", max); - break; + return "verify problem on finished"; case VERIFY_MAC_ERROR : - XSTRNCPY(str, "verify mac problem", max); - break; + return "verify mac problem"; case PARSE_ERROR : - XSTRNCPY(str, "parse error on header", max); - break; + return "parse error on header"; case SIDE_ERROR : - XSTRNCPY(str, "wrong client/server type", max); - break; + return "wrong client/server type"; case NO_PEER_CERT : - XSTRNCPY(str, "peer didn't send cert", max); - break; + return "peer didn't send cert"; case UNKNOWN_HANDSHAKE_TYPE : - XSTRNCPY(str, "weird handshake type", max); - break; + return "weird handshake type"; case SOCKET_ERROR_E : - XSTRNCPY(str, "error state on socket", max); - break; + return "error state on socket"; case SOCKET_NODATA : - XSTRNCPY(str, "expected data, not there", max); - break; + return "expected data, not there"; case INCOMPLETE_DATA : - XSTRNCPY(str, "don't have enough data to complete task", max); - break; + return "don't have enough data to complete task"; case UNKNOWN_RECORD_TYPE : - XSTRNCPY(str, "unknown type in record hdr", max); - break; + return "unknown type in record hdr"; case DECRYPT_ERROR : - XSTRNCPY(str, "error during decryption", max); - break; + return "error during decryption"; case FATAL_ERROR : - XSTRNCPY(str, "revcd alert fatal error", max); - break; + return "revcd alert fatal error"; case ENCRYPT_ERROR : - XSTRNCPY(str, "error during encryption", max); - break; + return "error during encryption"; case FREAD_ERROR : - XSTRNCPY(str, "fread problem", max); - break; + return "fread problem"; case NO_PEER_KEY : - XSTRNCPY(str, "need peer's key", max); - break; + return "need peer's key"; case NO_PRIVATE_KEY : - XSTRNCPY(str, "need the private key", max); - break; + return "need the private key"; case NO_DH_PARAMS : - XSTRNCPY(str, "server missing DH params", max); - break; + return "server missing DH params"; case RSA_PRIVATE_ERROR : - XSTRNCPY(str, "error during rsa priv op", max); - break; + return "error during rsa priv op"; case MATCH_SUITE_ERROR : - XSTRNCPY(str, "can't match cipher suite", max); - break; + return "can't match cipher suite"; case BUILD_MSG_ERROR : - XSTRNCPY(str, "build message failure", max); - break; + return "build message failure"; case BAD_HELLO : - XSTRNCPY(str, "client hello malformed", max); - break; + return "client hello malformed"; case DOMAIN_NAME_MISMATCH : - XSTRNCPY(str, "peer subject name mismatch", max); - break; + return "peer subject name mismatch"; case WANT_READ : - XSTRNCPY(str, "non-blocking socket wants data to be read", max); - break; + case SSL_ERROR_WANT_READ : + return "non-blocking socket wants data to be read"; case NOT_READY_ERROR : - XSTRNCPY(str, "handshake layer not ready yet, complete first", max); - break; + return "handshake layer not ready yet, complete first"; case PMS_VERSION_ERROR : - XSTRNCPY(str, "premaster secret version mismatch error", max); - break; + return "premaster secret version mismatch error"; case VERSION_ERROR : - XSTRNCPY(str, "record layer version error", max); - break; + return "record layer version error"; case WANT_WRITE : - XSTRNCPY(str, "non-blocking socket write buffer full", max); - break; + case SSL_ERROR_WANT_WRITE : + return "non-blocking socket write buffer full"; case BUFFER_ERROR : - XSTRNCPY(str, "malformed buffer input error", max); - break; + return "malformed buffer input error"; case VERIFY_CERT_ERROR : - XSTRNCPY(str, "verify problem on certificate", max); - break; + return "verify problem on certificate"; case VERIFY_SIGN_ERROR : - XSTRNCPY(str, "verify problem based on signature", max); - break; + return "verify problem based on signature"; case CLIENT_ID_ERROR : - XSTRNCPY(str, "psk client identity error", max); - break; + return "psk client identity error"; case SERVER_HINT_ERROR: - XSTRNCPY(str, "psk server hint error", max); - break; + return "psk server hint error"; case PSK_KEY_ERROR: - XSTRNCPY(str, "psk key callback error", max); - break; + return "psk key callback error"; case NTRU_KEY_ERROR: - XSTRNCPY(str, "NTRU key error", max); - break; + return "NTRU key error"; case NTRU_DRBG_ERROR: - XSTRNCPY(str, "NTRU drbg error", max); - break; + return "NTRU drbg error"; case NTRU_ENCRYPT_ERROR: - XSTRNCPY(str, "NTRU encrypt error", max); - break; + return "NTRU encrypt error"; case NTRU_DECRYPT_ERROR: - XSTRNCPY(str, "NTRU decrypt error", max); - break; + return "NTRU decrypt error"; case ZLIB_INIT_ERROR: - XSTRNCPY(str, "zlib init error", max); - break; + return "zlib init error"; case ZLIB_COMPRESS_ERROR: - XSTRNCPY(str, "zlib compress error", max); - break; + return "zlib compress error"; case ZLIB_DECOMPRESS_ERROR: - XSTRNCPY(str, "zlib decompress error", max); - break; + return "zlib decompress error"; case GETTIME_ERROR: - XSTRNCPY(str, "gettimeofday() error", max); - break; + return "gettimeofday() error"; case GETITIMER_ERROR: - XSTRNCPY(str, "getitimer() error", max); - break; + return "getitimer() error"; case SIGACT_ERROR: - XSTRNCPY(str, "sigaction() error", max); - break; + return "sigaction() error"; case SETITIMER_ERROR: - XSTRNCPY(str, "setitimer() error", max); - break; + return "setitimer() error"; case LENGTH_ERROR: - XSTRNCPY(str, "record layer length error", max); - break; + return "record layer length error"; case PEER_KEY_ERROR: - XSTRNCPY(str, "cant decode peer key", max); - break; + return "cant decode peer key"; case ZERO_RETURN: - XSTRNCPY(str, "peer sent close notify alert", max); - break; + case SSL_ERROR_ZERO_RETURN: + return "peer sent close notify alert"; case ECC_CURVETYPE_ERROR: - XSTRNCPY(str, "Bad ECC Curve Type or unsupported", max); - break; + return "Bad ECC Curve Type or unsupported"; case ECC_CURVE_ERROR: - XSTRNCPY(str, "Bad ECC Curve or unsupported", max); - break; + return "Bad ECC Curve or unsupported"; case ECC_PEERKEY_ERROR: - XSTRNCPY(str, "Bad ECC Peer Key", max); - break; + return "Bad ECC Peer Key"; case ECC_MAKEKEY_ERROR: - XSTRNCPY(str, "ECC Make Key failure", max); - break; + return "ECC Make Key failure"; case ECC_EXPORT_ERROR: - XSTRNCPY(str, "ECC Export Key failure", max); - break; + return "ECC Export Key failure"; case ECC_SHARED_ERROR: - XSTRNCPY(str, "ECC DHE shared failure", max); - break; - - case BAD_MUTEX_ERROR: - XSTRNCPY(str, "Bad mutex, operation failed", max); - break; + return "ECC DHE shared failure"; case NOT_CA_ERROR: - XSTRNCPY(str, "Not a CA by basic constraint error", max); - break; + return "Not a CA by basic constraint error"; case BAD_PATH_ERROR: - XSTRNCPY(str, "Bad path for opendir error", max); - break; + return "Bad path for opendir error"; case BAD_CERT_MANAGER_ERROR: - XSTRNCPY(str, "Bad Cert Manager error", max); - break; + return "Bad Cert Manager error"; case OCSP_CERT_REVOKED: - XSTRNCPY(str, "OCSP Cert revoked", max); - break; + return "OCSP Cert revoked"; case CRL_CERT_REVOKED: - XSTRNCPY(str, "CRL Cert revoked", max); - break; + return "CRL Cert revoked"; case CRL_MISSING: - XSTRNCPY(str, "CRL missing, not loaded", max); - break; + return "CRL missing, not loaded"; case MONITOR_RUNNING_E: - XSTRNCPY(str, "CRL monitor already running", max); - break; + return "CRL monitor already running"; case THREAD_CREATE_E: - XSTRNCPY(str, "Thread creation problem", max); - break; + return "Thread creation problem"; case OCSP_NEED_URL: - XSTRNCPY(str, "OCSP need URL", max); - break; + return "OCSP need URL"; case OCSP_CERT_UNKNOWN: - XSTRNCPY(str, "OCSP Cert unknown", max); - break; + return "OCSP Cert unknown"; case OCSP_LOOKUP_FAIL: - XSTRNCPY(str, "OCSP Responder lookup fail", max); - break; + return "OCSP Responder lookup fail"; case MAX_CHAIN_ERROR: - XSTRNCPY(str, "Maximum Chain Depth Exceeded", max); - break; + return "Maximum Chain Depth Exceeded"; case COOKIE_ERROR: - XSTRNCPY(str, "DTLS Cookie Error", max); - break; + return "DTLS Cookie Error"; + + case SEQUENCE_ERROR: + return "DTLS Sequence Error"; + + case SUITES_ERROR: + return "Suites Pointer Error"; + + case SSL_NO_PEM_HEADER: + return "No PEM Header Error"; + + case OUT_OF_ORDER_E: + return "Out of order message, fatal"; + + case BAD_KEA_TYPE_E: + return "Bad KEA type found"; + + case SANITY_CIPHER_E: + return "Sanity check on ciphertext failed"; + + case RECV_OVERFLOW_E: + return "Receive callback returned more than requested"; + + case GEN_COOKIE_E: + return "Generate Cookie Error"; + + case NO_PEER_VERIFY: + return "Need peer certificate verify Error"; + + case FWRITE_ERROR: + return "fwrite Error"; + + case CACHE_MATCH_ERROR: + return "Cache restore header match Error"; + + case UNKNOWN_SNI_HOST_NAME_E: + return "Unrecognized host name Error"; + + case KEYUSE_SIGNATURE_E: + return "Key Use digitalSignature not set Error"; + + case KEYUSE_ENCIPHER_E: + return "Key Use keyEncipherment not set Error"; + + case EXTKEYUSE_AUTH_E: + return "Ext Key Use server/client auth not set Error"; + + case SEND_OOB_READ_E: + return "Send Callback Out of Bounds Read Error"; default : - XSTRNCPY(str, "unknown error number", max); + return "unknown error number"; } #endif /* NO_ERROR_STRINGS */ } +void SetErrorString(int error, char* str) +{ + XSTRNCPY(str, CyaSSL_ERR_reason_error_string(error), CYASSL_MAX_ERROR_SZ); +} /* be sure to add to cipher_name_idx too !!!! */ -const char* const cipher_names[] = +static const char* const cipher_names[] = { #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA "RC4-SHA", @@ -3806,6 +7076,14 @@ const char* const cipher_names[] = "AES256-SHA", #endif +#ifdef BUILD_TLS_RSA_WITH_NULL_SHA + "NULL-SHA", +#endif + +#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256 + "NULL-SHA256", +#endif + #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA "DHE-RSA-AES128-SHA", #endif @@ -3814,6 +7092,38 @@ const char* const cipher_names[] = "DHE-RSA-AES256-SHA", #endif +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + "DHE-PSK-AES256-GCM-SHA384", +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + "DHE-PSK-AES128-GCM-SHA256", +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 + "PSK-AES256-GCM-SHA384", +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 + "PSK-AES128-GCM-SHA256", +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + "DHE-PSK-AES256-CBC-SHA384", +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + "DHE-PSK-AES128-CBC-SHA256", +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 + "PSK-AES256-CBC-SHA384", +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 + "PSK-AES128-CBC-SHA256", +#endif + #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA "PSK-AES128-CBC-SHA", #endif @@ -3822,15 +7132,71 @@ const char* const cipher_names[] = "PSK-AES256-CBC-SHA", #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_MD5 +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM + "DHE-PSK-AES128-CCM", +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM + "DHE-PSK-AES256-CCM", +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM + "PSK-AES128-CCM", +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM + "PSK-AES256-CCM", +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8 + "PSK-AES128-CCM-8", +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8 + "PSK-AES256-CCM-8", +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 + "DHE-PSK-NULL-SHA384", +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 + "DHE-PSK-NULL-SHA256", +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384 + "PSK-NULL-SHA384", +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 + "PSK-NULL-SHA256", +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA + "PSK-NULL-SHA", +#endif + +#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5 "HC128-MD5", #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_SHA +#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA "HC128-SHA", #endif -#ifdef BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA +#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 + "HC128-B2B256", +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 + "AES128-B2B256", +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 + "AES256-B2B256", +#endif + +#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA "RABBIT-SHA", #endif @@ -3838,16 +7204,32 @@ const char* const cipher_names[] = "NTRU-RC4-SHA", #endif -#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA - "NTRU-DES-CBC3-SHA", +#ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA + "NTRU-DES-CBC3-SHA", +#endif + +#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA + "NTRU-AES128-SHA", +#endif + +#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA + "NTRU-AES256-SHA", +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8 + "AES128-CCM-8", +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8 + "AES256-CCM-8", #endif -#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA - "NTRU-AES128-SHA", +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + "ECDHE-ECDSA-AES128-CCM-8", #endif -#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA - "NTRU-AES256-SHA", +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 + "ECDHE-ECDSA-AES256-CCM-8", #endif #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA @@ -3975,7 +7357,71 @@ const char* const cipher_names[] = #endif #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - "ECDH-ECDSA-AES256-GCM-SHA384" + "ECDH-ECDSA-AES256-GCM-SHA384", +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + "CAMELLIA128-SHA", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + "DHE-RSA-CAMELLIA128-SHA", +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + "CAMELLIA256-SHA", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + "DHE-RSA-CAMELLIA256-SHA", +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + "CAMELLIA128-SHA256", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + "DHE-RSA-CAMELLIA128-SHA256", +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + "CAMELLIA256-SHA256", +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + "DHE-RSA-CAMELLIA256-SHA256", +#endif + +#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + "ECDHE-RSA-AES128-SHA256", +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + "ECDHE-ECDSA-AES128-SHA256", +#endif + +#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + "ECDH-RSA-AES128-SHA256", +#endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + "ECDH-ECDSA-AES128-SHA256", +#endif + +#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + "ECDHE-RSA-AES256-SHA384", +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + "ECDHE-ECDSA-AES256-SHA384", +#endif + +#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + "ECDH-RSA-AES256-SHA384", +#endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + "ECDH-ECDSA-AES256-SHA384", #endif }; @@ -3983,7 +7429,7 @@ const char* const cipher_names[] = /* cipher suite number that matches above name table */ -int cipher_name_idx[] = +static int cipher_name_idx[] = { #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA @@ -4006,6 +7452,14 @@ int cipher_name_idx[] = TLS_RSA_WITH_AES_256_CBC_SHA, #endif +#ifdef BUILD_TLS_RSA_WITH_NULL_SHA + TLS_RSA_WITH_NULL_SHA, +#endif + +#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256 + TLS_RSA_WITH_NULL_SHA256, +#endif + #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_SHA, #endif @@ -4014,6 +7468,38 @@ int cipher_name_idx[] = TLS_DHE_RSA_WITH_AES_256_CBC_SHA, #endif +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + TLS_DHE_PSK_WITH_AES_256_GCM_SHA384, +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + TLS_DHE_PSK_WITH_AES_128_GCM_SHA256, +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 + TLS_PSK_WITH_AES_256_GCM_SHA384, +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 + TLS_PSK_WITH_AES_128_GCM_SHA256, +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + TLS_DHE_PSK_WITH_AES_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 + TLS_PSK_WITH_AES_256_CBC_SHA384, +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 + TLS_PSK_WITH_AES_128_CBC_SHA256, +#endif + #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA TLS_PSK_WITH_AES_128_CBC_SHA, #endif @@ -4022,16 +7508,72 @@ int cipher_name_idx[] = TLS_PSK_WITH_AES_256_CBC_SHA, #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_MD5 - TLS_RSA_WITH_HC_128_CBC_MD5, +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM + TLS_DHE_PSK_WITH_AES_128_CCM, +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM + TLS_DHE_PSK_WITH_AES_256_CCM, +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM + TLS_PSK_WITH_AES_128_CCM, +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM + TLS_PSK_WITH_AES_256_CCM, +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8 + TLS_PSK_WITH_AES_128_CCM_8, +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8 + TLS_PSK_WITH_AES_256_CCM_8, +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 + TLS_DHE_PSK_WITH_NULL_SHA384, +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 + TLS_DHE_PSK_WITH_NULL_SHA256, +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384 + TLS_PSK_WITH_NULL_SHA384, +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 + TLS_PSK_WITH_NULL_SHA256, +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA + TLS_PSK_WITH_NULL_SHA, +#endif + +#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5 + TLS_RSA_WITH_HC_128_MD5, +#endif + +#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA + TLS_RSA_WITH_HC_128_SHA, +#endif + +#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 + TLS_RSA_WITH_HC_128_B2B256, +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 + TLS_RSA_WITH_AES_128_CBC_B2B256, #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_SHA - TLS_RSA_WITH_HC_128_CBC_SHA, +#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 + TLS_RSA_WITH_AES_256_CBC_B2B256, #endif -#ifdef BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA - TLS_RSA_WITH_RABBIT_CBC_SHA, +#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA + TLS_RSA_WITH_RABBIT_SHA, #endif #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA @@ -4050,6 +7592,22 @@ int cipher_name_idx[] = TLS_NTRU_RSA_WITH_AES_256_CBC_SHA, #endif +#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8 + TLS_RSA_WITH_AES_128_CCM_8, +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8 + TLS_RSA_WITH_AES_256_CCM_8, +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8, +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 + TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8, +#endif + #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA, #endif @@ -4175,9 +7733,72 @@ int cipher_name_idx[] = #endif #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 - TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 + TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384, +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA, +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA, +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256, +#endif + +#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384, +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384, +#endif + +#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384, #endif +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 +#endif }; @@ -4194,6 +7815,12 @@ int SetCipherList(Suites* s, const char* list) const int suiteSz = sizeof(cipher_names) / sizeof(cipher_names[0]); int idx = 0; + int haveRSA = 0, haveECDSA = 0; + + if (s == NULL) { + CYASSL_MSG("SetCipherList suite pointer error"); + return 0; + } if (!list) return 0; @@ -4208,7 +7835,7 @@ int SetCipherList(Suites* s, const char* list) haystack = XSTRSTR(haystack, needle); if (!haystack) /* last cipher */ - len = min(sizeof(name), XSTRLEN(prev)); + len = min(sizeof(name), (word32)XSTRLEN(prev)); else len = min(sizeof(name), (word32)(haystack - prev)); @@ -4217,12 +7844,21 @@ int SetCipherList(Suites* s, const char* list) for (i = 0; i < suiteSz; i++) if (XSTRNCMP(name, cipher_names[i], sizeof(name)) == 0) { - if (XSTRSTR(name, "EC")) + if (XSTRSTR(name, "EC") || XSTRSTR(name, "CCM")) s->suites[idx++] = ECC_BYTE; /* ECC suite */ else s->suites[idx++] = 0x00; /* normal */ s->suites[idx++] = (byte)cipher_name_idx[i]; + /* The suites are either ECDSA, RSA, or PSK. The RSA suites + * don't necessarily have RSA in the name. */ + if ((haveECDSA == 0) && XSTRSTR(name, "ECDSA")) { + haveECDSA = 1; + } + else if ((haveRSA == 0) && (XSTRSTR(name, "PSK") == NULL)) { + haveRSA = 1; + } + if (!ret) ret = 1; /* found at least one */ break; } @@ -4233,12 +7869,72 @@ int SetCipherList(Suites* s, const char* list) if (ret) { s->setSuites = 1; s->suiteSz = (word16)idx; + + idx = 0; + + if (haveECDSA) { + #ifdef CYASSL_SHA384 + s->hashSigAlgo[idx++] = sha384_mac; + s->hashSigAlgo[idx++] = ecc_dsa_sa_algo; + #endif + #ifndef NO_SHA256 + s->hashSigAlgo[idx++] = sha256_mac; + s->hashSigAlgo[idx++] = ecc_dsa_sa_algo; + #endif + s->hashSigAlgo[idx++] = sha_mac; + s->hashSigAlgo[idx++] = ecc_dsa_sa_algo; + } + + if (haveRSA) { + #ifdef CYASSL_SHA384 + s->hashSigAlgo[idx++] = sha384_mac; + s->hashSigAlgo[idx++] = rsa_sa_algo; + #endif + #ifndef NO_SHA256 + s->hashSigAlgo[idx++] = sha256_mac; + s->hashSigAlgo[idx++] = rsa_sa_algo; + #endif + s->hashSigAlgo[idx++] = sha_mac; + s->hashSigAlgo[idx++] = rsa_sa_algo; + } + + s->hashSigAlgoSz = (word16)idx; } return ret; } +static void PickHashSigAlgo(CYASSL* ssl, + const byte* hashSigAlgo, word32 hashSigAlgoSz) +{ + word32 i; + + ssl->suites->sigAlgo = ssl->specs.sig_algo; + ssl->suites->hashAlgo = sha_mac; + + for (i = 0; i < hashSigAlgoSz; i += 2) { + if (hashSigAlgo[i+1] == ssl->specs.sig_algo) { + if (hashSigAlgo[i] == sha_mac) { + break; + } + #ifndef NO_SHA256 + else if (hashSigAlgo[i] == sha256_mac) { + ssl->suites->hashAlgo = sha256_mac; + break; + } + #endif + #ifdef CYASSL_SHA384 + else if (hashSigAlgo[i] == sha384_mac) { + ssl->suites->hashAlgo = sha384_mac; + break; + } + #endif + } + } +} + + #ifdef CYASSL_CALLBACKS /* Initialisze HandShakeInfo */ @@ -4308,6 +8004,7 @@ int SetCipherList(Suites* s, const char* list) void FreeTimeoutInfo(TimeoutInfo* info, void* heap) { int i; + (void)heap; for (i = 0; i < MAX_PACKETS_HANDSHAKE; i++) if (info->packets[i].bufferValue) { XFREE(info->packets[i].bufferValue, heap, DYNAMIC_TYPE_INFO); @@ -4394,27 +8091,36 @@ int SetCipherList(Suites* s, const char* list) int idSz = ssl->options.resuming ? ID_LEN : 0; int ret; - length = sizeof(ProtocolVersion) + RAN_LEN + if (ssl->suites == NULL) { + CYASSL_MSG("Bad suites pointer in SendClientHello"); + return SUITES_ERROR; + } + + length = VERSION_SZ + RAN_LEN + idSz + ENUM_LEN - + ssl->suites.suiteSz + SUITE_LEN + + ssl->suites->suiteSz + SUITE_LEN + COMP_LEN + ENUM_LEN; - if (IsAtLeastTLSv1_2(ssl)) - length += HELLO_EXT_SZ; - +#ifdef HAVE_TLS_EXTENSIONS + length += TLSX_GetRequestSize(ssl); +#else + if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz) { + length += ssl->suites->hashSigAlgoSz + HELLO_EXT_SZ; + } +#endif sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; #ifdef CYASSL_DTLS if (ssl->options.dtls) { length += ENUM_LEN; /* cookie */ - if (ssl->arrays.cookieSz != 0) length += ssl->arrays.cookieSz; + if (ssl->arrays->cookieSz != 0) length += ssl->arrays->cookieSz; sendSz = length + DTLS_HANDSHAKE_HEADER_SZ + DTLS_RECORD_HEADER_SZ; idx += DTLS_HANDSHAKE_EXTRA + DTLS_RECORD_EXTRA; } #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) return ret; /* get ouput buffer */ @@ -4424,20 +8130,22 @@ int SetCipherList(Suites* s, const char* list) AddHeaders(output, length, client_hello, ssl); /* client hello, first version */ - XMEMCPY(output + idx, &ssl->version, sizeof(ProtocolVersion)); - idx += sizeof(ProtocolVersion); + output[idx++] = ssl->version.major; + output[idx++] = ssl->version.minor; ssl->chVersion = ssl->version; /* store in case changed */ /* then random */ if (ssl->options.connectState == CONNECT_BEGIN) { - RNG_GenerateBlock(&ssl->rng, output + idx, RAN_LEN); + ret = RNG_GenerateBlock(ssl->rng, output + idx, RAN_LEN); + if (ret != 0) + return ret; /* store random */ - XMEMCPY(ssl->arrays.clientRandom, output + idx, RAN_LEN); + XMEMCPY(ssl->arrays->clientRandom, output + idx, RAN_LEN); } else { #ifdef CYASSL_DTLS /* send same random on hello again */ - XMEMCPY(output + idx, ssl->arrays.clientRandom, RAN_LEN); + XMEMCPY(output + idx, ssl->arrays->clientRandom, RAN_LEN); #endif } idx += RAN_LEN; @@ -4452,20 +8160,20 @@ int SetCipherList(Suites* s, const char* list) /* then DTLS cookie */ #ifdef CYASSL_DTLS if (ssl->options.dtls) { - byte cookieSz = ssl->arrays.cookieSz; + byte cookieSz = ssl->arrays->cookieSz; output[idx++] = cookieSz; if (cookieSz) { - XMEMCPY(&output[idx], ssl->arrays.cookie, cookieSz); + XMEMCPY(&output[idx], ssl->arrays->cookie, cookieSz); idx += cookieSz; } } #endif /* then cipher suites */ - c16toa(ssl->suites.suiteSz, output + idx); + c16toa(ssl->suites->suiteSz, output + idx); idx += 2; - XMEMCPY(output + idx, &ssl->suites.suites, ssl->suites.suiteSz); - idx += ssl->suites.suiteSz; + XMEMCPY(output + idx, &ssl->suites->suites, ssl->suites->suiteSz); + idx += ssl->suites->suiteSz; /* last, compression */ output[idx++] = COMP_LEN; @@ -4474,29 +8182,40 @@ int SetCipherList(Suites* s, const char* list) else output[idx++] = NO_COMPRESSION; - if (IsAtLeastTLSv1_2(ssl)) +#ifdef HAVE_TLS_EXTENSIONS + idx += TLSX_WriteRequest(ssl, output + idx); + + (void)idx; /* suppress analyzer warning, keep idx current */ +#else + if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz) { + int i; /* add in the extensions length */ - c16toa(HELLO_EXT_LEN, output + idx); + c16toa(HELLO_EXT_LEN + ssl->suites->hashSigAlgoSz, output + idx); idx += 2; c16toa(HELLO_EXT_SIG_ALGO, output + idx); idx += 2; - c16toa(HELLO_EXT_SIGALGO_SZ, output + idx); + c16toa(HELLO_EXT_SIGALGO_SZ+ssl->suites->hashSigAlgoSz, output+idx); idx += 2; - /* This is a lazy list setup. Eventually, we'll need to support - * using other hash types or even other extensions. */ - c16toa(HELLO_EXT_SIGALGO_LEN, output + idx); + c16toa(ssl->suites->hashSigAlgoSz, output + idx); idx += 2; - output[idx++] = sha_mac; - output[idx++] = rsa_sa_algo; - output[idx++] = sha_mac; - output[idx++] = dsa_sa_algo; - output[idx++] = sha_mac; - output[idx++] = ecc_dsa_sa_algo; + for (i = 0; i < ssl->suites->hashSigAlgoSz; i++, idx++) { + output[idx] = ssl->suites->hashSigAlgo[i]; + } } +#endif + + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } + #endif - HashOutput(ssl, output, sendSz, 0); + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; ssl->options.clientState = CLIENT_HELLO_COMPLETE; @@ -4514,26 +8233,40 @@ int SetCipherList(Suites* s, const char* list) static int DoHelloVerifyRequest(CYASSL* ssl, const byte* input, - word32* inOutIdx) + word32* inOutIdx, word32 size) { ProtocolVersion pv; byte cookieSz; + word32 begin = *inOutIdx; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("HelloVerifyRequest", &ssl->handShakeInfo); if (ssl->toInfoOn) AddLateName("HelloVerifyRequest", &ssl->timeoutInfo); #endif - XMEMCPY(&pv, input + *inOutIdx, sizeof(pv)); - *inOutIdx += sizeof(pv); + +#ifdef CYASSL_DTLS + if (ssl->options.dtls) { + DtlsPoolReset(ssl); + } +#endif + if ((*inOutIdx - begin) + OPAQUE16_LEN + OPAQUE8_LEN > size) + return BUFFER_ERROR; + + XMEMCPY(&pv, input + *inOutIdx, OPAQUE16_LEN); + *inOutIdx += OPAQUE16_LEN; + cookieSz = input[(*inOutIdx)++]; if (cookieSz) { + if ((*inOutIdx - begin) + cookieSz > size) + return BUFFER_ERROR; + #ifdef CYASSL_DTLS - if (cookieSz < MAX_COOKIE_LEN) { - XMEMCPY(ssl->arrays.cookie, input + *inOutIdx, cookieSz); - ssl->arrays.cookieSz = cookieSz; + if (cookieSz <= MAX_COOKIE_LEN) { + XMEMCPY(ssl->arrays->cookie, input + *inOutIdx, cookieSz); + ssl->arrays->cookieSz = cookieSz; } #endif *inOutIdx += cookieSz; @@ -4547,29 +8280,38 @@ int SetCipherList(Suites* s, const char* list) static int DoServerHello(CYASSL* ssl, const byte* input, word32* inOutIdx, word32 helloSz) { - byte b; - byte compression; + byte b; ProtocolVersion pv; - word32 i = *inOutIdx; - word32 begin = i; + byte compression; + word32 i = *inOutIdx; + word32 begin = i; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("ServerHello", &ssl->handShakeInfo); if (ssl->toInfoOn) AddLateName("ServerHello", &ssl->timeoutInfo); #endif - XMEMCPY(&pv, input + i, sizeof(pv)); - i += sizeof(pv); + + /* protocol version, random and session id length check */ + if ((i - begin) + OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz) + return BUFFER_ERROR; + + /* protocol version */ + XMEMCPY(&pv, input + i, OPAQUE16_LEN); + i += OPAQUE16_LEN; + if (pv.minor > ssl->version.minor) { CYASSL_MSG("Server using higher version, fatal error"); return VERSION_ERROR; } else if (pv.minor < ssl->version.minor) { CYASSL_MSG("server using lower version"); + if (!ssl->options.downgrade) { CYASSL_MSG(" no downgrade allowed, fatal error"); return VERSION_ERROR; } - else if (pv.minor == SSLv3_MINOR) { + + if (pv.minor == SSLv3_MINOR) { /* turn off tls */ CYASSL_MSG(" downgrading to SSLv3"); ssl->options.tls = 0; @@ -4587,14 +8329,31 @@ int SetCipherList(Suites* s, const char* list) ssl->version.minor = TLSv1_1_MINOR; } } - XMEMCPY(ssl->arrays.serverRandom, input + i, RAN_LEN); + + /* random */ + XMEMCPY(ssl->arrays->serverRandom, input + i, RAN_LEN); i += RAN_LEN; + + /* session id */ b = input[i++]; - if (b) { - XMEMCPY(ssl->arrays.sessionID, input + i, min(b, ID_LEN)); - i += b; + + if (b == ID_LEN) { + if ((i - begin) + ID_LEN > helloSz) + return BUFFER_ERROR; + + XMEMCPY(ssl->arrays->sessionID, input + i, min(b, ID_LEN)); + i += ID_LEN; ssl->options.haveSessionId = 1; } + else if (b) { + CYASSL_MSG("Invalid session ID size"); + return BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */ + } + + /* suite and compression */ + if ((i - begin) + OPAQUE16_LEN + OPAQUE8_LEN > helloSz) + return BUFFER_ERROR; + ssl->options.cipherSuite0 = input[i++]; ssl->options.cipherSuite = input[i++]; compression = input[i++]; @@ -4605,25 +8364,58 @@ int SetCipherList(Suites* s, const char* list) } *inOutIdx = i; - if ( (i - begin) < helloSz) - *inOutIdx = begin + helloSz; /* skip extensions */ - ssl->options.serverState = SERVER_HELLO_COMPLETE; + /* tls extensions */ + if ( (i - begin) < helloSz) { +#ifdef HAVE_TLS_EXTENSIONS + if (TLSX_SupportExtensions(ssl)) { + int ret = 0; + word16 totalExtSz; + Suites clSuites; /* just for compatibility right now */ - *inOutIdx = i; + if ((i - begin) + OPAQUE16_LEN > helloSz) + return BUFFER_ERROR; + + ato16(&input[i], &totalExtSz); + i += OPAQUE16_LEN; + + if ((i - begin) + totalExtSz > helloSz) + return BUFFER_ERROR; + + if ((ret = TLSX_Parse(ssl, (byte *) input + i, + totalExtSz, 0, &clSuites))) + return ret; + + i += totalExtSz; + *inOutIdx = i; + } + else +#endif + *inOutIdx = begin + helloSz; /* skip extensions */ + } + + ssl->options.serverState = SERVER_HELLO_COMPLETE; if (ssl->options.resuming) { - if (ssl->options.haveSessionId && XMEMCMP(ssl->arrays.sessionID, + if (ssl->options.haveSessionId && XMEMCMP(ssl->arrays->sessionID, ssl->session.sessionID, ID_LEN) == 0) { if (SetCipherSpecs(ssl) == 0) { - int ret; - XMEMCPY(ssl->arrays.masterSecret, ssl->session.masterSecret, - SECRET_LEN); - if (ssl->options.tls) + int ret = -1; + + XMEMCPY(ssl->arrays->masterSecret, + ssl->session.masterSecret, SECRET_LEN); + #ifdef NO_OLD_TLS ret = DeriveTlsKeys(ssl); - else - ret = DeriveKeys(ssl); + #else + #ifndef NO_TLS + if (ssl->options.tls) + ret = DeriveTlsKeys(ssl); + #endif + if (!ssl->options.tls) + ret = DeriveKeys(ssl); + #endif ssl->options.serverState = SERVER_HELLODONE_COMPLETE; + return ret; } else { @@ -4636,16 +8428,48 @@ int SetCipherList(Suites* s, const char* list) ssl->options.resuming = 0; /* server denied resumption try */ } } + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + DtlsPoolReset(ssl); + } + #endif return SetCipherSpecs(ssl); } + /* Make sure client setup is valid for this suite, true on success */ + int VerifyClientSuite(CYASSL* ssl) + { + int havePSK = 0; + byte first = ssl->options.cipherSuite0; + byte second = ssl->options.cipherSuite; + + CYASSL_ENTER("VerifyClientSuite"); + + #ifndef NO_PSK + havePSK = ssl->options.havePSK; + #endif + + if (CipherRequires(first, second, REQUIRES_PSK)) { + CYASSL_MSG("Requires PSK"); + if (havePSK == 0) { + CYASSL_MSG("Don't have PSK"); + return 0; + } + } + + return 1; /* success */ + } + + +#ifndef NO_CERTS /* just read in and ignore for now TODO: */ static int DoCertificateRequest(CYASSL* ssl, const byte* input, word32* - inOutIdx) + inOutIdx, word32 size) { word16 len; + word32 begin = *inOutIdx; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -4653,53 +8477,84 @@ int SetCipherList(Suites* s, const char* list) if (ssl->toInfoOn) AddLateName("CertificateRequest", &ssl->timeoutInfo); #endif + + if ((*inOutIdx - begin) + OPAQUE8_LEN > size) + return BUFFER_ERROR; + len = input[(*inOutIdx)++]; + if ((*inOutIdx - begin) + len > size) + return BUFFER_ERROR; + /* types, read in here */ *inOutIdx += len; - ato16(&input[*inOutIdx], &len); - *inOutIdx += LENGTH_SZ; + /* signature and hash signature algorithm */ if (IsAtLeastTLSv1_2(ssl)) { - /* hash sig format */ + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &len); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + len > size) + return BUFFER_ERROR; + + PickHashSigAlgo(ssl, input + *inOutIdx, len); *inOutIdx += len; - ato16(&input[*inOutIdx], &len); - *inOutIdx += LENGTH_SZ; } - /* authorities */ + /* authorities */ + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &len); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + len > size) + return BUFFER_ERROR; + while (len) { word16 dnSz; - - ato16(&input[*inOutIdx], &dnSz); - *inOutIdx += (REQUEST_HEADER + dnSz); - len -= dnSz + REQUEST_HEADER; + + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &dnSz); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + dnSz > size) + return BUFFER_ERROR; + + *inOutIdx += dnSz; + len -= OPAQUE16_LEN + dnSz; } /* don't send client cert or cert verify if user hasn't provided cert and private key */ if (ssl->buffers.certificate.buffer && ssl->buffers.key.buffer) ssl->options.sendVerify = SEND_CERT; - else if (IsAtLeastTLSv1_2(ssl)) + else if (IsTLS(ssl)) ssl->options.sendVerify = SEND_BLANK_CERT; return 0; } +#endif /* !NO_CERTS */ static int DoServerKeyExchange(CYASSL* ssl, const byte* input, - word32* inOutIdx) + word32* inOutIdx, word32 size) { - #if defined(OPENSSL_EXTRA) || defined(HAVE_ECC) - word16 length = 0; - word16 sigLen = 0; - word16 verifySz = (word16)*inOutIdx; /* keep start idx */ - byte* signature = 0; - #endif + word16 length = 0; + word32 begin = *inOutIdx; + int ret = 0; + (void)length; /* shut up compiler warnings */ + (void)begin; (void)ssl; (void)input; - (void)inOutIdx; + (void)size; + (void)ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -4710,85 +8565,119 @@ int SetCipherList(Suites* s, const char* list) #ifndef NO_PSK if (ssl->specs.kea == psk_kea) { - word16 pskLen = 0; - ato16(&input[*inOutIdx], &pskLen); - *inOutIdx += LENGTH_SZ; - XMEMCPY(ssl->arrays.server_hint, &input[*inOutIdx], - min(pskLen, MAX_PSK_ID_LEN)); - if (pskLen < MAX_PSK_ID_LEN) - ssl->arrays.server_hint[pskLen] = 0; - else - ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = 0; - *inOutIdx += pskLen; + + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; + + XMEMCPY(ssl->arrays->server_hint, input + *inOutIdx, + min(length, MAX_PSK_ID_LEN)); + + ssl->arrays->server_hint[min(length, MAX_PSK_ID_LEN - 1)] = 0; + *inOutIdx += length; return 0; } #endif - #ifdef OPENSSL_EXTRA + #ifndef NO_DH if (ssl->specs.kea == diffie_hellman_kea) { /* p */ - ato16(&input[*inOutIdx], &length); - *inOutIdx += LENGTH_SZ; + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; ssl->buffers.serverDH_P.buffer = (byte*) XMALLOC(length, ssl->heap, DYNAMIC_TYPE_DH); + if (ssl->buffers.serverDH_P.buffer) ssl->buffers.serverDH_P.length = length; else return MEMORY_ERROR; - XMEMCPY(ssl->buffers.serverDH_P.buffer, &input[*inOutIdx], length); + + XMEMCPY(ssl->buffers.serverDH_P.buffer, input + *inOutIdx, length); *inOutIdx += length; /* g */ - ato16(&input[*inOutIdx], &length); - *inOutIdx += LENGTH_SZ; + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; ssl->buffers.serverDH_G.buffer = (byte*) XMALLOC(length, ssl->heap, DYNAMIC_TYPE_DH); + if (ssl->buffers.serverDH_G.buffer) ssl->buffers.serverDH_G.length = length; else return MEMORY_ERROR; - XMEMCPY(ssl->buffers.serverDH_G.buffer, &input[*inOutIdx], length); + + XMEMCPY(ssl->buffers.serverDH_G.buffer, input + *inOutIdx, length); *inOutIdx += length; /* pub */ - ato16(&input[*inOutIdx], &length); - *inOutIdx += LENGTH_SZ; + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; ssl->buffers.serverDH_Pub.buffer = (byte*) XMALLOC(length, ssl->heap, DYNAMIC_TYPE_DH); + if (ssl->buffers.serverDH_Pub.buffer) ssl->buffers.serverDH_Pub.length = length; else return MEMORY_ERROR; - XMEMCPY(ssl->buffers.serverDH_Pub.buffer, &input[*inOutIdx], length); + + XMEMCPY(ssl->buffers.serverDH_Pub.buffer, input + *inOutIdx, length); *inOutIdx += length; } /* dh_kea */ - #endif /* OPENSSL_EXTRA */ + #endif /* NO_DH */ #ifdef HAVE_ECC if (ssl->specs.kea == ecc_diffie_hellman_kea) { - byte b = input[*inOutIdx]; - *inOutIdx += 1; + byte b; + + if ((*inOutIdx - begin) + ENUM_LEN + OPAQUE16_LEN + OPAQUE8_LEN > size) + return BUFFER_ERROR; + + b = input[(*inOutIdx)++]; if (b != named_curve) return ECC_CURVETYPE_ERROR; *inOutIdx += 1; /* curve type, eat leading 0 */ - b = input[*inOutIdx]; - *inOutIdx += 1; + b = input[(*inOutIdx)++]; if (b != secp256r1 && b != secp384r1 && b != secp521r1 && b != secp160r1 && b != secp192r1 && b != secp224r1) return ECC_CURVE_ERROR; - length = input[*inOutIdx]; - *inOutIdx += 1; + length = input[(*inOutIdx)++]; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; - if (ecc_import_x963(&input[*inOutIdx], length, &ssl->peerEccKey) != 0) + if (ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey) != 0) return ECC_PEERKEY_ERROR; *inOutIdx += length; @@ -4796,261 +8685,614 @@ int SetCipherList(Suites* s, const char* list) } #endif /* HAVE_ECC */ - #if defined(OPENSSL_EXTRA) || defined(HAVE_ECC) + #if !defined(NO_DH) && !defined(NO_PSK) + if (ssl->specs.kea == dhe_psk_kea) { + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; + + XMEMCPY(ssl->arrays->server_hint, input + *inOutIdx, + min(length, MAX_PSK_ID_LEN)); + + ssl->arrays->server_hint[min(length, MAX_PSK_ID_LEN - 1)] = 0; + *inOutIdx += length; + + /* p */ + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; + + ssl->buffers.serverDH_P.buffer = (byte*) XMALLOC(length, ssl->heap, + DYNAMIC_TYPE_DH); + + if (ssl->buffers.serverDH_P.buffer) + ssl->buffers.serverDH_P.length = length; + else + return MEMORY_ERROR; + + XMEMCPY(ssl->buffers.serverDH_P.buffer, input + *inOutIdx, length); + *inOutIdx += length; + + /* g */ + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; + + ssl->buffers.serverDH_G.buffer = (byte*) XMALLOC(length, ssl->heap, + DYNAMIC_TYPE_DH); + + if (ssl->buffers.serverDH_G.buffer) + ssl->buffers.serverDH_G.length = length; + else + return MEMORY_ERROR; + + XMEMCPY(ssl->buffers.serverDH_G.buffer, input + *inOutIdx, length); + *inOutIdx += length; + + /* pub */ + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; + + ssl->buffers.serverDH_Pub.buffer = (byte*) XMALLOC(length, ssl->heap, + DYNAMIC_TYPE_DH); + + if (ssl->buffers.serverDH_Pub.buffer) + ssl->buffers.serverDH_Pub.length = length; + else + return MEMORY_ERROR; + + XMEMCPY(ssl->buffers.serverDH_Pub.buffer, input + *inOutIdx, length); + *inOutIdx += length; + } + #endif /* !NO_DH || !NO_PSK */ + + #if !defined(NO_DH) || defined(HAVE_ECC) + if (ssl->specs.kea == ecc_diffie_hellman_kea || + ssl->specs.kea == diffie_hellman_kea) { +#ifndef NO_OLD_TLS Md5 md5; Sha sha; +#endif +#ifndef NO_SHA256 + Sha256 sha256; + byte hash256[SHA256_DIGEST_SIZE]; +#endif +#ifdef CYASSL_SHA384 + Sha384 sha384; + byte hash384[SHA384_DIGEST_SIZE]; +#endif byte hash[FINISHED_SZ]; byte messageVerify[MAX_DH_SZ]; - - /* adjust from start idx */ - verifySz = (word16)(*inOutIdx - verifySz); + byte hashAlgo = sha_mac; + byte sigAlgo = ssl->specs.sig_algo; + word16 verifySz = (word16) (*inOutIdx - begin); /* save message for hash verify */ if (verifySz > sizeof(messageVerify)) return BUFFER_ERROR; - XMEMCPY(messageVerify, &input[*inOutIdx - verifySz], verifySz); + + XMEMCPY(messageVerify, input + begin, verifySz); if (IsAtLeastTLSv1_2(ssl)) { - /* just advance for now TODO: validate hash algo params */ - *inOutIdx += LENGTH_SZ; + if ((*inOutIdx - begin) + ENUM_LEN + ENUM_LEN > size) + return BUFFER_ERROR; + + hashAlgo = input[(*inOutIdx)++]; + sigAlgo = input[(*inOutIdx)++]; } /* signature */ - ato16(&input[*inOutIdx], &length); - *inOutIdx += LENGTH_SZ; + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; - signature = (byte*)&input[*inOutIdx]; - *inOutIdx += length; - sigLen = length; + ato16(input + *inOutIdx, &length); + *inOutIdx += OPAQUE16_LEN; - /* verify signature */ + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; + + /* inOutIdx updated at the end of the function */ + /* verify signature */ +#ifndef NO_OLD_TLS /* md5 */ InitMd5(&md5); - Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); - Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN); Md5Update(&md5, messageVerify, verifySz); Md5Final(&md5, hash); /* sha */ - InitSha(&sha); - ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); - ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); + ret = InitSha(&sha); + if (ret != 0) + return ret; + ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); ShaUpdate(&sha, messageVerify, verifySz); - ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); + ShaFinal(&sha, hash + MD5_DIGEST_SIZE); +#endif + +#ifndef NO_SHA256 + ret = InitSha256(&sha256); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, messageVerify, verifySz); + if (ret != 0) + return ret; + ret = Sha256Final(&sha256, hash256); + if (ret != 0) + return ret; +#endif + +#ifdef CYASSL_SHA384 + ret = InitSha384(&sha384); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, messageVerify, verifySz); + if (ret != 0) + return ret; + ret = Sha384Final(&sha384, hash384); + if (ret != 0) + return ret; +#endif +#ifndef NO_RSA /* rsa */ - if (ssl->specs.sig_algo == rsa_sa_algo) + if (sigAlgo == rsa_sa_algo) { - int ret; - byte* out; + byte* out = NULL; + byte doUserRsa = 0; + + #ifdef HAVE_PK_CALLBACKS + if (ssl->ctx->RsaVerifyCb) + doUserRsa = 1; + #endif /*HAVE_PK_CALLBACKS */ if (!ssl->peerRsaKeyPresent) return NO_PEER_KEY; - ret = RsaSSL_VerifyInline(signature, sigLen,&out, &ssl->peerRsaKey); + if (doUserRsa) { + #ifdef HAVE_PK_CALLBACKS + ret = ssl->ctx->RsaVerifyCb(ssl, (byte *) input + *inOutIdx, + length, &out, + ssl->buffers.peerRsaKey.buffer, + ssl->buffers.peerRsaKey.length, + ssl->RsaVerifyCtx); + #endif /*HAVE_PK_CALLBACKS */ + } + else { + ret = RsaSSL_VerifyInline((byte *) input + *inOutIdx, length, + &out, ssl->peerRsaKey); + } if (IsAtLeastTLSv1_2(ssl)) { byte encodedSig[MAX_ENCODED_SIG_SZ]; word32 encSigSz; - byte* digest; - int typeH; - int digestSz; +#ifndef NO_OLD_TLS + byte* digest = &hash[MD5_DIGEST_SIZE]; + int typeH = SHAh; + int digestSz = SHA_DIGEST_SIZE; +#else + byte* digest = hash256; + int typeH = SHA256h; + int digestSz = SHA256_DIGEST_SIZE; +#endif - /* sha1 for now */ - digest = &hash[MD5_DIGEST_SIZE]; - typeH = SHAh; - digestSz = SHA_DIGEST_SIZE; + if (hashAlgo == sha_mac) { + #ifndef NO_SHA + digest = &hash[MD5_DIGEST_SIZE]; + typeH = SHAh; + digestSz = SHA_DIGEST_SIZE; + #endif + } + else if (hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = hash256; + typeH = SHA256h; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = hash384; + typeH = SHA384h; + digestSz = SHA384_DIGEST_SIZE; + #endif + } encSigSz = EncodeSignature(encodedSig, digest, digestSz, typeH); - if (encSigSz != (word32)ret || XMEMCMP(out, encodedSig, + if (encSigSz != (word32)ret || !out || XMEMCMP(out, encodedSig, min(encSigSz, MAX_ENCODED_SIG_SZ)) != 0) return VERIFY_SIGN_ERROR; } else { - if (ret != sizeof(hash) || XMEMCMP(out, hash, sizeof(hash))) + if (ret != sizeof(hash) || !out || XMEMCMP(out, + hash, sizeof(hash)) != 0) return VERIFY_SIGN_ERROR; } - } + } else +#endif #ifdef HAVE_ECC /* ecdsa */ - else if (ssl->specs.sig_algo == ecc_dsa_sa_algo) { - int verify = 0, ret; + if (sigAlgo == ecc_dsa_sa_algo) { + int verify = 0; +#ifndef NO_OLD_TLS + byte* digest = &hash[MD5_DIGEST_SIZE]; + word32 digestSz = SHA_DIGEST_SIZE; +#else + byte* digest = hash256; + word32 digestSz = SHA256_DIGEST_SIZE; +#endif + byte doUserEcc = 0; + + #ifdef HAVE_PK_CALLBACKS + if (ssl->ctx->EccVerifyCb) + doUserEcc = 1; + #endif + if (!ssl->peerEccDsaKeyPresent) return NO_PEER_KEY; - ret = ecc_verify_hash(signature, sigLen, &hash[MD5_DIGEST_SIZE], - SHA_DIGEST_SIZE, &verify, &ssl->peerEccDsaKey); + if (IsAtLeastTLSv1_2(ssl)) { + if (hashAlgo == sha_mac) { + #ifndef NO_SHA + digest = &hash[MD5_DIGEST_SIZE]; + digestSz = SHA_DIGEST_SIZE; + #endif + } + else if (hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = hash256; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = hash384; + digestSz = SHA384_DIGEST_SIZE; + #endif + } + } + if (doUserEcc) { + #ifdef HAVE_PK_CALLBACKS + ret = ssl->ctx->EccVerifyCb(ssl, input + *inOutIdx, length, + digest, digestSz, + ssl->buffers.peerEccDsaKey.buffer, + ssl->buffers.peerEccDsaKey.length, + &verify, ssl->EccVerifyCtx); + #endif + } + else { + ret = ecc_verify_hash(input + *inOutIdx, length, + digest, digestSz, &verify, ssl->peerEccDsaKey); + } if (ret != 0 || verify == 0) return VERIFY_SIGN_ERROR; } -#endif /* HAVE_ECC */ else +#endif /* HAVE_ECC */ return ALGO_ID_E; - ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE; - - return 0; + /* signature length */ + *inOutIdx += length; + ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE; } -#else /* HAVE_OPENSSL or HAVE_ECC */ + return 0; +#else /* !NO_DH or HAVE_ECC */ return NOT_COMPILED_IN; /* not supported by build */ -#endif /* HAVE_OPENSSL or HAVE_ECC */ +#endif /* !NO_DH or HAVE_ECC */ } int SendClientKeyExchange(CYASSL* ssl) { - byte encSecret[MAX_NTRU_ENCRYPT_SZ]; + byte encSecret[MAX_ENCRYPT_SZ]; word32 encSz = 0; word32 idx = 0; int ret = 0; + byte doUserRsa = 0; + + (void)doUserRsa; + + #ifdef HAVE_PK_CALLBACKS + #ifndef NO_RSA + if (ssl->ctx->RsaEncCb) + doUserRsa = 1; + #endif /* NO_RSA */ + #endif /*HAVE_PK_CALLBACKS */ + + switch (ssl->specs.kea) { + #ifndef NO_RSA + case rsa_kea: + ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, + SECRET_LEN); + if (ret != 0) + return ret; - if (ssl->specs.kea == rsa_kea) { - RNG_GenerateBlock(&ssl->rng, ssl->arrays.preMasterSecret, - SECRET_LEN); - ssl->arrays.preMasterSecret[0] = ssl->chVersion.major; - ssl->arrays.preMasterSecret[1] = ssl->chVersion.minor; - ssl->arrays.preMasterSz = SECRET_LEN; - - if (ssl->peerRsaKeyPresent == 0) - return NO_PEER_KEY; + ssl->arrays->preMasterSecret[0] = ssl->chVersion.major; + ssl->arrays->preMasterSecret[1] = ssl->chVersion.minor; + ssl->arrays->preMasterSz = SECRET_LEN; - ret = RsaPublicEncrypt(ssl->arrays.preMasterSecret, SECRET_LEN, - encSecret, sizeof(encSecret), &ssl->peerRsaKey, - &ssl->rng); - if (ret > 0) { - encSz = ret; - ret = 0; /* set success to 0 */ - } - #ifdef OPENSSL_EXTRA - } else if (ssl->specs.kea == diffie_hellman_kea) { - buffer serverP = ssl->buffers.serverDH_P; - buffer serverG = ssl->buffers.serverDH_G; - buffer serverPub = ssl->buffers.serverDH_Pub; - byte priv[ENCRYPT_LEN]; - word32 privSz = 0; - DhKey key; - - if (serverP.buffer == 0 || serverG.buffer == 0 || - serverPub.buffer == 0) - return NO_PEER_KEY; + if (ssl->peerRsaKeyPresent == 0) + return NO_PEER_KEY; - InitDhKey(&key); - ret = DhSetKey(&key, serverP.buffer, serverP.length, - serverG.buffer, serverG.length); - if (ret == 0) - /* for DH, encSecret is Yc, agree is pre-master */ - ret = DhGenerateKeyPair(&key, &ssl->rng, priv, &privSz, - encSecret, &encSz); - if (ret == 0) - ret = DhAgree(&key, ssl->arrays.preMasterSecret, - &ssl->arrays.preMasterSz, priv, privSz, - serverPub.buffer, serverPub.length); - FreeDhKey(&key); - #endif /* OPENSSL_EXTRA */ + if (doUserRsa) { + #ifdef HAVE_PK_CALLBACKS + #ifndef NO_RSA + encSz = sizeof(encSecret); + ret = ssl->ctx->RsaEncCb(ssl, + ssl->arrays->preMasterSecret, + SECRET_LEN, + encSecret, &encSz, + ssl->buffers.peerRsaKey.buffer, + ssl->buffers.peerRsaKey.length, + ssl->RsaEncCtx); + #endif /* NO_RSA */ + #endif /*HAVE_PK_CALLBACKS */ + } + else { + ret = RsaPublicEncrypt(ssl->arrays->preMasterSecret, + SECRET_LEN, encSecret, sizeof(encSecret), + ssl->peerRsaKey, ssl->rng); + if (ret > 0) { + encSz = ret; + ret = 0; /* set success to 0 */ + } + } + break; + #endif + #ifndef NO_DH + case diffie_hellman_kea: + { + buffer serverP = ssl->buffers.serverDH_P; + buffer serverG = ssl->buffers.serverDH_G; + buffer serverPub = ssl->buffers.serverDH_Pub; + byte priv[ENCRYPT_LEN]; + word32 privSz = 0; + DhKey key; + + if (serverP.buffer == 0 || serverG.buffer == 0 || + serverPub.buffer == 0) + return NO_PEER_KEY; + + InitDhKey(&key); + ret = DhSetKey(&key, serverP.buffer, serverP.length, + serverG.buffer, serverG.length); + if (ret == 0) + /* for DH, encSecret is Yc, agree is pre-master */ + ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz, + encSecret, &encSz); + if (ret == 0) + ret = DhAgree(&key, ssl->arrays->preMasterSecret, + &ssl->arrays->preMasterSz, priv, privSz, + serverPub.buffer, serverPub.length); + FreeDhKey(&key); + } + break; + #endif /* NO_DH */ #ifndef NO_PSK - } else if (ssl->specs.kea == psk_kea) { - byte* pms = ssl->arrays.preMasterSecret; - - ssl->arrays.psk_keySz = ssl->options.client_psk_cb(ssl, - ssl->arrays.server_hint, ssl->arrays.client_identity, - MAX_PSK_ID_LEN, ssl->arrays.psk_key, MAX_PSK_KEY_LEN); - if (ssl->arrays.psk_keySz == 0 || - ssl->arrays.psk_keySz > MAX_PSK_KEY_LEN) - return PSK_KEY_ERROR; - encSz = (word32)XSTRLEN(ssl->arrays.client_identity); - if (encSz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR; - XMEMCPY(encSecret, ssl->arrays.client_identity, encSz); - - /* make psk pre master secret */ - /* length of key + length 0s + length of key + key */ - c16toa((word16)ssl->arrays.psk_keySz, pms); - pms += 2; - XMEMSET(pms, 0, ssl->arrays.psk_keySz); - pms += ssl->arrays.psk_keySz; - c16toa((word16)ssl->arrays.psk_keySz, pms); - pms += 2; - XMEMCPY(pms, ssl->arrays.psk_key, ssl->arrays.psk_keySz); - ssl->arrays.preMasterSz = ssl->arrays.psk_keySz * 2 + 4; + case psk_kea: + { + byte* pms = ssl->arrays->preMasterSecret; + + ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl, + ssl->arrays->server_hint, ssl->arrays->client_identity, + MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN); + if (ssl->arrays->psk_keySz == 0 || + ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) + return PSK_KEY_ERROR; + encSz = (word32)XSTRLEN(ssl->arrays->client_identity); + if (encSz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR; + XMEMCPY(encSecret, ssl->arrays->client_identity, encSz); + + /* make psk pre master secret */ + /* length of key + length 0s + length of key + key */ + c16toa((word16)ssl->arrays->psk_keySz, pms); + pms += 2; + XMEMSET(pms, 0, ssl->arrays->psk_keySz); + pms += ssl->arrays->psk_keySz; + c16toa((word16)ssl->arrays->psk_keySz, pms); + pms += 2; + XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz); + ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4; + XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz); + ssl->arrays->psk_keySz = 0; /* No further need */ + } + break; #endif /* NO_PSK */ + #if !defined(NO_DH) && !defined(NO_PSK) + case dhe_psk_kea: + { + byte* pms = ssl->arrays->preMasterSecret; + byte* es = encSecret; + buffer serverP = ssl->buffers.serverDH_P; + buffer serverG = ssl->buffers.serverDH_G; + buffer serverPub = ssl->buffers.serverDH_Pub; + byte priv[ENCRYPT_LEN]; + word32 privSz = 0; + word32 pubSz = 0; + word32 esSz = 0; + DhKey key; + + if (serverP.buffer == 0 || serverG.buffer == 0 || + serverPub.buffer == 0) + return NO_PEER_KEY; + + ssl->arrays->psk_keySz = ssl->options.client_psk_cb(ssl, + ssl->arrays->server_hint, ssl->arrays->client_identity, + MAX_PSK_ID_LEN, ssl->arrays->psk_key, MAX_PSK_KEY_LEN); + if (ssl->arrays->psk_keySz == 0 || + ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) + return PSK_KEY_ERROR; + esSz = (word32)XSTRLEN(ssl->arrays->client_identity); + + if (esSz > MAX_PSK_ID_LEN) + return CLIENT_ID_ERROR; + c16toa((word16)esSz, es); + es += OPAQUE16_LEN; + XMEMCPY(es, ssl->arrays->client_identity, esSz); + es += esSz; + encSz = esSz + OPAQUE16_LEN; + + InitDhKey(&key); + ret = DhSetKey(&key, serverP.buffer, serverP.length, + serverG.buffer, serverG.length); + if (ret == 0) + /* for DH, encSecret is Yc, agree is pre-master */ + ret = DhGenerateKeyPair(&key, ssl->rng, priv, &privSz, + es + OPAQUE16_LEN, &pubSz); + if (ret == 0) + ret = DhAgree(&key, pms + OPAQUE16_LEN, + &ssl->arrays->preMasterSz, priv, privSz, + serverPub.buffer, serverPub.length); + FreeDhKey(&key); + if (ret != 0) + return ret; + + c16toa((word16)pubSz, es); + encSz += pubSz + OPAQUE16_LEN; + c16toa((word16)ssl->arrays->preMasterSz, pms); + ssl->arrays->preMasterSz += OPAQUE16_LEN; + pms += ssl->arrays->preMasterSz; + + /* make psk pre master secret */ + /* length of key + length 0s + length of key + key */ + c16toa((word16)ssl->arrays->psk_keySz, pms); + pms += OPAQUE16_LEN; + XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz); + ssl->arrays->preMasterSz += + ssl->arrays->psk_keySz + OPAQUE16_LEN; + XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz); + ssl->arrays->psk_keySz = 0; /* No further need */ + } + break; + #endif /* !NO_DH && !NO_PSK */ #ifdef HAVE_NTRU - } else if (ssl->specs.kea == ntru_kea) { - word32 rc; - word16 cipherLen = sizeof(encSecret); - DRBG_HANDLE drbg; - static uint8_t const cyasslStr[] = { - 'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U' - }; - - RNG_GenerateBlock(&ssl->rng, ssl->arrays.preMasterSecret, - SECRET_LEN); - ssl->arrays.preMasterSz = SECRET_LEN; - - if (ssl->peerNtruKeyPresent == 0) - return NO_PEER_KEY; + case ntru_kea: + { + word32 rc; + word16 cipherLen = sizeof(encSecret); + DRBG_HANDLE drbg; + static uint8_t const cyasslStr[] = { + 'C', 'y', 'a', 'S', 'S', 'L', ' ', 'N', 'T', 'R', 'U' + }; + + ret = RNG_GenerateBlock(ssl->rng, + ssl->arrays->preMasterSecret, SECRET_LEN); + if (ret != 0) + return ret; - rc = crypto_drbg_instantiate(MAX_NTRU_BITS, cyasslStr, - sizeof(cyasslStr), GetEntropy, &drbg); - if (rc != DRBG_OK) - return NTRU_DRBG_ERROR; - - rc = crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen,ssl->peerNtruKey, - ssl->arrays.preMasterSz, - ssl->arrays.preMasterSecret, - &cipherLen, encSecret); - crypto_drbg_uninstantiate(drbg); - if (rc != NTRU_OK) - return NTRU_ENCRYPT_ERROR; - - encSz = cipherLen; - ret = 0; + ssl->arrays->preMasterSz = SECRET_LEN; + + if (ssl->peerNtruKeyPresent == 0) + return NO_PEER_KEY; + + rc = ntru_crypto_drbg_instantiate(MAX_NTRU_BITS, cyasslStr, + sizeof(cyasslStr), GetEntropy, + &drbg); + if (rc != DRBG_OK) + return NTRU_DRBG_ERROR; + + rc = ntru_crypto_ntru_encrypt(drbg, ssl->peerNtruKeyLen, + ssl->peerNtruKey, + ssl->arrays->preMasterSz, + ssl->arrays->preMasterSecret, + &cipherLen, encSecret); + ntru_crypto_drbg_uninstantiate(drbg); + if (rc != NTRU_OK) + return NTRU_ENCRYPT_ERROR; + + encSz = cipherLen; + ret = 0; + } + break; #endif /* HAVE_NTRU */ #ifdef HAVE_ECC - } else if (ssl->specs.kea == ecc_diffie_hellman_kea) { - ecc_key myKey; - ecc_key* peerKey = &myKey; - word32 size = sizeof(encSecret); + case ecc_diffie_hellman_kea: + { + ecc_key myKey; + ecc_key* peerKey = NULL; + word32 size = sizeof(encSecret); + + if (ssl->specs.static_ecdh) { + /* TODO: EccDsa is really fixed Ecc change naming */ + if (!ssl->peerEccDsaKeyPresent || !ssl->peerEccDsaKey->dp) + return NO_PEER_KEY; + peerKey = ssl->peerEccDsaKey; + } + else { + if (!ssl->peerEccKeyPresent || !ssl->peerEccKey->dp) + return NO_PEER_KEY; + peerKey = ssl->peerEccKey; + } - if (ssl->specs.static_ecdh) { - /* TODO: EccDsa is really fixed Ecc change naming */ - if (!ssl->peerEccDsaKeyPresent || !ssl->peerEccDsaKey.dp) - return NO_PEER_KEY; - peerKey = &ssl->peerEccDsaKey; - } - else { - if (!ssl->peerEccKeyPresent || !ssl->peerEccKey.dp) - return NO_PEER_KEY; - peerKey = &ssl->peerEccKey; - } + if (peerKey == NULL) + return NO_PEER_KEY; - ecc_init(&myKey); - ret = ecc_make_key(&ssl->rng, peerKey->dp->size, &myKey); - if (ret != 0) - return ECC_MAKEKEY_ERROR; + ecc_init(&myKey); + ret = ecc_make_key(ssl->rng, peerKey->dp->size, &myKey); + if (ret != 0) + return ECC_MAKEKEY_ERROR; - /* precede export with 1 byte length */ - ret = ecc_export_x963(&myKey, encSecret + 1, &size); - encSecret[0] = (byte)size; - encSz = size + 1; + /* precede export with 1 byte length */ + ret = ecc_export_x963(&myKey, encSecret + 1, &size); + encSecret[0] = (byte)size; + encSz = size + 1; - if (ret != 0) - ret = ECC_EXPORT_ERROR; - else { - size = sizeof(ssl->arrays.preMasterSecret); - ret = ecc_shared_secret(&myKey, peerKey, - ssl->arrays.preMasterSecret, &size); - if (ret != 0) - ret = ECC_SHARED_ERROR; - } + if (ret != 0) + ret = ECC_EXPORT_ERROR; + else { + size = sizeof(ssl->arrays->preMasterSecret); + ret = ecc_shared_secret(&myKey, peerKey, + ssl->arrays->preMasterSecret, &size); + if (ret != 0) + ret = ECC_SHARED_ERROR; + } - ssl->arrays.preMasterSz = size; - ecc_free(&myKey); + ssl->arrays->preMasterSz = size; + ecc_free(&myKey); + } + break; #endif /* HAVE_ECC */ - } else - return ALGO_ID_E; /* unsupported kea */ + default: + return ALGO_ID_E; /* unsupported kea */ + } if (ret == 0) { byte *output; @@ -5060,7 +9302,8 @@ int SetCipherList(Suites* s, const char* list) if (ssl->options.tls || ssl->specs.kea == diffie_hellman_kea) tlsSz = 2; - if (ssl->specs.kea == ecc_diffie_hellman_kea) /* always off */ + if (ssl->specs.kea == ecc_diffie_hellman_kea || + ssl->specs.kea == dhe_psk_kea) /* always off */ tlsSz = 0; sendSz = encSz + tlsSz + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; @@ -5073,8 +9316,8 @@ int SetCipherList(Suites* s, const char* list) } #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) return ret; /* get ouput buffer */ @@ -5088,9 +9331,18 @@ int SetCipherList(Suites* s, const char* list) idx += 2; } XMEMCPY(output + idx, encSecret, encSz); - idx += encSz; + /* if add more to output, adjust idx + idx += encSz; */ + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } + #endif - HashOutput(ssl, output, sendSz, 0); + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -5114,44 +9366,60 @@ int SetCipherList(Suites* s, const char* list) ret = tmpRet; /* save WANT_WRITE unless more serious */ ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; } + /* No further need for PMS */ + XMEMSET(ssl->arrays->preMasterSecret, 0, ssl->arrays->preMasterSz); + ssl->arrays->preMasterSz = 0; return ret; } +#ifndef NO_CERTS int SendCertificateVerify(CYASSL* ssl) { byte *output; int sendSz = 0, length, ret; word32 idx = 0; word32 sigOutSz = 0; +#ifndef NO_RSA RsaKey key; + int initRsaKey = 0; +#endif int usingEcc = 0; #ifdef HAVE_ECC ecc_key eccKey; #endif + (void)idx; + if (ssl->options.sendVerify == SEND_BLANK_CERT) return 0; /* sent blank cert, can't verify */ - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, MAX_CERT_VERIFY_SZ)) != 0) + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, MAX_CERT_VERIFY_SZ)) != 0) return ret; /* get ouput buffer */ output = ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; - BuildCertHashes(ssl, &ssl->certHashes); + ret = BuildCertHashes(ssl, &ssl->certHashes); + if (ret != 0) + return ret; #ifdef HAVE_ECC ecc_init(&eccKey); #endif - InitRsaKey(&key, ssl->heap); - ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key, - ssl->buffers.key.length); +#ifndef NO_RSA + ret = InitRsaKey(&key, ssl->heap); + if (ret == 0) initRsaKey = 1; + if (ret == 0) + ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key, + ssl->buffers.key.length); if (ret == 0) sigOutSz = RsaEncryptSize(&key); - else { + else +#endif + { #ifdef HAVE_ECC CYASSL_MSG("Trying ECC client cert, RSA didn't work"); @@ -5161,7 +9429,7 @@ int SetCipherList(Suites* s, const char* list) if (ret == 0) { CYASSL_MSG("Using ECC client cert"); usingEcc = 1; - sigOutSz = ecc_sig_size(&eccKey); + sigOutSz = MAX_ENCODED_SIG_SZ; } else { CYASSL_MSG("Bad client cert type"); @@ -5171,53 +9439,165 @@ int SetCipherList(Suites* s, const char* list) if (ret == 0) { byte* verify = (byte*)&output[RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ]; +#ifndef NO_OLD_TLS byte* signBuffer = ssl->certHashes.md5; - word32 signSz = sizeof(Hashes); +#else + byte* signBuffer = NULL; +#endif + word32 signSz = FINISHED_SZ; byte encodedSig[MAX_ENCODED_SIG_SZ]; word32 extraSz = 0; /* tls 1.2 hash/sig */ + (void)encodedSig; + (void)signSz; + (void)signBuffer; + #ifdef CYASSL_DTLS if (ssl->options.dtls) verify += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; #endif length = sigOutSz; if (IsAtLeastTLSv1_2(ssl)) { - verify[0] = sha_mac; + verify[0] = ssl->suites->hashAlgo; verify[1] = usingEcc ? ecc_dsa_sa_algo : rsa_sa_algo; extraSz = HASH_SIG_SIZE; } - c16toa((word16)length, verify + extraSz); /* prepend verify header*/ if (usingEcc) { #ifdef HAVE_ECC - word32 localSz = sigOutSz; - ret = ecc_sign_hash(signBuffer + MD5_DIGEST_SIZE, - SHA_DIGEST_SIZE, verify + extraSz + VERIFY_HEADER, - &localSz, &ssl->rng, &eccKey); + word32 localSz = MAX_ENCODED_SIG_SZ; + word32 digestSz; + byte* digest; + byte doUserEcc = 0; +#ifndef NO_OLD_TLS + /* old tls default */ + digestSz = SHA_DIGEST_SIZE; + digest = ssl->certHashes.sha; +#else + /* new tls default */ + digestSz = SHA256_DIGEST_SIZE; + digest = ssl->certHashes.sha256; +#endif + + #ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + if (ssl->ctx->EccSignCb) + doUserEcc = 1; + #endif /* HAVE_ECC */ + #endif /*HAVE_PK_CALLBACKS */ + + if (IsAtLeastTLSv1_2(ssl)) { + if (ssl->suites->hashAlgo == sha_mac) { + #ifndef NO_SHA + digest = ssl->certHashes.sha; + digestSz = SHA_DIGEST_SIZE; + #endif + } + else if (ssl->suites->hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = ssl->certHashes.sha256; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (ssl->suites->hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = ssl->certHashes.sha384; + digestSz = SHA384_DIGEST_SIZE; + #endif + } + } + + if (doUserEcc) { + #ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + ret = ssl->ctx->EccSignCb(ssl, digest, digestSz, + encodedSig, &localSz, + ssl->buffers.key.buffer, + ssl->buffers.key.length, + ssl->EccSignCtx); + #endif /* HAVE_ECC */ + #endif /*HAVE_PK_CALLBACKS */ + } + else { + ret = ecc_sign_hash(digest, digestSz, encodedSig, + &localSz, ssl->rng, &eccKey); + } + if (ret == 0) { + length = localSz; + c16toa((word16)length, verify + extraSz); /* prepend hdr */ + XMEMCPY(verify + extraSz + VERIFY_HEADER,encodedSig,length); + } #endif } +#ifndef NO_RSA else { + byte doUserRsa = 0; + + #ifdef HAVE_PK_CALLBACKS + if (ssl->ctx->RsaSignCb) + doUserRsa = 1; + #endif /*HAVE_PK_CALLBACKS */ + if (IsAtLeastTLSv1_2(ssl)) { - byte* digest; - int typeH; - int digestSz; +#ifndef NO_OLD_TLS + byte* digest = ssl->certHashes.sha; + int digestSz = SHA_DIGEST_SIZE; + int typeH = SHAh; +#else + byte* digest = ssl->certHashes.sha256; + int digestSz = SHA256_DIGEST_SIZE; + int typeH = SHA256h; +#endif - /* sha1 for now */ - digest = ssl->certHashes.sha; - typeH = SHAh; - digestSz = SHA_DIGEST_SIZE; + if (ssl->suites->hashAlgo == sha_mac) { + #ifndef NO_SHA + digest = ssl->certHashes.sha; + typeH = SHAh; + digestSz = SHA_DIGEST_SIZE; + #endif + } + else if (ssl->suites->hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = ssl->certHashes.sha256; + typeH = SHA256h; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (ssl->suites->hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = ssl->certHashes.sha384; + typeH = SHA384h; + digestSz = SHA384_DIGEST_SIZE; + #endif + } signSz = EncodeSignature(encodedSig, digest,digestSz,typeH); signBuffer = encodedSig; } - ret = RsaSSL_Sign(signBuffer, signSz, verify + extraSz + - VERIFY_HEADER, ENCRYPT_LEN, &key, &ssl->rng); + c16toa((word16)length, verify + extraSz); /* prepend hdr */ + if (doUserRsa) { + #ifdef HAVE_PK_CALLBACKS + #ifndef NO_RSA + word32 ioLen = ENCRYPT_LEN; + ret = ssl->ctx->RsaSignCb(ssl, signBuffer, signSz, + verify + extraSz + VERIFY_HEADER, + &ioLen, + ssl->buffers.key.buffer, + ssl->buffers.key.length, + ssl->RsaSignCtx); + #endif /* NO_RSA */ + #endif /*HAVE_PK_CALLBACKS */ + } + else { + ret = RsaSSL_Sign(signBuffer, signSz, verify + extraSz + + VERIFY_HEADER, ENCRYPT_LEN, &key, ssl->rng); + } if (ret > 0) ret = 0; /* RSA reset */ } - +#endif if (ret == 0) { AddHeaders(output, length + extraSz + VERIFY_HEADER, certificate_verify, ssl); @@ -5225,14 +9605,20 @@ int SetCipherList(Suites* s, const char* list) sendSz = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + length + extraSz + VERIFY_HEADER; #ifdef CYASSL_DTLS - if (ssl->options.dtls) + if (ssl->options.dtls) { sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } #endif - HashOutput(ssl, output, sendSz, 0); + + ret = HashOutput(ssl, output, sendSz, 0); } } - - FreeRsaKey(&key); +#ifndef NO_RSA + if (initRsaKey) + FreeRsaKey(&key); +#endif #ifdef HAVE_ECC ecc_free(&eccKey); #endif @@ -5254,7 +9640,7 @@ int SetCipherList(Suites* s, const char* list) else return ret; } - +#endif /* NO_CERTS */ #endif /* NO_CYASSL_CLIENT */ @@ -5269,13 +9655,17 @@ int SetCipherList(Suites* s, const char* list) int sendSz; int ret; - length = sizeof(ProtocolVersion) + RAN_LEN + length = VERSION_SZ + RAN_LEN + ID_LEN + ENUM_LEN + SUITE_LEN + ENUM_LEN; +#ifdef HAVE_TLS_EXTENSIONS + length += TLSX_GetResponseSize(ssl); +#endif + /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, MAX_HELLO_SZ)) != 0) + if ((ret = CheckAvailableSize(ssl, MAX_HELLO_SZ)) != 0) return ret; /* get ouput buffer */ @@ -5293,13 +9683,18 @@ int SetCipherList(Suites* s, const char* list) #endif /* now write to output */ /* first version */ - XMEMCPY(output + idx, &ssl->version, sizeof(ProtocolVersion)); - idx += sizeof(ProtocolVersion); + output[idx++] = ssl->version.major; + output[idx++] = ssl->version.minor; /* then random */ - if (!ssl->options.resuming) - RNG_GenerateBlock(&ssl->rng, ssl->arrays.serverRandom, RAN_LEN); - XMEMCPY(output + idx, ssl->arrays.serverRandom, RAN_LEN); + if (!ssl->options.resuming) { + ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, + RAN_LEN); + if (ret != 0) + return ret; + } + + XMEMCPY(output + idx, ssl->arrays->serverRandom, RAN_LEN); idx += RAN_LEN; #ifdef SHOW_SECRETS @@ -5307,29 +9702,48 @@ int SetCipherList(Suites* s, const char* list) int j; printf("server random: "); for (j = 0; j < RAN_LEN; j++) - printf("%02x", ssl->arrays.serverRandom[j]); + printf("%02x", ssl->arrays->serverRandom[j]); printf("\n"); } #endif /* then session id */ output[idx++] = ID_LEN; - if (!ssl->options.resuming) - RNG_GenerateBlock(&ssl->rng, ssl->arrays.sessionID, ID_LEN); - XMEMCPY(output + idx, ssl->arrays.sessionID, ID_LEN); + + if (!ssl->options.resuming) { + ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->sessionID, ID_LEN); + if (ret != 0) + return ret; + } + + XMEMCPY(output + idx, ssl->arrays->sessionID, ID_LEN); idx += ID_LEN; /* then cipher suite */ output[idx++] = ssl->options.cipherSuite0; output[idx++] = ssl->options.cipherSuite; - /* last, compression */ + /* then compression */ if (ssl->options.usingCompression) output[idx++] = ZLIB_COMPRESSION; else output[idx++] = NO_COMPRESSION; + + /* last, extensions */ +#ifdef HAVE_TLS_EXTENSIONS + TLSX_WriteResponse(ssl, output + idx); +#endif ssl->buffers.outputBuffer.length += sendSz; - HashOutput(ssl, output, sendSz, 0); + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } + #endif + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -5355,22 +9769,16 @@ int SetCipherList(Suites* s, const char* list) switch(size) { case 20: return secp160r1; - break; case 24: return secp192r1; - break; case 28: return secp224r1; - break; case 32: return secp256r1; - break; case 48: return secp384r1; - break; case 66: return secp521r1; - break; default: return 0; } @@ -5390,10 +9798,10 @@ int SetCipherList(Suites* s, const char* list) byte *output; word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; int sendSz; - if (ssl->arrays.server_hint[0] == 0) return 0; /* don't send */ + if (ssl->arrays->server_hint[0] == 0) return 0; /* don't send */ /* include size part */ - length = (word32)XSTRLEN(ssl->arrays.server_hint); + length = (word32)XSTRLEN(ssl->arrays->server_hint); if (length > MAX_PSK_ID_LEN) return SERVER_HINT_ERROR; length += HINT_LEN_SZ; sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; @@ -5404,8 +9812,8 @@ int SetCipherList(Suites* s, const char* list) idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; } #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) return ret; /* get ouput buffer */ @@ -5417,9 +9825,11 @@ int SetCipherList(Suites* s, const char* list) /* key data */ c16toa((word16)(length - HINT_LEN_SZ), output + idx); idx += HINT_LEN_SZ; - XMEMCPY(output + idx, ssl->arrays.server_hint, length -HINT_LEN_SZ); + XMEMCPY(output + idx, ssl->arrays->server_hint,length -HINT_LEN_SZ); - HashOutput(ssl, output, sendSz, 0); + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -5438,196 +9848,14 @@ int SetCipherList(Suites* s, const char* list) } #endif /*NO_PSK */ - #ifdef HAVE_ECC - if (ssl->specs.kea == ecc_diffie_hellman_kea) - { + #if !defined(NO_DH) && !defined(NO_PSK) + if (ssl->specs.kea == dhe_psk_kea) { byte *output; word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; + word32 hintLen; int sendSz; - byte exportBuf[MAX_EXPORT_ECC_SZ]; - word32 expSz = sizeof(exportBuf); - word32 sigSz; - word32 preSigSz, preSigIdx; - RsaKey rsaKey; - ecc_key dsaKey; - - if (ssl->specs.static_ecdh) { - CYASSL_MSG("Using Static ECDH, not sending ServerKeyExchagne"); - return 0; - } - - /* curve type, named curve, length(1) */ - length = ENUM_LEN + CURVE_LEN + ENUM_LEN; - /* pub key size */ - CYASSL_MSG("Using ephemeral ECDH"); - if (ecc_export_x963(&ssl->eccTempKey, exportBuf, &expSz) != 0) - return ECC_EXPORT_ERROR; - length += expSz; - - preSigSz = length; - preSigIdx = idx; - - InitRsaKey(&rsaKey, ssl->heap); - ecc_init(&dsaKey); - - /* sig length */ - length += LENGTH_SZ; - - if (!ssl->buffers.key.buffer) { - FreeRsaKey(&rsaKey); - ecc_free(&dsaKey); - return NO_PRIVATE_KEY; - } - - if (ssl->specs.sig_algo == rsa_sa_algo) { - /* rsa sig size */ - word32 i = 0; - ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, - &rsaKey, ssl->buffers.key.length); - if (ret != 0) return ret; - sigSz = RsaEncryptSize(&rsaKey); - } - else if (ssl->specs.sig_algo == ecc_dsa_sa_algo) { - /* ecdsa sig size */ - word32 i = 0; - ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i, - &dsaKey, ssl->buffers.key.length); - if (ret != 0) return ret; - sigSz = ecc_sig_size(&dsaKey); - } - else { - FreeRsaKey(&rsaKey); - ecc_free(&dsaKey); - return ALGO_ID_E; /* unsupported type */ - } - length += sigSz; - - if (IsAtLeastTLSv1_2(ssl)) - length += HASH_SIG_SIZE; - - sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; - - #ifdef CYASSL_DTLS - if (ssl->options.dtls) { - sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; - idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; - preSigIdx = idx; - } - #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) { - FreeRsaKey(&rsaKey); - ecc_free(&dsaKey); - return ret; - } - - /* get ouput buffer */ - output = ssl->buffers.outputBuffer.buffer + - ssl->buffers.outputBuffer.length; - - AddHeaders(output, length, server_key_exchange, ssl); - - /* key exchange data */ - output[idx++] = named_curve; - output[idx++] = 0x00; /* leading zero */ - output[idx++] = SetCurveId(ecc_size(&ssl->eccTempKey)); - output[idx++] = (byte)expSz; - XMEMCPY(output + idx, exportBuf, expSz); - idx += expSz; - if (IsAtLeastTLSv1_2(ssl)) { - output[idx++] = sha_mac; - output[idx++] = ssl->specs.sig_algo; - } - c16toa((word16)sigSz, output + idx); - idx += LENGTH_SZ; - - /* do signature */ - { - Md5 md5; - Sha sha; - byte hash[FINISHED_SZ]; - byte* signBuffer = hash; - word32 signSz = sizeof(hash); - - /* md5 */ - InitMd5(&md5); - Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); - Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); - Md5Update(&md5, output + preSigIdx, preSigSz); - Md5Final(&md5, hash); - - /* sha */ - InitSha(&sha); - ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); - ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); - ShaUpdate(&sha, output + preSigIdx, preSigSz); - ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); - - if (ssl->specs.sig_algo == rsa_sa_algo) { - byte encodedSig[MAX_ENCODED_SIG_SZ]; - if (IsAtLeastTLSv1_2(ssl)) { - byte* digest; - int hType; - int digestSz; - - /* sha1 for now */ - digest = &hash[MD5_DIGEST_SIZE]; - hType = SHAh; - digestSz = SHA_DIGEST_SIZE; - - signSz = EncodeSignature(encodedSig, digest, digestSz, - hType); - signBuffer = encodedSig; - } - ret = RsaSSL_Sign(signBuffer, signSz, output + idx, sigSz, - &rsaKey, &ssl->rng); - FreeRsaKey(&rsaKey); - ecc_free(&dsaKey); - if (ret > 0) - ret = 0; /* reset on success */ - else - return ret; - } - else if (ssl->specs.sig_algo == ecc_dsa_sa_algo) { - word32 sz = sigSz; - - ret = ecc_sign_hash(&hash[MD5_DIGEST_SIZE], SHA_DIGEST_SIZE, - output + idx, &sz, &ssl->rng, &dsaKey); - FreeRsaKey(&rsaKey); - ecc_free(&dsaKey); - if (ret < 0) return ret; - } - } - - HashOutput(ssl, output, sendSz, 0); - - #ifdef CYASSL_CALLBACKS - if (ssl->hsInfoOn) - AddPacketName("ServerKeyExchange", &ssl->handShakeInfo); - if (ssl->toInfoOn) - AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo, - output, sendSz, ssl->heap); - #endif - - ssl->buffers.outputBuffer.length += sendSz; - if (ssl->options.groupMessages) - ret = 0; - else - ret = SendBuffered(ssl); - ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE; - } - #endif /* HAVE_ECC */ - - #ifdef OPENSSL_EXTRA - if (ssl->specs.kea == diffie_hellman_kea) { - byte *output; - word32 length = 0, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; - int sendSz; - word32 sigSz = 0, i = 0; - word32 preSigSz = 0, preSigIdx = 0; - RsaKey rsaKey; DhKey dhKey; - + if (ssl->buffers.serverDH_P.buffer == NULL || ssl->buffers.serverDH_G.buffer == NULL) return NO_DH_PARAMS; @@ -5638,7 +9866,7 @@ int SetCipherList(Suites* s, const char* list) DYNAMIC_TYPE_DH); if (ssl->buffers.serverDH_Pub.buffer == NULL) return MEMORY_E; - } + } if (ssl->buffers.serverDH_Priv.buffer == NULL) { ssl->buffers.serverDH_Priv.buffer = (byte*)XMALLOC( @@ -5646,7 +9874,7 @@ int SetCipherList(Suites* s, const char* list) DYNAMIC_TYPE_DH); if (ssl->buffers.serverDH_Priv.buffer == NULL) return MEMORY_E; - } + } InitDhKey(&dhKey); ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer, @@ -5654,65 +9882,49 @@ int SetCipherList(Suites* s, const char* list) ssl->buffers.serverDH_G.buffer, ssl->buffers.serverDH_G.length); if (ret == 0) - ret = DhGenerateKeyPair(&dhKey, &ssl->rng, + ret = DhGenerateKeyPair(&dhKey, ssl->rng, ssl->buffers.serverDH_Priv.buffer, &ssl->buffers.serverDH_Priv.length, ssl->buffers.serverDH_Pub.buffer, &ssl->buffers.serverDH_Pub.length); - FreeDhKey(&dhKey); - - if (ret == 0) { - length = LENGTH_SZ * 3; /* p, g, pub */ - length += ssl->buffers.serverDH_P.length + - ssl->buffers.serverDH_G.length + - ssl->buffers.serverDH_Pub.length; - - preSigIdx = idx; - preSigSz = length; - - /* sig length */ - length += LENGTH_SZ; - - if (!ssl->buffers.key.buffer) - return NO_PRIVATE_KEY; - - InitRsaKey(&rsaKey, ssl->heap); - ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, &rsaKey, - ssl->buffers.key.length); - if (ret == 0) { - sigSz = RsaEncryptSize(&rsaKey); - length += sigSz; - } - } - if (ret != 0) { - FreeRsaKey(&rsaKey); - return ret; - } - - if (IsAtLeastTLSv1_2(ssl)) - length += HASH_SIG_SIZE; + FreeDhKey(&dhKey); + if (ret != 0) + return ret; + + length = LENGTH_SZ * 3 + /* p, g, pub */ + ssl->buffers.serverDH_P.length + + ssl->buffers.serverDH_G.length + + ssl->buffers.serverDH_Pub.length; + /* include size part */ + hintLen = (word32)XSTRLEN(ssl->arrays->server_hint); + if (hintLen > MAX_PSK_ID_LEN) + return SERVER_HINT_ERROR; + length += hintLen + HINT_LEN_SZ; sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; - #ifdef CYASSL_DTLS + #ifdef CYASSL_DTLS if (ssl->options.dtls) { sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; - preSigIdx = idx; } #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) { - FreeRsaKey(&rsaKey); - return ret; - } + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) + return ret; /* get ouput buffer */ - output = ssl->buffers.outputBuffer.buffer + + output = ssl->buffers.outputBuffer.buffer + ssl->buffers.outputBuffer.length; AddHeaders(output, length, server_key_exchange, ssl); + /* key data */ + c16toa((word16)hintLen, output + idx); + idx += HINT_LEN_SZ; + XMEMCPY(output + idx, ssl->arrays->server_hint, hintLen); + idx += hintLen; + /* add p, g, pub */ c16toa((word16)ssl->buffers.serverDH_P.length, output + idx); idx += LENGTH_SZ; @@ -5734,64 +9946,10 @@ int SetCipherList(Suites* s, const char* list) ssl->buffers.serverDH_Pub.length); idx += ssl->buffers.serverDH_Pub.length; - /* Add signature */ - if (IsAtLeastTLSv1_2(ssl)) { - output[idx++] = sha_mac; - output[idx++] = ssl->specs.sig_algo; - } - /* size */ - c16toa((word16)sigSz, output + idx); - idx += LENGTH_SZ; - - /* do signature */ - { - Md5 md5; - Sha sha; - byte hash[FINISHED_SZ]; - byte* signBuffer = hash; - word32 signSz = sizeof(hash); - - /* md5 */ - InitMd5(&md5); - Md5Update(&md5, ssl->arrays.clientRandom, RAN_LEN); - Md5Update(&md5, ssl->arrays.serverRandom, RAN_LEN); - Md5Update(&md5, output + preSigIdx, preSigSz); - Md5Final(&md5, hash); - - /* sha */ - InitSha(&sha); - ShaUpdate(&sha, ssl->arrays.clientRandom, RAN_LEN); - ShaUpdate(&sha, ssl->arrays.serverRandom, RAN_LEN); - ShaUpdate(&sha, output + preSigIdx, preSigSz); - ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); - - if (ssl->specs.sig_algo == rsa_sa_algo) { - byte encodedSig[MAX_ENCODED_SIG_SZ]; - if (IsAtLeastTLSv1_2(ssl)) { - byte* digest; - int typeH; - int digestSz; - - /* sha1 for now */ - digest = &hash[MD5_DIGEST_SIZE]; - typeH = SHAh; - digestSz = SHA_DIGEST_SIZE; - - signSz = EncodeSignature(encodedSig, digest, digestSz, - typeH); - signBuffer = encodedSig; - } - ret = RsaSSL_Sign(signBuffer, signSz, output + idx, sigSz, - &rsaKey, &ssl->rng); - FreeRsaKey(&rsaKey); - if (ret > 0) - ret = 0; /* reset on success */ - else - return ret; - } - } + ret = HashOutput(ssl, output, sendSz, 0); - HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -5808,319 +9966,654 @@ int SetCipherList(Suites* s, const char* list) ret = SendBuffered(ssl); ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE; } - #endif /* OPENSSL_EXTRA */ + #endif /* !NO_DH && !NO_PSK */ - return ret; - } + #ifdef HAVE_ECC + if (ssl->specs.kea == ecc_diffie_hellman_kea) + { + byte *output; + word32 length, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; + int sendSz; + byte exportBuf[MAX_EXPORT_ECC_SZ]; + word32 expSz = sizeof(exportBuf); + word32 sigSz; + word32 preSigSz, preSigIdx; +#ifndef NO_RSA + RsaKey rsaKey; +#endif + ecc_key dsaKey; + if (ssl->specs.static_ecdh) { + CYASSL_MSG("Using Static ECDH, not sending ServerKeyExchagne"); + return 0; + } - /* cipher requirements */ - enum { - REQUIRES_RSA, - REQUIRES_DHE, - REQUIRES_ECC_DSA, - REQUIRES_ECC_STATIC, - REQUIRES_PSK, - REQUIRES_NTRU, - REQUIRES_RSA_SIG - }; + /* curve type, named curve, length(1) */ + length = ENUM_LEN + CURVE_LEN + ENUM_LEN; + /* pub key size */ + CYASSL_MSG("Using ephemeral ECDH"); + if (ecc_export_x963(ssl->eccTempKey, exportBuf, &expSz) != 0) + return ECC_EXPORT_ERROR; + length += expSz; + preSigSz = length; + preSigIdx = idx; +#ifndef NO_RSA + ret = InitRsaKey(&rsaKey, ssl->heap); + if (ret != 0) return ret; +#endif + ecc_init(&dsaKey); - /* Does this cipher suite (first, second) have the requirement - an ephemeral key exchange will still require the key for signing - the key exchange so ECHDE_RSA requires an rsa key thus rsa_kea */ - static int CipherRequires(byte first, byte second, int requirement) - { - /* ECC extensions */ - if (first == ECC_BYTE) { - - switch (second) { + /* sig length */ + length += LENGTH_SZ; - case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + if (!ssl->buffers.key.buffer) { +#ifndef NO_RSA + FreeRsaKey(&rsaKey); +#endif + ecc_free(&dsaKey); + return NO_PRIVATE_KEY; + } - case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - if (requirement == REQUIRES_RSA_SIG) - return 1; - break; +#ifndef NO_RSA + if (ssl->specs.sig_algo == rsa_sa_algo) { + /* rsa sig size */ + word32 i = 0; + ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, + &rsaKey, ssl->buffers.key.length); + if (ret != 0) return ret; + sigSz = RsaEncryptSize(&rsaKey); + } else +#endif + if (ssl->specs.sig_algo == ecc_dsa_sa_algo) { + /* ecdsa sig size */ + word32 i = 0; + ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i, + &dsaKey, ssl->buffers.key.length); + if (ret != 0) return ret; + sigSz = ecc_sig_size(&dsaKey); /* worst case estimate */ + } + else { +#ifndef NO_RSA + FreeRsaKey(&rsaKey); +#endif + ecc_free(&dsaKey); + return ALGO_ID_E; /* unsupported type */ + } + length += sigSz; - case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + if (IsAtLeastTLSv1_2(ssl)) + length += HASH_SIG_SIZE; - case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - if (requirement == REQUIRES_RSA_SIG) - return 1; - break; + sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; - case TLS_ECDHE_RSA_WITH_RC4_128_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; + idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; + preSigIdx = idx; + } + #endif + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) { +#ifndef NO_RSA + FreeRsaKey(&rsaKey); +#endif + ecc_free(&dsaKey); + return ret; + } - case TLS_ECDH_RSA_WITH_RC4_128_SHA : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - if (requirement == REQUIRES_RSA_SIG) - return 1; - break; + /* get ouput buffer */ + output = ssl->buffers.outputBuffer.buffer + + ssl->buffers.outputBuffer.length; - case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == REQUIRES_ECC_DSA) - return 1; - break; + /* record and message headers will be added below, when we're sure + of the sig length */ - case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - break; + /* key exchange data */ + output[idx++] = named_curve; + output[idx++] = 0x00; /* leading zero */ + output[idx++] = SetCurveId(ecc_size(ssl->eccTempKey)); + output[idx++] = (byte)expSz; + XMEMCPY(output + idx, exportBuf, expSz); + idx += expSz; + if (IsAtLeastTLSv1_2(ssl)) { + output[idx++] = ssl->suites->hashAlgo; + output[idx++] = ssl->suites->sigAlgo; + } - case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : - if (requirement == REQUIRES_ECC_DSA) - return 1; - break; + /* Signtaure length will be written later, when we're sure what it + is */ - case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - break; + /* do signature */ + { +#ifndef NO_OLD_TLS + Md5 md5; + Sha sha; +#endif + byte hash[FINISHED_SZ]; + #ifndef NO_SHA256 + Sha256 sha256; + byte hash256[SHA256_DIGEST_SIZE]; + #endif + #ifdef CYASSL_SHA384 + Sha384 sha384; + byte hash384[SHA384_DIGEST_SIZE]; + #endif - case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; +#ifndef NO_OLD_TLS + /* md5 */ + InitMd5(&md5); + Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN); + Md5Update(&md5, output + preSigIdx, preSigSz); + Md5Final(&md5, hash); - case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - if (requirement == REQUIRES_RSA_SIG) - return 1; - break; + /* sha */ + ret = InitSha(&sha); + if (ret != 0) + return ret; + ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); + ShaUpdate(&sha, output + preSigIdx, preSigSz); + ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); +#endif - case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : - if (requirement == REQUIRES_ECC_DSA) - return 1; - break; + #ifndef NO_SHA256 + ret = InitSha256(&sha256); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, output + preSigIdx, preSigSz); + if (ret != 0) + return ret; + ret = Sha256Final(&sha256, hash256); + if (ret != 0) + return ret; + #endif + + #ifdef CYASSL_SHA384 + ret = InitSha384(&sha384); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, output + preSigIdx, preSigSz); + if (ret != 0) + return ret; + ret = Sha384Final(&sha384, hash384); + if (ret != 0) + return ret; + #endif +#ifndef NO_RSA + if (ssl->suites->sigAlgo == rsa_sa_algo) { + byte* signBuffer = hash; + word32 signSz = sizeof(hash); + byte encodedSig[MAX_ENCODED_SIG_SZ]; + byte doUserRsa = 0; + + #ifdef HAVE_PK_CALLBACKS + if (ssl->ctx->RsaSignCb) + doUserRsa = 1; + #endif /*HAVE_PK_CALLBACKS */ + + if (IsAtLeastTLSv1_2(ssl)) { + byte* digest = &hash[MD5_DIGEST_SIZE]; + int typeH = SHAh; + int digestSz = SHA_DIGEST_SIZE; + + if (ssl->suites->hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = hash256; + typeH = SHA256h; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (ssl->suites->hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = hash384; + typeH = SHA384h; + digestSz = SHA384_DIGEST_SIZE; + #endif + } + + signSz = EncodeSignature(encodedSig, digest, digestSz, + typeH); + signBuffer = encodedSig; + } + /* write sig size here */ + c16toa((word16)sigSz, output + idx); + idx += LENGTH_SZ; + + if (doUserRsa) { + #ifdef HAVE_PK_CALLBACKS + word32 ioLen = sigSz; + ret = ssl->ctx->RsaSignCb(ssl, signBuffer, signSz, + output + idx, + &ioLen, + ssl->buffers.key.buffer, + ssl->buffers.key.length, + ssl->RsaSignCtx); + #endif /*HAVE_PK_CALLBACKS */ + } + else { + ret = RsaSSL_Sign(signBuffer, signSz, output + idx, + sigSz, &rsaKey, ssl->rng); + if (ret > 0) + ret = 0; /* reset on success */ + } + FreeRsaKey(&rsaKey); + ecc_free(&dsaKey); + if (ret < 0) + return ret; + } else +#endif + if (ssl->suites->sigAlgo == ecc_dsa_sa_algo) { +#ifndef NO_OLD_TLS + byte* digest = &hash[MD5_DIGEST_SIZE]; + word32 digestSz = SHA_DIGEST_SIZE; +#else + byte* digest = hash256; + word32 digestSz = SHA256_DIGEST_SIZE; +#endif + word32 sz = sigSz; + byte doUserEcc = 0; - case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - break; + #ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + if (ssl->ctx->EccSignCb) + doUserEcc = 1; + #endif /* HAVE_ECC */ + #endif /*HAVE_PK_CALLBACKS */ - case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : - if (requirement == REQUIRES_ECC_DSA) - return 1; - break; + if (IsAtLeastTLSv1_2(ssl)) { + if (ssl->suites->hashAlgo == sha_mac) { + #ifndef NO_SHA + digest = &hash[MD5_DIGEST_SIZE]; + digestSz = SHA_DIGEST_SIZE; + #endif + } + else if (ssl->suites->hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = hash256; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (ssl->suites->hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = hash384; + digestSz = SHA384_DIGEST_SIZE; + #endif + } + } - case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - break; + if (doUserEcc) { + #ifdef HAVE_PK_CALLBACKS + #ifdef HAVE_ECC + ret = ssl->ctx->EccSignCb(ssl, digest, digestSz, + output + LENGTH_SZ + idx, &sz, + ssl->buffers.key.buffer, + ssl->buffers.key.length, + ssl->EccSignCtx); + #endif /* HAVE_ECC */ + #endif /*HAVE_PK_CALLBACKS */ + } + else { + ret = ecc_sign_hash(digest, digestSz, + output + LENGTH_SZ + idx, &sz, ssl->rng, &dsaKey); + } +#ifndef NO_RSA + FreeRsaKey(&rsaKey); +#endif + ecc_free(&dsaKey); + if (ret < 0) return ret; - case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 : - if (requirement == REQUIRES_ECC_DSA) - return 1; - break; + /* Now that we know the real sig size, write it. */ + c16toa((word16)sz, output + idx); - case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 : - if (requirement == REQUIRES_ECC_DSA) - return 1; - break; + /* And adjust length and sendSz from estimates */ + length += sz - sigSz; + sendSz += sz - sigSz; + } + } - case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - break; + AddHeaders(output, length, server_key_exchange, ssl); - case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - break; + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; - case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : - if (requirement == REQUIRES_RSA) - return 1; - break; + #ifdef CYASSL_CALLBACKS + if (ssl->hsInfoOn) + AddPacketName("ServerKeyExchange", &ssl->handShakeInfo); + if (ssl->toInfoOn) + AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo, + output, sendSz, ssl->heap); + #endif - case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : - if (requirement == REQUIRES_RSA) - return 1; - break; + ssl->buffers.outputBuffer.length += sendSz; + if (ssl->options.groupMessages) + ret = 0; + else + ret = SendBuffered(ssl); + ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE; + } + #endif /* HAVE_ECC */ - case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - if (requirement == REQUIRES_RSA_SIG) - return 1; - break; + #if !defined(NO_DH) && !defined(NO_RSA) + if (ssl->specs.kea == diffie_hellman_kea) { + byte *output; + word32 length = 0, idx = RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ; + int sendSz; + word32 sigSz = 0, i = 0; + word32 preSigSz = 0, preSigIdx = 0; + RsaKey rsaKey; + DhKey dhKey; + + if (ssl->buffers.serverDH_P.buffer == NULL || + ssl->buffers.serverDH_G.buffer == NULL) + return NO_DH_PARAMS; - case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 : - if (requirement == REQUIRES_ECC_STATIC) - return 1; - if (requirement == REQUIRES_RSA_SIG) - return 1; - break; + if (ssl->buffers.serverDH_Pub.buffer == NULL) { + ssl->buffers.serverDH_Pub.buffer = (byte*)XMALLOC( + ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap, + DYNAMIC_TYPE_DH); + if (ssl->buffers.serverDH_Pub.buffer == NULL) + return MEMORY_E; + } - default: - CYASSL_MSG("Unsupported cipher suite, CipherRequires ECC"); - return 0; - } /* switch */ - } /* if */ - if (first != ECC_BYTE) { /* normal suites */ - switch (second) { + if (ssl->buffers.serverDH_Priv.buffer == NULL) { + ssl->buffers.serverDH_Priv.buffer = (byte*)XMALLOC( + ssl->buffers.serverDH_P.length + 2, ssl->ctx->heap, + DYNAMIC_TYPE_DH); + if (ssl->buffers.serverDH_Priv.buffer == NULL) + return MEMORY_E; + } - case SSL_RSA_WITH_RC4_128_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + InitDhKey(&dhKey); + ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length, + ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); + if (ret == 0) + ret = DhGenerateKeyPair(&dhKey, ssl->rng, + ssl->buffers.serverDH_Priv.buffer, + &ssl->buffers.serverDH_Priv.length, + ssl->buffers.serverDH_Pub.buffer, + &ssl->buffers.serverDH_Pub.length); + FreeDhKey(&dhKey); - case TLS_NTRU_RSA_WITH_RC4_128_SHA : - if (requirement == REQUIRES_NTRU) - return 1; - break; + if (ret == 0) { + ret = InitRsaKey(&rsaKey, ssl->heap); + if (ret != 0) return ret; + } + if (ret == 0) { + length = LENGTH_SZ * 3; /* p, g, pub */ + length += ssl->buffers.serverDH_P.length + + ssl->buffers.serverDH_G.length + + ssl->buffers.serverDH_Pub.length; - case SSL_RSA_WITH_RC4_128_MD5 : - if (requirement == REQUIRES_RSA) - return 1; - break; + preSigIdx = idx; + preSigSz = length; - case SSL_RSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + /* sig length */ + length += LENGTH_SZ; - case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : - if (requirement == REQUIRES_NTRU) - return 1; - break; + if (!ssl->buffers.key.buffer) + return NO_PRIVATE_KEY; - case TLS_RSA_WITH_AES_128_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &i, &rsaKey, + ssl->buffers.key.length); + if (ret == 0) { + sigSz = RsaEncryptSize(&rsaKey); + length += sigSz; + } + } + if (ret != 0) { + FreeRsaKey(&rsaKey); + return ret; + } + + if (IsAtLeastTLSv1_2(ssl)) + length += HASH_SIG_SIZE; - case TLS_RSA_WITH_AES_128_CBC_SHA256 : - if (requirement == REQUIRES_RSA) - return 1; - break; + sendSz = length + HANDSHAKE_HEADER_SZ + RECORD_HEADER_SZ; - case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : - if (requirement == REQUIRES_NTRU) - return 1; - break; + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; + idx += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; + preSigIdx = idx; + } + #endif + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) { + FreeRsaKey(&rsaKey); + return ret; + } - case TLS_RSA_WITH_AES_256_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + /* get ouput buffer */ + output = ssl->buffers.outputBuffer.buffer + + ssl->buffers.outputBuffer.length; - case TLS_RSA_WITH_AES_256_CBC_SHA256 : - if (requirement == REQUIRES_RSA) - return 1; - break; + AddHeaders(output, length, server_key_exchange, ssl); - case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : - if (requirement == REQUIRES_NTRU) - return 1; - break; + /* add p, g, pub */ + c16toa((word16)ssl->buffers.serverDH_P.length, output + idx); + idx += LENGTH_SZ; + XMEMCPY(output + idx, ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length); + idx += ssl->buffers.serverDH_P.length; - case TLS_PSK_WITH_AES_128_CBC_SHA : - if (requirement == REQUIRES_PSK) - return 1; - break; + /* g */ + c16toa((word16)ssl->buffers.serverDH_G.length, output + idx); + idx += LENGTH_SZ; + XMEMCPY(output + idx, ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); + idx += ssl->buffers.serverDH_G.length; - case TLS_PSK_WITH_AES_256_CBC_SHA : - if (requirement == REQUIRES_PSK) - return 1; - break; + /* pub */ + c16toa((word16)ssl->buffers.serverDH_Pub.length, output + idx); + idx += LENGTH_SZ; + XMEMCPY(output + idx, ssl->buffers.serverDH_Pub.buffer, + ssl->buffers.serverDH_Pub.length); + idx += ssl->buffers.serverDH_Pub.length; - case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : - if (requirement == REQUIRES_RSA) - return 1; - if (requirement == REQUIRES_DHE) - return 1; - break; + /* Add signature */ + if (IsAtLeastTLSv1_2(ssl)) { + output[idx++] = ssl->suites->hashAlgo; + output[idx++] = ssl->suites->sigAlgo; + } + /* size */ + c16toa((word16)sigSz, output + idx); + idx += LENGTH_SZ; - case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : - if (requirement == REQUIRES_RSA) - return 1; - if (requirement == REQUIRES_DHE) - return 1; - break; + /* do signature */ + { +#ifndef NO_OLD_TLS + Md5 md5; + Sha sha; +#endif + byte hash[FINISHED_SZ]; + #ifndef NO_SHA256 + Sha256 sha256; + byte hash256[SHA256_DIGEST_SIZE]; + #endif + #ifdef CYASSL_SHA384 + Sha384 sha384; + byte hash384[SHA384_DIGEST_SIZE]; + #endif - case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - if (requirement == REQUIRES_DHE) - return 1; - break; +#ifndef NO_OLD_TLS + /* md5 */ + InitMd5(&md5); + Md5Update(&md5, ssl->arrays->clientRandom, RAN_LEN); + Md5Update(&md5, ssl->arrays->serverRandom, RAN_LEN); + Md5Update(&md5, output + preSigIdx, preSigSz); + Md5Final(&md5, hash); - case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - if (requirement == REQUIRES_DHE) - return 1; - break; + /* sha */ + ret = InitSha(&sha); + if (ret != 0) + return ret; + ShaUpdate(&sha, ssl->arrays->clientRandom, RAN_LEN); + ShaUpdate(&sha, ssl->arrays->serverRandom, RAN_LEN); + ShaUpdate(&sha, output + preSigIdx, preSigSz); + ShaFinal(&sha, &hash[MD5_DIGEST_SIZE]); +#endif - case TLS_RSA_WITH_HC_128_CBC_MD5 : - if (requirement == REQUIRES_RSA) - return 1; - break; - - case TLS_RSA_WITH_HC_128_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + #ifndef NO_SHA256 + ret = InitSha256(&sha256); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha256Update(&sha256, output + preSigIdx, preSigSz); + if (ret != 0) + return ret; + ret = Sha256Final(&sha256, hash256); + if (ret != 0) + return ret; + #endif - case TLS_RSA_WITH_RABBIT_CBC_SHA : - if (requirement == REQUIRES_RSA) - return 1; - break; + #ifdef CYASSL_SHA384 + ret = InitSha384(&sha384); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->clientRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, ssl->arrays->serverRandom, RAN_LEN); + if (ret != 0) + return ret; + ret = Sha384Update(&sha384, output + preSigIdx, preSigSz); + if (ret != 0) + return ret; + ret = Sha384Final(&sha384, hash384); + if (ret != 0) + return ret; + #endif +#ifndef NO_RSA + if (ssl->suites->sigAlgo == rsa_sa_algo) { + byte* signBuffer = hash; + word32 signSz = sizeof(hash); + byte encodedSig[MAX_ENCODED_SIG_SZ]; + byte doUserRsa = 0; + + #ifdef HAVE_PK_CALLBACKS + if (ssl->ctx->RsaSignCb) + doUserRsa = 1; + #endif /*HAVE_PK_CALLBACKS */ - case TLS_RSA_WITH_AES_128_GCM_SHA256 : - case TLS_RSA_WITH_AES_256_GCM_SHA384 : - if (requirement == REQUIRES_RSA) - return 1; - break; + if (IsAtLeastTLSv1_2(ssl)) { + byte* digest = &hash[MD5_DIGEST_SIZE]; + int typeH = SHAh; + int digestSz = SHA_DIGEST_SIZE; + + if (ssl->suites->hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = hash256; + typeH = SHA256h; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (ssl->suites->hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = hash384; + typeH = SHA384h; + digestSz = SHA384_DIGEST_SIZE; + #endif + } - case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 : - case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : - if (requirement == REQUIRES_RSA) - return 1; - if (requirement == REQUIRES_DHE) - return 1; - break; + signSz = EncodeSignature(encodedSig, digest, digestSz, + typeH); + signBuffer = encodedSig; + } + if (doUserRsa) { + #ifdef HAVE_PK_CALLBACKS + word32 ioLen = sigSz; + ret = ssl->ctx->RsaSignCb(ssl, signBuffer, signSz, + output + idx, + &ioLen, + ssl->buffers.key.buffer, + ssl->buffers.key.length, + ssl->RsaSignCtx); + #endif /*HAVE_PK_CALLBACKS */ + } + else { + ret = RsaSSL_Sign(signBuffer, signSz, output + idx, + sigSz, &rsaKey, ssl->rng); + } + FreeRsaKey(&rsaKey); + if (ret < 0) + return ret; + } +#endif + } - default: - CYASSL_MSG("Unsupported cipher suite, CipherRequires"); - return 0; - } /* switch */ - } /* if ECC / Normal suites else */ + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return ret; + } + #endif - return 0; - } + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; + #ifdef CYASSL_CALLBACKS + if (ssl->hsInfoOn) + AddPacketName("ServerKeyExchange", &ssl->handShakeInfo); + if (ssl->toInfoOn) + AddPacketInfo("ServerKeyExchange", &ssl->timeoutInfo, + output, sendSz, ssl->heap); + #endif + ssl->buffers.outputBuffer.length += sendSz; + if (ssl->options.groupMessages) + ret = 0; + else + ret = SendBuffered(ssl); + ssl->options.serverState = SERVER_KEYEXCHANGE_COMPLETE; + } + #endif /* NO_DH */ + return ret; + } - /* Make sure cert/key are valid for this suite, true on success */ - static int VerifySuite(CYASSL* ssl, word16 idx) + /* Make sure server cert/key are valid for this suite, true on success */ + static int VerifyServerSuite(CYASSL* ssl, word16 idx) { int haveRSA = !ssl->options.haveStaticECC; int havePSK = 0; - byte first = ssl->suites.suites[idx]; - byte second = ssl->suites.suites[idx+1]; + byte first; + byte second; - CYASSL_ENTER("VerifySuite"); + CYASSL_ENTER("VerifyServerSuite"); + + if (ssl->suites == NULL) { + CYASSL_MSG("Suites pointer error"); + return 0; + } + + first = ssl->suites->suites[idx]; + second = ssl->suites->suites[idx+1]; #ifndef NO_PSK havePSK = ssl->options.havePSK; @@ -6179,12 +10672,20 @@ int SetCipherList(Suites* s, const char* list) if (CipherRequires(first, second, REQUIRES_RSA_SIG)) { CYASSL_MSG("Requires RSA Signature"); - if (ssl->options.side == SERVER_END && ssl->options.haveECDSAsig == 1) { + if (ssl->options.side == CYASSL_SERVER_END && + ssl->options.haveECDSAsig == 1) { CYASSL_MSG("Don't have RSA Signature"); return 0; } } +#ifdef HAVE_SUPPORTED_CURVES + if (!TLSX_ValidateEllipticCurves(ssl, first, second)) { + CYASSL_MSG("Don't have matching curves"); + return 0; + } +#endif + /* ECCDHE is always supported if ECC on */ return 1; @@ -6201,20 +10702,27 @@ int SetCipherList(Suites* s, const char* list) if (peerSuites->suiteSz == 0 || peerSuites->suiteSz & 0x1) return MATCH_SUITE_ERROR; + if (ssl->suites == NULL) + return SUITES_ERROR; /* start with best, if a match we are good */ - for (i = 0; i < ssl->suites.suiteSz; i += 2) + for (i = 0; i < ssl->suites->suiteSz; i += 2) for (j = 0; j < peerSuites->suiteSz; j += 2) - if (ssl->suites.suites[i] == peerSuites->suites[j] && - ssl->suites.suites[i+1] == peerSuites->suites[j+1] ) { + if (ssl->suites->suites[i] == peerSuites->suites[j] && + ssl->suites->suites[i+1] == peerSuites->suites[j+1] ) { - if (VerifySuite(ssl, i)) { + if (VerifyServerSuite(ssl, i)) { + int result; CYASSL_MSG("Verified suite validity"); - ssl->options.cipherSuite0 = ssl->suites.suites[i]; - ssl->options.cipherSuite = ssl->suites.suites[i+1]; - return SetCipherSpecs(ssl); + ssl->options.cipherSuite0 = ssl->suites->suites[i]; + ssl->options.cipherSuite = ssl->suites->suites[i+1]; + result = SetCipherSpecs(ssl); + if (result == 0) + PickHashSigAlgo(ssl, peerSuites->hashSigAlgo, + peerSuites->hashSigAlgoSz); + return result; } else { - CYASSL_MSG("Coult not verify suite validity, continue"); + CYASSL_MSG("Could not verify suite validity, continue"); } } @@ -6243,11 +10751,21 @@ int SetCipherList(Suites* s, const char* list) #endif /* manually hash input since different format */ +#ifndef NO_OLD_TLS +#ifndef NO_MD5 Md5Update(&ssl->hashMd5, input + idx, sz); +#endif +#ifndef NO_SHA ShaUpdate(&ssl->hashSha, input + idx, sz); +#endif +#endif #ifndef NO_SHA256 - if (IsAtLeastTLSv1_2(ssl)) - Sha256Update(&ssl->hashSha256, input + idx, sz); + if (IsAtLeastTLSv1_2(ssl)) { + int shaRet = Sha256Update(&ssl->hashSha256, input + idx, sz); + + if (shaRet != 0) + return shaRet; + } #endif /* does this value mean client_hello? */ @@ -6259,6 +10777,7 @@ int SetCipherList(Suites* s, const char* list) ssl->chVersion = pv; /* store */ if (ssl->version.minor > pv.minor) { + byte haveRSA = 0; byte havePSK = 0; if (!ssl->options.downgrade) { CYASSL_MSG("Client trying to connect with lesser version"); @@ -6281,13 +10800,17 @@ int SetCipherList(Suites* s, const char* list) CYASSL_MSG(" downgrading to TLSv1.1"); ssl->version.minor = TLSv1_1_MINOR; } +#ifndef NO_RSA + haveRSA = 1; +#endif #ifndef NO_PSK havePSK = ssl->options.havePSK; #endif - InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK, - ssl->options.haveNTRU, ssl->options.haveECDSAsig, - ssl->options.haveStaticECC, ssl->options.side); + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveStaticECC, + ssl->options.side); } /* suite size */ @@ -6296,6 +10819,7 @@ int SetCipherList(Suites* s, const char* list) if (clSuites.suiteSz > MAX_SUITE_SZ) return BUFFER_ERROR; + clSuites.hashSigAlgoSz = 0; /* session size */ ato16(&input[idx], &sessionSz); @@ -6324,15 +10848,15 @@ int SetCipherList(Suites* s, const char* list) /* session id */ if (sessionSz) { - XMEMCPY(ssl->arrays.sessionID, input + idx, sessionSz); + XMEMCPY(ssl->arrays->sessionID, input + idx, sessionSz); idx += sessionSz; ssl->options.resuming = 1; } /* random */ if (randomSz < RAN_LEN) - XMEMSET(ssl->arrays.clientRandom, 0, RAN_LEN - randomSz); - XMEMCPY(&ssl->arrays.clientRandom[RAN_LEN - randomSz], input + idx, + XMEMSET(ssl->arrays->clientRandom, 0, RAN_LEN - randomSz); + XMEMCPY(&ssl->arrays->clientRandom[RAN_LEN - randomSz], input + idx, randomSz); idx += randomSz; @@ -6344,26 +10868,40 @@ int SetCipherList(Suites* s, const char* list) ssl->options.haveSessionId = 1; /* DoClientHello uses same resume code */ - while (ssl->options.resuming) { /* let's try */ - int ret; - CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); + if (ssl->options.resuming) { /* let's try */ + int ret = -1; + CYASSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret); if (!session) { + CYASSL_MSG("Session lookup for resume failed"); ssl->options.resuming = 0; - break; /* session lookup failed */ - } - if (MatchSuite(ssl, &clSuites) < 0) { - CYASSL_MSG("Unsupported cipher suite, OldClientHello"); - return UNSUPPORTED_SUITE; - } + } else { + if (MatchSuite(ssl, &clSuites) < 0) { + CYASSL_MSG("Unsupported cipher suite, OldClientHello"); + return UNSUPPORTED_SUITE; + } + #ifdef SESSION_CERTS + ssl->session = *session; /* restore session certs. */ + #endif - RNG_GenerateBlock(&ssl->rng, ssl->arrays.serverRandom, RAN_LEN); - if (ssl->options.tls) - ret = DeriveTlsKeys(ssl); - else - ret = DeriveKeys(ssl); - ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; + ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, + RAN_LEN); + if (ret != 0) + return ret; - return ret; + #ifdef NO_OLD_TLS + ret = DeriveTlsKeys(ssl); + #else + #ifndef NO_TLS + if (ssl->options.tls) + ret = DeriveTlsKeys(ssl); + #endif + if (!ssl->options.tls) + ret = DeriveKeys(ssl); + #endif + ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; + + return ret; + } } return MatchSuite(ssl, &clSuites); @@ -6371,31 +10909,37 @@ int SetCipherList(Suites* s, const char* list) static int DoClientHello(CYASSL* ssl, const byte* input, word32* inOutIdx, - word32 totalSz, word32 helloSz) + word32 helloSz) { - byte b; + byte b; ProtocolVersion pv; Suites clSuites; - word32 i = *inOutIdx; - word32 begin = i; + word32 i = *inOutIdx; + word32 begin = i; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("ClientHello", &ssl->handShakeInfo); if (ssl->toInfoOn) AddLateName("ClientHello", &ssl->timeoutInfo); #endif - /* make sure can read up to session */ - if (i + sizeof(pv) + RAN_LEN + ENUM_LEN > totalSz) - return INCOMPLETE_DATA; - XMEMCPY(&pv, input + i, sizeof(pv)); + /* protocol version, random and session id length check */ + if ((i - begin) + OPAQUE16_LEN + RAN_LEN + OPAQUE8_LEN > helloSz) + return BUFFER_ERROR; + + /* protocol version */ + XMEMCPY(&pv, input + i, OPAQUE16_LEN); ssl->chVersion = pv; /* store */ - i += sizeof(pv); + i += OPAQUE16_LEN; + if (ssl->version.minor > pv.minor) { + byte haveRSA = 0; byte havePSK = 0; + if (!ssl->options.downgrade) { CYASSL_MSG("Client trying to connect with lesser version"); return VERSION_ERROR; } + if (pv.minor == SSLv3_MINOR) { /* turn off tls */ CYASSL_MSG(" downgrading to SSLv3"); @@ -6413,15 +10957,20 @@ int SetCipherList(Suites* s, const char* list) CYASSL_MSG(" downgrading to TLSv1.1"); ssl->version.minor = TLSv1_1_MINOR; } +#ifndef NO_RSA + haveRSA = 1; +#endif #ifndef NO_PSK havePSK = ssl->options.havePSK; #endif - InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK, - ssl->options.haveNTRU, ssl->options.haveECDSAsig, - ssl->options.haveStaticECC, ssl->options.side); + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveStaticECC, + ssl->options.side); } + /* random */ - XMEMCPY(ssl->arrays.clientRandom, input + i, RAN_LEN); + XMEMCPY(ssl->arrays->clientRandom, input + i, RAN_LEN); i += RAN_LEN; #ifdef SHOW_SECRETS @@ -6429,117 +10978,225 @@ int SetCipherList(Suites* s, const char* list) int j; printf("client random: "); for (j = 0; j < RAN_LEN; j++) - printf("%02x", ssl->arrays.clientRandom[j]); + printf("%02x", ssl->arrays->clientRandom[j]); printf("\n"); } #endif + /* session id */ b = input[i++]; - if (b) { - if (i + ID_LEN > totalSz) - return INCOMPLETE_DATA; - XMEMCPY(ssl->arrays.sessionID, input + i, ID_LEN); - i += b; - ssl->options.resuming= 1; /* client wants to resume */ + + if (b == ID_LEN) { + if ((i - begin) + ID_LEN > helloSz) + return BUFFER_ERROR; + + XMEMCPY(ssl->arrays->sessionID, input + i, ID_LEN); + i += ID_LEN; + ssl->options.resuming = 1; /* client wants to resume */ CYASSL_MSG("Client wants to resume session"); } + else if (b) { + CYASSL_MSG("Invalid session ID size"); + return BUFFER_ERROR; /* session ID nor 0 neither 32 bytes long */ + } #ifdef CYASSL_DTLS /* cookie */ if (ssl->options.dtls) { + + if ((i - begin) + OPAQUE8_LEN > helloSz) + return BUFFER_ERROR; + b = input[i++]; + if (b) { byte cookie[MAX_COOKIE_LEN]; - byte cookieSz; if (b > MAX_COOKIE_LEN) return BUFFER_ERROR; - if (i + b > totalSz) - return INCOMPLETE_DATA; - cookieSz = EmbedGenerateCookie(cookie, COOKIE_SZ, ssl); - if ((b != cookieSz) || XMEMCMP(cookie, input + i, b) != 0) + + if ((i - begin) + b > helloSz) + return BUFFER_ERROR; + + if (ssl->ctx->CBIOCookie == NULL) { + CYASSL_MSG("Your Cookie callback is null, please set"); + return COOKIE_ERROR; + } + + if ((ssl->ctx->CBIOCookie(ssl, cookie, COOKIE_SZ, + ssl->IOCB_CookieCtx) != COOKIE_SZ) + || (b != COOKIE_SZ) + || (XMEMCMP(cookie, input + i, b) != 0)) { return COOKIE_ERROR; + } + i += b; } } #endif - if (i + LENGTH_SZ > totalSz) - return INCOMPLETE_DATA; /* suites */ + if ((i - begin) + OPAQUE16_LEN > helloSz) + return BUFFER_ERROR; + ato16(&input[i], &clSuites.suiteSz); - i += 2; + i += OPAQUE16_LEN; + + /* suites and compression length check */ + if ((i - begin) + clSuites.suiteSz + OPAQUE8_LEN > helloSz) + return BUFFER_ERROR; - /* suites and comp len */ - if (i + clSuites.suiteSz + ENUM_LEN > totalSz) - return INCOMPLETE_DATA; if (clSuites.suiteSz > MAX_SUITE_SZ) return BUFFER_ERROR; + XMEMCPY(clSuites.suites, input + i, clSuites.suiteSz); i += clSuites.suiteSz; + clSuites.hashSigAlgoSz = 0; - b = input[i++]; /* comp len */ - if (i + b > totalSz) - return INCOMPLETE_DATA; + /* compression length */ + b = input[i++]; + + if ((i - begin) + b > helloSz) + return BUFFER_ERROR; if (ssl->options.usingCompression) { int match = 0; + while (b--) { byte comp = input[i++]; + if (comp == ZLIB_COMPRESSION) match = 1; } + if (!match) { CYASSL_MSG("Not matching compression, turning off"); ssl->options.usingCompression = 0; /* turn off */ } } else - i += b; /* ignore, since we're not on */ - - ssl->options.clientState = CLIENT_HELLO_COMPLETE; + i += b; /* ignore, since we're not on */ *inOutIdx = i; - if ( (i - begin) < helloSz) - *inOutIdx = begin + helloSz; /* skip extensions */ - + + /* tls extensions */ + if ((i - begin) < helloSz) { +#ifdef HAVE_TLS_EXTENSIONS + if (TLSX_SupportExtensions(ssl)) { + int ret = 0; +#else + if (IsAtLeastTLSv1_2(ssl)) { +#endif + /* Process the hello extension. Skip unsupported. */ + word16 totalExtSz; + + if ((i - begin) + OPAQUE16_LEN > helloSz) + return BUFFER_ERROR; + + ato16(&input[i], &totalExtSz); + i += OPAQUE16_LEN; + + if ((i - begin) + totalExtSz > helloSz) + return BUFFER_ERROR; + +#ifdef HAVE_TLS_EXTENSIONS + if ((ret = TLSX_Parse(ssl, (byte *) input + i, + totalExtSz, 1, &clSuites))) + return ret; + + i += totalExtSz; +#else + while (totalExtSz) { + word16 extId, extSz; + + if (OPAQUE16_LEN + OPAQUE16_LEN > totalExtSz) + return BUFFER_ERROR; + + ato16(&input[i], &extId); + i += OPAQUE16_LEN; + ato16(&input[i], &extSz); + i += OPAQUE16_LEN; + + if (OPAQUE16_LEN + OPAQUE16_LEN + extSz > totalExtSz) + return BUFFER_ERROR; + + if (extId == HELLO_EXT_SIG_ALGO) { + ato16(&input[i], &clSuites.hashSigAlgoSz); + i += OPAQUE16_LEN; + + if (OPAQUE16_LEN + clSuites.hashSigAlgoSz > extSz) + return BUFFER_ERROR; + + XMEMCPY(clSuites.hashSigAlgo, &input[i], + min(clSuites.hashSigAlgoSz, HELLO_EXT_SIGALGO_MAX)); + i += clSuites.hashSigAlgoSz; + } + else + i += extSz; + + totalExtSz -= OPAQUE16_LEN + OPAQUE16_LEN + extSz; + } +#endif + *inOutIdx = i; + } + else + *inOutIdx = begin + helloSz; /* skip extensions */ + } + + ssl->options.clientState = CLIENT_HELLO_COMPLETE; ssl->options.haveSessionId = 1; + /* ProcessOld uses same resume code */ - while (ssl->options.resuming) { /* let's try */ - int ret; - CYASSL_SESSION* session = GetSession(ssl, ssl->arrays.masterSecret); + if (ssl->options.resuming && (!ssl->options.dtls || + ssl->options.acceptState == HELLO_VERIFY_SENT)) { /* let's try */ + int ret = -1; + CYASSL_SESSION* session = GetSession(ssl,ssl->arrays->masterSecret); + if (!session) { - ssl->options.resuming = 0; CYASSL_MSG("Session lookup for resume failed"); - break; /* session lookup failed */ - } - if (MatchSuite(ssl, &clSuites) < 0) { - CYASSL_MSG("Unsupported cipher suite, ClientHello"); - return UNSUPPORTED_SUITE; + ssl->options.resuming = 0; } + else { + if (MatchSuite(ssl, &clSuites) < 0) { + CYASSL_MSG("Unsupported cipher suite, ClientHello"); + return UNSUPPORTED_SUITE; + } + #ifdef SESSION_CERTS + ssl->session = *session; /* restore session certs. */ + #endif - RNG_GenerateBlock(&ssl->rng, ssl->arrays.serverRandom, RAN_LEN); - if (ssl->options.tls) - ret = DeriveTlsKeys(ssl); - else - ret = DeriveKeys(ssl); - ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; + ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->serverRandom, + RAN_LEN); + if (ret != 0) + return ret; - return ret; + #ifdef NO_OLD_TLS + ret = DeriveTlsKeys(ssl); + #else + #ifndef NO_TLS + if (ssl->options.tls) + ret = DeriveTlsKeys(ssl); + #endif + if (!ssl->options.tls) + ret = DeriveKeys(ssl); + #endif + ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; + + return ret; + } } return MatchSuite(ssl, &clSuites); } - - static int DoCertificateVerify(CYASSL* ssl, byte* input, word32* inOutsz, - word32 totalSz) +#if !defined(NO_RSA) || defined(HAVE_ECC) + static int DoCertificateVerify(CYASSL* ssl, byte* input, word32* inOutIdx, + word32 size) { word16 sz = 0; - word32 i = *inOutsz; int ret = VERIFY_CERT_ERROR; /* start in error state */ - byte* sig; - byte* out; - int outLen; + byte hashAlgo = sha_mac; + byte sigAlgo = anonymous_sa_algo; + word32 begin = *inOutIdx; #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -6547,70 +11204,152 @@ int SetCipherList(Suites* s, const char* list) if (ssl->toInfoOn) AddLateName("CertificateVerify", &ssl->timeoutInfo); #endif - if ( (i + VERIFY_HEADER) > totalSz) - return INCOMPLETE_DATA; - if (IsAtLeastTLSv1_2(ssl)) - i += HASH_SIG_SIZE; - ato16(&input[i], &sz); - i += VERIFY_HEADER; - if ( (i + sz) > totalSz) - return INCOMPLETE_DATA; + if (IsAtLeastTLSv1_2(ssl)) { + if ((*inOutIdx - begin) + ENUM_LEN + ENUM_LEN > size) + return BUFFER_ERROR; + + hashAlgo = input[(*inOutIdx)++]; + sigAlgo = input[(*inOutIdx)++]; + } - if (sz > ENCRYPT_LEN) + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) return BUFFER_ERROR; - sig = &input[i]; - *inOutsz = i + sz; + ato16(input + *inOutIdx, &sz); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + sz > size || sz > ENCRYPT_LEN) + return BUFFER_ERROR; /* RSA */ +#ifndef NO_RSA if (ssl->peerRsaKeyPresent != 0) { + byte* out = NULL; + int outLen = 0; + byte doUserRsa = 0; + + #ifdef HAVE_PK_CALLBACKS + if (ssl->ctx->RsaVerifyCb) + doUserRsa = 1; + #endif /*HAVE_PK_CALLBACKS */ + CYASSL_MSG("Doing RSA peer cert verify"); - outLen = RsaSSL_VerifyInline(sig, sz, &out, &ssl->peerRsaKey); + if (doUserRsa) { + #ifdef HAVE_PK_CALLBACKS + outLen = ssl->ctx->RsaVerifyCb(ssl, input + *inOutIdx, sz, + &out, + ssl->buffers.peerRsaKey.buffer, + ssl->buffers.peerRsaKey.length, + ssl->RsaVerifyCtx); + #endif /*HAVE_PK_CALLBACKS */ + } + else { + outLen = RsaSSL_VerifyInline(input + *inOutIdx, sz, &out, + ssl->peerRsaKey); + } if (IsAtLeastTLSv1_2(ssl)) { byte encodedSig[MAX_ENCODED_SIG_SZ]; word32 sigSz; - byte* digest; - int typeH; - int digestSz; + byte* digest = ssl->certHashes.sha; + int typeH = SHAh; + int digestSz = SHA_DIGEST_SIZE; + + if (sigAlgo != rsa_sa_algo) { + CYASSL_MSG("Oops, peer sent RSA key but not in verify"); + } - /* sha1 for now */ - digest = ssl->certHashes.sha; - typeH = SHAh; - digestSz = SHA_DIGEST_SIZE; + if (hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = ssl->certHashes.sha256; + typeH = SHA256h; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = ssl->certHashes.sha384; + typeH = SHA384h; + digestSz = SHA384_DIGEST_SIZE; + #endif + } sigSz = EncodeSignature(encodedSig, digest, digestSz, typeH); - if (outLen == (int)sigSz && XMEMCMP(out, encodedSig, + if (outLen == (int)sigSz && out && XMEMCMP(out, encodedSig, min(sigSz, MAX_ENCODED_SIG_SZ)) == 0) - ret = 0; /* verified */ + ret = 0; /* verified */ } else { - if (outLen == sizeof(ssl->certHashes) && XMEMCMP(out, - &ssl->certHashes, sizeof(ssl->certHashes)) == 0) - ret = 0; /* verified */ + if (outLen == FINISHED_SZ && out && XMEMCMP(out, + &ssl->certHashes, FINISHED_SZ) == 0) + ret = 0; /* verified */ } } +#endif #ifdef HAVE_ECC - else if (ssl->peerEccDsaKeyPresent) { + if (ssl->peerEccDsaKeyPresent) { int verify = 0; int err = -1; + byte* digest = ssl->certHashes.sha; + word32 digestSz = SHA_DIGEST_SIZE; + byte doUserEcc = 0; + + #ifdef HAVE_PK_CALLBACKS + if (ssl->ctx->EccVerifyCb) + doUserEcc = 1; + #endif CYASSL_MSG("Doing ECC peer cert verify"); - err = ecc_verify_hash(sig, sz, ssl->certHashes.sha, SHA_DIGEST_SIZE, - &verify, &ssl->peerEccDsaKey); + if (IsAtLeastTLSv1_2(ssl)) { + if (sigAlgo != ecc_dsa_sa_algo) { + CYASSL_MSG("Oops, peer sent ECC key but not in verify"); + } + + if (hashAlgo == sha256_mac) { + #ifndef NO_SHA256 + digest = ssl->certHashes.sha256; + digestSz = SHA256_DIGEST_SIZE; + #endif + } + else if (hashAlgo == sha384_mac) { + #ifdef CYASSL_SHA384 + digest = ssl->certHashes.sha384; + digestSz = SHA384_DIGEST_SIZE; + #endif + } + } + + if (doUserEcc) { + #ifdef HAVE_PK_CALLBACKS + ret = ssl->ctx->EccVerifyCb(ssl, input + *inOutIdx, sz, digest, + digestSz, + ssl->buffers.peerEccDsaKey.buffer, + ssl->buffers.peerEccDsaKey.length, + &verify, ssl->EccVerifyCtx); + #endif + } + else { + err = ecc_verify_hash(input + *inOutIdx, sz, digest, digestSz, + &verify, ssl->peerEccDsaKey); + } if (err == 0 && verify == 1) - ret = 0; /* verified */ + ret = 0; /* verified */ } #endif + *inOutIdx += sz; + + if (ret == 0) + ssl->options.havePeerVerify = 1; + return ret; } - +#endif /* !NO_RSA || HAVE_ECC */ int SendServerHelloDone(CYASSL* ssl) { @@ -6622,8 +11361,8 @@ int SetCipherList(Suites* s, const char* list) if (ssl->options.dtls) sendSz += DTLS_RECORD_EXTRA + DTLS_HANDSHAKE_EXTRA; #endif - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) return ret; /* get ouput buffer */ @@ -6632,7 +11371,17 @@ int SetCipherList(Suites* s, const char* list) AddHeaders(output, 0, server_hello_done, ssl); - HashOutput(ssl, output, sendSz, 0); + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + if ((ret = DtlsPoolSave(ssl, output, sendSz)) != 0) + return 0; + } + #endif + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) + return ret; + #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("ServerHelloDone", &ssl->handShakeInfo); @@ -6657,8 +11406,8 @@ int SetCipherList(Suites* s, const char* list) int sendSz = length + idx; int ret; - /* check for avalaible size */ - if ((ret = CheckAvalaibleSize(ssl, sendSz)) != 0) + /* check for available size */ + if ((ret = CheckAvailableSize(ssl, sendSz)) != 0) return ret; /* get ouput buffer */ @@ -6667,14 +11416,22 @@ int SetCipherList(Suites* s, const char* list) AddHeaders(output, length, hello_verify_request, ssl); - XMEMCPY(output + idx, &ssl->chVersion, VERSION_SZ); - idx += VERSION_SZ; + output[idx++] = ssl->chVersion.major; + output[idx++] = ssl->chVersion.minor; output[idx++] = cookieSz; - if ((ret = EmbedGenerateCookie(output + idx, cookieSz, ssl)) < 0) + if (ssl->ctx->CBIOCookie == NULL) { + CYASSL_MSG("Your Cookie callback is null, please set"); + return COOKIE_ERROR; + } + if ((ret = ssl->ctx->CBIOCookie(ssl, output + idx, cookieSz, + ssl->IOCB_CookieCtx)) < 0) + return ret; + + ret = HashOutput(ssl, output, sendSz, 0); + if (ret != 0) return ret; - HashOutput(ssl, output, sendSz, 0); #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) AddPacketName("HelloVerifyRequest", &ssl->handShakeInfo); @@ -6690,18 +11447,39 @@ int SetCipherList(Suites* s, const char* list) } #endif - static int DoClientKeyExchange(CYASSL* ssl, byte* input, - word32* inOutIdx) + static int DoClientKeyExchange(CYASSL* ssl, byte* input, word32* inOutIdx, + word32 size) { int ret = 0; word32 length = 0; - byte* out; + byte* out = NULL; + word32 begin = *inOutIdx; - if (ssl->options.verifyPeer && ssl->options.failNoCert) - if (!ssl->options.havePeerCert) { - CYASSL_MSG("client didn't present peer cert"); - return NO_PEER_CERT; - } + (void)length; /* shut up compiler warnings */ + (void)out; + (void)input; + (void)size; + (void)begin; + + if (ssl->options.side != CYASSL_SERVER_END) { + CYASSL_MSG("Client received client keyexchange, attack?"); + CYASSL_ERROR(ssl->error = SIDE_ERROR); + return SSL_FATAL_ERROR; + } + + if (ssl->options.clientState < CLIENT_HELLO_COMPLETE) { + CYASSL_MSG("Client sending keyexchange at wrong time"); + SendAlert(ssl, alert_fatal, unexpected_message); + return OUT_OF_ORDER_E; + } + + #ifndef NO_CERTS + if (ssl->options.verifyPeer && ssl->options.failNoCert) + if (!ssl->options.havePeerCert) { + CYASSL_MSG("client didn't present peer cert"); + return NO_PEER_CERT; + } + #endif #ifdef CYASSL_CALLBACKS if (ssl->hsInfoOn) @@ -6709,394 +11487,359 @@ int SetCipherList(Suites* s, const char* list) if (ssl->toInfoOn) AddLateName("ClientKeyExchange", &ssl->timeoutInfo); #endif - if (ssl->specs.kea == rsa_kea) { - word32 idx = 0; - RsaKey key; - byte* tmp = 0; - - InitRsaKey(&key, ssl->heap); - - if (ssl->buffers.key.buffer) - ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, &key, - ssl->buffers.key.length); - else - return NO_PRIVATE_KEY; - if (ret == 0) { - length = RsaEncryptSize(&key); - ssl->arrays.preMasterSz = SECRET_LEN; + switch (ssl->specs.kea) { + #ifndef NO_RSA + case rsa_kea: + { + word32 idx = 0; + RsaKey key; + byte doUserRsa = 0; - if (ssl->options.tls) - (*inOutIdx) += 2; - tmp = input + *inOutIdx; - *inOutIdx += length; + #ifdef HAVE_PK_CALLBACKS + if (ssl->ctx->RsaDecCb) + doUserRsa = 1; + #endif - if (RsaPrivateDecryptInline(tmp, length, &out, &key) == - SECRET_LEN) { - XMEMCPY(ssl->arrays.preMasterSecret, out, SECRET_LEN); - if (ssl->arrays.preMasterSecret[0] != ssl->chVersion.major - || - ssl->arrays.preMasterSecret[1] != ssl->chVersion.minor) + ret = InitRsaKey(&key, ssl->heap); + if (ret != 0) return ret; - ret = PMS_VERSION_ERROR; - else - ret = MakeMasterSecret(ssl); - } + if (ssl->buffers.key.buffer) + ret = RsaPrivateKeyDecode(ssl->buffers.key.buffer, &idx, + &key, ssl->buffers.key.length); else - ret = RSA_PRIVATE_ERROR; - } + return NO_PRIVATE_KEY; - FreeRsaKey(&key); -#ifndef NO_PSK - } else if (ssl->specs.kea == psk_kea) { - byte* pms = ssl->arrays.preMasterSecret; - word16 ci_sz; - - ato16(&input[*inOutIdx], &ci_sz); - *inOutIdx += LENGTH_SZ; - if (ci_sz > MAX_PSK_ID_LEN) return CLIENT_ID_ERROR; - - XMEMCPY(ssl->arrays.client_identity, &input[*inOutIdx], ci_sz); - *inOutIdx += ci_sz; - ssl->arrays.client_identity[ci_sz] = 0; - - ssl->arrays.psk_keySz = ssl->options.server_psk_cb(ssl, - ssl->arrays.client_identity, ssl->arrays.psk_key, - MAX_PSK_KEY_LEN); - if (ssl->arrays.psk_keySz == 0 || - ssl->arrays.psk_keySz > MAX_PSK_KEY_LEN) return PSK_KEY_ERROR; - - /* make psk pre master secret */ - /* length of key + length 0s + length of key + key */ - c16toa((word16)ssl->arrays.psk_keySz, pms); - pms += 2; - XMEMSET(pms, 0, ssl->arrays.psk_keySz); - pms += ssl->arrays.psk_keySz; - c16toa((word16)ssl->arrays.psk_keySz, pms); - pms += 2; - XMEMCPY(pms, ssl->arrays.psk_key, ssl->arrays.psk_keySz); - ssl->arrays.preMasterSz = ssl->arrays.psk_keySz * 2 + 4; - - ret = MakeMasterSecret(ssl); -#endif /* NO_PSK */ -#ifdef HAVE_NTRU - } else if (ssl->specs.kea == ntru_kea) { - word32 rc; - word16 cipherLen; - word16 plainLen = sizeof(ssl->arrays.preMasterSecret); - byte* tmp; + if (ret == 0) { + length = RsaEncryptSize(&key); + ssl->arrays->preMasterSz = SECRET_LEN; - if (!ssl->buffers.key.buffer) - return NO_PRIVATE_KEY; + if (ssl->options.tls) { + word16 check; - ato16(&input[*inOutIdx], &cipherLen); - *inOutIdx += LENGTH_SZ; - if (cipherLen > MAX_NTRU_ENCRYPT_SZ) - return NTRU_KEY_ERROR; + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; - tmp = input + *inOutIdx; - rc = crypto_ntru_decrypt((word16)ssl->buffers.key.length, - ssl->buffers.key.buffer, cipherLen, tmp, &plainLen, - ssl->arrays.preMasterSecret); + ato16(input + *inOutIdx, &check); + *inOutIdx += OPAQUE16_LEN; - if (rc != NTRU_OK || plainLen != SECRET_LEN) - return NTRU_DECRYPT_ERROR; - *inOutIdx += cipherLen; + if ((word32) check != length) { + CYASSL_MSG("RSA explicit size doesn't match"); + FreeRsaKey(&key); + return RSA_PRIVATE_ERROR; + } + } - ssl->arrays.preMasterSz = plainLen; - ret = MakeMasterSecret(ssl); -#endif /* HAVE_NTRU */ -#ifdef HAVE_ECC - } else if (ssl->specs.kea == ecc_diffie_hellman_kea) { - word32 size; - word32 bLength = input[*inOutIdx]; /* one byte length */ - *inOutIdx += 1; + if ((*inOutIdx - begin) + length > size) { + CYASSL_MSG("RSA message too big"); + FreeRsaKey(&key); + return BUFFER_ERROR; + } - ret = ecc_import_x963(&input[*inOutIdx], bLength, &ssl->peerEccKey); - if (ret != 0) - return ECC_PEERKEY_ERROR; - *inOutIdx += bLength; - ssl->peerEccKeyPresent = 1; + if (doUserRsa) { + #ifdef HAVE_PK_CALLBACKS + ret = ssl->ctx->RsaDecCb(ssl, + input + *inOutIdx, length, &out, + ssl->buffers.key.buffer, + ssl->buffers.key.length, + ssl->RsaDecCtx); + #endif + } + else { + ret = RsaPrivateDecryptInline(input + *inOutIdx, length, + &out, &key); + } - size = sizeof(ssl->arrays.preMasterSecret); - if (ssl->specs.static_ecdh) { - ecc_key staticKey; - word32 i = 0; + *inOutIdx += length; + + if (ret == SECRET_LEN) { + XMEMCPY(ssl->arrays->preMasterSecret, out, SECRET_LEN); + if (ssl->arrays->preMasterSecret[0] != + ssl->chVersion.major + || ssl->arrays->preMasterSecret[1] != + ssl->chVersion.minor) + ret = PMS_VERSION_ERROR; + else + ret = MakeMasterSecret(ssl); + } + else { + ret = RSA_PRIVATE_ERROR; + } + } - ecc_init(&staticKey); - ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i, - &staticKey, ssl->buffers.key.length); - if (ret == 0) - ret = ecc_shared_secret(&staticKey, &ssl->peerEccKey, - ssl->arrays.preMasterSecret, &size); - ecc_free(&staticKey); + FreeRsaKey(&key); } - else - ret = ecc_shared_secret(&ssl->eccTempKey, &ssl->peerEccKey, - ssl->arrays.preMasterSecret, &size); - if (ret != 0) - return ECC_SHARED_ERROR; - ssl->arrays.preMasterSz = size; - ret = MakeMasterSecret(ssl); -#endif /* HAVE_ECC */ -#ifdef OPENSSL_EXTRA - } else if (ssl->specs.kea == diffie_hellman_kea) { - byte* clientPub; - word16 clientPubSz; - DhKey dhKey; - - ato16(&input[*inOutIdx], &clientPubSz); - *inOutIdx += LENGTH_SZ; - - clientPub = &input[*inOutIdx]; - *inOutIdx += clientPubSz; - - InitDhKey(&dhKey); - ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer, - ssl->buffers.serverDH_P.length, - ssl->buffers.serverDH_G.buffer, - ssl->buffers.serverDH_G.length); - if (ret == 0) - ret = DhAgree(&dhKey, ssl->arrays.preMasterSecret, - &ssl->arrays.preMasterSz, - ssl->buffers.serverDH_Priv.buffer, - ssl->buffers.serverDH_Priv.length, - clientPub, clientPubSz); - FreeDhKey(&dhKey); - if (ret == 0) - ret = MakeMasterSecret(ssl); -#endif /* OPENSSL_EXTRA */ - } - - if (ret == 0) { - ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; - if (ssl->options.verifyPeer) - BuildCertHashes(ssl, &ssl->certHashes); - } - - return ret; - } - -#endif /* NO_CYASSL_SERVER */ - - -#ifdef SINGLE_THREADED - -int InitMutex(CyaSSL_Mutex* m) -{ - return 0; -} - - -int FreeMutex(CyaSSL_Mutex* m) -{ - return 0; -} - + break; + #endif + #ifndef NO_PSK + case psk_kea: + { + byte* pms = ssl->arrays->preMasterSecret; + word16 ci_sz; -int LockMutex(CyaSSL_Mutex* m) -{ - return 0; -} + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + ato16(input + *inOutIdx, &ci_sz); + *inOutIdx += OPAQUE16_LEN; -int UnLockMutex(CyaSSL_Mutex* m) -{ - return 0; -} + if (ci_sz > MAX_PSK_ID_LEN) + return CLIENT_ID_ERROR; -#else /* MULTI_THREAD */ + if ((*inOutIdx - begin) + ci_sz > size) + return BUFFER_ERROR; - #if defined(FREERTOS) + XMEMCPY(ssl->arrays->client_identity, input + *inOutIdx, ci_sz); + *inOutIdx += ci_sz; - int InitMutex(CyaSSL_Mutex* m) - { - int iReturn; + ssl->arrays->client_identity[min(ci_sz, MAX_PSK_ID_LEN-1)] = 0; + ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl, + ssl->arrays->client_identity, ssl->arrays->psk_key, + MAX_PSK_KEY_LEN); - *m = ( CyaSSL_Mutex ) xSemaphoreCreateMutex(); - if( *m != NULL ) - iReturn = 0; - else - iReturn = BAD_MUTEX_ERROR; + if (ssl->arrays->psk_keySz == 0 || + ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) + return PSK_KEY_ERROR; + + /* make psk pre master secret */ + /* length of key + length 0s + length of key + key */ + c16toa((word16) ssl->arrays->psk_keySz, pms); + pms += OPAQUE16_LEN; - return iReturn; - } + XMEMSET(pms, 0, ssl->arrays->psk_keySz); + pms += ssl->arrays->psk_keySz; - int FreeMutex(CyaSSL_Mutex* m) - { - vSemaphoreDelete( *m ); - return 0; - } + c16toa((word16) ssl->arrays->psk_keySz, pms); + pms += OPAQUE16_LEN; - int LockMutex(CyaSSL_Mutex* m) - { - /* Assume an infinite block, or should there be zero block? */ - xSemaphoreTake( *m, portMAX_DELAY ); - return 0; - } + XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz); + ssl->arrays->preMasterSz = ssl->arrays->psk_keySz * 2 + 4; - int UnLockMutex(CyaSSL_Mutex* m) - { - xSemaphoreGive( *m ); - return 0; - } + ret = MakeMasterSecret(ssl); - #elif defined(USE_WINDOWS_API) + /* No further need for PSK */ + XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz); + ssl->arrays->psk_keySz = 0; + } + break; + #endif /* NO_PSK */ + #ifdef HAVE_NTRU + case ntru_kea: + { + word16 cipherLen; + word16 plainLen = sizeof(ssl->arrays->preMasterSecret); - int InitMutex(CyaSSL_Mutex* m) - { - InitializeCriticalSection(m); - return 0; - } + if (!ssl->buffers.key.buffer) + return NO_PRIVATE_KEY; + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; - int FreeMutex(CyaSSL_Mutex* m) - { - DeleteCriticalSection(m); - return 0; - } + ato16(input + *inOutIdx, &cipherLen); + *inOutIdx += OPAQUE16_LEN; + if (cipherLen > MAX_NTRU_ENCRYPT_SZ) + return NTRU_KEY_ERROR; - int LockMutex(CyaSSL_Mutex* m) - { - EnterCriticalSection(m); - return 0; - } + if ((*inOutIdx - begin) + cipherLen > size) + return BUFFER_ERROR; + if (NTRU_OK != ntru_crypto_ntru_decrypt( + (word16) ssl->buffers.key.length, + ssl->buffers.key.buffer, cipherLen, + input + *inOutIdx, &plainLen, + ssl->arrays->preMasterSecret)) + return NTRU_DECRYPT_ERROR; - int UnLockMutex(CyaSSL_Mutex* m) - { - LeaveCriticalSection(m); - return 0; - } + if (plainLen != SECRET_LEN) + return NTRU_DECRYPT_ERROR; - #elif defined(CYASSL_PTHREADS) + *inOutIdx += cipherLen; - int InitMutex(CyaSSL_Mutex* m) - { - if (pthread_mutex_init(m, 0) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - } + ssl->arrays->preMasterSz = plainLen; + ret = MakeMasterSecret(ssl); + } + break; + #endif /* HAVE_NTRU */ + #ifdef HAVE_ECC + case ecc_diffie_hellman_kea: + { + if ((*inOutIdx - begin) + OPAQUE8_LEN > size) + return BUFFER_ERROR; + length = input[(*inOutIdx)++]; - int FreeMutex(CyaSSL_Mutex* m) - { - if (pthread_mutex_destroy(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - } + if ((*inOutIdx - begin) + length > size) + return BUFFER_ERROR; + if (ecc_import_x963(input + *inOutIdx, length, ssl->peerEccKey)) + return ECC_PEERKEY_ERROR; - int LockMutex(CyaSSL_Mutex* m) - { - if (pthread_mutex_lock(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - } + *inOutIdx += length; + ssl->peerEccKeyPresent = 1; + length = sizeof(ssl->arrays->preMasterSecret); - int UnLockMutex(CyaSSL_Mutex* m) - { - if (pthread_mutex_unlock(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - } + if (ssl->specs.static_ecdh) { + ecc_key staticKey; + word32 i = 0; - #elif defined(THREADX) + ecc_init(&staticKey); + ret = EccPrivateKeyDecode(ssl->buffers.key.buffer, &i, + &staticKey, ssl->buffers.key.length); - int InitMutex(CyaSSL_Mutex* m) - { - if (tx_mutex_create(m, "CyaSSL Mutex", TX_NO_INHERIT) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - } + if (ret == 0) + ret = ecc_shared_secret(&staticKey, ssl->peerEccKey, + ssl->arrays->preMasterSecret, &length); + ecc_free(&staticKey); + } + else + ret = ecc_shared_secret(ssl->eccTempKey, ssl->peerEccKey, + ssl->arrays->preMasterSecret, &length); - int FreeMutex(CyaSSL_Mutex* m) - { - if (tx_mutex_delete(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - } + if (ret != 0) + return ECC_SHARED_ERROR; + ssl->arrays->preMasterSz = length; + ret = MakeMasterSecret(ssl); + } + break; + #endif /* HAVE_ECC */ + #ifndef NO_DH + case diffie_hellman_kea: + { + word16 clientPubSz; + DhKey dhKey; - int LockMutex(CyaSSL_Mutex* m) - { - if (tx_mutex_get(m, TX_WAIT_FOREVER) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - } + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + ato16(input + *inOutIdx, &clientPubSz); + *inOutIdx += OPAQUE16_LEN; - int UnLockMutex(CyaSSL_Mutex* m) - { - if (tx_mutex_put(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - } + if ((*inOutIdx - begin) + clientPubSz > size) + return BUFFER_ERROR; - #elif defined(MICRIUM) + InitDhKey(&dhKey); + ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length, + ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); + if (ret == 0) + ret = DhAgree(&dhKey, ssl->arrays->preMasterSecret, + &ssl->arrays->preMasterSz, + ssl->buffers.serverDH_Priv.buffer, + ssl->buffers.serverDH_Priv.length, + input + *inOutIdx, clientPubSz); + FreeDhKey(&dhKey); - int InitMutex(CyaSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_MutexCreate(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - #else - return 0; - #endif - } + *inOutIdx += clientPubSz; + if (ret == 0) + ret = MakeMasterSecret(ssl); + } + break; + #endif /* NO_DH */ + #if !defined(NO_DH) && !defined(NO_PSK) + case dhe_psk_kea: + { + byte* pms = ssl->arrays->preMasterSecret; + word16 clientSz; + DhKey dhKey; + + /* Read in the PSK hint */ + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &clientSz); + *inOutIdx += OPAQUE16_LEN; + if (clientSz > MAX_PSK_ID_LEN) + return CLIENT_ID_ERROR; + + if ((*inOutIdx - begin) + clientSz > size) + return BUFFER_ERROR; + + XMEMCPY(ssl->arrays->client_identity, + input + *inOutIdx, clientSz); + *inOutIdx += clientSz; + ssl->arrays->client_identity[min(clientSz, MAX_PSK_ID_LEN-1)] = + 0; + + /* Read in the DHE business */ + if ((*inOutIdx - begin) + OPAQUE16_LEN > size) + return BUFFER_ERROR; + + ato16(input + *inOutIdx, &clientSz); + *inOutIdx += OPAQUE16_LEN; + + if ((*inOutIdx - begin) + clientSz > size) + return BUFFER_ERROR; + + InitDhKey(&dhKey); + ret = DhSetKey(&dhKey, ssl->buffers.serverDH_P.buffer, + ssl->buffers.serverDH_P.length, + ssl->buffers.serverDH_G.buffer, + ssl->buffers.serverDH_G.length); + if (ret == 0) + ret = DhAgree(&dhKey, pms + OPAQUE16_LEN, + &ssl->arrays->preMasterSz, + ssl->buffers.serverDH_Priv.buffer, + ssl->buffers.serverDH_Priv.length, + input + *inOutIdx, clientSz); + FreeDhKey(&dhKey); + + *inOutIdx += clientSz; + c16toa((word16)ssl->arrays->preMasterSz, pms); + ssl->arrays->preMasterSz += OPAQUE16_LEN; + pms += ssl->arrays->preMasterSz; + + /* Use the PSK hint to look up the PSK and add it to the + * preMasterSecret here. */ + ssl->arrays->psk_keySz = ssl->options.server_psk_cb(ssl, + ssl->arrays->client_identity, ssl->arrays->psk_key, + MAX_PSK_KEY_LEN); + + if (ssl->arrays->psk_keySz == 0 || + ssl->arrays->psk_keySz > MAX_PSK_KEY_LEN) + return PSK_KEY_ERROR; + + c16toa((word16) ssl->arrays->psk_keySz, pms); + pms += OPAQUE16_LEN; + + XMEMCPY(pms, ssl->arrays->psk_key, ssl->arrays->psk_keySz); + ssl->arrays->preMasterSz += + ssl->arrays->psk_keySz + OPAQUE16_LEN; + if (ret == 0) + ret = MakeMasterSecret(ssl); - int FreeMutex(CyaSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_FreeMutex(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - #else - return 0; - #endif + /* No further need for PSK */ + XMEMSET(ssl->arrays->psk_key, 0, ssl->arrays->psk_keySz); + ssl->arrays->psk_keySz = 0; + } + break; + #endif /* !NO_DH && !NO_PSK */ + default: + { + CYASSL_MSG("Bad kea type"); + ret = BAD_KEA_TYPE_E; + } + break; } + /* No further need for PMS */ + XMEMSET(ssl->arrays->preMasterSecret, 0, ssl->arrays->preMasterSz); + ssl->arrays->preMasterSz = 0; - int LockMutex(CyaSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_LockMutex(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - #else - return 0; + if (ret == 0) { + ssl->options.clientState = CLIENT_KEYEXCHANGE_COMPLETE; + #ifndef NO_CERTS + if (ssl->options.verifyPeer) + ret = BuildCertHashes(ssl, &ssl->certHashes); #endif } + return ret; + } - int UnLockMutex(CyaSSL_Mutex* m) - { - #if (NET_SECURE_MGR_CFG_EN == DEF_ENABLED) - if (NetSecure_OS_UnLockMutex(m) == 0) - return 0; - else - return BAD_MUTEX_ERROR; - #else - return 0; - #endif - - } - - #endif /* USE_WINDOWS_API */ -#endif /* SINGLE_THREADED */ +#endif /* NO_CYASSL_SERVER */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/io.c b/FreeRTOS-Plus/Source/CyaSSL/src/io.c index 9316defb5..ac24bd17c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/io.c +++ b/FreeRTOS-Plus/Source/CyaSSL/src/io.c @@ -1,6 +1,6 @@ /* io.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,19 +16,22 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifdef _WIN32_WCE /* On WinCE winsock2.h must be included before windows.h for socket stuff */ #include #endif #include +#include /* if user writes own I/O callbacks they can define CYASSL_USER_IO to remove automatic setting of default I/O functions EmbedSend() and EmbedReceive() @@ -43,15 +46,39 @@ #ifndef USE_WINDOWS_API #ifdef CYASSL_LWIP /* lwIP needs to be configured to use sockets API in this mode */ - /* LWIP_SOCKET 1 && LWIP_COMPAT_SOCKETS 1 in lwip/opt.h or in build */ - #define LWIP_PROVIDE_ERRNO 1 - #include "sockets.h" + /* LWIP_SOCKET 1 in lwip/opt.h or in build */ + #include "lwip/sockets.h" + #include + #ifndef LWIP_PROVIDE_ERRNO + #define LWIP_PROVIDE_ERRNO 1 + #endif + #elif defined(FREESCALE_MQX) + #include + #include + #elif defined(CYASSL_MDK_ARM) + #if defined(CYASSL_MDK5) + #include "cmsis_os.h" + #include "rl_fs.h" + #include "rl_net.h" + #else + #include + #endif + #undef RNG + #include "CYASSL_MDK_ARM.h" + #undef RNG + #define RNG CyaSSL_RNG + /* for avoiding name conflict in "stm32f2xx.h" */ + static int errno; + #elif defined(CYASSL_IAR_ARM) + /* nothing */ #else #include #include - #include + #ifndef EBSNET + #include + #endif #include - #if !(defined(DEVKITPRO) || defined(THREADX)) + #if !(defined(DEVKITPRO) || defined(HAVE_RTP_SYS) || defined(EBSNET)) #include #include #include @@ -62,9 +89,13 @@ #include #endif #endif - #ifdef THREADX + #ifdef HAVE_RTP_SYS #include #endif + #ifdef EBSNET + #include "rtipapi.h" /* errno */ + #include "socket.h" + #endif #endif #endif /* USE_WINDOWS_API */ @@ -78,22 +109,56 @@ #define WSAEPIPE -12345 #endif #define SOCKET_EWOULDBLOCK WSAEWOULDBLOCK - #define SOCKET_EAGAIN WSAEWOULDBLOCK + #define SOCKET_EAGAIN WSAETIMEDOUT #define SOCKET_ECONNRESET WSAECONNRESET #define SOCKET_EINTR WSAEINTR #define SOCKET_EPIPE WSAEPIPE + #define SOCKET_ECONNREFUSED WSAENOTCONN + #define SOCKET_ECONNABORTED WSAECONNABORTED + #define close(s) closesocket(s) #elif defined(__PPU) #define SOCKET_EWOULDBLOCK SYS_NET_EWOULDBLOCK #define SOCKET_EAGAIN SYS_NET_EAGAIN #define SOCKET_ECONNRESET SYS_NET_ECONNRESET #define SOCKET_EINTR SYS_NET_EINTR #define SOCKET_EPIPE SYS_NET_EPIPE + #define SOCKET_ECONNREFUSED SYS_NET_ECONNREFUSED + #define SOCKET_ECONNABORTED SYS_NET_ECONNABORTED +#elif defined(FREESCALE_MQX) + /* RTCS doesn't have an EWOULDBLOCK error */ + #define SOCKET_EWOULDBLOCK EAGAIN + #define SOCKET_EAGAIN EAGAIN + #define SOCKET_ECONNRESET RTCSERR_TCP_CONN_RESET + #define SOCKET_EINTR EINTR + #define SOCKET_EPIPE EPIPE + #define SOCKET_ECONNREFUSED RTCSERR_TCP_CONN_REFUSED + #define SOCKET_ECONNABORTED RTCSERR_TCP_CONN_ABORTED +#elif defined(CYASSL_MDK_ARM) + #if defined(CYASSL_MDK5) + #define SOCKET_EWOULDBLOCK BSD_ERROR_WOULDBLOCK + #define SOCKET_EAGAIN BSD_ERROR_LOCKED + #define SOCKET_ECONNRESET BSD_ERROR_CLOSED + #define SOCKET_EINTR BSD_ERROR + #define SOCKET_EPIPE BSD_ERROR + #define SOCKET_ECONNREFUSED BSD_ERROR + #define SOCKET_ECONNABORTED BSD_ERROR + #else + #define SOCKET_EWOULDBLOCK SCK_EWOULDBLOCK + #define SOCKET_EAGAIN SCK_ELOCKED + #define SOCKET_ECONNRESET SCK_ECLOSED + #define SOCKET_EINTR SCK_ERROR + #define SOCKET_EPIPE SCK_ERROR + #define SOCKET_ECONNREFUSED SCK_ERROR + #define SOCKET_ECONNABORTED SCK_ERROR + #endif #else #define SOCKET_EWOULDBLOCK EWOULDBLOCK #define SOCKET_EAGAIN EAGAIN #define SOCKET_ECONNRESET ECONNRESET #define SOCKET_EINTR EINTR #define SOCKET_EPIPE EPIPE + #define SOCKET_ECONNREFUSED ECONNREFUSED + #define SOCKET_ECONNABORTED ECONNABORTED #endif /* USE_WINDOWS_API */ @@ -103,16 +168,44 @@ int net_recv(int, void*, int, unsigned int); #define SEND_FUNCTION net_send #define RECV_FUNCTION net_recv +#elif defined(CYASSL_LWIP) + #define SEND_FUNCTION lwip_send + #define RECV_FUNCTION lwip_recv #else #define SEND_FUNCTION send #define RECV_FUNCTION recv #endif +/* Translates return codes returned from + * send() and recv() if need be. + */ +static INLINE int TranslateReturnCode(int old, int sd) +{ + (void)sd; + +#ifdef FREESCALE_MQX + if (old == 0) { + errno = SOCKET_EWOULDBLOCK; + return -1; /* convert to BSD style wouldblock as error */ + } + + if (old < 0) { + errno = RTCS_geterror(sd); + if (errno == RTCSERR_TCP_CONN_CLOSING) + return 0; /* convert to BSD style closing */ + } +#endif + + return old; +} + static INLINE int LastError(void) { #ifdef USE_WINDOWS_API return WSAGetLastError(); +#elif defined(EBSNET) + return xn_getlasterror(); #else return errno; #endif @@ -121,38 +214,75 @@ static INLINE int LastError(void) /* The receive embedded callback * return : nb bytes read, or error */ -int EmbedReceive(char *buf, int sz, void *ctx) +int EmbedReceive(CYASSL *ssl, char *buf, int sz, void *ctx) { int recvd; int err; int sd = *(int*)ctx; - recvd = RECV_FUNCTION(sd, (char *)buf, sz, 0); +#ifdef CYASSL_DTLS + { + int dtls_timeout = CyaSSL_dtls_get_current_timeout(ssl); + if (CyaSSL_dtls(ssl) + && !CyaSSL_get_using_nonblock(ssl) + && dtls_timeout != 0) { + #ifdef USE_WINDOWS_API + DWORD timeout = dtls_timeout * 1000; + #else + struct timeval timeout; + XMEMSET(&timeout, 0, sizeof(timeout)); + timeout.tv_sec = dtls_timeout; + #endif + if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout, + sizeof(timeout)) != 0) { + CYASSL_MSG("setsockopt rcvtimeo failed"); + } + } + } +#endif + + recvd = (int)RECV_FUNCTION(sd, buf, sz, ssl->rflags); + + recvd = TranslateReturnCode(recvd, sd); if (recvd < 0) { err = LastError(); CYASSL_MSG("Embed Receive error"); if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) { - CYASSL_MSG(" Would block"); - return IO_ERR_WANT_READ; + if (!CyaSSL_dtls(ssl) || CyaSSL_get_using_nonblock(ssl)) { + CYASSL_MSG(" Would block"); + return CYASSL_CBIO_ERR_WANT_READ; + } + else { + CYASSL_MSG(" Socket timeout"); + return CYASSL_CBIO_ERR_TIMEOUT; + } } else if (err == SOCKET_ECONNRESET) { CYASSL_MSG(" Connection reset"); - return IO_ERR_CONN_RST; + return CYASSL_CBIO_ERR_CONN_RST; } else if (err == SOCKET_EINTR) { CYASSL_MSG(" Socket interrupted"); - return IO_ERR_ISR; + return CYASSL_CBIO_ERR_ISR; + } + else if (err == SOCKET_ECONNREFUSED) { + CYASSL_MSG(" Connection refused"); + return CYASSL_CBIO_ERR_WANT_READ; + } + else if (err == SOCKET_ECONNABORTED) { + CYASSL_MSG(" Connection aborted"); + return CYASSL_CBIO_ERR_CONN_CLOSE; } else { CYASSL_MSG(" General error"); - return IO_ERR_GENERAL; + return CYASSL_CBIO_ERR_GENERAL; } } else if (recvd == 0) { CYASSL_MSG("Embed receive connection closed"); - return IO_ERR_CONN_CLOSE; + return CYASSL_CBIO_ERR_CONN_CLOSE; } return recvd; @@ -161,14 +291,14 @@ int EmbedReceive(char *buf, int sz, void *ctx) /* The send embedded callback * return : nb bytes sent, or error */ -int EmbedSend(char *buf, int sz, void *ctx) +int EmbedSend(CYASSL* ssl, char *buf, int sz, void *ctx) { int sd = *(int*)ctx; int sent; int len = sz; int err; - sent = SEND_FUNCTION(sd, &buf[sz - len], len, 0); + sent = (int)SEND_FUNCTION(sd, &buf[sz - len], len, ssl->wflags); if (sent < 0) { err = LastError(); @@ -176,23 +306,23 @@ int EmbedSend(char *buf, int sz, void *ctx) if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) { CYASSL_MSG(" Would Block"); - return IO_ERR_WANT_WRITE; + return CYASSL_CBIO_ERR_WANT_WRITE; } else if (err == SOCKET_ECONNRESET) { CYASSL_MSG(" Connection reset"); - return IO_ERR_CONN_RST; + return CYASSL_CBIO_ERR_CONN_RST; } else if (err == SOCKET_EINTR) { CYASSL_MSG(" Socket interrupted"); - return IO_ERR_ISR; + return CYASSL_CBIO_ERR_ISR; } else if (err == SOCKET_EPIPE) { CYASSL_MSG(" Socket EPIPE"); - return IO_ERR_CONN_CLOSE; + return CYASSL_CBIO_ERR_CONN_CLOSE; } else { CYASSL_MSG(" General error"); - return IO_ERR_GENERAL; + return CYASSL_CBIO_ERR_GENERAL; } } @@ -204,47 +334,586 @@ int EmbedSend(char *buf, int sz, void *ctx) #include +#ifdef USE_WINDOWS_API + #define XSOCKLENT int +#else + #define XSOCKLENT socklen_t +#endif + +#define SENDTO_FUNCTION sendto +#define RECVFROM_FUNCTION recvfrom + + +/* The receive embedded callback + * return : nb bytes read, or error + */ +int EmbedReceiveFrom(CYASSL *ssl, char *buf, int sz, void *ctx) +{ + CYASSL_DTLS_CTX* dtlsCtx = (CYASSL_DTLS_CTX*)ctx; + int recvd; + int err; + int sd = dtlsCtx->fd; + int dtls_timeout = CyaSSL_dtls_get_current_timeout(ssl); + struct sockaddr_storage peer; + XSOCKLENT peerSz = sizeof(peer); + + CYASSL_ENTER("EmbedReceiveFrom()"); + + if (!CyaSSL_get_using_nonblock(ssl) && dtls_timeout != 0) { + #ifdef USE_WINDOWS_API + DWORD timeout = dtls_timeout * 1000; + #else + struct timeval timeout; + XMEMSET(&timeout, 0, sizeof(timeout)); + timeout.tv_sec = dtls_timeout; + #endif + if (setsockopt(sd, SOL_SOCKET, SO_RCVTIMEO, (char*)&timeout, + sizeof(timeout)) != 0) { + CYASSL_MSG("setsockopt rcvtimeo failed"); + } + } + + recvd = (int)RECVFROM_FUNCTION(sd, buf, sz, ssl->rflags, + (struct sockaddr*)&peer, &peerSz); + + recvd = TranslateReturnCode(recvd, sd); + + if (recvd < 0) { + err = LastError(); + CYASSL_MSG("Embed Receive From error"); + + if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) { + if (CyaSSL_get_using_nonblock(ssl)) { + CYASSL_MSG(" Would block"); + return CYASSL_CBIO_ERR_WANT_READ; + } + else { + CYASSL_MSG(" Socket timeout"); + return CYASSL_CBIO_ERR_TIMEOUT; + } + } + else if (err == SOCKET_ECONNRESET) { + CYASSL_MSG(" Connection reset"); + return CYASSL_CBIO_ERR_CONN_RST; + } + else if (err == SOCKET_EINTR) { + CYASSL_MSG(" Socket interrupted"); + return CYASSL_CBIO_ERR_ISR; + } + else if (err == SOCKET_ECONNREFUSED) { + CYASSL_MSG(" Connection refused"); + return CYASSL_CBIO_ERR_WANT_READ; + } + else { + CYASSL_MSG(" General error"); + return CYASSL_CBIO_ERR_GENERAL; + } + } + else { + if (dtlsCtx->peer.sz > 0 + && peerSz != (XSOCKLENT)dtlsCtx->peer.sz + && memcmp(&peer, dtlsCtx->peer.sa, peerSz) != 0) { + CYASSL_MSG(" Ignored packet from invalid peer"); + return CYASSL_CBIO_ERR_WANT_READ; + } + } + + return recvd; +} + + +/* The send embedded callback + * return : nb bytes sent, or error + */ +int EmbedSendTo(CYASSL* ssl, char *buf, int sz, void *ctx) +{ + CYASSL_DTLS_CTX* dtlsCtx = (CYASSL_DTLS_CTX*)ctx; + int sd = dtlsCtx->fd; + int sent; + int len = sz; + int err; + + CYASSL_ENTER("EmbedSendTo()"); + + sent = (int)SENDTO_FUNCTION(sd, &buf[sz - len], len, ssl->wflags, + dtlsCtx->peer.sa, dtlsCtx->peer.sz); + if (sent < 0) { + err = LastError(); + CYASSL_MSG("Embed Send To error"); + + if (err == SOCKET_EWOULDBLOCK || err == SOCKET_EAGAIN) { + CYASSL_MSG(" Would Block"); + return CYASSL_CBIO_ERR_WANT_WRITE; + } + else if (err == SOCKET_ECONNRESET) { + CYASSL_MSG(" Connection reset"); + return CYASSL_CBIO_ERR_CONN_RST; + } + else if (err == SOCKET_EINTR) { + CYASSL_MSG(" Socket interrupted"); + return CYASSL_CBIO_ERR_ISR; + } + else if (err == SOCKET_EPIPE) { + CYASSL_MSG(" Socket EPIPE"); + return CYASSL_CBIO_ERR_CONN_CLOSE; + } + else { + CYASSL_MSG(" General error"); + return CYASSL_CBIO_ERR_GENERAL; + } + } + + return sent; +} + + /* The DTLS Generate Cookie callback * return : number of bytes copied into buf, or error */ -int EmbedGenerateCookie(byte *buf, int sz, void *ctx) +int EmbedGenerateCookie(CYASSL* ssl, byte *buf, int sz, void *ctx) { - CYASSL* ssl = (CYASSL*)ctx; int sd = ssl->wfd; struct sockaddr_storage peer; - socklen_t peerSz = sizeof(peer); - byte cookieSrc[sizeof(struct in6_addr) + sizeof(int)]; - int cookieSrcSz = 0; + XSOCKLENT peerSz = sizeof(peer); Sha sha; + byte digest[SHA_DIGEST_SIZE]; + int ret = 0; + + (void)ctx; - getpeername(sd, (struct sockaddr*)&peer, &peerSz); + XMEMSET(&peer, 0, sizeof(peer)); + if (getpeername(sd, (struct sockaddr*)&peer, &peerSz) != 0) { + CYASSL_MSG("getpeername failed in EmbedGenerateCookie"); + return GEN_COOKIE_E; + } - if (peer.ss_family == AF_INET) { - struct sockaddr_in *s = (struct sockaddr_in*)&peer; + ret = InitSha(&sha); + if (ret != 0) + return ret; + ShaUpdate(&sha, (byte*)&peer, peerSz); + ShaFinal(&sha, digest); + + if (sz > SHA_DIGEST_SIZE) + sz = SHA_DIGEST_SIZE; + XMEMCPY(buf, digest, sz); + + return sz; +} + +#endif /* CYASSL_DTLS */ + +#ifdef HAVE_OCSP + + +static int Word16ToString(char* d, word16 number) +{ + int i = 0; + + if (d != NULL) { + word16 order = 10000; + word16 digit; + + if (number == 0) { + d[i++] = '0'; + } + else { + while (order) { + digit = number / order; + if (i > 0 || digit != 0) { + d[i++] = digit + '0'; + } + if (digit != 0) + number %= digit * order; + if (order > 1) + order /= 10; + else + order = 0; + } + } + d[i] = 0; + } + + return i; +} + + +static int tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port) +{ + struct sockaddr_storage addr; + int sockaddr_len = sizeof(struct sockaddr_in); + XMEMSET(&addr, 0, sizeof(addr)); + + #ifdef HAVE_GETADDRINFO + { + struct addrinfo hints; + struct addrinfo* answer = NULL; + char strPort[6]; + + XMEMSET(&hints, 0, sizeof(hints)); + hints.ai_family = AF_UNSPEC; + hints.ai_socktype = SOCK_STREAM; + hints.ai_protocol = IPPROTO_TCP; + + if (Word16ToString(strPort, port) == 0) { + CYASSL_MSG("invalid port number for OCSP responder"); + return -1; + } + + if (getaddrinfo(ip, strPort, &hints, &answer) < 0 || answer == NULL) { + CYASSL_MSG("no addr info for OCSP responder"); + return -1; + } + + sockaddr_len = answer->ai_addrlen; + XMEMCPY(&addr, answer->ai_addr, sockaddr_len); + freeaddrinfo(answer); - cookieSrcSz = sizeof(struct in_addr) + sizeof(s->sin_port); - XMEMCPY(cookieSrc, &s->sin_port, sizeof(s->sin_port)); - XMEMCPY(cookieSrc + sizeof(s->sin_port), - &s->sin_addr, sizeof(struct in_addr)); } - else if (peer.ss_family == AF_INET6) { - struct sockaddr_in6 *s = (struct sockaddr_in6*)&peer; + #else /* HAVE_GETADDRINFO */ + { + struct hostent* entry = gethostbyname(ip); + struct sockaddr_in *sin = (struct sockaddr_in *)&addr; - cookieSrcSz = sizeof(struct in6_addr) + sizeof(s->sin6_port); - XMEMCPY(cookieSrc, &s->sin6_port, sizeof(s->sin6_port)); - XMEMCPY(cookieSrc + sizeof(s->sin6_port), - &s->sin6_addr, sizeof(struct in6_addr)); + if (entry) { + sin->sin_family = AF_INET; + sin->sin_port = htons(port); + XMEMCPY(&sin->sin_addr.s_addr, entry->h_addr_list[0], + entry->h_length); + } + else { + CYASSL_MSG("no addr info for OCSP responder"); + return -1; + } } + #endif /* HAVE_GETADDRINFO */ - InitSha(&sha); - ShaUpdate(&sha, cookieSrc, cookieSrcSz); - ShaFinal(&sha, buf); + *sockfd = socket(addr.ss_family, SOCK_STREAM, 0); + if (*sockfd < 0) { + CYASSL_MSG("bad socket fd, out of fds?"); + return -1; + } - return SHA_DIGEST_SIZE; + if (connect(*sockfd, (struct sockaddr *)&addr, sockaddr_len) != 0) { + CYASSL_MSG("OCSP responder tcp connect failed"); + return -1; + } + + return 0; } -#endif /* CYASSL_DTLS */ +static int build_http_request(const char* domainName, const char* path, + int ocspReqSz, byte* buf, int bufSize) +{ + word32 domainNameLen, pathLen, ocspReqSzStrLen, completeLen; + char ocspReqSzStr[6]; + + domainNameLen = (word32)XSTRLEN(domainName); + pathLen = (word32)XSTRLEN(path); + ocspReqSzStrLen = Word16ToString(ocspReqSzStr, ocspReqSz); + + completeLen = domainNameLen + pathLen + ocspReqSzStrLen + 84; + if (completeLen > (word32)bufSize) + return 0; + + XSTRNCPY((char*)buf, "POST ", 5); + buf += 5; + XSTRNCPY((char*)buf, path, pathLen); + buf += pathLen; + XSTRNCPY((char*)buf, " HTTP/1.1\r\nHost: ", 17); + buf += 17; + XSTRNCPY((char*)buf, domainName, domainNameLen); + buf += domainNameLen; + XSTRNCPY((char*)buf, "\r\nContent-Length: ", 18); + buf += 18; + XSTRNCPY((char*)buf, ocspReqSzStr, ocspReqSzStrLen); + buf += ocspReqSzStrLen; + XSTRNCPY((char*)buf, + "\r\nContent-Type: application/ocsp-request\r\n\r\n", 44); + + return completeLen; +} + + +static int decode_url(const char* url, int urlSz, + char* outName, char* outPath, word16* outPort) +{ + int result = -1; + + if (outName != NULL && outPath != NULL && outPort != NULL) + { + if (url == NULL || urlSz == 0) + { + *outName = 0; + *outPath = 0; + *outPort = 0; + } + else + { + int i, cur; + + /* need to break the url down into scheme, address, and port */ + /* "http://example.com:8080/" */ + /* "http://[::1]:443/" */ + if (XSTRNCMP(url, "http://", 7) == 0) { + cur = 7; + } else cur = 0; + + i = 0; + if (url[cur] == '[') { + cur++; + /* copy until ']' */ + while (url[cur] != 0 && url[cur] != ']' && cur < urlSz) { + outName[i++] = url[cur++]; + } + cur++; /* skip ']' */ + } + else { + while (url[cur] != 0 && url[cur] != ':' && + url[cur] != '/' && cur < urlSz) { + outName[i++] = url[cur++]; + } + } + outName[i] = 0; + /* Need to pick out the path after the domain name */ + + if (cur < urlSz && url[cur] == ':') { + char port[6]; + int j; + word32 bigPort = 0; + i = 0; + cur++; + while (cur < urlSz && url[cur] != 0 && url[cur] != '/' && + i < 6) { + port[i++] = url[cur++]; + } + + for (j = 0; j < i; j++) { + if (port[j] < '0' || port[j] > '9') return -1; + bigPort = (bigPort * 10) + (port[j] - '0'); + } + *outPort = (word16)bigPort; + } + else + *outPort = 80; + + if (cur < urlSz && url[cur] == '/') { + i = 0; + while (cur < urlSz && url[cur] != 0 && i < 80) { + outPath[i++] = url[cur++]; + } + outPath[i] = 0; + } + else { + outPath[0] = '/'; + outPath[1] = 0; + } + result = 0; + } + } + + return result; +} + + +/* return: >0 OCSP Response Size + * -1 error */ +static int process_http_response(int sfd, byte** respBuf, + byte* httpBuf, int httpBufSz) +{ + int result; + int len = 0; + char *start, *end; + byte *recvBuf = NULL; + int recvBufSz = 0; + enum phr_state { phr_init, phr_http_start, phr_have_length, + phr_have_type, phr_wait_end, phr_http_end + } state = phr_init; + + start = end = NULL; + do { + if (end == NULL) { + result = (int)recv(sfd, (char*)httpBuf+len, httpBufSz-len-1, 0); + if (result > 0) { + len += result; + start = (char*)httpBuf; + start[len] = 0; + } + else { + CYASSL_MSG("process_http_response recv http from peer failed"); + return -1; + } + } + end = XSTRSTR(start, "\r\n"); + + if (end == NULL) { + if (len != 0) + XMEMMOVE(httpBuf, start, len); + start = end = NULL; + } + else if (end == start) { + if (state == phr_wait_end) { + state = phr_http_end; + len -= 2; + start += 2; + } + else { + CYASSL_MSG("process_http_response header ended early"); + return -1; + } + } + else { + *end = 0; + len -= (int)(end - start) + 2; + /* adjust len to remove the first line including the /r/n */ + + if (XSTRNCASECMP(start, "HTTP/1", 6) == 0) { + start += 9; + if (XSTRNCASECMP(start, "200 OK", 6) != 0 || + state != phr_init) { + CYASSL_MSG("process_http_response not OK"); + return -1; + } + state = phr_http_start; + } + else if (XSTRNCASECMP(start, "Content-Type:", 13) == 0) { + start += 13; + while (*start == ' ' && *start != '\0') start++; + if (XSTRNCASECMP(start, "application/ocsp-response", 25) != 0) { + CYASSL_MSG("process_http_response not ocsp-response"); + return -1; + } + + if (state == phr_http_start) state = phr_have_type; + else if (state == phr_have_length) state = phr_wait_end; + else { + CYASSL_MSG("process_http_response type invalid state"); + return -1; + } + } + else if (XSTRNCASECMP(start, "Content-Length:", 15) == 0) { + start += 15; + while (*start == ' ' && *start != '\0') start++; + recvBufSz = atoi(start); + + if (state == phr_http_start) state = phr_have_length; + else if (state == phr_have_type) state = phr_wait_end; + else { + CYASSL_MSG("process_http_response length invalid state"); + return -1; + } + } + + start = end + 2; + } + } while (state != phr_http_end); + + recvBuf = XMALLOC(recvBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER); + if (recvBuf == NULL) { + CYASSL_MSG("process_http_response couldn't create response buffer"); + return -1; + } + + /* copy the remainder of the httpBuf into the respBuf */ + if (len != 0) + XMEMCPY(recvBuf, start, len); + + /* receive the OCSP response data */ + do { + result = (int)recv(sfd, (char*)recvBuf+len, recvBufSz-len, 0); + if (result > 0) + len += result; + else { + CYASSL_MSG("process_http_response recv ocsp from peer failed"); + return -1; + } + } while (len != recvBufSz); + + *respBuf = recvBuf; + return recvBufSz; +} + + +#define SCRATCH_BUFFER_SIZE 512 + +int EmbedOcspLookup(void* ctx, const char* url, int urlSz, + byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf) +{ + char domainName[80], path[80]; + int httpBufSz; + SOCKET_T sfd = 0; + word16 port; + int ocspRespSz = 0; + byte* httpBuf = NULL; + + (void)ctx; + + if (ocspReqBuf == NULL || ocspReqSz == 0) { + CYASSL_MSG("OCSP request is required for lookup"); + return -1; + } + + if (ocspRespBuf == NULL) { + CYASSL_MSG("Cannot save OCSP response"); + return -1; + } + + if (decode_url(url, urlSz, domainName, path, &port) < 0) { + CYASSL_MSG("Unable to decode OCSP URL"); + return -1; + } + + /* Note, the library uses the EmbedOcspRespFree() callback to + * free this buffer. */ + httpBufSz = SCRATCH_BUFFER_SIZE; + httpBuf = (byte*)XMALLOC(httpBufSz, NULL, DYNAMIC_TYPE_IN_BUFFER); + + if (httpBuf == NULL) { + CYASSL_MSG("Unable to create OCSP response buffer"); + return -1; + } + + httpBufSz = build_http_request(domainName, path, ocspReqSz, + httpBuf, httpBufSz); + + if ((tcp_connect(&sfd, domainName, port) == 0) && (sfd > 0)) { + int written; + written = (int)send(sfd, (char*)httpBuf, httpBufSz, 0); + if (written == httpBufSz) { + written = (int)send(sfd, (char*)ocspReqBuf, ocspReqSz, 0); + if (written == ocspReqSz) { + ocspRespSz = process_http_response(sfd, ocspRespBuf, + httpBuf, SCRATCH_BUFFER_SIZE); + } + } + close(sfd); + if (ocspRespSz == 0) { + CYASSL_MSG("OCSP response was not OK, no OCSP response"); + XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER); + return -1; + } + } else { + CYASSL_MSG("OCSP Responder connection failed"); + close(sfd); + XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER); + return -1; + } + + XFREE(httpBuf, NULL, DYNAMIC_TYPE_IN_BUFFER); + return ocspRespSz; +} + + +void EmbedOcspRespFree(void* ctx, byte *resp) +{ + (void)ctx; + + if (resp) + XFREE(resp, NULL, DYNAMIC_TYPE_IN_BUFFER); +} + + +#endif #endif /* CYASSL_USER_IO */ @@ -271,3 +940,167 @@ CYASSL_API void CyaSSL_SetIOWriteCtx(CYASSL* ssl, void *wctx) ssl->IOCB_WriteCtx = wctx; } + +CYASSL_API void* CyaSSL_GetIOReadCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->IOCB_ReadCtx; + + return NULL; +} + + +CYASSL_API void* CyaSSL_GetIOWriteCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->IOCB_WriteCtx; + + return NULL; +} + + +CYASSL_API void CyaSSL_SetIOReadFlags(CYASSL* ssl, int flags) +{ + ssl->rflags = flags; +} + + +CYASSL_API void CyaSSL_SetIOWriteFlags(CYASSL* ssl, int flags) +{ + ssl->wflags = flags; +} + + +#ifdef CYASSL_DTLS + +CYASSL_API void CyaSSL_CTX_SetGenCookie(CYASSL_CTX* ctx, CallbackGenCookie cb) +{ + ctx->CBIOCookie = cb; +} + + +CYASSL_API void CyaSSL_SetCookieCtx(CYASSL* ssl, void *ctx) +{ + ssl->IOCB_CookieCtx = ctx; +} + + +CYASSL_API void* CyaSSL_GetCookieCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->IOCB_CookieCtx; + + return NULL; +} + +#endif /* CYASSL_DTLS */ + + +#ifdef HAVE_NETX + +/* The NetX receive callback + * return : bytes read, or error + */ +int NetX_Receive(CYASSL *ssl, char *buf, int sz, void *ctx) +{ + NetX_Ctx* nxCtx = (NetX_Ctx*)ctx; + ULONG left; + ULONG total; + ULONG copied = 0; + UINT status; + + if (nxCtx == NULL || nxCtx->nxSocket == NULL) { + CYASSL_MSG("NetX Recv NULL parameters"); + return CYASSL_CBIO_ERR_GENERAL; + } + + if (nxCtx->nxPacket == NULL) { + status = nx_tcp_socket_receive(nxCtx->nxSocket, &nxCtx->nxPacket, + nxCtx->nxWait); + if (status != NX_SUCCESS) { + CYASSL_MSG("NetX Recv receive error"); + return CYASSL_CBIO_ERR_GENERAL; + } + } + + if (nxCtx->nxPacket) { + status = nx_packet_length_get(nxCtx->nxPacket, &total); + if (status != NX_SUCCESS) { + CYASSL_MSG("NetX Recv length get error"); + return CYASSL_CBIO_ERR_GENERAL; + } + + left = total - nxCtx->nxOffset; + status = nx_packet_data_extract_offset(nxCtx->nxPacket, nxCtx->nxOffset, + buf, sz, &copied); + if (status != NX_SUCCESS) { + CYASSL_MSG("NetX Recv data extract offset error"); + return CYASSL_CBIO_ERR_GENERAL; + } + + nxCtx->nxOffset += copied; + + if (copied == left) { + CYASSL_MSG("NetX Recv Drained packet"); + nx_packet_release(nxCtx->nxPacket); + nxCtx->nxPacket = NULL; + nxCtx->nxOffset = 0; + } + } + + return copied; +} + + +/* The NetX send callback + * return : bytes sent, or error + */ +int NetX_Send(CYASSL* ssl, char *buf, int sz, void *ctx) +{ + NetX_Ctx* nxCtx = (NetX_Ctx*)ctx; + NX_PACKET* packet; + NX_PACKET_POOL* pool; /* shorthand */ + UINT status; + + if (nxCtx == NULL || nxCtx->nxSocket == NULL) { + CYASSL_MSG("NetX Send NULL parameters"); + return CYASSL_CBIO_ERR_GENERAL; + } + + pool = nxCtx->nxSocket->nx_tcp_socket_ip_ptr->nx_ip_default_packet_pool; + status = nx_packet_allocate(pool, &packet, NX_TCP_PACKET, + nxCtx->nxWait); + if (status != NX_SUCCESS) { + CYASSL_MSG("NetX Send packet alloc error"); + return CYASSL_CBIO_ERR_GENERAL; + } + + status = nx_packet_data_append(packet, buf, sz, pool, nxCtx->nxWait); + if (status != NX_SUCCESS) { + nx_packet_release(packet); + CYASSL_MSG("NetX Send data append error"); + return CYASSL_CBIO_ERR_GENERAL; + } + + status = nx_tcp_socket_send(nxCtx->nxSocket, packet, nxCtx->nxWait); + if (status != NX_SUCCESS) { + nx_packet_release(packet); + CYASSL_MSG("NetX Send socket send error"); + return CYASSL_CBIO_ERR_GENERAL; + } + + return sz; +} + + +/* like set_fd, but for default NetX context */ +void CyaSSL_SetIO_NetX(CYASSL* ssl, NX_TCP_SOCKET* nxSocket, ULONG waitOption) +{ + if (ssl) { + ssl->nxCtx.nxSocket = nxSocket; + ssl->nxCtx.nxWait = waitOption; + } +} + +#endif /* HAVE_NETX */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/keys.c b/FreeRTOS-Plus/Source/CyaSSL/src/keys.c index 0e4bc0474..bb703a186 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/keys.c +++ b/FreeRTOS-Plus/Source/CyaSSL/src/keys.c @@ -1,6 +1,6 @@ /* keys.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,7 +16,7 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ @@ -24,24 +24,169 @@ #include #endif +#include + #include -#include +#include #ifdef SHOW_SECRETS - #include + #ifdef FREESCALE_MQX + #include + #else + #include + #endif #endif int SetCipherSpecs(CYASSL* ssl) { -#ifdef HAVE_ECC - /* ECC extensions */ +#ifndef NO_CYASSL_CLIENT + if (ssl->options.side == CYASSL_CLIENT_END) { + /* server side verified before SetCipherSpecs call */ + if (VerifyClientSuite(ssl) != 1) { + CYASSL_MSG("SetCipherSpecs() client has an unusuable suite"); + return UNSUPPORTED_SUITE; + } + } +#endif /* NO_CYASSL_CLIENT */ + + /* ECC extensions, or AES-CCM */ if (ssl->options.cipherSuite0 == ECC_BYTE) { switch (ssl->options.cipherSuite) { +#ifdef HAVE_ECC + +#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + break; +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + break; +#endif + +#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 1; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + break; +#endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 1; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + break; +#endif + +#ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + break; +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + break; +#endif + +#ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 1; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + break; +#endif + +#ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 1; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + break; +#endif + #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -58,7 +203,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_CBC_SHA case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -75,7 +220,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = triple_des; + ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -92,7 +237,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = triple_des; + ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -109,7 +254,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDHE_RSA_WITH_RC4_128_SHA case TLS_ECDHE_RSA_WITH_RC4_128_SHA : - ssl->specs.bulk_cipher_algorithm = rc4; + ssl->specs.bulk_cipher_algorithm = cyassl_rc4; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -126,7 +271,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDH_RSA_WITH_RC4_128_SHA case TLS_ECDH_RSA_WITH_RC4_128_SHA : - ssl->specs.bulk_cipher_algorithm = rc4; + ssl->specs.bulk_cipher_algorithm = cyassl_rc4; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -143,7 +288,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = triple_des; + ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -160,7 +305,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = triple_des; + ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -177,7 +322,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_RC4_128_SHA case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : - ssl->specs.bulk_cipher_algorithm = rc4; + ssl->specs.bulk_cipher_algorithm = cyassl_rc4; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -194,7 +339,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDH_ECDSA_WITH_RC4_128_SHA case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : - ssl->specs.bulk_cipher_algorithm = rc4; + ssl->specs.bulk_cipher_algorithm = cyassl_rc4; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -211,7 +356,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -228,7 +373,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_CBC_SHA case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -245,7 +390,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -262,7 +407,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -279,7 +424,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -296,7 +441,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -313,7 +458,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -323,14 +468,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha384_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -340,14 +486,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -357,14 +504,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha384_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -374,14 +522,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -391,14 +540,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 1; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha384_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -408,14 +558,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 1; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -425,14 +576,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 1; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha384_mac; ssl->specs.kea = ecc_diffie_hellman_kea; @@ -442,8 +594,196 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 1; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; + + break; +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; + + break; +#endif + +#ifdef BUILD_TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 + case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = ecc_diffie_hellman_kea; + ssl->specs.sig_algo = ecc_dsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; + + break; +#endif +#endif /* HAVE_ECC */ + +#ifdef BUILD_TLS_RSA_WITH_AES_128_CCM_8 + case TLS_RSA_WITH_AES_128_CCM_8 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_256_CCM_8 + case TLS_RSA_WITH_AES_256_CCM_8 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; + + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM_8 + case TLS_PSK_WITH_AES_128_CCM_8 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM_8 + case TLS_PSK_WITH_AES_256_CCM_8 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_8_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CCM + case TLS_PSK_WITH_AES_128_CCM : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CCM + case TLS_PSK_WITH_AES_256_CCM : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CCM + case TLS_DHE_PSK_WITH_AES_128_CCM : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = dhe_psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CCM + case TLS_DHE_PSK_WITH_AES_256_CCM : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_ccm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = dhe_psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_CCM_16_AUTH_SZ; + ssl->options.usingPSK_cipher = 1; break; #endif @@ -452,16 +792,16 @@ int SetCipherSpecs(CYASSL* ssl) return UNSUPPORTED_SUITE; } /* switch */ } /* if */ -#endif /* HAVE_ECC */ if (ssl->options.cipherSuite0 != ECC_BYTE) { /* normal suites */ switch (ssl->options.cipherSuite) { #ifdef BUILD_SSL_RSA_WITH_RC4_128_SHA case SSL_RSA_WITH_RC4_128_SHA : - ssl->specs.bulk_cipher_algorithm = rc4; + ssl->specs.bulk_cipher_algorithm = cyassl_rc4; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -474,10 +814,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_NTRU_RSA_WITH_RC4_128_SHA case TLS_NTRU_RSA_WITH_RC4_128_SHA : - ssl->specs.bulk_cipher_algorithm = rc4; + ssl->specs.bulk_cipher_algorithm = cyassl_rc4; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ntru_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -490,10 +831,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_SSL_RSA_WITH_RC4_128_MD5 case SSL_RSA_WITH_RC4_128_MD5 : - ssl->specs.bulk_cipher_algorithm = rc4; + ssl->specs.bulk_cipher_algorithm = cyassl_rc4; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = md5_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = MD5_DIGEST_SIZE; ssl->specs.pad_size = PAD_MD5; ssl->specs.static_ecdh = 0; @@ -506,10 +848,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_SSL_RSA_WITH_3DES_EDE_CBC_SHA case SSL_RSA_WITH_3DES_EDE_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = triple_des; + ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -522,10 +865,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = triple_des; + ssl->specs.bulk_cipher_algorithm = cyassl_triple_des; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ntru_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -538,10 +882,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA case TLS_RSA_WITH_AES_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -554,10 +899,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_SHA256 case TLS_RSA_WITH_AES_128_CBC_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA256_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -568,28 +914,64 @@ int SetCipherSpecs(CYASSL* ssl) break; #endif -#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA - case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; - ssl->specs.cipher_type = block; +#ifdef BUILD_TLS_RSA_WITH_NULL_SHA + case TLS_RSA_WITH_NULL_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; + ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; - ssl->specs.kea = ntru_kea; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; - ssl->specs.key_size = AES_128_KEY_SIZE; - ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.key_size = 0; + ssl->specs.block_size = 0; + ssl->specs.iv_size = 0; break; #endif -#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA - case TLS_RSA_WITH_AES_256_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; - ssl->specs.cipher_type = block; - ssl->specs.mac_algorithm = sha_mac; +#ifdef BUILD_TLS_RSA_WITH_NULL_SHA256 + case TLS_RSA_WITH_NULL_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; + ssl->specs.cipher_type = stream; + ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = 0; + ssl->specs.block_size = 0; + ssl->specs.iv_size = 0; + + break; +#endif + +#ifdef BUILD_TLS_NTRU_RSA_WITH_AES_128_CBC_SHA + case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = ntru_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA + case TLS_RSA_WITH_AES_256_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -602,10 +984,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_SHA256 case TLS_RSA_WITH_AES_256_CBC_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA256_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -618,10 +1001,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_NTRU_RSA_WITH_AES_256_CBC_SHA case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = ntru_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -632,12 +1016,161 @@ int SetCipherSpecs(CYASSL* ssl) break; #endif +#ifdef BUILD_TLS_PSK_WITH_AES_128_GCM_SHA256 + case TLS_PSK_WITH_AES_128_GCM_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_GCM_SHA384 + case TLS_PSK_WITH_AES_256_GCM_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 + case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = dhe_psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 + case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; + ssl->specs.cipher_type = aead; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = dhe_psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA256 + case TLS_PSK_WITH_AES_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA384 + case TLS_PSK_WITH_AES_256_CBC_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 + case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = dhe_psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 + case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = dhe_psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + #ifdef BUILD_TLS_PSK_WITH_AES_128_CBC_SHA case TLS_PSK_WITH_AES_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -651,10 +1184,11 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_PSK_WITH_AES_256_CBC_SHA case TLS_PSK_WITH_AES_256_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -666,9 +1200,99 @@ int SetCipherSpecs(CYASSL* ssl) break; #endif +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA256 + case TLS_PSK_WITH_NULL_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; + ssl->specs.cipher_type = stream; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = 0; + ssl->specs.block_size = 0; + ssl->specs.iv_size = 0; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA384 + case TLS_PSK_WITH_NULL_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; + ssl->specs.cipher_type = stream; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = 0; + ssl->specs.block_size = 0; + ssl->specs.iv_size = 0; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_PSK_WITH_NULL_SHA + case TLS_PSK_WITH_NULL_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; + ssl->specs.cipher_type = stream; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = 0; + ssl->specs.block_size = 0; + ssl->specs.iv_size = 0; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA256 + case TLS_DHE_PSK_WITH_NULL_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; + ssl->specs.cipher_type = stream; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = dhe_psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = 0; + ssl->specs.block_size = 0; + ssl->specs.iv_size = 0; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + +#ifdef BUILD_TLS_DHE_PSK_WITH_NULL_SHA384 + case TLS_DHE_PSK_WITH_NULL_SHA384 : + ssl->specs.bulk_cipher_algorithm = cyassl_cipher_null; + ssl->specs.cipher_type = stream; + ssl->specs.mac_algorithm = sha384_mac; + ssl->specs.kea = dhe_psk_kea; + ssl->specs.sig_algo = anonymous_sa_algo; + ssl->specs.hash_size = SHA384_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = 0; + ssl->specs.block_size = 0; + ssl->specs.iv_size = 0; + + ssl->options.usingPSK_cipher = 1; + break; +#endif + #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = diffie_hellman_kea; @@ -685,7 +1309,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = diffie_hellman_kea; @@ -702,7 +1326,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_CBC_SHA case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = diffie_hellman_kea; @@ -719,7 +1343,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_CBC_SHA case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = aes; + ssl->specs.bulk_cipher_algorithm = cyassl_aes; ssl->specs.cipher_type = block; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = diffie_hellman_kea; @@ -734,12 +1358,13 @@ int SetCipherSpecs(CYASSL* ssl) break; #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_MD5 - case TLS_RSA_WITH_HC_128_CBC_MD5 : - ssl->specs.bulk_cipher_algorithm = hc128; +#ifdef BUILD_TLS_RSA_WITH_HC_128_MD5 + case TLS_RSA_WITH_HC_128_MD5 : + ssl->specs.bulk_cipher_algorithm = cyassl_hc128; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = md5_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = MD5_DIGEST_SIZE; ssl->specs.pad_size = PAD_MD5; ssl->specs.static_ecdh = 0; @@ -750,12 +1375,13 @@ int SetCipherSpecs(CYASSL* ssl) break; #endif -#ifdef BUILD_TLS_RSA_WITH_HC_128_CBC_SHA - case TLS_RSA_WITH_HC_128_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = hc128; +#ifdef BUILD_TLS_RSA_WITH_HC_128_SHA + case TLS_RSA_WITH_HC_128_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_hc128; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -766,12 +1392,64 @@ int SetCipherSpecs(CYASSL* ssl) break; #endif -#ifdef BUILD_TLS_RSA_WITH_RABBIT_CBC_SHA - case TLS_RSA_WITH_RABBIT_CBC_SHA : - ssl->specs.bulk_cipher_algorithm = rabbit; +#ifdef BUILD_TLS_RSA_WITH_HC_128_B2B256 + case TLS_RSA_WITH_HC_128_B2B256: + ssl->specs.bulk_cipher_algorithm = cyassl_hc128; + ssl->specs.cipher_type = stream; + ssl->specs.mac_algorithm = blake2b_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = BLAKE2B_256; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = HC_128_KEY_SIZE; + ssl->specs.block_size = 0; + ssl->specs.iv_size = HC_128_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_128_CBC_B2B256 + case TLS_RSA_WITH_AES_128_CBC_B2B256: + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = blake2b_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = BLAKE2B_256; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_128_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_AES_256_CBC_B2B256 + case TLS_RSA_WITH_AES_256_CBC_B2B256: + ssl->specs.bulk_cipher_algorithm = cyassl_aes; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = blake2b_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = BLAKE2B_256; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = AES_256_KEY_SIZE; + ssl->specs.iv_size = AES_IV_SIZE; + ssl->specs.block_size = AES_BLOCK_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_RABBIT_SHA + case TLS_RSA_WITH_RABBIT_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_rabbit; ssl->specs.cipher_type = stream; ssl->specs.mac_algorithm = sha_mac; ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; ssl->specs.hash_size = SHA_DIGEST_SIZE; ssl->specs.pad_size = PAD_SHA; ssl->specs.static_ecdh = 0; @@ -784,7 +1462,7 @@ int SetCipherSpecs(CYASSL* ssl) #ifdef BUILD_TLS_RSA_WITH_AES_128_GCM_SHA256 case TLS_RSA_WITH_AES_128_GCM_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = rsa_kea; @@ -794,14 +1472,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_RSA_WITH_AES_256_GCM_SHA384 case TLS_RSA_WITH_AES_256_GCM_SHA384 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha384_mac; ssl->specs.kea = rsa_kea; @@ -811,14 +1490,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 case TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha256_mac; ssl->specs.kea = diffie_hellman_kea; @@ -828,14 +1508,15 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_128_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; break; #endif #ifdef BUILD_TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : - ssl->specs.bulk_cipher_algorithm = aes_gcm; + ssl->specs.bulk_cipher_algorithm = cyassl_aes_gcm; ssl->specs.cipher_type = aead; ssl->specs.mac_algorithm = sha384_mac; ssl->specs.kea = diffie_hellman_kea; @@ -845,7 +1526,144 @@ int SetCipherSpecs(CYASSL* ssl) ssl->specs.static_ecdh = 0; ssl->specs.key_size = AES_256_KEY_SIZE; ssl->specs.block_size = AES_BLOCK_SIZE; - ssl->specs.iv_size = AES_GCM_IMP_IV_SZ; + ssl->specs.iv_size = AEAD_IMP_IV_SZ; + ssl->specs.aead_mac_size = AES_GCM_AUTH_SZ; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = rsa_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : + ssl->specs.bulk_cipher_algorithm = cyassl_camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_128_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; + + break; +#endif + +#ifdef BUILD_TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + ssl->specs.bulk_cipher_algorithm = cyassl_camellia; + ssl->specs.cipher_type = block; + ssl->specs.mac_algorithm = sha256_mac; + ssl->specs.kea = diffie_hellman_kea; + ssl->specs.sig_algo = rsa_sa_algo; + ssl->specs.hash_size = SHA256_DIGEST_SIZE; + ssl->specs.pad_size = PAD_SHA; + ssl->specs.static_ecdh = 0; + ssl->specs.key_size = CAMELLIA_256_KEY_SIZE; + ssl->specs.block_size = CAMELLIA_BLOCK_SIZE; + ssl->specs.iv_size = CAMELLIA_IV_SIZE; break; #endif @@ -883,7 +1701,7 @@ enum KeyStuff { }; - +#ifndef NO_OLD_TLS /* true or false, zero for error */ static int SetPrefix(byte* sha_input, int idx) { @@ -915,117 +1733,341 @@ static int SetPrefix(byte* sha_input, int idx) } return 1; } +#endif static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, - byte side) + byte side, void* heap, int devId) { #ifdef BUILD_ARC4 word32 sz = specs->key_size; - if (specs->bulk_cipher_algorithm == rc4) { - if (side == CLIENT_END) { - Arc4SetKey(&enc->arc4, keys->client_write_key, sz); - Arc4SetKey(&dec->arc4, keys->server_write_key, sz); + if (specs->bulk_cipher_algorithm == cyassl_rc4) { + if (enc->arc4 == NULL) + enc->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); + if (enc->arc4 == NULL) + return MEMORY_E; + if (dec->arc4 == NULL) + dec->arc4 = (Arc4*)XMALLOC(sizeof(Arc4), heap, DYNAMIC_TYPE_CIPHER); + if (dec->arc4 == NULL) + return MEMORY_E; +#ifdef HAVE_CAVIUM + if (devId != NO_CAVIUM_DEVICE) { + if (Arc4InitCavium(enc->arc4, devId) != 0) { + CYASSL_MSG("Arc4InitCavium failed in SetKeys"); + return CAVIUM_INIT_E; + } + if (Arc4InitCavium(dec->arc4, devId) != 0) { + CYASSL_MSG("Arc4InitCavium failed in SetKeys"); + return CAVIUM_INIT_E; + } + } +#endif + if (side == CYASSL_CLIENT_END) { + Arc4SetKey(enc->arc4, keys->client_write_key, sz); + Arc4SetKey(dec->arc4, keys->server_write_key, sz); } else { - Arc4SetKey(&enc->arc4, keys->server_write_key, sz); - Arc4SetKey(&dec->arc4, keys->client_write_key, sz); + Arc4SetKey(enc->arc4, keys->server_write_key, sz); + Arc4SetKey(dec->arc4, keys->client_write_key, sz); } + enc->setup = 1; + dec->setup = 1; } #endif #ifdef HAVE_HC128 - if (specs->bulk_cipher_algorithm == hc128) { - if (side == CLIENT_END) { - Hc128_SetKey(&enc->hc128, keys->client_write_key, - keys->client_write_IV); - Hc128_SetKey(&dec->hc128, keys->server_write_key, - keys->server_write_IV); + if (specs->bulk_cipher_algorithm == cyassl_hc128) { + int hcRet; + if (enc->hc128 == NULL) + enc->hc128 = + (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER); + if (enc->hc128 == NULL) + return MEMORY_E; + if (dec->hc128 == NULL) + dec->hc128 = + (HC128*)XMALLOC(sizeof(HC128), heap, DYNAMIC_TYPE_CIPHER); + if (dec->hc128 == NULL) + return MEMORY_E; + if (side == CYASSL_CLIENT_END) { + hcRet = Hc128_SetKey(enc->hc128, keys->client_write_key, + keys->client_write_IV); + if (hcRet != 0) return hcRet; + hcRet = Hc128_SetKey(dec->hc128, keys->server_write_key, + keys->server_write_IV); + if (hcRet != 0) return hcRet; } else { - Hc128_SetKey(&enc->hc128, keys->server_write_key, - keys->server_write_IV); - Hc128_SetKey(&dec->hc128, keys->client_write_key, - keys->client_write_IV); + hcRet = Hc128_SetKey(enc->hc128, keys->server_write_key, + keys->server_write_IV); + if (hcRet != 0) return hcRet; + hcRet = Hc128_SetKey(dec->hc128, keys->client_write_key, + keys->client_write_IV); + if (hcRet != 0) return hcRet; } + enc->setup = 1; + dec->setup = 1; } #endif #ifdef BUILD_RABBIT - if (specs->bulk_cipher_algorithm == rabbit) { - if (side == CLIENT_END) { - RabbitSetKey(&enc->rabbit, keys->client_write_key, - keys->client_write_IV); - RabbitSetKey(&dec->rabbit, keys->server_write_key, - keys->server_write_IV); + if (specs->bulk_cipher_algorithm == cyassl_rabbit) { + int rabRet; + if (enc->rabbit == NULL) + enc->rabbit = + (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER); + if (enc->rabbit == NULL) + return MEMORY_E; + if (dec->rabbit == NULL) + dec->rabbit = + (Rabbit*)XMALLOC(sizeof(Rabbit), heap, DYNAMIC_TYPE_CIPHER); + if (dec->rabbit == NULL) + return MEMORY_E; + if (side == CYASSL_CLIENT_END) { + rabRet = RabbitSetKey(enc->rabbit, keys->client_write_key, + keys->client_write_IV); + if (rabRet != 0) return rabRet; + rabRet = RabbitSetKey(dec->rabbit, keys->server_write_key, + keys->server_write_IV); + if (rabRet != 0) return rabRet; } else { - RabbitSetKey(&enc->rabbit, keys->server_write_key, + rabRet = RabbitSetKey(enc->rabbit, keys->server_write_key, keys->server_write_IV); - RabbitSetKey(&dec->rabbit, keys->client_write_key, + if (rabRet != 0) return rabRet; + rabRet = RabbitSetKey(dec->rabbit, keys->client_write_key, keys->client_write_IV); + if (rabRet != 0) return rabRet; } + enc->setup = 1; + dec->setup = 1; } #endif #ifdef BUILD_DES3 - if (specs->bulk_cipher_algorithm == triple_des) { - if (side == CLIENT_END) { - Des3_SetKey(&enc->des3, keys->client_write_key, + if (specs->bulk_cipher_algorithm == cyassl_triple_des) { + int desRet = 0; + + if (enc->des3 == NULL) + enc->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); + if (enc->des3 == NULL) + return MEMORY_E; + if (dec->des3 == NULL) + dec->des3 = (Des3*)XMALLOC(sizeof(Des3), heap, DYNAMIC_TYPE_CIPHER); + if (dec->des3 == NULL) + return MEMORY_E; +#ifdef HAVE_CAVIUM + if (devId != NO_CAVIUM_DEVICE) { + if (Des3_InitCavium(enc->des3, devId) != 0) { + CYASSL_MSG("Des3_InitCavium failed in SetKeys"); + return CAVIUM_INIT_E; + } + if (Des3_InitCavium(dec->des3, devId) != 0) { + CYASSL_MSG("Des3_InitCavium failed in SetKeys"); + return CAVIUM_INIT_E; + } + } +#endif + if (side == CYASSL_CLIENT_END) { + desRet = Des3_SetKey(enc->des3, keys->client_write_key, keys->client_write_IV, DES_ENCRYPTION); - Des3_SetKey(&dec->des3, keys->server_write_key, + if (desRet != 0) + return desRet; + desRet = Des3_SetKey(dec->des3, keys->server_write_key, keys->server_write_IV, DES_DECRYPTION); + if (desRet != 0) + return desRet; } else { - Des3_SetKey(&enc->des3, keys->server_write_key, + desRet = Des3_SetKey(enc->des3, keys->server_write_key, keys->server_write_IV, DES_ENCRYPTION); - Des3_SetKey(&dec->des3, keys->client_write_key, + if (desRet != 0) + return desRet; + desRet = Des3_SetKey(dec->des3, keys->client_write_key, keys->client_write_IV, DES_DECRYPTION); + if (desRet != 0) + return desRet; } + enc->setup = 1; + dec->setup = 1; } #endif #ifdef BUILD_AES - if (specs->bulk_cipher_algorithm == aes) { - if (side == CLIENT_END) { - AesSetKey(&enc->aes, keys->client_write_key, - specs->key_size, keys->client_write_IV, - AES_ENCRYPTION); - AesSetKey(&dec->aes, keys->server_write_key, - specs->key_size, keys->server_write_IV, - AES_DECRYPTION); + if (specs->bulk_cipher_algorithm == cyassl_aes) { + int aesRet = 0; + + if (enc->aes == NULL) + enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); + if (enc->aes == NULL) + return MEMORY_E; + if (dec->aes == NULL) + dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); + if (dec->aes == NULL) + return MEMORY_E; +#ifdef HAVE_CAVIUM + if (devId != NO_CAVIUM_DEVICE) { + if (AesInitCavium(enc->aes, devId) != 0) { + CYASSL_MSG("AesInitCavium failed in SetKeys"); + return CAVIUM_INIT_E; + } + if (AesInitCavium(dec->aes, devId) != 0) { + CYASSL_MSG("AesInitCavium failed in SetKeys"); + return CAVIUM_INIT_E; + } + } +#endif + if (side == CYASSL_CLIENT_END) { + aesRet = AesSetKey(enc->aes, keys->client_write_key, + specs->key_size, keys->client_write_IV, + AES_ENCRYPTION); + if (aesRet != 0) + return aesRet; + aesRet = AesSetKey(dec->aes, keys->server_write_key, + specs->key_size, keys->server_write_IV, + AES_DECRYPTION); + if (aesRet != 0) + return aesRet; } else { - AesSetKey(&enc->aes, keys->server_write_key, - specs->key_size, keys->server_write_IV, - AES_ENCRYPTION); - AesSetKey(&dec->aes, keys->client_write_key, - specs->key_size, keys->client_write_IV, - AES_DECRYPTION); + aesRet = AesSetKey(enc->aes, keys->server_write_key, + specs->key_size, keys->server_write_IV, + AES_ENCRYPTION); + if (aesRet != 0) + return aesRet; + aesRet = AesSetKey(dec->aes, keys->client_write_key, + specs->key_size, keys->client_write_IV, + AES_DECRYPTION); + if (aesRet != 0) + return aesRet; } + enc->setup = 1; + dec->setup = 1; } #endif #ifdef BUILD_AESGCM - if (specs->bulk_cipher_algorithm == aes_gcm) { - if (side == CLIENT_END) { - AesGcmSetKey(&enc->aes, keys->client_write_key, specs->key_size, - keys->client_write_IV); - AesGcmSetKey(&dec->aes, keys->server_write_key, specs->key_size, - keys->server_write_IV); + if (specs->bulk_cipher_algorithm == cyassl_aes_gcm) { + if (enc->aes == NULL) + enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); + if (enc->aes == NULL) + return MEMORY_E; + if (dec->aes == NULL) + dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); + if (dec->aes == NULL) + return MEMORY_E; + + if (side == CYASSL_CLIENT_END) { + AesGcmSetKey(enc->aes, keys->client_write_key, specs->key_size); + XMEMCPY(keys->aead_enc_imp_IV, + keys->client_write_IV, AEAD_IMP_IV_SZ); + AesGcmSetKey(dec->aes, keys->server_write_key, specs->key_size); + XMEMCPY(keys->aead_dec_imp_IV, + keys->server_write_IV, AEAD_IMP_IV_SZ); + } + else { + AesGcmSetKey(enc->aes, keys->server_write_key, specs->key_size); + XMEMCPY(keys->aead_enc_imp_IV, + keys->server_write_IV, AEAD_IMP_IV_SZ); + AesGcmSetKey(dec->aes, keys->client_write_key, specs->key_size); + XMEMCPY(keys->aead_dec_imp_IV, + keys->client_write_IV, AEAD_IMP_IV_SZ); + } + enc->setup = 1; + dec->setup = 1; + } +#endif + +#ifdef HAVE_AESCCM + if (specs->bulk_cipher_algorithm == cyassl_aes_ccm) { + if (enc->aes == NULL) + enc->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); + if (enc->aes == NULL) + return MEMORY_E; + if (dec->aes == NULL) + dec->aes = (Aes*)XMALLOC(sizeof(Aes), heap, DYNAMIC_TYPE_CIPHER); + if (dec->aes == NULL) + return MEMORY_E; + + if (side == CYASSL_CLIENT_END) { + AesCcmSetKey(enc->aes, keys->client_write_key, specs->key_size); + XMEMCPY(keys->aead_enc_imp_IV, + keys->client_write_IV, AEAD_IMP_IV_SZ); + AesCcmSetKey(dec->aes, keys->server_write_key, specs->key_size); + XMEMCPY(keys->aead_dec_imp_IV, + keys->server_write_IV, AEAD_IMP_IV_SZ); } else { - AesGcmSetKey(&enc->aes, keys->server_write_key, specs->key_size, - keys->server_write_IV); - AesGcmSetKey(&dec->aes, keys->client_write_key, specs->key_size, - keys->client_write_IV); + AesCcmSetKey(enc->aes, keys->server_write_key, specs->key_size); + XMEMCPY(keys->aead_enc_imp_IV, + keys->server_write_IV, AEAD_IMP_IV_SZ); + AesCcmSetKey(dec->aes, keys->client_write_key, specs->key_size); + XMEMCPY(keys->aead_dec_imp_IV, + keys->client_write_IV, AEAD_IMP_IV_SZ); } + enc->setup = 1; + dec->setup = 1; + } +#endif + +#ifdef HAVE_CAMELLIA + if (specs->bulk_cipher_algorithm == cyassl_camellia) { + int camRet; + + if (enc->cam == NULL) + enc->cam = + (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER); + if (enc->cam == NULL) + return MEMORY_E; + + if (dec->cam == NULL) + dec->cam = + (Camellia*)XMALLOC(sizeof(Camellia), heap, DYNAMIC_TYPE_CIPHER); + if (dec->cam == NULL) + return MEMORY_E; + + if (side == CYASSL_CLIENT_END) { + camRet = CamelliaSetKey(enc->cam, keys->client_write_key, + specs->key_size, keys->client_write_IV); + if (camRet != 0) + return camRet; + + camRet = CamelliaSetKey(dec->cam, keys->server_write_key, + specs->key_size, keys->server_write_IV); + if (camRet != 0) + return camRet; + } + else { + camRet = CamelliaSetKey(enc->cam, keys->server_write_key, + specs->key_size, keys->server_write_IV); + if (camRet != 0) + return camRet; + + camRet = CamelliaSetKey(dec->cam, keys->client_write_key, + specs->key_size, keys->client_write_IV); + if (camRet != 0) + return camRet; + } + enc->setup = 1; + dec->setup = 1; + } +#endif + +#ifdef HAVE_NULL_CIPHER + if (specs->bulk_cipher_algorithm == cyassl_cipher_null) { + enc->setup = 1; + dec->setup = 1; } #endif keys->sequence_number = 0; keys->peer_sequence_number = 0; keys->encryptionOn = 0; + (void)side; + (void)heap; + (void)enc; + (void)dec; + (void)specs; + (void)devId; return 0; } @@ -1035,6 +2077,11 @@ static int SetKeys(Ciphers* enc, Ciphers* dec, Keys* keys, CipherSpecs* specs, int StoreKeys(CYASSL* ssl, const byte* keyData) { int sz, i = 0; + int devId = NO_CAVIUM_DEVICE; + +#ifdef HAVE_CAVIUM + devId = ssl->devId; +#endif if (ssl->specs.cipher_type != aead) { sz = ssl->specs.hash_size; @@ -1043,16 +2090,6 @@ int StoreKeys(CYASSL* ssl, const byte* keyData) XMEMCPY(ssl->keys.server_write_MAC_secret,&keyData[i], sz); i += sz; } -#ifdef BUILD_AESGCM - else if (ssl->specs.bulk_cipher_algorithm == aes_gcm) { - byte iv[AES_GCM_EXP_IV_SZ]; - - /* Initialize the AES-GCM explicit IV to a random number. */ - RNG_GenerateBlock(&ssl->rng, iv, sizeof(iv)); - AesGcmSetExpIV(&ssl->encrypt.aes, iv); - } -#endif - sz = ssl->specs.key_size; XMEMCPY(ssl->keys.client_write_key, &keyData[i], sz); i += sz; @@ -1064,17 +2101,25 @@ int StoreKeys(CYASSL* ssl, const byte* keyData) i += sz; XMEMCPY(ssl->keys.server_write_IV, &keyData[i], sz); +#ifdef HAVE_AEAD + if (ssl->specs.cipher_type == aead) { + /* Initialize the AES-GCM/CCM explicit IV to a zero. */ + XMEMSET(ssl->keys.aead_exp_IV, 0, AEAD_EXP_IV_SZ); + } +#endif + return SetKeys(&ssl->encrypt, &ssl->decrypt, &ssl->keys, &ssl->specs, - ssl->options.side); + ssl->options.side, ssl->heap, devId); } - +#ifndef NO_OLD_TLS int DeriveKeys(CYASSL* ssl) { int length = 2 * ssl->specs.hash_size + 2 * ssl->specs.key_size + 2 * ssl->specs.iv_size; int rounds = (length + MD5_DIGEST_SIZE - 1 ) / MD5_DIGEST_SIZE, i; + int ret = 0; byte shaOutput[SHA_DIGEST_SIZE]; byte md5Input[SECRET_LEN + SHA_DIGEST_SIZE]; @@ -1086,9 +2131,11 @@ int DeriveKeys(CYASSL* ssl) byte keyData[KEY_PREFIX * MD5_DIGEST_SIZE]; /* max size */ InitMd5(&md5); - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + return ret; - XMEMCPY(md5Input, ssl->arrays.masterSecret, SECRET_LEN); + XMEMCPY(md5Input, ssl->arrays->masterSecret, SECRET_LEN); for (i = 0; i < rounds; ++i) { int j = i + 1; @@ -1098,14 +2145,13 @@ int DeriveKeys(CYASSL* ssl) return PREFIX_ERROR; } - XMEMCPY(shaInput + idx, ssl->arrays.masterSecret, SECRET_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->masterSecret, SECRET_LEN); idx += SECRET_LEN; - XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN); - idx += RAN_LEN; - XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN); idx += RAN_LEN; + XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); - ShaUpdate(&sha, shaInput, sizeof(shaInput) - KEY_PREFIX + j); + ShaUpdate(&sha, shaInput, (word32)sizeof(shaInput) - KEY_PREFIX + j); ShaFinal(&sha, shaOutput); XMEMCPY(&md5Input[SECRET_LEN], shaOutput, SHA_DIGEST_SIZE); @@ -1117,56 +2163,57 @@ int DeriveKeys(CYASSL* ssl) } -static void CleanPreMaster(CYASSL* ssl) +static int CleanPreMaster(CYASSL* ssl) { - int i, sz = ssl->arrays.preMasterSz; + int i, ret, sz = ssl->arrays->preMasterSz; for (i = 0; i < sz; i++) - ssl->arrays.preMasterSecret[i] = 0; + ssl->arrays->preMasterSecret[i] = 0; - RNG_GenerateBlock(&ssl->rng, ssl->arrays.preMasterSecret, sz); + ret = RNG_GenerateBlock(ssl->rng, ssl->arrays->preMasterSecret, sz); + if (ret != 0) + return ret; for (i = 0; i < sz; i++) - ssl->arrays.preMasterSecret[i] = 0; + ssl->arrays->preMasterSecret[i] = 0; + return 0; } /* Create and store the master secret see page 32, 6.1 */ -int MakeMasterSecret(CYASSL* ssl) +static int MakeSslMasterSecret(CYASSL* ssl) { byte shaOutput[SHA_DIGEST_SIZE]; byte md5Input[ENCRYPT_LEN + SHA_DIGEST_SIZE]; byte shaInput[PREFIX + ENCRYPT_LEN + 2 * RAN_LEN]; int i, ret; word32 idx; - word32 pmsSz = ssl->arrays.preMasterSz; + word32 pmsSz = ssl->arrays->preMasterSz; Md5 md5; Sha sha; #ifdef SHOW_SECRETS { - int j; + word32 j; printf("pre master secret: "); for (j = 0; j < pmsSz; j++) - printf("%02x", ssl->arrays.preMasterSecret[j]); + printf("%02x", ssl->arrays->preMasterSecret[j]); printf("\n"); } #endif -#ifndef NO_TLS - if (ssl->options.tls) return MakeTlsMasterSecret(ssl); -#endif - InitMd5(&md5); - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + return ret; - XMEMCPY(md5Input, ssl->arrays.preMasterSecret, pmsSz); + XMEMCPY(md5Input, ssl->arrays->preMasterSecret, pmsSz); for (i = 0; i < MASTER_ROUNDS; ++i) { - byte prefix[PREFIX]; - if (!SetPrefix(prefix, i)) { + byte prefix[KEY_PREFIX]; /* only need PREFIX bytes but static */ + if (!SetPrefix(prefix, i)) { /* analysis thinks will overrun */ return PREFIX_ERROR; } @@ -1174,11 +2221,11 @@ int MakeMasterSecret(CYASSL* ssl) XMEMCPY(shaInput, prefix, i + 1); idx += i + 1; - XMEMCPY(shaInput + idx, ssl->arrays.preMasterSecret, pmsSz); + XMEMCPY(shaInput + idx, ssl->arrays->preMasterSecret, pmsSz); idx += pmsSz; - XMEMCPY(shaInput + idx, ssl->arrays.clientRandom, RAN_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->clientRandom, RAN_LEN); idx += RAN_LEN; - XMEMCPY(shaInput + idx, ssl->arrays.serverRandom, RAN_LEN); + XMEMCPY(shaInput + idx, ssl->arrays->serverRandom, RAN_LEN); idx += RAN_LEN; ShaUpdate(&sha, shaInput, idx); ShaFinal(&sha, shaOutput); @@ -1187,22 +2234,42 @@ int MakeMasterSecret(CYASSL* ssl) XMEMCPY(md5Input + idx, shaOutput, SHA_DIGEST_SIZE); idx += SHA_DIGEST_SIZE; Md5Update(&md5, md5Input, idx); - Md5Final(&md5, &ssl->arrays.masterSecret[i * MD5_DIGEST_SIZE]); + Md5Final(&md5, &ssl->arrays->masterSecret[i * MD5_DIGEST_SIZE]); } #ifdef SHOW_SECRETS { - int i; + word32 j; printf("master secret: "); - for (i = 0; i < SECRET_LEN; i++) - printf("%02x", ssl->arrays.masterSecret[i]); + for (j = 0; j < SECRET_LEN; j++) + printf("%02x", ssl->arrays->masterSecret[j]); printf("\n"); } #endif ret = DeriveKeys(ssl); - CleanPreMaster(ssl); + if (ret != 0) { + /* always try to clean PreMaster */ + CleanPreMaster(ssl); + return ret; + } + + return CleanPreMaster(ssl); +} +#endif + - return ret; +/* Master wrapper, doesn't use SSL stack space in TLS mode */ +int MakeMasterSecret(CYASSL* ssl) +{ +#ifdef NO_OLD_TLS + return MakeTlsMasterSecret(ssl); +#elif !defined(NO_TLS) + if (ssl->options.tls) return MakeTlsMasterSecret(ssl); +#endif + +#ifndef NO_OLD_TLS + return MakeSslMasterSecret(ssl); +#endif } diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/ocsp.c b/FreeRTOS-Plus/Source/CyaSSL/src/ocsp.c index 3b3dea968..98cbfdb7c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/ocsp.c +++ b/FreeRTOS-Plus/Source/CyaSSL/src/ocsp.c @@ -1,6 +1,6 @@ /* ocsp.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,415 +16,76 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifdef HAVE_OCSP -#include +#include #include #include -#include - -#include -#include -#include -#include -#include -#include -#include -#include -#include -#include - - -CYASSL_API int ocsp_test(unsigned char* buf, int sz); -#define CYASSL_OCSP_ENABLE 0x0001 /* Enable OCSP lookups */ -#define CYASSL_OCSP_URL_OVERRIDE 0x0002 /* Use the override URL instead of URL - * in certificate */ - -typedef struct sockaddr_in SOCKADDR_IN_T; -#define AF_INET_V AF_INET -#define SOCKET_T unsigned int - - -int CyaSSL_OCSP_Init(CYASSL_OCSP* ocsp) -{ - if (ocsp != NULL) { - XMEMSET(ocsp, 0, sizeof(*ocsp)); - return 0; - } - - return -1; -} - - -static void FreeOCSP_Entry(OCSP_Entry* ocspe) -{ - CertStatus* tmp = ocspe->status; - - CYASSL_ENTER("FreeOCSP_Entry"); - - while (tmp) { - CertStatus* next = tmp->next; - XFREE(tmp, NULL, DYNAMIC_TYPE_OCSP_STATUS); - tmp = next; - } -} -void CyaSSL_OCSP_Cleanup(CYASSL_OCSP* ocsp) +int InitOCSP(CYASSL_OCSP* ocsp, CYASSL_CERT_MANAGER* cm) { - OCSP_Entry* tmp = ocsp->ocspList; - - ocsp->enabled = 0; - while (tmp) { - OCSP_Entry* next = tmp->next; - FreeOCSP_Entry(tmp); - XFREE(tmp, NULL, DYNAMIC_TYPE_OCSP_ENTRY); - tmp = next; - } -} - - -static int decode_url(const char* url, int urlSz, - char* outName, char* outPath, int* outPort) -{ - if (outName != NULL && outPath != NULL && outPort != NULL) - { - if (url == NULL || urlSz == 0) - { - *outName = 0; - *outPath = 0; - *outPort = 0; - } - else - { - int i, cur; - - /* need to break the url down into scheme, address, and port */ - /* "http://example.com:8080/" */ - if (XSTRNCMP(url, "http://", 7) == 0) { - cur = 7; - } else cur = 0; - - i = 0; - while (url[cur] != 0 && url[cur] != ':' && url[cur] != '/') { - outName[i++] = url[cur++]; - } - outName[i] = 0; - /* Need to pick out the path after the domain name */ - - if (cur < urlSz && url[cur] == ':') { - char port[6]; - int j; - i = 0; - cur++; - while (cur < urlSz && url[cur] != 0 && url[cur] != '/' && - i < 6) { - port[i++] = url[cur++]; - } - - *outPort = 0; - for (j = 0; j < i; j++) { - if (port[j] < '0' || port[j] > '9') return -1; - *outPort = (*outPort * 10) + (port[j] - '0'); - } - } - else - *outPort = 80; - - if (cur < urlSz && url[cur] == '/') { - i = 0; - while (cur < urlSz && url[cur] != 0 && i < 80) { - outPath[i++] = url[cur++]; - } - outPath[i] = 0; - } - else { - outPath[0] = '/'; - outPath[1] = 0; - } - } - } - - return 0; -} - - -int CyaSSL_OCSP_set_override_url(CYASSL_OCSP* ocsp, const char* url) -{ - if (ocsp != NULL) { - int urlSz = strlen(url); - decode_url(url, urlSz, - ocsp->overrideName, ocsp->overridePath, &ocsp->overridePort); - return 1; - } + CYASSL_ENTER("InitOCSP"); + XMEMSET(ocsp, 0, sizeof(*ocsp)); + ocsp->cm = cm; + if (InitMutex(&ocsp->ocspLock) != 0) + return BAD_MUTEX_E; return 0; } -static INLINE void tcp_socket(SOCKET_T* sockfd, SOCKADDR_IN_T* addr, - const char* peer, word16 port) -{ - const char* host = peer; - - /* peer could be in human readable form */ - if (peer != INADDR_ANY && isalpha(peer[0])) { - struct hostent* entry = gethostbyname(peer); - - if (entry) { - struct sockaddr_in tmp; - memset(&tmp, 0, sizeof(struct sockaddr_in)); - memcpy(&tmp.sin_addr.s_addr, entry->h_addr_list[0], - entry->h_length); - host = inet_ntoa(tmp.sin_addr); - } - else { - CYASSL_MSG("no entry for host"); - } - } - - *sockfd = socket(AF_INET_V, SOCK_STREAM, 0); - memset(addr, 0, sizeof(SOCKADDR_IN_T)); - - addr->sin_family = AF_INET_V; - addr->sin_port = htons(port); - if (host == INADDR_ANY) - addr->sin_addr.s_addr = INADDR_ANY; - else - addr->sin_addr.s_addr = inet_addr(host); -} - - -static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port) -{ - SOCKADDR_IN_T addr; - tcp_socket(sockfd, &addr, ip, port); - - if (connect(*sockfd, (const struct sockaddr*)&addr, sizeof(addr)) != 0) { - CYASSL_MSG("tcp connect failed"); - } -} - - -static int build_http_request(const char* domainName, const char* path, - int ocspReqSz, byte* buf, int bufSize) -{ - return snprintf((char*)buf, bufSize, - "POST %s HTTP/1.1\r\n" - "Host: %s\r\n" - "Content-Length: %d\r\n" - "Content-Type: application/ocsp-request\r\n" - "\r\n", - path, domainName, ocspReqSz); -} - - -static int decode_http_response(byte* httpBuf, int httpBufSz, byte** dst) -{ - int idx = 0; - int stop = 0; - int len = 0; - byte* contentType = NULL; - byte* contentLength = NULL; - char* buf = (char*)httpBuf; /* kludge so I'm not constantly casting */ - - if (strncasecmp(buf, "HTTP/1", 6) != 0) - return 0; - - idx = 9; /* sets to the first byte after "HTTP/1.X ", which should be the - * HTTP result code */ - - if (strncasecmp(&buf[idx], "200 OK", 6) != 0) - return 0; - - idx += 8; - - while (idx < httpBufSz && !stop) { - if (buf[idx] == '\r' && buf[idx+1] == '\n') { - stop = 1; - idx += 2; - } - else { - if (contentType == NULL && - strncasecmp(&buf[idx], "Content-Type:", 13) == 0) { - idx += 13; - if (buf[idx] == ' ') idx++; - if (strncasecmp(&buf[idx], "application/ocsp-response", 25) != 0) - return 0; - idx += 27; - } else if (contentLength == NULL && - strncasecmp(&buf[idx], "Content-Length:", 15) == 0) { - idx += 15; - if (buf[idx] == ' ') idx++; - while (buf[idx] >= '0' && buf[idx] <= '9' && idx < httpBufSz) { - len = (len * 10) + (buf[idx] - '0'); - idx++; - } - idx += 2; /* skip the crlf */ - } else { - /* Advance idx past the next \r\n */ - char* end = strstr(&buf[idx], "\r\n"); - idx = end - buf + 2; - stop = 1; - } - } - } - - if (len > 0) { - *dst = (byte*)XMALLOC(len, NULL, DYNAMIC_TYPE_IN_BUFFER); - XMEMCPY(*dst, httpBuf + idx, len); - } - - return len; -} - - static int InitOCSP_Entry(OCSP_Entry* ocspe, DecodedCert* cert) { CYASSL_ENTER("InitOCSP_Entry"); - ocspe->next = NULL; + XMEMSET(ocspe, 0, sizeof(*ocspe)); XMEMCPY(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE); XMEMCPY(ocspe->issuerKeyHash, cert->issuerKeyHash, SHA_DIGEST_SIZE); - ocspe->status = NULL; - ocspe->totalStatus = 0; return 0; } -static OCSP_Entry* find_ocsp_entry(CYASSL_OCSP* ocsp, DecodedCert* cert) +static void FreeOCSP_Entry(OCSP_Entry* ocspe) { - OCSP_Entry* entry = ocsp->ocspList; + CertStatus* tmp = ocspe->status; - while (entry) - { - if (XMEMCMP(entry->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE) == 0 - && XMEMCMP(entry->issuerKeyHash, cert->issuerKeyHash, - SHA_DIGEST_SIZE) == 0) - { - CYASSL_MSG("Found OCSP responder"); - break; - } - else - { - entry = entry->next; - } - } + CYASSL_ENTER("FreeOCSP_Entry"); - if (entry == NULL) - { - CYASSL_MSG("Add a new OCSP entry"); - entry = (OCSP_Entry*)XMALLOC(sizeof(OCSP_Entry), - NULL, DYNAMIC_TYPE_OCSP_ENTRY); - if (entry != NULL) - { - InitOCSP_Entry(entry, cert); - entry->next = ocsp->ocspList; - ocsp->ocspList = entry; - } + while (tmp) { + CertStatus* next = tmp->next; + XFREE(tmp, NULL, DYNAMIC_TYPE_OCSP_STATUS); + tmp = next; } - - return entry; } -static CertStatus* find_cert_status(OCSP_Entry* ocspe, DecodedCert* cert) +void FreeOCSP(CYASSL_OCSP* ocsp, int dynamic) { - CertStatus* stat = ocspe->status; - - while (stat) - { - if(stat->serialSz == cert->serialSz && - (XMEMCMP(stat->serial, cert->serial, cert->serialSz) == 0)) - { - break; - } - else - { - stat = stat->next; - } - } - if (stat == NULL) - { - stat = (CertStatus*)XMALLOC(sizeof(CertStatus), - NULL, DYNAMIC_TYPE_OCSP_STATUS); - if (stat != NULL) - { - XMEMCPY(stat->serial, cert->serial, cert->serialSz); - stat->serialSz = cert->serialSz; - stat->status = -1; - stat->nextDate[0] = 0; - ocspe->totalStatus++; - - stat->next = ocspe->status; - ocspe->status = stat; - } - } - - return stat; -} - - -#define SCRATCH_BUFFER_SIZE 2048 + OCSP_Entry* tmp = ocsp->ocspList; -static int http_ocsp_transaction(CYASSL_OCSP* ocsp, DecodedCert* cert, - byte* ocspReqBuf, int ocspReqSz, byte** ocspRespBuf) -{ - SOCKET_T sfd = -1; - byte httpBuf[SCRATCH_BUFFER_SIZE]; - int httpBufSz = SCRATCH_BUFFER_SIZE; - char domainName[80], path[80]; - int port, ocspRespSz; - - if (ocsp->useOverrideUrl || cert->extAuthInfo == NULL) { - if (ocsp->overrideName != NULL) { - XMEMCPY(domainName, ocsp->overrideName, 80); - XMEMCPY(path, ocsp->overridePath, 80); - port = ocsp->overridePort; - } else - return OCSP_NEED_URL; - } else { - if (!decode_url((const char*)cert->extAuthInfo, cert->extAuthInfoSz, - domainName, path, &port)) - return OCSP_NEED_URL; - } + CYASSL_ENTER("FreeOCSP"); - httpBufSz = build_http_request(domainName, path, ocspReqSz, - httpBuf, httpBufSz); - - tcp_connect(&sfd, domainName, port); - if (sfd > 0) { - int written; - written = write(sfd, httpBuf, httpBufSz); - if (written == httpBufSz) { - written = write(sfd, ocspReqBuf, ocspReqSz); - if (written == ocspReqSz) { - httpBufSz = read(sfd, httpBuf, SCRATCH_BUFFER_SIZE); - if (httpBufSz > 0) { - ocspRespSz = decode_http_response(httpBuf, httpBufSz, - ocspRespBuf); - } - } - } - close(sfd); - if (ocspRespSz == 0) { - CYASSL_MSG("HTTP response was not OK, no OCSP response"); - return OCSP_LOOKUP_FAIL; - } - } else { - CYASSL_MSG("OCSP Responder connection failed"); - return OCSP_LOOKUP_FAIL; + while (tmp) { + OCSP_Entry* next = tmp->next; + FreeOCSP_Entry(tmp); + XFREE(tmp, NULL, DYNAMIC_TYPE_OCSP_ENTRY); + tmp = next; } - return ocspRespSz; + FreeMutex(&ocsp->ocspLock); + if (dynamic) + XFREE(ocsp, NULL, DYNAMIC_TYPE_OCSP); } @@ -433,98 +94,176 @@ static int xstat2err(int stat) switch (stat) { case CERT_GOOD: return 0; - break; case CERT_REVOKED: return OCSP_CERT_REVOKED; - break; default: return OCSP_CERT_UNKNOWN; - break; } } -int CyaSSL_OCSP_Lookup_Cert(CYASSL_OCSP* ocsp, DecodedCert* cert) +int CheckCertOCSP(CYASSL_OCSP* ocsp, DecodedCert* cert) { - byte ocspReqBuf[SCRATCH_BUFFER_SIZE]; - int ocspReqSz = SCRATCH_BUFFER_SIZE; + byte* ocspReqBuf = NULL; + int ocspReqSz = 2048; byte* ocspRespBuf = NULL; - int ocspRespSz; OcspRequest ocspRequest; OcspResponse ocspResponse; - int result = 0; + int result = -1; OCSP_Entry* ocspe; - CertStatus* certStatus; + CertStatus* certStatus = NULL; + CertStatus newStatus; + const char *url; + int urlSz; - /* If OCSP lookups are disabled, return success. */ - if (!ocsp->enabled) { - CYASSL_MSG("OCSP lookup disabled, assuming CERT_GOOD"); - return 0; + CYASSL_ENTER("CheckCertOCSP"); + + if (LockMutex(&ocsp->ocspLock) != 0) { + CYASSL_LEAVE("CheckCertOCSP", BAD_MUTEX_E); + return BAD_MUTEX_E; } - ocspe = find_ocsp_entry(ocsp, cert); - if (ocspe == NULL) { - CYASSL_MSG("alloc OCSP entry failed"); - return MEMORY_ERROR; + ocspe = ocsp->ocspList; + while (ocspe) { + if (XMEMCMP(ocspe->issuerHash, cert->issuerHash, SHA_DIGEST_SIZE) == 0 + && XMEMCMP(ocspe->issuerKeyHash, cert->issuerKeyHash, + SHA_DIGEST_SIZE) == 0) + break; + else + ocspe = ocspe->next; } - certStatus = find_cert_status(ocspe, cert); - if (certStatus == NULL) - { - CYASSL_MSG("alloc OCSP cert status failed"); - return MEMORY_ERROR; + if (ocspe == NULL) { + ocspe = (OCSP_Entry*)XMALLOC(sizeof(OCSP_Entry), + NULL, DYNAMIC_TYPE_OCSP_ENTRY); + if (ocspe != NULL) { + InitOCSP_Entry(ocspe, cert); + ocspe->next = ocsp->ocspList; + ocsp->ocspList = ocspe; + } + else { + UnLockMutex(&ocsp->ocspLock); + CYASSL_LEAVE("CheckCertOCSP", MEMORY_ERROR); + return MEMORY_ERROR; + } + } + else { + certStatus = ocspe->status; + while (certStatus) { + if (certStatus->serialSz == cert->serialSz && + XMEMCMP(certStatus->serial, cert->serial, cert->serialSz) == 0) + break; + else + certStatus = certStatus->next; + } } - if (certStatus->status != -1) - { + if (certStatus != NULL) { if (!ValidateDate(certStatus->thisDate, certStatus->thisDateFormat, BEFORE) || (certStatus->nextDate[0] == 0) || !ValidateDate(certStatus->nextDate, - certStatus->nextDateFormat, AFTER)) - { + certStatus->nextDateFormat, AFTER)) { CYASSL_MSG("\tinvalid status date, looking up cert"); - certStatus->status = -1; } - else - { - CYASSL_MSG("\tusing cached status"); + else { result = xstat2err(certStatus->status); + UnLockMutex(&ocsp->ocspLock); + CYASSL_LEAVE("CheckCertOCSP", result); return result; } } - - InitOcspRequest(&ocspRequest, cert, ocspReqBuf, ocspReqSz); - ocspReqSz = EncodeOcspRequest(&ocspRequest); - result = http_ocsp_transaction(ocsp, cert, - ocspReqBuf, ocspReqSz, &ocspRespBuf); - if (result < 0) return result; - /* If the transaction failed, return that result. */ - InitOcspResponse(&ocspResponse, certStatus, ocspRespBuf, ocspRespSz); - OcspResponseDecode(&ocspResponse); + UnLockMutex(&ocsp->ocspLock); - if (ocspResponse.responseStatus != OCSP_SUCCESSFUL) { - CYASSL_MSG("OCSP Responder failure"); - result = OCSP_LOOKUP_FAIL; - } else { - if (CompareOcspReqResp(&ocspRequest, &ocspResponse) == 0) - { - result = xstat2err(ocspResponse.status->status); - } + if (ocsp->cm->ocspUseOverrideURL) { + url = ocsp->cm->ocspOverrideURL; + if (url != NULL && url[0] != '\0') + urlSz = (int)XSTRLEN(url); else - { - CYASSL_MSG("OCSP Response incorrect for Request"); + return OCSP_NEED_URL; + } + else if (cert->extAuthInfoSz != 0 && cert->extAuthInfo != NULL) { + url = (const char *)cert->extAuthInfo; + urlSz = cert->extAuthInfoSz; + } + else { + /* cert doesn't have extAuthInfo, assuming CERT_GOOD */ + return 0; + } + + ocspReqBuf = (byte*)XMALLOC(ocspReqSz, NULL, DYNAMIC_TYPE_IN_BUFFER); + if (ocspReqBuf == NULL) { + CYASSL_LEAVE("CheckCertOCSP", MEMORY_ERROR); + return MEMORY_ERROR; + } + InitOcspRequest(&ocspRequest, cert, ocsp->cm->ocspSendNonce, + ocspReqBuf, ocspReqSz); + ocspReqSz = EncodeOcspRequest(&ocspRequest); + + if (ocsp->cm->ocspIOCb) + result = ocsp->cm->ocspIOCb(ocsp->cm->ocspIOCtx, url, urlSz, + ocspReqBuf, ocspReqSz, &ocspRespBuf); + + if (result >= 0 && ocspRespBuf) { + XMEMSET(&newStatus, 0, sizeof(CertStatus)); + + InitOcspResponse(&ocspResponse, &newStatus, ocspRespBuf, result); + OcspResponseDecode(&ocspResponse); + + if (ocspResponse.responseStatus != OCSP_SUCCESSFUL) result = OCSP_LOOKUP_FAIL; + else { + if (CompareOcspReqResp(&ocspRequest, &ocspResponse) == 0) { + result = xstat2err(ocspResponse.status->status); + + if (LockMutex(&ocsp->ocspLock) != 0) + result = BAD_MUTEX_E; + else { + if (certStatus != NULL) + /* Replace existing certificate entry with updated */ + XMEMCPY(certStatus, &newStatus, sizeof(CertStatus)); + else { + /* Save new certificate entry */ + certStatus = (CertStatus*)XMALLOC(sizeof(CertStatus), + NULL, DYNAMIC_TYPE_OCSP_STATUS); + if (certStatus != NULL) { + XMEMCPY(certStatus, &newStatus, sizeof(CertStatus)); + certStatus->next = ocspe->status; + ocspe->status = certStatus; + ocspe->totalStatus++; + } + } + + UnLockMutex(&ocsp->ocspLock); + } + } + else + result = OCSP_LOOKUP_FAIL; } } - if (ocspReqBuf != NULL) { - XFREE(ocspRespBuf, NULL, DYNAMIC_TYPE_IN_BUFFER); - } + else + result = OCSP_LOOKUP_FAIL; + + if (ocspReqBuf != NULL) + XFREE(ocspReqBuf, NULL, DYNAMIC_TYPE_IN_BUFFER); + + if (ocspRespBuf != NULL && ocsp->cm->ocspRespFreeCb) + ocsp->cm->ocspRespFreeCb(ocsp->cm->ocspIOCtx, ocspRespBuf); + CYASSL_LEAVE("CheckCertOCSP", result); return result; } +#else /* HAVE_OCSP */ + + +#ifdef _MSC_VER + /* 4206 warning for blank file */ + #pragma warning(disable: 4206) +#endif + + #endif /* HAVE_OCSP */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/sniffer.c b/FreeRTOS-Plus/Source/CyaSSL/src/sniffer.c index 037d52896..2c6860c83 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/sniffer.c +++ b/FreeRTOS-Plus/Source/CyaSSL/src/sniffer.c @@ -1,6 +1,6 @@ /* sniffer.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,16 +16,19 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ -#ifdef CYASSL_SNIFFER #ifdef HAVE_CONFIG_H #include #endif +#include + +#ifdef CYASSL_SNIFFER + #include #include @@ -41,7 +44,7 @@ #include #include -#include +#include #include #include @@ -74,6 +77,8 @@ enum { SNIFFER_TIMEOUT = 900, /* Cache unclosed Sessions for 15 minutes */ TICKET_HINT_LEN = 4, /* Session Ticket Hint length */ EXT_TYPE_SZ = 2, /* Extension length */ + MAX_INPUT_SZ = MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA + + MTU_EXTRA, /* Max input sz of reassembly */ TICKET_EXT_ID = 0x23 /* Session Ticket Extension ID */ }; @@ -217,7 +222,10 @@ static const char* const msgTable[] = /* 66 */ "Bad Finished Message Processing", - "Bad Compression Type" + "Bad Compression Type", + "Bad DeriveKeys Error", + "Saw ACK for Missing Packet Error", + "Bad Decrypt Operation" }; @@ -298,7 +306,7 @@ typedef struct SnifferSession { word32 srvExpected; /* server expected sequence (relative) */ FinCaputre finCaputre; /* retain out of order FIN s */ Flags flags; /* session flags */ - time_t bornOn; /* born on ticks */ + time_t lastUsed; /* last used ticks */ PacketBuffer* cliReassemblyList; /* client out of order packets */ PacketBuffer* srvReassemblyList; /* server out of order packets */ struct SnifferSession* next; /* for hash table list */ @@ -410,6 +418,13 @@ void ssl_FreeSniffer(void) FreeMutex(&SessionMutex); FreeMutex(&ServerListMutex); + + if (TraceFile) { + TraceOn = 0; + fclose(TraceFile); + TraceFile = NULL; + } + CyaSSL_Cleanup(); } @@ -463,7 +478,7 @@ static void InitSession(SnifferSession* session) session->srvSeqStart = 0; session->cliExpected = 0; session->srvExpected = 0; - session->bornOn = 0; + session->lastUsed = 0; session->cliReassemblyList = 0; session->srvReassemblyList = 0; session->next = 0; @@ -489,6 +504,7 @@ typedef struct TcpInfo { int dstPort; /* source port */ int length; /* length of this header */ word32 sequence; /* sequence number */ + word32 ackNumber; /* ack number */ byte fin; /* FIN set */ byte rst; /* RST set */ byte syn; /* SYN set */ @@ -512,7 +528,7 @@ static int SetPassword(char* passwd, int sz, int rw, void* userdata) { (void)rw; XSTRNCPY(passwd, userdata, sz); - return XSTRLEN(userdata); + return (int)XSTRLEN(userdata); } @@ -653,6 +669,15 @@ static void TraceSequence(word32 seq, int len) } +/* Show sequence and payload length for Trace */ +static void TraceAck(word32 ack, word32 expected) +{ + if (TraceOn) { + fprintf(TraceFile, "\tAck:%u Expected:%u\n", ack, expected); + } +} + + /* Show relative expected and relative received sequences */ static void TraceRelativeSequence(word32 expected, word32 got) { @@ -842,9 +867,10 @@ static word32 SessionHash(IpInfo* ipInfo, TcpInfo* tcpInfo) static SnifferSession* GetSnifferSession(IpInfo* ipInfo, TcpInfo* tcpInfo) { SnifferSession* session; - - word32 row = SessionHash(ipInfo, tcpInfo); - assert(row >= 0 && row <= HASH_SIZE); + time_t currTime = time(NULL); + word32 row = SessionHash(ipInfo, tcpInfo); + + assert(row <= HASH_SIZE); LockMutex(&SessionMutex); @@ -861,16 +887,19 @@ static SnifferSession* GetSnifferSession(IpInfo* ipInfo, TcpInfo* tcpInfo) session = session->next; } - + + if (session) + session->lastUsed= currTime; /* keep session alive, remove stale will */ + /* leave alone */ UnLockMutex(&SessionMutex); /* determine side */ if (session) { if (ipInfo->dst == session->context->server && tcpInfo->dstPort == session->context->port) - session->flags.side = SERVER_END; + session->flags.side = CYASSL_SERVER_END; else - session->flags.side = CLIENT_END; + session->flags.side = CYASSL_CLIENT_END; } return session; @@ -934,12 +963,13 @@ int ssl_SetPrivateKey(const char* serverAddress, int port, const char* keyFile, /* Check IP Header for IPV4, TCP, and a registered server address */ /* returns 0 on success, -1 on error */ -static int CheckIpHdr(IpHdr* iphdr, IpInfo* info, char* error) +static int CheckIpHdr(IpHdr* iphdr, IpInfo* info, int length, char* error) { int version = IP_V(iphdr); TraceIP(iphdr); Trace(IP_CHECK_STR); + if (version != IPV4) { SetError(BAD_IPVER_STR, error, NULL, 0); return -1; @@ -960,6 +990,9 @@ static int CheckIpHdr(IpHdr* iphdr, IpInfo* info, char* error) info->src = iphdr->src; info->dst = iphdr->dst; + if (info->total == 0) + info->total = length; /* reassembled may be off */ + return 0; } @@ -978,6 +1011,8 @@ static int CheckTcpHdr(TcpHdr* tcphdr, TcpInfo* info, char* error) info->rst = tcphdr->flags & TCP_RST; info->syn = tcphdr->flags & TCP_SYN; info->ack = tcphdr->flags & TCP_ACK; + if (info->ack) + info->ackNumber = ntohl(tcphdr->ack); if (!IsPortRegistered(info->srcPort) && !IsPortRegistered(info->dstPort)) { SetError(SERVER_PORT_NOT_REG_STR, error, NULL, 0); @@ -994,7 +1029,7 @@ static int GetRecordHeader(const byte* input, RecordLayerHeader* rh, int* size) XMEMCPY(rh, input, RECORD_HEADER_SZ); *size = (rh->length[0] << 8) | rh->length[1]; - if (*size > (RECORD_SIZE + MAX_COMP_EXTRA + MAX_MSG_EXTRA)) + if (*size > (MAX_RECORD_SIZE + COMP_EXTRA + MAX_MSG_EXTRA)) return LENGTH_ERROR; return 0; @@ -1009,9 +1044,9 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes, RsaKey key; int ret; - InitRsaKey(&key, 0); - - ret = RsaPrivateKeyDecode(session->context->ctx->privateKey.buffer, + ret = InitRsaKey(&key, 0); + if (ret == 0) + ret = RsaPrivateKeyDecode(session->context->ctx->privateKey.buffer, &idx, &key, session->context->ctx->privateKey.length); if (ret == 0) { int length = RsaEncryptSize(&key); @@ -1025,7 +1060,7 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes, return -1; } ret = RsaPrivateDecrypt(input, length, - session->sslServer->arrays.preMasterSecret, SECRET_LEN, &key); + session->sslServer->arrays->preMasterSecret,SECRET_LEN, &key); if (ret != SECRET_LEN) { SetError(RSA_DECRYPT_STR, error, session, FATAL_ERROR_STATE); @@ -1033,19 +1068,19 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes, return -1; } ret = 0; /* not in error state */ - session->sslServer->arrays.preMasterSz = SECRET_LEN; + session->sslServer->arrays->preMasterSz = SECRET_LEN; /* store for client side as well */ - XMEMCPY(session->sslClient->arrays.preMasterSecret, - session->sslServer->arrays.preMasterSecret, SECRET_LEN); - session->sslClient->arrays.preMasterSz = SECRET_LEN; + XMEMCPY(session->sslClient->arrays->preMasterSecret, + session->sslServer->arrays->preMasterSecret, SECRET_LEN); + session->sslClient->arrays->preMasterSz = SECRET_LEN; #ifdef SHOW_SECRETS { int i; printf("pre master secret: "); for (i = 0; i < SECRET_LEN; i++) - printf("%02x", session->sslServer->arrays.preMasterSecret[i]); + printf("%02x", session->sslServer->arrays->preMasterSecret[i]); printf("\n"); } #endif @@ -1075,12 +1110,12 @@ static int ProcessClientKeyExchange(const byte* input, int* sslBytes, int i; printf("server master secret: "); for (i = 0; i < SECRET_LEN; i++) - printf("%02x", session->sslServer->arrays.masterSecret[i]); + printf("%02x", session->sslServer->arrays->masterSecret[i]); printf("\n"); printf("client master secret: "); for (i = 0; i < SECRET_LEN; i++) - printf("%02x", session->sslClient->arrays.masterSecret[i]); + printf("%02x", session->sslClient->arrays->masterSecret[i]); printf("\n"); printf("server suite = %d\n", session->sslServer->options.cipherSuite); @@ -1108,7 +1143,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes, input += TICKET_HINT_LEN; /* skip over hint */ *sslBytes -= TICKET_HINT_LEN; - len = (input[0] << 8) | input[1]; + len = (word16)((input[0] << 8) | input[1]); input += LENGTH_SZ; *sslBytes -= LENGTH_SZ; @@ -1120,7 +1155,7 @@ static int ProcessSessionTicket(const byte* input, int* sslBytes, /* store session with macID as sessionID */ session->sslServer->options.haveSessionId = 1; - XMEMCPY(session->sslServer->arrays.sessionID, input + len - ID_LEN, ID_LEN); + XMEMCPY(session->sslServer->arrays->sessionID, input + len - ID_LEN,ID_LEN); return 0; } @@ -1132,7 +1167,7 @@ static int ProcessServerHello(const byte* input, int* sslBytes, { ProtocolVersion pv; byte b; - int toRead = sizeof(ProtocolVersion) + RAN_LEN + ENUM_LEN; + int toRead = VERSION_SZ + RAN_LEN + ENUM_LEN; int doResume = 0; /* make sure we didn't miss ClientHello */ @@ -1147,15 +1182,15 @@ static int ProcessServerHello(const byte* input, int* sslBytes, return -1; } - XMEMCPY(&pv, input, sizeof(ProtocolVersion)); - input += sizeof(ProtocolVersion); - *sslBytes -= sizeof(ProtocolVersion); + XMEMCPY(&pv, input, VERSION_SZ); + input += VERSION_SZ; + *sslBytes -= VERSION_SZ; session->sslServer->version = pv; session->sslClient->version = pv; - XMEMCPY(session->sslServer->arrays.serverRandom, input, RAN_LEN); - XMEMCPY(session->sslClient->arrays.serverRandom, input, RAN_LEN); + XMEMCPY(session->sslServer->arrays->serverRandom, input, RAN_LEN); + XMEMCPY(session->sslClient->arrays->serverRandom, input, RAN_LEN); input += RAN_LEN; *sslBytes -= RAN_LEN; @@ -1168,14 +1203,16 @@ static int ProcessServerHello(const byte* input, int* sslBytes, return -1; } if (b) { - XMEMCPY(session->sslServer->arrays.sessionID, input, ID_LEN); + XMEMCPY(session->sslServer->arrays->sessionID, input, ID_LEN); session->sslServer->options.haveSessionId = 1; } input += b; *sslBytes -= b; /* cipher suite */ - (void)*input++; /* eat first byte, always 0 */ + b = *input++; /* first byte, ECC or not */ + session->sslServer->options.cipherSuite0 = b; + session->sslClient->options.cipherSuite0 = b; b = *input++; session->sslServer->options.cipherSuite = b; session->sslClient->options.cipherSuite = b; @@ -1191,8 +1228,8 @@ static int ProcessServerHello(const byte* input, int* sslBytes, } if (session->sslServer->options.haveSessionId && - XMEMCMP(session->sslServer->arrays.sessionID, - session->sslClient->arrays.sessionID, ID_LEN) == 0) + XMEMCMP(session->sslServer->arrays->sessionID, + session->sslClient->arrays->sessionID, ID_LEN) == 0) doResume = 1; else if (session->sslClient->options.haveSessionId == 0 && session->sslServer->options.haveSessionId == 0 && @@ -1200,20 +1237,23 @@ static int ProcessServerHello(const byte* input, int* sslBytes, doResume = 1; if (session->ticketID && doResume) { - /* use ticketID to retrieve from session */ - XMEMCPY(session->sslServer->arrays.sessionID, session->ticketID,ID_LEN); + /* use ticketID to retrieve from session, prefer over sessionID */ + XMEMCPY(session->sslServer->arrays->sessionID,session->ticketID,ID_LEN); + session->sslServer->options.haveSessionId = 1; /* may not have + actual sessionID */ } if (doResume ) { + int ret = 0; SSL_SESSION* resume = GetSession(session->sslServer, - session->sslServer->arrays.masterSecret); + session->sslServer->arrays->masterSecret); if (resume == NULL) { SetError(BAD_SESSION_RESUME_STR, error, session, FATAL_ERROR_STATE); return -1; } /* make sure client has master secret too */ - XMEMCPY(session->sslClient->arrays.masterSecret, - session->sslServer->arrays.masterSecret, SECRET_LEN); + XMEMCPY(session->sslClient->arrays->masterSecret, + session->sslServer->arrays->masterSecret, SECRET_LEN); session->flags.resuming = 1; Trace(SERVER_DID_RESUMPTION_STR); @@ -1228,12 +1268,16 @@ static int ProcessServerHello(const byte* input, int* sslBytes, } if (session->sslServer->options.tls) { - DeriveTlsKeys(session->sslServer); - DeriveTlsKeys(session->sslClient); + ret = DeriveTlsKeys(session->sslServer); + ret += DeriveTlsKeys(session->sslClient); } else { - DeriveKeys(session->sslServer); - DeriveKeys(session->sslClient); + ret = DeriveKeys(session->sslServer); + ret += DeriveKeys(session->sslClient); + } + if (ret != 0) { + SetError(BAD_DERIVE_STR, error, session, FATAL_ERROR_STATE); + return -1; } } #ifdef SHOW_SECRETS @@ -1243,7 +1287,7 @@ static int ProcessServerHello(const byte* input, int* sslBytes, session->sslServer->options.cipherSuite); printf("server random: "); for (i = 0; i < RAN_LEN; i++) - printf("%02x", session->sslServer->arrays.serverRandom[i]); + printf("%02x", session->sslServer->arrays->serverRandom[i]); printf("\n"); } #endif @@ -1257,7 +1301,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes, { byte bLen; word16 len; - int toRead = sizeof(ProtocolVersion) + RAN_LEN + ENUM_LEN; + int toRead = VERSION_SZ + RAN_LEN + ENUM_LEN; session->flags.clientHello = 1; /* don't process again */ @@ -1268,11 +1312,11 @@ static int ProcessClientHello(const byte* input, int* sslBytes, } /* skip, get negotiated one from server hello */ - input += sizeof(ProtocolVersion); - *sslBytes -= sizeof(ProtocolVersion); + input += VERSION_SZ; + *sslBytes -= VERSION_SZ; - XMEMCPY(session->sslServer->arrays.clientRandom, input, RAN_LEN); - XMEMCPY(session->sslClient->arrays.clientRandom, input, RAN_LEN); + XMEMCPY(session->sslServer->arrays->clientRandom, input, RAN_LEN); + XMEMCPY(session->sslClient->arrays->clientRandom, input, RAN_LEN); input += RAN_LEN; *sslBytes -= RAN_LEN; @@ -1286,7 +1330,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes, return -1; } Trace(CLIENT_RESUME_TRY_STR); - XMEMCPY(session->sslClient->arrays.sessionID, input, ID_LEN); + XMEMCPY(session->sslClient->arrays->sessionID, input, ID_LEN); session->sslClient->options.haveSessionId = 1; } #ifdef SHOW_SECRETS @@ -1294,7 +1338,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes, int i; printf("client random: "); for (i = 0; i < RAN_LEN; i++) - printf("%02x", session->sslServer->arrays.clientRandom[i]); + printf("%02x", session->sslServer->arrays->clientRandom[i]); printf("\n"); } #endif @@ -1308,7 +1352,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes, SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE); return -1; } - len = (input[0] << 8) | input[1]; + len = (word16)((input[0] << 8) | input[1]); input += SUITE_LEN; *sslBytes -= SUITE_LEN; /* make sure can read suites + comp len */ @@ -1341,7 +1385,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes, SetError(CLIENT_HELLO_INPUT_STR, error, session, FATAL_ERROR_STATE); return -1; } - len = (input[0] << 8) | input[1]; + len = (word16)((input[0] << 8) | input[1]); input += SUITE_LEN; *sslBytes -= SUITE_LEN; /* make sure can read through all extensions */ @@ -1359,7 +1403,7 @@ static int ProcessClientHello(const byte* input, int* sslBytes, input += EXT_TYPE_SZ; *sslBytes -= EXT_TYPE_SZ; - extLen = (input[0] << 8) | input[1]; + extLen = (word16)((input[0] << 8) | input[1]); input += LENGTH_SZ; *sslBytes -= LENGTH_SZ; @@ -1401,18 +1445,20 @@ static int ProcessClientHello(const byte* input, int* sslBytes, /* Process Finished */ -static int ProcessFinished(const byte* input, int* sslBytes, +static int ProcessFinished(const byte* input, int size, int* sslBytes, SnifferSession* session, char* error) { SSL* ssl; word32 inOutIdx = 0; int ret; - if (session->flags.side == SERVER_END) + if (session->flags.side == CYASSL_SERVER_END) ssl = session->sslServer; else ssl = session->sslClient; - ret = DoFinished(ssl, input, &inOutIdx, SNIFF); + + ret = DoFinished(ssl, input, &inOutIdx, (word32) size, (word32) *sslBytes, + SNIFF); *sslBytes -= (int)inOutIdx; if (ret < 0) { @@ -1429,6 +1475,7 @@ static int ProcessFinished(const byte* input, int* sslBytes, } } + FreeHandshakeResources(ssl); return ret; } @@ -1489,7 +1536,7 @@ static int DoHandShake(const byte* input, int* sslBytes, break; case finished: Trace(GOT_FINISHED_STR); - ret = ProcessFinished(input, sslBytes, session, error); + ret = ProcessFinished(input, size, sslBytes, session, error); break; case client_hello: Trace(GOT_CLIENT_HELLO_STR); @@ -1511,55 +1558,79 @@ static int DoHandShake(const byte* input, int* sslBytes, } -/* Decrypt input into plain output */ -static void Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz) +/* Decrypt input into plain output, 0 on success */ +static int Decrypt(SSL* ssl, byte* output, const byte* input, word32 sz) { + int ret = 0; + switch (ssl->specs.bulk_cipher_algorithm) { #ifdef BUILD_ARC4 - case rc4: - Arc4Process(&ssl->decrypt.arc4, output, input, sz); + case cyassl_rc4: + Arc4Process(ssl->decrypt.arc4, output, input, sz); break; #endif #ifdef BUILD_DES3 - case triple_des: - Des3_CbcDecrypt(&ssl->decrypt.des3, output, input, sz); + case cyassl_triple_des: + ret = Des3_CbcDecrypt(ssl->decrypt.des3, output, input, sz); break; #endif #ifdef BUILD_AES - case aes: - AesCbcDecrypt(&ssl->decrypt.aes, output, input, sz); + case cyassl_aes: + ret = AesCbcDecrypt(ssl->decrypt.aes, output, input, sz); break; #endif #ifdef HAVE_HC128 - case hc128: - Hc128_Process(&ssl->decrypt.hc128, output, input, sz); + case cyassl_hc128: + Hc128_Process(ssl->decrypt.hc128, output, input, sz); break; #endif #ifdef BUILD_RABBIT - case rabbit: - RabbitProcess(&ssl->decrypt.rabbit, output, input, sz); + case cyassl_rabbit: + RabbitProcess(ssl->decrypt.rabbit, output, input, sz); + break; + #endif + + #ifdef HAVE_CAMELLIA + case cyassl_camellia: + CamelliaCbcDecrypt(ssl->decrypt.cam, output, input, sz); break; #endif default: Trace(BAD_DECRYPT_TYPE); + ret = -1; break; } + + return ret; } /* Decrypt input message into output, adjust output steam if needed */ static const byte* DecryptMessage(SSL* ssl, const byte* input, word32 sz, - byte* output) + byte* output, int* error) { - Decrypt(ssl, output, input, sz); + int ivExtra = 0; + + int ret = Decrypt(ssl, output, input, sz); + if (ret != 0) { + *error = ret; + return NULL; + } ssl->keys.encryptSz = sz; - if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) - return output + ssl->specs.block_size; /* go past TLSv1.1 IV */ + if (ssl->options.tls1_1 && ssl->specs.cipher_type == block) { + output += ssl->specs.block_size; /* go past TLSv1.1 IV */ + ivExtra = ssl->specs.block_size; + } + + ssl->keys.padSz = ssl->specs.hash_size; + + if (ssl->specs.cipher_type == block) + ssl->keys.padSz += *(output + sz - ivExtra - 1) + 1; return output; } @@ -1579,7 +1650,7 @@ static void RemoveSession(SnifferSession* session, IpInfo* ipInfo, else haveLock = 1; - assert(row >= 0 && row <= HASH_SIZE); + assert(row <= HASH_SIZE); Trace(REMOVE_SESSION_STR); if (!haveLock) @@ -1616,7 +1687,7 @@ static void RemoveStaleSessions(void) session = SessionTable[i]; while (session) { SnifferSession* next = session->next; - if (time(NULL) >= session->bornOn + SNIFFER_TIMEOUT) { + if (time(NULL) >= session->lastUsed + SNIFFER_TIMEOUT) { TraceStaleSession(); RemoveSession(session, NULL, NULL, i); } @@ -1643,11 +1714,11 @@ static SnifferSession* CreateSession(IpInfo* ipInfo, TcpInfo* tcpInfo, InitSession(session); session->server = ipInfo->dst; session->client = ipInfo->src; - session->srvPort = tcpInfo->dstPort; - session->cliPort = tcpInfo->srcPort; + session->srvPort = (word16)tcpInfo->dstPort; + session->cliPort = (word16)tcpInfo->srcPort; session->cliSeqStart = tcpInfo->sequence; session->cliExpected = 1; /* relative */ - session->bornOn = time(NULL); + session->lastUsed= time(NULL); session->context = GetSnifferServer(ipInfo, tcpInfo); if (session->context == NULL) { @@ -1657,18 +1728,22 @@ static SnifferSession* CreateSession(IpInfo* ipInfo, TcpInfo* tcpInfo, } session->sslServer = SSL_new(session->context->ctx); + if (session->sslServer == NULL) { + SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE); + free(session); + return 0; + } session->sslClient = SSL_new(session->context->ctx); if (session->sslClient == NULL) { - if (session->sslServer) { - SSL_free(session->sslClient); - session->sslClient = 0; - } + SSL_free(session->sslServer); + session->sslServer = 0; + SetError(BAD_NEW_SSL_STR, error, session, FATAL_ERROR_STATE); free(session); return 0; } /* put server back into server mode */ - session->sslServer->options.side = SERVER_END; + session->sslServer->options.side = CYASSL_SERVER_END; row = SessionHash(ipInfo, tcpInfo); @@ -1690,9 +1765,9 @@ static SnifferSession* CreateSession(IpInfo* ipInfo, TcpInfo* tcpInfo, /* determine headed side */ if (ipInfo->dst == session->context->server && tcpInfo->dstPort == session->context->port) - session->flags.side = SERVER_END; + session->flags.side = CYASSL_SERVER_END; else - session->flags.side = CLIENT_END; + session->flags.side = CYASSL_CLIENT_END; return session; } @@ -1720,15 +1795,15 @@ static int DoOldHello(SnifferSession* session, const byte* sslFrame, } ret = ProcessOldClientHello(session->sslServer, input, &idx, *sslBytes, - *rhSize); - if (ret < 0) { + (word16)*rhSize); + if (ret < 0 && ret != MATCH_SUITE_ERROR) { SetError(BAD_OLD_CLIENT_STR, error, session, FATAL_ERROR_STATE); return -1; } Trace(OLD_CLIENT_OK_STR); - XMEMCPY(session->sslClient->arrays.clientRandom, - session->sslServer->arrays.clientRandom, RAN_LEN); + XMEMCPY(session->sslClient->arrays->clientRandom, + session->sslServer->arrays->clientRandom, RAN_LEN); *sslBytes -= *rhSize; return 0; @@ -1799,26 +1874,30 @@ static int CheckHeaders(IpInfo* ipInfo, TcpInfo* tcpInfo, const byte* packet, { TraceHeader(); TracePacket(); + + /* ip header */ if (length < IP_HDR_SZ) { SetError(PACKET_HDR_SHORT_STR, error, NULL, 0); return -1; } - if (CheckIpHdr((IpHdr*)packet, ipInfo, error) != 0) + if (CheckIpHdr((IpHdr*)packet, ipInfo, length, error) != 0) return -1; - + + /* tcp header */ if (length < (ipInfo->length + TCP_HDR_SZ)) { SetError(PACKET_HDR_SHORT_STR, error, NULL, 0); return -1; } if (CheckTcpHdr((TcpHdr*)(packet + ipInfo->length), tcpInfo, error) != 0) return -1; - + + /* setup */ *sslFrame = packet + ipInfo->length + tcpInfo->length; if (*sslFrame > packet + length) { SetError(PACKET_HDR_SHORT_STR, error, NULL, 0); return -1; } - *sslBytes = packet + length - *sslFrame; + *sslBytes = (int)(packet + length - *sslFrame); return 0; } @@ -1899,8 +1978,8 @@ static int AddToReassembly(byte from, word32 seq, const byte* sslFrame, int sslBytes, SnifferSession* session, char* error) { PacketBuffer* add; - PacketBuffer** front = (from == SERVER_END) ? &session->cliReassemblyList: - &session->srvReassemblyList; + PacketBuffer** front = (from == CYASSL_SERVER_END) ? + &session->cliReassemblyList: &session->srvReassemblyList; PacketBuffer* curr = *front; PacketBuffer* prev = curr; @@ -1979,7 +2058,7 @@ static int AddToReassembly(byte from, word32 seq, const byte* sslFrame, /* returns 1 for success (end) */ static int AddFinCapture(SnifferSession* session, word32 sequence) { - if (session->flags.side == SERVER_END) { + if (session->flags.side == CYASSL_SERVER_END) { if (session->finCaputre.cliCounted == 0) session->finCaputre.cliFinSeq = sequence; } @@ -1996,12 +2075,12 @@ static int AddFinCapture(SnifferSession* session, word32 sequence) static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session, int* sslBytes, const byte** sslFrame, char* error) { - word32 seqStart = (session->flags.side == SERVER_END) ? + word32 seqStart = (session->flags.side == CYASSL_SERVER_END) ? session->cliSeqStart :session->srvSeqStart; word32 real = tcpInfo->sequence - seqStart; - word32* expected = (session->flags.side == SERVER_END) ? + word32* expected = (session->flags.side == CYASSL_SERVER_END) ? &session->cliExpected : &session->srvExpected; - PacketBuffer* reassemblyList = (session->flags.side == SERVER_END) ? + PacketBuffer* reassemblyList = (session->flags.side == CYASSL_SERVER_END) ? session->cliReassemblyList : session->srvReassemblyList; /* handle rollover of sequence */ @@ -2060,6 +2139,30 @@ static int AdjustSequence(TcpInfo* tcpInfo, SnifferSession* session, } +/* Check latest ack number for missing packets + return 0 ok, <0 on error */ +static int CheckAck(TcpInfo* tcpInfo, SnifferSession* session) +{ + if (tcpInfo->ack) { + word32 seqStart = (session->flags.side == CYASSL_SERVER_END) ? + session->srvSeqStart :session->cliSeqStart; + word32 real = tcpInfo->ackNumber - seqStart; + word32 expected = (session->flags.side == CYASSL_SERVER_END) ? + session->srvExpected : session->cliExpected; + + /* handle rollover of sequence */ + if (tcpInfo->ackNumber < seqStart) + real = 0xffffffffU - seqStart + tcpInfo->ackNumber; + + TraceAck(real, expected); + + if (real > expected) + return -1; /* we missed a packet, ACKing data we never saw */ + } + return 0; +} + + /* Check TCP Sequence status */ /* returns 0 on success (continue), -1 on error, 1 on success (end) */ static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo, @@ -2083,6 +2186,10 @@ static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo, } TraceSequence(tcpInfo->sequence, *sslBytes); + if (CheckAck(tcpInfo, session) < 0) { + SetError(ACK_MISSED_STR, error, session, FATAL_ERROR_STATE); + return -1; + } return AdjustSequence(tcpInfo, session, sslBytes, sslFrame, error); } @@ -2091,27 +2198,28 @@ static int CheckSequence(IpInfo* ipInfo, TcpInfo* tcpInfo, /* Check Status before record processing */ /* returns 0 on success (continue), -1 on error, 1 on success (end) */ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo, - const byte** sslFrame, SnifferSession* session, + const byte** sslFrame, SnifferSession** session, int* sslBytes, const byte** end, char* error) { word32 length; - SSL* ssl = (session->flags.side == SERVER_END) ? session->sslServer : - session->sslClient; + SSL* ssl = ((*session)->flags.side == CYASSL_SERVER_END) ? + (*session)->sslServer : (*session)->sslClient; /* remove SnifferSession on 2nd FIN or RST */ if (tcpInfo->fin || tcpInfo->rst) { /* flag FIN and RST */ if (tcpInfo->fin) - session->flags.finCount += 1; + (*session)->flags.finCount += 1; else if (tcpInfo->rst) - session->flags.finCount += 2; + (*session)->flags.finCount += 2; - if (session->flags.finCount >= 2) { - RemoveSession(session, ipInfo, tcpInfo, 0); + if ((*session)->flags.finCount >= 2) { + RemoveSession(*session, ipInfo, tcpInfo, 0); + *session = NULL; return 1; } } - if (session->flags.fatalError == FATAL_ERROR_STATE) { + if ((*session)->flags.fatalError == FATAL_ERROR_STATE) { SetError(FATAL_ERROR_STR, error, NULL, 0); return -1; } @@ -2126,8 +2234,10 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo, Trace(PARTIAL_ADD_STR); if ( (*sslBytes + length) > ssl->buffers.inputBuffer.bufferSize) { - SetError(BUFFER_ERROR_STR, error, session, FATAL_ERROR_STATE); - return -1; + if (GrowInputBuffer(ssl, *sslBytes, length) < 0) { + SetError(MEMORY_STR, error, *session, FATAL_ERROR_STATE); + return -1; + } } XMEMCPY(&ssl->buffers.inputBuffer.buffer[length], *sslFrame, *sslBytes); *sslBytes += length; @@ -2136,9 +2246,9 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo, *end = *sslFrame + *sslBytes; } - if (session->flags.clientHello == 0 && **sslFrame != handshake) { + if ((*session)->flags.clientHello == 0 && **sslFrame != handshake) { int rhSize; - int ret = DoOldHello(session, *sslFrame, &rhSize, sslBytes, error); + int ret = DoOldHello(*session, *sslFrame, &rhSize, sslBytes, error); if (ret < 0) return -1; /* error already set */ if (*sslBytes <= 0) @@ -2152,25 +2262,37 @@ static int CheckPreRecord(IpInfo* ipInfo, TcpInfo* tcpInfo, /* See if input on the reassembly list is ready for consuming */ /* returns 1 for TRUE, 0 for FALSE */ static int HaveMoreInput(SnifferSession* session, const byte** sslFrame, - int* sslBytes, const byte** end) + int* sslBytes, const byte** end, char* error) { /* sequence and reassembly based on from, not to */ int moreInput = 0; - PacketBuffer** front = (session->flags.side == SERVER_END) ? + PacketBuffer** front = (session->flags.side == CYASSL_SERVER_END) ? &session->cliReassemblyList : &session->srvReassemblyList; - word32* expected = (session->flags.side == SERVER_END) ? + word32* expected = (session->flags.side == CYASSL_SERVER_END) ? &session->cliExpected : &session->srvExpected; /* buffer is on receiving end */ - word32* length = (session->flags.side == SERVER_END) ? + word32* length = (session->flags.side == CYASSL_SERVER_END) ? &session->sslServer->buffers.inputBuffer.length : &session->sslClient->buffers.inputBuffer.length; - byte* myBuffer = (session->flags.side == SERVER_END) ? + byte* myBuffer = (session->flags.side == CYASSL_SERVER_END) ? session->sslServer->buffers.inputBuffer.buffer : session->sslClient->buffers.inputBuffer.buffer; + word32 bufferSize = (session->flags.side == CYASSL_SERVER_END) ? + session->sslServer->buffers.inputBuffer.bufferSize : + session->sslClient->buffers.inputBuffer.bufferSize; + SSL* ssl = (session->flags.side == CYASSL_SERVER_END) ? + session->sslServer : session->sslClient; while (*front && ((*front)->begin == *expected) ) { - word32 room = STATIC_BUFFER_LEN - *length; + word32 room = bufferSize - *length; word32 packetLen = (*front)->end - (*front)->begin + 1; + + if (packetLen > room && bufferSize < MAX_INPUT_SZ) { + if (GrowInputBuffer(ssl, packetLen, *length) < 0) { + SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE); + return 0; + } + } if (packetLen <= room) { PacketBuffer* del = *front; @@ -2206,14 +2328,19 @@ static int ProcessMessage(const byte* sslFrame, SnifferSession* session, const byte* sslBegin = sslFrame; const byte* tmp; RecordLayerHeader rh; - int rhSize; + int rhSize = 0; int ret; + int errCode = 0; int decoded = 0; /* bytes stored for user in data */ int notEnough; /* notEnough bytes yet flag */ - SSL* ssl = (session->flags.side == SERVER_END) ? + SSL* ssl = (session->flags.side == CYASSL_SERVER_END) ? session->sslServer : session->sslClient; doMessage: notEnough = 0; + if (sslBytes < 0) { + SetError(PACKET_HDR_SHORT_STR, error, session, FATAL_ERROR_STATE); + return -1; + } if (sslBytes >= RECORD_HEADER_SZ) { if (GetRecordHeader(sslFrame, &rh, &rhSize) != 0) { SetError(BAD_RECORD_HDR_STR, error, session, FATAL_ERROR_STATE); @@ -2230,13 +2357,15 @@ doMessage: /* store partial if not there already or we advanced */ if (ssl->buffers.inputBuffer.length == 0 || sslBegin != sslFrame) { if (sslBytes > (int)ssl->buffers.inputBuffer.bufferSize) { - SetError(BUFFER_ERROR_STR, error, session, FATAL_ERROR_STATE); - return -1; + if (GrowInputBuffer(ssl, sslBytes, 0) < 0) { + SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE); + return -1; + } } XMEMCPY(ssl->buffers.inputBuffer.buffer, sslFrame, sslBytes); ssl->buffers.inputBuffer.length = sslBytes; } - if (HaveMoreInput(session, &sslFrame, &sslBytes, &end)) + if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error)) goto doMessage; return decoded; } @@ -2245,12 +2374,21 @@ doMessage: tmp = sslFrame + rhSize; /* may have more than one record to process */ /* decrypt if needed */ - if (session->flags.side == SERVER_END && session->flags.serverCipherOn) - sslFrame = DecryptMessage(ssl, sslFrame, rhSize, - ssl->buffers.outputBuffer.buffer); - else if (session->flags.side == CLIENT_END && session->flags.clientCipherOn) + if ((session->flags.side == CYASSL_SERVER_END && + session->flags.serverCipherOn) + || (session->flags.side == CYASSL_CLIENT_END && + session->flags.clientCipherOn)) { + if (CheckAvailableSize(ssl, rhSize) < 0) { + SetError(MEMORY_STR, error, session, FATAL_ERROR_STATE); + return -1; + } sslFrame = DecryptMessage(ssl, sslFrame, rhSize, - ssl->buffers.outputBuffer.buffer); + ssl->buffers.outputBuffer.buffer, &errCode); + if (errCode != 0) { + SetError(BAD_DECRYPT, error, session, FATAL_ERROR_STATE); + return -1; + } + } switch ((enum ContentType)rh.type) { case handshake: @@ -2263,11 +2401,12 @@ doMessage: } break; case change_cipher_spec: - if (session->flags.side == SERVER_END) + if (session->flags.side == CYASSL_SERVER_END) session->flags.serverCipherOn = 1; else session->flags.clientCipherOn = 1; Trace(GOT_CHANGE_CIPHER_STR); + ssl->options.handShakeState = HANDSHAKE_DONE; break; case application_data: Trace(GOT_APP_DATA_STR); @@ -2290,6 +2429,8 @@ doMessage: SetError(BAD_APP_DATA_STR, error,session,FATAL_ERROR_STATE); return -1; } + if (ssl->buffers.outputBuffer.dynamicFlag) + ShrinkOutputBuffer(ssl); } break; case alert: @@ -2304,7 +2445,7 @@ doMessage: if (tmp < end) { Trace(ANOTHER_MSG_STR); sslFrame = tmp; - sslBytes = end - tmp; + sslBytes = (int)(end - tmp); goto doMessage; } @@ -2312,8 +2453,11 @@ doMessage: ssl->buffers.inputBuffer.length = 0; /* could have more input ready now */ - if (HaveMoreInput(session, &sslFrame, &sslBytes, &end)) + if (HaveMoreInput(session, &sslFrame, &sslBytes, &end, error)) goto doMessage; + + if (ssl->buffers.inputBuffer.dynamicFlag) + ShrinkInputBuffer(ssl, NO_FORCED_FREE); return decoded; } @@ -2346,6 +2490,20 @@ static void CheckFinCapture(IpInfo* ipInfo, TcpInfo* tcpInfo, } +/* If session is in fatal error state free resources now + return true if removed, 0 otherwise */ +static int RemoveFatalSession(IpInfo* ipInfo, TcpInfo* tcpInfo, + SnifferSession* session, char* error) +{ + if (session && session->flags.fatalError == FATAL_ERROR_STATE) { + RemoveSession(session, ipInfo, tcpInfo, 0); + SetError(FATAL_ERROR_STR, error, NULL, 0); + return 1; + } + return 0; +} + + /* Passes in an IP/TCP packet for decoding (ethernet/localhost frame) removed */ /* returns Number of bytes on success, 0 for no data yet, and -1 on error */ int ssl_DecodePacket(const byte* packet, int length, byte* data, char* error) @@ -2363,19 +2521,23 @@ int ssl_DecodePacket(const byte* packet, int length, byte* data, char* error) return -1; ret = CheckSession(&ipInfo, &tcpInfo, sslBytes, &session, error); - if (ret == -1) return -1; - else if (ret == 1) return 0; /* done for now */ + if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1; + else if (ret == -1) return -1; + else if (ret == 1) return 0; /* done for now */ ret = CheckSequence(&ipInfo, &tcpInfo, session, &sslBytes, &sslFrame,error); - if (ret == -1) return -1; - else if (ret == 1) return 0; /* done for now */ + if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1; + else if (ret == -1) return -1; + else if (ret == 1) return 0; /* done for now */ - ret = CheckPreRecord(&ipInfo, &tcpInfo, &sslFrame, session, &sslBytes, + ret = CheckPreRecord(&ipInfo, &tcpInfo, &sslFrame, &session, &sslBytes, &end, error); - if (ret == -1) return -1; - else if (ret == 1) return 0; /* done for now */ + if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1; + else if (ret == -1) return -1; + else if (ret == 1) return 0; /* done for now */ ret = ProcessMessage(sslFrame, session, sslBytes, data, end, error); + if (RemoveFatalSession(&ipInfo, &tcpInfo, session, error)) return -1; CheckFinCapture(&ipInfo, &tcpInfo, session); return ret; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/ssl.c b/FreeRTOS-Plus/Source/CyaSSL/src/ssl.c index 8456c5839..9f1a5f107 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/ssl.c +++ b/FreeRTOS-Plus/Source/CyaSSL/src/ssl.c @@ -1,6 +1,6 @@ /* ssl.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,23 +16,23 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif -#ifdef HAVE_ERRNO_H +#include + +#ifdef HAVE_ERRNO_H #include #endif -#define TRUE 1 -#define FALSE 0 #include #include -#include +#include #include #if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) @@ -61,11 +61,23 @@ #endif #ifndef NO_FILESYSTEM - #if !defined(USE_WINDOWS_API) && !defined(NO_CYASSL_DIR) + #if !defined(USE_WINDOWS_API) && !defined(NO_CYASSL_DIR) \ + && !defined(EBSNET) #include + #include + #endif + #ifdef EBSNET + #include "vfapi.h" + #include "vfile.h" #endif #endif /* NO_FILESYSTEM */ +#ifndef TRUE + #define TRUE 1 +#endif +#ifndef FALSE + #define FALSE 0 +#endif #ifndef min @@ -76,10 +88,20 @@ #endif /* min */ +#ifndef max +#ifdef CYASSL_DTLS + static INLINE word32 max(word32 a, word32 b) + { + return a > b ? a : b; + } +#endif +#endif /* min */ + +#ifndef CYASSL_LEANPSK char* mystrnstr(const char* s1, const char* s2, unsigned int n) { - unsigned int s2_len = XSTRLEN(s2); + unsigned int s2_len = (unsigned int)XSTRLEN(s2); if (s2_len == 0) return (char*)s1; @@ -94,6 +116,12 @@ char* mystrnstr(const char* s1, const char* s2, unsigned int n) return NULL; } +#endif + + +/* prevent multiple mutex initializations */ +static volatile int initRefCount = 0; +static CyaSSL_Mutex count_mutex; /* init ref count mutex */ CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD* method) @@ -102,6 +130,9 @@ CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD* method) CYASSL_ENTER("CYASSL_CTX_new"); + if (initRefCount == 0) + CyaSSL_Init(); /* user no longer forced to call Init themselves */ + if (method == NULL) return ctx; @@ -113,6 +144,10 @@ CYASSL_CTX* CyaSSL_CTX_new(CYASSL_METHOD* method) ctx = NULL; } } + else { + CYASSL_MSG("Alloc CTX failed, method freed"); + XFREE(method, NULL, DYNAMIC_TYPE_METHOD); + } CYASSL_LEAVE("CYASSL_CTX_new", 0); return ctx; @@ -131,7 +166,9 @@ void CyaSSL_CTX_free(CYASSL_CTX* ctx) CYASSL* CyaSSL_new(CYASSL_CTX* ctx) { CYASSL* ssl = NULL; + int ret = 0; + (void)ret; CYASSL_ENTER("SSL_new"); if (ctx == NULL) @@ -139,12 +176,12 @@ CYASSL* CyaSSL_new(CYASSL_CTX* ctx) ssl = (CYASSL*) XMALLOC(sizeof(CYASSL), ctx->heap,DYNAMIC_TYPE_SSL); if (ssl) - if (InitSSL(ssl, ctx) < 0) { + if ( (ret = InitSSL(ssl, ctx)) < 0) { FreeSSL(ssl); ssl = 0; } - CYASSL_LEAVE("SSL_new", 0); + CYASSL_LEAVE("SSL_new", ret); return ssl; } @@ -167,6 +204,14 @@ int CyaSSL_set_fd(CYASSL* ssl, int fd) ssl->IOCB_ReadCtx = &ssl->rfd; ssl->IOCB_WriteCtx = &ssl->wfd; + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + ssl->IOCB_ReadCtx = &ssl->buffers.dtlsCtx; + ssl->IOCB_WriteCtx = &ssl->buffers.dtlsCtx; + ssl->buffers.dtlsCtx.fd = fd; + } + #endif + CYASSL_LEAVE("SSL_set_fd", SSL_SUCCESS); return SSL_SUCCESS; } @@ -180,40 +225,156 @@ int CyaSSL_get_fd(const CYASSL* ssl) } +int CyaSSL_get_using_nonblock(CYASSL* ssl) +{ + CYASSL_ENTER("CyaSSL_get_using_nonblock"); + CYASSL_LEAVE("CyaSSL_get_using_nonblock", ssl->options.usingNonblock); + return ssl->options.usingNonblock; +} + + +int CyaSSL_dtls(CYASSL* ssl) +{ + return ssl->options.dtls; +} + + +#ifndef CYASSL_LEANPSK +void CyaSSL_set_using_nonblock(CYASSL* ssl, int nonblock) +{ + CYASSL_ENTER("CyaSSL_set_using_nonblock"); + ssl->options.usingNonblock = (nonblock != 0); +} + + +int CyaSSL_dtls_set_peer(CYASSL* ssl, void* peer, unsigned int peerSz) +{ +#ifdef CYASSL_DTLS + void* sa = (void*)XMALLOC(peerSz, ssl->heap, DYNAMIC_TYPE_SOCKADDR); + if (sa != NULL) { + XMEMCPY(sa, peer, peerSz); + ssl->buffers.dtlsCtx.peer.sa = sa; + ssl->buffers.dtlsCtx.peer.sz = peerSz; + return SSL_SUCCESS; + } + return SSL_FAILURE; +#else + (void)ssl; + (void)peer; + (void)peerSz; + return SSL_NOT_IMPLEMENTED; +#endif +} + +int CyaSSL_dtls_get_peer(CYASSL* ssl, void* peer, unsigned int* peerSz) +{ +#ifdef CYASSL_DTLS + if (peer != NULL && peerSz != NULL + && *peerSz >= ssl->buffers.dtlsCtx.peer.sz) { + *peerSz = ssl->buffers.dtlsCtx.peer.sz; + XMEMCPY(peer, ssl->buffers.dtlsCtx.peer.sa, *peerSz); + return SSL_SUCCESS; + } + return SSL_FAILURE; +#else + (void)ssl; + (void)peer; + (void)peerSz; + return SSL_NOT_IMPLEMENTED; +#endif +} +#endif /* CYASSL_LEANPSK */ + + +/* return underlyig connect or accept, SSL_SUCCESS on ok */ int CyaSSL_negotiate(CYASSL* ssl) { int err = SSL_FATAL_ERROR; CYASSL_ENTER("CyaSSL_negotiate"); #ifndef NO_CYASSL_SERVER - if (ssl->options.side == SERVER_END) + if (ssl->options.side == CYASSL_SERVER_END) err = CyaSSL_accept(ssl); #endif #ifndef NO_CYASSL_CLIENT - if (ssl->options.side == CLIENT_END) + if (ssl->options.side == CYASSL_CLIENT_END) err = CyaSSL_connect(ssl); #endif CYASSL_LEAVE("CyaSSL_negotiate", err); - if (err == SSL_SUCCESS) - return 0; - else - return err; + return err; } -/* server Diffie-Hellman parameters */ +#ifndef CYASSL_LEANPSK +/* object size based on build */ +int CyaSSL_GetObjectSize(void) +{ +#ifdef SHOW_SIZES + printf("sizeof suites = %lu\n", sizeof(Suites)); + printf("sizeof ciphers(2) = %lu\n", sizeof(Ciphers)); +#ifndef NO_RC4 + printf(" sizeof arc4 = %lu\n", sizeof(Arc4)); +#endif + printf(" sizeof aes = %lu\n", sizeof(Aes)); +#ifndef NO_DES3 + printf(" sizeof des3 = %lu\n", sizeof(Des3)); +#endif +#ifndef NO_RABBIT + printf(" sizeof rabbit = %lu\n", sizeof(Rabbit)); +#endif + printf("sizeof cipher specs = %lu\n", sizeof(CipherSpecs)); + printf("sizeof keys = %lu\n", sizeof(Keys)); + printf("sizeof Hashes(2) = %lu\n", sizeof(Hashes)); +#ifndef NO_MD5 + printf(" sizeof MD5 = %lu\n", sizeof(Md5)); +#endif +#ifndef NO_SHA + printf(" sizeof SHA = %lu\n", sizeof(Sha)); +#endif +#ifndef NO_SHA256 + printf(" sizeof SHA256 = %lu\n", sizeof(Sha256)); +#endif +#ifdef CYASSL_SHA384 + printf(" sizeof SHA384 = %lu\n", sizeof(Sha384)); +#endif +#ifdef CYASSL_SHA384 + printf(" sizeof SHA512 = %lu\n", sizeof(Sha512)); +#endif + printf("sizeof Buffers = %lu\n", sizeof(Buffers)); + printf("sizeof Options = %lu\n", sizeof(Options)); + printf("sizeof Arrays = %lu\n", sizeof(Arrays)); +#ifndef NO_RSA + printf("sizeof RsaKey = %lu\n", sizeof(RsaKey)); +#endif +#ifdef HAVE_ECC + printf("sizeof ecc_key = %lu\n", sizeof(ecc_key)); +#endif + printf("sizeof CYASSL_CIPHER = %lu\n", sizeof(CYASSL_CIPHER)); + printf("sizeof CYASSL_SESSION = %lu\n", sizeof(CYASSL_SESSION)); + printf("sizeof CYASSL = %lu\n", sizeof(CYASSL)); + printf("sizeof CYASSL_CTX = %lu\n", sizeof(CYASSL_CTX)); +#endif + + return sizeof(CYASSL); +} +#endif + + +#ifndef NO_DH +/* server Diffie-Hellman parameters, SSL_SUCCESS on ok */ int CyaSSL_SetTmpDH(CYASSL* ssl, const unsigned char* p, int pSz, const unsigned char* g, int gSz) { byte havePSK = 0; + byte haveRSA = 1; CYASSL_ENTER("CyaSSL_SetTmpDH"); if (ssl == NULL || p == NULL || g == NULL) return BAD_FUNC_ARG; - if (ssl->options.side != SERVER_END) + if (ssl->options.side != CYASSL_SERVER_END) return SIDE_ERROR; if (ssl->buffers.serverDH_P.buffer && ssl->buffers.weOwnDH) @@ -244,13 +405,17 @@ int CyaSSL_SetTmpDH(CYASSL* ssl, const unsigned char* p, int pSz, #ifndef NO_PSK havePSK = ssl->options.havePSK; #endif - InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, - havePSK, ssl->options.haveNTRU, ssl->options.haveECDSAsig, + #ifdef NO_RSA + haveRSA = 0; + #endif + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, ssl->options.haveDH, + ssl->options.haveNTRU, ssl->options.haveECDSAsig, ssl->options.haveStaticECC, ssl->options.side); CYASSL_LEAVE("CyaSSL_SetTmpDH", 0); - return 0; + return SSL_SUCCESS; } +#endif /* !NO_DH */ int CyaSSL_write(CYASSL* ssl, const void* data, int sz) @@ -259,7 +424,10 @@ int CyaSSL_write(CYASSL* ssl, const void* data, int sz) CYASSL_ENTER("SSL_write()"); -#ifdef HAVE_ERRNO_H + if (ssl == NULL || data == NULL || sz < 0) + return BAD_FUNC_ARG; + +#ifdef HAVE_ERRNO_H errno = 0; #endif @@ -274,19 +442,31 @@ int CyaSSL_write(CYASSL* ssl, const void* data, int sz) } -int CyaSSL_read(CYASSL* ssl, void* data, int sz) +static int CyaSSL_read_internal(CYASSL* ssl, void* data, int sz, int peek) { - int ret; + int ret; + + CYASSL_ENTER("CyaSSL_read_internal()"); - CYASSL_ENTER("SSL_read()"); + if (ssl == NULL || data == NULL || sz < 0) + return BAD_FUNC_ARG; -#ifdef HAVE_ERRNO_H +#ifdef HAVE_ERRNO_H errno = 0; #endif +#ifdef CYASSL_DTLS + if (ssl->options.dtls) + ssl->dtls_expected_rx = max(sz + 100, MAX_MTU); +#endif - ret = ReceiveData(ssl, (byte*)data, min(sz, OUTPUT_RECORD_SIZE)); +#ifdef HAVE_MAX_FRAGMENT + ret = ReceiveData(ssl, (byte*)data, + min(sz, min(ssl->max_fragment, OUTPUT_RECORD_SIZE)), peek); +#else + ret = ReceiveData(ssl, (byte*)data, min(sz, OUTPUT_RECORD_SIZE), peek); +#endif - CYASSL_LEAVE("SSL_read()", ret); + CYASSL_LEAVE("CyaSSL_read_internal()", ret); if (ret < 0) return SSL_FATAL_ERROR; @@ -295,4624 +475,7784 @@ int CyaSSL_read(CYASSL* ssl, void* data, int sz) } -int CyaSSL_shutdown(CYASSL* ssl) +int CyaSSL_peek(CYASSL* ssl, void* data, int sz) { - CYASSL_ENTER("SSL_shutdown()"); - - if (ssl->options.quietShutdown) { - CYASSL_MSG("quiet shutdown, no close notify sent"); - return 0; - } + CYASSL_ENTER("CyaSSL_peek()"); - /* try to send close notify, not an error if can't */ - if (!ssl->options.isClosed && !ssl->options.connReset && - !ssl->options.sentNotify) { - ssl->error = SendAlert(ssl, alert_warning, close_notify); - if (ssl->error < 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.sentNotify = 1; /* don't send close_notify twice */ - } + return CyaSSL_read_internal(ssl, data, sz, TRUE); +} - CYASSL_LEAVE("SSL_shutdown()", ssl->error); - ssl->error = SSL_ERROR_SYSCALL; /* simulate OpenSSL behavior */ +int CyaSSL_read(CYASSL* ssl, void* data, int sz) +{ + CYASSL_ENTER("CyaSSL_read()"); - return 0; + return CyaSSL_read_internal(ssl, data, sz, FALSE); } -int CyaSSL_get_error(CYASSL* ssl, int ret) +#ifdef HAVE_CAVIUM + +/* let's use cavium, SSL_SUCCESS on ok */ +int CyaSSL_UseCavium(CYASSL* ssl, int devId) { - CYASSL_ENTER("SSL_get_error"); - CYASSL_LEAVE("SSL_get_error", ssl->error); - if (ret > 0) - return SSL_ERROR_NONE; + if (ssl == NULL) + return BAD_FUNC_ARG; - if (ssl->error == WANT_READ) - return SSL_ERROR_WANT_READ; /* convert to OpenSSL type */ - else if (ssl->error == WANT_WRITE) - return SSL_ERROR_WANT_WRITE; /* convert to OpenSSL type */ - else if (ssl->error == ZERO_RETURN) - return SSL_ERROR_ZERO_RETURN; /* convert to OpenSSL type */ - return ssl->error; + ssl->devId = devId; + + return SSL_SUCCESS; } -int CyaSSL_want_read(CYASSL* ssl) +/* let's use cavium, SSL_SUCCESS on ok */ +int CyaSSL_CTX_UseCavium(CYASSL_CTX* ctx, int devId) { - CYASSL_ENTER("SSL_want_read"); - if (ssl->error == WANT_READ) - return 1; + if (ctx == NULL) + return BAD_FUNC_ARG; - return 0; + ctx->devId = devId; + + return SSL_SUCCESS; } -int CyaSSL_want_write(CYASSL* ssl) +#endif /* HAVE_CAVIUM */ + +#ifdef HAVE_SNI + +int CyaSSL_UseSNI(CYASSL* ssl, byte type, const void* data, word16 size) { - CYASSL_ENTER("SSL_want_write"); - if (ssl->error == WANT_WRITE) - return 1; + if (ssl == NULL) + return BAD_FUNC_ARG; - return 0; + return TLSX_UseSNI(&ssl->extensions, type, data, size); } - -char* CyaSSL_ERR_error_string(unsigned long errNumber, char* data) +int CyaSSL_CTX_UseSNI(CYASSL_CTX* ctx, byte type, const void* data, word16 size) { - static const char* msg = "Please supply a buffer for error string"; - - CYASSL_ENTER("ERR_error_string"); - if (data) { - SetErrorString(errNumber, data); - return data; - } + if (ctx == NULL) + return BAD_FUNC_ARG; - return (char*)msg; + return TLSX_UseSNI(&ctx->extensions, type, data, size); } +#ifndef NO_CYASSL_SERVER -void CyaSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long len) +void CyaSSL_SNI_SetOptions(CYASSL* ssl, byte type, byte options) { - CYASSL_ENTER("CyaSSL_ERR_error_string_n"); - if (len) CyaSSL_ERR_error_string(e, buf); + if (ssl && ssl->extensions) + TLSX_SNI_SetOptions(ssl->extensions, type, options); } - -CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void) +void CyaSSL_CTX_SNI_SetOptions(CYASSL_CTX* ctx, byte type, byte options) { - CYASSL_CERT_MANAGER* cm = NULL; + if (ctx && ctx->extensions) + TLSX_SNI_SetOptions(ctx->extensions, type, options); +} - CYASSL_ENTER("CyaSSL_CertManagerNew"); +byte CyaSSL_SNI_Status(CYASSL* ssl, byte type) +{ + return TLSX_SNI_Status(ssl ? ssl->extensions : NULL, type); +} - cm = (CYASSL_CERT_MANAGER*) XMALLOC(sizeof(CYASSL_CERT_MANAGER), 0, - DYNAMIC_TYPE_CERT_MANAGER); - if (cm) { - cm->caList = NULL; - cm->heap = NULL; - cm->caCacheCallback = NULL; - cm->crl = NULL; - cm->crlEnabled = 0; - cm->crlCheckAll = 0; - cm->cbMissingCRL = NULL; +word16 CyaSSL_SNI_GetRequest(CYASSL* ssl, byte type, void** data) +{ + if (data) + *data = NULL; - if (InitMutex(&cm->caLock) != 0) { - CYASSL_MSG("Bad mutex init"); - CyaSSL_CertManagerFree(cm); - return NULL; - } - } + if (ssl && ssl->extensions) + return TLSX_SNI_GetRequest(ssl->extensions, type, data); - return cm; + return 0; } - -void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER* cm) +int CyaSSL_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, byte type, + byte* sni, word32* inOutSz) { - CYASSL_ENTER("CyaSSL_CertManagerFree"); - - if (cm) { - #ifdef HAVE_CRL - if (cm->crl) - FreeCRL(cm->crl); - #endif - FreeSigners(cm->caList, NULL); - FreeMutex(&cm->caLock); - XFREE(cm, NULL, DYNAMIC_TYPE_CERT_MANAGER); - } + if (clientHello && helloSz > 0 && sni && inOutSz && *inOutSz > 0) + return TLSX_SNI_GetFromBuffer(clientHello, helloSz, type, sni, inOutSz); + return BAD_FUNC_ARG; } +#endif /* NO_CYASSL_SERVER */ +#endif /* HAVE_SNI */ -#ifndef NO_FILESYSTEM - -void CyaSSL_ERR_print_errors_fp(FILE* fp, int err) +#ifdef HAVE_MAX_FRAGMENT +#ifndef NO_CYASSL_CLIENT +int CyaSSL_UseMaxFragment(CYASSL* ssl, byte mfl) { - char data[MAX_ERROR_SZ + 1]; + if (ssl == NULL) + return BAD_FUNC_ARG; - CYASSL_ENTER("CyaSSL_ERR_print_errors_fp"); - SetErrorString(err, data); - fprintf(fp, "%s", data); + return TLSX_UseMaxFragment(&ssl->extensions, mfl); } -#endif +int CyaSSL_CTX_UseMaxFragment(CYASSL_CTX* ctx, byte mfl) +{ + if (ctx == NULL) + return BAD_FUNC_ARG; + return TLSX_UseMaxFragment(&ctx->extensions, mfl); +} +#endif /* NO_CYASSL_CLIENT */ +#endif /* HAVE_MAX_FRAGMENT */ -int CyaSSL_pending(CYASSL* ssl) +#ifdef HAVE_TRUNCATED_HMAC +#ifndef NO_CYASSL_CLIENT +int CyaSSL_UseTruncatedHMAC(CYASSL* ssl) { - CYASSL_ENTER("SSL_pending"); - return ssl->buffers.clearOutputBuffer.length; -} + if (ssl == NULL) + return BAD_FUNC_ARG; + return TLSX_UseTruncatedHMAC(&ssl->extensions); +} -/* trun on handshake group messages for context */ -int CyaSSL_CTX_set_group_messages(CYASSL_CTX* ctx) +int CyaSSL_CTX_UseTruncatedHMAC(CYASSL_CTX* ctx) { if (ctx == NULL) - return BAD_FUNC_ARG; - - ctx->groupMessages = 1; + return BAD_FUNC_ARG; - return SSL_SUCCESS; + return TLSX_UseTruncatedHMAC(&ctx->extensions); } +#endif /* NO_CYASSL_CLIENT */ +#endif /* HAVE_TRUNCATED_HMAC */ - +/* Elliptic Curves */ +#ifdef HAVE_SUPPORTED_CURVES #ifndef NO_CYASSL_CLIENT -/* connect enough to get peer cert chain */ -int CyaSSL_connect_cert(CYASSL* ssl) -{ - int ret; +int CyaSSL_UseSupportedCurve(CYASSL* ssl, word16 name) +{ if (ssl == NULL) - return SSL_FAILURE; + return BAD_FUNC_ARG; - ssl->options.certOnly = 1; - ret = CyaSSL_connect(ssl); - ssl->options.certOnly = 0; + switch (name) { + case CYASSL_ECC_SECP160R1: + case CYASSL_ECC_SECP192R1: + case CYASSL_ECC_SECP224R1: + case CYASSL_ECC_SECP256R1: + case CYASSL_ECC_SECP384R1: + case CYASSL_ECC_SECP521R1: + break; - return ret; -} -#endif + default: + return BAD_FUNC_ARG; + } + return TLSX_UseSupportedCurve(&ssl->extensions, name); +} -/* trun on handshake group messages for ssl object */ -int CyaSSL_set_group_messages(CYASSL* ssl) +int CyaSSL_CTX_UseSupportedCurve(CYASSL_CTX* ctx, word16 name) { - if (ssl == NULL) - return BAD_FUNC_ARG; + if (ctx == NULL) + return BAD_FUNC_ARG; - ssl->options.groupMessages = 1; + switch (name) { + case CYASSL_ECC_SECP160R1: + case CYASSL_ECC_SECP192R1: + case CYASSL_ECC_SECP224R1: + case CYASSL_ECC_SECP256R1: + case CYASSL_ECC_SECP384R1: + case CYASSL_ECC_SECP521R1: + break; - return SSL_SUCCESS; + default: + return BAD_FUNC_ARG; + } + + return TLSX_UseSupportedCurve(&ctx->extensions, name); } +#endif /* NO_CYASSL_CLIENT */ +#endif /* HAVE_SUPPORTED_CURVES */ + -int CyaSSL_SetVersion(CYASSL* ssl, int version) +#ifndef CYASSL_LEANPSK +int CyaSSL_send(CYASSL* ssl, const void* data, int sz, int flags) { - byte havePSK = 0; + int ret; + int oldFlags; - CYASSL_ENTER("CyaSSL_SetVersion"); + CYASSL_ENTER("CyaSSL_send()"); - if (ssl == NULL) { - CYASSL_MSG("Bad function argument"); + if (ssl == NULL || data == NULL || sz < 0) return BAD_FUNC_ARG; - } - switch (version) { - case CYASSL_SSLV3: - ssl->version = MakeSSLv3(); - break; + oldFlags = ssl->wflags; -#ifndef NO_TLS - case CYASSL_TLSV1: - ssl->version = MakeTLSv1(); - break; + ssl->wflags = flags; + ret = CyaSSL_write(ssl, data, sz); + ssl->wflags = oldFlags; - case CYASSL_TLSV1_1: - ssl->version = MakeTLSv1_1(); - break; + CYASSL_LEAVE("CyaSSL_send()", ret); - case CYASSL_TLSV1_2: - ssl->version = MakeTLSv1_2(); - break; -#endif + return ret; +} - default: - CYASSL_MSG("Bad function argument"); - return BAD_FUNC_ARG; - } - #ifndef NO_PSK - havePSK = ssl->options.havePSK; - #endif +int CyaSSL_recv(CYASSL* ssl, void* data, int sz, int flags) +{ + int ret; + int oldFlags; - InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK, - ssl->options.haveNTRU, ssl->options.haveECDSAsig, - ssl->options.haveStaticECC, ssl->options.side); + CYASSL_ENTER("CyaSSL_recv()"); - return SSL_SUCCESS; + if (ssl == NULL || data == NULL || sz < 0) + return BAD_FUNC_ARG; + + oldFlags = ssl->rflags; + + ssl->rflags = flags; + ret = CyaSSL_read(ssl, data, sz); + ssl->rflags = oldFlags; + + CYASSL_LEAVE("CyaSSL_recv()", ret); + + return ret; } +#endif -/* does CA already exist on signer list */ -int AlreadySigner(CYASSL_CERT_MANAGER* cm, byte* hash) +/* SSL_SUCCESS on ok */ +int CyaSSL_shutdown(CYASSL* ssl) { - Signer* signers; - int ret = 0; + CYASSL_ENTER("SSL_shutdown()"); - if (LockMutex(&cm->caLock) != 0) - return ret; - signers = cm->caList; - while (signers) { - if (XMEMCMP(hash, signers->hash, SHA_DIGEST_SIZE) == 0) { - ret = 1; - break; + if (ssl == NULL) + return SSL_FATAL_ERROR; + + if (ssl->options.quietShutdown) { + CYASSL_MSG("quiet shutdown, no close notify sent"); + return SSL_SUCCESS; + } + + /* try to send close notify, not an error if can't */ + if (!ssl->options.isClosed && !ssl->options.connReset && + !ssl->options.sentNotify) { + ssl->error = SendAlert(ssl, alert_warning, close_notify); + if (ssl->error < 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; } - signers = signers->next; + ssl->options.sentNotify = 1; /* don't send close_notify twice */ } - UnLockMutex(&cm->caLock); - return ret; + CYASSL_LEAVE("SSL_shutdown()", ssl->error); + + ssl->error = SSL_ERROR_SYSCALL; /* simulate OpenSSL behavior */ + + return SSL_SUCCESS; } -/* return CA if found, otherwise NULL */ -Signer* GetCA(void* vp, byte* hash) +int CyaSSL_get_error(CYASSL* ssl, int ret) { - CYASSL_CERT_MANAGER* cm = (CYASSL_CERT_MANAGER*)vp; - Signer* ret = NULL; - Signer* signers; + CYASSL_ENTER("SSL_get_error"); - if (cm == NULL) - return NULL; + if (ret > 0) + return SSL_ERROR_NONE; + if (ssl == NULL) + return BAD_FUNC_ARG; - signers = cm->caList; + CYASSL_LEAVE("SSL_get_error", ssl->error); - if (LockMutex(&cm->caLock) != 0) - return ret; - while (signers) { - if (XMEMCMP(hash, signers->hash, SHA_DIGEST_SIZE) == 0) { - ret = signers; - break; - } - signers = signers->next; + /* make sure converted types are handled in SetErrorString() too */ + if (ssl->error == WANT_READ) + return SSL_ERROR_WANT_READ; /* convert to OpenSSL type */ + else if (ssl->error == WANT_WRITE) + return SSL_ERROR_WANT_WRITE; /* convert to OpenSSL type */ + else if (ssl->error == ZERO_RETURN) + return SSL_ERROR_ZERO_RETURN; /* convert to OpenSSL type */ + return ssl->error; +} + + +/* retrive alert history, SSL_SUCCESS on ok */ +int CyaSSL_get_alert_history(CYASSL* ssl, CYASSL_ALERT_HISTORY *h) +{ + if (ssl && h) { + *h = ssl->alert_history; } - UnLockMutex(&cm->caLock); + return SSL_SUCCESS; +} - return ret; + +/* return TRUE if current error is want read */ +int CyaSSL_want_read(CYASSL* ssl) +{ + CYASSL_ENTER("SSL_want_read"); + if (ssl->error == WANT_READ) + return 1; + + return 0; } -/* owns der, internal now uses too */ -/* type flag ids from user or from chain received during verify - don't allow chain ones to be added w/o isCA extension */ -int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify) +/* return TRUE if current error is want write */ +int CyaSSL_want_write(CYASSL* ssl) { - int ret; - DecodedCert cert; - Signer* signer = 0; + CYASSL_ENTER("SSL_want_write"); + if (ssl->error == WANT_WRITE) + return 1; - CYASSL_MSG("Adding a CA"); - InitDecodedCert(&cert, der.buffer, der.length, cm->heap); - ret = ParseCert(&cert, CA_TYPE, verify, cm); - CYASSL_MSG(" Parsed new CA"); + return 0; +} - if (ret == 0 && cert.isCA == 0 && type != CYASSL_USER_CA) { - CYASSL_MSG(" Can't add as CA if not actually one"); - ret = NOT_CA_ERROR; + +char* CyaSSL_ERR_error_string(unsigned long errNumber, char* data) +{ + static const char* msg = "Please supply a buffer for error string"; + + CYASSL_ENTER("ERR_error_string"); + if (data) { + SetErrorString((int)errNumber, data); + return data; } - else if (ret == 0 && AlreadySigner(cm, cert.subjectHash)) { - CYASSL_MSG(" Already have this CA, not adding again"); - (void)ret; - } - else if (ret == 0) { - /* take over signer parts */ - signer = MakeSigner(cm->heap); - if (!signer) - ret = MEMORY_ERROR; - else { - signer->keyOID = cert.keyOID; - signer->publicKey = cert.publicKey; - signer->pubKeySize = cert.pubKeySize; - signer->name = cert.subjectCN; - XMEMCPY(signer->hash, cert.subjectHash, SHA_DIGEST_SIZE); - signer->next = NULL; /* in case lock fails */ - cert.publicKey = 0; /* don't free here */ - cert.subjectCN = 0; + return (char*)msg; +} - if (LockMutex(&cm->caLock) == 0) { - signer->next = cm->caList; - cm->caList = signer; /* takes ownership */ - UnLockMutex(&cm->caLock); - if (cm->caCacheCallback) - cm->caCacheCallback(der.buffer, (int)der.length, type); - } - else { - CYASSL_MSG(" CA Mutex Lock failed"); - ret = BAD_MUTEX_ERROR; - FreeSigners(signer, cm->heap); - } + +void CyaSSL_ERR_error_string_n(unsigned long e, char* buf, unsigned long len) +{ + CYASSL_ENTER("CyaSSL_ERR_error_string_n"); + if (len >= CYASSL_MAX_ERROR_SZ) + CyaSSL_ERR_error_string(e, buf); + else { + char tmp[CYASSL_MAX_ERROR_SZ]; + + CYASSL_MSG("Error buffer too short, truncating"); + if (len) { + CyaSSL_ERR_error_string(e, tmp); + XMEMCPY(buf, tmp, len-1); + buf[len-1] = '\0'; } } +} - CYASSL_MSG(" Freeing Parsed CA"); - FreeDecodedCert(&cert); - CYASSL_MSG(" Freeing der CA"); - XFREE(der.buffer, ctx->heap, DYNAMIC_TYPE_CA); - CYASSL_MSG(" OK Freeing der CA"); - CYASSL_LEAVE("AddCA", ret); - if (ret == 0) return SSL_SUCCESS; - return ret; +/* don't free temporary arrays at end of handshake */ +void CyaSSL_KeepArrays(CYASSL* ssl) +{ + if (ssl) + ssl->options.saveArrays = 1; } -#ifndef NO_SESSION_CACHE +/* user doesn't need temporary arrays anymore, Free */ +void CyaSSL_FreeArrays(CYASSL* ssl) +{ + if (ssl && ssl->options.handShakeState == HANDSHAKE_DONE) { + ssl->options.saveArrays = 0; + FreeArrays(ssl, 1); + } +} - /* basic config gives a cache with 33 sessions, adequate for clients and - embedded servers - MEDIUM_SESSION_CACHE allows 1055 sessions, adequate for servers that - aren't under heavy load, basically allows 200 new sessions per minute +const byte* CyaSSL_GetMacSecret(CYASSL* ssl, int verify) +{ + if (ssl == NULL) + return NULL; - BIG_SESSION_CACHE yields 20,0027 sessions + if ( (ssl->options.side == CYASSL_CLIENT_END && !verify) || + (ssl->options.side == CYASSL_SERVER_END && verify) ) + return ssl->keys.client_write_MAC_secret; + else + return ssl->keys.server_write_MAC_secret; +} - HUGE_SESSION_CACHE yields 65,791 sessions, for servers under heavy load, - allows over 13,000 new sessions per minute or over 200 new sessions per - second - SMALL_SESSION_CACHE only stores 6 sessions, good for embedded clients - or systems where the default of nearly 3kB is too much RAM, this define - uses less than 500 bytes RAM - */ - #ifdef HUGE_SESSION_CACHE - #define SESSIONS_PER_ROW 11 - #define SESSION_ROWS 5981 - #elif defined(BIG_SESSION_CACHE) - #define SESSIONS_PER_ROW 7 - #define SESSION_ROWS 2861 - #elif defined(MEDIUM_SESSION_CACHE) - #define SESSIONS_PER_ROW 5 - #define SESSION_ROWS 211 - #elif defined(SMALL_SESSION_CACHE) - #define SESSIONS_PER_ROW 2 - #define SESSION_ROWS 3 - #else - #define SESSIONS_PER_ROW 3 - #define SESSION_ROWS 11 - #endif +#ifdef ATOMIC_USER - typedef struct SessionRow { - int nextIdx; /* where to place next one */ - int totalCount; /* sessions ever on this row */ - CYASSL_SESSION Sessions[SESSIONS_PER_ROW]; - } SessionRow; +void CyaSSL_CTX_SetMacEncryptCb(CYASSL_CTX* ctx, CallbackMacEncrypt cb) +{ + if (ctx) + ctx->MacEncryptCb = cb; +} - static SessionRow SessionCache[SESSION_ROWS]; - static CyaSSL_Mutex session_mutex; /* SessionCache mutex */ +void CyaSSL_SetMacEncryptCtx(CYASSL* ssl, void *ctx) +{ + if (ssl) + ssl->MacEncryptCtx = ctx; +} -#endif /* NO_SESSION_CACHE */ +void* CyaSSL_GetMacEncryptCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->MacEncryptCtx; - /* Remove PEM header/footer, convert to ASN1, store any encrypted data - info->consumed tracks of PEM bytes consumed in case multiple parts */ - int PemToDer(const unsigned char* buff, long sz, int type, - buffer* der, void* heap, EncryptedInfo* info, int* eccKey) - { - char header[PEM_LINE_LEN]; - char footer[PEM_LINE_LEN]; - char* headerEnd; - char* footerEnd; - char* consumedEnd; - long neededSz; - int pkcs8 = 0; - int pkcs8Enc = 0; - int dynamicType = 0; + return NULL; +} - (void)heap; - (void)dynamicType; - (void)pkcs8Enc; - if (type == CERT_TYPE || type == CA_TYPE) { - XSTRNCPY(header, "-----BEGIN CERTIFICATE-----", sizeof(header)); - XSTRNCPY(footer, "-----END CERTIFICATE-----", sizeof(footer)); - dynamicType = (type == CA_TYPE) ? DYNAMIC_TYPE_CA : - DYNAMIC_TYPE_CERT; - } else if (type == DH_PARAM_TYPE) { - XSTRNCPY(header, "-----BEGIN DH PARAMETERS-----", sizeof(header)); - XSTRNCPY(footer, "-----END DH PARAMETERS-----", sizeof(footer)); - dynamicType = DYNAMIC_TYPE_KEY; - } else if (type == CRL_TYPE) { - XSTRNCPY(header, "-----BEGIN X509 CRL-----", sizeof(header)); - XSTRNCPY(footer, "-----END X509 CRL-----", sizeof(footer)); - dynamicType = DYNAMIC_TYPE_CRL; - } else { - XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----", sizeof(header)); - XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----", sizeof(footer)); - dynamicType = DYNAMIC_TYPE_KEY; - } - - /* find header */ - headerEnd = XSTRNSTR((char*)buff, header, sz); - if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be pkcs8 */ - XSTRNCPY(header, "-----BEGIN PRIVATE KEY-----", sizeof(header)); - XSTRNCPY(footer, "-----END PRIVATE KEY-----", sizeof(footer)); - - headerEnd = XSTRNSTR((char*)buff, header, sz); - if (headerEnd) - pkcs8 = 1; - else { - XSTRNCPY(header, "-----BEGIN ENCRYPTED PRIVATE KEY-----", - sizeof(header)); - XSTRNCPY(footer, "-----END ENCRYPTED PRIVATE KEY-----", - sizeof(footer)); +void CyaSSL_CTX_SetDecryptVerifyCb(CYASSL_CTX* ctx, CallbackDecryptVerify cb) +{ + if (ctx) + ctx->DecryptVerifyCb = cb; +} - headerEnd = XSTRNSTR((char*)buff, header, sz); - if (headerEnd) - pkcs8Enc = 1; - } - } - if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be ecc */ - XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----", sizeof(header)); - XSTRNCPY(footer, "-----END EC PRIVATE KEY-----", sizeof(footer)); - - headerEnd = XSTRNSTR((char*)buff, header, sz); - if (headerEnd) - *eccKey = 1; - } - if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be dsa */ - XSTRNCPY(header, "-----BEGIN DSA PRIVATE KEY-----", sizeof(header)); - XSTRNCPY(footer, "-----END DSA PRIVATE KEY-----", sizeof(footer)); - - headerEnd = XSTRNSTR((char*)buff, header, sz); - } - if (!headerEnd) - return SSL_BAD_FILE; - headerEnd += XSTRLEN(header); - /* get next line */ - if (headerEnd[0] == '\n') - headerEnd++; - else if (headerEnd[1] == '\n') - headerEnd += 2; - else - return SSL_BAD_FILE; +void CyaSSL_SetDecryptVerifyCtx(CYASSL* ssl, void *ctx) +{ + if (ssl) + ssl->DecryptVerifyCtx = ctx; +} -#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - { - /* remove encrypted header if there */ - char encHeader[] = "Proc-Type"; - char* line = XSTRNSTR((char*)buff, encHeader, PEM_LINE_LEN); - if (line) { - char* newline; - char* finish; - char* start = XSTRNSTR(line, "DES", PEM_LINE_LEN); - - if (!start) - start = XSTRNSTR(line, "AES", PEM_LINE_LEN); - - if (!start) return SSL_BAD_FILE; - if (!info) return SSL_BAD_FILE; - - finish = XSTRNSTR(start, ",", PEM_LINE_LEN); - if (start && finish && (start < finish)) { - newline = XSTRNSTR(finish, "\r", PEM_LINE_LEN); +void* CyaSSL_GetDecryptVerifyCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->DecryptVerifyCtx; - XMEMCPY(info->name, start, finish - start); - info->name[finish - start] = 0; - XMEMCPY(info->iv, finish + 1, sizeof(info->iv)); + return NULL; +} - if (!newline) newline = XSTRNSTR(finish, "\n", PEM_LINE_LEN); - if (newline && (newline > finish)) { - info->ivSz = (word32)(newline - (finish + 1)); - info->set = 1; - } - else - return SSL_BAD_FILE; - } - else - return SSL_BAD_FILE; - /* eat blank line */ - while (*newline == '\r' || *newline == '\n') - newline++; - headerEnd = newline; - } - } -#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ +const byte* CyaSSL_GetClientWriteKey(CYASSL* ssl) +{ + if (ssl) + return ssl->keys.client_write_key; - /* find footer */ - footerEnd = XSTRNSTR((char*)buff, footer, sz); - if (!footerEnd) return SSL_BAD_FILE; + return NULL; +} - consumedEnd = footerEnd + XSTRLEN(footer); - /* get next line */ - if (consumedEnd[0] == '\n') - consumedEnd++; - else if (consumedEnd[1] == '\n') - consumedEnd += 2; - else - return SSL_BAD_FILE; +const byte* CyaSSL_GetClientWriteIV(CYASSL* ssl) +{ + if (ssl) + return ssl->keys.client_write_IV; - if (info) - info->consumed = (long)(consumedEnd - (char*)buff); + return NULL; +} - /* set up der buffer */ - neededSz = (long)(footerEnd - headerEnd); - if (neededSz > sz || neededSz < 0) return SSL_BAD_FILE; - der->buffer = (byte*) XMALLOC(neededSz, heap, dynamicType); - if (!der->buffer) return MEMORY_ERROR; - der->length = neededSz; - if (Base64_Decode((byte*)headerEnd, neededSz, der->buffer, - &der->length) < 0) - return SSL_BAD_FILE; +const byte* CyaSSL_GetServerWriteKey(CYASSL* ssl) +{ + if (ssl) + return ssl->keys.server_write_key; - if (pkcs8) - return ToTraditional(der->buffer, der->length); + return NULL; +} -#ifdef OPENSSL_EXTRA - if (pkcs8Enc) { - int passwordSz; - char password[80]; - if (!info->ctx || !info->ctx->passwd_cb) - return SSL_BAD_FILE; /* no callback error */ - passwordSz = info->ctx->passwd_cb(password, sizeof(password), 0, - info->ctx->userdata); - return ToTraditionalEnc(der->buffer, der->length, password, - passwordSz); - } -#endif +const byte* CyaSSL_GetServerWriteIV(CYASSL* ssl) +{ + if (ssl) + return ssl->keys.server_write_IV; - return 0; - } + return NULL; +} - /* process the buffer buff, legnth sz, into ctx of format and type - used tracks bytes consumed, userChain specifies a user cert chain - to pass during the handshake */ - static int ProcessBuffer(CYASSL_CTX* ctx, const unsigned char* buff, - long sz, int format, int type, CYASSL* ssl, - long* used, int userChain) - { - EncryptedInfo info; - buffer der; /* holds DER or RAW (for NTRU) */ - int dynamicType = 0; - int eccKey = 0; +int CyaSSL_GetKeySize(CYASSL* ssl) +{ + if (ssl) + return ssl->specs.key_size; - info.set = 0; - info.ctx = ctx; - info.consumed = 0; - der.buffer = 0; + return BAD_FUNC_ARG; +} - (void)dynamicType; - if (used) - *used = sz; /* used bytes default to sz, PEM chain may shorten*/ +int CyaSSL_GetIVSize(CYASSL* ssl) +{ + if (ssl) + return ssl->specs.iv_size; - if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM - && format != SSL_FILETYPE_RAW) - return SSL_BAD_FILETYPE; + return BAD_FUNC_ARG; +} - if (type == CA_TYPE) - dynamicType = DYNAMIC_TYPE_CA; - else if (type == CERT_TYPE) - dynamicType = DYNAMIC_TYPE_CERT; - else - dynamicType = DYNAMIC_TYPE_KEY; - if (format == SSL_FILETYPE_PEM) { - int ret = PemToDer(buff, sz, type, &der, ctx->heap, &info, &eccKey); - if (ret < 0) { - XFREE(der.buffer, ctx->heap, dynamicType); - return ret; - } - if (used) - *used = info.consumed; - /* we may have a user cert chain, try to consume */ - if (userChain && type == CERT_TYPE && info.consumed < sz) { - byte staticBuffer[FILE_BUFFER_SIZE]; /* tmp chain buffer */ - byte* chainBuffer = staticBuffer; - int dynamicBuffer = 0; - word32 bufferSz = sizeof(staticBuffer); - long consumed = info.consumed; - word32 idx = 0; +int CyaSSL_GetBulkCipher(CYASSL* ssl) +{ + if (ssl) + return ssl->specs.bulk_cipher_algorithm; - if ( (sz - consumed) > (int)bufferSz) { - CYASSL_MSG("Growing Tmp Chain Buffer"); - bufferSz = sz - consumed; /* will shrink to actual size */ - chainBuffer = (byte*)XMALLOC(bufferSz, ctx->heap, - DYNAMIC_FILE_TYPE); - if (chainBuffer == NULL) { - XFREE(der.buffer, ctx->heap, dynamicType); - return MEMORY_E; - } - dynamicBuffer = 1; - } + return BAD_FUNC_ARG; +} - CYASSL_MSG("Processing Cert Chain"); - while (consumed < sz) { - long left; - buffer part; - info.consumed = 0; - part.buffer = 0; - ret = PemToDer(buff + consumed, sz - consumed, type, &part, - ctx->heap, &info, &eccKey); - if (ret == 0) { - if ( (idx + part.length) > bufferSz) { - CYASSL_MSG(" Cert Chain bigger than buffer"); - ret = BUFFER_E; - } - else { - c32to24(part.length, &chainBuffer[idx]); - idx += CERT_HEADER_SZ; - XMEMCPY(&chainBuffer[idx], part.buffer,part.length); - idx += part.length; - consumed += info.consumed; - if (used) - *used += info.consumed; - } - } +int CyaSSL_GetCipherType(CYASSL* ssl) +{ + if (ssl == NULL) + return BAD_FUNC_ARG; - XFREE(part.buffer, ctx->heap, dynamicType); - if (ret < 0) { - CYASSL_MSG(" Error in Cert in Chain"); - XFREE(der.buffer, ctx->heap, dynamicType); - return ret; - } - CYASSL_MSG(" Consumed another Cert in Chain"); + if (ssl->specs.cipher_type == block) + return CYASSL_BLOCK_TYPE; + if (ssl->specs.cipher_type == stream) + return CYASSL_STREAM_TYPE; + if (ssl->specs.cipher_type == aead) + return CYASSL_AEAD_TYPE; - left = sz - consumed; - if (left > 0 && left < CERT_MIN_SIZE) { - CYASSL_MSG(" Non Cert at end of file"); - break; - } - } - CYASSL_MSG("Finished Processing Cert Chain"); - ctx->certChain.buffer = (byte*)XMALLOC(idx, ctx->heap, - dynamicType); - if (ctx->certChain.buffer) { - ctx->certChain.length = idx; - XMEMCPY(ctx->certChain.buffer, chainBuffer, idx); - } - if (dynamicBuffer) - XFREE(chainBuffer, ctx->heap, DYNAMIC_FILE_TYPE); - if (ctx->certChain.buffer == NULL) { - XFREE(der.buffer, ctx->heap, dynamicType); - return MEMORY_E; - } - } - } - else { /* ASN1 (DER) or RAW (NTRU) */ - der.buffer = (byte*) XMALLOC(sz, ctx->heap, dynamicType); - if (!der.buffer) return MEMORY_ERROR; - XMEMCPY(der.buffer, buff, sz); - der.length = sz; - } + return -1; +} -#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - if (info.set) { - /* decrypt */ - char password[80]; - int passwordSz; - int ret; - byte key[AES_256_KEY_SIZE]; - byte iv[AES_IV_SIZE]; +int CyaSSL_GetCipherBlockSize(CYASSL* ssl) +{ + if (ssl == NULL) + return BAD_FUNC_ARG; - if (!ctx->passwd_cb) { - XFREE(der.buffer, ctx->heap, dynamicType); - return NO_PASSWORD; - } + return ssl->specs.block_size; +} - /* use file's salt for key derivation, hex decode first */ - if (Base16_Decode(info.iv, info.ivSz, info.iv, &info.ivSz) != 0) { - XFREE(der.buffer, ctx->heap, dynamicType); - return ASN_INPUT_E; - } - passwordSz = ctx->passwd_cb(password, sizeof(password), 0, - ctx->userdata); - if ( (ret = EVP_BytesToKey(info.name, "MD5", info.iv, - (byte*)password, passwordSz, 1, key, iv)) <= 0) { - XFREE(der.buffer, ctx->heap, dynamicType); - return ret; - } +int CyaSSL_GetAeadMacSize(CYASSL* ssl) +{ + if (ssl == NULL) + return BAD_FUNC_ARG; - if (XSTRNCMP(info.name, "DES-CBC", 7) == 0) { - Des enc; - Des_SetKey(&enc, key, info.iv, DES_DECRYPTION); - Des_CbcDecrypt(&enc, der.buffer, der.buffer, der.length); - } - else if (XSTRNCMP(info.name, "DES-EDE3-CBC", 13) == 0) { - Des3 enc; - Des3_SetKey(&enc, key, info.iv, DES_DECRYPTION); - Des3_CbcDecrypt(&enc, der.buffer, der.buffer, der.length); - } - else if (XSTRNCMP(info.name, "AES-128-CBC", 13) == 0) { - Aes enc; - AesSetKey(&enc, key, AES_128_KEY_SIZE, info.iv, AES_DECRYPTION); - AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length); - } - else if (XSTRNCMP(info.name, "AES-192-CBC", 13) == 0) { - Aes enc; - AesSetKey(&enc, key, AES_192_KEY_SIZE, info.iv, AES_DECRYPTION); - AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length); - } - else if (XSTRNCMP(info.name, "AES-256-CBC", 13) == 0) { - Aes enc; - AesSetKey(&enc, key, AES_256_KEY_SIZE, info.iv, AES_DECRYPTION); - AesCbcDecrypt(&enc, der.buffer, der.buffer, der.length); - } - else { - XFREE(der.buffer, ctx->heap, dynamicType); - return SSL_BAD_FILE; - } - } -#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ + return ssl->specs.aead_mac_size; +} - if (type == CA_TYPE) - return AddCA(ctx->cm, der, CYASSL_USER_CA, ctx->verifyPeer); - /* takes der over */ - else if (type == CERT_TYPE) { - if (ssl) { - if (ssl->buffers.weOwnCert && ssl->buffers.certificate.buffer) - XFREE(ssl->buffers.certificate.buffer, ctx->heap, - dynamicType); - ssl->buffers.certificate = der; - ssl->buffers.weOwnCert = 1; - } - else { - if (ctx->certificate.buffer) - XFREE(ctx->certificate.buffer, ctx->heap, dynamicType); - ctx->certificate = der; /* takes der over */ - } - } - else if (type == PRIVATEKEY_TYPE) { - if (ssl) { - if (ssl->buffers.weOwnKey && ssl->buffers.key.buffer) - XFREE(ssl->buffers.key.buffer, ctx->heap, dynamicType); - ssl->buffers.key = der; - ssl->buffers.weOwnKey = 1; - } - else { - if (ctx->privateKey.buffer) - XFREE(ctx->privateKey.buffer, ctx->heap, dynamicType); - ctx->privateKey = der; /* takes der over */ - } - } - else { - XFREE(der.buffer, ctx->heap, dynamicType); - return SSL_BAD_CERTTYPE; - } - if (type == PRIVATEKEY_TYPE && format != SSL_FILETYPE_RAW) { - if (!eccKey) { - /* make sure RSA key can be used */ - RsaKey key; - word32 idx = 0; - - InitRsaKey(&key, 0); - if (RsaPrivateKeyDecode(der.buffer,&idx,&key,der.length) != 0) { -#ifdef HAVE_ECC - /* could have DER ECC (or pkcs8 ecc), no easy way to tell */ - eccKey = 1; /* so try it out */ -#endif - if (!eccKey) { - FreeRsaKey(&key); - return SSL_BAD_FILE; - } - } - FreeRsaKey(&key); - } -#ifdef HAVE_ECC - if (eccKey ) { - /* make sure ECC key can be used */ - word32 idx = 0; - ecc_key key; +int CyaSSL_IsTLSv1_1(CYASSL* ssl) +{ + if (ssl == NULL) + return BAD_FUNC_ARG; - ecc_init(&key); - if (EccPrivateKeyDecode(der.buffer,&idx,&key,der.length) != 0) { - ecc_free(&key); - return SSL_BAD_FILE; - } - ecc_free(&key); - ctx->haveStaticECC = 1; - if (ssl) - ssl->options.haveStaticECC = 1; - } -#endif /* HAVE_ECC */ - } - else if (type == CERT_TYPE) { - int ret; - DecodedCert cert; + if (ssl->options.tls1_1) + return 1; - CYASSL_MSG("Checking cert signature type"); - InitDecodedCert(&cert, der.buffer, der.length, ctx->heap); + return 0; +} - if ((ret = DecodeToKey(&cert, 0)) < 0) { - CYASSL_MSG("Decode to key failed"); - return SSL_BAD_FILE; - } - switch (cert.signatureOID) { - case CTC_SHAwECDSA: - case CTC_SHA256wECDSA: - case CTC_SHA384wECDSA: - case CTC_SHA512wECDSA: - CYASSL_MSG("ECDSA cert signature"); - ctx->haveECDSAsig = 1; - if (ssl) - ssl->options.haveECDSAsig = 1; - break; - default: - CYASSL_MSG("Not ECDSA cert signature"); - break; - } - FreeDecodedCert(&cert); - } +int CyaSSL_GetSide(CYASSL* ssl) +{ + if (ssl) + return ssl->options.side; - return SSL_SUCCESS; - } + return BAD_FUNC_ARG; +} +int CyaSSL_GetHmacSize(CYASSL* ssl) +{ + /* AEAD ciphers don't have HMAC keys */ + if (ssl) + return (ssl->specs.cipher_type != aead) ? ssl->specs.hash_size : 0; + return BAD_FUNC_ARG; +} -/* CA PEM file for verification, may have multiple/chain certs to process */ -static int ProcessChainBuffer(CYASSL_CTX* ctx, const unsigned char* buff, - long sz, int format, int type, CYASSL* ssl) -{ - long used = 0; - int ret = 0; +#endif /* ATOMIC_USER */ - CYASSL_MSG("Processing CA PEM file"); - while (used < sz) { - long consumed = 0; - long left; +#ifndef NO_CERTS - ret = ProcessBuffer(ctx, buff + used, sz - used, format, type, ssl, - &consumed, 0); - if (ret < 0) - break; +CYASSL_CERT_MANAGER* CyaSSL_CertManagerNew(void) +{ + CYASSL_CERT_MANAGER* cm = NULL; - CYASSL_MSG(" Processed a CA"); - used += consumed; + CYASSL_ENTER("CyaSSL_CertManagerNew"); - left = sz - used; - if (left > 0 && left < CERT_MIN_SIZE) { /* non cert stuff at eof */ - CYASSL_MSG(" Non CA cert at eof"); - break; + cm = (CYASSL_CERT_MANAGER*) XMALLOC(sizeof(CYASSL_CERT_MANAGER), 0, + DYNAMIC_TYPE_CERT_MANAGER); + if (cm) { + XMEMSET(cm, 0, sizeof(CYASSL_CERT_MANAGER)); + + if (InitMutex(&cm->caLock) != 0) { + CYASSL_MSG("Bad mutex init"); + CyaSSL_CertManagerFree(cm); + return NULL; } } - return ret; + + return cm; } -#ifndef NO_FILESYSTEM +void CyaSSL_CertManagerFree(CYASSL_CERT_MANAGER* cm) +{ + CYASSL_ENTER("CyaSSL_CertManagerFree"); -#ifndef MICRIUM - #define XFILE FILE - #define XFOPEN fopen - #define XFSEEK fseek - #define XFTELL ftell - #define XREWIND rewind - #define XFREAD fread - #define XFCLOSE fclose - #define XSEEK_END SEEK_END -#else - #include - #define XFILE FS_FILE - #define XFOPEN fs_fopen - #define XFSEEK fs_fseek - #define XFTELL fs_ftell - #define XREWIND fs_rewind - #define XFREAD fs_fread - #define XFCLOSE fs_fclose - #define XSEEK_END FS_SEEK_END -#endif + if (cm) { + #ifdef HAVE_CRL + if (cm->crl) + FreeCRL(cm->crl, 1); + #endif + #ifdef HAVE_OCSP + if (cm->ocsp) + FreeOCSP(cm->ocsp, 1); + #endif + FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL); + FreeMutex(&cm->caLock); + XFREE(cm, NULL, DYNAMIC_TYPE_CERT_MANAGER); + } +} -/* process a file with name fname into ctx of format and type - userChain specifies a user certificate chain to pass during handshake */ -int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type, - CYASSL* ssl, int userChain, CYASSL_CRL* crl) + +/* Unload the CA signer list */ +int CyaSSL_CertManagerUnloadCAs(CYASSL_CERT_MANAGER* cm) { - byte staticBuffer[FILE_BUFFER_SIZE]; - byte* myBuffer = staticBuffer; - int dynamic = 0; - int ret; - long sz = 0; - XFILE* file = XFOPEN(fname, "rb"); + CYASSL_ENTER("CyaSSL_CertManagerUnloadCAs"); - (void)crl; + if (cm == NULL) + return BAD_FUNC_ARG; - if (!file) return SSL_BAD_FILE; - XFSEEK(file, 0, XSEEK_END); - sz = XFTELL(file); - XREWIND(file); + if (LockMutex(&cm->caLock) != 0) + return BAD_MUTEX_E; - if (sz > (long)sizeof(staticBuffer)) { - CYASSL_MSG("Getting dynamic buffer"); - myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE); - if (myBuffer == NULL) { - XFCLOSE(file); - return SSL_BAD_FILE; - } - dynamic = 1; + FreeSignerTable(cm->caTable, CA_TABLE_SIZE, NULL); + + UnLockMutex(&cm->caLock); + + + return SSL_SUCCESS; +} + + +/* Return bytes written to buff or < 0 for error */ +int CyaSSL_CertPemToDer(const unsigned char* pem, int pemSz, + unsigned char* buff, int buffSz, + int type) +{ + EncryptedInfo info; + int eccKey = 0; + int ret; + buffer der; + + CYASSL_ENTER("CyaSSL_CertPemToDer"); + + if (pem == NULL || buff == NULL || buffSz <= 0) { + CYASSL_MSG("Bad pem der args"); + return BAD_FUNC_ARG; } - if ( (ret = XFREAD(myBuffer, sz, 1, file)) < 0) - ret = SSL_BAD_FILE; + if (type != CERT_TYPE && type != CA_TYPE && type != CERTREQ_TYPE) { + CYASSL_MSG("Bad cert type"); + return BAD_FUNC_ARG; + } + + info.set = 0; + info.ctx = NULL; + info.consumed = 0; + der.buffer = NULL; + + ret = PemToDer(pem, pemSz, type, &der, NULL, &info, &eccKey); + if (ret < 0) { + CYASSL_MSG("Bad Pem To Der"); + } else { - if (type == CA_TYPE && format == SSL_FILETYPE_PEM) - ret = ProcessChainBuffer(ctx, myBuffer, sz, format, type, ssl); -#ifdef HAVE_CRL - else if (type == CRL_TYPE) - ret = BufferLoadCRL(crl, myBuffer, sz, format); -#endif - else - ret = ProcessBuffer(ctx, myBuffer, sz, format, type, ssl, NULL, - userChain); + if (der.length <= (word32)buffSz) { + XMEMCPY(buff, der.buffer, der.length); + ret = der.length; + } + else { + CYASSL_MSG("Bad der length"); + ret = BAD_FUNC_ARG; + } } - XFCLOSE(file); - if (dynamic) XFREE(myBuffer, ctx->heap, DYNAMIC_TYPE_FILE); + XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY); return ret; } -/* loads file then loads each file in path, no c_rehash */ -int CyaSSL_CTX_load_verify_locations(CYASSL_CTX* ctx, const char* file, - const char* path) +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + +/* our KeyPemToDer password callback, password in userData */ +static INLINE int OurPasswordCb(char* passwd, int sz, int rw, void* userdata) { - int ret = SSL_SUCCESS; + (void)rw; - CYASSL_ENTER("CyaSSL_CTX_load_verify_locations"); - (void)path; + if (userdata == NULL) + return 0; - if (ctx == NULL || (file == NULL && path == NULL) ) - return SSL_FAILURE; + XSTRNCPY(passwd, (char*)userdata, sz); + return min((word32)sz, (word32)XSTRLEN((char*)userdata)); +} - if (file) - ret = ProcessFile(ctx, file, SSL_FILETYPE_PEM, CA_TYPE, NULL, 0, NULL); +#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ - if (ret == SSL_SUCCESS && path) { - /* try to load each regular file in path */ - #ifdef USE_WINDOWS_API - WIN32_FIND_DATAA FindFileData; - HANDLE hFind; - char name[MAX_FILENAME_SZ]; - XMEMSET(name, 0, sizeof(name)); - XSTRNCPY(name, path, MAX_FILENAME_SZ - 4); - XSTRNCAT(name, "\\*", 3); +/* Return bytes written to buff or < 0 for error */ +int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, + int buffSz, const char* pass) +{ + EncryptedInfo info; + int eccKey = 0; + int ret; + buffer der; - hFind = FindFirstFileA(name, &FindFileData); - if (hFind == INVALID_HANDLE_VALUE) { - CYASSL_MSG("FindFirstFile for path verify locations failed"); - return BAD_PATH_ERROR; - } + (void)pass; - do { - if (FindFileData.dwFileAttributes != FILE_ATTRIBUTE_DIRECTORY) { - XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 3); - XSTRNCAT(name, "\\", 2); - XSTRNCAT(name, FindFileData.cFileName, MAX_FILENAME_SZ/2); + CYASSL_ENTER("CyaSSL_KeyPemToDer"); - ret = ProcessFile(ctx, name, SSL_FILETYPE_PEM, CA_TYPE, NULL,0, - NULL); - } - } while (ret == SSL_SUCCESS && FindNextFileA(hFind, &FindFileData)); + if (pem == NULL || buff == NULL || buffSz <= 0) { + CYASSL_MSG("Bad pem der args"); + return BAD_FUNC_ARG; + } - FindClose(hFind); - #elif !defined(NO_CYASSL_DIR) - struct dirent* entry; - DIR* dir = opendir(path); + info.set = 0; + info.ctx = NULL; + info.consumed = 0; + der.buffer = NULL; - if (dir == NULL) { - CYASSL_MSG("opendir path verify locations failed"); - return BAD_PATH_ERROR; +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + if (pass) { + info.ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + if (info.ctx == NULL) + return MEMORY_E; + CyaSSL_CTX_set_default_passwd_cb(info.ctx, OurPasswordCb); + CyaSSL_CTX_set_default_passwd_cb_userdata(info.ctx, (void*)pass); + } +#endif + + ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey); + if (ret < 0) { + CYASSL_MSG("Bad Pem To Der"); + } + else { + if (der.length <= (word32)buffSz) { + XMEMCPY(buff, der.buffer, der.length); + ret = der.length; } - while ( ret == SSL_SUCCESS && (entry = readdir(dir)) != NULL) { - if (entry->d_type & DT_REG) { - char name[MAX_FILENAME_SZ]; - - XMEMSET(name, 0, sizeof(name)); - XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2); - XSTRNCAT(name, "/", 1); - XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2); - - ret = ProcessFile(ctx, name, SSL_FILETYPE_PEM, CA_TYPE, NULL,0, - NULL); - } + else { + CYASSL_MSG("Bad der length"); + ret = BAD_FUNC_ARG; } - closedir(dir); - #endif } + XFREE(der.buffer, NULL, DYNAMIC_TYPE_KEY); + + if (info.ctx) + CyaSSL_CTX_free(info.ctx); + return ret; } -/* Verify the ceritficate, 1 for success, < 0 for error */ -int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, const byte* buff, - int sz, int format) -{ - int ret = 0; - int eccKey = 0; /* not used */ +#endif /* !NO_CERTS */ - DecodedCert cert; - buffer der; - CYASSL_ENTER("CyaSSL_CertManagerVerifyBuffer"); - der.buffer = NULL; +#if !defined(NO_FILESYSTEM) && !defined(NO_STDIO_FILESYSTEM) - if (format == SSL_FILETYPE_PEM) { - EncryptedInfo info; - - info.set = 0; - info.ctx = NULL; - info.consumed = 0; - ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, &info, &eccKey); - InitDecodedCert(&cert, der.buffer, der.length, cm->heap); - } - else - InitDecodedCert(&cert, (byte*)buff, sz, cm->heap); +void CyaSSL_ERR_print_errors_fp(FILE* fp, int err) +{ + char data[CYASSL_MAX_ERROR_SZ + 1]; + + CYASSL_ENTER("CyaSSL_ERR_print_errors_fp"); + SetErrorString(err, data); + fprintf(fp, "%s", data); +} - if (ret == 0) - ret = ParseCertRelative(&cert, CERT_TYPE, 1, cm); -#ifdef HAVE_CRL - if (ret == 0 && cm->crlEnabled) - ret = CheckCertCRL(cm->crl, &cert); #endif - FreeDecodedCert(&cert); - XFREE(der.buffer, cm->heap, DYNAMIC_TYPE_CERT); - return ret; +int CyaSSL_pending(CYASSL* ssl) +{ + CYASSL_ENTER("SSL_pending"); + return ssl->buffers.clearOutputBuffer.length; } -/* Verify the ceritficate, 1 for success, < 0 for error */ -int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER* cm, const char* fname, - int format) +#ifndef CYASSL_LEANPSK +/* trun on handshake group messages for context */ +int CyaSSL_CTX_set_group_messages(CYASSL_CTX* ctx) { - int ret = SSL_FATAL_ERROR; - byte staticBuffer[FILE_BUFFER_SIZE]; - byte* myBuffer = staticBuffer; - int dynamic = 0; - long sz = 0; - XFILE* file = XFOPEN(fname, "rb"); - - CYASSL_ENTER("CyaSSL_CertManagerVerify"); - - if (!file) return SSL_BAD_FILE; - XFSEEK(file, 0, XSEEK_END); - sz = XFTELL(file); - XREWIND(file); - - if (sz > (long)sizeof(staticBuffer)) { - CYASSL_MSG("Getting dynamic buffer"); - myBuffer = (byte*) XMALLOC(sz, cm->heap, DYNAMIC_TYPE_FILE); - if (myBuffer == NULL) { - XFCLOSE(file); - return SSL_BAD_FILE; - } - dynamic = 1; - } - - if ( (ret = XFREAD(myBuffer, sz, 1, file)) < 0) - ret = SSL_BAD_FILE; - else - ret = CyaSSL_CertManagerVerifyBuffer(cm, myBuffer, sz, format); + if (ctx == NULL) + return BAD_FUNC_ARG; - XFCLOSE(file); - if (dynamic) XFREE(myBuffer, cm->heap, DYNAMIC_TYPE_FILE); + ctx->groupMessages = 1; - if (ret == 0) - return SSL_SUCCESS; - return ret; + return SSL_SUCCESS; } +#endif -/* like load verify locations, 1 for success, < 0 for error */ -int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER* cm, const char* file, - const char* path) +#ifndef NO_CYASSL_CLIENT +/* connect enough to get peer cert chain */ +int CyaSSL_connect_cert(CYASSL* ssl) { - int ret = SSL_FATAL_ERROR; - CYASSL_CTX* tmp; + int ret; - CYASSL_ENTER("CyaSSL_CertManagerLoadCA"); + if (ssl == NULL) + return SSL_FAILURE; - if (cm == NULL) { - CYASSL_MSG("No CertManager error"); - return ret; - } - tmp = CyaSSL_CTX_new(CyaSSLv3_client_method()); + ssl->options.certOnly = 1; + ret = CyaSSL_connect(ssl); + ssl->options.certOnly = 0; - if (tmp == NULL) { - CYASSL_MSG("CTX new failed"); - return ret; - } + return ret; +} +#endif - /* for tmp use */ - CyaSSL_CertManagerFree(tmp->cm); - tmp->cm = cm; - ret = CyaSSL_CTX_load_verify_locations(tmp, file, path); +#ifndef CYASSL_LEANPSK +/* trun on handshake group messages for ssl object */ +int CyaSSL_set_group_messages(CYASSL* ssl) +{ + if (ssl == NULL) + return BAD_FUNC_ARG; - /* don't loose our good one */ - tmp->cm = NULL; - CyaSSL_CTX_free(tmp); + ssl->options.groupMessages = 1; - return ret; + return SSL_SUCCESS; } - -/* turn on CRL if off and compiled in, set options */ -int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER* cm, int options) +int CyaSSL_SetVersion(CYASSL* ssl, int version) { - int ret = SSL_SUCCESS; + byte haveRSA = 1; + byte havePSK = 0; - (void)options; + CYASSL_ENTER("CyaSSL_SetVersion"); - CYASSL_ENTER("CyaSSL_CertManagerEnableCRL"); - if (cm == NULL) + if (ssl == NULL) { + CYASSL_MSG("Bad function argument"); return BAD_FUNC_ARG; + } - #ifdef HAVE_CRL - if (cm->crl == NULL) { - cm->crl = (CYASSL_CRL*)XMALLOC(sizeof(CYASSL_CRL), cm->heap, - DYNAMIC_TYPE_CRL); - if (cm->crl == NULL) - return MEMORY_E; + switch (version) { +#ifndef NO_OLD_TLS + case CYASSL_SSLV3: + ssl->version = MakeSSLv3(); + break; +#endif - if (InitCRL(cm->crl, cm) != 0) { - CYASSL_MSG("Init CRL failed"); - FreeCRL(cm->crl); - cm->crl = NULL; - return SSL_FAILURE; - } - } - cm->crlEnabled = 1; - if (options & CYASSL_CRL_CHECKALL) - cm->crlCheckAll = 1; - #else - ret = NOT_COMPILED_IN; - #endif +#ifndef NO_TLS + #ifndef NO_OLD_TLS + case CYASSL_TLSV1: + ssl->version = MakeTLSv1(); + break; - return ret; -} + case CYASSL_TLSV1_1: + ssl->version = MakeTLSv1_1(); + break; + #endif + case CYASSL_TLSV1_2: + ssl->version = MakeTLSv1_2(); + break; +#endif + default: + CYASSL_MSG("Bad function argument"); + return BAD_FUNC_ARG; + } -int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER* cm) -{ - CYASSL_ENTER("CyaSSL_CertManagerDisableCRL"); - if (cm == NULL) - return BAD_FUNC_ARG; + #ifdef NO_RSA + haveRSA = 0; + #endif + #ifndef NO_PSK + havePSK = ssl->options.havePSK; + #endif - cm->crlEnabled = 0; + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, ssl->options.haveDH, + ssl->options.haveNTRU, ssl->options.haveECDSAsig, + ssl->options.haveStaticECC, ssl->options.side); return SSL_SUCCESS; } +#endif /* !leanpsk */ -int CyaSSL_CTX_check_private_key(CYASSL_CTX* ctx) +#if !defined(NO_CERTS) || !defined(NO_SESSION_CACHE) + +/* Make a work from the front of random hash */ +static INLINE word32 MakeWordFromHash(const byte* hashID) { - /* TODO: check private against public for RSA match */ - (void)ctx; - CYASSL_ENTER("SSL_CTX_check_private_key"); - return SSL_SUCCESS; + return (hashID[0] << 24) | (hashID[1] << 16) | (hashID[2] << 8) | + hashID[3]; } +#endif /* !NO_CERTS || !NO_SESSION_CACHE */ -#ifdef HAVE_CRL +#ifndef NO_CERTS -/* check CRL if enabled, SSL_SUCCESS */ -int CyaSSL_CertManagerCheckCRL(CYASSL_CERT_MANAGER* cm, byte* der, int sz) +/* hash is the SHA digest of name, just use first 32 bits as hash */ +static INLINE word32 HashSigner(const byte* hash) { - int ret; - DecodedCert cert; + return MakeWordFromHash(hash) % CA_TABLE_SIZE; +} - CYASSL_ENTER("CyaSSL_CertManagerCheckCRL"); - if (cm == NULL) - return BAD_FUNC_ARG; - - if (cm->crlEnabled == 0) - return SSL_SUCCESS; - - InitDecodedCert(&cert, der, sz, NULL); +/* does CA already exist on signer list */ +int AlreadySigner(CYASSL_CERT_MANAGER* cm, byte* hash) +{ + Signer* signers; + int ret = 0; + word32 row = HashSigner(hash); - ret = ParseCertRelative(&cert, CERT_TYPE, NO_VERIFY, cm); - if (ret != 0) { - CYASSL_MSG("ParseCert failed"); - return ret; - } - else { - ret = CheckCertCRL(cm->crl, &cert); - if (ret != 0) { - CYASSL_MSG("CheckCertCRL failed"); + if (LockMutex(&cm->caLock) != 0) + return ret; + signers = cm->caTable[row]; + while (signers) { + byte* subjectHash; + #ifndef NO_SKID + subjectHash = signers->subjectKeyIdHash; + #else + subjectHash = signers->subjectNameHash; + #endif + if (XMEMCMP(hash, subjectHash, SHA_DIGEST_SIZE) == 0) { + ret = 1; + break; } + signers = signers->next; } - - FreeDecodedCert(&cert); - - if (ret == 0) - return SSL_SUCCESS; /* convert */ + UnLockMutex(&cm->caLock); return ret; } -int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER* cm, CbMissingCRL cb) +/* return CA if found, otherwise NULL */ +Signer* GetCA(void* vp, byte* hash) { - CYASSL_ENTER("CyaSSL_CertManagerSetCRL_Cb"); + CYASSL_CERT_MANAGER* cm = (CYASSL_CERT_MANAGER*)vp; + Signer* ret = NULL; + Signer* signers; + word32 row = HashSigner(hash); + if (cm == NULL) - return BAD_FUNC_ARG; + return NULL; - cm->cbMissingCRL = cb; + if (LockMutex(&cm->caLock) != 0) + return ret; - return SSL_SUCCESS; + signers = cm->caTable[row]; + while (signers) { + byte* subjectHash; + #ifndef NO_SKID + subjectHash = signers->subjectKeyIdHash; + #else + subjectHash = signers->subjectNameHash; + #endif + if (XMEMCMP(hash, subjectHash, SHA_DIGEST_SIZE) == 0) { + ret = signers; + break; + } + signers = signers->next; + } + UnLockMutex(&cm->caLock); + + return ret; } -int CyaSSL_CertManagerLoadCRL(CYASSL_CERT_MANAGER* cm, const char* path, - int type, int monitor) +#ifndef NO_SKID +/* return CA if found, otherwise NULL. Walk through hash table. */ +Signer* GetCAByName(void* vp, byte* hash) { - CYASSL_ENTER("CyaSSL_CertManagerLoadCRL"); + CYASSL_CERT_MANAGER* cm = (CYASSL_CERT_MANAGER*)vp; + Signer* ret = NULL; + Signer* signers; + word32 row; + if (cm == NULL) - return BAD_FUNC_ARG; + return NULL; - if (cm->crl == NULL) { - if (CyaSSL_CertManagerEnableCRL(cm, 0) != SSL_SUCCESS) { - CYASSL_MSG("Enable CRL failed"); - return -1; + if (LockMutex(&cm->caLock) != 0) + return ret; + + for (row = 0; row < CA_TABLE_SIZE && ret == NULL; row++) { + signers = cm->caTable[row]; + while (signers && ret == NULL) { + if (XMEMCMP(hash, signers->subjectNameHash, SHA_DIGEST_SIZE) == 0) { + ret = signers; + } + signers = signers->next; } } + UnLockMutex(&cm->caLock); - return LoadCRL(cm->crl, path, type, monitor); + return ret; } +#endif -int CyaSSL_EnableCRL(CYASSL* ssl, int options) +/* owns der, internal now uses too */ +/* type flag ids from user or from chain received during verify + don't allow chain ones to be added w/o isCA extension */ +int AddCA(CYASSL_CERT_MANAGER* cm, buffer der, int type, int verify) { - CYASSL_ENTER("CyaSSL_EnableCRL"); - if (ssl) - return CyaSSL_CertManagerEnableCRL(ssl->ctx->cm, options); - else - return BAD_FUNC_ARG; -} + int ret; + DecodedCert cert; + Signer* signer = 0; + word32 row; + byte* subjectHash; + CYASSL_MSG("Adding a CA"); + InitDecodedCert(&cert, der.buffer, der.length, cm->heap); + ret = ParseCert(&cert, CA_TYPE, verify, cm); + CYASSL_MSG(" Parsed new CA"); -int CyaSSL_DisableCRL(CYASSL* ssl) -{ - CYASSL_ENTER("CyaSSL_DisableCRL"); - if (ssl) - return CyaSSL_CertManagerDisableCRL(ssl->ctx->cm); - else - return BAD_FUNC_ARG; -} + #ifndef NO_SKID + subjectHash = cert.extSubjKeyId; + #else + subjectHash = cert.subjectHash; + #endif + if (ret == 0 && cert.isCA == 0 && type != CYASSL_USER_CA) { + CYASSL_MSG(" Can't add as CA if not actually one"); + ret = NOT_CA_ERROR; + } + #ifndef ALLOW_INVALID_CERTSIGN + else if (ret == 0 && cert.isCA == 1 && type != CYASSL_USER_CA && + (cert.extKeyUsage & KEYUSE_KEY_CERT_SIGN) == 0) { + /* Intermediate CA certs are required to have the keyCertSign + * extension set. User loaded root certs are not. */ + CYASSL_MSG(" Doesn't have key usage certificate signing"); + ret = NOT_CA_ERROR; + } + #endif + else if (ret == 0 && AlreadySigner(cm, subjectHash)) { + CYASSL_MSG(" Already have this CA, not adding again"); + (void)ret; + } + else if (ret == 0) { + /* take over signer parts */ + signer = MakeSigner(cm->heap); + if (!signer) + ret = MEMORY_ERROR; + else { + signer->keyOID = cert.keyOID; + signer->publicKey = cert.publicKey; + signer->pubKeySize = cert.pubKeySize; + signer->nameLen = cert.subjectCNLen; + signer->name = cert.subjectCN; + #ifndef IGNORE_NAME_CONSTRAINTS + signer->permittedNames = cert.permittedNames; + signer->excludedNames = cert.excludedNames; + #endif + #ifndef NO_SKID + XMEMCPY(signer->subjectKeyIdHash, + cert.extSubjKeyId, SHA_DIGEST_SIZE); + #endif + XMEMCPY(signer->subjectNameHash, cert.subjectHash, SHA_DIGEST_SIZE); + signer->keyUsage = cert.extKeyUsageSet ? cert.extKeyUsage : 0xFFFF; + /* If Key Usage not set, all uses valid. */ + signer->next = NULL; /* in case lock fails */ -int CyaSSL_LoadCRL(CYASSL* ssl, const char* path, int type, int monitor) -{ - CYASSL_ENTER("CyaSSL_LoadCRL"); - if (ssl) - return CyaSSL_CertManagerLoadCRL(ssl->ctx->cm, path, type, monitor); - else - return BAD_FUNC_ARG; -} + cert.publicKey = 0; /* don't free here */ + cert.subjectCN = 0; + #ifndef IGNORE_NAME_CONSTRAINTS + cert.permittedNames = NULL; + cert.excludedNames = NULL; + #endif + #ifndef NO_SKID + row = HashSigner(signer->subjectKeyIdHash); + #else + row = HashSigner(signer->subjectNameHash); + #endif -int CyaSSL_SetCRL_Cb(CYASSL* ssl, CbMissingCRL cb) -{ - CYASSL_ENTER("CyaSSL_SetCRL_Cb"); - if (ssl) - return CyaSSL_CertManagerSetCRL_Cb(ssl->ctx->cm, cb); - else - return BAD_FUNC_ARG; -} + if (LockMutex(&cm->caLock) == 0) { + signer->next = cm->caTable[row]; + cm->caTable[row] = signer; /* takes ownership */ + UnLockMutex(&cm->caLock); + if (cm->caCacheCallback) + cm->caCacheCallback(der.buffer, (int)der.length, type); + } + else { + CYASSL_MSG(" CA Mutex Lock failed"); + ret = BAD_MUTEX_E; + FreeSigner(signer, cm->heap); + } + } + } + CYASSL_MSG(" Freeing Parsed CA"); + FreeDecodedCert(&cert); + CYASSL_MSG(" Freeing der CA"); + XFREE(der.buffer, cm->heap, DYNAMIC_TYPE_CA); + CYASSL_MSG(" OK Freeing der CA"); -int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options) -{ - CYASSL_ENTER("CyaSSL_CTX_EnableCRL"); - if (ctx) - return CyaSSL_CertManagerEnableCRL(ctx->cm, options); - else - return BAD_FUNC_ARG; + CYASSL_LEAVE("AddCA", ret); + if (ret == 0) return SSL_SUCCESS; + return ret; } +#endif /* !NO_CERTS */ -int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx) -{ - CYASSL_ENTER("CyaSSL_CTX_DisableCRL"); - if (ctx) - return CyaSSL_CertManagerDisableCRL(ctx->cm); - else - return BAD_FUNC_ARG; -} +#ifndef NO_SESSION_CACHE -int CyaSSL_CTX_LoadCRL(CYASSL_CTX* ctx, const char* path, int type, int monitor) -{ - CYASSL_ENTER("CyaSSL_CTX_LoadCRL"); - if (ctx) - return CyaSSL_CertManagerLoadCRL(ctx->cm, path, type, monitor); - else - return BAD_FUNC_ARG; -} + /* basic config gives a cache with 33 sessions, adequate for clients and + embedded servers + MEDIUM_SESSION_CACHE allows 1055 sessions, adequate for servers that + aren't under heavy load, basically allows 200 new sessions per minute -int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX* ctx, CbMissingCRL cb) -{ - CYASSL_ENTER("CyaSSL_CTX_SetCRL_Cb"); - if (ctx) - return CyaSSL_CertManagerSetCRL_Cb(ctx->cm, cb); - else - return BAD_FUNC_ARG; -} + BIG_SESSION_CACHE yields 20,027 sessions + HUGE_SESSION_CACHE yields 65,791 sessions, for servers under heavy load, + allows over 13,000 new sessions per minute or over 200 new sessions per + second -#endif /* HAVE_CRL */ + SMALL_SESSION_CACHE only stores 6 sessions, good for embedded clients + or systems where the default of nearly 3kB is too much RAM, this define + uses less than 500 bytes RAM + default SESSION_CACHE stores 33 sessions (no XXX_SESSION_CACHE defined) + */ + #ifdef HUGE_SESSION_CACHE + #define SESSIONS_PER_ROW 11 + #define SESSION_ROWS 5981 + #elif defined(BIG_SESSION_CACHE) + #define SESSIONS_PER_ROW 7 + #define SESSION_ROWS 2861 + #elif defined(MEDIUM_SESSION_CACHE) + #define SESSIONS_PER_ROW 5 + #define SESSION_ROWS 211 + #elif defined(SMALL_SESSION_CACHE) + #define SESSIONS_PER_ROW 2 + #define SESSION_ROWS 3 + #else + #define SESSIONS_PER_ROW 3 + #define SESSION_ROWS 11 + #endif -#ifdef CYASSL_DER_LOAD + typedef struct SessionRow { + int nextIdx; /* where to place next one */ + int totalCount; /* sessions ever on this row */ + CYASSL_SESSION Sessions[SESSIONS_PER_ROW]; + } SessionRow; -/* Add format parameter to allow DER load of CA files */ -int CyaSSL_CTX_der_load_verify_locations(CYASSL_CTX* ctx, const char* file, - int format) -{ - CYASSL_ENTER("CyaSSL_CTX_der_load_verify_locations"); - if (ctx == NULL || file == NULL) - return SSL_FAILURE; + static SessionRow SessionCache[SESSION_ROWS]; - if (ProcessFile(ctx, file, format, CA_TYPE, NULL, 0, NULL) == SSL_SUCCESS) - return SSL_SUCCESS; + static CyaSSL_Mutex session_mutex; /* SessionCache mutex */ - return SSL_FAILURE; -} + #ifndef NO_CLIENT_CACHE -#endif /* CYASSL_DER_LOAD */ + typedef struct ClientSession { + word16 serverRow; /* SessionCache Row id */ + word16 serverIdx; /* SessionCache Idx (column) */ + } ClientSession; + typedef struct ClientRow { + int nextIdx; /* where to place next one */ + int totalCount; /* sessions ever on this row */ + ClientSession Clients[SESSIONS_PER_ROW]; + } ClientRow; -#ifdef CYASSL_CERT_GEN + static ClientRow ClientCache[SESSION_ROWS]; /* Client Cache */ + /* uses session mutex */ + #endif /* NO_CLIENT_CACHE */ -/* load pem cert from file into der buffer, return der size or error */ -int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) -{ - byte staticBuffer[FILE_BUFFER_SIZE]; - byte* fileBuf = staticBuffer; - int dynamic = 0; - int ret; - int ecc = 0; - long sz = 0; - XFILE* file = XFOPEN(fileName, "rb"); - EncryptedInfo info; - buffer converted; +#endif /* NO_SESSION_CACHE */ - CYASSL_ENTER("CyaSSL_PemCertToDer"); - converted.buffer = 0; - if (!file) return SSL_BAD_FILE; - XFSEEK(file, 0, XSEEK_END); - sz = XFTELL(file); - XREWIND(file); - - if (sz > (long)sizeof(staticBuffer)) { - fileBuf = (byte*) XMALLOC(sz, 0, DYNAMIC_TYPE_FILE); - if (fileBuf == NULL) { - XFCLOSE(file); - return SSL_BAD_FILE; - } - dynamic = 1; - } +int CyaSSL_Init(void) +{ + int ret = SSL_SUCCESS; - if ( (ret = XFREAD(fileBuf, sz, 1, file)) < 0) - ret = SSL_BAD_FILE; - else - ret = PemToDer(fileBuf, sz, CA_TYPE, &converted, 0, &info, &ecc); + CYASSL_ENTER("CyaSSL_Init"); - if (ret == 0) { - if (converted.length < (word32)derSz) { - XMEMCPY(derBuf, converted.buffer, converted.length); - ret = converted.length; + if (initRefCount == 0) { +#ifndef NO_SESSION_CACHE + if (InitMutex(&session_mutex) != 0) + ret = BAD_MUTEX_E; +#endif + if (InitMutex(&count_mutex) != 0) + ret = BAD_MUTEX_E; + } + if (ret == SSL_SUCCESS) { + if (LockMutex(&count_mutex) != 0) { + CYASSL_MSG("Bad Lock Mutex count"); + return BAD_MUTEX_E; } - else - ret = BUFFER_E; - } - - XFREE(converted.buffer, 0, DYNAMIC_TYPE_CA); - if (dynamic) - XFREE(fileBuf, 0, DYNAMIC_TYPE_FILE); - XFCLOSE(file); + initRefCount++; + UnLockMutex(&count_mutex); + } return ret; } -#endif /* CYASSL_CERT_GEN */ - -int CyaSSL_CTX_use_certificate_file(CYASSL_CTX* ctx, const char* file, - int format) -{ - CYASSL_ENTER("CyaSSL_CTX_use_certificate_file"); - if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 0, NULL) == SSL_SUCCESS) - return SSL_SUCCESS; +#ifndef NO_CERTS - return SSL_FAILURE; -} + /* Remove PEM header/footer, convert to ASN1, store any encrypted data + info->consumed tracks of PEM bytes consumed in case multiple parts */ + int PemToDer(const unsigned char* buff, long longSz, int type, + buffer* der, void* heap, EncryptedInfo* info, int* eccKey) + { + char header[PEM_LINE_LEN]; + char footer[PEM_LINE_LEN]; + char* headerEnd; + char* footerEnd; + char* consumedEnd; + char* bufferEnd = (char*)(buff + longSz); + long neededSz; + int ret = 0; + int pkcs8 = 0; + int pkcs8Enc = 0; + int dynamicType = 0; + int sz = (int)longSz; + (void)heap; + (void)dynamicType; -int CyaSSL_CTX_use_PrivateKey_file(CYASSL_CTX* ctx, const char* file,int format) -{ - CYASSL_ENTER("CyaSSL_CTX_use_PrivateKey_file"); - if (ProcessFile(ctx, file, format, PRIVATEKEY_TYPE, NULL, 0, NULL) - == SSL_SUCCESS) - return SSL_SUCCESS; + if (type == CERT_TYPE || type == CA_TYPE) { + XSTRNCPY(header, "-----BEGIN CERTIFICATE-----", sizeof(header)); + XSTRNCPY(footer, "-----END CERTIFICATE-----", sizeof(footer)); + dynamicType = (type == CA_TYPE) ? DYNAMIC_TYPE_CA : + DYNAMIC_TYPE_CERT; + } else if (type == CERTREQ_TYPE) { + XSTRNCPY(header, "-----BEGIN CERTIFICATE REQUEST-----", + sizeof(header)); + XSTRNCPY(footer, "-----END CERTIFICATE REQUEST-----", + sizeof(footer)); + dynamicType = DYNAMIC_TYPE_KEY; + } else if (type == DH_PARAM_TYPE) { + XSTRNCPY(header, "-----BEGIN DH PARAMETERS-----", sizeof(header)); + XSTRNCPY(footer, "-----END DH PARAMETERS-----", sizeof(footer)); + dynamicType = DYNAMIC_TYPE_KEY; + } else if (type == CRL_TYPE) { + XSTRNCPY(header, "-----BEGIN X509 CRL-----", sizeof(header)); + XSTRNCPY(footer, "-----END X509 CRL-----", sizeof(footer)); + dynamicType = DYNAMIC_TYPE_CRL; + } else { + XSTRNCPY(header, "-----BEGIN RSA PRIVATE KEY-----", sizeof(header)); + XSTRNCPY(footer, "-----END RSA PRIVATE KEY-----", sizeof(footer)); + dynamicType = DYNAMIC_TYPE_KEY; + } - return SSL_FAILURE; -} + /* find header */ + headerEnd = XSTRNSTR((char*)buff, header, sz); + if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be pkcs8 */ + XSTRNCPY(header, "-----BEGIN PRIVATE KEY-----", sizeof(header)); + XSTRNCPY(footer, "-----END PRIVATE KEY-----", sizeof(footer)); + headerEnd = XSTRNSTR((char*)buff, header, sz); + if (headerEnd) + pkcs8 = 1; + else { + XSTRNCPY(header, "-----BEGIN ENCRYPTED PRIVATE KEY-----", + sizeof(header)); + XSTRNCPY(footer, "-----END ENCRYPTED PRIVATE KEY-----", + sizeof(footer)); -int CyaSSL_CTX_use_certificate_chain_file(CYASSL_CTX* ctx, const char* file) -{ - /* procces up to MAX_CHAIN_DEPTH plus subject cert */ - CYASSL_ENTER("CyaSSL_CTX_use_certificate_chain_file"); - if (ProcessFile(ctx, file, SSL_FILETYPE_PEM,CERT_TYPE,NULL,1, NULL) - == SSL_SUCCESS) - return SSL_SUCCESS; + headerEnd = XSTRNSTR((char*)buff, header, sz); + if (headerEnd) { + pkcs8Enc = 1; + (void)pkcs8Enc; /* only opensslextra will read */ + } + } + } + if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be ecc */ + XSTRNCPY(header, "-----BEGIN EC PRIVATE KEY-----", sizeof(header)); + XSTRNCPY(footer, "-----END EC PRIVATE KEY-----", sizeof(footer)); - return SSL_FAILURE; -} + headerEnd = XSTRNSTR((char*)buff, header, sz); + if (headerEnd) + *eccKey = 1; + } + if (!headerEnd && type == PRIVATEKEY_TYPE) { /* may be dsa */ + XSTRNCPY(header, "-----BEGIN DSA PRIVATE KEY-----", sizeof(header)); + XSTRNCPY(footer, "-----END DSA PRIVATE KEY-----", sizeof(footer)); + headerEnd = XSTRNSTR((char*)buff, header, sz); + } + if (!headerEnd) { + CYASSL_MSG("Couldn't find PEM header"); + return SSL_NO_PEM_HEADER; + } + headerEnd += XSTRLEN(header); -#ifdef OPENSSL_EXTRA -/* put SSL type in extra for now, not very common */ + /* eat end of line */ + if (headerEnd[0] == '\n') + headerEnd++; + else if (headerEnd[1] == '\n') + headerEnd += 2; + else + return SSL_BAD_FILE; -int CyaSSL_use_certificate_file(CYASSL* ssl, const char* file, int format) -{ - CYASSL_ENTER("CyaSSL_use_certificate_file"); - if (ProcessFile(ssl->ctx, file, format, CERT_TYPE, ssl, 0, NULL) - == SSL_SUCCESS) - return SSL_SUCCESS; +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + { + /* remove encrypted header if there */ + char encHeader[] = "Proc-Type"; + char* line = XSTRNSTR(headerEnd, encHeader, PEM_LINE_LEN); + if (line) { + char* newline; + char* finish; + char* start = XSTRNSTR(line, "DES", PEM_LINE_LEN); - return SSL_FAILURE; -} + if (!start) + start = XSTRNSTR(line, "AES", PEM_LINE_LEN); + if (!start) return SSL_BAD_FILE; + if (!info) return SSL_BAD_FILE; -int CyaSSL_use_PrivateKey_file(CYASSL* ssl, const char* file, int format) -{ - CYASSL_ENTER("CyaSSL_use_PrivateKey_file"); - if (ProcessFile(ssl->ctx, file, format, PRIVATEKEY_TYPE, ssl, 0, NULL) - == SSL_SUCCESS) - return SSL_SUCCESS; + finish = XSTRNSTR(start, ",", PEM_LINE_LEN); - return SSL_FAILURE; -} + if (start && finish && (start < finish)) { + newline = XSTRNSTR(finish, "\r", PEM_LINE_LEN); + XMEMCPY(info->name, start, finish - start); + info->name[finish - start] = 0; + XMEMCPY(info->iv, finish + 1, sizeof(info->iv)); -int CyaSSL_use_certificate_chain_file(CYASSL* ssl, const char* file) -{ - /* procces up to MAX_CHAIN_DEPTH plus subject cert */ - CYASSL_ENTER("CyaSSL_use_certificate_chain_file"); - if (ProcessFile(ssl->ctx, file, SSL_FILETYPE_PEM, CERT_TYPE, ssl, 1, NULL) - == SSL_SUCCESS) - return SSL_SUCCESS; + if (!newline) newline = XSTRNSTR(finish, "\n", PEM_LINE_LEN); + if (newline && (newline > finish)) { + info->ivSz = (word32)(newline - (finish + 1)); + info->set = 1; + } + else + return SSL_BAD_FILE; + } + else + return SSL_BAD_FILE; - return SSL_FAILURE; -} + /* eat blank line */ + while (*newline == '\r' || *newline == '\n') + newline++; + headerEnd = newline; + } + } +#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ + /* find footer */ + footerEnd = XSTRNSTR((char*)buff, footer, sz); + if (!footerEnd) return SSL_BAD_FILE; -/* server wrapper for ctx or ssl Diffie-Hellman parameters */ -static int CyaSSL_SetTmpDH_buffer_wrapper(CYASSL_CTX* ctx, CYASSL* ssl, - const unsigned char* buf, long sz, int format) -{ - buffer der; - int ret; - int weOwnDer = 0; - byte p[MAX_DH_SIZE]; - byte g[MAX_DH_SIZE]; - word32 pSz = sizeof(p); - word32 gSz = sizeof(g); + consumedEnd = footerEnd + XSTRLEN(footer); - der.buffer = (byte*)buf; - der.length = sz; + if (consumedEnd < bufferEnd) { /* handle no end of line on last line */ + /* eat end of line */ + if (consumedEnd[0] == '\n') + consumedEnd++; + else if (consumedEnd[1] == '\n') + consumedEnd += 2; + else + return SSL_BAD_FILE; + } - if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM) - return SSL_BAD_FILETYPE; + if (info) + info->consumed = (long)(consumedEnd - (char*)buff); - if (format == SSL_FILETYPE_PEM) { - der.buffer = NULL; - ret = PemToDer(buf, sz, DH_PARAM_TYPE, &der, ctx->heap, NULL,NULL); - if (ret < 0) { - XFREE(der.buffer, ctx->heap, DYNAMIC_TYPE_KEY); - return ret; - } - weOwnDer = 1; - } + /* set up der buffer */ + neededSz = (long)(footerEnd - headerEnd); + if (neededSz > sz || neededSz < 0) return SSL_BAD_FILE; + der->buffer = (byte*) XMALLOC(neededSz, heap, dynamicType); + if (!der->buffer) return MEMORY_ERROR; + der->length = (word32)neededSz; - if (DhParamsLoad(der.buffer, der.length, p, &pSz, g, &gSz) < 0) - ret = SSL_BAD_FILETYPE; - else { - if (ssl) - ret = CyaSSL_SetTmpDH(ssl, p, pSz, g, gSz); - else - ret = CyaSSL_CTX_SetTmpDH(ctx, p, pSz, g, gSz); - } + if (Base64_Decode((byte*)headerEnd, (word32)neededSz, der->buffer, + &der->length) < 0) + return SSL_BAD_FILE; - if (weOwnDer) - XFREE(der.buffer, ctx->heap, DYNAMIC_TYPE_KEY); + if (pkcs8) { + /* convert and adjust length */ + if ( (ret = ToTraditional(der->buffer, der->length)) < 0 ) { + return ret; + } else { + der->length = ret; + return 0; + } + } - return ret; -} +#if (defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER)) && !defined(NO_PWDBASED) + if (pkcs8Enc) { + int passwordSz; + char password[80]; -/* server Diffie-Hellman parameters */ -int CyaSSL_SetTmpDH_buffer(CYASSL* ssl, const unsigned char* buf, long sz, - int format) -{ - return CyaSSL_SetTmpDH_buffer_wrapper(ssl->ctx, ssl, buf, sz, format); -} + if (!info || !info->ctx || !info->ctx->passwd_cb) + return SSL_BAD_FILE; /* no callback error */ + passwordSz = info->ctx->passwd_cb(password, sizeof(password), 0, + info->ctx->userdata); + /* convert and adjust length */ + if ( (ret = ToTraditionalEnc(der->buffer, der->length, password, + passwordSz)) < 0 ) { + return ret; + } else { + der->length = ret; + return 0; + } + } +#endif + return 0; + } -/* server ctx Diffie-Hellman parameters */ -int CyaSSL_CTX_SetTmpDH_buffer(CYASSL_CTX* ctx, const unsigned char* buf, - long sz, int format) -{ - return CyaSSL_SetTmpDH_buffer_wrapper(ctx, NULL, buf, sz, format); -} + /* process the buffer buff, legnth sz, into ctx of format and type + used tracks bytes consumed, userChain specifies a user cert chain + to pass during the handshake */ + static int ProcessBuffer(CYASSL_CTX* ctx, const unsigned char* buff, + long sz, int format, int type, CYASSL* ssl, + long* used, int userChain) + { + EncryptedInfo info; + buffer der; /* holds DER or RAW (for NTRU) */ + int ret; + int dynamicType = 0; + int eccKey = 0; + int rsaKey = 0; + void* heap = ctx ? ctx->heap : NULL; -#ifdef HAVE_ECC + info.set = 0; + info.ctx = ctx; + info.consumed = 0; + der.buffer = 0; -/* Set Temp CTX EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit */ -int CyaSSL_CTX_SetTmpEC_DHE_Sz(CYASSL_CTX* ctx, word16 sz) -{ - if (ctx == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE) - return BAD_FUNC_ARG; + (void)dynamicType; + (void)rsaKey; - ctx->eccTempKeySz = sz; + if (used) + *used = sz; /* used bytes default to sz, PEM chain may shorten*/ - return SSL_SUCCESS; -} + if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM + && format != SSL_FILETYPE_RAW) + return SSL_BAD_FILETYPE; + if (ctx == NULL && ssl == NULL) + return BAD_FUNC_ARG; -/* Set Temp SSL EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit */ -int CyaSSL_SetTmpEC_DHE_Sz(CYASSL* ssl, word16 sz) -{ - if (ssl == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE) - return BAD_FUNC_ARG; + if (type == CA_TYPE) + dynamicType = DYNAMIC_TYPE_CA; + else if (type == CERT_TYPE) + dynamicType = DYNAMIC_TYPE_CERT; + else + dynamicType = DYNAMIC_TYPE_KEY; - ssl->eccTempKeySz = sz; + if (format == SSL_FILETYPE_PEM) { + ret = PemToDer(buff, sz, type, &der, heap, &info, &eccKey); + if (ret < 0) { + XFREE(der.buffer, heap, dynamicType); + return ret; + } + if (used) + *used = info.consumed; + /* we may have a user cert chain, try to consume */ + if (userChain && type == CERT_TYPE && info.consumed < sz) { + byte staticBuffer[FILE_BUFFER_SIZE]; /* tmp chain buffer */ + byte* chainBuffer = staticBuffer; + byte* shrinked = NULL; /* shrinked to size chainBuffer + * or staticBuffer */ + int dynamicBuffer = 0; + word32 bufferSz = sizeof(staticBuffer); + long consumed = info.consumed; + word32 idx = 0; + int gotOne = 0; - return SSL_SUCCESS; -} + if ( (sz - consumed) > (int)bufferSz) { + CYASSL_MSG("Growing Tmp Chain Buffer"); + bufferSz = (word32)(sz - consumed); + /* will shrink to actual size */ + chainBuffer = (byte*)XMALLOC(bufferSz, heap, + DYNAMIC_TYPE_FILE); + if (chainBuffer == NULL) { + XFREE(der.buffer, heap, dynamicType); + return MEMORY_E; + } + dynamicBuffer = 1; + } -#endif /* HAVE_ECC */ + CYASSL_MSG("Processing Cert Chain"); + while (consumed < sz) { + buffer part; + info.consumed = 0; + part.buffer = 0; + ret = PemToDer(buff + consumed, sz - consumed, type, &part, + heap, &info, &eccKey); + if (ret == 0) { + gotOne = 1; + if ( (idx + part.length) > bufferSz) { + CYASSL_MSG(" Cert Chain bigger than buffer"); + ret = BUFFER_E; + } + else { + c32to24(part.length, &chainBuffer[idx]); + idx += CERT_HEADER_SZ; + XMEMCPY(&chainBuffer[idx], part.buffer,part.length); + idx += part.length; + consumed += info.consumed; + if (used) + *used += info.consumed; + } + } -#if !defined(NO_FILESYSTEM) + XFREE(part.buffer, heap, dynamicType); -/* server Diffie-Hellman parameters */ -static int CyaSSL_SetTmpDH_file_wrapper(CYASSL_CTX* ctx, CYASSL* ssl, - const char* fname, int format) -{ - byte staticBuffer[FILE_BUFFER_SIZE]; - byte* myBuffer = staticBuffer; - int dynamic = 0; - int ret; - long sz = 0; - XFILE* file = XFOPEN(fname, "rb"); + if (ret == SSL_NO_PEM_HEADER && gotOne) { + CYASSL_MSG("We got one good PEM so stuff at end ok"); + break; + } - if (!file) return SSL_BAD_FILE; - XFSEEK(file, 0, XSEEK_END); - sz = XFTELL(file); - XREWIND(file); + if (ret < 0) { + CYASSL_MSG(" Error in Cert in Chain"); + if (dynamicBuffer) + XFREE(chainBuffer, heap, DYNAMIC_TYPE_FILE); + XFREE(der.buffer, heap, dynamicType); + return ret; + } + CYASSL_MSG(" Consumed another Cert in Chain"); + } + CYASSL_MSG("Finished Processing Cert Chain"); - if (sz > (long)sizeof(staticBuffer)) { - CYASSL_MSG("Getting dynamic buffer"); - myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE); - if (myBuffer == NULL) { - XFCLOSE(file); - return SSL_BAD_FILE; + /* only retain actual size used */ + shrinked = (byte*)XMALLOC(idx, heap, dynamicType); + if (shrinked) { + if (ssl) { + if (ssl->buffers.certChain.buffer && + ssl->buffers.weOwnCertChain) { + XFREE(ssl->buffers.certChain.buffer, heap, + dynamicType); + } + ssl->buffers.certChain.buffer = shrinked; + ssl->buffers.certChain.length = idx; + XMEMCPY(ssl->buffers.certChain.buffer, chainBuffer,idx); + ssl->buffers.weOwnCertChain = 1; + } else if (ctx) { + if (ctx->certChain.buffer) + XFREE(ctx->certChain.buffer, heap, dynamicType); + ctx->certChain.buffer = shrinked; + ctx->certChain.length = idx; + XMEMCPY(ctx->certChain.buffer, chainBuffer, idx); + } + } + if (dynamicBuffer) + XFREE(chainBuffer, heap, DYNAMIC_TYPE_FILE); + if (shrinked == NULL) { + XFREE(der.buffer, heap, dynamicType); + return MEMORY_E; + } + } + } + else { /* ASN1 (DER) or RAW (NTRU) */ + der.buffer = (byte*) XMALLOC(sz, heap, dynamicType); + if (!der.buffer) return MEMORY_ERROR; + XMEMCPY(der.buffer, buff, sz); + der.length = (word32)sz; } - dynamic = 1; - } - - if ( (ret = XFREAD(myBuffer, sz, 1, file)) < 0) - ret = SSL_BAD_FILE; - else { - if (ssl) - ret = CyaSSL_SetTmpDH_buffer(ssl, myBuffer, sz, format); - else - ret = CyaSSL_CTX_SetTmpDH_buffer(ctx, myBuffer, sz, format); - } - - XFCLOSE(file); - if (dynamic) XFREE(myBuffer, ctx->heap, DYNAMIC_TYPE_FILE); - return ret; -} +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) + if (info.set) { + /* decrypt */ + char password[80]; + int passwordSz; -/* server Diffie-Hellman parameters */ -int CyaSSL_SetTmpDH_file(CYASSL* ssl, const char* fname, int format) -{ - return CyaSSL_SetTmpDH_file_wrapper(ssl->ctx, ssl, fname, format); -} + byte key[AES_256_KEY_SIZE]; + byte iv[AES_IV_SIZE]; + if (!ctx || !ctx->passwd_cb) { + XFREE(der.buffer, heap, dynamicType); + return NO_PASSWORD; + } -/* server Diffie-Hellman parameters */ -int CyaSSL_CTX_SetTmpDH_file(CYASSL_CTX* ctx, const char* fname, int format) -{ - return CyaSSL_SetTmpDH_file_wrapper(ctx, NULL, fname, format); -} + /* use file's salt for key derivation, hex decode first */ + if (Base16_Decode(info.iv, info.ivSz, info.iv, &info.ivSz) != 0) { + XFREE(der.buffer, heap, dynamicType); + return ASN_INPUT_E; + } + passwordSz = ctx->passwd_cb(password, sizeof(password), 0, + ctx->userdata); + if ( (ret = EVP_BytesToKey(info.name, "MD5", info.iv, + (byte*)password, passwordSz, 1, key, iv)) <= 0) { + XFREE(der.buffer, heap, dynamicType); + return ret; + } -#endif /* !NO_FILESYSTEM */ -#endif /* OPENSSL_EXTRA */ + if (XSTRNCMP(info.name, "DES-CBC", 7) == 0) { + Des enc; -#ifdef HAVE_NTRU + ret = Des_SetKey(&enc, key, info.iv, DES_DECRYPTION); + if (ret != 0) + return ret; -int CyaSSL_CTX_use_NTRUPrivateKey_file(CYASSL_CTX* ctx, const char* file) -{ - CYASSL_ENTER("CyaSSL_CTX_use_NTRUPrivateKey_file"); - if (ProcessFile(ctx, file, SSL_FILETYPE_RAW, PRIVATEKEY_TYPE, NULL, 0, NULL) - == SSL_SUCCESS) { - ctx->haveNTRU = 1; - return SSL_SUCCESS; - } + Des_CbcDecrypt(&enc, der.buffer, der.buffer, der.length); + } + else if (XSTRNCMP(info.name, "DES-EDE3-CBC", 13) == 0) { + Des3 enc; - return SSL_FAILURE; -} + ret = Des3_SetKey(&enc, key, info.iv, DES_DECRYPTION); + if (ret != 0) + return ret; -#endif /* HAVE_NTRU */ + ret = Des3_CbcDecrypt(&enc, der.buffer, der.buffer, der.length); + if (ret != 0) + return ret; + } + else if (XSTRNCMP(info.name, "AES-128-CBC", 13) == 0) { + Aes enc; + ret = AesSetKey(&enc, key, AES_128_KEY_SIZE, info.iv, + AES_DECRYPTION); + if (ret == 0) + ret = AesCbcDecrypt(&enc, der.buffer,der.buffer,der.length); + } + else if (XSTRNCMP(info.name, "AES-192-CBC", 13) == 0) { + Aes enc; + ret = AesSetKey(&enc, key, AES_192_KEY_SIZE, info.iv, + AES_DECRYPTION); + if (ret == 0) + ret = AesCbcDecrypt(&enc, der.buffer,der.buffer,der.length); + } + else if (XSTRNCMP(info.name, "AES-256-CBC", 13) == 0) { + Aes enc; + ret = AesSetKey(&enc, key, AES_256_KEY_SIZE, info.iv, + AES_DECRYPTION); + if (ret == 0) + ret = AesCbcDecrypt(&enc, der.buffer,der.buffer,der.length); + } + else { + XFREE(der.buffer, heap, dynamicType); + return SSL_BAD_FILE; + } + if (ret != 0) { + XFREE(der.buffer, heap, dynamicType); + return ret; + } + } +#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ + if (type == CA_TYPE) { + if (ctx == NULL) { + CYASSL_MSG("Need context for CA load"); + XFREE(der.buffer, heap, dynamicType); + return BAD_FUNC_ARG; + } + return AddCA(ctx->cm, der, CYASSL_USER_CA, ctx->verifyPeer); + /* takes der over */ + } + else if (type == CERT_TYPE) { + if (ssl) { + if (ssl->buffers.weOwnCert && ssl->buffers.certificate.buffer) + XFREE(ssl->buffers.certificate.buffer, heap, + dynamicType); + ssl->buffers.certificate = der; + ssl->buffers.weOwnCert = 1; + } + else if (ctx) { + if (ctx->certificate.buffer) + XFREE(ctx->certificate.buffer, heap, dynamicType); + ctx->certificate = der; /* takes der over */ + } + } + else if (type == PRIVATEKEY_TYPE) { + if (ssl) { + if (ssl->buffers.weOwnKey && ssl->buffers.key.buffer) + XFREE(ssl->buffers.key.buffer, heap, dynamicType); + ssl->buffers.key = der; + ssl->buffers.weOwnKey = 1; + } + else if (ctx) { + if (ctx->privateKey.buffer) + XFREE(ctx->privateKey.buffer, heap, dynamicType); + ctx->privateKey = der; /* takes der over */ + } + } + else { + XFREE(der.buffer, heap, dynamicType); + return SSL_BAD_CERTTYPE; + } -#ifdef OPENSSL_EXTRA + if (type == PRIVATEKEY_TYPE && format != SSL_FILETYPE_RAW) { +#ifndef NO_RSA + if (!eccKey) { + /* make sure RSA key can be used */ + RsaKey key; + word32 idx = 0; - int CyaSSL_CTX_use_RSAPrivateKey_file(CYASSL_CTX* ctx,const char* file, - int format) - { - CYASSL_ENTER("SSL_CTX_use_RSAPrivateKey_file"); - if (ProcessFile(ctx, file,format,PRIVATEKEY_TYPE,NULL,0, NULL) - == SSL_SUCCESS) - return SSL_SUCCESS; + ret = InitRsaKey(&key, 0); + if (ret != 0) return ret; + if (RsaPrivateKeyDecode(der.buffer,&idx,&key,der.length) != 0) { +#ifdef HAVE_ECC + /* could have DER ECC (or pkcs8 ecc), no easy way to tell */ + eccKey = 1; /* so try it out */ +#endif + if (!eccKey) { + FreeRsaKey(&key); + return SSL_BAD_FILE; + } + } else { + rsaKey = 1; + (void)rsaKey; /* for no ecc builds */ + } + FreeRsaKey(&key); + } +#endif +#ifdef HAVE_ECC + if (!rsaKey) { + /* make sure ECC key can be used */ + word32 idx = 0; + ecc_key key; - return SSL_FAILURE; - } + ecc_init(&key); + if (EccPrivateKeyDecode(der.buffer,&idx,&key,der.length) != 0) { + ecc_free(&key); + return SSL_BAD_FILE; + } + ecc_free(&key); + eccKey = 1; + if (ctx) + ctx->haveStaticECC = 1; + if (ssl) + ssl->options.haveStaticECC = 1; + } +#endif /* HAVE_ECC */ + } + else if (type == CERT_TYPE) { + DecodedCert cert; - int CyaSSL_use_RSAPrivateKey_file(CYASSL* ssl, const char* file, int format) - { - CYASSL_ENTER("CyaSSL_use_RSAPrivateKey_file"); - if (ProcessFile(ssl->ctx, file, format, PRIVATEKEY_TYPE, ssl, 0, NULL) - == SSL_SUCCESS) - return SSL_SUCCESS; + CYASSL_MSG("Checking cert signature type"); + InitDecodedCert(&cert, der.buffer, der.length, heap); - return SSL_FAILURE; + if (DecodeToKey(&cert, 0) < 0) { + CYASSL_MSG("Decode to key failed"); + return SSL_BAD_FILE; + } + switch (cert.signatureOID) { + case CTC_SHAwECDSA: + case CTC_SHA256wECDSA: + case CTC_SHA384wECDSA: + case CTC_SHA512wECDSA: + CYASSL_MSG("ECDSA cert signature"); + if (ctx) + ctx->haveECDSAsig = 1; + if (ssl) + ssl->options.haveECDSAsig = 1; + break; + default: + CYASSL_MSG("Not ECDSA cert signature"); + break; + } + +#ifdef HAVE_ECC + if (ctx) + ctx->pkCurveOID = cert.pkCurveOID; + if (ssl) + ssl->pkCurveOID = cert.pkCurveOID; +#endif + + FreeDecodedCert(&cert); + } + + return SSL_SUCCESS; } -#endif /* OPENSSL_EXTRA */ -#endif /* NO_FILESYSTEM */ -void CyaSSL_CTX_set_verify(CYASSL_CTX* ctx, int mode, VerifyCallback vc) +/* CA PEM file for verification, may have multiple/chain certs to process */ +static int ProcessChainBuffer(CYASSL_CTX* ctx, const unsigned char* buff, + long sz, int format, int type, CYASSL* ssl) { - CYASSL_ENTER("CyaSSL_CTX_set_verify"); - if (mode & SSL_VERIFY_PEER) { - ctx->verifyPeer = 1; - ctx->verifyNone = 0; /* in case perviously set */ - } + long used = 0; + int ret = 0; + int gotOne = 0; - if (mode == SSL_VERIFY_NONE) { - ctx->verifyNone = 1; - ctx->verifyPeer = 0; /* in case previously set */ - } + CYASSL_MSG("Processing CA PEM file"); + while (used < sz) { + long consumed = 0; - if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) - ctx->failNoCert = 1; + ret = ProcessBuffer(ctx, buff + used, sz - used, format, type, ssl, + &consumed, 0); - ctx->verifyCallback = vc; + if (ret == SSL_NO_PEM_HEADER && gotOne) { + CYASSL_MSG("We got one good PEM file so stuff at end ok"); + ret = SSL_SUCCESS; + break; + } + + if (ret < 0) + break; + + CYASSL_MSG(" Processed a CA"); + gotOne = 1; + used += consumed; + } + + return ret; } -void CyaSSL_set_verify(CYASSL* ssl, int mode, VerifyCallback vc) +/* Verify the ceritficate, SSL_SUCCESS for ok, < 0 for error */ +int CyaSSL_CertManagerVerifyBuffer(CYASSL_CERT_MANAGER* cm, const byte* buff, + long sz, int format) { - CYASSL_ENTER("CyaSSL_set_verify"); - if (mode & SSL_VERIFY_PEER) { - ssl->options.verifyPeer = 1; - ssl->options.verifyNone = 0; /* in case perviously set */ - } + int ret = 0; + int eccKey = 0; /* not used */ - if (mode == SSL_VERIFY_NONE) { - ssl->options.verifyNone = 1; - ssl->options.verifyPeer = 0; /* in case previously set */ + DecodedCert cert; + buffer der; + + CYASSL_ENTER("CyaSSL_CertManagerVerifyBuffer"); + + der.buffer = NULL; + der.length = 0; + + if (format == SSL_FILETYPE_PEM) { + EncryptedInfo info; + + info.set = 0; + info.ctx = NULL; + info.consumed = 0; + ret = PemToDer(buff, sz, CERT_TYPE, &der, cm->heap, &info, &eccKey); + InitDecodedCert(&cert, der.buffer, der.length, cm->heap); } + else + InitDecodedCert(&cert, (byte*)buff, (word32)sz, cm->heap); - if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) - ssl->options.failNoCert = 1; + if (ret == 0) + ret = ParseCertRelative(&cert, CERT_TYPE, 1, cm); +#ifdef HAVE_CRL + if (ret == 0 && cm->crlEnabled) + ret = CheckCertCRL(cm->crl, &cert); +#endif - ssl->verifyCallback = vc; + FreeDecodedCert(&cert); + XFREE(der.buffer, cm->heap, DYNAMIC_TYPE_CERT); + + if (ret == 0) + return SSL_SUCCESS; + return ret; } -/* store context CA Cache addition callback */ -void CyaSSL_CTX_SetCACb(CYASSL_CTX* ctx, CallbackCACache cb) +/* turn on OCSP if off and compiled in, set options */ +int CyaSSL_CertManagerEnableOCSP(CYASSL_CERT_MANAGER* cm, int options) { - if (ctx && ctx->cm) - ctx->cm->caCacheCallback = cb; -} + int ret = SSL_SUCCESS; + (void)options; -#ifndef NO_SESSION_CACHE + CYASSL_ENTER("CyaSSL_CertManagerEnableOCSP"); + if (cm == NULL) + return BAD_FUNC_ARG; -CYASSL_SESSION* CyaSSL_get_session(CYASSL* ssl) -{ - CYASSL_ENTER("SSL_get_session"); - if (ssl) - return GetSession(ssl, 0); + #ifdef HAVE_OCSP + if (cm->ocsp == NULL) { + cm->ocsp = (CYASSL_OCSP*)XMALLOC(sizeof(CYASSL_OCSP), cm->heap, + DYNAMIC_TYPE_OCSP); + if (cm->ocsp == NULL) + return MEMORY_E; - return NULL; + if (InitOCSP(cm->ocsp, cm) != 0) { + CYASSL_MSG("Init OCSP failed"); + FreeOCSP(cm->ocsp, 1); + cm->ocsp = NULL; + return SSL_FAILURE; + } + } + cm->ocspEnabled = 1; + if (options & CYASSL_OCSP_URL_OVERRIDE) + cm->ocspUseOverrideURL = 1; + if (options & CYASSL_OCSP_NO_NONCE) + cm->ocspSendNonce = 0; + else + cm->ocspSendNonce = 1; + #ifndef CYASSL_USER_IO + cm->ocspIOCb = EmbedOcspLookup; + cm->ocspRespFreeCb = EmbedOcspRespFree; + #endif /* CYASSL_USER_IO */ + #else + ret = NOT_COMPILED_IN; + #endif + + return ret; } -int CyaSSL_set_session(CYASSL* ssl, CYASSL_SESSION* session) +int CyaSSL_CertManagerDisableOCSP(CYASSL_CERT_MANAGER* cm) { - CYASSL_ENTER("SSL_set_session"); - if (session) - return SetSession(ssl, session); + CYASSL_ENTER("CyaSSL_CertManagerDisableOCSP"); + if (cm == NULL) + return BAD_FUNC_ARG; - return SSL_FAILURE; -} + cm->ocspEnabled = 0; -#endif /* NO_SESSION_CACHE */ + return SSL_SUCCESS; +} -void CyaSSL_load_error_strings(void) /* compatibility only */ -{} +#ifdef HAVE_OCSP -int CyaSSL_library_init(void) +/* check CRL if enabled, SSL_SUCCESS */ +int CyaSSL_CertManagerCheckOCSP(CYASSL_CERT_MANAGER* cm, byte* der, int sz) { - CYASSL_ENTER("SSL_library_init"); - if (CyaSSL_Init() == 0) + int ret; + DecodedCert cert; + + CYASSL_ENTER("CyaSSL_CertManagerCheckOCSP"); + + if (cm == NULL) + return BAD_FUNC_ARG; + + if (cm->ocspEnabled == 0) return SSL_SUCCESS; - else - return SSL_FATAL_ERROR; -} + InitDecodedCert(&cert, der, sz, NULL); -#ifndef NO_SESSION_CACHE + ret = ParseCertRelative(&cert, CERT_TYPE, NO_VERIFY, cm); + if (ret != 0) { + CYASSL_MSG("ParseCert failed"); + return ret; + } + else { + ret = CheckCertOCSP(cm->ocsp, &cert); + if (ret != 0) { + CYASSL_MSG("CheckCertOCSP failed"); + } + } -/* on by default if built in but allow user to turn off */ -long CyaSSL_CTX_set_session_cache_mode(CYASSL_CTX* ctx, long mode) -{ - CYASSL_ENTER("SSL_CTX_set_session_cache_mode"); - if (mode == SSL_SESS_CACHE_OFF) - ctx->sessionCacheOff = 1; + FreeDecodedCert(&cert); - if (mode == SSL_SESS_CACHE_NO_AUTO_CLEAR) - ctx->sessionCacheFlushOff = 1; + if (ret == 0) + return SSL_SUCCESS; /* convert */ - return SSL_SUCCESS; + return ret; } -#endif /* NO_SESSION_CACHE */ - -int CyaSSL_CTX_set_cipher_list(CYASSL_CTX* ctx, const char* list) +int CyaSSL_CertManagerSetOCSPOverrideURL(CYASSL_CERT_MANAGER* cm, + const char* url) { - CYASSL_ENTER("CyaSSL_CTX_set_cipher_list"); - if (SetCipherList(&ctx->suites, list)) - return SSL_SUCCESS; + CYASSL_ENTER("CyaSSL_CertManagerSetOCSPOverrideURL"); + if (cm == NULL) + return BAD_FUNC_ARG; + + XFREE(cm->ocspOverrideURL, cm->heap, 0); + if (url != NULL) { + int urlSz = (int)XSTRLEN(url) + 1; + cm->ocspOverrideURL = (char*)XMALLOC(urlSz, cm->heap, 0); + if (cm->ocspOverrideURL != NULL) { + XMEMCPY(cm->ocspOverrideURL, url, urlSz); + } + else + return MEMORY_E; + } else - return SSL_FAILURE; + cm->ocspOverrideURL = NULL; + + return SSL_SUCCESS; } -int CyaSSL_set_cipher_list(CYASSL* ssl, const char* list) +int CyaSSL_CertManagerSetOCSP_Cb(CYASSL_CERT_MANAGER* cm, + CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx) { - CYASSL_ENTER("CyaSSL_set_cipher_list"); - if (SetCipherList(&ssl->suites, list)) { - byte havePSK = 0; + CYASSL_ENTER("CyaSSL_CertManagerSetOCSP_Cb"); + if (cm == NULL) + return BAD_FUNC_ARG; - #ifndef NO_PSK - havePSK = ssl->options.havePSK; - #endif + cm->ocspIOCb = ioCb; + cm->ocspRespFreeCb = respFreeCb; + cm->ocspIOCtx = ioCbCtx; + + return SSL_SUCCESS; +} - InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK, - ssl->options.haveNTRU, ssl->options.haveECDSAsig, - ssl->options.haveStaticECC, ssl->options.side); - return SSL_SUCCESS; - } +int CyaSSL_EnableOCSP(CYASSL* ssl, int options) +{ + CYASSL_ENTER("CyaSSL_EnableOCSP"); + if (ssl) + return CyaSSL_CertManagerEnableOCSP(ssl->ctx->cm, options); else - return SSL_FAILURE; + return BAD_FUNC_ARG; } -/* client only parts */ -#ifndef NO_CYASSL_CLIENT - - CYASSL_METHOD* CyaSSLv3_client_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - CYASSL_ENTER("SSLv3_client_method"); - if (method) - InitSSL_Method(method, MakeSSLv3()); - return method; - } +int CyaSSL_DisableOCSP(CYASSL* ssl) +{ + CYASSL_ENTER("CyaSSL_DisableOCSP"); + if (ssl) + return CyaSSL_CertManagerDisableOCSP(ssl->ctx->cm); + else + return BAD_FUNC_ARG; +} - #ifdef CYASSL_DTLS - CYASSL_METHOD* CyaDTLSv1_client_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - CYASSL_ENTER("DTLSv1_client_method"); - if (method) - InitSSL_Method(method, MakeDTLSv1()); - return method; - } - #endif +int CyaSSL_SetOCSP_OverrideURL(CYASSL* ssl, const char* url) +{ + CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL"); + if (ssl) + return CyaSSL_CertManagerSetOCSPOverrideURL(ssl->ctx->cm, url); + else + return BAD_FUNC_ARG; +} - /* please see note at top of README if you get an error from connect */ - int CyaSSL_connect(CYASSL* ssl) - { - int neededState; - CYASSL_ENTER("SSL_connect()"); +int CyaSSL_SetOCSP_Cb(CYASSL* ssl, + CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx) +{ + CYASSL_ENTER("CyaSSL_SetOCSP_Cb"); + if (ssl) + return CyaSSL_CertManagerSetOCSP_Cb(ssl->ctx->cm, + ioCb, respFreeCb, ioCbCtx); + else + return BAD_FUNC_ARG; +} - #ifdef HAVE_ERRNO_H - errno = 0; - #endif - if (ssl->options.side != CLIENT_END) { - CYASSL_ERROR(ssl->error = SIDE_ERROR); - return SSL_FATAL_ERROR; - } +int CyaSSL_CTX_EnableOCSP(CYASSL_CTX* ctx, int options) +{ + CYASSL_ENTER("CyaSSL_CTX_EnableOCSP"); + if (ctx) + return CyaSSL_CertManagerEnableOCSP(ctx->cm, options); + else + return BAD_FUNC_ARG; +} - #ifdef CYASSL_DTLS - if (ssl->version.major == DTLS_MAJOR && - ssl->version.minor == DTLS_MINOR) { - ssl->options.dtls = 1; - ssl->options.tls = 1; - ssl->options.tls1_1 = 1; - } - #endif - if (ssl->buffers.outputBuffer.length > 0) { - if ( (ssl->error = SendBuffered(ssl)) == 0) { - ssl->options.connectState++; - CYASSL_MSG("connect state: Advanced from buffered send"); - } - else { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - } +int CyaSSL_CTX_DisableOCSP(CYASSL_CTX* ctx) +{ + CYASSL_ENTER("CyaSSL_CTX_DisableOCSP"); + if (ctx) + return CyaSSL_CertManagerDisableOCSP(ctx->cm); + else + return BAD_FUNC_ARG; +} - switch (ssl->options.connectState) { - case CONNECT_BEGIN : - /* always send client hello first */ - if ( (ssl->error = SendClientHello(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.connectState = CLIENT_HELLO_SENT; - CYASSL_MSG("connect state: CLIENT_HELLO_SENT"); +int CyaSSL_CTX_SetOCSP_OverrideURL(CYASSL_CTX* ctx, const char* url) +{ + CYASSL_ENTER("CyaSSL_SetOCSP_OverrideURL"); + if (ctx) + return CyaSSL_CertManagerSetOCSPOverrideURL(ctx->cm, url); + else + return BAD_FUNC_ARG; +} - case CLIENT_HELLO_SENT : - neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE : - SERVER_HELLODONE_COMPLETE; - #ifdef CYASSL_DTLS - if (ssl->options.dtls && !ssl->options.resuming) - neededState = SERVER_HELLOVERIFYREQUEST_COMPLETE; - #endif - /* get response */ - while (ssl->options.serverState < neededState) { - if ( (ssl->error = ProcessReply(ssl)) < 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - /* if resumption failed, reset needed state */ - else if (neededState == SERVER_FINISHED_COMPLETE) - if (!ssl->options.resuming) { - if (!ssl->options.dtls) - neededState = SERVER_HELLODONE_COMPLETE; - else - neededState = SERVER_HELLOVERIFYREQUEST_COMPLETE; - } - } - ssl->options.connectState = HELLO_AGAIN; - CYASSL_MSG("connect state: HELLO_AGAIN"); +int CyaSSL_CTX_SetOCSP_Cb(CYASSL_CTX* ctx, + CbOCSPIO ioCb, CbOCSPRespFree respFreeCb, void* ioCbCtx) +{ + CYASSL_ENTER("CyaSSL_CTX_SetOCSP_Cb"); + if (ctx) + return CyaSSL_CertManagerSetOCSP_Cb(ctx->cm, ioCb, respFreeCb, ioCbCtx); + else + return BAD_FUNC_ARG; +} - case HELLO_AGAIN : - if (ssl->options.certOnly) - return SSL_SUCCESS; - #ifdef CYASSL_DTLS - if (ssl->options.dtls && !ssl->options.resuming) { - /* re-init hashes, exclude first hello and verify request */ - InitMd5(&ssl->hashMd5); - InitSha(&ssl->hashSha); - #ifndef NO_SHA256 - if (IsAtLeastTLSv1_2(ssl)) - InitSha256(&ssl->hashSha256); - #endif - if ( (ssl->error = SendClientHello(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - } - #endif +#endif /* HAVE_OCSP */ - ssl->options.connectState = HELLO_AGAIN_REPLY; - CYASSL_MSG("connect state: HELLO_AGAIN_REPLY"); - case HELLO_AGAIN_REPLY : - #ifdef CYASSL_DTLS - if (ssl->options.dtls) { - neededState = ssl->options.resuming ? - SERVER_FINISHED_COMPLETE : SERVER_HELLODONE_COMPLETE; - - /* get response */ - while (ssl->options.serverState < neededState) { - if ( (ssl->error = ProcessReply(ssl)) < 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - /* if resumption failed, reset needed state */ - else if (neededState == SERVER_FINISHED_COMPLETE) - if (!ssl->options.resuming) - neededState = SERVER_HELLODONE_COMPLETE; - } - } - #endif +#ifndef NO_FILESYSTEM - ssl->options.connectState = FIRST_REPLY_DONE; - CYASSL_MSG("connect state: FIRST_REPLY_DONE"); + #if defined(CYASSL_MDK_ARM) + extern FILE * CyaSSL_fopen(const char *name, const char *mode) ; + #define XFOPEN CyaSSL_fopen + #else + #define XFOPEN fopen + #endif - case FIRST_REPLY_DONE : - if (ssl->options.sendVerify) - if ( (ssl->error = SendCertificate(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } +/* process a file with name fname into ctx of format and type + userChain specifies a user certificate chain to pass during handshake */ +int ProcessFile(CYASSL_CTX* ctx, const char* fname, int format, int type, + CYASSL* ssl, int userChain, CYASSL_CRL* crl) +{ + byte staticBuffer[FILE_BUFFER_SIZE]; + byte* myBuffer = staticBuffer; + int dynamic = 0; + int ret; + long sz = 0; + XFILE file; + void* heapHint = ctx ? ctx->heap : NULL; - ssl->options.connectState = FIRST_REPLY_FIRST; - CYASSL_MSG("connect state: FIRST_REPLY_FIRST"); + (void)crl; + (void)heapHint; - case FIRST_REPLY_FIRST : - if (!ssl->options.resuming) - if ( (ssl->error = SendClientKeyExchange(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } + if (fname == NULL) return SSL_BAD_FILE; - ssl->options.connectState = FIRST_REPLY_SECOND; - CYASSL_MSG("connect state: FIRST_REPLY_SECOND"); + file = XFOPEN(fname, "rb"); + if (file == XBADFILE) return SSL_BAD_FILE; + XFSEEK(file, 0, XSEEK_END); + sz = XFTELL(file); + XREWIND(file); - case FIRST_REPLY_SECOND : - if (ssl->options.sendVerify) - if ( (ssl->error = SendCertificateVerify(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.connectState = FIRST_REPLY_THIRD; - CYASSL_MSG("connect state: FIRST_REPLY_THIRD"); + if (sz > (long)sizeof(staticBuffer)) { + CYASSL_MSG("Getting dynamic buffer"); + myBuffer = (byte*)XMALLOC(sz, heapHint, DYNAMIC_TYPE_FILE); + if (myBuffer == NULL) { + XFCLOSE(file); + return SSL_BAD_FILE; + } + dynamic = 1; + } + else if (sz < 0) { + XFCLOSE(file); + return SSL_BAD_FILE; + } - case FIRST_REPLY_THIRD : - if ( (ssl->error = SendChangeCipher(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.connectState = FIRST_REPLY_FOURTH; - CYASSL_MSG("connect state: FIRST_REPLY_FOURTH"); + if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0) + ret = SSL_BAD_FILE; + else { + if (type == CA_TYPE && format == SSL_FILETYPE_PEM) + ret = ProcessChainBuffer(ctx, myBuffer, sz, format, type, ssl); +#ifdef HAVE_CRL + else if (type == CRL_TYPE) + ret = BufferLoadCRL(crl, myBuffer, sz, format); +#endif + else + ret = ProcessBuffer(ctx, myBuffer, sz, format, type, ssl, NULL, + userChain); + } - case FIRST_REPLY_FOURTH : - if ( (ssl->error = SendFinished(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } + XFCLOSE(file); + if (dynamic) XFREE(myBuffer, heapHint, DYNAMIC_TYPE_FILE); - ssl->options.connectState = FINISHED_DONE; - CYASSL_MSG("connect state: FINISHED_DONE"); + return ret; +} - case FINISHED_DONE : - /* get response */ - while (ssl->options.serverState < SERVER_FINISHED_COMPLETE) - if ( (ssl->error = ProcessReply(ssl)) < 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - - ssl->options.connectState = SECOND_REPLY_DONE; - CYASSL_MSG("connect state: SECOND_REPLY_DONE"); - case SECOND_REPLY_DONE: - if (ssl->buffers.inputBuffer.dynamicFlag) - ShrinkInputBuffer(ssl, NO_FORCED_FREE); - CYASSL_LEAVE("SSL_connect()", SSL_SUCCESS); - return SSL_SUCCESS; +/* loads file then loads each file in path, no c_rehash */ +int CyaSSL_CTX_load_verify_locations(CYASSL_CTX* ctx, const char* file, + const char* path) +{ + int ret = SSL_SUCCESS; - default: - CYASSL_MSG("Unknown connect state ERROR"); - return SSL_FATAL_ERROR; /* unknown connect state */ - } - } + CYASSL_ENTER("CyaSSL_CTX_load_verify_locations"); + (void)path; -#endif /* NO_CYASSL_CLIENT */ + if (ctx == NULL || (file == NULL && path == NULL) ) + return SSL_FAILURE; + if (file) + ret = ProcessFile(ctx, file, SSL_FILETYPE_PEM, CA_TYPE, NULL, 0, NULL); -/* server only parts */ -#ifndef NO_CYASSL_SERVER + if (ret == SSL_SUCCESS && path) { + /* try to load each regular file in path */ + #ifdef USE_WINDOWS_API + WIN32_FIND_DATAA FindFileData; + HANDLE hFind; + char name[MAX_FILENAME_SZ]; - CYASSL_METHOD* CyaSSLv3_server_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - CYASSL_ENTER("SSLv3_server_method"); - if (method) { - InitSSL_Method(method, MakeSSLv3()); - method->side = SERVER_END; + XMEMSET(name, 0, sizeof(name)); + XSTRNCPY(name, path, MAX_FILENAME_SZ - 4); + XSTRNCAT(name, "\\*", 3); + + hFind = FindFirstFileA(name, &FindFileData); + if (hFind == INVALID_HANDLE_VALUE) { + CYASSL_MSG("FindFirstFile for path verify locations failed"); + return BAD_PATH_ERROR; } - return method; - } + do { + if (FindFileData.dwFileAttributes != FILE_ATTRIBUTE_DIRECTORY) { + XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 3); + XSTRNCAT(name, "\\", 2); + XSTRNCAT(name, FindFileData.cFileName, MAX_FILENAME_SZ/2); - #ifdef CYASSL_DTLS - CYASSL_METHOD* CyaDTLSv1_server_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - CYASSL_ENTER("DTLSv1_server_method"); - if (method) { - InitSSL_Method(method, MakeDTLSv1()); - method->side = SERVER_END; + ret = ProcessFile(ctx, name, SSL_FILETYPE_PEM, CA_TYPE, NULL,0, + NULL); + } + } while (ret == SSL_SUCCESS && FindNextFileA(hFind, &FindFileData)); + + FindClose(hFind); + #elif !defined(NO_CYASSL_DIR) + struct dirent* entry; + DIR* dir = opendir(path); + + if (dir == NULL) { + CYASSL_MSG("opendir path verify locations failed"); + return BAD_PATH_ERROR; + } + while ( ret == SSL_SUCCESS && (entry = readdir(dir)) != NULL) { + char name[MAX_FILENAME_SZ]; + struct stat s; + + XMEMSET(name, 0, sizeof(name)); + XSTRNCPY(name, path, MAX_FILENAME_SZ/2 - 2); + XSTRNCAT(name, "/", 1); + XSTRNCAT(name, entry->d_name, MAX_FILENAME_SZ/2); + + if (stat(name, &s) != 0) { + CYASSL_MSG("stat on name failed"); + closedir(dir); + return BAD_PATH_ERROR; + } + if (s.st_mode & S_IFREG) { + ret = ProcessFile(ctx, name, SSL_FILETYPE_PEM, CA_TYPE, NULL,0, + NULL); } - return method; } + closedir(dir); #endif + } + return ret; +} - int CyaSSL_accept(CYASSL* ssl) - { - byte havePSK = 0; - CYASSL_ENTER("SSL_accept()"); - #ifdef HAVE_ERRNO_H - errno = 0; - #endif +/* Verify the ceritficate, SSL_SUCCESS for ok, < 0 for error */ +int CyaSSL_CertManagerVerify(CYASSL_CERT_MANAGER* cm, const char* fname, + int format) +{ + int ret = SSL_FATAL_ERROR; + byte staticBuffer[FILE_BUFFER_SIZE]; + byte* myBuffer = staticBuffer; + int dynamic = 0; + long sz = 0; + XFILE file = XFOPEN(fname, "rb"); - #ifndef NO_PSK - havePSK = ssl->options.havePSK; - #endif + CYASSL_ENTER("CyaSSL_CertManagerVerify"); - if (ssl->options.side != SERVER_END) { - CYASSL_ERROR(ssl->error = SIDE_ERROR); - return SSL_FATAL_ERROR; - } + if (file == XBADFILE) return SSL_BAD_FILE; + XFSEEK(file, 0, XSEEK_END); + sz = XFTELL(file); + XREWIND(file); - /* in case used set_accept_state after init */ - if (!havePSK && (ssl->buffers.certificate.buffer == NULL || - ssl->buffers.key.buffer == NULL)) { - CYASSL_MSG("accept error: don't have server cert and key"); - ssl->error = NO_PRIVATE_KEY; - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; + if (sz > MAX_CYASSL_FILE_SIZE || sz < 0) { + CYASSL_MSG("CertManagerVerify file bad size"); + XFCLOSE(file); + return SSL_BAD_FILE; + } + + if (sz > (long)sizeof(staticBuffer)) { + CYASSL_MSG("Getting dynamic buffer"); + myBuffer = (byte*) XMALLOC(sz, cm->heap, DYNAMIC_TYPE_FILE); + if (myBuffer == NULL) { + XFCLOSE(file); + return SSL_BAD_FILE; } + dynamic = 1; + } - #ifdef HAVE_ECC - /* in case used set_accept_state after init */ - if (ssl->eccTempKeyPresent == 0) { - if (ecc_make_key(&ssl->rng, ssl->eccTempKeySz, - &ssl->eccTempKey) != 0) { - ssl->error = ECC_MAKEKEY_ERROR; - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->eccTempKeyPresent = 1; - } - #endif + if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0) + ret = SSL_BAD_FILE; + else + ret = CyaSSL_CertManagerVerifyBuffer(cm, myBuffer, sz, format); - #ifdef CYASSL_DTLS - if (ssl->version.major == DTLS_MAJOR && - ssl->version.minor == DTLS_MINOR) { - ssl->options.dtls = 1; - ssl->options.tls = 1; - ssl->options.tls1_1 = 1; - } - #endif + XFCLOSE(file); + if (dynamic) XFREE(myBuffer, cm->heap, DYNAMIC_TYPE_FILE); - if (ssl->buffers.outputBuffer.length > 0) { - if ( (ssl->error = SendBuffered(ssl)) == 0) { - ssl->options.acceptState++; - CYASSL_MSG("accept state: Advanced from buffered send"); - } - else { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - } + return ret; +} - switch (ssl->options.acceptState) { - - case ACCEPT_BEGIN : - /* get response */ - while (ssl->options.clientState < CLIENT_HELLO_COMPLETE) - if ( (ssl->error = ProcessReply(ssl)) < 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE; - CYASSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE"); - case ACCEPT_CLIENT_HELLO_DONE : - #ifdef CYASSL_DTLS - if (ssl->options.dtls && !ssl->options.resuming) - if ( (ssl->error = SendHelloVerifyRequest(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - #endif - ssl->options.acceptState = HELLO_VERIFY_SENT; - CYASSL_MSG("accept state HELLO_VERIFY_SENT"); +static INLINE CYASSL_METHOD* cm_pick_method(void) +{ + #ifndef NO_CYASSL_CLIENT + #ifdef NO_OLD_TLS + return CyaTLSv1_2_client_method(); + #else + return CyaSSLv3_client_method(); + #endif + #elif !defined(NO_CYASSL_SERVER) + #ifdef NO_OLD_TLS + return CyaTLSv1_2_server_method(); + #else + return CyaSSLv3_server_method(); + #endif + #else + return NULL; + #endif +} - case HELLO_VERIFY_SENT: - #ifdef CYASSL_DTLS - if (ssl->options.dtls && !ssl->options.resuming) { - ssl->options.clientState = NULL_STATE; /* get again */ - /* re-init hashes, exclude first hello and verify request */ - InitMd5(&ssl->hashMd5); - InitSha(&ssl->hashSha); - #ifndef NO_SHA256 - if (IsAtLeastTLSv1_2(ssl)) - InitSha256(&ssl->hashSha256); - #endif - while (ssl->options.clientState < CLIENT_HELLO_COMPLETE) - if ( (ssl->error = ProcessReply(ssl)) < 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - } - #endif - ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE; - CYASSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE"); +/* like load verify locations, 1 for success, < 0 for error */ +int CyaSSL_CertManagerLoadCA(CYASSL_CERT_MANAGER* cm, const char* file, + const char* path) +{ + int ret = SSL_FATAL_ERROR; + CYASSL_CTX* tmp; - case ACCEPT_FIRST_REPLY_DONE : - if ( (ssl->error = SendServerHello(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.acceptState = SERVER_HELLO_SENT; - CYASSL_MSG("accept state SERVER_HELLO_SENT"); + CYASSL_ENTER("CyaSSL_CertManagerLoadCA"); - case SERVER_HELLO_SENT : - if (!ssl->options.resuming) - if ( (ssl->error = SendCertificate(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.acceptState = CERT_SENT; - CYASSL_MSG("accept state CERT_SENT"); + if (cm == NULL) { + CYASSL_MSG("No CertManager error"); + return ret; + } + tmp = CyaSSL_CTX_new(cm_pick_method()); - case CERT_SENT : - if (!ssl->options.resuming) - if ( (ssl->error = SendServerKeyExchange(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.acceptState = KEY_EXCHANGE_SENT; - CYASSL_MSG("accept state KEY_EXCHANGE_SENT"); + if (tmp == NULL) { + CYASSL_MSG("CTX new failed"); + return ret; + } - case KEY_EXCHANGE_SENT : - if (!ssl->options.resuming) - if (ssl->options.verifyPeer) - if ( (ssl->error = SendCertificateRequest(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.acceptState = CERT_REQ_SENT; - CYASSL_MSG("accept state CERT_REQ_SENT"); + /* for tmp use */ + CyaSSL_CertManagerFree(tmp->cm); + tmp->cm = cm; - case CERT_REQ_SENT : - if (!ssl->options.resuming) - if ( (ssl->error = SendServerHelloDone(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.acceptState = SERVER_HELLO_DONE; - CYASSL_MSG("accept state SERVER_HELLO_DONE"); + ret = CyaSSL_CTX_load_verify_locations(tmp, file, path); - case SERVER_HELLO_DONE : - if (!ssl->options.resuming) { - while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) - if ( (ssl->error = ProcessReply(ssl)) < 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - } - ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE; - CYASSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE"); - - case ACCEPT_SECOND_REPLY_DONE : - if ( (ssl->error = SendChangeCipher(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.acceptState = CHANGE_CIPHER_SENT; - CYASSL_MSG("accept state CHANGE_CIPHER_SENT"); + /* don't loose our good one */ + tmp->cm = NULL; + CyaSSL_CTX_free(tmp); - case CHANGE_CIPHER_SENT : - if ( (ssl->error = SendFinished(ssl)) != 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } + return ret; +} - ssl->options.acceptState = ACCEPT_FINISHED_DONE; - CYASSL_MSG("accept state ACCEPT_FINISHED_DONE"); - case ACCEPT_FINISHED_DONE : - if (ssl->options.resuming) - while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) - if ( (ssl->error = ProcessReply(ssl)) < 0) { - CYASSL_ERROR(ssl->error); - return SSL_FATAL_ERROR; - } - ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE; - CYASSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE"); +/* turn on CRL if off and compiled in, set options */ +int CyaSSL_CertManagerEnableCRL(CYASSL_CERT_MANAGER* cm, int options) +{ + int ret = SSL_SUCCESS; + + (void)options; + + CYASSL_ENTER("CyaSSL_CertManagerEnableCRL"); + if (cm == NULL) + return BAD_FUNC_ARG; + + #ifdef HAVE_CRL + if (cm->crl == NULL) { + cm->crl = (CYASSL_CRL*)XMALLOC(sizeof(CYASSL_CRL), cm->heap, + DYNAMIC_TYPE_CRL); + if (cm->crl == NULL) + return MEMORY_E; + + if (InitCRL(cm->crl, cm) != 0) { + CYASSL_MSG("Init CRL failed"); + FreeCRL(cm->crl, 1); + cm->crl = NULL; + return SSL_FAILURE; + } + } + cm->crlEnabled = 1; + if (options & CYASSL_CRL_CHECKALL) + cm->crlCheckAll = 1; + #else + ret = NOT_COMPILED_IN; + #endif + + return ret; +} + + +int CyaSSL_CertManagerDisableCRL(CYASSL_CERT_MANAGER* cm) +{ + CYASSL_ENTER("CyaSSL_CertManagerDisableCRL"); + if (cm == NULL) + return BAD_FUNC_ARG; + + cm->crlEnabled = 0; + + return SSL_SUCCESS; +} + + +int CyaSSL_CTX_check_private_key(CYASSL_CTX* ctx) +{ + /* TODO: check private against public for RSA match */ + (void)ctx; + CYASSL_ENTER("SSL_CTX_check_private_key"); + return SSL_SUCCESS; +} + + +#ifdef HAVE_CRL + + +/* check CRL if enabled, SSL_SUCCESS */ +int CyaSSL_CertManagerCheckCRL(CYASSL_CERT_MANAGER* cm, byte* der, int sz) +{ + int ret; + DecodedCert cert; + + CYASSL_ENTER("CyaSSL_CertManagerCheckCRL"); + + if (cm == NULL) + return BAD_FUNC_ARG; + + if (cm->crlEnabled == 0) + return SSL_SUCCESS; + + InitDecodedCert(&cert, der, sz, NULL); + + ret = ParseCertRelative(&cert, CERT_TYPE, NO_VERIFY, cm); + if (ret != 0) { + CYASSL_MSG("ParseCert failed"); + return ret; + } + else { + ret = CheckCertCRL(cm->crl, &cert); + if (ret != 0) { + CYASSL_MSG("CheckCertCRL failed"); + } + } + + FreeDecodedCert(&cert); + + if (ret == 0) + return SSL_SUCCESS; /* convert */ + + return ret; +} + + +int CyaSSL_CertManagerSetCRL_Cb(CYASSL_CERT_MANAGER* cm, CbMissingCRL cb) +{ + CYASSL_ENTER("CyaSSL_CertManagerSetCRL_Cb"); + if (cm == NULL) + return BAD_FUNC_ARG; + + cm->cbMissingCRL = cb; + + return SSL_SUCCESS; +} + + +int CyaSSL_CertManagerLoadCRL(CYASSL_CERT_MANAGER* cm, const char* path, + int type, int monitor) +{ + CYASSL_ENTER("CyaSSL_CertManagerLoadCRL"); + if (cm == NULL) + return BAD_FUNC_ARG; + + if (cm->crl == NULL) { + if (CyaSSL_CertManagerEnableCRL(cm, 0) != SSL_SUCCESS) { + CYASSL_MSG("Enable CRL failed"); + return SSL_FATAL_ERROR; + } + } + + return LoadCRL(cm->crl, path, type, monitor); +} + + +int CyaSSL_EnableCRL(CYASSL* ssl, int options) +{ + CYASSL_ENTER("CyaSSL_EnableCRL"); + if (ssl) + return CyaSSL_CertManagerEnableCRL(ssl->ctx->cm, options); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_DisableCRL(CYASSL* ssl) +{ + CYASSL_ENTER("CyaSSL_DisableCRL"); + if (ssl) + return CyaSSL_CertManagerDisableCRL(ssl->ctx->cm); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_LoadCRL(CYASSL* ssl, const char* path, int type, int monitor) +{ + CYASSL_ENTER("CyaSSL_LoadCRL"); + if (ssl) + return CyaSSL_CertManagerLoadCRL(ssl->ctx->cm, path, type, monitor); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_SetCRL_Cb(CYASSL* ssl, CbMissingCRL cb) +{ + CYASSL_ENTER("CyaSSL_SetCRL_Cb"); + if (ssl) + return CyaSSL_CertManagerSetCRL_Cb(ssl->ctx->cm, cb); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_CTX_EnableCRL(CYASSL_CTX* ctx, int options) +{ + CYASSL_ENTER("CyaSSL_CTX_EnableCRL"); + if (ctx) + return CyaSSL_CertManagerEnableCRL(ctx->cm, options); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_CTX_DisableCRL(CYASSL_CTX* ctx) +{ + CYASSL_ENTER("CyaSSL_CTX_DisableCRL"); + if (ctx) + return CyaSSL_CertManagerDisableCRL(ctx->cm); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_CTX_LoadCRL(CYASSL_CTX* ctx, const char* path, int type, int monitor) +{ + CYASSL_ENTER("CyaSSL_CTX_LoadCRL"); + if (ctx) + return CyaSSL_CertManagerLoadCRL(ctx->cm, path, type, monitor); + else + return BAD_FUNC_ARG; +} + + +int CyaSSL_CTX_SetCRL_Cb(CYASSL_CTX* ctx, CbMissingCRL cb) +{ + CYASSL_ENTER("CyaSSL_CTX_SetCRL_Cb"); + if (ctx) + return CyaSSL_CertManagerSetCRL_Cb(ctx->cm, cb); + else + return BAD_FUNC_ARG; +} + + +#endif /* HAVE_CRL */ + + +#ifdef CYASSL_DER_LOAD + +/* Add format parameter to allow DER load of CA files */ +int CyaSSL_CTX_der_load_verify_locations(CYASSL_CTX* ctx, const char* file, + int format) +{ + CYASSL_ENTER("CyaSSL_CTX_der_load_verify_locations"); + if (ctx == NULL || file == NULL) + return SSL_FAILURE; + + if (ProcessFile(ctx, file, format, CA_TYPE, NULL, 0, NULL) == SSL_SUCCESS) + return SSL_SUCCESS; + + return SSL_FAILURE; +} + +#endif /* CYASSL_DER_LOAD */ + + +#ifdef CYASSL_CERT_GEN + +/* load pem cert from file into der buffer, return der size or error */ +int CyaSSL_PemCertToDer(const char* fileName, unsigned char* derBuf, int derSz) +{ + byte staticBuffer[FILE_BUFFER_SIZE]; + byte* fileBuf = staticBuffer; + int dynamic = 0; + int ret; + int ecc = 0; + long sz = 0; + XFILE file = XFOPEN(fileName, "rb"); + EncryptedInfo info; + buffer converted; + + CYASSL_ENTER("CyaSSL_PemCertToDer"); + converted.buffer = 0; + + if (file == XBADFILE) return SSL_BAD_FILE; + XFSEEK(file, 0, XSEEK_END); + sz = XFTELL(file); + XREWIND(file); + + if (sz > (long)sizeof(staticBuffer)) { + fileBuf = (byte*) XMALLOC(sz, 0, DYNAMIC_TYPE_FILE); + if (fileBuf == NULL) { + XFCLOSE(file); + return SSL_BAD_FILE; + } + dynamic = 1; + } + else if (sz < 0) { + XFCLOSE(file); + return SSL_BAD_FILE; + } + + if ( (ret = (int)XFREAD(fileBuf, sz, 1, file)) < 0) + ret = SSL_BAD_FILE; + else + ret = PemToDer(fileBuf, sz, CA_TYPE, &converted, 0, &info, &ecc); + + if (ret == 0) { + if (converted.length < (word32)derSz) { + XMEMCPY(derBuf, converted.buffer, converted.length); + ret = converted.length; + } + else + ret = BUFFER_E; + } + + XFREE(converted.buffer, 0, DYNAMIC_TYPE_CA); + if (dynamic) + XFREE(fileBuf, 0, DYNAMIC_TYPE_FILE); + XFCLOSE(file); + + return ret; +} + +#endif /* CYASSL_CERT_GEN */ + + +int CyaSSL_CTX_use_certificate_file(CYASSL_CTX* ctx, const char* file, + int format) +{ + CYASSL_ENTER("CyaSSL_CTX_use_certificate_file"); + if (ProcessFile(ctx, file, format, CERT_TYPE, NULL, 0, NULL) == SSL_SUCCESS) + return SSL_SUCCESS; + + return SSL_FAILURE; +} + + +int CyaSSL_CTX_use_PrivateKey_file(CYASSL_CTX* ctx, const char* file,int format) +{ + CYASSL_ENTER("CyaSSL_CTX_use_PrivateKey_file"); + if (ProcessFile(ctx, file, format, PRIVATEKEY_TYPE, NULL, 0, NULL) + == SSL_SUCCESS) + return SSL_SUCCESS; + + return SSL_FAILURE; +} + + +int CyaSSL_CTX_use_certificate_chain_file(CYASSL_CTX* ctx, const char* file) +{ + /* procces up to MAX_CHAIN_DEPTH plus subject cert */ + CYASSL_ENTER("CyaSSL_CTX_use_certificate_chain_file"); + if (ProcessFile(ctx, file, SSL_FILETYPE_PEM,CERT_TYPE,NULL,1, NULL) + == SSL_SUCCESS) + return SSL_SUCCESS; + + return SSL_FAILURE; +} + + +#ifndef NO_DH + +/* server wrapper for ctx or ssl Diffie-Hellman parameters */ +static int CyaSSL_SetTmpDH_buffer_wrapper(CYASSL_CTX* ctx, CYASSL* ssl, + const unsigned char* buf, long sz, int format) +{ + buffer der; + int ret; + int weOwnDer = 0; + byte p[MAX_DH_SIZE]; + byte g[MAX_DH_SIZE]; + word32 pSz = sizeof(p); + word32 gSz = sizeof(g); + + der.buffer = (byte*)buf; + der.length = (word32)sz; + + if (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM) + return SSL_BAD_FILETYPE; + + if (format == SSL_FILETYPE_PEM) { + der.buffer = NULL; + ret = PemToDer(buf, sz, DH_PARAM_TYPE, &der, ctx->heap, NULL,NULL); + if (ret < 0) { + XFREE(der.buffer, ctx->heap, DYNAMIC_TYPE_KEY); + return ret; + } + weOwnDer = 1; + } + + if (DhParamsLoad(der.buffer, der.length, p, &pSz, g, &gSz) < 0) + ret = SSL_BAD_FILETYPE; + else { + if (ssl) + ret = CyaSSL_SetTmpDH(ssl, p, pSz, g, gSz); + else + ret = CyaSSL_CTX_SetTmpDH(ctx, p, pSz, g, gSz); + } + + if (weOwnDer) + XFREE(der.buffer, ctx->heap, DYNAMIC_TYPE_KEY); + + return ret; +} + + +/* server Diffie-Hellman parameters, SSL_SUCCESS on ok */ +int CyaSSL_SetTmpDH_buffer(CYASSL* ssl, const unsigned char* buf, long sz, + int format) +{ + return CyaSSL_SetTmpDH_buffer_wrapper(ssl->ctx, ssl, buf, sz, format); +} + + +/* server ctx Diffie-Hellman parameters, SSL_SUCCESS on ok */ +int CyaSSL_CTX_SetTmpDH_buffer(CYASSL_CTX* ctx, const unsigned char* buf, + long sz, int format) +{ + return CyaSSL_SetTmpDH_buffer_wrapper(ctx, NULL, buf, sz, format); +} + + +/* server Diffie-Hellman parameters */ +static int CyaSSL_SetTmpDH_file_wrapper(CYASSL_CTX* ctx, CYASSL* ssl, + const char* fname, int format) +{ + byte staticBuffer[FILE_BUFFER_SIZE]; + byte* myBuffer = staticBuffer; + int dynamic = 0; + int ret; + long sz = 0; + XFILE file = XFOPEN(fname, "rb"); + + if (file == XBADFILE) return SSL_BAD_FILE; + XFSEEK(file, 0, XSEEK_END); + sz = XFTELL(file); + XREWIND(file); + + if (sz > (long)sizeof(staticBuffer)) { + CYASSL_MSG("Getting dynamic buffer"); + myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE); + if (myBuffer == NULL) { + XFCLOSE(file); + return SSL_BAD_FILE; + } + dynamic = 1; + } + else if (sz < 0) { + XFCLOSE(file); + return SSL_BAD_FILE; + } + + if ( (ret = (int)XFREAD(myBuffer, sz, 1, file)) < 0) + ret = SSL_BAD_FILE; + else { + if (ssl) + ret = CyaSSL_SetTmpDH_buffer(ssl, myBuffer, sz, format); + else + ret = CyaSSL_CTX_SetTmpDH_buffer(ctx, myBuffer, sz, format); + } + + XFCLOSE(file); + if (dynamic) XFREE(myBuffer, ctx->heap, DYNAMIC_TYPE_FILE); + + return ret; +} + +/* server Diffie-Hellman parameters */ +int CyaSSL_SetTmpDH_file(CYASSL* ssl, const char* fname, int format) +{ + return CyaSSL_SetTmpDH_file_wrapper(ssl->ctx, ssl, fname, format); +} + + +/* server Diffie-Hellman parameters */ +int CyaSSL_CTX_SetTmpDH_file(CYASSL_CTX* ctx, const char* fname, int format) +{ + return CyaSSL_SetTmpDH_file_wrapper(ctx, NULL, fname, format); +} + + + /* server ctx Diffie-Hellman parameters, SSL_SUCCESS on ok */ + int CyaSSL_CTX_SetTmpDH(CYASSL_CTX* ctx, const unsigned char* p, int pSz, + const unsigned char* g, int gSz) + { + CYASSL_ENTER("CyaSSL_CTX_SetTmpDH"); + if (ctx == NULL || p == NULL || g == NULL) return BAD_FUNC_ARG; + + XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH); + XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH); + + ctx->serverDH_P.buffer = (byte*)XMALLOC(pSz, ctx->heap,DYNAMIC_TYPE_DH); + if (ctx->serverDH_P.buffer == NULL) + return MEMORY_E; + + ctx->serverDH_G.buffer = (byte*)XMALLOC(gSz, ctx->heap,DYNAMIC_TYPE_DH); + if (ctx->serverDH_G.buffer == NULL) { + XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH); + return MEMORY_E; + } + + ctx->serverDH_P.length = pSz; + ctx->serverDH_G.length = gSz; + + XMEMCPY(ctx->serverDH_P.buffer, p, pSz); + XMEMCPY(ctx->serverDH_G.buffer, g, gSz); + + ctx->haveDH = 1; + + CYASSL_LEAVE("CyaSSL_CTX_SetTmpDH", 0); + return SSL_SUCCESS; + } +#endif /* NO_DH */ + + +#ifdef OPENSSL_EXTRA +/* put SSL type in extra for now, not very common */ + +int CyaSSL_use_certificate_file(CYASSL* ssl, const char* file, int format) +{ + CYASSL_ENTER("CyaSSL_use_certificate_file"); + if (ProcessFile(ssl->ctx, file, format, CERT_TYPE, ssl, 0, NULL) + == SSL_SUCCESS) + return SSL_SUCCESS; + + return SSL_FAILURE; +} + + +int CyaSSL_use_PrivateKey_file(CYASSL* ssl, const char* file, int format) +{ + CYASSL_ENTER("CyaSSL_use_PrivateKey_file"); + if (ProcessFile(ssl->ctx, file, format, PRIVATEKEY_TYPE, ssl, 0, NULL) + == SSL_SUCCESS) + return SSL_SUCCESS; + + return SSL_FAILURE; +} + + +int CyaSSL_use_certificate_chain_file(CYASSL* ssl, const char* file) +{ + /* procces up to MAX_CHAIN_DEPTH plus subject cert */ + CYASSL_ENTER("CyaSSL_use_certificate_chain_file"); + if (ProcessFile(ssl->ctx, file, SSL_FILETYPE_PEM, CERT_TYPE, ssl, 1, NULL) + == SSL_SUCCESS) + return SSL_SUCCESS; + + return SSL_FAILURE; +} + + + +#ifdef HAVE_ECC + +/* Set Temp CTX EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit */ +int CyaSSL_CTX_SetTmpEC_DHE_Sz(CYASSL_CTX* ctx, word16 sz) +{ + if (ctx == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE) + return BAD_FUNC_ARG; + + ctx->eccTempKeySz = sz; + + return SSL_SUCCESS; +} + + +/* Set Temp SSL EC-DHE size in octets, should be 20 - 66 for 160 - 521 bit */ +int CyaSSL_SetTmpEC_DHE_Sz(CYASSL* ssl, word16 sz) +{ + if (ssl == NULL || sz < ECC_MINSIZE || sz > ECC_MAXSIZE) + return BAD_FUNC_ARG; + + ssl->eccTempKeySz = sz; + + return SSL_SUCCESS; +} + +#endif /* HAVE_ECC */ + + + + +int CyaSSL_CTX_use_RSAPrivateKey_file(CYASSL_CTX* ctx,const char* file, + int format) +{ + CYASSL_ENTER("SSL_CTX_use_RSAPrivateKey_file"); + + return CyaSSL_CTX_use_PrivateKey_file(ctx, file, format); +} + + +int CyaSSL_use_RSAPrivateKey_file(CYASSL* ssl, const char* file, int format) +{ + CYASSL_ENTER("CyaSSL_use_RSAPrivateKey_file"); + + return CyaSSL_use_PrivateKey_file(ssl, file, format); +} + +#endif /* OPENSSL_EXTRA */ + +#ifdef HAVE_NTRU + +int CyaSSL_CTX_use_NTRUPrivateKey_file(CYASSL_CTX* ctx, const char* file) +{ + CYASSL_ENTER("CyaSSL_CTX_use_NTRUPrivateKey_file"); + if (ctx == NULL) + return SSL_FAILURE; + + if (ProcessFile(ctx, file, SSL_FILETYPE_RAW, PRIVATEKEY_TYPE, NULL, 0, NULL) + == SSL_SUCCESS) { + ctx->haveNTRU = 1; + return SSL_SUCCESS; + } + + return SSL_FAILURE; +} + +#endif /* HAVE_NTRU */ + + +#endif /* NO_FILESYSTEM */ + + +void CyaSSL_CTX_set_verify(CYASSL_CTX* ctx, int mode, VerifyCallback vc) +{ + CYASSL_ENTER("CyaSSL_CTX_set_verify"); + if (mode & SSL_VERIFY_PEER) { + ctx->verifyPeer = 1; + ctx->verifyNone = 0; /* in case perviously set */ + } + + if (mode == SSL_VERIFY_NONE) { + ctx->verifyNone = 1; + ctx->verifyPeer = 0; /* in case previously set */ + } + + if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) + ctx->failNoCert = 1; + + ctx->verifyCallback = vc; +} + + +void CyaSSL_set_verify(CYASSL* ssl, int mode, VerifyCallback vc) +{ + CYASSL_ENTER("CyaSSL_set_verify"); + if (mode & SSL_VERIFY_PEER) { + ssl->options.verifyPeer = 1; + ssl->options.verifyNone = 0; /* in case perviously set */ + } + + if (mode == SSL_VERIFY_NONE) { + ssl->options.verifyNone = 1; + ssl->options.verifyPeer = 0; /* in case previously set */ + } + + if (mode & SSL_VERIFY_FAIL_IF_NO_PEER_CERT) + ssl->options.failNoCert = 1; + + ssl->verifyCallback = vc; +} + + +/* store user ctx for verify callback */ +void CyaSSL_SetCertCbCtx(CYASSL* ssl, void* ctx) +{ + CYASSL_ENTER("CyaSSL_SetCertCbCtx"); + if (ssl) + ssl->verifyCbCtx = ctx; +} + + +/* store context CA Cache addition callback */ +void CyaSSL_CTX_SetCACb(CYASSL_CTX* ctx, CallbackCACache cb) +{ + if (ctx && ctx->cm) + ctx->cm->caCacheCallback = cb; +} + + +#if defined(PERSIST_CERT_CACHE) + +#if !defined(NO_FILESYSTEM) + +/* Persist cert cache to file */ +int CyaSSL_CTX_save_cert_cache(CYASSL_CTX* ctx, const char* fname) +{ + CYASSL_ENTER("CyaSSL_CTX_save_cert_cache"); + + if (ctx == NULL || fname == NULL) + return BAD_FUNC_ARG; + + return CM_SaveCertCache(ctx->cm, fname); +} + + +/* Persist cert cache from file */ +int CyaSSL_CTX_restore_cert_cache(CYASSL_CTX* ctx, const char* fname) +{ + CYASSL_ENTER("CyaSSL_CTX_restore_cert_cache"); + + if (ctx == NULL || fname == NULL) + return BAD_FUNC_ARG; + + return CM_RestoreCertCache(ctx->cm, fname); +} + +#endif /* NO_FILESYSTEM */ + +/* Persist cert cache to memory */ +int CyaSSL_CTX_memsave_cert_cache(CYASSL_CTX* ctx, void* mem, int sz, int* used) +{ + CYASSL_ENTER("CyaSSL_CTX_memsave_cert_cache"); + + if (ctx == NULL || mem == NULL || used == NULL || sz <= 0) + return BAD_FUNC_ARG; + + return CM_MemSaveCertCache(ctx->cm, mem, sz, used); +} + + +/* Restore cert cache from memory */ +int CyaSSL_CTX_memrestore_cert_cache(CYASSL_CTX* ctx, const void* mem, int sz) +{ + CYASSL_ENTER("CyaSSL_CTX_memrestore_cert_cache"); + + if (ctx == NULL || mem == NULL || sz <= 0) + return BAD_FUNC_ARG; + + return CM_MemRestoreCertCache(ctx->cm, mem, sz); +} + + +/* get how big the the cert cache save buffer needs to be */ +int CyaSSL_CTX_get_cert_cache_memsize(CYASSL_CTX* ctx) +{ + CYASSL_ENTER("CyaSSL_CTX_get_cert_cache_memsize"); + + if (ctx == NULL) + return BAD_FUNC_ARG; + + return CM_GetCertCacheMemSize(ctx->cm); +} + +#endif /* PERSISTE_CERT_CACHE */ +#endif /* !NO_CERTS */ + + +#ifndef NO_SESSION_CACHE + +CYASSL_SESSION* CyaSSL_get_session(CYASSL* ssl) +{ + CYASSL_ENTER("SSL_get_session"); + if (ssl) + return GetSession(ssl, 0); + + return NULL; +} + + +int CyaSSL_set_session(CYASSL* ssl, CYASSL_SESSION* session) +{ + CYASSL_ENTER("SSL_set_session"); + if (session) + return SetSession(ssl, session); + + return SSL_FAILURE; +} + + +#ifndef NO_CLIENT_CACHE + +/* Associate client session with serverID, find existing or store for saving + if newSession flag on, don't reuse existing session + SSL_SUCCESS on ok */ +int CyaSSL_SetServerID(CYASSL* ssl, const byte* id, int len, int newSession) +{ + CYASSL_SESSION* session = NULL; + + CYASSL_ENTER("CyaSSL_SetServerID"); + + if (ssl == NULL || id == NULL || len <= 0) + return BAD_FUNC_ARG; + + if (newSession == 0) { + session = GetSessionClient(ssl, id, len); + if (session) { + if (SetSession(ssl, session) != SSL_SUCCESS) { + CYASSL_MSG("SetSession failed"); + session = NULL; + } + } + } + + if (session == NULL) { + CYASSL_MSG("Valid ServerID not cached already"); + + ssl->session.idLen = (word16)min(SERVER_ID_LEN, (word32)len); + XMEMCPY(ssl->session.serverID, id, ssl->session.idLen); + } + + return SSL_SUCCESS; +} + +#endif /* NO_CLIENT_CACHE */ + +#if defined(PERSIST_SESSION_CACHE) + +/* for persistance, if changes to layout need to increment and modify + save_session_cache() and restore_session_cache and memory versions too */ +#define CYASSL_CACHE_VERSION 2 + +/* Session Cache Header information */ +typedef struct { + int version; /* cache layout version id */ + int rows; /* session rows */ + int columns; /* session columns */ + int sessionSz; /* sizeof CYASSL_SESSION */ +} cache_header_t; + +/* current persistence layout is: + + 1) cache_header_t + 2) SessionCache + 3) ClientCache + + update CYASSL_CACHE_VERSION if change layout for the following + PERSISTENT_SESSION_CACHE functions +*/ + + +/* get how big the the session cache save buffer needs to be */ +int CyaSSL_get_session_cache_memsize(void) +{ + int sz = (int)(sizeof(SessionCache) + sizeof(cache_header_t)); + + #ifndef NO_CLIENT_CACHE + sz += (int)(sizeof(ClientCache)); + #endif + + return sz; +} + + +/* Persist session cache to memory */ +int CyaSSL_memsave_session_cache(void* mem, int sz) +{ + int i; + cache_header_t cache_header; + SessionRow* row = (SessionRow*)((byte*)mem + sizeof(cache_header)); +#ifndef NO_CLIENT_CACHE + ClientRow* clRow; +#endif + + CYASSL_ENTER("CyaSSL_memsave_session_cache"); + + if (sz < CyaSSL_get_session_cache_memsize()) { + CYASSL_MSG("Memory buffer too small"); + return BUFFER_E; + } + + cache_header.version = CYASSL_CACHE_VERSION; + cache_header.rows = SESSION_ROWS; + cache_header.columns = SESSIONS_PER_ROW; + cache_header.sessionSz = (int)sizeof(CYASSL_SESSION); + XMEMCPY(mem, &cache_header, sizeof(cache_header)); + + if (LockMutex(&session_mutex) != 0) { + CYASSL_MSG("Session cache mutex lock failed"); + return BAD_MUTEX_E; + } + + for (i = 0; i < cache_header.rows; ++i) + XMEMCPY(row++, SessionCache + i, sizeof(SessionRow)); + +#ifndef NO_CLIENT_CACHE + clRow = (ClientRow*)row; + for (i = 0; i < cache_header.rows; ++i) + XMEMCPY(clRow++, ClientCache + i, sizeof(ClientRow)); +#endif + + UnLockMutex(&session_mutex); + + CYASSL_LEAVE("CyaSSL_memsave_session_cache", SSL_SUCCESS); + + return SSL_SUCCESS; +} + + +/* Restore the persistant session cache from memory */ +int CyaSSL_memrestore_session_cache(const void* mem, int sz) +{ + int i; + cache_header_t cache_header; + SessionRow* row = (SessionRow*)((byte*)mem + sizeof(cache_header)); +#ifndef NO_CLIENT_CACHE + ClientRow* clRow; +#endif + + CYASSL_ENTER("CyaSSL_memrestore_session_cache"); + + if (sz < CyaSSL_get_session_cache_memsize()) { + CYASSL_MSG("Memory buffer too small"); + return BUFFER_E; + } + + XMEMCPY(&cache_header, mem, sizeof(cache_header)); + if (cache_header.version != CYASSL_CACHE_VERSION || + cache_header.rows != SESSION_ROWS || + cache_header.columns != SESSIONS_PER_ROW || + cache_header.sessionSz != (int)sizeof(CYASSL_SESSION)) { + + CYASSL_MSG("Session cache header match failed"); + return CACHE_MATCH_ERROR; + } + + if (LockMutex(&session_mutex) != 0) { + CYASSL_MSG("Session cache mutex lock failed"); + return BAD_MUTEX_E; + } + + for (i = 0; i < cache_header.rows; ++i) + XMEMCPY(SessionCache + i, row++, sizeof(SessionRow)); + +#ifndef NO_CLIENT_CACHE + clRow = (ClientRow*)row; + for (i = 0; i < cache_header.rows; ++i) + XMEMCPY(ClientCache + i, clRow++, sizeof(ClientRow)); +#endif + + UnLockMutex(&session_mutex); + + CYASSL_LEAVE("CyaSSL_memrestore_session_cache", SSL_SUCCESS); + + return SSL_SUCCESS; +} + +#if !defined(NO_FILESYSTEM) + +/* Persist session cache to file */ +/* doesn't use memsave because of additional memory use */ +int CyaSSL_save_session_cache(const char *fname) +{ + XFILE file; + int ret; + int rc = SSL_SUCCESS; + int i; + cache_header_t cache_header; + + CYASSL_ENTER("CyaSSL_save_session_cache"); + + file = XFOPEN(fname, "w+b"); + if (file == XBADFILE) { + CYASSL_MSG("Couldn't open session cache save file"); + return SSL_BAD_FILE; + } + cache_header.version = CYASSL_CACHE_VERSION; + cache_header.rows = SESSION_ROWS; + cache_header.columns = SESSIONS_PER_ROW; + cache_header.sessionSz = (int)sizeof(CYASSL_SESSION); + + /* cache header */ + ret = (int)XFWRITE(&cache_header, sizeof cache_header, 1, file); + if (ret != 1) { + CYASSL_MSG("Session cache header file write failed"); + XFCLOSE(file); + return FWRITE_ERROR; + } + + if (LockMutex(&session_mutex) != 0) { + CYASSL_MSG("Session cache mutex lock failed"); + XFCLOSE(file); + return BAD_MUTEX_E; + } + + /* session cache */ + for (i = 0; i < cache_header.rows; ++i) { + ret = (int)XFWRITE(SessionCache + i, sizeof(SessionRow), 1, file); + if (ret != 1) { + CYASSL_MSG("Session cache member file write failed"); + rc = FWRITE_ERROR; + break; + } + } + +#ifndef NO_CLIENT_CACHE + /* client cache */ + for (i = 0; i < cache_header.rows; ++i) { + ret = (int)XFWRITE(ClientCache + i, sizeof(ClientRow), 1, file); + if (ret != 1) { + CYASSL_MSG("Client cache member file write failed"); + rc = FWRITE_ERROR; + break; + } + } +#endif /* NO_CLIENT_CACHE */ + + UnLockMutex(&session_mutex); + + XFCLOSE(file); + CYASSL_LEAVE("CyaSSL_save_session_cache", rc); + + return rc; +} + + +/* Restore the persistant session cache from file */ +/* doesn't use memstore because of additional memory use */ +int CyaSSL_restore_session_cache(const char *fname) +{ + XFILE file; + int rc = SSL_SUCCESS; + int ret; + int i; + cache_header_t cache_header; + + CYASSL_ENTER("CyaSSL_restore_session_cache"); + + file = XFOPEN(fname, "rb"); + if (file == XBADFILE) { + CYASSL_MSG("Couldn't open session cache save file"); + return SSL_BAD_FILE; + } + /* cache header */ + ret = (int)XFREAD(&cache_header, sizeof cache_header, 1, file); + if (ret != 1) { + CYASSL_MSG("Session cache header file read failed"); + XFCLOSE(file); + return FREAD_ERROR; + } + if (cache_header.version != CYASSL_CACHE_VERSION || + cache_header.rows != SESSION_ROWS || + cache_header.columns != SESSIONS_PER_ROW || + cache_header.sessionSz != (int)sizeof(CYASSL_SESSION)) { + + CYASSL_MSG("Session cache header match failed"); + XFCLOSE(file); + return CACHE_MATCH_ERROR; + } + + if (LockMutex(&session_mutex) != 0) { + CYASSL_MSG("Session cache mutex lock failed"); + XFCLOSE(file); + return BAD_MUTEX_E; + } + + /* session cache */ + for (i = 0; i < cache_header.rows; ++i) { + ret = (int)XFREAD(SessionCache + i, sizeof(SessionRow), 1, file); + if (ret != 1) { + CYASSL_MSG("Session cache member file read failed"); + XMEMSET(SessionCache, 0, sizeof SessionCache); + rc = FREAD_ERROR; + break; + } + } + +#ifndef NO_CLIENT_CACHE + /* client cache */ + for (i = 0; i < cache_header.rows; ++i) { + ret = (int)XFREAD(ClientCache + i, sizeof(ClientRow), 1, file); + if (ret != 1) { + CYASSL_MSG("Client cache member file read failed"); + XMEMSET(ClientCache, 0, sizeof ClientCache); + rc = FREAD_ERROR; + break; + } + } + +#endif /* NO_CLIENT_CACHE */ + + UnLockMutex(&session_mutex); + + XFCLOSE(file); + CYASSL_LEAVE("CyaSSL_restore_session_cache", rc); + + return rc; +} + +#endif /* !NO_FILESYSTEM */ +#endif /* PERSIST_SESSION_CACHE */ +#endif /* NO_SESSION_CACHE */ + + +void CyaSSL_load_error_strings(void) /* compatibility only */ +{} + + +int CyaSSL_library_init(void) +{ + CYASSL_ENTER("SSL_library_init"); + if (CyaSSL_Init() == SSL_SUCCESS) + return SSL_SUCCESS; + else + return SSL_FATAL_ERROR; +} + + +#ifndef NO_SESSION_CACHE + +/* on by default if built in but allow user to turn off */ +long CyaSSL_CTX_set_session_cache_mode(CYASSL_CTX* ctx, long mode) +{ + CYASSL_ENTER("SSL_CTX_set_session_cache_mode"); + if (mode == SSL_SESS_CACHE_OFF) + ctx->sessionCacheOff = 1; + + if (mode == SSL_SESS_CACHE_NO_AUTO_CLEAR) + ctx->sessionCacheFlushOff = 1; + + return SSL_SUCCESS; +} + +#endif /* NO_SESSION_CACHE */ + + +#if !defined(NO_CERTS) +#if defined(PERSIST_CERT_CACHE) + + +#define CYASSL_CACHE_CERT_VERSION 1 + +typedef struct { + int version; /* cache cert layout version id */ + int rows; /* hash table rows, CA_TABLE_SIZE */ + int columns[CA_TABLE_SIZE]; /* columns per row on list */ + int signerSz; /* sizeof Signer object */ +} CertCacheHeader; + +/* current cert persistance layout is: + + 1) CertCacheHeader + 2) caTable + + update CYASSL_CERT_CACHE_VERSION if change layout for the following + PERSIST_CERT_CACHE functions +*/ + + +/* Return memory needed to persist this signer, have lock */ +static INLINE int GetSignerMemory(Signer* signer) +{ + int sz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) + + sizeof(signer->nameLen) + sizeof(signer->subjectNameHash); + +#if !defined(NO_SKID) + sz += (int)sizeof(signer->subjectKeyIdHash); +#endif + + /* add dynamic bytes needed */ + sz += signer->pubKeySize; + sz += signer->nameLen; + + return sz; +} + + +/* Return memory needed to persist this row, have lock */ +static INLINE int GetCertCacheRowMemory(Signer* row) +{ + int sz = 0; + + while (row) { + sz += GetSignerMemory(row); + row = row->next; + } + + return sz; +} + + +/* get the size of persist cert cache, have lock */ +static INLINE int GetCertCacheMemSize(CYASSL_CERT_MANAGER* cm) +{ + int sz; + int i; + + sz = sizeof(CertCacheHeader); + + for (i = 0; i < CA_TABLE_SIZE; i++) + sz += GetCertCacheRowMemory(cm->caTable[i]); + + return sz; +} + + +/* Store cert cache header columns with number of items per list, have lock */ +static INLINE void SetCertHeaderColumns(CYASSL_CERT_MANAGER* cm, int* columns) +{ + int i; + Signer* row; + + for (i = 0; i < CA_TABLE_SIZE; i++) { + int count = 0; + row = cm->caTable[i]; + + while (row) { + ++count; + row = row->next; + } + columns[i] = count; + } +} + + +/* Restore whole cert row from memory, have lock, return bytes consumed, + < 0 on error, have lock */ +static INLINE int RestoreCertRow(CYASSL_CERT_MANAGER* cm, byte* current, + int row, int listSz, const byte* end) +{ + int idx = 0; + + if (listSz < 0) { + CYASSL_MSG("Row header corrupted, negative value"); + return PARSE_ERROR; + } + + while (listSz) { + Signer* signer; + byte* start = current + idx; /* for end checks on this signer */ + int minSz = sizeof(signer->pubKeySize) + sizeof(signer->keyOID) + + sizeof(signer->nameLen) + sizeof(signer->subjectNameHash); + #ifndef NO_SKID + minSz += (int)sizeof(signer->subjectKeyIdHash); + #endif + + if (start + minSz > end) { + CYASSL_MSG("Would overread restore buffer"); + return BUFFER_E; + } + signer = MakeSigner(cm->heap); + if (signer == NULL) + return MEMORY_E; + + /* pubKeySize */ + XMEMCPY(&signer->pubKeySize, current + idx, sizeof(signer->pubKeySize)); + idx += (int)sizeof(signer->pubKeySize); + + /* keyOID */ + XMEMCPY(&signer->keyOID, current + idx, sizeof(signer->keyOID)); + idx += (int)sizeof(signer->keyOID); + + /* pulicKey */ + if (start + minSz + signer->pubKeySize > end) { + CYASSL_MSG("Would overread restore buffer"); + FreeSigner(signer, cm->heap); + return BUFFER_E; + } + signer->publicKey = (byte*)XMALLOC(signer->pubKeySize, cm->heap, + DYNAMIC_TYPE_KEY); + if (signer->publicKey == NULL) { + FreeSigner(signer, cm->heap); + return MEMORY_E; + } + + XMEMCPY(signer->publicKey, current + idx, signer->pubKeySize); + idx += signer->pubKeySize; + + /* nameLen */ + XMEMCPY(&signer->nameLen, current + idx, sizeof(signer->nameLen)); + idx += (int)sizeof(signer->nameLen); + + /* name */ + if (start + minSz + signer->pubKeySize + signer->nameLen > end) { + CYASSL_MSG("Would overread restore buffer"); + FreeSigner(signer, cm->heap); + return BUFFER_E; + } + signer->name = (char*)XMALLOC(signer->nameLen, cm->heap, + DYNAMIC_TYPE_SUBJECT_CN); + if (signer->name == NULL) { + FreeSigner(signer, cm->heap); + return MEMORY_E; + } + + XMEMCPY(signer->name, current + idx, signer->nameLen); + idx += signer->nameLen; + + /* subjectNameHash */ + XMEMCPY(signer->subjectNameHash, current + idx, SIGNER_DIGEST_SIZE); + idx += SIGNER_DIGEST_SIZE; + + #ifndef NO_SKID + /* subjectKeyIdHash */ + XMEMCPY(signer->subjectKeyIdHash, current + idx,SIGNER_DIGEST_SIZE); + idx += SIGNER_DIGEST_SIZE; + #endif + + signer->next = cm->caTable[row]; + cm->caTable[row] = signer; + + --listSz; + } + + return idx; +} + + +/* Store whole cert row into memory, have lock, return bytes added */ +static INLINE int StoreCertRow(CYASSL_CERT_MANAGER* cm, byte* current, int row) +{ + int added = 0; + Signer* list = cm->caTable[row]; + + while (list) { + XMEMCPY(current + added, &list->pubKeySize, sizeof(list->pubKeySize)); + added += (int)sizeof(list->pubKeySize); + + XMEMCPY(current + added, &list->keyOID, sizeof(list->keyOID)); + added += (int)sizeof(list->keyOID); + + XMEMCPY(current + added, list->publicKey, list->pubKeySize); + added += list->pubKeySize; + + XMEMCPY(current + added, &list->nameLen, sizeof(list->nameLen)); + added += (int)sizeof(list->nameLen); + + XMEMCPY(current + added, list->name, list->nameLen); + added += list->nameLen; + + XMEMCPY(current + added, list->subjectNameHash, SIGNER_DIGEST_SIZE); + added += SIGNER_DIGEST_SIZE; + + #ifndef NO_SKID + XMEMCPY(current + added, list->subjectKeyIdHash,SIGNER_DIGEST_SIZE); + added += SIGNER_DIGEST_SIZE; + #endif + + list = list->next; + } + + return added; +} + + +/* Persist cert cache to memory, have lock */ +static INLINE int DoMemSaveCertCache(CYASSL_CERT_MANAGER* cm, void* mem, int sz) +{ + int realSz; + int ret = SSL_SUCCESS; + int i; + + CYASSL_ENTER("DoMemSaveCertCache"); + + realSz = GetCertCacheMemSize(cm); + if (realSz > sz) { + CYASSL_MSG("Mem output buffer too small"); + ret = BUFFER_E; + } + else { + byte* current; + CertCacheHeader hdr; + + hdr.version = CYASSL_CACHE_CERT_VERSION; + hdr.rows = CA_TABLE_SIZE; + SetCertHeaderColumns(cm, hdr.columns); + hdr.signerSz = (int)sizeof(Signer); + + XMEMCPY(mem, &hdr, sizeof(CertCacheHeader)); + current = (byte*)mem + sizeof(CertCacheHeader); + + for (i = 0; i < CA_TABLE_SIZE; ++i) + current += StoreCertRow(cm, current, i); + } + + return ret; +} + + +#if !defined(NO_FILESYSTEM) + +/* Persist cert cache to file */ +int CM_SaveCertCache(CYASSL_CERT_MANAGER* cm, const char* fname) +{ + XFILE file; + int rc = SSL_SUCCESS; + int memSz; + byte* mem; + + CYASSL_ENTER("CM_SaveCertCache"); + + file = XFOPEN(fname, "w+b"); + if (file == XBADFILE) { + CYASSL_MSG("Couldn't open cert cache save file"); + return SSL_BAD_FILE; + } + + if (LockMutex(&cm->caLock) != 0) { + CYASSL_MSG("LockMutex on caLock failed"); + XFCLOSE(file); + return BAD_MUTEX_E; + } + + memSz = GetCertCacheMemSize(cm); + mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); + if (mem == NULL) { + CYASSL_MSG("Alloc for tmp buffer failed"); + rc = MEMORY_E; + } else { + rc = DoMemSaveCertCache(cm, mem, memSz); + if (rc == SSL_SUCCESS) { + int ret = (int)XFWRITE(mem, memSz, 1, file); + if (ret != 1) { + CYASSL_MSG("Cert cache file write failed"); + rc = FWRITE_ERROR; + } + } + XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); + } + + UnLockMutex(&cm->caLock); + XFCLOSE(file); + + return rc; +} + + +/* Restore cert cache from file */ +int CM_RestoreCertCache(CYASSL_CERT_MANAGER* cm, const char* fname) +{ + XFILE file; + int rc = SSL_SUCCESS; + int ret; + int memSz; + byte* mem; + + CYASSL_ENTER("CM_RestoreCertCache"); + + file = XFOPEN(fname, "rb"); + if (file == XBADFILE) { + CYASSL_MSG("Couldn't open cert cache save file"); + return SSL_BAD_FILE; + } + + XFSEEK(file, 0, XSEEK_END); + memSz = (int)XFTELL(file); + XREWIND(file); + + if (memSz <= 0) { + CYASSL_MSG("Bad file size"); + XFCLOSE(file); + return SSL_BAD_FILE; + } + + mem = (byte*)XMALLOC(memSz, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); + if (mem == NULL) { + CYASSL_MSG("Alloc for tmp buffer failed"); + XFCLOSE(file); + return MEMORY_E; + } + + ret = (int)XFREAD(mem, memSz, 1, file); + if (ret != 1) { + CYASSL_MSG("Cert file read error"); + rc = FREAD_ERROR; + } else { + rc = CM_MemRestoreCertCache(cm, mem, memSz); + if (rc != SSL_SUCCESS) { + CYASSL_MSG("Mem restore cert cache failed"); + } + } + + XFREE(mem, cm->heap, DYNAMIC_TYPE_TMP_BUFFER); + XFCLOSE(file); + + return rc; +} + +#endif /* NO_FILESYSTEM */ + + +/* Persist cert cache to memory */ +int CM_MemSaveCertCache(CYASSL_CERT_MANAGER* cm, void* mem, int sz, int* used) +{ + int ret = SSL_SUCCESS; + + CYASSL_ENTER("CM_MemSaveCertCache"); + + if (LockMutex(&cm->caLock) != 0) { + CYASSL_MSG("LockMutex on caLock failed"); + return BAD_MUTEX_E; + } + + ret = DoMemSaveCertCache(cm, mem, sz); + if (ret == SSL_SUCCESS) + *used = GetCertCacheMemSize(cm); + + UnLockMutex(&cm->caLock); + + return ret; +} + + +/* Restore cert cache from memory */ +int CM_MemRestoreCertCache(CYASSL_CERT_MANAGER* cm, const void* mem, int sz) +{ + int ret = SSL_SUCCESS; + int i; + CertCacheHeader* hdr = (CertCacheHeader*)mem; + byte* current = (byte*)mem + sizeof(CertCacheHeader); + byte* end = (byte*)mem + sz; /* don't go over */ + + CYASSL_ENTER("CM_MemRestoreCertCache"); + + if (current > end) { + CYASSL_MSG("Cert Cache Memory buffer too small"); + return BUFFER_E; + } + + if (hdr->version != CYASSL_CACHE_CERT_VERSION || + hdr->rows != CA_TABLE_SIZE || + hdr->signerSz != (int)sizeof(Signer)) { + + CYASSL_MSG("Cert Cache Memory header mismatch"); + return CACHE_MATCH_ERROR; + } + + if (LockMutex(&cm->caLock) != 0) { + CYASSL_MSG("LockMutex on caLock failed"); + return BAD_MUTEX_E; + } + + FreeSignerTable(cm->caTable, CA_TABLE_SIZE, cm->heap); + + for (i = 0; i < CA_TABLE_SIZE; ++i) { + int added = RestoreCertRow(cm, current, i, hdr->columns[i], end); + if (added < 0) { + CYASSL_MSG("RestoreCertRow error"); + ret = added; + break; + } + current += added; + } + + UnLockMutex(&cm->caLock); + + return ret; +} + + +/* get how big the the cert cache save buffer needs to be */ +int CM_GetCertCacheMemSize(CYASSL_CERT_MANAGER* cm) +{ + int sz; + + CYASSL_ENTER("CM_GetCertCacheMemSize"); + + if (LockMutex(&cm->caLock) != 0) { + CYASSL_MSG("LockMutex on caLock failed"); + return BAD_MUTEX_E; + } + + sz = GetCertCacheMemSize(cm); + + UnLockMutex(&cm->caLock); + + return sz; +} + +#endif /* PERSIST_CERT_CACHE */ +#endif /* NO_CERTS */ + + +int CyaSSL_CTX_set_cipher_list(CYASSL_CTX* ctx, const char* list) +{ + CYASSL_ENTER("CyaSSL_CTX_set_cipher_list"); + if (SetCipherList(&ctx->suites, list)) + return SSL_SUCCESS; + else + return SSL_FAILURE; +} + + +int CyaSSL_set_cipher_list(CYASSL* ssl, const char* list) +{ + CYASSL_ENTER("CyaSSL_set_cipher_list"); + if (SetCipherList(ssl->suites, list)) { + byte haveRSA = 1; + byte havePSK = 0; + + #ifdef NO_RSA + haveRSA = 0; + #endif + #ifndef NO_PSK + havePSK = ssl->options.havePSK; + #endif + + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveStaticECC, + ssl->options.side); + + return SSL_SUCCESS; + } + else + return SSL_FAILURE; +} + + +#ifndef CYASSL_LEANPSK +#ifdef CYASSL_DTLS + +int CyaSSL_dtls_get_current_timeout(CYASSL* ssl) +{ + (void)ssl; + + return ssl->dtls_timeout; +} + + +/* user may need to alter init dtls recv timeout, SSL_SUCCESS on ok */ +int CyaSSL_dtls_set_timeout_init(CYASSL* ssl, int timeout) +{ + if (ssl == NULL || timeout < 0) + return BAD_FUNC_ARG; + + if (timeout > ssl->dtls_timeout_max) { + CYASSL_MSG("Can't set dtls timeout init greater than dtls timeout max"); + return BAD_FUNC_ARG; + } + + ssl->dtls_timeout_init = timeout; + ssl->dtls_timeout = timeout; + + return SSL_SUCCESS; +} + + +/* user may need to alter max dtls recv timeout, SSL_SUCCESS on ok */ +int CyaSSL_dtls_set_timeout_max(CYASSL* ssl, int timeout) +{ + if (ssl == NULL || timeout < 0) + return BAD_FUNC_ARG; + + if (timeout < ssl->dtls_timeout_init) { + CYASSL_MSG("Can't set dtls timeout max less than dtls timeout init"); + return BAD_FUNC_ARG; + } + + ssl->dtls_timeout_max = timeout; + + return SSL_SUCCESS; +} + + +int CyaSSL_dtls_got_timeout(CYASSL* ssl) +{ + int result = SSL_SUCCESS; + + DtlsMsgListDelete(ssl->dtls_msg_list, ssl->heap); + ssl->dtls_msg_list = NULL; + if (DtlsPoolTimeout(ssl) < 0 || DtlsPoolSend(ssl) < 0) { + result = SSL_FATAL_ERROR; + } + return result; +} + +#endif /* DTLS */ +#endif /* LEANPSK */ + + +/* client only parts */ +#ifndef NO_CYASSL_CLIENT + + #ifndef NO_OLD_TLS + CYASSL_METHOD* CyaSSLv3_client_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + CYASSL_ENTER("SSLv3_client_method"); + if (method) + InitSSL_Method(method, MakeSSLv3()); + return method; + } + #endif + + #ifdef CYASSL_DTLS + CYASSL_METHOD* CyaDTLSv1_client_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + CYASSL_ENTER("DTLSv1_client_method"); + if (method) + InitSSL_Method(method, MakeDTLSv1()); + return method; + } + + CYASSL_METHOD* CyaDTLSv1_2_client_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + CYASSL_ENTER("DTLSv1_2_client_method"); + if (method) + InitSSL_Method(method, MakeDTLSv1_2()); + return method; + } + #endif + + + /* please see note at top of README if you get an error from connect */ + int CyaSSL_connect(CYASSL* ssl) + { + int neededState; + + CYASSL_ENTER("SSL_connect()"); + + #ifdef HAVE_ERRNO_H + errno = 0; + #endif + + if (ssl->options.side != CYASSL_CLIENT_END) { + CYASSL_ERROR(ssl->error = SIDE_ERROR); + return SSL_FATAL_ERROR; + } + + #ifdef CYASSL_DTLS + if (ssl->version.major == DTLS_MAJOR) { + ssl->options.dtls = 1; + ssl->options.tls = 1; + ssl->options.tls1_1 = 1; + + if (DtlsPoolInit(ssl) != 0) { + ssl->error = MEMORY_ERROR; + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + } + #endif + + if (ssl->buffers.outputBuffer.length > 0) { + if ( (ssl->error = SendBuffered(ssl)) == 0) { + ssl->options.connectState++; + CYASSL_MSG("connect state: Advanced from buffered send"); + } + else { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + } + + switch (ssl->options.connectState) { + + case CONNECT_BEGIN : + /* always send client hello first */ + if ( (ssl->error = SendClientHello(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + ssl->options.connectState = CLIENT_HELLO_SENT; + CYASSL_MSG("connect state: CLIENT_HELLO_SENT"); + + case CLIENT_HELLO_SENT : + neededState = ssl->options.resuming ? SERVER_FINISHED_COMPLETE : + SERVER_HELLODONE_COMPLETE; + #ifdef CYASSL_DTLS + /* In DTLS, when resuming, we can go straight to FINISHED, + * or do a cookie exchange and then skip to FINISHED, assume + * we need the cookie exchange first. */ + if (ssl->options.dtls) + neededState = SERVER_HELLOVERIFYREQUEST_COMPLETE; + #endif + /* get response */ + while (ssl->options.serverState < neededState) { + if ( (ssl->error = ProcessReply(ssl)) < 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + /* if resumption failed, reset needed state */ + else if (neededState == SERVER_FINISHED_COMPLETE) + if (!ssl->options.resuming) { + if (!ssl->options.dtls) + neededState = SERVER_HELLODONE_COMPLETE; + else + neededState = SERVER_HELLOVERIFYREQUEST_COMPLETE; + } + } + + ssl->options.connectState = HELLO_AGAIN; + CYASSL_MSG("connect state: HELLO_AGAIN"); + + case HELLO_AGAIN : + if (ssl->options.certOnly) + return SSL_SUCCESS; + + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + /* re-init hashes, exclude first hello and verify request */ +#ifndef NO_OLD_TLS + InitMd5(&ssl->hashMd5); + if ( (ssl->error = InitSha(&ssl->hashSha)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } +#endif + if (IsAtLeastTLSv1_2(ssl)) { + #ifndef NO_SHA256 + if ( (ssl->error = + InitSha256(&ssl->hashSha256)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + #endif + #ifdef CYASSL_SHA384 + if ( (ssl->error = + InitSha384(&ssl->hashSha384)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + #endif + } + if ( (ssl->error = SendClientHello(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + } + #endif + + ssl->options.connectState = HELLO_AGAIN_REPLY; + CYASSL_MSG("connect state: HELLO_AGAIN_REPLY"); + + case HELLO_AGAIN_REPLY : + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + neededState = ssl->options.resuming ? + SERVER_FINISHED_COMPLETE : SERVER_HELLODONE_COMPLETE; + + /* get response */ + while (ssl->options.serverState < neededState) { + if ( (ssl->error = ProcessReply(ssl)) < 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + /* if resumption failed, reset needed state */ + else if (neededState == SERVER_FINISHED_COMPLETE) + if (!ssl->options.resuming) + neededState = SERVER_HELLODONE_COMPLETE; + } + } + #endif + + ssl->options.connectState = FIRST_REPLY_DONE; + CYASSL_MSG("connect state: FIRST_REPLY_DONE"); + + case FIRST_REPLY_DONE : + #ifndef NO_CERTS + if (ssl->options.sendVerify) { + if ( (ssl->error = SendCertificate(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + CYASSL_MSG("sent: certificate"); + } + + #endif + ssl->options.connectState = FIRST_REPLY_FIRST; + CYASSL_MSG("connect state: FIRST_REPLY_FIRST"); + + case FIRST_REPLY_FIRST : + if (!ssl->options.resuming) { + if ( (ssl->error = SendClientKeyExchange(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + CYASSL_MSG("sent: client key exchange"); + } + + ssl->options.connectState = FIRST_REPLY_SECOND; + CYASSL_MSG("connect state: FIRST_REPLY_SECOND"); + + case FIRST_REPLY_SECOND : + #ifndef NO_CERTS + if (ssl->options.sendVerify) { + if ( (ssl->error = SendCertificateVerify(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + CYASSL_MSG("sent: certificate verify"); + } + #endif + ssl->options.connectState = FIRST_REPLY_THIRD; + CYASSL_MSG("connect state: FIRST_REPLY_THIRD"); + + case FIRST_REPLY_THIRD : + if ( (ssl->error = SendChangeCipher(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + CYASSL_MSG("sent: change cipher spec"); + ssl->options.connectState = FIRST_REPLY_FOURTH; + CYASSL_MSG("connect state: FIRST_REPLY_FOURTH"); + + case FIRST_REPLY_FOURTH : + if ( (ssl->error = SendFinished(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + CYASSL_MSG("sent: finished"); + ssl->options.connectState = FINISHED_DONE; + CYASSL_MSG("connect state: FINISHED_DONE"); + + case FINISHED_DONE : + /* get response */ + while (ssl->options.serverState < SERVER_FINISHED_COMPLETE) + if ( (ssl->error = ProcessReply(ssl)) < 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + + ssl->options.connectState = SECOND_REPLY_DONE; + CYASSL_MSG("connect state: SECOND_REPLY_DONE"); + + case SECOND_REPLY_DONE: + FreeHandshakeResources(ssl); + CYASSL_LEAVE("SSL_connect()", SSL_SUCCESS); + return SSL_SUCCESS; + + default: + CYASSL_MSG("Unknown connect state ERROR"); + return SSL_FATAL_ERROR; /* unknown connect state */ + } + } + +#endif /* NO_CYASSL_CLIENT */ + + +/* server only parts */ +#ifndef NO_CYASSL_SERVER + + #ifndef NO_OLD_TLS + CYASSL_METHOD* CyaSSLv3_server_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + CYASSL_ENTER("SSLv3_server_method"); + if (method) { + InitSSL_Method(method, MakeSSLv3()); + method->side = CYASSL_SERVER_END; + } + return method; + } + #endif + + + #ifdef CYASSL_DTLS + CYASSL_METHOD* CyaDTLSv1_server_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + CYASSL_ENTER("DTLSv1_server_method"); + if (method) { + InitSSL_Method(method, MakeDTLSv1()); + method->side = CYASSL_SERVER_END; + } + return method; + } + + CYASSL_METHOD* CyaDTLSv1_2_server_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + CYASSL_ENTER("DTLSv1_2_server_method"); + if (method) { + InitSSL_Method(method, MakeDTLSv1_2()); + method->side = CYASSL_SERVER_END; + } + return method; + } + #endif + + + int CyaSSL_accept(CYASSL* ssl) + { + byte havePSK = 0; + CYASSL_ENTER("SSL_accept()"); + + #ifdef HAVE_ERRNO_H + errno = 0; + #endif + + #ifndef NO_PSK + havePSK = ssl->options.havePSK; + #endif + (void)havePSK; + + if (ssl->options.side != CYASSL_SERVER_END) { + CYASSL_ERROR(ssl->error = SIDE_ERROR); + return SSL_FATAL_ERROR; + } + + #ifndef NO_CERTS + /* in case used set_accept_state after init */ + if (!havePSK && (ssl->buffers.certificate.buffer == NULL || + ssl->buffers.key.buffer == NULL)) { + CYASSL_MSG("accept error: don't have server cert and key"); + ssl->error = NO_PRIVATE_KEY; + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + #endif + + #ifdef HAVE_ECC + /* in case used set_accept_state after init */ + if (ssl->eccTempKeyPresent == 0) { + if (ecc_make_key(ssl->rng, ssl->eccTempKeySz, + ssl->eccTempKey) != 0) { + ssl->error = ECC_MAKEKEY_ERROR; + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + ssl->eccTempKeyPresent = 1; + } + #endif + + #ifdef CYASSL_DTLS + if (ssl->version.major == DTLS_MAJOR) { + ssl->options.dtls = 1; + ssl->options.tls = 1; + ssl->options.tls1_1 = 1; + + if (DtlsPoolInit(ssl) != 0) { + ssl->error = MEMORY_ERROR; + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + } + #endif + + if (ssl->buffers.outputBuffer.length > 0) { + if ( (ssl->error = SendBuffered(ssl)) == 0) { + ssl->options.acceptState++; + CYASSL_MSG("accept state: Advanced from buffered send"); + } + else { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + } + + switch (ssl->options.acceptState) { + + case ACCEPT_BEGIN : + /* get response */ + while (ssl->options.clientState < CLIENT_HELLO_COMPLETE) + if ( (ssl->error = ProcessReply(ssl)) < 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + ssl->options.acceptState = ACCEPT_CLIENT_HELLO_DONE; + CYASSL_MSG("accept state ACCEPT_CLIENT_HELLO_DONE"); + + case ACCEPT_CLIENT_HELLO_DONE : + #ifdef CYASSL_DTLS + if (ssl->options.dtls) + if ( (ssl->error = SendHelloVerifyRequest(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + #endif + ssl->options.acceptState = HELLO_VERIFY_SENT; + CYASSL_MSG("accept state HELLO_VERIFY_SENT"); + + case HELLO_VERIFY_SENT: + #ifdef CYASSL_DTLS + if (ssl->options.dtls) { + ssl->options.clientState = NULL_STATE; /* get again */ + /* re-init hashes, exclude first hello and verify request */ +#ifndef NO_OLD_TLS + InitMd5(&ssl->hashMd5); + if ( (ssl->error = InitSha(&ssl->hashSha)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } +#endif + if (IsAtLeastTLSv1_2(ssl)) { + #ifndef NO_SHA256 + if ( (ssl->error = + InitSha256(&ssl->hashSha256)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + #endif + #ifdef CYASSL_SHA384 + if ( (ssl->error = + InitSha384(&ssl->hashSha384)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + #endif + } + + while (ssl->options.clientState < CLIENT_HELLO_COMPLETE) + if ( (ssl->error = ProcessReply(ssl)) < 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + } + #endif + ssl->options.acceptState = ACCEPT_FIRST_REPLY_DONE; + CYASSL_MSG("accept state ACCEPT_FIRST_REPLY_DONE"); + + case ACCEPT_FIRST_REPLY_DONE : + if ( (ssl->error = SendServerHello(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + ssl->options.acceptState = SERVER_HELLO_SENT; + CYASSL_MSG("accept state SERVER_HELLO_SENT"); + + case SERVER_HELLO_SENT : + #ifndef NO_CERTS + if (!ssl->options.resuming) + if ( (ssl->error = SendCertificate(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + #endif + ssl->options.acceptState = CERT_SENT; + CYASSL_MSG("accept state CERT_SENT"); + + case CERT_SENT : + if (!ssl->options.resuming) + if ( (ssl->error = SendServerKeyExchange(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + ssl->options.acceptState = KEY_EXCHANGE_SENT; + CYASSL_MSG("accept state KEY_EXCHANGE_SENT"); + + case KEY_EXCHANGE_SENT : + #ifndef NO_CERTS + if (!ssl->options.resuming) + if (ssl->options.verifyPeer) + if ( (ssl->error = SendCertificateRequest(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + #endif + ssl->options.acceptState = CERT_REQ_SENT; + CYASSL_MSG("accept state CERT_REQ_SENT"); + + case CERT_REQ_SENT : + if (!ssl->options.resuming) + if ( (ssl->error = SendServerHelloDone(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + ssl->options.acceptState = SERVER_HELLO_DONE; + CYASSL_MSG("accept state SERVER_HELLO_DONE"); + + case SERVER_HELLO_DONE : + if (!ssl->options.resuming) { + while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) + if ( (ssl->error = ProcessReply(ssl)) < 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + } + ssl->options.acceptState = ACCEPT_SECOND_REPLY_DONE; + CYASSL_MSG("accept state ACCEPT_SECOND_REPLY_DONE"); + + case ACCEPT_SECOND_REPLY_DONE : + if ( (ssl->error = SendChangeCipher(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + ssl->options.acceptState = CHANGE_CIPHER_SENT; + CYASSL_MSG("accept state CHANGE_CIPHER_SENT"); + + case CHANGE_CIPHER_SENT : + if ( (ssl->error = SendFinished(ssl)) != 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + + ssl->options.acceptState = ACCEPT_FINISHED_DONE; + CYASSL_MSG("accept state ACCEPT_FINISHED_DONE"); + + case ACCEPT_FINISHED_DONE : + if (ssl->options.resuming) + while (ssl->options.clientState < CLIENT_FINISHED_COMPLETE) + if ( (ssl->error = ProcessReply(ssl)) < 0) { + CYASSL_ERROR(ssl->error); + return SSL_FATAL_ERROR; + } + + ssl->options.acceptState = ACCEPT_THIRD_REPLY_DONE; + CYASSL_MSG("accept state ACCEPT_THIRD_REPLY_DONE"); + + case ACCEPT_THIRD_REPLY_DONE : + FreeHandshakeResources(ssl); + CYASSL_LEAVE("SSL_accept()", SSL_SUCCESS); + return SSL_SUCCESS; + + default : + CYASSL_MSG("Unknown accept state ERROR"); + return SSL_FATAL_ERROR; + } + } + +#endif /* NO_CYASSL_SERVER */ + + +int CyaSSL_Cleanup(void) +{ + int ret = SSL_SUCCESS; + int release = 0; + + CYASSL_ENTER("CyaSSL_Cleanup"); + + if (initRefCount == 0) + return ret; /* possibly no init yet, but not failure either way */ + + if (LockMutex(&count_mutex) != 0) { + CYASSL_MSG("Bad Lock Mutex count"); + return BAD_MUTEX_E; + } + + release = initRefCount-- == 1; + if (initRefCount < 0) + initRefCount = 0; + + UnLockMutex(&count_mutex); + + if (!release) + return ret; + +#ifndef NO_SESSION_CACHE + if (FreeMutex(&session_mutex) != 0) + ret = BAD_MUTEX_E; +#endif + if (FreeMutex(&count_mutex) != 0) + ret = BAD_MUTEX_E; + +#if defined(HAVE_ECC) && defined(FP_ECC) + ecc_fp_free(); +#endif + + return ret; +} + + +#ifndef NO_SESSION_CACHE + +#ifndef NO_MD5 + +/* some session IDs aren't random afterall, let's make them random */ + +static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error) +{ + byte digest[MD5_DIGEST_SIZE]; + Md5 md5; + + (void)error; + + InitMd5(&md5); + Md5Update(&md5, sessionID, len); + Md5Final(&md5, digest); + + return MakeWordFromHash(digest); +} + +#elif !defined(NO_SHA) + +/* 0 on failure */ +static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error) +{ + byte digest[SHA_DIGEST_SIZE]; + Sha sha; + int ret = 0; + + ret = InitSha(&sha); + if (ret != 0) { + *error = ret; + return 0; + } + ShaUpdate(&sha, sessionID, len); + ShaFinal(&sha, digest); + + return MakeWordFromHash(digest); +} + +#elif !defined(NO_SHA256) + +static INLINE word32 HashSession(const byte* sessionID, word32 len, int* error) +{ + byte digest[SHA256_DIGEST_SIZE]; + Sha256 sha256; + int ret; + + ret = InitSha256(&sha256); + if (ret != 0) { + *error = ret; + return 0; + } + + ret = Sha256Update(&sha256, sessionID, len); + if (ret != 0) { + *error = ret; + return 0; + } + + ret = Sha256Final(&sha256, digest); + if (ret != 0) { + *error = ret; + return 0; + } + + return MakeWordFromHash(digest); +} + +#else + +#error "We need a digest to hash the session IDs" + +#endif /* NO_MD5 */ + + +void CyaSSL_flush_sessions(CYASSL_CTX* ctx, long tm) +{ + /* static table now, no flusing needed */ + (void)ctx; + (void)tm; +} + + +/* set ssl session timeout in seconds */ +int CyaSSL_set_timeout(CYASSL* ssl, unsigned int to) +{ + if (ssl == NULL) + return BAD_FUNC_ARG; + + ssl->timeout = to; + + return SSL_SUCCESS; +} + + +/* set ctx session timeout in seconds */ +int CyaSSL_CTX_set_timeout(CYASSL_CTX* ctx, unsigned int to) +{ + if (ctx == NULL) + return BAD_FUNC_ARG; + + ctx->timeout = to; + + return SSL_SUCCESS; +} + + +#ifndef NO_CLIENT_CACHE + +/* Get Session from Client cache based on id/len, return NULL on failure */ +CYASSL_SESSION* GetSessionClient(CYASSL* ssl, const byte* id, int len) +{ + CYASSL_SESSION* ret = NULL; + word32 row; + int idx; + int count; + int error = 0; + + CYASSL_ENTER("GetSessionClient"); + + if (ssl->options.side == CYASSL_SERVER_END) + return NULL; + + len = min(SERVER_ID_LEN, (word32)len); + row = HashSession(id, len, &error) % SESSION_ROWS; + if (error != 0) { + CYASSL_MSG("Hash session failed"); + return NULL; + } + + if (LockMutex(&session_mutex) != 0) { + CYASSL_MSG("Lock session mutex failed"); + return NULL; + } + + /* start from most recently used */ + count = min((word32)ClientCache[row].totalCount, SESSIONS_PER_ROW); + idx = ClientCache[row].nextIdx - 1; + if (idx < 0) + idx = SESSIONS_PER_ROW - 1; /* if back to front, the previous was end */ + + for (; count > 0; --count, idx = idx ? idx - 1 : SESSIONS_PER_ROW - 1) { + CYASSL_SESSION* current; + ClientSession clSess; + + if (idx >= SESSIONS_PER_ROW || idx < 0) { /* sanity check */ + CYASSL_MSG("Bad idx"); + break; + } + + clSess = ClientCache[row].Clients[idx]; + + current = &SessionCache[clSess.serverRow].Sessions[clSess.serverIdx]; + if (XMEMCMP(current->serverID, id, len) == 0) { + CYASSL_MSG("Found a serverid match for client"); + if (LowResTimer() < (current->bornOn + current->timeout)) { + CYASSL_MSG("Session valid"); + ret = current; + break; + } else { + CYASSL_MSG("Session timed out"); /* could have more for id */ + } + } else { + CYASSL_MSG("ServerID not a match from client table"); + } + } + + UnLockMutex(&session_mutex); + + return ret; +} + +#endif /* NO_CLIENT_CACHE */ + + +CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) +{ + CYASSL_SESSION* ret = 0; + const byte* id = NULL; + word32 row; + int idx; + int count; + int error = 0; + + if (ssl->options.sessionCacheOff) + return NULL; + + if (ssl->options.haveSessionId == 0) + return NULL; + + if (ssl->arrays) + id = ssl->arrays->sessionID; + else + id = ssl->session.sessionID; + + row = HashSession(id, ID_LEN, &error) % SESSION_ROWS; + if (error != 0) { + CYASSL_MSG("Hash session failed"); + return NULL; + } + + if (LockMutex(&session_mutex) != 0) + return 0; + + /* start from most recently used */ + count = min((word32)SessionCache[row].totalCount, SESSIONS_PER_ROW); + idx = SessionCache[row].nextIdx - 1; + if (idx < 0) + idx = SESSIONS_PER_ROW - 1; /* if back to front, the previous was end */ + + for (; count > 0; --count, idx = idx ? idx - 1 : SESSIONS_PER_ROW - 1) { + CYASSL_SESSION* current; + + if (idx >= SESSIONS_PER_ROW || idx < 0) { /* sanity check */ + CYASSL_MSG("Bad idx"); + break; + } + + current = &SessionCache[row].Sessions[idx]; + if (XMEMCMP(current->sessionID, id, ID_LEN) == 0) { + CYASSL_MSG("Found a session match"); + if (LowResTimer() < (current->bornOn + current->timeout)) { + CYASSL_MSG("Session valid"); + ret = current; + if (masterSecret) + XMEMCPY(masterSecret, current->masterSecret, SECRET_LEN); + } else { + CYASSL_MSG("Session timed out"); + } + break; /* no more sessionIDs whether valid or not that match */ + } else { + CYASSL_MSG("SessionID not a match at this idx"); + } + } + + UnLockMutex(&session_mutex); + + return ret; +} + + +int SetSession(CYASSL* ssl, CYASSL_SESSION* session) +{ + if (ssl->options.sessionCacheOff) + return SSL_FAILURE; + + if (LowResTimer() < (session->bornOn + session->timeout)) { + ssl->session = *session; + ssl->options.resuming = 1; + +#ifdef SESSION_CERTS + ssl->version = session->version; + ssl->options.cipherSuite0 = session->cipherSuite0; + ssl->options.cipherSuite = session->cipherSuite; +#endif + + return SSL_SUCCESS; + } + return SSL_FAILURE; /* session timed out */ +} + + +int AddSession(CYASSL* ssl) +{ + word32 row, idx; + int error = 0; + + if (ssl->options.sessionCacheOff) + return 0; + + if (ssl->options.haveSessionId == 0) + return 0; + + row = HashSession(ssl->arrays->sessionID, ID_LEN, &error) % SESSION_ROWS; + if (error != 0) { + CYASSL_MSG("Hash session failed"); + return error; + } + + if (LockMutex(&session_mutex) != 0) + return BAD_MUTEX_E; + + idx = SessionCache[row].nextIdx++; +#ifdef SESSION_INDEX + ssl->sessionIndex = (row << SESSIDX_ROW_SHIFT) | idx; +#endif + + XMEMCPY(SessionCache[row].Sessions[idx].masterSecret, + ssl->arrays->masterSecret, SECRET_LEN); + XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays->sessionID, + ID_LEN); + + SessionCache[row].Sessions[idx].timeout = ssl->timeout; + SessionCache[row].Sessions[idx].bornOn = LowResTimer(); + +#ifdef SESSION_CERTS + SessionCache[row].Sessions[idx].chain.count = ssl->session.chain.count; + XMEMCPY(SessionCache[row].Sessions[idx].chain.certs, + ssl->session.chain.certs, sizeof(x509_buffer) * MAX_CHAIN_DEPTH); + + SessionCache[row].Sessions[idx].version = ssl->version; + SessionCache[row].Sessions[idx].cipherSuite0 = ssl->options.cipherSuite0; + SessionCache[row].Sessions[idx].cipherSuite = ssl->options.cipherSuite; +#endif /* SESSION_CERTS */ + + SessionCache[row].totalCount++; + if (SessionCache[row].nextIdx == SESSIONS_PER_ROW) + SessionCache[row].nextIdx = 0; + +#ifndef NO_CLIENT_CACHE + if (ssl->options.side == CYASSL_CLIENT_END && ssl->session.idLen) { + word32 clientRow, clientIdx; + + CYASSL_MSG("Adding client cache entry"); + + SessionCache[row].Sessions[idx].idLen = ssl->session.idLen; + XMEMCPY(SessionCache[row].Sessions[idx].serverID, ssl->session.serverID, + ssl->session.idLen); + + clientRow = HashSession(ssl->session.serverID, ssl->session.idLen, + &error) % SESSION_ROWS; + if (error != 0) { + CYASSL_MSG("Hash session failed"); + return error; + } + clientIdx = ClientCache[clientRow].nextIdx++; + + ClientCache[clientRow].Clients[clientIdx].serverRow = (word16)row; + ClientCache[clientRow].Clients[clientIdx].serverIdx = (word16)idx; + + ClientCache[clientRow].totalCount++; + if (ClientCache[clientRow].nextIdx == SESSIONS_PER_ROW) + ClientCache[clientRow].nextIdx = 0; + } + else + SessionCache[row].Sessions[idx].idLen = 0; +#endif /* NO_CLIENT_CACHE */ + + if (UnLockMutex(&session_mutex) != 0) + return BAD_MUTEX_E; + + return 0; +} + + +#ifdef SESSION_INDEX + +int CyaSSL_GetSessionIndex(CYASSL* ssl) +{ + CYASSL_ENTER("CyaSSL_GetSessionIndex"); + CYASSL_LEAVE("CyaSSL_GetSessionIndex", ssl->sessionIndex); + return ssl->sessionIndex; +} + + +int CyaSSL_GetSessionAtIndex(int idx, CYASSL_SESSION* session) +{ + int row, col, result = SSL_FAILURE; + + CYASSL_ENTER("CyaSSL_GetSessionAtIndex"); + + row = idx >> SESSIDX_ROW_SHIFT; + col = idx & SESSIDX_IDX_MASK; + + if (LockMutex(&session_mutex) != 0) { + return BAD_MUTEX_E; + } + + if (row < SESSION_ROWS && + col < (int)min(SessionCache[row].totalCount, SESSIONS_PER_ROW)) { + XMEMCPY(session, + &SessionCache[row].Sessions[col], sizeof(CYASSL_SESSION)); + result = SSL_SUCCESS; + } + + if (UnLockMutex(&session_mutex) != 0) + result = BAD_MUTEX_E; + + CYASSL_LEAVE("CyaSSL_GetSessionAtIndex", result); + return result; +} + +#endif /* SESSION_INDEX */ + +#if defined(SESSION_INDEX) && defined(SESSION_CERTS) + +CYASSL_X509_CHAIN* CyaSSL_SESSION_get_peer_chain(CYASSL_SESSION* session) +{ + CYASSL_X509_CHAIN* chain = NULL; + + CYASSL_ENTER("CyaSSL_SESSION_get_peer_chain"); + if (session) + chain = &session->chain; + + CYASSL_LEAVE("CyaSSL_SESSION_get_peer_chain", chain ? 1 : 0); + return chain; +} + +#endif /* SESSION_INDEX && SESSION_CERTS */ + + + #ifdef SESSION_STATS + + CYASSL_API + void PrintSessionStats(void) + { + word32 totalSessionsSeen = 0; + word32 totalSessionsNow = 0; + word32 rowNow; + int i; + double E; /* expected freq */ + double chiSquare = 0; + + for (i = 0; i < SESSION_ROWS; i++) { + totalSessionsSeen += SessionCache[i].totalCount; + + if (SessionCache[i].totalCount >= SESSIONS_PER_ROW) + rowNow = SESSIONS_PER_ROW; + else if (SessionCache[i].nextIdx == 0) + rowNow = 0; + else + rowNow = SessionCache[i].nextIdx; + + totalSessionsNow += rowNow; + } + + printf("Total Sessions Seen = %d\n", totalSessionsSeen); + printf("Total Sessions Now = %d\n", totalSessionsNow); + + E = (double)totalSessionsSeen / SESSION_ROWS; + + for (i = 0; i < SESSION_ROWS; i++) { + double diff = SessionCache[i].totalCount - E; + diff *= diff; /* square */ + diff /= E; /* normalize */ + + chiSquare += diff; + } + printf(" chi-square = %5.1f, d.f. = %d\n", chiSquare, + SESSION_ROWS - 1); + if (SESSION_ROWS == 11) + printf(" .05 p value = 18.3, chi-square should be less\n"); + else if (SESSION_ROWS == 211) + printf(".05 p value = 244.8, chi-square should be less\n"); + else if (SESSION_ROWS == 5981) + printf(".05 p value = 6161.0, chi-square should be less\n"); + else if (SESSION_ROWS == 3) + printf(".05 p value = 6.0, chi-square should be less\n"); + else if (SESSION_ROWS == 2861) + printf(".05 p value = 2985.5, chi-square should be less\n"); + printf("\n"); + } + + #endif /* SESSION_STATS */ + +#else /* NO_SESSION_CACHE */ + +/* No session cache version */ +CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) +{ + (void)ssl; + (void)masterSecret; + + return NULL; +} + +#endif /* NO_SESSION_CACHE */ + + +/* call before SSL_connect, if verifying will add name check to + date check and signature check */ +int CyaSSL_check_domain_name(CYASSL* ssl, const char* dn) +{ + CYASSL_ENTER("CyaSSL_check_domain_name"); + if (ssl->buffers.domainName.buffer) + XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN); + + ssl->buffers.domainName.length = (word32)XSTRLEN(dn) + 1; + ssl->buffers.domainName.buffer = (byte*) XMALLOC( + ssl->buffers.domainName.length, ssl->heap, DYNAMIC_TYPE_DOMAIN); + + if (ssl->buffers.domainName.buffer) { + XSTRNCPY((char*)ssl->buffers.domainName.buffer, dn, + ssl->buffers.domainName.length); + return SSL_SUCCESS; + } + else { + ssl->error = MEMORY_ERROR; + return SSL_FAILURE; + } +} + + +/* turn on CyaSSL zlib compression + returns SSL_SUCCESS for success, else error (not built in) +*/ +int CyaSSL_set_compression(CYASSL* ssl) +{ + CYASSL_ENTER("CyaSSL_set_compression"); + (void)ssl; +#ifdef HAVE_LIBZ + ssl->options.usingCompression = 1; + return SSL_SUCCESS; +#else + return NOT_COMPILED_IN; +#endif +} + + +#ifndef USE_WINDOWS_API + #ifndef NO_WRITEV + + /* simulate writev semantics, doesn't actually do block at a time though + because of SSL_write behavior and because front adds may be small */ + int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov, int iovcnt) + { + byte tmp[FILE_BUFFER_SIZE]; + byte* myBuffer = tmp; + int sending = 0; + int newBuffer = 0; + int idx = 0; + int i; + int ret; + + CYASSL_ENTER("CyaSSL_writev"); + + for (i = 0; i < iovcnt; i++) + sending += (int)iov[i].iov_len; + + if (sending > (int)sizeof(tmp)) { + byte* tmp2 = (byte*) XMALLOC(sending, ssl->heap, + DYNAMIC_TYPE_WRITEV); + if (!tmp2) + return MEMORY_ERROR; + myBuffer = tmp2; + newBuffer = 1; + } + + for (i = 0; i < iovcnt; i++) { + XMEMCPY(&myBuffer[idx], iov[i].iov_base, iov[i].iov_len); + idx += (int)iov[i].iov_len; + } + + ret = CyaSSL_write(ssl, myBuffer, sending); + + if (newBuffer) XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV); + + return ret; + } + #endif +#endif + + +#ifdef CYASSL_CALLBACKS + + typedef struct itimerval Itimerval; + + /* don't keep calling simple functions while setting up timer and singals + if no inlining these are the next best */ + + #define AddTimes(a, b, c) \ + do { \ + c.tv_sec = a.tv_sec + b.tv_sec; \ + c.tv_usec = a.tv_usec + b.tv_usec; \ + if (c.tv_usec >= 1000000) { \ + c.tv_sec++; \ + c.tv_usec -= 1000000; \ + } \ + } while (0) + + + #define SubtractTimes(a, b, c) \ + do { \ + c.tv_sec = a.tv_sec - b.tv_sec; \ + c.tv_usec = a.tv_usec - b.tv_usec; \ + if (c.tv_usec < 0) { \ + c.tv_sec--; \ + c.tv_usec += 1000000; \ + } \ + } while (0) + + #define CmpTimes(a, b, cmp) \ + ((a.tv_sec == b.tv_sec) ? \ + (a.tv_usec cmp b.tv_usec) : \ + (a.tv_sec cmp b.tv_sec)) \ + + + /* do nothing handler */ + static void myHandler(int signo) + { + (void)signo; + return; + } + + + static int CyaSSL_ex_wrapper(CYASSL* ssl, HandShakeCallBack hsCb, + TimeoutCallBack toCb, Timeval timeout) + { + int ret = SSL_FATAL_ERROR; + int oldTimerOn = 0; /* was timer already on */ + Timeval startTime; + Timeval endTime; + Timeval totalTime; + Itimerval myTimeout; + Itimerval oldTimeout; /* if old timer adjust from total time to reset */ + struct sigaction act, oact; + + #define ERR_OUT(x) { ssl->hsInfoOn = 0; ssl->toInfoOn = 0; return x; } + + if (hsCb) { + ssl->hsInfoOn = 1; + InitHandShakeInfo(&ssl->handShakeInfo); + } + if (toCb) { + ssl->toInfoOn = 1; + InitTimeoutInfo(&ssl->timeoutInfo); + + if (gettimeofday(&startTime, 0) < 0) + ERR_OUT(GETTIME_ERROR); + + /* use setitimer to simulate getitimer, init 0 myTimeout */ + myTimeout.it_interval.tv_sec = 0; + myTimeout.it_interval.tv_usec = 0; + myTimeout.it_value.tv_sec = 0; + myTimeout.it_value.tv_usec = 0; + if (setitimer(ITIMER_REAL, &myTimeout, &oldTimeout) < 0) + ERR_OUT(SETITIMER_ERROR); + + if (oldTimeout.it_value.tv_sec || oldTimeout.it_value.tv_usec) { + oldTimerOn = 1; + + /* is old timer going to expire before ours */ + if (CmpTimes(oldTimeout.it_value, timeout, <)) { + timeout.tv_sec = oldTimeout.it_value.tv_sec; + timeout.tv_usec = oldTimeout.it_value.tv_usec; + } + } + myTimeout.it_value.tv_sec = timeout.tv_sec; + myTimeout.it_value.tv_usec = timeout.tv_usec; + + /* set up signal handler, don't restart socket send/recv */ + act.sa_handler = myHandler; + sigemptyset(&act.sa_mask); + act.sa_flags = 0; +#ifdef SA_INTERRUPT + act.sa_flags |= SA_INTERRUPT; +#endif + if (sigaction(SIGALRM, &act, &oact) < 0) + ERR_OUT(SIGACT_ERROR); + + if (setitimer(ITIMER_REAL, &myTimeout, 0) < 0) + ERR_OUT(SETITIMER_ERROR); + } + + /* do main work */ +#ifndef NO_CYASSL_CLIENT + if (ssl->options.side == CYASSL_CLIENT_END) + ret = CyaSSL_connect(ssl); +#endif +#ifndef NO_CYASSL_SERVER + if (ssl->options.side == CYASSL_SERVER_END) + ret = CyaSSL_accept(ssl); +#endif + + /* do callbacks */ + if (toCb) { + if (oldTimerOn) { + gettimeofday(&endTime, 0); + SubtractTimes(endTime, startTime, totalTime); + /* adjust old timer for elapsed time */ + if (CmpTimes(totalTime, oldTimeout.it_value, <)) + SubtractTimes(oldTimeout.it_value, totalTime, + oldTimeout.it_value); + else { + /* reset value to interval, may be off */ + oldTimeout.it_value.tv_sec = oldTimeout.it_interval.tv_sec; + oldTimeout.it_value.tv_usec =oldTimeout.it_interval.tv_usec; + } + /* keep iter the same whether there or not */ + } + /* restore old handler */ + if (sigaction(SIGALRM, &oact, 0) < 0) + ret = SIGACT_ERROR; /* more pressing error, stomp */ + else + /* use old settings which may turn off (expired or not there) */ + if (setitimer(ITIMER_REAL, &oldTimeout, 0) < 0) + ret = SETITIMER_ERROR; + + /* if we had a timeout call callback */ + if (ssl->timeoutInfo.timeoutName[0]) { + ssl->timeoutInfo.timeoutValue.tv_sec = timeout.tv_sec; + ssl->timeoutInfo.timeoutValue.tv_usec = timeout.tv_usec; + (toCb)(&ssl->timeoutInfo); + } + /* clean up */ + FreeTimeoutInfo(&ssl->timeoutInfo, ssl->heap); + ssl->toInfoOn = 0; + } + if (hsCb) { + FinishHandShakeInfo(&ssl->handShakeInfo, ssl); + (hsCb)(&ssl->handShakeInfo); + ssl->hsInfoOn = 0; + } + return ret; + } + + +#ifndef NO_CYASSL_CLIENT + + int CyaSSL_connect_ex(CYASSL* ssl, HandShakeCallBack hsCb, + TimeoutCallBack toCb, Timeval timeout) + { + CYASSL_ENTER("CyaSSL_connect_ex"); + return CyaSSL_ex_wrapper(ssl, hsCb, toCb, timeout); + } + +#endif + + +#ifndef NO_CYASSL_SERVER + + int CyaSSL_accept_ex(CYASSL* ssl, HandShakeCallBack hsCb, + TimeoutCallBack toCb,Timeval timeout) + { + CYASSL_ENTER("CyaSSL_accept_ex"); + return CyaSSL_ex_wrapper(ssl, hsCb, toCb, timeout); + } + +#endif + +#endif /* CYASSL_CALLBACKS */ + + +#ifndef NO_PSK + + void CyaSSL_CTX_set_psk_client_callback(CYASSL_CTX* ctx, + psk_client_callback cb) + { + CYASSL_ENTER("SSL_CTX_set_psk_client_callback"); + ctx->havePSK = 1; + ctx->client_psk_cb = cb; + } + - case ACCEPT_THIRD_REPLY_DONE : - if (ssl->buffers.inputBuffer.dynamicFlag) - ShrinkInputBuffer(ssl, NO_FORCED_FREE); - CYASSL_LEAVE("SSL_accept()", SSL_SUCCESS); - return SSL_SUCCESS; + void CyaSSL_set_psk_client_callback(CYASSL* ssl, psk_client_callback cb) + { + byte haveRSA = 1; - default : - CYASSL_MSG("Unknown accept state ERROR"); - return SSL_FATAL_ERROR; - } + CYASSL_ENTER("SSL_set_psk_client_callback"); + ssl->options.havePSK = 1; + ssl->options.client_psk_cb = cb; + + #ifdef NO_RSA + haveRSA = 0; + #endif + InitSuites(ssl->suites, ssl->version, haveRSA, TRUE, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveStaticECC, + ssl->options.side); } -#endif /* NO_CYASSL_SERVER */ -/* prevent multiple mutex initializations */ -static volatile int initRefCount = 0; -static CyaSSL_Mutex count_mutex; /* init ref count mutex */ + void CyaSSL_CTX_set_psk_server_callback(CYASSL_CTX* ctx, + psk_server_callback cb) + { + CYASSL_ENTER("SSL_CTX_set_psk_server_callback"); + ctx->havePSK = 1; + ctx->server_psk_cb = cb; + } -int CyaSSL_Init(void) -{ - int ret = 0; - CYASSL_ENTER("CyaSSL_Init"); + void CyaSSL_set_psk_server_callback(CYASSL* ssl, psk_server_callback cb) + { + byte haveRSA = 1; - if (initRefCount == 0) { -#ifndef NO_SESSION_CACHE - if (InitMutex(&session_mutex) != 0) - ret = BAD_MUTEX_ERROR; -#endif - if (InitMutex(&count_mutex) != 0) - ret = BAD_MUTEX_ERROR; - } - if (ret == 0) { - LockMutex(&count_mutex); - initRefCount++; - UnLockMutex(&count_mutex); - } + CYASSL_ENTER("SSL_set_psk_server_callback"); + ssl->options.havePSK = 1; + ssl->options.server_psk_cb = cb; - return ret; -} + #ifdef NO_RSA + haveRSA = 0; + #endif + InitSuites(ssl->suites, ssl->version, haveRSA, TRUE, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveStaticECC, + ssl->options.side); + } -int CyaSSL_Cleanup(void) -{ - int ret = 0; - int release = 0; + const char* CyaSSL_get_psk_identity_hint(const CYASSL* ssl) + { + CYASSL_ENTER("SSL_get_psk_identity_hint"); - CYASSL_ENTER("CyaSSL_Cleanup"); + if (ssl == NULL || ssl->arrays == NULL) + return NULL; - LockMutex(&count_mutex); + return ssl->arrays->server_hint; + } - release = initRefCount-- == 1; - if (initRefCount < 0) - initRefCount = 0; - UnLockMutex(&count_mutex); + const char* CyaSSL_get_psk_identity(const CYASSL* ssl) + { + CYASSL_ENTER("SSL_get_psk_identity"); - if (!release) - return ret; + if (ssl == NULL || ssl->arrays == NULL) + return NULL; -#ifndef NO_SESSION_CACHE - if (FreeMutex(&session_mutex) != 0) - ret = BAD_MUTEX_ERROR; -#endif - if (FreeMutex(&count_mutex) != 0) - ret = BAD_MUTEX_ERROR; + return ssl->arrays->client_identity; + } - return ret; -} + int CyaSSL_CTX_use_psk_identity_hint(CYASSL_CTX* ctx, const char* hint) + { + CYASSL_ENTER("SSL_CTX_use_psk_identity_hint"); + if (hint == 0) + ctx->server_hint[0] = 0; + else { + XSTRNCPY(ctx->server_hint, hint, MAX_PSK_ID_LEN); + ctx->server_hint[MAX_PSK_ID_LEN - 1] = '\0'; + } + return SSL_SUCCESS; + } -#ifndef NO_SESSION_CACHE + int CyaSSL_use_psk_identity_hint(CYASSL* ssl, const char* hint) + { + CYASSL_ENTER("SSL_use_psk_identity_hint"); -static INLINE word32 HashSession(const byte* sessionID) -{ - /* id is random, just make 32 bit number from first 4 bytes for now */ - return (sessionID[0] << 24) | (sessionID[1] << 16) | (sessionID[2] << 8) | - sessionID[3]; -} + if (ssl == NULL || ssl->arrays == NULL) + return SSL_FAILURE; + if (hint == 0) + ssl->arrays->server_hint[0] = 0; + else { + XSTRNCPY(ssl->arrays->server_hint, hint, MAX_PSK_ID_LEN); + ssl->arrays->server_hint[MAX_PSK_ID_LEN - 1] = '\0'; + } + return SSL_SUCCESS; + } -void CyaSSL_flush_sessions(CYASSL_CTX* ctx, long tm) -{ - /* static table now, no flusing needed */ - (void)ctx; - (void)tm; -} +#endif /* NO_PSK */ -/* set ssl session timeout in seconds */ -int CyaSSL_set_timeout(CYASSL* ssl, unsigned int to) -{ - if (ssl == NULL) - return BAD_FUNC_ARG; +#ifndef NO_CERTS +/* used to be defined on NO_FILESYSTEM only, but are generally useful */ - ssl->timeout = to; + /* CyaSSL extension allows DER files to be loaded from buffers as well */ + int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX* ctx, const unsigned char* in, + long sz, int format) + { + CYASSL_ENTER("CyaSSL_CTX_load_verify_buffer"); + if (format == SSL_FILETYPE_PEM) + return ProcessChainBuffer(ctx, in, sz, format, CA_TYPE, NULL); + else + return ProcessBuffer(ctx, in, sz, format, CA_TYPE, NULL,NULL,0); + } - return SSL_SUCCESS; -} + int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX* ctx, + const unsigned char* in, long sz, int format) + { + CYASSL_ENTER("CyaSSL_CTX_use_certificate_buffer"); + return ProcessBuffer(ctx, in, sz, format, CERT_TYPE, NULL, NULL, 0); + } -/* set ctx session timeout in seconds */ -int CyaSSL_CTX_set_timeout(CYASSL_CTX* ctx, unsigned int to) -{ - if (ctx == NULL) - return BAD_FUNC_ARG; - ctx->timeout = to; + int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX* ctx, + const unsigned char* in, long sz, int format) + { + CYASSL_ENTER("CyaSSL_CTX_use_PrivateKey_buffer"); + return ProcessBuffer(ctx, in, sz, format, PRIVATEKEY_TYPE, NULL,NULL,0); + } - return SSL_SUCCESS; -} + int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX* ctx, + const unsigned char* in, long sz) + { + CYASSL_ENTER("CyaSSL_CTX_use_certificate_chain_buffer"); + return ProcessBuffer(ctx, in, sz, SSL_FILETYPE_PEM, CERT_TYPE, NULL, + NULL, 1); + } -CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) -{ - CYASSL_SESSION* ret = 0; - const byte* id = ssl->arrays.sessionID; - word32 row; - int idx; - - if (ssl->options.sessionCacheOff) - return NULL; + int CyaSSL_use_certificate_buffer(CYASSL* ssl, + const unsigned char* in, long sz, int format) + { + CYASSL_ENTER("CyaSSL_use_certificate_buffer"); + return ProcessBuffer(ssl->ctx, in, sz, format,CERT_TYPE,ssl,NULL,0); + } - if (ssl->options.haveSessionId == 0) - return NULL; - row = HashSession(id) % SESSION_ROWS; + int CyaSSL_use_PrivateKey_buffer(CYASSL* ssl, + const unsigned char* in, long sz, int format) + { + CYASSL_ENTER("CyaSSL_use_PrivateKey_buffer"); + return ProcessBuffer(ssl->ctx, in, sz, format, PRIVATEKEY_TYPE, + ssl, NULL, 0); + } - if (LockMutex(&session_mutex) != 0) - return 0; - - if (SessionCache[row].totalCount >= SESSIONS_PER_ROW) - idx = SESSIONS_PER_ROW - 1; - else - idx = SessionCache[row].nextIdx - 1; - for (; idx >= 0; idx--) { - CYASSL_SESSION* current; - - if (idx >= SESSIONS_PER_ROW) /* server could have restarted, idx */ - break; /* would be word32(-1) and seg fault */ - - current = &SessionCache[row].Sessions[idx]; - if (XMEMCMP(current->sessionID, id, ID_LEN) == 0) { - if (LowResTimer() < (current->bornOn + current->timeout)) { - ret = current; - if (masterSecret) - XMEMCPY(masterSecret, current->masterSecret, SECRET_LEN); - } - break; - } + int CyaSSL_use_certificate_chain_buffer(CYASSL* ssl, + const unsigned char* in, long sz) + { + CYASSL_ENTER("CyaSSL_use_certificate_chain_buffer"); + return ProcessBuffer(ssl->ctx, in, sz, SSL_FILETYPE_PEM, CERT_TYPE, + ssl, NULL, 1); } - UnLockMutex(&session_mutex); - - return ret; -} + /* unload any certs or keys that SSL owns, leave CTX as is + SSL_SUCCESS on ok */ + int CyaSSL_UnloadCertsKeys(CYASSL* ssl) + { + if (ssl == NULL) { + CYASSL_MSG("Null function arg"); + return BAD_FUNC_ARG; + } -int SetSession(CYASSL* ssl, CYASSL_SESSION* session) -{ - if (ssl->options.sessionCacheOff) - return SSL_FAILURE; + if (ssl->buffers.weOwnCert) { + CYASSL_MSG("Unloading cert"); + XFREE(ssl->buffers.certificate.buffer, ssl->heap,DYNAMIC_TYPE_CERT); + ssl->buffers.weOwnCert = 0; + ssl->buffers.certificate.length = 0; + ssl->buffers.certificate.buffer = NULL; + } - if (LowResTimer() < (session->bornOn + session->timeout)) { - ssl->session = *session; - ssl->options.resuming = 1; + if (ssl->buffers.weOwnCertChain) { + CYASSL_MSG("Unloading cert chain"); + XFREE(ssl->buffers.certChain.buffer, ssl->heap,DYNAMIC_TYPE_CERT); + ssl->buffers.weOwnCertChain = 0; + ssl->buffers.certChain.length = 0; + ssl->buffers.certChain.buffer = NULL; + } -#ifdef SESSION_CERTS - ssl->version = session->version; - ssl->options.cipherSuite0 = session->cipherSuite0; - ssl->options.cipherSuite = session->cipherSuite; -#endif + if (ssl->buffers.weOwnKey) { + CYASSL_MSG("Unloading key"); + XFREE(ssl->buffers.key.buffer, ssl->heap, DYNAMIC_TYPE_KEY); + ssl->buffers.weOwnKey = 0; + ssl->buffers.key.length = 0; + ssl->buffers.key.buffer = NULL; + } return SSL_SUCCESS; } - return SSL_FAILURE; /* session timed out */ -} -int AddSession(CYASSL* ssl) -{ - word32 row, idx; + int CyaSSL_CTX_UnloadCAs(CYASSL_CTX* ctx) + { + CYASSL_ENTER("CyaSSL_CTX_UnloadCAs"); - if (ssl->options.sessionCacheOff) - return 0; + if (ctx == NULL) + return BAD_FUNC_ARG; - if (ssl->options.haveSessionId == 0) - return 0; + return CyaSSL_CertManagerUnloadCAs(ctx->cm); + } - row = HashSession(ssl->arrays.sessionID) % SESSION_ROWS; +/* old NO_FILESYSTEM end */ +#endif /* !NO_CERTS */ - if (LockMutex(&session_mutex) != 0) - return BAD_MUTEX_ERROR; - idx = SessionCache[row].nextIdx++; +#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) - XMEMCPY(SessionCache[row].Sessions[idx].masterSecret, - ssl->arrays.masterSecret, SECRET_LEN); - XMEMCPY(SessionCache[row].Sessions[idx].sessionID, ssl->arrays.sessionID, - ID_LEN); - SessionCache[row].Sessions[idx].timeout = ssl->timeout; - SessionCache[row].Sessions[idx].bornOn = LowResTimer(); + int CyaSSL_add_all_algorithms(void) + { + CYASSL_ENTER("CyaSSL_add_all_algorithms"); + CyaSSL_Init(); + return SSL_SUCCESS; + } -#ifdef SESSION_CERTS - SessionCache[row].Sessions[idx].chain.count = ssl->session.chain.count; - XMEMCPY(SessionCache[row].Sessions[idx].chain.certs, - ssl->session.chain.certs, sizeof(x509_buffer) * MAX_CHAIN_DEPTH); - SessionCache[row].Sessions[idx].version = ssl->version; - SessionCache[row].Sessions[idx].cipherSuite0 = ssl->options.cipherSuite0; - SessionCache[row].Sessions[idx].cipherSuite = ssl->options.cipherSuite; -#endif + long CyaSSL_CTX_sess_set_cache_size(CYASSL_CTX* ctx, long sz) + { + /* cache size fixed at compile time in CyaSSL */ + (void)ctx; + (void)sz; + return 0; + } - SessionCache[row].totalCount++; - if (SessionCache[row].nextIdx == SESSIONS_PER_ROW) - SessionCache[row].nextIdx = 0; - if (UnLockMutex(&session_mutex) != 0) - return BAD_MUTEX_ERROR; + void CyaSSL_CTX_set_quiet_shutdown(CYASSL_CTX* ctx, int mode) + { + CYASSL_ENTER("CyaSSL_CTX_set_quiet_shutdown"); + if (mode) + ctx->quietShutdown = 1; + } - return 0; -} + void CyaSSL_set_quiet_shutdown(CYASSL* ssl, int mode) + { + CYASSL_ENTER("CyaSSL_CTX_set_quiet_shutdown"); + if (mode) + ssl->options.quietShutdown = 1; + } - #ifdef SESSION_STATS - CYASSL_API - void PrintSessionStats(void) + void CyaSSL_set_bio(CYASSL* ssl, CYASSL_BIO* rd, CYASSL_BIO* wr) { - word32 totalSessionsSeen = 0; - word32 totalSessionsNow = 0; - word32 rowNow; - int i; - double E; /* expected freq */ - double chiSquare = 0; - - for (i = 0; i < SESSION_ROWS; i++) { - totalSessionsSeen += SessionCache[i].totalCount; + CYASSL_ENTER("SSL_set_bio"); + CyaSSL_set_rfd(ssl, rd->fd); + CyaSSL_set_wfd(ssl, wr->fd); - if (SessionCache[i].totalCount >= SESSIONS_PER_ROW) - rowNow = SESSIONS_PER_ROW; - else if (SessionCache[i].nextIdx == 0) - rowNow = 0; - else - rowNow = SessionCache[i].nextIdx; - - totalSessionsNow += rowNow; - } + ssl->biord = rd; + ssl->biowr = wr; + } - printf("Total Sessions Seen = %d\n", totalSessionsSeen); - printf("Total Sessions Now = %d\n", totalSessionsNow); - E = (double)totalSessionsSeen / SESSION_ROWS; + void CyaSSL_CTX_set_client_CA_list(CYASSL_CTX* ctx, + STACK_OF(CYASSL_X509_NAME)* names) + { + (void)ctx; + (void)names; + } - for (i = 0; i < SESSION_ROWS; i++) { - double diff = SessionCache[i].totalCount - E; - diff *= diff; /* square */ - diff /= E; /* normalize */ - chiSquare += diff; - } - printf(" chi-square = %5.1f, d.f. = %d\n", chiSquare, - SESSION_ROWS - 1); - if (SESSION_ROWS == 11) - printf(" .05 p value = 18.3, chi-square should be less\n"); - else if (SESSION_ROWS == 211) - printf(".05 p value = 244.8, chi-square should be less\n"); - else if (SESSION_ROWS == 5981) - printf(".05 p value = 6161.0, chi-square should be less\n"); - else if (SESSION_ROWS == 3) - printf(".05 p value = 6.0, chi-square should be less\n"); - else if (SESSION_ROWS == 2861) - printf(".05 p value = 2985.5, chi-square should be less\n"); - printf("\n"); + STACK_OF(CYASSL_X509_NAME)* CyaSSL_load_client_CA_file(const char* fname) + { + (void)fname; + return 0; } - #endif /* SESSION_STATS */ -#else /* NO_SESSION_CACHE */ + int CyaSSL_CTX_set_default_verify_paths(CYASSL_CTX* ctx) + { + /* TODO:, not needed in goahead */ + (void)ctx; + return SSL_NOT_IMPLEMENTED; + } -/* No session cache version */ -CYASSL_SESSION* GetSession(CYASSL* ssl, byte* masterSecret) -{ - return NULL; -} -#endif /* NO_SESSION_CACHE */ + /* keyblock size in bytes or -1 */ + int CyaSSL_get_keyblock_size(CYASSL* ssl) + { + if (ssl == NULL) + return SSL_FATAL_ERROR; + + return 2 * (ssl->specs.key_size + ssl->specs.iv_size + + ssl->specs.hash_size); + } -/* call before SSL_connect, if verifying will add name check to - date check and signature check */ -int CyaSSL_check_domain_name(CYASSL* ssl, const char* dn) -{ - CYASSL_ENTER("CyaSSL_check_domain_name"); - if (ssl->buffers.domainName.buffer) - XFREE(ssl->buffers.domainName.buffer, ssl->heap, DYNAMIC_TYPE_DOMAIN); + /* store keys returns SSL_SUCCESS or -1 on error */ + int CyaSSL_get_keys(CYASSL* ssl, unsigned char** ms, unsigned int* msLen, + unsigned char** sr, unsigned int* srLen, + unsigned char** cr, unsigned int* crLen) + { + if (ssl == NULL || ssl->arrays == NULL) + return SSL_FATAL_ERROR; - ssl->buffers.domainName.length = (word32)XSTRLEN(dn) + 1; - ssl->buffers.domainName.buffer = (byte*) XMALLOC( - ssl->buffers.domainName.length, ssl->heap, DYNAMIC_TYPE_DOMAIN); + *ms = ssl->arrays->masterSecret; + *sr = ssl->arrays->serverRandom; + *cr = ssl->arrays->clientRandom; + + *msLen = SECRET_LEN; + *srLen = RAN_LEN; + *crLen = RAN_LEN; - if (ssl->buffers.domainName.buffer) { - XSTRNCPY((char*)ssl->buffers.domainName.buffer, dn, - ssl->buffers.domainName.length); return SSL_SUCCESS; } - else { - ssl->error = MEMORY_ERROR; - return SSL_FAILURE; - } -} -/* turn on CyaSSL zlib compression - returns 0 for success, else error (not built in) -*/ -int CyaSSL_set_compression(CYASSL* ssl) -{ - CYASSL_ENTER("CyaSSL_set_compression"); - (void)ssl; -#ifdef HAVE_LIBZ - ssl->options.usingCompression = 1; - return 0; -#else - return NOT_COMPILED_IN; + void CyaSSL_set_accept_state(CYASSL* ssl) + { + byte haveRSA = 1; + byte havePSK = 0; + + CYASSL_ENTER("SSL_set_accept_state"); + ssl->options.side = CYASSL_SERVER_END; + /* reset suites in case user switched */ + + #ifdef NO_RSA + haveRSA = 0; + #endif + #ifndef NO_PSK + havePSK = ssl->options.havePSK; + #endif + InitSuites(ssl->suites, ssl->version, haveRSA, havePSK, + ssl->options.haveDH, ssl->options.haveNTRU, + ssl->options.haveECDSAsig, ssl->options.haveStaticECC, + ssl->options.side); + } #endif -} + /* return true if connection established */ + int CyaSSL_is_init_finished(CYASSL* ssl) + { + if (ssl == NULL) + return 0; -#ifndef USE_WINDOWS_API - #ifndef NO_WRITEV + if (ssl->options.handShakeState == HANDSHAKE_DONE) + return 1; - /* simulate writev semantics, doesn't actually do block at a time though - because of SSL_write behavior and because front adds may be small */ - int CyaSSL_writev(CYASSL* ssl, const struct iovec* iov, int iovcnt) - { - byte tmp[OUTPUT_RECORD_SIZE]; - byte* myBuffer = tmp; - int send = 0; - int newBuffer = 0; - int idx = 0; - int i; - int ret; + return 0; + } - CYASSL_ENTER("CyaSSL_writev"); +#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) + void CyaSSL_CTX_set_tmp_rsa_callback(CYASSL_CTX* ctx, + CYASSL_RSA*(*f)(CYASSL*, int, int)) + { + /* CyaSSL verifies all these internally */ + (void)ctx; + (void)f; + } - for (i = 0; i < iovcnt; i++) - send += iov[i].iov_len; - if (send > (int)sizeof(tmp)) { - byte* tmp2 = (byte*) XMALLOC(send, ssl->heap, - DYNAMIC_TYPE_WRITEV); - if (!tmp2) - return MEMORY_ERROR; - myBuffer = tmp2; - newBuffer = 1; - } + void CyaSSL_set_shutdown(CYASSL* ssl, int opt) + { + (void)ssl; + (void)opt; + } - for (i = 0; i < iovcnt; i++) { - XMEMCPY(&myBuffer[idx], iov[i].iov_base, iov[i].iov_len); - idx += iov[i].iov_len; - } - ret = CyaSSL_write(ssl, myBuffer, send); + long CyaSSL_CTX_set_options(CYASSL_CTX* ctx, long opt) + { + /* goahead calls with 0, do nothing */ + CYASSL_ENTER("SSL_CTX_set_options"); + (void)ctx; + return opt; + } - if (newBuffer) XFREE(myBuffer, ssl->heap, DYNAMIC_TYPE_WRITEV); - return ret; - } - #endif -#endif + int CyaSSL_set_rfd(CYASSL* ssl, int rfd) + { + CYASSL_ENTER("SSL_set_rfd"); + ssl->rfd = rfd; /* not used directly to allow IO callbacks */ + ssl->IOCB_ReadCtx = &ssl->rfd; -#ifdef CYASSL_CALLBACKS + return SSL_SUCCESS; + } - typedef struct itimerval Itimerval; - /* don't keep calling simple functions while setting up timer and singals - if no inlining these are the next best */ + int CyaSSL_set_wfd(CYASSL* ssl, int wfd) + { + CYASSL_ENTER("SSL_set_wfd"); + ssl->wfd = wfd; /* not used directly to allow IO callbacks */ - #define AddTimes(a, b, c) \ - do { \ - c.tv_sec = a.tv_sec + b.tv_sec; \ - c.tv_usec = a.tv_usec + b.tv_usec; \ - if (c.tv_sec >= 1000000) { \ - c.tv_sec++; \ - c.tv_usec -= 1000000; \ - } \ - } while (0) + ssl->IOCB_WriteCtx = &ssl->wfd; + return SSL_SUCCESS; + } - #define SubtractTimes(a, b, c) \ - do { \ - c.tv_sec = a.tv_sec - b.tv_sec; \ - c.tv_usec = a.tv_usec - b.tv_usec; \ - if (c.tv_sec < 0) { \ - c.tv_sec--; \ - c.tv_usec += 1000000; \ - } \ - } while (0) - #define CmpTimes(a, b, cmp) \ - ((a.tv_sec == b.tv_sec) ? \ - (a.tv_usec cmp b.tv_usec) : \ - (a.tv_sec cmp b.tv_sec)) \ + CYASSL_RSA* CyaSSL_RSA_generate_key(int len, unsigned long bits, + void(*f)(int, int, void*), void* data) + { + /* no tmp key needed, actual generation not supported */ + CYASSL_ENTER("RSA_generate_key"); + (void)len; + (void)bits; + (void)f; + (void)data; + return NULL; + } + + + + CYASSL_X509* CyaSSL_X509_STORE_CTX_get_current_cert( + CYASSL_X509_STORE_CTX* ctx) + { + (void)ctx; + return 0; + } - /* do nothing handler */ - static void myHandler(int signo) + int CyaSSL_X509_STORE_CTX_get_error(CYASSL_X509_STORE_CTX* ctx) { - return; + if (ctx != NULL) + return ctx->error; + return 0; } - static int CyaSSL_ex_wrapper(CYASSL* ssl, HandShakeCallBack hsCb, - TimeoutCallBack toCb, Timeval timeout) + int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX* ctx) { - int ret = SSL_FATAL_ERROR; - int oldTimerOn = 0; /* was timer already on */ - Timeval startTime; - Timeval endTime; - Timeval totalTime; - Itimerval myTimeout; - Itimerval oldTimeout; /* if old timer adjust from total time to reset */ - struct sigaction act, oact; - - #define ERR_OUT(x) { ssl->hsInfoOn = 0; ssl->toInfoOn = 0; return x; } - - if (hsCb) { - ssl->hsInfoOn = 1; - InitHandShakeInfo(&ssl->handShakeInfo); - } - if (toCb) { - ssl->toInfoOn = 1; - InitTimeoutInfo(&ssl->timeoutInfo); - - if (gettimeofday(&startTime, 0) < 0) - ERR_OUT(GETTIME_ERROR); + (void)ctx; + return 0; + } - /* use setitimer to simulate getitimer, init 0 myTimeout */ - myTimeout.it_interval.tv_sec = 0; - myTimeout.it_interval.tv_usec = 0; - myTimeout.it_value.tv_sec = 0; - myTimeout.it_value.tv_usec = 0; - if (setitimer(ITIMER_REAL, &myTimeout, &oldTimeout) < 0) - ERR_OUT(SETITIMER_ERROR); - if (oldTimeout.it_value.tv_sec || oldTimeout.it_value.tv_usec) { - oldTimerOn = 1; - - /* is old timer going to expire before ours */ - if (CmpTimes(oldTimeout.it_value, timeout, <)) { - timeout.tv_sec = oldTimeout.it_value.tv_sec; - timeout.tv_usec = oldTimeout.it_value.tv_usec; - } - } - myTimeout.it_value.tv_sec = timeout.tv_sec; - myTimeout.it_value.tv_usec = timeout.tv_usec; - - /* set up signal handler, don't restart socket send/recv */ - act.sa_handler = myHandler; - sigemptyset(&act.sa_mask); - act.sa_flags = 0; -#ifdef SA_INTERRUPT - act.sa_flags |= SA_INTERRUPT; -#endif - if (sigaction(SIGALRM, &act, &oact) < 0) - ERR_OUT(SIGACT_ERROR); + CYASSL_BIO_METHOD* CyaSSL_BIO_f_buffer(void) + { + static CYASSL_BIO_METHOD meth; - if (setitimer(ITIMER_REAL, &myTimeout, 0) < 0) - ERR_OUT(SETITIMER_ERROR); - } + CYASSL_ENTER("BIO_f_buffer"); + meth.type = BIO_BUFFER; - /* do main work */ -#ifndef NO_CYASSL_CLIENT - if (ssl->options.side == CLIENT_END) - ret = CyaSSL_connect(ssl); -#endif -#ifndef NO_CYASSL_SERVER - if (ssl->options.side == SERVER_END) - ret = CyaSSL_accept(ssl); -#endif - - /* do callbacks */ - if (toCb) { - if (oldTimerOn) { - gettimeofday(&endTime, 0); - SubtractTimes(endTime, startTime, totalTime); - /* adjust old timer for elapsed time */ - if (CmpTimes(totalTime, oldTimeout.it_value, <)) - SubtractTimes(oldTimeout.it_value, totalTime, - oldTimeout.it_value); - else { - /* reset value to interval, may be off */ - oldTimeout.it_value.tv_sec = oldTimeout.it_interval.tv_sec; - oldTimeout.it_value.tv_usec =oldTimeout.it_interval.tv_usec; - } - /* keep iter the same whether there or not */ - } - /* restore old handler */ - if (sigaction(SIGALRM, &oact, 0) < 0) - ret = SIGACT_ERROR; /* more pressing error, stomp */ - else - /* use old settings which may turn off (expired or not there) */ - if (setitimer(ITIMER_REAL, &oldTimeout, 0) < 0) - ret = SETITIMER_ERROR; - - /* if we had a timeout call callback */ - if (ssl->timeoutInfo.timeoutName[0]) { - ssl->timeoutInfo.timeoutValue.tv_sec = timeout.tv_sec; - ssl->timeoutInfo.timeoutValue.tv_usec = timeout.tv_usec; - (toCb)(&ssl->timeoutInfo); - } - /* clean up */ - FreeTimeoutInfo(&ssl->timeoutInfo, ssl->heap); - ssl->toInfoOn = 0; - } - if (hsCb) { - FinishHandShakeInfo(&ssl->handShakeInfo, ssl); - (hsCb)(&ssl->handShakeInfo); - ssl->hsInfoOn = 0; - } - return ret; + return &meth; } -#ifndef NO_CYASSL_CLIENT - - int CyaSSL_connect_ex(CYASSL* ssl, HandShakeCallBack hsCb, - TimeoutCallBack toCb, Timeval timeout) + long CyaSSL_BIO_set_write_buffer_size(CYASSL_BIO* bio, long size) { - CYASSL_ENTER("CyaSSL_connect_ex"); - return CyaSSL_ex_wrapper(ssl, hsCb, toCb, timeout); + /* CyaSSL has internal buffer, compatibility only */ + CYASSL_ENTER("BIO_set_write_buffer_size"); + (void)bio; + return size; } -#endif + CYASSL_BIO_METHOD* CyaSSL_BIO_f_ssl(void) + { + static CYASSL_BIO_METHOD meth; -#ifndef NO_CYASSL_SERVER + CYASSL_ENTER("BIO_f_ssl"); + meth.type = BIO_SSL; - int CyaSSL_accept_ex(CYASSL* ssl, HandShakeCallBack hsCb, - TimeoutCallBack toCb,Timeval timeout) - { - CYASSL_ENTER("CyaSSL_accept_ex"); - return CyaSSL_ex_wrapper(ssl, hsCb, toCb, timeout); + return &meth; } -#endif -#endif /* CYASSL_CALLBACKS */ + CYASSL_BIO* CyaSSL_BIO_new_socket(int sfd, int closeF) + { + CYASSL_BIO* bio = (CYASSL_BIO*) XMALLOC(sizeof(CYASSL_BIO), 0, + DYNAMIC_TYPE_OPENSSL); + CYASSL_ENTER("BIO_new_socket"); + if (bio) { + bio->type = BIO_SOCKET; + bio->close = (byte)closeF; + bio->eof = 0; + bio->ssl = 0; + bio->fd = sfd; + bio->prev = 0; + bio->next = 0; + bio->mem = NULL; + bio->memLen = 0; + } + return bio; + } -#ifndef NO_PSK - void CyaSSL_CTX_set_psk_client_callback(CYASSL_CTX* ctx, - psk_client_callback cb) + int CyaSSL_BIO_eof(CYASSL_BIO* b) { - CYASSL_ENTER("SSL_CTX_set_psk_client_callback"); - ctx->havePSK = 1; - ctx->client_psk_cb = cb; + CYASSL_ENTER("BIO_eof"); + if (b->eof) + return 1; + + return 0; } - void CyaSSL_set_psk_client_callback(CYASSL* ssl, psk_client_callback cb) + long CyaSSL_BIO_set_ssl(CYASSL_BIO* b, CYASSL* ssl, int closeF) { - CYASSL_ENTER("SSL_set_psk_client_callback"); - ssl->options.havePSK = 1; - ssl->options.client_psk_cb = cb; + CYASSL_ENTER("BIO_set_ssl"); + b->ssl = ssl; + b->close = (byte)closeF; + /* add to ssl for bio free if SSL_free called before/instead of free_all? */ - InitSuites(&ssl->suites, ssl->version,TRUE,TRUE, ssl->options.haveNTRU, - ssl->options.haveECDSAsig, ssl->options.haveStaticECC, - ssl->options.side); + return 0; } - void CyaSSL_CTX_set_psk_server_callback(CYASSL_CTX* ctx, - psk_server_callback cb) + CYASSL_BIO* CyaSSL_BIO_new(CYASSL_BIO_METHOD* method) { - CYASSL_ENTER("SSL_CTX_set_psk_server_callback"); - ctx->havePSK = 1; - ctx->server_psk_cb = cb; + CYASSL_BIO* bio = (CYASSL_BIO*) XMALLOC(sizeof(CYASSL_BIO), 0, + DYNAMIC_TYPE_OPENSSL); + CYASSL_ENTER("BIO_new"); + if (bio) { + bio->type = method->type; + bio->close = 0; + bio->eof = 0; + bio->ssl = NULL; + bio->mem = NULL; + bio->memLen = 0; + bio->fd = 0; + bio->prev = NULL; + bio->next = NULL; + } + return bio; } - void CyaSSL_set_psk_server_callback(CYASSL* ssl, psk_server_callback cb) + int CyaSSL_BIO_get_mem_data(CYASSL_BIO* bio, const byte** p) { - CYASSL_ENTER("SSL_set_psk_server_callback"); - ssl->options.havePSK = 1; - ssl->options.server_psk_cb = cb; + if (bio == NULL || p == NULL) + return SSL_FATAL_ERROR; + + *p = bio->mem; - InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, TRUE, - ssl->options.haveNTRU, ssl->options.haveECDSAsig, - ssl->options.haveStaticECC, ssl->options.side); + return bio->memLen; } - const char* CyaSSL_get_psk_identity_hint(const CYASSL* ssl) + CYASSL_BIO* CyaSSL_BIO_new_mem_buf(void* buf, int len) { - CYASSL_ENTER("SSL_get_psk_identity_hint"); - return ssl->arrays.server_hint; - } + CYASSL_BIO* bio = NULL; + if (buf == NULL) + return bio; + bio = CyaSSL_BIO_new(CyaSSL_BIO_s_mem()); + if (bio == NULL) + return bio; - const char* CyaSSL_get_psk_identity(const CYASSL* ssl) - { - CYASSL_ENTER("SSL_get_psk_identity"); - return ssl->arrays.client_identity; + bio->memLen = len; + bio->mem = (byte*)XMALLOC(len, 0, DYNAMIC_TYPE_OPENSSL); + if (bio->mem == NULL) { + XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL); + return NULL; + } + + XMEMCPY(bio->mem, buf, len); + + return bio; } - int CyaSSL_CTX_use_psk_identity_hint(CYASSL_CTX* ctx, const char* hint) +#ifdef USE_WINDOWS_API + #define CloseSocket(s) closesocket(s) +#elif defined(CYASSL_MDK_ARM) + #define CloseSocket(s) closesocket(s) + extern int closesocket(int) ; +#else + #define CloseSocket(s) close(s) +#endif + + int CyaSSL_BIO_free(CYASSL_BIO* bio) { - CYASSL_ENTER("SSL_CTX_use_psk_identity_hint"); - if (hint == 0) - ctx->server_hint[0] = 0; - else { - XSTRNCPY(ctx->server_hint, hint, MAX_PSK_ID_LEN); - ctx->server_hint[MAX_PSK_ID_LEN - 1] = '\0'; + /* unchain?, doesn't matter in goahead since from free all */ + CYASSL_ENTER("BIO_free"); + if (bio) { + if (bio->close) { + if (bio->ssl) + CyaSSL_free(bio->ssl); + if (bio->fd) + CloseSocket(bio->fd); + } + if (bio->mem) + XFREE(bio->mem, 0, DYNAMIC_TYPE_OPENSSL); + XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL); } - return SSL_SUCCESS; + return 0; } - int CyaSSL_use_psk_identity_hint(CYASSL* ssl, const char* hint) + int CyaSSL_BIO_free_all(CYASSL_BIO* bio) { - CYASSL_ENTER("SSL_use_psk_identity_hint"); - if (hint == 0) - ssl->arrays.server_hint[0] = 0; - else { - XSTRNCPY(ssl->arrays.server_hint, hint, MAX_PSK_ID_LEN); - ssl->arrays.server_hint[MAX_PSK_ID_LEN - 1] = '\0'; + CYASSL_ENTER("BIO_free_all"); + while (bio) { + CYASSL_BIO* next = bio->next; + CyaSSL_BIO_free(bio); + bio = next; } - return SSL_SUCCESS; + return 0; } -#endif /* NO_PSK */ + int CyaSSL_BIO_read(CYASSL_BIO* bio, void* buf, int len) + { + int ret; + CYASSL* ssl = 0; + CYASSL_BIO* front = bio; -/* used to be defined on NO_FILESYSTEM only, but are generally useful */ + CYASSL_ENTER("BIO_read"); + /* already got eof, again is error */ + if (front->eof) + return SSL_FATAL_ERROR; - /* CyaSSL extension allows DER files to be loaded from buffers as well */ - int CyaSSL_CTX_load_verify_buffer(CYASSL_CTX* ctx, const unsigned char* in, - long sz, int format) - { - CYASSL_ENTER("CyaSSL_CTX_load_verify_buffer"); - if (format == SSL_FILETYPE_PEM) - return ProcessChainBuffer(ctx, in, sz, format, CA_TYPE, NULL); - else - return ProcessBuffer(ctx, in, sz, format, CA_TYPE, NULL,NULL,0); - } + while(bio && ((ssl = bio->ssl) == 0) ) + bio = bio->next; + if (ssl == 0) return BAD_FUNC_ARG; - int CyaSSL_CTX_use_certificate_buffer(CYASSL_CTX* ctx, - const unsigned char* in, long sz, int format) - { - CYASSL_ENTER("CyaSSL_CTX_use_certificate_buffer"); - return ProcessBuffer(ctx, in, sz, format, CERT_TYPE, NULL, NULL, 0); + ret = CyaSSL_read(ssl, buf, len); + if (ret == 0) + front->eof = 1; + else if (ret < 0) { + int err = CyaSSL_get_error(ssl, 0); + if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) ) + front->eof = 1; + } + return ret; } - int CyaSSL_CTX_use_PrivateKey_buffer(CYASSL_CTX* ctx, - const unsigned char* in, long sz, int format) + int CyaSSL_BIO_write(CYASSL_BIO* bio, const void* data, int len) { - CYASSL_ENTER("CyaSSL_CTX_use_PrivateKey_buffer"); - return ProcessBuffer(ctx, in, sz, format, PRIVATEKEY_TYPE, NULL,NULL,0); - } + int ret; + CYASSL* ssl = 0; + CYASSL_BIO* front = bio; + CYASSL_ENTER("BIO_write"); + /* already got eof, again is error */ + if (front->eof) + return SSL_FATAL_ERROR; - int CyaSSL_CTX_use_certificate_chain_buffer(CYASSL_CTX* ctx, - const unsigned char* in, long sz) - { - CYASSL_ENTER("CyaSSL_CTX_use_certificate_chain_buffer"); - return ProcessBuffer(ctx, in, sz, SSL_FILETYPE_PEM, CERT_TYPE, NULL, - NULL, 1); - } + while(bio && ((ssl = bio->ssl) == 0) ) + bio = bio->next; - int CyaSSL_use_certificate_buffer(CYASSL* ssl, - const unsigned char* in, long sz, int format) - { - CYASSL_ENTER("CyaSSL_use_certificate_buffer"); - return ProcessBuffer(ssl->ctx, in, sz, format,CERT_TYPE,ssl,NULL,0); + if (ssl == 0) return BAD_FUNC_ARG; + + ret = CyaSSL_write(ssl, data, len); + if (ret == 0) + front->eof = 1; + else if (ret < 0) { + int err = CyaSSL_get_error(ssl, 0); + if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) ) + front->eof = 1; + } + + return ret; } - int CyaSSL_use_PrivateKey_buffer(CYASSL* ssl, - const unsigned char* in, long sz, int format) + CYASSL_BIO* CyaSSL_BIO_push(CYASSL_BIO* top, CYASSL_BIO* append) { - CYASSL_ENTER("CyaSSL_use_PrivateKey_buffer"); - return ProcessBuffer(ssl->ctx, in, sz, format, PRIVATEKEY_TYPE, - ssl, NULL, 0); + CYASSL_ENTER("BIO_push"); + top->next = append; + append->prev = top; + + return top; } - int CyaSSL_use_certificate_chain_buffer(CYASSL* ssl, - const unsigned char* in, long sz) + int CyaSSL_BIO_flush(CYASSL_BIO* bio) { - CYASSL_ENTER("CyaSSL_use_certificate_chain_buffer"); - return ProcessBuffer(ssl->ctx, in, sz, SSL_FILETYPE_PEM, CERT_TYPE, - ssl, NULL, 1); + /* for CyaSSL no flushing needed */ + CYASSL_ENTER("BIO_flush"); + (void)bio; + return 1; } -/* old NO_FILESYSTEM end */ +#endif /* OPENSSL_EXTRA || GOAHEAD_WS */ -#if defined(OPENSSL_EXTRA) || defined(GOAHEAD_WS) +#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - int CyaSSL_add_all_algorithms(void) + void CyaSSL_CTX_set_default_passwd_cb_userdata(CYASSL_CTX* ctx, + void* userdata) { - CYASSL_ENTER("CyaSSL_add_all_algorithms"); - CyaSSL_Init(); - return SSL_SUCCESS; + CYASSL_ENTER("SSL_CTX_set_default_passwd_cb_userdata"); + ctx->userdata = userdata; } - long CyaSSL_CTX_sess_set_cache_size(CYASSL_CTX* ctx, long sz) + void CyaSSL_CTX_set_default_passwd_cb(CYASSL_CTX* ctx, pem_password_cb cb) { - /* cache size fixed at compile time in CyaSSL */ - (void)ctx; - (void)sz; - return 0; + CYASSL_ENTER("SSL_CTX_set_default_passwd_cb"); + ctx->passwd_cb = cb; } - - void CyaSSL_CTX_set_quiet_shutdown(CYASSL_CTX* ctx, int mode) + int CyaSSL_num_locks(void) { - CYASSL_ENTER("CyaSSL_CTX_set_quiet_shutdown"); - if (mode) - ctx->quietShutdown = 1; + return 0; } - - void CyaSSL_set_quiet_shutdown(CYASSL* ssl, int mode) + void CyaSSL_set_locking_callback(void (*f)(int, int, const char*, int)) { - CYASSL_ENTER("CyaSSL_CTX_set_quiet_shutdown"); - if (mode) - ssl->options.quietShutdown = 1; + (void)f; } - - void CyaSSL_set_bio(CYASSL* ssl, CYASSL_BIO* rd, CYASSL_BIO* wr) + void CyaSSL_set_id_callback(unsigned long (*f)(void)) { - CYASSL_ENTER("SSL_set_bio"); - CyaSSL_set_rfd(ssl, rd->fd); - CyaSSL_set_wfd(ssl, wr->fd); - - ssl->biord = rd; - ssl->biowr = wr; + (void)f; } - - void CyaSSL_CTX_set_client_CA_list(CYASSL_CTX* ctx, - STACK_OF(CYASSL_X509_NAME)* names) + unsigned long CyaSSL_ERR_get_error(void) { - (void)ctx; - (void)names; + /* TODO: */ + return 0; } - - STACK_OF(CYASSL_X509_NAME)* CyaSSL_load_client_CA_file(const char* fname) + int CyaSSL_EVP_BytesToKey(const CYASSL_EVP_CIPHER* type, + const CYASSL_EVP_MD* md, const byte* salt, + const byte* data, int sz, int count, byte* key, byte* iv) { - (void)fname; - return 0; - } + int keyLen = 0; + int ivLen = 0; + Md5 myMD; + byte digest[MD5_DIGEST_SIZE]; - int CyaSSL_CTX_set_default_verify_paths(CYASSL_CTX* ctx) - { - /* TODO:, not needed in goahead */ - (void)ctx; - return SSL_NOT_IMPLEMENTED; - } + int j; + int keyLeft; + int ivLeft; + int keyOutput = 0; + CYASSL_ENTER("EVP_BytesToKey"); + InitMd5(&myMD); - /* keyblock size in bytes or -1 */ - int CyaSSL_get_keyblock_size(CYASSL* ssl) - { - if (ssl == NULL) - return -1; + /* only support MD5 for now */ + if (XSTRNCMP(md, "MD5", 3) != 0) return 0; - return 2 * (ssl->specs.key_size + ssl->specs.iv_size + - ssl->specs.hash_size); - } + /* only support CBC DES and AES for now */ + if (XSTRNCMP(type, "DES-CBC", 7) == 0) { + keyLen = DES_KEY_SIZE; + ivLen = DES_IV_SIZE; + } + else if (XSTRNCMP(type, "DES-EDE3-CBC", 12) == 0) { + keyLen = DES3_KEY_SIZE; + ivLen = DES_IV_SIZE; + } + else if (XSTRNCMP(type, "AES-128-CBC", 11) == 0) { + keyLen = AES_128_KEY_SIZE; + ivLen = AES_IV_SIZE; + } + else if (XSTRNCMP(type, "AES-192-CBC", 11) == 0) { + keyLen = AES_192_KEY_SIZE; + ivLen = AES_IV_SIZE; + } + else if (XSTRNCMP(type, "AES-256-CBC", 11) == 0) { + keyLen = AES_256_KEY_SIZE; + ivLen = AES_IV_SIZE; + } + else + return 0; + keyLeft = keyLen; + ivLeft = ivLen; - /* store keys returns 0 or -1 on error */ - int CyaSSL_get_keys(CYASSL* ssl, unsigned char** ms, unsigned int* msLen, - unsigned char** sr, unsigned int* srLen, - unsigned char** cr, unsigned int* crLen) - { - if (ssl == NULL) - return -1; + while (keyOutput < (keyLen + ivLen)) { + int digestLeft = MD5_DIGEST_SIZE; + /* D_(i - 1) */ + if (keyOutput) /* first time D_0 is empty */ + Md5Update(&myMD, digest, MD5_DIGEST_SIZE); + /* data */ + Md5Update(&myMD, data, sz); + /* salt */ + if (salt) + Md5Update(&myMD, salt, EVP_SALT_SIZE); + Md5Final(&myMD, digest); + /* count */ + for (j = 1; j < count; j++) { + Md5Update(&myMD, digest, MD5_DIGEST_SIZE); + Md5Final(&myMD, digest); + } - *ms = ssl->arrays.masterSecret; - *sr = ssl->arrays.serverRandom; - *cr = ssl->arrays.clientRandom; + if (keyLeft) { + int store = min(keyLeft, MD5_DIGEST_SIZE); + XMEMCPY(&key[keyLen - keyLeft], digest, store); - *msLen = SECRET_LEN; - *srLen = RAN_LEN; - *crLen = RAN_LEN; - - return 0; + keyOutput += store; + keyLeft -= store; + digestLeft -= store; + } + + if (ivLeft && digestLeft) { + int store = min(ivLeft, digestLeft); + XMEMCPY(&iv[ivLen - ivLeft], &digest[MD5_DIGEST_SIZE - + digestLeft], store); + keyOutput += store; + ivLeft -= store; + } + } + if (keyOutput != (keyLen + ivLen)) + return 0; + return keyOutput; } +#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ - void CyaSSL_set_accept_state(CYASSL* ssl) - { - byte havePSK = 0; - CYASSL_ENTER("SSL_set_accept_state"); - ssl->options.side = SERVER_END; - /* reset suites in case user switched */ -#ifndef NO_PSK - havePSK = ssl->options.havePSK; -#endif - InitSuites(&ssl->suites, ssl->version, ssl->options.haveDH, havePSK, - ssl->options.haveNTRU, ssl->options.haveECDSAsig, - ssl->options.haveStaticECC, ssl->options.side); - } +#ifdef OPENSSL_EXTRA - - /* return true if connection established */ - int CyaSSL_is_init_finished(CYASSL* ssl) + unsigned long CyaSSLeay(void) { - if (ssl == NULL) - return 0; + return SSLEAY_VERSION_NUMBER; + } - if (ssl->options.handShakeState == HANDSHAKE_DONE) - return 1; - return 0; + const char* CyaSSLeay_version(int type) + { + static const char* version = "SSLeay CyaSSL compatibility"; + (void)type; + return version; } - void CyaSSL_CTX_set_tmp_rsa_callback(CYASSL_CTX* ctx, - CYASSL_RSA*(*f)(CYASSL*, int, int)) + void CyaSSL_MD5_Init(CYASSL_MD5_CTX* md5) { - /* CyaSSL verifies all these internally */ - (void)ctx; - (void)f; + typedef char md5_test[sizeof(MD5_CTX) >= sizeof(Md5) ? 1 : -1]; + (void)sizeof(md5_test); + + CYASSL_ENTER("MD5_Init"); + InitMd5((Md5*)md5); } - void CyaSSL_set_shutdown(CYASSL* ssl, int opt) + void CyaSSL_MD5_Update(CYASSL_MD5_CTX* md5, const void* input, + unsigned long sz) { - (void)ssl; - (void)opt; + CYASSL_ENTER("CyaSSL_MD5_Update"); + Md5Update((Md5*)md5, (const byte*)input, (word32)sz); } - long CyaSSL_CTX_set_options(CYASSL_CTX* ctx, long opt) + void CyaSSL_MD5_Final(byte* input, CYASSL_MD5_CTX* md5) { - /* goahead calls with 0, do nothing */ - CYASSL_ENTER("SSL_CTX_set_options"); - (void)ctx; - return opt; + CYASSL_ENTER("MD5_Final"); + Md5Final((Md5*)md5, input); } - int CyaSSL_set_rfd(CYASSL* ssl, int rfd) + void CyaSSL_SHA_Init(CYASSL_SHA_CTX* sha) { - CYASSL_ENTER("SSL_set_rfd"); - ssl->rfd = rfd; /* not used directly to allow IO callbacks */ - - ssl->IOCB_ReadCtx = &ssl->rfd; + typedef char sha_test[sizeof(SHA_CTX) >= sizeof(Sha) ? 1 : -1]; + (void)sizeof(sha_test); - return SSL_SUCCESS; + CYASSL_ENTER("SHA_Init"); + InitSha((Sha*)sha); /* OpenSSL compat, no ret */ } - int CyaSSL_set_wfd(CYASSL* ssl, int wfd) + void CyaSSL_SHA_Update(CYASSL_SHA_CTX* sha, const void* input, + unsigned long sz) { - CYASSL_ENTER("SSL_set_wfd"); - ssl->wfd = wfd; /* not used directly to allow IO callbacks */ - - ssl->IOCB_WriteCtx = &ssl->wfd; - - return SSL_SUCCESS; + CYASSL_ENTER("SHA_Update"); + ShaUpdate((Sha*)sha, (const byte*)input, (word32)sz); } - CYASSL_RSA* CyaSSL_RSA_generate_key(int len, unsigned long bits, - void(*f)(int, int, void*), void* data) + void CyaSSL_SHA_Final(byte* input, CYASSL_SHA_CTX* sha) { - /* no tmp key needed, actual generation not supported */ - CYASSL_ENTER("RSA_generate_key"); - (void)len; - (void)bits; - (void)f; - (void)data; - return NULL; + CYASSL_ENTER("SHA_Final"); + ShaFinal((Sha*)sha, input); } - /* return the next, if any, altname from the peer cert */ - char* CyaSSL_X509_get_next_altname(CYASSL_X509* cert) + void CyaSSL_SHA1_Init(CYASSL_SHA_CTX* sha) { - char* ret = NULL; - CYASSL_ENTER("CyaSSL_X509_get_next_altname"); + CYASSL_ENTER("SHA1_Init"); + SHA_Init(sha); + } - /* don't have any to work with */ - if (cert == NULL || cert->altNames == NULL) - return NULL; - /* already went through them */ - if (cert->altNamesNext == NULL) - return NULL; + void CyaSSL_SHA1_Update(CYASSL_SHA_CTX* sha, const void* input, + unsigned long sz) + { + CYASSL_ENTER("SHA1_Update"); + SHA_Update(sha, input, sz); + } - ret = cert->altNamesNext->name; - cert->altNamesNext = cert->altNamesNext->next; - return ret; + void CyaSSL_SHA1_Final(byte* input, CYASSL_SHA_CTX* sha) + { + CYASSL_ENTER("SHA1_Final"); + SHA_Final(input, sha); } - CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509* cert) + void CyaSSL_SHA256_Init(CYASSL_SHA256_CTX* sha256) { - CYASSL_ENTER("X509_get_issuer_name"); - return &cert->issuer; + typedef char sha_test[sizeof(SHA256_CTX) >= sizeof(Sha256) ? 1 : -1]; + (void)sizeof(sha_test); + + CYASSL_ENTER("SHA256_Init"); + InitSha256((Sha256*)sha256); /* OpenSSL compat, no error */ } - CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509* cert) + void CyaSSL_SHA256_Update(CYASSL_SHA256_CTX* sha, const void* input, + unsigned long sz) { - CYASSL_ENTER("X509_get_subject_name"); - return &cert->subject; + CYASSL_ENTER("SHA256_Update"); + Sha256Update((Sha256*)sha, (const byte*)input, (word32)sz); + /* OpenSSL compat, no error */ } - /* copy name into in buffer, at most sz bytes, if buffer is null will - malloc buffer, call responsible for freeing */ - char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME* name, char* in, int sz) + void CyaSSL_SHA256_Final(byte* input, CYASSL_SHA256_CTX* sha) { - int copySz = min(sz, name->sz); - - CYASSL_ENTER("CyaSSL_X509_NAME_oneline"); - if (!name->sz) return in; + CYASSL_ENTER("SHA256_Final"); + Sha256Final((Sha256*)sha, input); + /* OpenSSL compat, no error */ + } - if (!in) { - in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL); - if (!in ) return in; - copySz = name->sz; - } - if (copySz == 0) - return in; + #ifdef CYASSL_SHA384 - XMEMCPY(in, name->name, copySz - 1); - in[copySz - 1] = 0; + void CyaSSL_SHA384_Init(CYASSL_SHA384_CTX* sha) + { + typedef char sha_test[sizeof(SHA384_CTX) >= sizeof(Sha384) ? 1 : -1]; + (void)sizeof(sha_test); - return in; + CYASSL_ENTER("SHA384_Init"); + InitSha384((Sha384*)sha); /* OpenSSL compat, no error */ } - CYASSL_X509* CyaSSL_X509_STORE_CTX_get_current_cert( - CYASSL_X509_STORE_CTX* ctx) + void CyaSSL_SHA384_Update(CYASSL_SHA384_CTX* sha, const void* input, + unsigned long sz) { - (void)ctx; - return 0; + CYASSL_ENTER("SHA384_Update"); + Sha384Update((Sha384*)sha, (const byte*)input, (word32)sz); + /* OpenSSL compat, no error */ } - int CyaSSL_X509_STORE_CTX_get_error(CYASSL_X509_STORE_CTX* ctx) + void CyaSSL_SHA384_Final(byte* input, CYASSL_SHA384_CTX* sha) { - (void)ctx; - return 0; + CYASSL_ENTER("SHA384_Final"); + Sha384Final((Sha384*)sha, input); + /* OpenSSL compat, no error */ } + #endif /* CYASSL_SHA384 */ - int CyaSSL_X509_STORE_CTX_get_error_depth(CYASSL_X509_STORE_CTX* ctx) - { - (void)ctx; - return 0; - } + #ifdef CYASSL_SHA512 - CYASSL_BIO_METHOD* CyaSSL_BIO_f_buffer(void) + void CyaSSL_SHA512_Init(CYASSL_SHA512_CTX* sha) { - static CYASSL_BIO_METHOD meth; - - CYASSL_ENTER("BIO_f_buffer"); - meth.type = BIO_BUFFER; + typedef char sha_test[sizeof(SHA512_CTX) >= sizeof(Sha512) ? 1 : -1]; + (void)sizeof(sha_test); - return &meth; + CYASSL_ENTER("SHA512_Init"); + InitSha512((Sha512*)sha); /* OpenSSL compat, no error */ } - long CyaSSL_BIO_set_write_buffer_size(CYASSL_BIO* bio, long size) + void CyaSSL_SHA512_Update(CYASSL_SHA512_CTX* sha, const void* input, + unsigned long sz) { - /* CyaSSL has internal buffer, compatibility only */ - CYASSL_ENTER("BIO_set_write_buffer_size"); - (void)bio; - return size; + CYASSL_ENTER("SHA512_Update"); + Sha512Update((Sha512*)sha, (const byte*)input, (word32)sz); + /* OpenSSL compat, no error */ } - CYASSL_BIO_METHOD* CyaSSL_BIO_f_ssl(void) + void CyaSSL_SHA512_Final(byte* input, CYASSL_SHA512_CTX* sha) { - static CYASSL_BIO_METHOD meth; + CYASSL_ENTER("SHA512_Final"); + Sha512Final((Sha512*)sha, input); + /* OpenSSL compat, no error */ + } - CYASSL_ENTER("BIO_f_ssl"); - meth.type = BIO_SSL; + #endif /* CYASSL_SHA512 */ - return &meth; + + const CYASSL_EVP_MD* CyaSSL_EVP_md5(void) + { + static const char* type = "MD5"; + CYASSL_ENTER("EVP_md5"); + return type; } - CYASSL_BIO* CyaSSL_BIO_new_socket(int sfd, int closeF) + const CYASSL_EVP_MD* CyaSSL_EVP_sha1(void) { - CYASSL_BIO* bio = (CYASSL_BIO*) XMALLOC(sizeof(CYASSL_BIO), 0, - DYNAMIC_TYPE_OPENSSL); - - CYASSL_ENTER("BIO_new_socket"); - if (bio) { - bio->type = BIO_SOCKET; - bio->close = (byte)closeF; - bio->eof = 0; - bio->ssl = 0; - bio->fd = sfd; - bio->prev = 0; - bio->next = 0; - } - return bio; + static const char* type = "SHA"; + CYASSL_ENTER("EVP_sha1"); + return type; } - int CyaSSL_BIO_eof(CYASSL_BIO* b) + const CYASSL_EVP_MD* CyaSSL_EVP_sha256(void) { - CYASSL_ENTER("BIO_eof"); - if (b->eof) - return 1; - - return 0; + static const char* type = "SHA256"; + CYASSL_ENTER("EVP_sha256"); + return type; } + #ifdef CYASSL_SHA384 - long CyaSSL_BIO_set_ssl(CYASSL_BIO* b, CYASSL* ssl, int closeF) + const CYASSL_EVP_MD* CyaSSL_EVP_sha384(void) { - CYASSL_ENTER("BIO_set_ssl"); - b->ssl = ssl; - b->close = (byte)closeF; - /* add to ssl for bio free if SSL_free called before/instead of free_all? */ - - return 0; + static const char* type = "SHA384"; + CYASSL_ENTER("EVP_sha384"); + return type; } + #endif /* CYASSL_SHA384 */ - CYASSL_BIO* CyaSSL_BIO_new(CYASSL_BIO_METHOD* method) - { - CYASSL_BIO* bio = (CYASSL_BIO*) XMALLOC(sizeof(CYASSL_BIO), 0, - DYNAMIC_TYPE_OPENSSL); - CYASSL_ENTER("BIO_new"); - if (bio) { - bio->type = method->type; - bio->close = 0; - bio->eof = 0; - bio->ssl = NULL; - bio->mem = NULL; - bio->memLen = 0; - bio->fd = 0; - bio->prev = NULL; - bio->next = NULL; - } - return bio; + #ifdef CYASSL_SHA512 + + const CYASSL_EVP_MD* CyaSSL_EVP_sha512(void) + { + static const char* type = "SHA512"; + CYASSL_ENTER("EVP_sha512"); + return type; } + #endif /* CYASSL_SHA512 */ - int CyaSSL_BIO_get_mem_data(CYASSL_BIO* bio, const byte** p) + + void CyaSSL_EVP_MD_CTX_init(CYASSL_EVP_MD_CTX* ctx) { - if (bio == NULL || p == NULL) - return -1; + CYASSL_ENTER("EVP_CIPHER_MD_CTX_init"); + (void)ctx; + /* do nothing */ + } - *p = bio->mem; - return bio->memLen; + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_128_cbc(void) + { + static const char* type = "AES128-CBC"; + CYASSL_ENTER("CyaSSL_EVP_aes_128_cbc"); + return type; } - CYASSL_BIO* CyaSSL_BIO_new_mem_buf(void* buf, int len) + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_192_cbc(void) { - CYASSL_BIO* bio = NULL; - if (buf == NULL) - return bio; + static const char* type = "AES192-CBC"; + CYASSL_ENTER("CyaSSL_EVP_aes_192_cbc"); + return type; + } - bio = CyaSSL_BIO_new(CyaSSL_BIO_s_mem()); - if (bio == NULL) - return bio; - bio->memLen = len; - bio->mem = (byte*)XMALLOC(len, 0, DYNAMIC_TYPE_OPENSSL); - if (bio->mem == NULL) { - XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL); - return NULL; - } + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_256_cbc(void) + { + static const char* type = "AES256-CBC"; + CYASSL_ENTER("CyaSSL_EVP_aes_256_cbc"); + return type; + } - XMEMCPY(bio->mem, buf, len); - return bio; + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_128_ctr(void) + { + static const char* type = "AES128-CTR"; + CYASSL_ENTER("CyaSSL_EVP_aes_128_ctr"); + return type; } -#ifdef USE_WINDOWS_API - #define CloseSocket(s) closesocket(s) -#else - #define CloseSocket(s) close(s) -#endif - - int CyaSSL_BIO_free(CYASSL_BIO* bio) + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_192_ctr(void) { - /* unchain?, doesn't matter in goahead since from free all */ - CYASSL_ENTER("BIO_free"); - if (bio) { - if (bio->close) { - if (bio->ssl) - CyaSSL_free(bio->ssl); - if (bio->fd) - CloseSocket(bio->fd); - } - if (bio->mem) - XFREE(bio->mem, 0, DYNAMIC_TYPE_OPENSSL); - XFREE(bio, 0, DYNAMIC_TYPE_OPENSSL); - } - return 0; + static const char* type = "AES192-CTR"; + CYASSL_ENTER("CyaSSL_EVP_aes_192_ctr"); + return type; } - int CyaSSL_BIO_free_all(CYASSL_BIO* bio) + const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_256_ctr(void) { - CYASSL_ENTER("BIO_free_all"); - while (bio) { - CYASSL_BIO* next = bio->next; - CyaSSL_BIO_free(bio); - bio = next; - } - return 0; + static const char* type = "AES256-CTR"; + CYASSL_ENTER("CyaSSL_EVP_aes_256_ctr"); + return type; } - int CyaSSL_BIO_read(CYASSL_BIO* bio, void* buf, int len) + const CYASSL_EVP_CIPHER* CyaSSL_EVP_des_cbc(void) { - int ret; - CYASSL* ssl = 0; - CYASSL_BIO* front = bio; + static const char* type = "DES-CBC"; + CYASSL_ENTER("CyaSSL_EVP_des_cbc"); + return type; + } - CYASSL_ENTER("BIO_read"); - /* already got eof, again is error */ - if (front->eof) - return SSL_FATAL_ERROR; - while(bio && ((ssl = bio->ssl) == 0) ) - bio = bio->next; + const CYASSL_EVP_CIPHER* CyaSSL_EVP_des_ede3_cbc(void) + { + static const char* type = "DES-EDE3-CBC"; + CYASSL_ENTER("CyaSSL_EVP_des_ede3_cbc"); + return type; + } - if (ssl == 0) return BAD_FUNC_ARG; - ret = CyaSSL_read(ssl, buf, len); - if (ret == 0) - front->eof = 1; - else if (ret < 0) { - int err = CyaSSL_get_error(ssl, 0); - if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) ) - front->eof = 1; - } - return ret; + const CYASSL_EVP_CIPHER* CyaSSL_EVP_rc4(void) + { + static const char* type = "ARC4"; + CYASSL_ENTER("CyaSSL_EVP_rc4"); + return type; } - int CyaSSL_BIO_write(CYASSL_BIO* bio, const void* data, int len) + const CYASSL_EVP_CIPHER* CyaSSL_EVP_enc_null(void) { - int ret; - CYASSL* ssl = 0; - CYASSL_BIO* front = bio; + static const char* type = "NULL"; + CYASSL_ENTER("CyaSSL_EVP_enc_null"); + return type; + } - CYASSL_ENTER("BIO_write"); - /* already got eof, again is error */ - if (front->eof) - return SSL_FATAL_ERROR; - while(bio && ((ssl = bio->ssl) == 0) ) - bio = bio->next; + int CyaSSL_EVP_MD_CTX_cleanup(CYASSL_EVP_MD_CTX* ctx) + { + CYASSL_ENTER("EVP_MD_CTX_cleanup"); + (void)ctx; + return 0; + } - if (ssl == 0) return BAD_FUNC_ARG; - ret = CyaSSL_write(ssl, data, len); - if (ret == 0) - front->eof = 1; - else if (ret < 0) { - int err = CyaSSL_get_error(ssl, 0); - if ( !(err == SSL_ERROR_WANT_READ || err == SSL_ERROR_WANT_WRITE) ) - front->eof = 1; - } - return ret; + void CyaSSL_EVP_CIPHER_CTX_init(CYASSL_EVP_CIPHER_CTX* ctx) + { + CYASSL_ENTER("EVP_CIPHER_CTX_init"); + if (ctx) { + ctx->cipherType = 0xff; /* no init */ + ctx->keyLen = 0; + ctx->enc = 1; /* start in encrypt mode */ + } } - CYASSL_BIO* CyaSSL_BIO_push(CYASSL_BIO* top, CYASSL_BIO* append) + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_CIPHER_CTX_cleanup(CYASSL_EVP_CIPHER_CTX* ctx) { - CYASSL_ENTER("BIO_push"); - top->next = append; - append->prev = top; + CYASSL_ENTER("EVP_CIPHER_CTX_cleanup"); + if (ctx) { + ctx->cipherType = 0xff; /* no more init */ + ctx->keyLen = 0; + } - return top; + return SSL_SUCCESS; } - int CyaSSL_BIO_flush(CYASSL_BIO* bio) + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_CipherInit(CYASSL_EVP_CIPHER_CTX* ctx, + const CYASSL_EVP_CIPHER* type, byte* key, + byte* iv, int enc) { - /* for CyaSSL no flushing needed */ - CYASSL_ENTER("BIO_flush"); - (void)bio; - return 1; - } + int ret = 0; + + CYASSL_ENTER("CyaSSL_EVP_CipherInit"); + if (ctx == NULL) { + CYASSL_MSG("no ctx"); + return 0; /* failure */ + } + + if (type == NULL && ctx->cipherType == 0xff) { + CYASSL_MSG("no type set"); + return 0; /* failure */ + } + if (ctx->cipherType == AES_128_CBC_TYPE || (type && + XSTRNCMP(type, "AES128-CBC", 10) == 0)) { + CYASSL_MSG("AES-128-CBC"); + ctx->cipherType = AES_128_CBC_TYPE; + ctx->keyLen = 16; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (ret != 0) + return ret; + } + if (iv && key == NULL) { + ret = AesSetIV(&ctx->cipher.aes, iv); + if (ret != 0) + return ret; + } + } + else if (ctx->cipherType == AES_192_CBC_TYPE || (type && + XSTRNCMP(type, "AES192-CBC", 10) == 0)) { + CYASSL_MSG("AES-192-CBC"); + ctx->cipherType = AES_192_CBC_TYPE; + ctx->keyLen = 24; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (ret != 0) + return ret; + } + if (iv && key == NULL) { + ret = AesSetIV(&ctx->cipher.aes, iv); + if (ret != 0) + return ret; + } + } + else if (ctx->cipherType == AES_256_CBC_TYPE || (type && + XSTRNCMP(type, "AES256-CBC", 10) == 0)) { + CYASSL_MSG("AES-256-CBC"); + ctx->cipherType = AES_256_CBC_TYPE; + ctx->keyLen = 32; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); + if (ret != 0) + return ret; + } + if (iv && key == NULL) { + ret = AesSetIV(&ctx->cipher.aes, iv); + if (ret != 0) + return ret; + } + } +#ifdef CYASSL_AES_COUNTER + else if (ctx->cipherType == AES_128_CTR_TYPE || (type && + XSTRNCMP(type, "AES128-CTR", 10) == 0)) { + CYASSL_MSG("AES-128-CTR"); + ctx->cipherType = AES_128_CTR_TYPE; + ctx->keyLen = 16; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + AES_ENCRYPTION); + if (ret != 0) + return ret; + } + if (iv && key == NULL) { + ret = AesSetIV(&ctx->cipher.aes, iv); + if (ret != 0) + return ret; + } + } + else if (ctx->cipherType == AES_192_CTR_TYPE || (type && + XSTRNCMP(type, "AES192-CTR", 10) == 0)) { + CYASSL_MSG("AES-192-CTR"); + ctx->cipherType = AES_192_CTR_TYPE; + ctx->keyLen = 24; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + AES_ENCRYPTION); + if (ret != 0) + return ret; + } + if (iv && key == NULL) { + ret = AesSetIV(&ctx->cipher.aes, iv); + if (ret != 0) + return ret; + } + } + else if (ctx->cipherType == AES_256_CTR_TYPE || (type && + XSTRNCMP(type, "AES256-CTR", 10) == 0)) { + CYASSL_MSG("AES-256-CTR"); + ctx->cipherType = AES_256_CTR_TYPE; + ctx->keyLen = 32; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) { + ret = AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, + AES_ENCRYPTION); + if (ret != 0) + return ret; + } + if (iv && key == NULL) { + ret = AesSetIV(&ctx->cipher.aes, iv); + if (ret != 0) + return ret; + } + } +#endif /* CYASSL_AES_CTR */ + else if (ctx->cipherType == DES_CBC_TYPE || (type && + XSTRNCMP(type, "DES-CBC", 7) == 0)) { + CYASSL_MSG("DES-CBC"); + ctx->cipherType = DES_CBC_TYPE; + ctx->keyLen = 8; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) { + ret = Des_SetKey(&ctx->cipher.des, key, iv, + ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION); + if (ret != 0) + return ret; + } -#endif /* OPENSSL_EXTRA || GOAHEAD_WS */ + if (iv && key == NULL) + Des_SetIV(&ctx->cipher.des, iv); + } + else if (ctx->cipherType == DES_EDE3_CBC_TYPE || (type && + XSTRNCMP(type, "DES-EDE3-CBC", 11) == 0)) { + CYASSL_MSG("DES-EDE3-CBC"); + ctx->cipherType = DES_EDE3_CBC_TYPE; + ctx->keyLen = 24; + if (enc == 0 || enc == 1) + ctx->enc = enc ? 1 : 0; + if (key) { + ret = Des3_SetKey(&ctx->cipher.des3, key, iv, + ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION); + if (ret != 0) + return ret; + } + if (iv && key == NULL) { + ret = Des3_SetIV(&ctx->cipher.des3, iv); + if (ret != 0) + return ret; + } + } + else if (ctx->cipherType == ARC4_TYPE || (type && + XSTRNCMP(type, "ARC4", 4) == 0)) { + CYASSL_MSG("ARC4"); + ctx->cipherType = ARC4_TYPE; + if (ctx->keyLen == 0) /* user may have already set */ + ctx->keyLen = 16; /* default to 128 */ + if (key) + Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen); + } + else if (ctx->cipherType == NULL_CIPHER_TYPE || (type && + XSTRNCMP(type, "NULL", 4) == 0)) { + CYASSL_MSG("NULL cipher"); + ctx->cipherType = NULL_CIPHER_TYPE; + ctx->keyLen = 0; + } + else + return 0; /* failure */ -#if defined(OPENSSL_EXTRA) || defined(HAVE_WEBSERVER) - void CyaSSL_CTX_set_default_passwd_cb_userdata(CYASSL_CTX* ctx, - void* userdata) - { - CYASSL_ENTER("SSL_CTX_set_default_passwd_cb_userdata"); - ctx->userdata = userdata; + return SSL_SUCCESS; } - void CyaSSL_CTX_set_default_passwd_cb(CYASSL_CTX* ctx, pem_password_cb cb) + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_CIPHER_CTX_key_length(CYASSL_EVP_CIPHER_CTX* ctx) { - CYASSL_ENTER("SSL_CTX_set_default_passwd_cb"); - ctx->passwd_cb = cb; - } + CYASSL_ENTER("CyaSSL_EVP_CIPHER_CTX_key_length"); + if (ctx) + return ctx->keyLen; - int CyaSSL_num_locks(void) - { - return 0; + return 0; /* failure */ } - void CyaSSL_set_locking_callback(void (*f)(int, int, const char*, int)) - { - (void)f; - } - void CyaSSL_set_id_callback(unsigned long (*f)(void)) + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_CIPHER_CTX_set_key_length(CYASSL_EVP_CIPHER_CTX* ctx, + int keylen) { - (void)f; - } + CYASSL_ENTER("CyaSSL_EVP_CIPHER_CTX_set_key_length"); + if (ctx) + ctx->keyLen = keylen; + else + return 0; /* failure */ - unsigned long CyaSSL_ERR_get_error(void) - { - /* TODO: */ - return 0; + return SSL_SUCCESS; } - int CyaSSL_EVP_BytesToKey(const CYASSL_EVP_CIPHER* type, - const CYASSL_EVP_MD* md, const byte* salt, - const byte* data, int sz, int count, byte* key, byte* iv) + + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_Cipher(CYASSL_EVP_CIPHER_CTX* ctx, byte* dst, byte* src, + word32 len) { - int keyLen = 0; - int ivLen = 0; + int ret = 0; + CYASSL_ENTER("CyaSSL_EVP_Cipher"); - Md5 myMD; - byte digest[MD5_DIGEST_SIZE]; + if (ctx == NULL || dst == NULL || src == NULL) { + CYASSL_MSG("Bad function argument"); + return 0; /* failure */ + } - int j; - int keyLeft; - int ivLeft; - int keyOutput = 0; + if (ctx->cipherType == 0xff) { + CYASSL_MSG("no init"); + return 0; /* failure */ + } - CYASSL_ENTER("EVP_BytesToKey"); - InitMd5(&myMD); + switch (ctx->cipherType) { - /* only support MD5 for now */ - if (XSTRNCMP(md, "MD5", 3)) return 0; + case AES_128_CBC_TYPE : + case AES_192_CBC_TYPE : + case AES_256_CBC_TYPE : + CYASSL_MSG("AES CBC"); + if (ctx->enc) + ret = AesCbcEncrypt(&ctx->cipher.aes, dst, src, len); + else + ret = AesCbcDecrypt(&ctx->cipher.aes, dst, src, len); + break; - /* only support CBC DES and AES for now */ - if (XSTRNCMP(type, "DES-CBC", 7) == 0) { - keyLen = DES_KEY_SIZE; - ivLen = DES_IV_SIZE; - } - else if (XSTRNCMP(type, "DES-EDE3-CBC", 12) == 0) { - keyLen = DES3_KEY_SIZE; - ivLen = DES_IV_SIZE; - } - else if (XSTRNCMP(type, "AES-128-CBC", 11) == 0) { - keyLen = AES_128_KEY_SIZE; - ivLen = AES_IV_SIZE; - } - else if (XSTRNCMP(type, "AES-192-CBC", 11) == 0) { - keyLen = AES_192_KEY_SIZE; - ivLen = AES_IV_SIZE; - } - else if (XSTRNCMP(type, "AES-256-CBC", 11) == 0) { - keyLen = AES_256_KEY_SIZE; - ivLen = AES_IV_SIZE; - } - else - return 0; +#ifdef CYASSL_AES_COUNTER + case AES_128_CTR_TYPE : + case AES_192_CTR_TYPE : + case AES_256_CTR_TYPE : + CYASSL_MSG("AES CTR"); + AesCtrEncrypt(&ctx->cipher.aes, dst, src, len); + break; +#endif - keyLeft = keyLen; - ivLeft = ivLen; + case DES_CBC_TYPE : + if (ctx->enc) + Des_CbcEncrypt(&ctx->cipher.des, dst, src, len); + else + Des_CbcDecrypt(&ctx->cipher.des, dst, src, len); + break; - while (keyOutput < (keyLen + ivLen)) { - int digestLeft = MD5_DIGEST_SIZE; - /* D_(i - 1) */ - if (keyOutput) /* first time D_0 is empty */ - Md5Update(&myMD, digest, MD5_DIGEST_SIZE); - /* data */ - Md5Update(&myMD, data, sz); - /* salt */ - if (salt) - Md5Update(&myMD, salt, EVP_SALT_SIZE); - Md5Final(&myMD, digest); - /* count */ - for (j = 1; j < count; j++) { - Md5Update(&myMD, digest, MD5_DIGEST_SIZE); - Md5Final(&myMD, digest); - } + case DES_EDE3_CBC_TYPE : + if (ctx->enc) + ret = Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len); + else + ret = Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len); + break; - if (keyLeft) { - int store = min(keyLeft, MD5_DIGEST_SIZE); - XMEMCPY(&key[keyLen - keyLeft], digest, store); + case ARC4_TYPE : + Arc4Process(&ctx->cipher.arc4, dst, src, len); + break; - keyOutput += store; - keyLeft -= store; - digestLeft -= store; - } + case NULL_CIPHER_TYPE : + XMEMCPY(dst, src, len); + break; - if (ivLeft && digestLeft) { - int store = min(ivLeft, digestLeft); - XMEMCPY(&iv[ivLen - ivLeft], &digest[MD5_DIGEST_SIZE - - digestLeft], store); - keyOutput += store; - ivLeft -= store; + default: { + CYASSL_MSG("bad type"); + return 0; /* failure */ } } - if (keyOutput != (keyLen + ivLen)) - return 0; - return keyOutput; - } -#endif /* OPENSSL_EXTRA || HAVE_WEBSERVER */ + if (ret != 0) { + CYASSL_MSG("CyaSSL_EVP_Cipher failure"); + return 0; /* failuer */ + } + CYASSL_MSG("CyaSSL_EVP_Cipher success"); + return SSL_SUCCESS; /* success */ + } -#ifdef OPENSSL_EXTRA - unsigned long CyaSSLeay(void) + /* store for external read of iv, SSL_SUCCESS on success */ + int CyaSSL_StoreExternalIV(CYASSL_EVP_CIPHER_CTX* ctx) { - return SSLEAY_VERSION_NUMBER; - } + CYASSL_ENTER("CyaSSL_StoreExternalIV"); + if (ctx == NULL) { + CYASSL_MSG("Bad function argument"); + return SSL_FATAL_ERROR; + } - const char* CyaSSLeay_version(int type) - { - static const char* version = "SSLeay CyaSSL compatibility"; - (void)type; - return version; - } + switch (ctx->cipherType) { + case AES_128_CBC_TYPE : + case AES_192_CBC_TYPE : + case AES_256_CBC_TYPE : + CYASSL_MSG("AES CBC"); + memcpy(ctx->iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE); + break; - void CyaSSL_MD5_Init(CYASSL_MD5_CTX* md5) - { - typedef char md5_test[sizeof(MD5_CTX) >= sizeof(Md5) ? 1 : -1]; - (void)sizeof(md5_test); +#ifdef CYASSL_AES_COUNTER + case AES_128_CTR_TYPE : + case AES_192_CTR_TYPE : + case AES_256_CTR_TYPE : + CYASSL_MSG("AES CTR"); + memcpy(ctx->iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE); + break; +#endif - CYASSL_ENTER("MD5_Init"); - InitMd5((Md5*)md5); - } + case DES_CBC_TYPE : + CYASSL_MSG("DES CBC"); + memcpy(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE); + break; + case DES_EDE3_CBC_TYPE : + CYASSL_MSG("DES EDE3 CBC"); + memcpy(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE); + break; - void CyaSSL_MD5_Update(CYASSL_MD5_CTX* md5, const void* input, - unsigned long sz) - { - CYASSL_ENTER("CyaSSL_MD5_Update"); - Md5Update((Md5*)md5, (const byte*)input, sz); - } + case ARC4_TYPE : + CYASSL_MSG("ARC4"); + break; + case NULL_CIPHER_TYPE : + CYASSL_MSG("NULL"); + break; - void CyaSSL_MD5_Final(byte* input, CYASSL_MD5_CTX* md5) - { - CYASSL_ENTER("MD5_Final"); - Md5Final((Md5*)md5, input); + default: { + CYASSL_MSG("bad type"); + return SSL_FATAL_ERROR; + } + } + return SSL_SUCCESS; } - void CyaSSL_SHA_Init(CYASSL_SHA_CTX* sha) + /* set internal IV from external, SSL_SUCCESS on success */ + int CyaSSL_SetInternalIV(CYASSL_EVP_CIPHER_CTX* ctx) { - typedef char sha_test[sizeof(SHA_CTX) >= sizeof(Sha) ? 1 : -1]; - (void)sizeof(sha_test); - - CYASSL_ENTER("SHA_Init"); - InitSha((Sha*)sha); - } + CYASSL_ENTER("CyaSSL_SetInternalIV"); - void CyaSSL_SHA_Update(CYASSL_SHA_CTX* sha, const void* input, - unsigned long sz) - { - CYASSL_ENTER("SHA_Update"); - ShaUpdate((Sha*)sha, (const byte*)input, sz); - } + if (ctx == NULL) { + CYASSL_MSG("Bad function argument"); + return SSL_FATAL_ERROR; + } + switch (ctx->cipherType) { - void CyaSSL_SHA_Final(byte* input, CYASSL_SHA_CTX* sha) - { - CYASSL_ENTER("SHA_Final"); - ShaFinal((Sha*)sha, input); - } + case AES_128_CBC_TYPE : + case AES_192_CBC_TYPE : + case AES_256_CBC_TYPE : + CYASSL_MSG("AES CBC"); + memcpy(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE); + break; +#ifdef CYASSL_AES_COUNTER + case AES_128_CTR_TYPE : + case AES_192_CTR_TYPE : + case AES_256_CTR_TYPE : + CYASSL_MSG("AES CTR"); + memcpy(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE); + break; +#endif - void CyaSSL_SHA1_Init(CYASSL_SHA_CTX* sha) - { - CYASSL_ENTER("SHA1_Init"); - SHA_Init(sha); - } + case DES_CBC_TYPE : + CYASSL_MSG("DES CBC"); + memcpy(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE); + break; + case DES_EDE3_CBC_TYPE : + CYASSL_MSG("DES EDE3 CBC"); + memcpy(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE); + break; - void CyaSSL_SHA1_Update(CYASSL_SHA_CTX* sha, const void* input, - unsigned long sz) - { - CYASSL_ENTER("SHA1_Update"); - SHA_Update(sha, input, sz); - } + case ARC4_TYPE : + CYASSL_MSG("ARC4"); + break; + case NULL_CIPHER_TYPE : + CYASSL_MSG("NULL"); + break; - void CyaSSL_SHA1_Final(byte* input, CYASSL_SHA_CTX* sha) - { - CYASSL_ENTER("SHA1_Final"); - SHA_Final(input, sha); + default: { + CYASSL_MSG("bad type"); + return SSL_FATAL_ERROR; + } + } + return SSL_SUCCESS; } - void CyaSSL_SHA256_Init(CYASSL_SHA256_CTX* sha256) + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_DigestInit(CYASSL_EVP_MD_CTX* ctx, const CYASSL_EVP_MD* type) { - typedef char sha_test[sizeof(SHA256_CTX) >= sizeof(Sha256) ? 1 : -1]; - (void)sizeof(sha_test); + CYASSL_ENTER("EVP_DigestInit"); + if (XSTRNCMP(type, "MD5", 3) == 0) { + ctx->macType = MD5; + CyaSSL_MD5_Init((MD5_CTX*)&ctx->hash); + } + else if (XSTRNCMP(type, "SHA256", 6) == 0) { + ctx->macType = SHA256; + CyaSSL_SHA256_Init((SHA256_CTX*)&ctx->hash); + } + #ifdef CYASSL_SHA384 + else if (XSTRNCMP(type, "SHA384", 6) == 0) { + ctx->macType = SHA384; + CyaSSL_SHA384_Init((SHA384_CTX*)&ctx->hash); + } + #endif + #ifdef CYASSL_SHA512 + else if (XSTRNCMP(type, "SHA512", 6) == 0) { + ctx->macType = SHA512; + CyaSSL_SHA512_Init((SHA512_CTX*)&ctx->hash); + } + #endif + /* has to be last since would pick or 256, 384, or 512 too */ + else if (XSTRNCMP(type, "SHA", 3) == 0) { + ctx->macType = SHA; + CyaSSL_SHA_Init((SHA_CTX*)&ctx->hash); + } + else + return BAD_FUNC_ARG; - CYASSL_ENTER("SHA256_Init"); - InitSha256((Sha256*)sha256); + return SSL_SUCCESS; } - void CyaSSL_SHA256_Update(CYASSL_SHA256_CTX* sha, const void* input, - unsigned long sz) + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_DigestUpdate(CYASSL_EVP_MD_CTX* ctx, const void* data, + unsigned long sz) { - CYASSL_ENTER("SHA256_Update"); - Sha256Update((Sha256*)sha, (const byte*)input, sz); - } - + CYASSL_ENTER("EVP_DigestUpdate"); + if (ctx->macType == MD5) + CyaSSL_MD5_Update((MD5_CTX*)&ctx->hash, data, (unsigned long)sz); + else if (ctx->macType == SHA) + CyaSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz); + else if (ctx->macType == SHA256) + CyaSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data, + (unsigned long)sz); + #ifdef CYASSL_SHA384 + else if (ctx->macType == SHA384) + CyaSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data, + (unsigned long)sz); + #endif + #ifdef CYASSL_SHA512 + else if (ctx->macType == SHA512) + CyaSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data, + (unsigned long)sz); + #endif + else + return BAD_FUNC_ARG; - void CyaSSL_SHA256_Final(byte* input, CYASSL_SHA256_CTX* sha) - { - CYASSL_ENTER("SHA256_Final"); - Sha256Final((Sha256*)sha, input); + return SSL_SUCCESS; } - #ifdef CYASSL_SHA384 - - void CyaSSL_SHA384_Init(CYASSL_SHA384_CTX* sha) + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_DigestFinal(CYASSL_EVP_MD_CTX* ctx, unsigned char* md, + unsigned int* s) { - typedef char sha_test[sizeof(SHA384_CTX) >= sizeof(Sha384) ? 1 : -1]; - (void)sizeof(sha_test); + CYASSL_ENTER("EVP_DigestFinal"); + if (ctx->macType == MD5) { + CyaSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash); + if (s) *s = MD5_DIGEST_SIZE; + } + else if (ctx->macType == SHA) { + CyaSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash); + if (s) *s = SHA_DIGEST_SIZE; + } + else if (ctx->macType == SHA256) { + CyaSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash); + if (s) *s = SHA256_DIGEST_SIZE; + } + #ifdef CYASSL_SHA384 + else if (ctx->macType == SHA384) { + CyaSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash); + if (s) *s = SHA384_DIGEST_SIZE; + } + #endif + #ifdef CYASSL_SHA512 + else if (ctx->macType == SHA512) { + CyaSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash); + if (s) *s = SHA512_DIGEST_SIZE; + } + #endif + else + return BAD_FUNC_ARG; - CYASSL_ENTER("SHA384_Init"); - InitSha384((Sha384*)sha); + return SSL_SUCCESS; } - void CyaSSL_SHA384_Update(CYASSL_SHA384_CTX* sha, const void* input, - unsigned long sz) + /* SSL_SUCCESS on ok */ + int CyaSSL_EVP_DigestFinal_ex(CYASSL_EVP_MD_CTX* ctx, unsigned char* md, + unsigned int* s) { - CYASSL_ENTER("SHA384_Update"); - Sha384Update((Sha384*)sha, (const byte*)input, sz); + CYASSL_ENTER("EVP_DigestFinal_ex"); + return EVP_DigestFinal(ctx, md, s); } - void CyaSSL_SHA384_Final(byte* input, CYASSL_SHA384_CTX* sha) + unsigned char* CyaSSL_HMAC(const CYASSL_EVP_MD* evp_md, const void* key, + int key_len, const unsigned char* d, int n, + unsigned char* md, unsigned int* md_len) { - CYASSL_ENTER("SHA384_Final"); - Sha384Final((Sha384*)sha, input); - } - - #endif /* CYASSL_SHA384 */ + Hmac hmac; + CYASSL_ENTER("HMAC"); + if (!md) return NULL; /* no static buffer support */ - #ifdef CYASSL_SHA512 + if (XSTRNCMP(evp_md, "MD5", 3) == 0) { + if (HmacSetKey(&hmac, MD5, (const byte*)key, key_len) != 0) + return NULL; - void CyaSSL_SHA512_Init(CYASSL_SHA512_CTX* sha) - { - typedef char sha_test[sizeof(SHA512_CTX) >= sizeof(Sha512) ? 1 : -1]; - (void)sizeof(sha_test); + if (md_len) *md_len = MD5_DIGEST_SIZE; + } + else if (XSTRNCMP(evp_md, "SHA", 3) == 0) { + if (HmacSetKey(&hmac, SHA, (const byte*)key, key_len) != 0) + return NULL; - CYASSL_ENTER("SHA512_Init"); - InitSha512((Sha512*)sha); - } + if (md_len) *md_len = SHA_DIGEST_SIZE; + } + else + return NULL; + if (HmacUpdate(&hmac, d, n) != 0) + return NULL; - void CyaSSL_SHA512_Update(CYASSL_SHA512_CTX* sha, const void* input, - unsigned long sz) - { - CYASSL_ENTER("SHA512_Update"); - Sha512Update((Sha512*)sha, (const byte*)input, sz); + if (HmacFinal(&hmac, md) != 0) + return NULL; + + return md; } - - void CyaSSL_SHA512_Final(byte* input, CYASSL_SHA512_CTX* sha) + void CyaSSL_ERR_clear_error(void) { - CYASSL_ENTER("SHA512_Final"); - Sha512Final((Sha512*)sha, input); + /* TODO: */ } - #endif /* CYASSL_SHA512 */ - - const CYASSL_EVP_MD* CyaSSL_EVP_md5(void) + int CyaSSL_RAND_status(void) { - static const char* type = "MD5"; - CYASSL_ENTER("EVP_md5"); - return type; + return SSL_SUCCESS; /* CTaoCrypt provides enough seed internally */ } - const CYASSL_EVP_MD* CyaSSL_EVP_sha1(void) - { - static const char* type = "SHA"; - CYASSL_ENTER("EVP_sha1"); - return type; - } - - const CYASSL_EVP_MD* CyaSSL_EVP_sha256(void) + void CyaSSL_RAND_add(const void* add, int len, double entropy) { - static const char* type = "SHA256"; - CYASSL_ENTER("EVP_sha256"); - return type; + (void)add; + (void)len; + (void)entropy; + + /* CyaSSL seeds/adds internally, use explicit RNG if you want + to take control */ } - #ifdef CYASSL_SHA384 - const CYASSL_EVP_MD* CyaSSL_EVP_sha384(void) + /* SSL_SUCCESS on ok */ + int CyaSSL_DES_key_sched(CYASSL_const_DES_cblock* key, + CYASSL_DES_key_schedule* schedule) { - static const char* type = "SHA384"; - CYASSL_ENTER("EVP_sha384"); - return type; + CYASSL_ENTER("DES_key_sched"); + XMEMCPY(schedule, key, sizeof(const_DES_cblock)); + return SSL_SUCCESS; } - #endif /* CYASSL_SHA384 */ - - #ifdef CYASSL_SHA512 - const CYASSL_EVP_MD* CyaSSL_EVP_sha512(void) + void CyaSSL_DES_cbc_encrypt(const unsigned char* input, + unsigned char* output, long length, + CYASSL_DES_key_schedule* schedule, CYASSL_DES_cblock* ivec, + int enc) { - static const char* type = "SHA512"; - CYASSL_ENTER("EVP_sha512"); - return type; - } + Des myDes; - #endif /* CYASSL_SHA512 */ + CYASSL_ENTER("DES_cbc_encrypt"); + /* OpenSSL compat, no ret */ + Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc); - void CyaSSL_EVP_MD_CTX_init(CYASSL_EVP_MD_CTX* ctx) - { - CYASSL_ENTER("EVP_CIPHER_MD_CTX_init"); - (void)ctx; - /* do nothing */ + if (enc) + Des_CbcEncrypt(&myDes, output, input, (word32)length); + else + Des_CbcDecrypt(&myDes, output, input, (word32)length); } - const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_128_cbc(void) + /* correctly sets ivec for next call */ + void CyaSSL_DES_ncbc_encrypt(const unsigned char* input, + unsigned char* output, long length, + CYASSL_DES_key_schedule* schedule, CYASSL_DES_cblock* ivec, + int enc) { - static const char* type = "AES128-CBC"; - CYASSL_ENTER("CyaSSL_EVP_aes_128_cbc"); - return type; - } + Des myDes; + CYASSL_ENTER("DES_ncbc_encrypt"); - const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_192_cbc(void) - { - static const char* type = "AES192-CBC"; - CYASSL_ENTER("CyaSSL_EVP_aes_192_cbc"); - return type; - } + /* OpenSSL compat, no ret */ + Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc); + if (enc) + Des_CbcEncrypt(&myDes, output, input, (word32)length); + else + Des_CbcDecrypt(&myDes, output, input, (word32)length); - const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_256_cbc(void) - { - static const char* type = "AES256-CBC"; - CYASSL_ENTER("CyaSSL_EVP_aes_256_cbc"); - return type; + XMEMCPY(ivec, output + length - sizeof(DES_cblock), sizeof(DES_cblock)); } - const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_128_ctr(void) + void CyaSSL_ERR_free_strings(void) { - static const char* type = "AES128-CTR"; - CYASSL_ENTER("CyaSSL_EVP_aes_128_ctr"); - return type; + /* handled internally */ } - const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_192_ctr(void) + void CyaSSL_ERR_remove_state(unsigned long state) { - static const char* type = "AES192-CTR"; - CYASSL_ENTER("CyaSSL_EVP_aes_192_ctr"); - return type; + /* TODO: GetErrors().Remove(); */ + (void)state; } - const CYASSL_EVP_CIPHER* CyaSSL_EVP_aes_256_ctr(void) + void CyaSSL_EVP_cleanup(void) { - static const char* type = "AES256-CTR"; - CYASSL_ENTER("CyaSSL_EVP_aes_256_ctr"); - return type; + /* nothing to do here */ } - const CYASSL_EVP_CIPHER* CyaSSL_EVP_des_cbc(void) + void CyaSSL_cleanup_all_ex_data(void) { - static const char* type = "DES-CBC"; - CYASSL_ENTER("CyaSSL_EVP_des_cbc"); - return type; + /* nothing to do here */ } - const CYASSL_EVP_CIPHER* CyaSSL_EVP_des_ede3_cbc(void) + long CyaSSL_CTX_set_mode(CYASSL_CTX* ctx, long mode) { - static const char* type = "DES-EDE3-CBC"; - CYASSL_ENTER("CyaSSL_EVP_des_ede3_cbc"); - return type; + /* SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is CyaSSL default mode */ + + CYASSL_ENTER("SSL_CTX_set_mode"); + if (mode == SSL_MODE_ENABLE_PARTIAL_WRITE) + ctx->partialWrite = 1; + + return mode; } - const CYASSL_EVP_CIPHER* CyaSSL_EVP_rc4(void) + long CyaSSL_CTX_get_mode(CYASSL_CTX* ctx) { - static const char* type = "ARC4"; - CYASSL_ENTER("CyaSSL_EVP_rc4"); - return type; + /* TODO: */ + (void)ctx; + return 0; } - const CYASSL_EVP_CIPHER* CyaSSL_EVP_enc_null(void) + void CyaSSL_CTX_set_default_read_ahead(CYASSL_CTX* ctx, int m) { - static const char* type = "NULL"; - CYASSL_ENTER("CyaSSL_EVP_enc_null"); - return type; + /* TODO: maybe? */ + (void)ctx; + (void)m; } - int CyaSSL_EVP_MD_CTX_cleanup(CYASSL_EVP_MD_CTX* ctx) + int CyaSSL_CTX_set_session_id_context(CYASSL_CTX* ctx, + const unsigned char* sid_ctx, + unsigned int sid_ctx_len) { - CYASSL_ENTER("EVP_MD_CTX_cleanup"); - (void)ctx; - return 0; + /* No application specific context needed for cyaSSL */ + (void)ctx; + (void)sid_ctx; + (void)sid_ctx_len; + return SSL_SUCCESS; } - - void CyaSSL_EVP_CIPHER_CTX_init(CYASSL_EVP_CIPHER_CTX* ctx) + long CyaSSL_CTX_sess_get_cache_size(CYASSL_CTX* ctx) { - CYASSL_ENTER("EVP_CIPHER_CTX_init"); - if (ctx) { - ctx->cipherType = 0xff; /* no init */ - ctx->keyLen = 0; - ctx->enc = 1; /* start in encrypt mode */ - } + /* TODO: maybe? */ + (void)ctx; + return (~0); } - - int CyaSSL_EVP_CIPHER_CTX_cleanup(CYASSL_EVP_CIPHER_CTX* ctx) + unsigned long CyaSSL_ERR_get_error_line_data(const char** file, int* line, + const char** data, int *flags) { - CYASSL_ENTER("EVP_CIPHER_CTX_cleanup"); - if (ctx) { - ctx->cipherType = 0xff; /* no more init */ - ctx->keyLen = 0; - } + /* Not implemented */ + (void)file; + (void)line; + (void)data; + (void)flags; + return 0; + } - return 1; /* success */ - } +#endif /* OPENSSL_EXTRA */ - int CyaSSL_EVP_CipherInit(CYASSL_EVP_CIPHER_CTX* ctx, - const CYASSL_EVP_CIPHER* type, byte* key, - byte* iv, int enc) - { - CYASSL_ENTER("CyaSSL_EVP_CipherInit"); - if (ctx == NULL) { - CYASSL_MSG("no ctx"); - return 0; /* failure */ - } - if (type == NULL && ctx->cipherType == 0xff) { - CYASSL_MSG("no type set"); - return 0; /* failure */ - } +#if defined(KEEP_PEER_CERT) - if (ctx->cipherType == AES_128_CBC_TYPE || (type && - XSTRNCMP(type, "AES128-CBC", 10) == 0)) { - CYASSL_MSG("AES-128-CBC"); - ctx->cipherType = AES_128_CBC_TYPE; - ctx->keyLen = 16; - if (enc == 0 || enc == 1) - ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); - if (iv && key == NULL) - AesSetIV(&ctx->cipher.aes, iv); - } - else if (ctx->cipherType == AES_192_CBC_TYPE || (type && - XSTRNCMP(type, "AES192-CBC", 10) == 0)) { - CYASSL_MSG("AES-192-CBC"); - ctx->cipherType = AES_192_CBC_TYPE; - ctx->keyLen = 24; - if (enc == 0 || enc == 1) - ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); - if (iv && key == NULL) - AesSetIV(&ctx->cipher.aes, iv); - } - else if (ctx->cipherType == AES_256_CBC_TYPE || (type && - XSTRNCMP(type, "AES256-CBC", 10) == 0)) { - CYASSL_MSG("AES-256-CBC"); - ctx->cipherType = AES_256_CBC_TYPE; - ctx->keyLen = 32; - if (enc == 0 || enc == 1) - ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - ctx->enc ? AES_ENCRYPTION : AES_DECRYPTION); - if (iv && key == NULL) - AesSetIV(&ctx->cipher.aes, iv); - } -#ifdef CYASSL_AES_COUNTER - else if (ctx->cipherType == AES_128_CTR_TYPE || (type && - XSTRNCMP(type, "AES128-CTR", 10) == 0)) { - CYASSL_MSG("AES-128-CTR"); - ctx->cipherType = AES_128_CTR_TYPE; - ctx->keyLen = 16; - if (enc == 0 || enc == 1) - ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - AES_ENCRYPTION); - if (iv && key == NULL) - AesSetIV(&ctx->cipher.aes, iv); - } - else if (ctx->cipherType == AES_192_CTR_TYPE || (type && - XSTRNCMP(type, "AES192-CTR", 10) == 0)) { - CYASSL_MSG("AES-192-CTR"); - ctx->cipherType = AES_192_CTR_TYPE; - ctx->keyLen = 24; - if (enc == 0 || enc == 1) - ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - AES_ENCRYPTION); - if (iv && key == NULL) - AesSetIV(&ctx->cipher.aes, iv); - } - else if (ctx->cipherType == AES_256_CTR_TYPE || (type && - XSTRNCMP(type, "AES256-CTR", 10) == 0)) { - CYASSL_MSG("AES-256-CTR"); - ctx->cipherType = AES_256_CTR_TYPE; - ctx->keyLen = 32; - if (enc == 0 || enc == 1) - ctx->enc = enc ? 1 : 0; - if (key) - AesSetKey(&ctx->cipher.aes, key, ctx->keyLen, iv, - AES_ENCRYPTION); - if (iv && key == NULL) - AesSetIV(&ctx->cipher.aes, iv); - } -#endif /* CYASSL_AES_CTR */ - else if (ctx->cipherType == DES_CBC_TYPE || (type && - XSTRNCMP(type, "DES-CBC", 7) == 0)) { - CYASSL_MSG("DES-CBC"); - ctx->cipherType = DES_CBC_TYPE; - ctx->keyLen = 8; - if (enc == 0 || enc == 1) - ctx->enc = enc ? 1 : 0; - if (key) - Des_SetKey(&ctx->cipher.des, key, iv, - ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION); - if (iv && key == NULL) - Des_SetIV(&ctx->cipher.des, iv); - } - else if (ctx->cipherType == DES_EDE3_CBC_TYPE || (type && - XSTRNCMP(type, "DES-EDE3-CBC", 11) == 0)) { - CYASSL_MSG("DES-EDE3-CBC"); - ctx->cipherType = DES_EDE3_CBC_TYPE; - ctx->keyLen = 24; - if (enc == 0 || enc == 1) - ctx->enc = enc ? 1 : 0; - if (key) - Des3_SetKey(&ctx->cipher.des3, key, iv, - ctx->enc ? DES_ENCRYPTION : DES_DECRYPTION); - if (iv && key == NULL) - Des3_SetIV(&ctx->cipher.des3, iv); - } - else if (ctx->cipherType == ARC4_TYPE || (type && - XSTRNCMP(type, "ARC4", 4) == 0)) { - CYASSL_MSG("ARC4"); - ctx->cipherType = ARC4_TYPE; - if (ctx->keyLen == 0) /* user may have already set */ - ctx->keyLen = 16; /* default to 128 */ - if (key) - Arc4SetKey(&ctx->cipher.arc4, key, ctx->keyLen); - } - else if (ctx->cipherType == NULL_CIPHER_TYPE || (type && - XSTRNCMP(type, "NULL", 4) == 0)) { - CYASSL_MSG("NULL cipher"); - ctx->cipherType = NULL_CIPHER_TYPE; - ctx->keyLen = 0; - } + CYASSL_X509* CyaSSL_get_peer_certificate(CYASSL* ssl) + { + CYASSL_ENTER("SSL_get_peer_certificate"); + if (ssl->peerCert.issuer.sz) + return &ssl->peerCert; else - return 0; /* failure */ + return 0; + } +#endif /* KEEP_PEER_CERT */ - return 1; /* success */ - } +#if defined(KEEP_PEER_CERT) || defined(SESSION_CERTS) - int CyaSSL_EVP_CIPHER_CTX_key_length(CYASSL_EVP_CIPHER_CTX* ctx) + void CyaSSL_FreeX509(CYASSL_X509* x509) { - CYASSL_ENTER("CyaSSL_EVP_CIPHER_CTX_key_length"); - if (ctx) - return ctx->keyLen; - - return 0; /* failure */ + CYASSL_ENTER("CyaSSL_FreeX509"); + FreeX509(x509); } - int CyaSSL_EVP_CIPHER_CTX_set_key_length(CYASSL_EVP_CIPHER_CTX* ctx, - int keylen) + /* return the next, if any, altname from the peer cert */ + char* CyaSSL_X509_get_next_altname(CYASSL_X509* cert) { - CYASSL_ENTER("CyaSSL_EVP_CIPHER_CTX_set_key_length"); - if (ctx) - ctx->keyLen = keylen; - else - return 0; /* failure */ + char* ret = NULL; + CYASSL_ENTER("CyaSSL_X509_get_next_altname"); + + /* don't have any to work with */ + if (cert == NULL || cert->altNames == NULL) + return NULL; + + /* already went through them */ + if (cert->altNamesNext == NULL) + return NULL; + + ret = cert->altNamesNext->name; + cert->altNamesNext = cert->altNamesNext->next; - return 1; /* success */ + return ret; } - int CyaSSL_EVP_Cipher(CYASSL_EVP_CIPHER_CTX* ctx, byte* dst, byte* src, - word32 len) + CYASSL_X509_NAME* CyaSSL_X509_get_issuer_name(CYASSL_X509* cert) { - CYASSL_ENTER("CyaSSL_EVP_Cipher"); + CYASSL_ENTER("X509_get_issuer_name"); + return &cert->issuer; + } - if (ctx == NULL || dst == NULL || src == NULL) { - CYASSL_MSG("Bad function argument"); - return 0; /* failure */ - } - if (ctx->cipherType == 0xff) { - CYASSL_MSG("no init"); - return 0; /* failure */ - } + CYASSL_X509_NAME* CyaSSL_X509_get_subject_name(CYASSL_X509* cert) + { + CYASSL_ENTER("X509_get_subject_name"); + return &cert->subject; + } - switch (ctx->cipherType) { - case AES_128_CBC_TYPE : - case AES_192_CBC_TYPE : - case AES_256_CBC_TYPE : - CYASSL_MSG("AES CBC"); - if (ctx->enc) - AesCbcEncrypt(&ctx->cipher.aes, dst, src, len); - else - AesCbcDecrypt(&ctx->cipher.aes, dst, src, len); - break; + int CyaSSL_X509_get_isCA(CYASSL_X509* x509) + { + int isCA = 0; -#ifdef CYASSL_AES_COUNTER - case AES_128_CTR_TYPE : - case AES_192_CTR_TYPE : - case AES_256_CTR_TYPE : - CYASSL_MSG("AES CTR"); - AesCtrEncrypt(&ctx->cipher.aes, dst, src, len); - break; -#endif + CYASSL_ENTER("CyaSSL_X509_get_isCA"); - case DES_CBC_TYPE : - if (ctx->enc) - Des_CbcEncrypt(&ctx->cipher.des, dst, src, len); - else - Des_CbcDecrypt(&ctx->cipher.des, dst, src, len); - break; - - case DES_EDE3_CBC_TYPE : - if (ctx->enc) - Des3_CbcEncrypt(&ctx->cipher.des3, dst, src, len); - else - Des3_CbcDecrypt(&ctx->cipher.des3, dst, src, len); - break; + if (x509 != NULL) + isCA = x509->isCa; - case ARC4_TYPE : - Arc4Process(&ctx->cipher.arc4, dst, src, len); - break; + CYASSL_LEAVE("CyaSSL_X509_get_isCA", isCA); - case NULL_CIPHER_TYPE : - XMEMCPY(dst, src, len); - break; + return isCA; + } - default: { - CYASSL_MSG("bad type"); - return 0; /* failure */ + +#ifdef OPENSSL_EXTRA + int CyaSSL_X509_ext_isSet_by_NID(CYASSL_X509* x509, int nid) + { + int isSet = 0; + + CYASSL_ENTER("CyaSSL_X509_ext_isSet_by_NID"); + + if (x509 != NULL) { + switch (nid) { + case BASIC_CA_OID: isSet = x509->basicConstSet; break; + case ALT_NAMES_OID: isSet = x509->subjAltNameSet; break; + case AUTH_KEY_OID: isSet = x509->authKeyIdSet; break; + case SUBJ_KEY_OID: isSet = x509->subjKeyIdSet; break; + case KEY_USAGE_OID: isSet = x509->keyUsageSet; break; + #ifdef CYASSL_SEP + case CERT_POLICY_OID: isSet = x509->certPolicySet; break; + #endif /* CYASSL_SEP */ } - } + } - CYASSL_MSG("CyaSSL_EVP_Cipher success"); - return 1; /* success */ + CYASSL_LEAVE("CyaSSL_X509_ext_isSet_by_NID", isSet); + + return isSet; } - /* store for external read of iv, 0 on success */ - int CyaSSL_StoreExternalIV(CYASSL_EVP_CIPHER_CTX* ctx) + int CyaSSL_X509_ext_get_critical_by_NID(CYASSL_X509* x509, int nid) { - CYASSL_ENTER("CyaSSL_StoreExternalIV"); + int crit = 0; - if (ctx == NULL) { - CYASSL_MSG("Bad function argument"); - return -1; + CYASSL_ENTER("CyaSSL_X509_ext_get_critical_by_NID"); + + if (x509 != NULL) { + switch (nid) { + case BASIC_CA_OID: crit = x509->basicConstCrit; break; + case ALT_NAMES_OID: crit = x509->subjAltNameCrit; break; + case AUTH_KEY_OID: crit = x509->authKeyIdCrit; break; + case SUBJ_KEY_OID: crit = x509->subjKeyIdCrit; break; + case KEY_USAGE_OID: crit = x509->keyUsageCrit; break; + #ifdef CYASSL_SEP + case CERT_POLICY_OID: crit = x509->certPolicyCrit; break; + #endif /* CYASSL_SEP */ + } } - - switch (ctx->cipherType) { - case AES_128_CBC_TYPE : - case AES_192_CBC_TYPE : - case AES_256_CBC_TYPE : - CYASSL_MSG("AES CBC"); - memcpy(ctx->iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE); - break; + CYASSL_LEAVE("CyaSSL_X509_ext_get_critical_by_NID", crit); -#ifdef CYASSL_AES_COUNTER - case AES_128_CTR_TYPE : - case AES_192_CTR_TYPE : - case AES_256_CTR_TYPE : - CYASSL_MSG("AES CTR"); - memcpy(ctx->iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE); - break; -#endif + return crit; + } - case DES_CBC_TYPE : - CYASSL_MSG("DES CBC"); - memcpy(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE); - break; - - case DES_EDE3_CBC_TYPE : - CYASSL_MSG("DES EDE3 CBC"); - memcpy(ctx->iv, &ctx->cipher.des.reg, DES_BLOCK_SIZE); - break; - case ARC4_TYPE : - CYASSL_MSG("ARC4"); - break; + int CyaSSL_X509_get_isSet_pathLength(CYASSL_X509* x509) + { + int isSet = 0; - case NULL_CIPHER_TYPE : - CYASSL_MSG("NULL"); - break; + CYASSL_ENTER("CyaSSL_X509_get_isSet_pathLength"); - default: { - CYASSL_MSG("bad type"); - return -1; /* failure */ - } - } - return 0; /* success */ + if (x509 != NULL) + isSet = x509->basicConstPlSet; + + CYASSL_LEAVE("CyaSSL_X509_get_isSet_pathLength", isSet); + + return isSet; } - /* set internal IV from external, 0 on success */ - int CyaSSL_SetInternalIV(CYASSL_EVP_CIPHER_CTX* ctx) + word32 CyaSSL_X509_get_pathLength(CYASSL_X509* x509) { + word32 pathLength = 0; - CYASSL_ENTER("CyaSSL_SetInternalIV"); - - if (ctx == NULL) { - CYASSL_MSG("Bad function argument"); - return -1; - } - - switch (ctx->cipherType) { + CYASSL_ENTER("CyaSSL_X509_get_pathLength"); - case AES_128_CBC_TYPE : - case AES_192_CBC_TYPE : - case AES_256_CBC_TYPE : - CYASSL_MSG("AES CBC"); - memcpy(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE); - break; + if (x509 != NULL) + pathLength = x509->pathLength; -#ifdef CYASSL_AES_COUNTER - case AES_128_CTR_TYPE : - case AES_192_CTR_TYPE : - case AES_256_CTR_TYPE : - CYASSL_MSG("AES CTR"); - memcpy(&ctx->cipher.aes.reg, ctx->iv, AES_BLOCK_SIZE); - break; -#endif + CYASSL_LEAVE("CyaSSL_X509_get_pathLength", pathLength); - case DES_CBC_TYPE : - CYASSL_MSG("DES CBC"); - memcpy(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE); - break; - - case DES_EDE3_CBC_TYPE : - CYASSL_MSG("DES EDE3 CBC"); - memcpy(&ctx->cipher.des.reg, ctx->iv, DES_BLOCK_SIZE); - break; + return pathLength; + } - case ARC4_TYPE : - CYASSL_MSG("ARC4"); - break; - case NULL_CIPHER_TYPE : - CYASSL_MSG("NULL"); - break; + unsigned int CyaSSL_X509_get_keyUsage(CYASSL_X509* x509) + { + word16 usage = 0; - default: { - CYASSL_MSG("bad type"); - return -1; /* failure */ - } - } - return 0; /* success */ - } + CYASSL_ENTER("CyaSSL_X509_get_keyUsage"); + if (x509 != NULL) + usage = x509->keyUsage; - int CyaSSL_EVP_DigestInit(CYASSL_EVP_MD_CTX* ctx, const CYASSL_EVP_MD* type) - { - CYASSL_ENTER("EVP_DigestInit"); - if (XSTRNCMP(type, "MD5", 3) == 0) { - ctx->macType = MD5; - CyaSSL_MD5_Init((MD5_CTX*)&ctx->hash); - } - else if (XSTRNCMP(type, "SHA256", 6) == 0) { - ctx->macType = SHA256; - CyaSSL_SHA256_Init((SHA256_CTX*)&ctx->hash); - } - #ifdef CYASSL_SHA384 - else if (XSTRNCMP(type, "SHA384", 6) == 0) { - ctx->macType = SHA384; - CyaSSL_SHA384_Init((SHA384_CTX*)&ctx->hash); - } - #endif - #ifdef CYASSL_SHA512 - else if (XSTRNCMP(type, "SHA512", 6) == 0) { - ctx->macType = SHA512; - CyaSSL_SHA512_Init((SHA512_CTX*)&ctx->hash); - } - #endif - /* has to be last since would pick or 256, 384, or 512 too */ - else if (XSTRNCMP(type, "SHA", 3) == 0) { - ctx->macType = SHA; - CyaSSL_SHA_Init((SHA_CTX*)&ctx->hash); - } - else - return BAD_FUNC_ARG; + CYASSL_LEAVE("CyaSSL_X509_get_keyUsage", usage); - return 0; + return usage; } - int CyaSSL_EVP_DigestUpdate(CYASSL_EVP_MD_CTX* ctx, const void* data, - unsigned long sz) + byte* CyaSSL_X509_get_authorityKeyID( + CYASSL_X509* x509, byte* dst, int* dstLen) { - CYASSL_ENTER("EVP_DigestUpdate"); - if (ctx->macType == MD5) - CyaSSL_MD5_Update((MD5_CTX*)&ctx->hash, data, (unsigned long)sz); - else if (ctx->macType == SHA) - CyaSSL_SHA_Update((SHA_CTX*)&ctx->hash, data, (unsigned long)sz); - else if (ctx->macType == SHA256) - CyaSSL_SHA256_Update((SHA256_CTX*)&ctx->hash, data, - (unsigned long)sz); - #ifdef CYASSL_SHA384 - else if (ctx->macType == SHA384) - CyaSSL_SHA384_Update((SHA384_CTX*)&ctx->hash, data, - (unsigned long)sz); - #endif - #ifdef CYASSL_SHA512 - else if (ctx->macType == SHA512) - CyaSSL_SHA512_Update((SHA512_CTX*)&ctx->hash, data, - (unsigned long)sz); - #endif - else - return BAD_FUNC_ARG; + byte *id = NULL; + int copySz = 0; - return 0; - } + CYASSL_ENTER("CyaSSL_X509_get_authorityKeyID"); + if (x509 != NULL) { + if (x509->authKeyIdSet) { + copySz = min(dstLen != NULL ? *dstLen : 0, + (int)x509->authKeyIdSz); + id = x509->authKeyId; + } - int CyaSSL_EVP_DigestFinal(CYASSL_EVP_MD_CTX* ctx, unsigned char* md, - unsigned int* s) - { - CYASSL_ENTER("EVP_DigestFinal"); - if (ctx->macType == MD5) { - CyaSSL_MD5_Final(md, (MD5_CTX*)&ctx->hash); - if (s) *s = MD5_DIGEST_SIZE; - } - else if (ctx->macType == SHA) { - CyaSSL_SHA_Final(md, (SHA_CTX*)&ctx->hash); - if (s) *s = SHA_DIGEST_SIZE; - } - else if (ctx->macType == SHA256) { - CyaSSL_SHA256_Final(md, (SHA256_CTX*)&ctx->hash); - if (s) *s = SHA256_DIGEST_SIZE; - } - #ifdef CYASSL_SHA384 - else if (ctx->macType == SHA384) { - CyaSSL_SHA384_Final(md, (SHA384_CTX*)&ctx->hash); - if (s) *s = SHA384_DIGEST_SIZE; - } - #endif - #ifdef CYASSL_SHA512 - else if (ctx->macType == SHA512) { - CyaSSL_SHA512_Final(md, (SHA512_CTX*)&ctx->hash); - if (s) *s = SHA512_DIGEST_SIZE; + if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) { + XMEMCPY(dst, id, copySz); + id = dst; + *dstLen = copySz; + } } - #endif - else - return BAD_FUNC_ARG; - return 0; + CYASSL_LEAVE("CyaSSL_X509_get_authorityKeyID", copySz); + + return id; } - int CyaSSL_EVP_DigestFinal_ex(CYASSL_EVP_MD_CTX* ctx, unsigned char* md, - unsigned int* s) + byte* CyaSSL_X509_get_subjectKeyID( + CYASSL_X509* x509, byte* dst, int* dstLen) { - CYASSL_ENTER("EVP_DigestFinal_ex"); - return EVP_DigestFinal(ctx, md, s); + byte *id = NULL; + int copySz = 0; + + CYASSL_ENTER("CyaSSL_X509_get_subjectKeyID"); + + if (x509 != NULL) { + if (x509->subjKeyIdSet) { + copySz = min(dstLen != NULL ? *dstLen : 0, + (int)x509->subjKeyIdSz); + id = x509->subjKeyId; + } + + if (dst != NULL && dstLen != NULL && id != NULL && copySz > 0) { + XMEMCPY(dst, id, copySz); + id = dst; + *dstLen = copySz; + } + } + + CYASSL_LEAVE("CyaSSL_X509_get_subjectKeyID", copySz); + + return id; } - unsigned char* CyaSSL_HMAC(const CYASSL_EVP_MD* evp_md, const void* key, - int key_len, const unsigned char* d, int n, - unsigned char* md, unsigned int* md_len) + int CyaSSL_X509_NAME_entry_count(CYASSL_X509_NAME* name) { - Hmac hmac; + int count = 0; - CYASSL_ENTER("HMAC"); - if (!md) return 0; /* no static buffer support */ + CYASSL_ENTER("CyaSSL_X509_NAME_entry_count"); - if (XSTRNCMP(evp_md, "MD5", 3) == 0) { - HmacSetKey(&hmac, MD5, (const byte*)key, key_len); - if (md_len) *md_len = MD5_DIGEST_SIZE; - } - else if (XSTRNCMP(evp_md, "SHA", 3) == 0) { - HmacSetKey(&hmac, SHA, (const byte*)key, key_len); - if (md_len) *md_len = SHA_DIGEST_SIZE; - } - else - return 0; + if (name != NULL) + count = name->fullName.entryCount; - HmacUpdate(&hmac, d, n); - HmacFinal(&hmac, md); - - return md; + CYASSL_LEAVE("CyaSSL_X509_NAME_entry_count", count); + return count; } - void CyaSSL_ERR_clear_error(void) + + int CyaSSL_X509_NAME_get_text_by_NID(CYASSL_X509_NAME* name, + int nid, char* buf, int len) { - /* TODO: */ + char *text = NULL; + int textSz = 0; + + CYASSL_ENTER("CyaSSL_X509_NAME_get_text_by_NID"); + + switch (nid) { + case ASN_COMMON_NAME: + text = name->fullName.fullName + name->fullName.cnIdx; + textSz = name->fullName.cnLen; + break; + case ASN_SUR_NAME: + text = name->fullName.fullName + name->fullName.snIdx; + textSz = name->fullName.snLen; + break; + case ASN_SERIAL_NUMBER: + text = name->fullName.fullName + name->fullName.serialIdx; + textSz = name->fullName.serialLen; + break; + case ASN_COUNTRY_NAME: + text = name->fullName.fullName + name->fullName.cIdx; + textSz = name->fullName.cLen; + break; + case ASN_LOCALITY_NAME: + text = name->fullName.fullName + name->fullName.lIdx; + textSz = name->fullName.lLen; + break; + case ASN_STATE_NAME: + text = name->fullName.fullName + name->fullName.stIdx; + textSz = name->fullName.stLen; + break; + case ASN_ORG_NAME: + text = name->fullName.fullName + name->fullName.oIdx; + textSz = name->fullName.oLen; + break; + case ASN_ORGUNIT_NAME: + text = name->fullName.fullName + name->fullName.ouIdx; + textSz = name->fullName.ouLen; + break; + default: + break; + } + + if (buf != NULL && text != NULL) { + textSz = min(textSz, len); + XMEMCPY(buf, text, textSz); + buf[textSz] = '\0'; + } + + CYASSL_LEAVE("CyaSSL_X509_NAME_get_text_by_NID", textSz); + return textSz; } +#endif - int CyaSSL_RAND_status(void) + /* copy name into in buffer, at most sz bytes, if buffer is null will + malloc buffer, call responsible for freeing */ + char* CyaSSL_X509_NAME_oneline(CYASSL_X509_NAME* name, char* in, int sz) { - return 1; /* CTaoCrypt provides enough seed internally */ - } + int copySz = min(sz, name->sz); + + CYASSL_ENTER("CyaSSL_X509_NAME_oneline"); + if (!name->sz) return in; + if (!in) { + in = (char*)XMALLOC(name->sz, 0, DYNAMIC_TYPE_OPENSSL); + if (!in ) return in; + copySz = name->sz; + } + if (copySz == 0) + return in; - void CyaSSL_RAND_add(const void* add, int len, double entropy) - { - (void)add; - (void)len; - (void)entropy; + XMEMCPY(in, name->name, copySz - 1); + in[copySz - 1] = 0; - /* CyaSSL seeds/adds internally, use explicit RNG if you want - to take control */ + return in; } - int CyaSSL_DES_key_sched(CYASSL_const_DES_cblock* key, - CYASSL_DES_key_schedule* schedule) + int CyaSSL_X509_get_signature_type(CYASSL_X509* x509) { - CYASSL_ENTER("DES_key_sched"); - XMEMCPY(schedule, key, sizeof(const_DES_cblock)); - return 0; + int type = 0; + + CYASSL_ENTER("CyaSSL_X509_get_signature_type"); + + if (x509 != NULL) + type = x509->sigOID; + + return type; } - void CyaSSL_DES_cbc_encrypt(const unsigned char* input, - unsigned char* output, long length, - CYASSL_DES_key_schedule* schedule, CYASSL_DES_cblock* ivec, - int enc) + int CyaSSL_X509_get_signature(CYASSL_X509* x509, + unsigned char* buf, int* bufSz) { - Des myDes; - CYASSL_ENTER("DES_cbc_encrypt"); - Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc); + CYASSL_ENTER("CyaSSL_X509_get_signature"); + if (x509 == NULL || bufSz == NULL || *bufSz < (int)x509->sig.length) + return SSL_FATAL_ERROR; - if (enc) - Des_CbcEncrypt(&myDes, output, input, length); - else - Des_CbcDecrypt(&myDes, output, input, length); + if (buf != NULL) + XMEMCPY(buf, x509->sig.buffer, x509->sig.length); + *bufSz = x509->sig.length; + + return SSL_SUCCESS; } - /* correctly sets ivec for next call */ - void CyaSSL_DES_ncbc_encrypt(const unsigned char* input, - unsigned char* output, long length, - CYASSL_DES_key_schedule* schedule, CYASSL_DES_cblock* ivec, - int enc) + /* write X509 serial number in unsigned binary to buffer + buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases + return SSL_SUCCESS on success */ + int CyaSSL_X509_get_serial_number(CYASSL_X509* x509, byte* in, int* inOutSz) { - Des myDes; - CYASSL_ENTER("DES_ncbc_encrypt"); - Des_SetKey(&myDes, (const byte*)schedule, (const byte*)ivec, !enc); + CYASSL_ENTER("CyaSSL_X509_get_serial_number"); + if (x509 == NULL || in == NULL || + inOutSz == NULL || *inOutSz < x509->serialSz) + return BAD_FUNC_ARG; - if (enc) - Des_CbcEncrypt(&myDes, output, input, length); - else - Des_CbcDecrypt(&myDes, output, input, length); + XMEMCPY(in, x509->serial, x509->serialSz); + *inOutSz = x509->serialSz; - XMEMCPY(ivec, output + length - sizeof(DES_cblock), sizeof(DES_cblock)); + return SSL_SUCCESS; } - void CyaSSL_ERR_free_strings(void) + const byte* CyaSSL_X509_get_der(CYASSL_X509* x509, int* outSz) { - /* handled internally */ + CYASSL_ENTER("CyaSSL_X509_get_der"); + + if (x509 == NULL || outSz == NULL) + return NULL; + + *outSz = (int)x509->derCert.length; + return x509->derCert.buffer; } - void CyaSSL_ERR_remove_state(unsigned long state) + int CyaSSL_X509_version(CYASSL_X509* x509) { - /* TODO: GetErrors().Remove(); */ - (void)state; + CYASSL_ENTER("CyaSSL_X509_version"); + + if (x509 == NULL) + return 0; + + return x509->version; } - void CyaSSL_EVP_cleanup(void) + const byte* CyaSSL_X509_notBefore(CYASSL_X509* x509) { - /* nothing to do here */ + CYASSL_ENTER("CyaSSL_X509_notBefore"); + + if (x509 == NULL) + return NULL; + + return x509->notBefore; } - void CyaSSL_cleanup_all_ex_data(void) + const byte* CyaSSL_X509_notAfter(CYASSL_X509* x509) { - /* nothing to do here */ + CYASSL_ENTER("CyaSSL_X509_notAfter"); + + if (x509 == NULL) + return NULL; + + return x509->notAfter; } - long CyaSSL_CTX_set_mode(CYASSL_CTX* ctx, long mode) - { - /* SSL_MODE_ACCEPT_MOVING_WRITE_BUFFER is CyaSSL default mode */ +#ifdef CYASSL_SEP - CYASSL_ENTER("SSL_CTX_set_mode"); - if (mode == SSL_MODE_ENABLE_PARTIAL_WRITE) - ctx->partialWrite = 1; +/* copy oid into in buffer, at most *inOutSz bytes, if buffer is null will + malloc buffer, call responsible for freeing. Actual size returned in + *inOutSz. Requires inOutSz be non-null */ +byte* CyaSSL_X509_get_device_type(CYASSL_X509* x509, byte* in, int *inOutSz) +{ + int copySz; - return mode; + CYASSL_ENTER("CyaSSL_X509_get_dev_type"); + if (inOutSz == NULL) return NULL; + if (!x509->deviceTypeSz) return in; + + copySz = min(*inOutSz, x509->deviceTypeSz); + + if (!in) { + in = (byte*)XMALLOC(x509->deviceTypeSz, 0, DYNAMIC_TYPE_OPENSSL); + if (!in) return in; + copySz = x509->deviceTypeSz; } + XMEMCPY(in, x509->deviceType, copySz); + *inOutSz = copySz; - long CyaSSL_CTX_get_mode(CYASSL_CTX* ctx) - { - /* TODO: */ - (void)ctx; - return 0; + return in; +} + + +byte* CyaSSL_X509_get_hw_type(CYASSL_X509* x509, byte* in, int* inOutSz) +{ + int copySz; + + CYASSL_ENTER("CyaSSL_X509_get_hw_type"); + if (inOutSz == NULL) return NULL; + if (!x509->hwTypeSz) return in; + + copySz = min(*inOutSz, x509->hwTypeSz); + + if (!in) { + in = (byte*)XMALLOC(x509->hwTypeSz, 0, DYNAMIC_TYPE_OPENSSL); + if (!in) return in; + copySz = x509->hwTypeSz; } + XMEMCPY(in, x509->hwType, copySz); + *inOutSz = copySz; - void CyaSSL_CTX_set_default_read_ahead(CYASSL_CTX* ctx, int m) - { - /* TODO: maybe? */ - (void)ctx; - (void)m; + return in; +} + + +byte* CyaSSL_X509_get_hw_serial_number(CYASSL_X509* x509,byte* in,int* inOutSz) +{ + int copySz; + + CYASSL_ENTER("CyaSSL_X509_get_hw_serial_number"); + if (inOutSz == NULL) return NULL; + if (!x509->hwTypeSz) return in; + + copySz = min(*inOutSz, x509->hwSerialNumSz); + + if (!in) { + in = (byte*)XMALLOC(x509->hwSerialNumSz, 0, DYNAMIC_TYPE_OPENSSL); + if (!in) return in; + copySz = x509->hwSerialNumSz; } + XMEMCPY(in, x509->hwSerialNum, copySz); + *inOutSz = copySz; - int CyaSSL_CTX_set_session_id_context(CYASSL_CTX* ctx, - const unsigned char* sid_ctx, - unsigned int sid_ctx_len) - { - /* No application specific context needed for cyaSSL */ - (void)ctx; - (void)sid_ctx; - (void)sid_ctx_len; - return SSL_SUCCESS; + return in; +} + +#endif /* CYASSL_SEP */ + + +CYASSL_X509* CyaSSL_X509_d2i(CYASSL_X509** x509, const byte* in, int len) +{ + CYASSL_X509 *newX509 = NULL; + + CYASSL_ENTER("CyaSSL_X509_d2i"); + + if (in != NULL && len != 0) { + DecodedCert cert; + + InitDecodedCert(&cert, (byte*)in, len, NULL); + if (ParseCertRelative(&cert, CERT_TYPE, 0, NULL) == 0) { + newX509 = (CYASSL_X509*)XMALLOC(sizeof(CYASSL_X509), + NULL, DYNAMIC_TYPE_X509); + if (newX509 != NULL) { + InitX509(newX509, 1); + if (CopyDecodedToX509(newX509, &cert) != 0) { + XFREE(newX509, NULL, DYNAMIC_TYPE_X509); + newX509 = NULL; + } + } + } + FreeDecodedCert(&cert); } + if (x509 != NULL) + *x509 = newX509; - long CyaSSL_CTX_sess_get_cache_size(CYASSL_CTX* ctx) - { - /* TODO: maybe? */ - (void)ctx; - return (~0); + return newX509; +} + + +#ifndef NO_FILESYSTEM + +#ifndef NO_STDIO_FILESYSTEM + +CYASSL_X509* CyaSSL_X509_d2i_fp(CYASSL_X509** x509, XFILE file) +{ + CYASSL_X509* newX509 = NULL; + + CYASSL_ENTER("CyaSSL_X509_d2i_fp"); + + if (file != XBADFILE) { + byte* fileBuffer = NULL; + long sz = 0; + + XFSEEK(file, 0, XSEEK_END); + sz = XFTELL(file); + XREWIND(file); + + fileBuffer = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE); + if (fileBuffer != NULL) { + if ((int)XFREAD(fileBuffer, sz, 1, file) > 0) { + newX509 = CyaSSL_X509_d2i(NULL, fileBuffer, (int)sz); + } + XFREE(fileBuffer, NULL, DYNAMIC_TYPE_FILE); + } } - unsigned long CyaSSL_ERR_get_error_line_data(const char** file, int* line, - const char** data, int *flags) - { - /* Not implemented */ - (void)file; - (void)line; - (void)data; - (void)flags; - return 0; + if (x509 != NULL) + *x509 = newX509; + + return newX509; +} + +#endif /* NO_STDIO_FILESYSTEM */ + +CYASSL_X509* CyaSSL_X509_load_certificate_file(const char* fname, int format) +{ + byte staticBuffer[FILE_BUFFER_SIZE]; + byte* fileBuffer = staticBuffer; + int dynamic = 0; + long sz = 0; + XFILE file; + CYASSL_X509* x509 = NULL; + buffer der; + + CYASSL_ENTER("CyaSSL_X509_load_certificate"); + + /* Check the inputs */ + if ((fname == NULL) || + (format != SSL_FILETYPE_ASN1 && format != SSL_FILETYPE_PEM)) + return NULL; + + file = XFOPEN(fname, "rb"); + if (file == XBADFILE) return NULL; + XFSEEK(file, 0, XSEEK_END); + sz = XFTELL(file); + XREWIND(file); + + if (sz > (long)sizeof(staticBuffer)) { + fileBuffer = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_FILE); + if (fileBuffer == NULL) { + XFCLOSE(file); + return NULL; + } + dynamic = 1; + } + if ((int)XFREAD(fileBuffer, sz, 1, file) < 0) { + XFCLOSE(file); + if (dynamic) XFREE(fileBuffer, NULL, DYNAMIC_TYPE_FILE); + return NULL; } + XFCLOSE(file); + der.buffer = NULL; + der.length = 0; - CYASSL_X509* CyaSSL_get_peer_certificate(CYASSL* ssl) - { - CYASSL_ENTER("SSL_get_peer_certificate"); - if (ssl->peerCert.issuer.sz) - return &ssl->peerCert; - else - return 0; + if (format == SSL_FILETYPE_PEM) { + EncryptedInfo info; + int ecc = 0; + + info.set = 0; + info.ctx = NULL; + info.consumed = 0; + + if (PemToDer(fileBuffer, sz, CERT_TYPE, &der, NULL, &info, &ecc) != 0) + { + /* Only time this should fail, and leave `der` with a buffer + is when the Base64 Decode fails. Release `der.buffer` in + that case. */ + if (der.buffer != NULL) { + XFREE(der.buffer, NULL, DYNAMIC_TYPE_CERT); + der.buffer = NULL; + } + } + } + else { + der.buffer = (byte*)XMALLOC(sz, NULL, DYNAMIC_TYPE_CERT); + if (der.buffer != NULL) { + XMEMCPY(der.buffer, fileBuffer, sz); + der.length = (word32)sz; + } + } + if (dynamic) XFREE(fileBuffer, NULL, DYNAMIC_TYPE_FILE); + + /* At this point we want `der` to have the certificate in DER format */ + /* ready to be decoded. */ + if (der.buffer != NULL) { + DecodedCert cert; + + InitDecodedCert(&cert, der.buffer, der.length, NULL); + if (ParseCertRelative(&cert, CERT_TYPE, 0, NULL) == 0) { + x509 = (CYASSL_X509*)XMALLOC(sizeof(CYASSL_X509), + NULL, DYNAMIC_TYPE_X509); + if (x509 != NULL) { + InitX509(x509, 1); + if (CopyDecodedToX509(x509, &cert) != 0) { + XFREE(x509, NULL, DYNAMIC_TYPE_X509); + x509 = NULL; + } + } + } + FreeDecodedCert(&cert); + + XFREE(der.buffer, NULL, DYNAMIC_TYPE_CERT); } + return x509; +} + +#endif /* NO_FILESYSTEM */ + +#endif /* KEEP_PEER_CERT || SESSION_CERTS */ +#ifdef OPENSSL_EXTRA int CyaSSL_set_ex_data(CYASSL* ssl, int idx, void* data) { #ifdef FORTRESS @@ -4930,13 +8270,6 @@ int CyaSSL_set_compression(CYASSL* ssl) } - int CyaSSL_get_shutdown(const CYASSL* ssl) - { - (void)ssl; - return 0; - } - - int CyaSSL_set_session_id_context(CYASSL* ssl, const unsigned char* id, unsigned int len) { @@ -4950,7 +8283,15 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_set_connect_state(CYASSL* ssl) { (void)ssl; - /* client by default */ + /* client by default */ + } +#endif + + int CyaSSL_get_shutdown(const CYASSL* ssl) + { + return (ssl->options.isClosed || + ssl->options.connReset || + ssl->options.sentNotify); } @@ -4959,12 +8300,12 @@ int CyaSSL_set_compression(CYASSL* ssl) return ssl->options.resuming; } - +#ifdef OPENSSL_EXTRA void CyaSSL_SESSION_free(CYASSL_SESSION* session) { (void)session; } - +#endif const char* CyaSSL_get_version(CYASSL* ssl) { @@ -4983,11 +8324,26 @@ int CyaSSL_set_compression(CYASSL* ssl) return "unknown"; } } - else if (ssl->version.major == DTLS_MAJOR) - return "DTLS"; + else if (ssl->version.major == DTLS_MAJOR) { + switch (ssl->version.minor) { + case DTLS_MINOR : + return "DTLS"; + case DTLSv1_2_MINOR : + return "DTLSv1.2"; + default: + return "unknown"; + } + } return "unknown"; } + int CyaSSL_get_current_cipher_suite(CYASSL* ssl) + { + CYASSL_ENTER("SSL_get_current_cipher_suite"); + if (ssl) + return (ssl->options.cipherSuite0 << 8) | ssl->options.cipherSuite; + return 0; + } CYASSL_CIPHER* CyaSSL_get_current_cipher(CYASSL* ssl) { @@ -5001,111 +8357,287 @@ int CyaSSL_set_compression(CYASSL* ssl) const char* CyaSSL_CIPHER_get_name(const CYASSL_CIPHER* cipher) { + (void)cipher; + CYASSL_ENTER("SSL_CIPHER_get_name"); +#ifndef NO_ERROR_STRINGS if (cipher) { -#ifdef HAVE_ECC +#if defined(HAVE_ECC) || defined(HAVE_AESCCM) + /* Awkwardly, the ECC cipher suites use the ECC_BYTE as expected, + * but the AES-CCM cipher suites also use it, even the ones that + * aren't ECC. */ if (cipher->ssl->options.cipherSuite0 == ECC_BYTE) { /* ECC suites */ switch (cipher->ssl->options.cipherSuite) { +#ifdef HAVE_ECC +#ifndef NO_RSA + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 : + return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256"; +#endif + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 : + return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256"; +#ifndef NO_RSA + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 : + return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256"; +#endif + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 : + return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256"; +#ifndef NO_RSA + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 : + return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384"; +#endif + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 : + return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384"; +#ifndef NO_RSA + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 : + return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384"; +#endif + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 : + return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384"; +#ifndef NO_SHA + #ifndef NO_RSA case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA : return "TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA"; case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA : return "TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA"; + #endif case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA : return "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA"; case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA : return "TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA"; + #ifndef NO_RC4 + #ifndef NO_RSA case TLS_ECDHE_RSA_WITH_RC4_128_SHA : return "TLS_ECDHE_RSA_WITH_RC4_128_SHA"; + #endif case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA : return "TLS_ECDHE_ECDSA_WITH_RC4_128_SHA"; + #endif + #ifndef NO_DES3 + #ifndef NO_RSA case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA : return "TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA"; + #endif case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA : return "TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA"; + #endif + #ifndef NO_RSA case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA : return "TLS_ECDH_RSA_WITH_AES_128_CBC_SHA"; case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA : return "TLS_ECDH_RSA_WITH_AES_256_CBC_SHA"; + #endif case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA : return "TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA"; case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA : return "TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA"; + #ifndef NO_RC4 + #ifndef NO_RSA case TLS_ECDH_RSA_WITH_RC4_128_SHA : return "TLS_ECDH_RSA_WITH_RC4_128_SHA"; + #endif case TLS_ECDH_ECDSA_WITH_RC4_128_SHA : return "TLS_ECDH_ECDSA_WITH_RC4_128_SHA"; + #endif + #ifndef NO_DES3 + #ifndef NO_RSA case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA : return "TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA"; + #endif case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA : return "TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA"; + #endif +#endif /* NO_SHA */ +#ifdef HAVE_AESGCM + #ifndef NO_RSA case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 : return "TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256"; case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 : return "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"; + #endif case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 : return "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256"; case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 : return "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"; + #ifndef NO_RSA case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 : return "TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256"; case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 : return "TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384"; + #endif case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 : return "TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256"; case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 : return "TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384"; +#endif +#endif /* HAVE_ECC */ + +#ifdef HAVE_AESCCM + #ifndef NO_RSA + case TLS_RSA_WITH_AES_128_CCM_8 : + return "TLS_RSA_WITH_AES_128_CCM_8"; + case TLS_RSA_WITH_AES_256_CCM_8 : + return "TLS_RSA_WITH_AES_256_CCM_8"; + #endif + #ifndef NO_PSK + case TLS_PSK_WITH_AES_128_CCM_8 : + return "TLS_PSK_WITH_AES_128_CCM_8"; + case TLS_PSK_WITH_AES_256_CCM_8 : + return "TLS_PSK_WITH_AES_256_CCM_8"; + case TLS_PSK_WITH_AES_128_CCM : + return "TLS_PSK_WITH_AES_128_CCM"; + case TLS_PSK_WITH_AES_256_CCM : + return "TLS_PSK_WITH_AES_256_CCM"; + case TLS_DHE_PSK_WITH_AES_128_CCM : + return "TLS_DHE_PSK_WITH_AES_128_CCM"; + case TLS_DHE_PSK_WITH_AES_256_CCM : + return "TLS_DHE_PSK_WITH_AES_256_CCM"; + #endif + #ifdef HAVE_ECC + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + return "TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8"; + case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 : + return "TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8"; + #endif +#endif default: return "NONE"; } } -#endif +#endif /* ECC */ if (cipher->ssl->options.cipherSuite0 != ECC_BYTE) { /* normal suites */ switch (cipher->ssl->options.cipherSuite) { +#ifndef NO_RSA + #ifndef NO_RC4 + #ifndef NO_SHA case SSL_RSA_WITH_RC4_128_SHA : return "SSL_RSA_WITH_RC4_128_SHA"; + #endif + #ifndef NO_MD5 case SSL_RSA_WITH_RC4_128_MD5 : return "SSL_RSA_WITH_RC4_128_MD5"; + #endif + #endif + #ifndef NO_SHA + #ifndef NO_DES3 case SSL_RSA_WITH_3DES_EDE_CBC_SHA : return "SSL_RSA_WITH_3DES_EDE_CBC_SHA"; + #endif case TLS_RSA_WITH_AES_128_CBC_SHA : return "TLS_RSA_WITH_AES_128_CBC_SHA"; case TLS_RSA_WITH_AES_256_CBC_SHA : return "TLS_RSA_WITH_AES_256_CBC_SHA"; + #endif case TLS_RSA_WITH_AES_128_CBC_SHA256 : return "TLS_RSA_WITH_AES_128_CBC_SHA256"; case TLS_RSA_WITH_AES_256_CBC_SHA256 : return "TLS_RSA_WITH_AES_256_CBC_SHA256"; + #ifdef HAVE_BLAKE2 + case TLS_RSA_WITH_AES_128_CBC_B2B256: + return "TLS_RSA_WITH_AES_128_CBC_B2B256"; + case TLS_RSA_WITH_AES_256_CBC_B2B256: + return "TLS_RSA_WITH_AES_256_CBC_B2B256"; + #endif + #ifndef NO_SHA + case TLS_RSA_WITH_NULL_SHA : + return "TLS_RSA_WITH_NULL_SHA"; + #endif + case TLS_RSA_WITH_NULL_SHA256 : + return "TLS_RSA_WITH_NULL_SHA256"; +#endif /* NO_RSA */ +#ifndef NO_PSK + #ifndef NO_SHA case TLS_PSK_WITH_AES_128_CBC_SHA : return "TLS_PSK_WITH_AES_128_CBC_SHA"; case TLS_PSK_WITH_AES_256_CBC_SHA : return "TLS_PSK_WITH_AES_256_CBC_SHA"; + #endif + #ifndef NO_SHA256 + case TLS_PSK_WITH_AES_128_CBC_SHA256 : + return "TLS_PSK_WITH_AES_128_CBC_SHA256"; + case TLS_PSK_WITH_NULL_SHA256 : + return "TLS_PSK_WITH_NULL_SHA256"; + case TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 : + return "TLS_DHE_PSK_WITH_AES_128_CBC_SHA256"; + case TLS_DHE_PSK_WITH_NULL_SHA256 : + return "TLS_DHE_PSK_WITH_NULL_SHA256"; + #ifdef HAVE_AESGCM + case TLS_PSK_WITH_AES_128_GCM_SHA256 : + return "TLS_PSK_WITH_AES_128_GCM_SHA256"; + case TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 : + return "TLS_DHE_PSK_WITH_AES_128_GCM_SHA256"; + #endif + #endif + #ifdef CYASSL_SHA384 + case TLS_PSK_WITH_AES_256_CBC_SHA384 : + return "TLS_PSK_WITH_AES_256_CBC_SHA384"; + case TLS_PSK_WITH_NULL_SHA384 : + return "TLS_PSK_WITH_NULL_SHA384"; + case TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 : + return "TLS_DHE_PSK_WITH_AES_256_CBC_SHA384"; + case TLS_DHE_PSK_WITH_NULL_SHA384 : + return "TLS_DHE_PSK_WITH_NULL_SHA384"; + #ifdef HAVE_AESGCM + case TLS_PSK_WITH_AES_256_GCM_SHA384 : + return "TLS_PSK_WITH_AES_256_GCM_SHA384"; + case TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 : + return "TLS_DHE_PSK_WITH_AES_256_GCM_SHA384"; + #endif + #endif + #ifndef NO_SHA + case TLS_PSK_WITH_NULL_SHA : + return "TLS_PSK_WITH_NULL_SHA"; + #endif +#endif /* NO_PSK */ +#ifndef NO_RSA case TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 : return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA256"; case TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 : return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA256"; + #ifndef NO_SHA case TLS_DHE_RSA_WITH_AES_128_CBC_SHA : return "TLS_DHE_RSA_WITH_AES_128_CBC_SHA"; case TLS_DHE_RSA_WITH_AES_256_CBC_SHA : return "TLS_DHE_RSA_WITH_AES_256_CBC_SHA"; - case TLS_RSA_WITH_HC_128_CBC_MD5 : - return "TLS_RSA_WITH_HC_128_CBC_MD5"; - case TLS_RSA_WITH_HC_128_CBC_SHA : - return "TLS_RSA_WITH_HC_128_CBC_SHA"; - case TLS_RSA_WITH_RABBIT_CBC_SHA : - return "TLS_RSA_WITH_RABBIT_CBC_SHA"; + #endif + #ifndef NO_HC128 + #ifndef NO_MD5 + case TLS_RSA_WITH_HC_128_MD5 : + return "TLS_RSA_WITH_HC_128_MD5"; + #endif + #ifndef NO_SHA + case TLS_RSA_WITH_HC_128_SHA : + return "TLS_RSA_WITH_HC_128_SHA"; + #endif + #ifdef HAVE_BLAKE2 + case TLS_RSA_WITH_HC_128_B2B256: + return "TLS_RSA_WITH_HC_128_B2B256"; + #endif + #endif /* NO_HC128 */ + #ifndef NO_SHA + #ifndef NO_RABBIT + case TLS_RSA_WITH_RABBIT_SHA : + return "TLS_RSA_WITH_RABBIT_SHA"; + #endif + #ifdef HAVE_NTRU + #ifndef NO_RC4 case TLS_NTRU_RSA_WITH_RC4_128_SHA : return "TLS_NTRU_RSA_WITH_RC4_128_SHA"; + #endif + #ifndef NO_DES3 case TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA : return "TLS_NTRU_RSA_WITH_3DES_EDE_CBC_SHA"; + #endif case TLS_NTRU_RSA_WITH_AES_128_CBC_SHA : return "TLS_NTRU_RSA_WITH_AES_128_CBC_SHA"; case TLS_NTRU_RSA_WITH_AES_256_CBC_SHA : return "TLS_NTRU_RSA_WITH_AES_256_CBC_SHA"; + #endif /* HAVE_NTRU */ + #endif /* NO_SHA */ case TLS_RSA_WITH_AES_128_GCM_SHA256 : return "TLS_RSA_WITH_AES_128_GCM_SHA256"; case TLS_RSA_WITH_AES_256_GCM_SHA384 : @@ -5114,12 +8646,33 @@ int CyaSSL_set_compression(CYASSL* ssl) return "TLS_DHE_RSA_WITH_AES_128_GCM_SHA256"; case TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 : return "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384"; + #ifndef NO_SHA + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA : + return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA"; + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA : + return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA"; + #endif + case TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + return "TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256"; + case TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + return "TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256"; + #ifndef NO_SHA + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA : + return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA"; + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA : + return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA"; + #endif + case TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 : + return "TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256"; + case TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 : + return "TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256"; +#endif /* NO_RSA */ default: return "NONE"; } /* switch */ } /* normal / ECC */ } - +#endif /* NO_ERROR_STRINGS */ return "NONE"; } @@ -5130,38 +8683,8 @@ int CyaSSL_set_compression(CYASSL* ssl) return CyaSSL_CIPHER_get_name(CyaSSL_get_current_cipher(ssl)); } +#ifdef OPENSSL_EXTRA - /* server ctx Diffie-Hellman parameters */ - int CyaSSL_CTX_SetTmpDH(CYASSL_CTX* ctx, const unsigned char* p, int pSz, - const unsigned char* g, int gSz) - { - CYASSL_ENTER("CyaSSL_CTX_SetTmpDH"); - if (ctx == NULL || p == NULL || g == NULL) return BAD_FUNC_ARG; - - XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH); - XFREE(ctx->serverDH_G.buffer, ctx->heap, DYNAMIC_TYPE_DH); - - ctx->serverDH_P.buffer = (byte*)XMALLOC(pSz, ctx->heap,DYNAMIC_TYPE_DH); - if (ctx->serverDH_P.buffer == NULL) - return MEMORY_E; - - ctx->serverDH_G.buffer = (byte*)XMALLOC(gSz, ctx->heap,DYNAMIC_TYPE_DH); - if (ctx->serverDH_G.buffer == NULL) { - XFREE(ctx->serverDH_P.buffer, ctx->heap, DYNAMIC_TYPE_DH); - return MEMORY_E; - } - - ctx->serverDH_P.length = pSz; - ctx->serverDH_G.length = gSz; - - XMEMCPY(ctx->serverDH_P.buffer, p, pSz); - XMEMCPY(ctx->serverDH_G.buffer, g, gSz); - - ctx->haveDH = 1; - - CYASSL_LEAVE("CyaSSL_CTX_SetTmpDH", 0); - return 0; - } char* CyaSSL_CIPHER_description(CYASSL_CIPHER* cipher, char* in, int len) @@ -5226,9 +8749,9 @@ int CyaSSL_set_compression(CYASSL* ssl) /* make sure we have a big enough buffer */ typedef char ok[sizeof(md4->buffer) >= sizeof(Md4) ? 1 : -1]; (void) sizeof(ok); - + CYASSL_ENTER("MD4_Init"); - InitMd4((Md4*)md4); + InitMd4((Md4*)md4); } @@ -5236,14 +8759,14 @@ int CyaSSL_set_compression(CYASSL* ssl) unsigned long len) { CYASSL_ENTER("MD4_Update"); - Md4Update((Md4*)md4, (const byte*)data, (word32)len); + Md4Update((Md4*)md4, (const byte*)data, (word32)len); } void CyaSSL_MD4_Final(unsigned char* digest, CYASSL_MD4_CTX* md4) { CYASSL_ENTER("MD4_Final"); - Md4Final((Md4*)md4, digest); + Md4Final((Md4*)md4, digest); } #endif /* NO_MD4 */ @@ -5291,7 +8814,7 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_RAND_screen(void) { - + } @@ -5434,9 +8957,61 @@ int CyaSSL_set_compression(CYASSL* ssl) } + int CyaSSL_X509_STORE_add_cert(CYASSL_X509_STORE* store, CYASSL_X509* x509) + { + int result = SSL_FATAL_ERROR; + + CYASSL_ENTER("CyaSSL_X509_STORE_add_cert"); + if (store != NULL && store->cm != NULL && x509 != NULL) { + buffer derCert; + derCert.buffer = (byte*)XMALLOC(x509->derCert.length, + NULL, DYNAMIC_TYPE_CERT); + if (derCert.buffer != NULL) { + derCert.length = x509->derCert.length; + /* AddCA() frees the buffer. */ + XMEMCPY(derCert.buffer, + x509->derCert.buffer, x509->derCert.length); + result = AddCA(store->cm, derCert, CYASSL_USER_CA, 1); + if (result != SSL_SUCCESS) result = SSL_FATAL_ERROR; + } + } + + CYASSL_LEAVE("CyaSSL_X509_STORE_add_cert", result); + return result; + } + + CYASSL_X509_STORE* CyaSSL_X509_STORE_new(void) { - return 0; + CYASSL_X509_STORE* store = NULL; + + store = (CYASSL_X509_STORE*)XMALLOC(sizeof(CYASSL_X509_STORE), NULL, 0); + if (store != NULL) { + store->cm = CyaSSL_CertManagerNew(); + if (store->cm == NULL) { + XFREE(store, NULL, 0); + store = NULL; + } + } + + return store; + } + + + void CyaSSL_X509_STORE_free(CYASSL_X509_STORE* store) + { + if (store != NULL) { + if (store->cm != NULL) + CyaSSL_CertManagerFree(store->cm); + XFREE(store, NULL, 0); + } + } + + + int CyaSSL_X509_STORE_set_default_paths(CYASSL_X509_STORE* store) + { + (void)store; + return SSL_SUCCESS; } @@ -5451,14 +9026,46 @@ int CyaSSL_set_compression(CYASSL* ssl) } + CYASSL_X509_STORE_CTX* CyaSSL_X509_STORE_CTX_new(void) + { + CYASSL_X509_STORE_CTX* ctx = (CYASSL_X509_STORE_CTX*)XMALLOC( + sizeof(CYASSL_X509_STORE_CTX), NULL, 0); + + if (ctx != NULL) + CyaSSL_X509_STORE_CTX_init(ctx, NULL, NULL, NULL); + + return ctx; + } + + int CyaSSL_X509_STORE_CTX_init(CYASSL_X509_STORE_CTX* ctx, CYASSL_X509_STORE* store, CYASSL_X509* x509, STACK_OF(CYASSL_X509)* sk) { - (void)ctx; - (void)store; - (void)x509; (void)sk; - return 0; + if (ctx != NULL) { + ctx->store = store; + ctx->current_cert = x509; + ctx->domain = NULL; + ctx->ex_data = NULL; + ctx->userCtx = NULL; + ctx->error = 0; + ctx->error_depth = 0; + ctx->discardSessionCerts = 0; + return SSL_SUCCESS; + } + return SSL_FATAL_ERROR; + } + + + void CyaSSL_X509_STORE_CTX_free(CYASSL_X509_STORE_CTX* ctx) + { + if (ctx != NULL) { + if (ctx->store != NULL) + CyaSSL_X509_STORE_free(ctx->store); + if (ctx->current_cert != NULL) + CyaSSL_FreeX509(ctx->current_cert); + XFREE(ctx, NULL, 0); + } } @@ -5468,6 +9075,18 @@ int CyaSSL_set_compression(CYASSL* ssl) } + int CyaSSL_X509_verify_cert(CYASSL_X509_STORE_CTX* ctx) + { + if (ctx != NULL && ctx->store != NULL && ctx->store->cm != NULL + && ctx->current_cert != NULL) { + return CyaSSL_CertManagerVerifyBuffer(ctx->store->cm, + ctx->current_cert->derCert.buffer, + ctx->current_cert->derCert.length, + SSL_FILETYPE_ASN1); + } + return SSL_FATAL_ERROR; + } + CYASSL_ASN1_TIME* CyaSSL_X509_CRL_get_lastUpdate(CYASSL_X509_CRL* crl) { @@ -5486,8 +9105,28 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_EVP_PKEY* CyaSSL_X509_get_pubkey(CYASSL_X509* x509) { - (void)x509; - return 0; + CYASSL_EVP_PKEY* key = NULL; + if (x509 != NULL) { + key = (CYASSL_EVP_PKEY*)XMALLOC( + sizeof(CYASSL_EVP_PKEY), NULL, DYNAMIC_TYPE_PUBLIC_KEY); + if (key != NULL) { + key->type = x509->pubKeyOID; + key->save_type = 0; + key->pkey.ptr = (char*)XMALLOC( + x509->pubKey.length, NULL, DYNAMIC_TYPE_PUBLIC_KEY); + if (key->pkey.ptr == NULL) { + XFREE(key, NULL, DYNAMIC_TYPE_PUBLIC_KEY); + return NULL; + } + XMEMCPY(key->pkey.ptr, + x509->pubKey.buffer, x509->pubKey.length); + key->pkey_sz = x509->pubKey.length; + #ifdef HAVE_ECC + key->pkey_curve = (int)x509->pkCurveOID; + #endif /* HAVE_ECC */ + } + } + return key; } @@ -5514,7 +9153,11 @@ int CyaSSL_set_compression(CYASSL* ssl) void CyaSSL_EVP_PKEY_free(CYASSL_EVP_PKEY* key) { - (void)key; + if (key != NULL) { + if (key->pkey.ptr != NULL) + XFREE(key->pkey.ptr, NULL, 0); + XFREE(key, NULL, 0); + } } @@ -5664,7 +9307,7 @@ int CyaSSL_set_compression(CYASSL* ssl) (void)key; return 0; } - + long CyaSSL_CTX_sess_accept(CYASSL_CTX* ctx) { @@ -5763,7 +9406,7 @@ int CyaSSL_set_compression(CYASSL* ssl) (void)myDes; } - + void CyaSSL_DES_ecb_encrypt(CYASSL_DES_cblock* desa, CYASSL_DES_cblock* desb, CYASSL_DES_key_schedule* key, int len) { @@ -5787,7 +9430,7 @@ int CyaSSL_set_compression(CYASSL* ssl) (void)a; return 0; } - + int CyaSSL_sk_num(CYASSL_X509_REVOKED* rev) { @@ -5887,37 +9530,13 @@ int CyaSSL_set_compression(CYASSL* ssl) (void)a; (void)b; (void)c; - return 0; - } - - /* write X509 serial number in unsigned binary to buffer - buffer needs to be at least EXTERNAL_SERIAL_SIZE (32) for all cases - return 0 on success */ - int CyaSSL_X509_get_serial_number(CYASSL_X509* x509, byte* in, int* inOutSz) - { - CYASSL_ENTER("CyaSSL_X509_get_serial_number"); - if (x509 == NULL || in == NULL || *inOutSz < x509->serialSz) - return BAD_FUNC_ARG; - - XMEMCPY(in, x509->serial, x509->serialSz); - *inOutSz = x509->serialSz; - return 0; } - - const byte* CyaSSL_X509_get_der(CYASSL_X509* x509, int* outSz) - { - CYASSL_ENTER("CyaSSL_X509_get_der"); - - if (x509 == NULL || outSz == NULL) - return NULL; - - *outSz = (int)x509->derCert.length; - return x509->derCert.buffer; - } +#endif /* OPENSSL_EXTRA */ +#ifdef KEEP_PEER_CERT char* CyaSSL_X509_get_subjectCN(CYASSL_X509* x509) { if (x509 == NULL) @@ -5925,18 +9544,20 @@ int CyaSSL_set_compression(CYASSL* ssl) return x509->subjectCN; } +#endif /* KEEP_PEER_CERT */ +#ifdef OPENSSL_EXTRA #ifdef FORTRESS int CyaSSL_cmp_peer_cert_to_file(CYASSL* ssl, const char *fname) { - int ret = -1; + int ret = SSL_FATAL_ERROR; CYASSL_ENTER("CyaSSL_cmp_peer_cert_to_file"); if (ssl != NULL && fname != NULL) { - XFILE* file = NULL; - int sz = 0; + XFILE file = XBADFILE; + long sz = 0; byte staticBuffer[FILE_BUFFER_SIZE]; byte* myBuffer = staticBuffer; CYASSL_CTX* ctx = ssl->ctx; @@ -5950,8 +9571,8 @@ int CyaSSL_set_compression(CYASSL* ssl) info.consumed = 0; fileDer.buffer = 0; - file = XFOPEN(fname, "rb"); - if (!file) return SSL_BAD_FILE; + file = XFOPEN(fname, "rb"); + if (file == XBADFILE) return SSL_BAD_FILE; XFSEEK(file, 0, XSEEK_END); sz = XFTELL(file); XREWIND(file); @@ -5959,8 +9580,9 @@ int CyaSSL_set_compression(CYASSL* ssl) CYASSL_MSG("Getting dynamic buffer"); myBuffer = (byte*) XMALLOC(sz, ctx->heap, DYNAMIC_TYPE_FILE); } - + if ((myBuffer != NULL) && + (sz > 0) && (XFREAD(myBuffer, sz, 1, file) > 0) && (PemToDer(myBuffer, sz, CERT_TYPE, &fileDer, ctx->heap, &info, &eccKey) == 0) && @@ -5981,19 +9603,13 @@ int CyaSSL_set_compression(CYASSL* ssl) return ret; } -#else - int CyaSSL_cmp_peer_cert_to_file(CYASSL* ssl, const char *fname) - { - (void)ssl; - (void)fname; - return -1; - } #endif static RNG globalRNG; static int initGlobalRNG = 0; + /* SSL_SUCCESS on ok */ int CyaSSL_RAND_seed(const void* seed, int len) { @@ -6005,32 +9621,37 @@ static int initGlobalRNG = 0; if (initGlobalRNG == 0) { if (InitRng(&globalRNG) < 0) { CYASSL_MSG("CyaSSL Init Global RNG failed"); + return 0; } initGlobalRNG = 1; } - return 0; + return SSL_SUCCESS; } + /* SSL_SUCCESS on ok */ int CyaSSL_RAND_bytes(unsigned char* buf, int num) { RNG tmpRNG; - RNG* rng = &tmpRNG; + RNG* rng = &tmpRNG; CYASSL_ENTER("RAND_bytes"); if (InitRng(&tmpRNG) != 0) { CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return 0; + return 0; } rng = &globalRNG; } - RNG_GenerateBlock(rng, buf, num); + if (RNG_GenerateBlock(rng, buf, num) != 0) { + CYASSL_MSG("Bad RNG_GenerateBlock"); + return 0; + } - return 1; + return SSL_SUCCESS; } CYASSL_BN_CTX* CyaSSL_BN_CTX_new(void) @@ -6059,7 +9680,7 @@ static int initGlobalRNG = 0; static void InitCyaSSL_BigNum(CYASSL_BIGNUM* bn) - { + { CYASSL_MSG("InitCyaSSL_BigNum"); if (bn) { bn->neg = 0; @@ -6090,8 +9711,11 @@ static int initGlobalRNG = 0; } InitCyaSSL_BigNum(external); - mp_init(mpi); external->internal = mpi; + if (mp_init(mpi) != MP_OKAY) { + CyaSSL_BN_free(external); + return NULL; + } return external; } @@ -6119,6 +9743,7 @@ static int initGlobalRNG = 0; } + /* SSL_SUCCESS on ok */ int CyaSSL_BN_sub(CYASSL_BIGNUM* r, const CYASSL_BIGNUM* a, const CYASSL_BIGNUM* b) { @@ -6129,13 +9754,14 @@ static int initGlobalRNG = 0; if (mp_sub((mp_int*)a->internal,(mp_int*)b->internal, (mp_int*)r->internal) == MP_OKAY) - return 1; + return SSL_SUCCESS; CYASSL_MSG("CyaSSL_BN_sub mp_sub failed"); return 0; } + /* SSL_SUCCESS on ok */ int CyaSSL_BN_mod(CYASSL_BIGNUM* r, const CYASSL_BIGNUM* a, const CYASSL_BIGNUM* b, const CYASSL_BN_CTX* c) { @@ -6147,7 +9773,7 @@ static int initGlobalRNG = 0; if (mp_mod((mp_int*)a->internal,(mp_int*)b->internal, (mp_int*)r->internal) == MP_OKAY) - return 1; + return SSL_SUCCESS; CYASSL_MSG("CyaSSL_BN_mod mp_mod failed"); return 0; @@ -6245,7 +9871,7 @@ static int initGlobalRNG = 0; if (bn == NULL || bn->internal == NULL) { CYASSL_MSG("NULL bn error"); - return -1; + return SSL_FATAL_ERROR; } if (r == NULL) @@ -6253,7 +9879,7 @@ static int initGlobalRNG = 0; if (mp_to_unsigned_bin((mp_int*)bn->internal, r) != MP_OKAY) { CYASSL_MSG("mp_to_unsigned_bin error"); - return -1; + return SSL_FATAL_ERROR; } return mp_unsigned_bin_size((mp_int*)bn->internal); @@ -6269,7 +9895,7 @@ static int initGlobalRNG = 0; if (mp_read_unsigned_bin((mp_int*)ret->internal, str, len) != 0) { CYASSL_MSG("mp_read_unsigned_bin failure"); return NULL; - } + } } else { CYASSL_MSG("CyaSSL_BN_bin2bn wants return bignum"); @@ -6285,16 +9911,16 @@ static int initGlobalRNG = 0; (void)n; CYASSL_MSG("CyaSSL_BN_mask_bits"); - return -1; + return SSL_FATAL_ERROR; } + /* SSL_SUCCESS on ok */ int CyaSSL_BN_rand(CYASSL_BIGNUM* bn, int bits, int top, int bottom) { byte buff[1024]; RNG tmpRNG; - RNG* rng = &tmpRNG; - int ret; + RNG* rng = &tmpRNG; int len = bits/8; (void)top; @@ -6303,22 +9929,26 @@ static int initGlobalRNG = 0; if (bn == NULL || bn->internal == NULL) { CYASSL_MSG("Bad function arguments"); - return 0; + return 0; } if (bits % 8) len++; - if ( (ret = InitRng(&tmpRNG)) != 0) { + if ( (InitRng(&tmpRNG)) != 0) { CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return 0; + return 0; } rng = &globalRNG; } - RNG_GenerateBlock(rng, buff, len); + if (RNG_GenerateBlock(rng, buff, len) != 0) { + CYASSL_MSG("Bad RNG_GenerateBlock"); + return 0; + } + buff[0] |= 0x80 | 0x40; buff[len-1] |= 0x01; @@ -6326,8 +9956,8 @@ static int initGlobalRNG = 0; CYASSL_MSG("mp read bin failed"); return 0; } - - return 1; + + return SSL_SUCCESS; } @@ -6342,6 +9972,7 @@ static int initGlobalRNG = 0; } + /* SSL_SUCCESS on ok */ int CyaSSL_BN_hex2bn(CYASSL_BIGNUM** bn, const char* str) { byte decoded[1024]; @@ -6354,7 +9985,7 @@ static int initGlobalRNG = 0; return 0; } - if (Base16_Decode((byte*)str, strlen(str), decoded, &decSz) < 0) { + if (Base16_Decode((byte*)str, (int)XSTRLEN(str), decoded, &decSz) < 0) { CYASSL_MSG("Bad Base16_Decode error"); return 0; } @@ -6375,7 +10006,7 @@ static int initGlobalRNG = 0; return 0; } - return 1; /* success */ + return SSL_SUCCESS; } @@ -6424,7 +10055,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_BN_set_word"); - return -1; + return SSL_FATAL_ERROR; } @@ -6435,7 +10066,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_BN_dec2bn"); - return -1; + return SSL_FATAL_ERROR; } @@ -6449,6 +10080,8 @@ static int initGlobalRNG = 0; } + #ifndef NO_DH + static void InitCyaSSL_DH(CYASSL_DH* dh) { if (dh) { @@ -6513,7 +10146,7 @@ static int initGlobalRNG = 0; } - static int SetDhInternal(CYASSL_DH* dh) + static int SetDhInternal(CYASSL_DH* dh) { unsigned char p[1024]; unsigned char g[1024]; @@ -6524,30 +10157,30 @@ static int initGlobalRNG = 0; if (dh == NULL || dh->p == NULL || dh->g == NULL) { CYASSL_MSG("Bad function arguments"); - return -1; + return SSL_FATAL_ERROR; } if (CyaSSL_BN_bn2bin(dh->p, NULL) > pSz) { CYASSL_MSG("Bad p internal size"); - return -1; + return SSL_FATAL_ERROR; } if (CyaSSL_BN_bn2bin(dh->g, NULL) > gSz) { CYASSL_MSG("Bad g internal size"); - return -1; + return SSL_FATAL_ERROR; } pSz = CyaSSL_BN_bn2bin(dh->p, p); gSz = CyaSSL_BN_bn2bin(dh->g, g); - + if (pSz <= 0 || gSz <= 0) { CYASSL_MSG("Bad BN2bin set"); - return -1; + return SSL_FATAL_ERROR; } if (DhSetKey((DhKey*)dh->internal, p, pSz, g, gSz) < 0) { CYASSL_MSG("Bad DH SetKey"); - return -1; + return SSL_FATAL_ERROR; } dh->inSet = 1; @@ -6567,36 +10200,35 @@ static int initGlobalRNG = 0; } - /* return 1 on success else 0 */ + /* return SSL_SUCCESS on ok, else 0 */ int CyaSSL_DH_generate_key(CYASSL_DH* dh) { - unsigned char pub [1024]; - unsigned char priv[1024]; + unsigned char pub [768]; + unsigned char priv[768]; word32 pubSz = sizeof(pub); word32 privSz = sizeof(priv); RNG tmpRNG; - RNG* rng = &tmpRNG; - int ret; + RNG* rng = &tmpRNG; CYASSL_MSG("CyaSSL_DH_generate_key"); if (dh == NULL || dh->p == NULL || dh->g == NULL) { CYASSL_MSG("Bad function arguments"); - return 0; + return 0; } if (dh->inSet == 0) { if (SetDhInternal(dh) < 0) { CYASSL_MSG("Bad DH set internal"); - return 0; + return 0; } } - if ( (ret = InitRng(&tmpRNG)) != 0) { + if ( (InitRng(&tmpRNG)) != 0) { CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return 0; + return 0; } rng = &globalRNG; } @@ -6604,7 +10236,7 @@ static int initGlobalRNG = 0; if (DhGenerateKeyPair((DhKey*)dh->internal, rng, priv, &privSz, pub, &pubSz) < 0) { CYASSL_MSG("Bad DhGenerateKeyPair"); - return 0; + return 0; } if (dh->pub_key) @@ -6612,7 +10244,7 @@ static int initGlobalRNG = 0; dh->pub_key = CyaSSL_BN_new(); if (dh->pub_key == NULL) { CYASSL_MSG("Bad DH new pub"); - return 0; + return 0; } if (dh->priv_key) @@ -6620,25 +10252,25 @@ static int initGlobalRNG = 0; dh->priv_key = CyaSSL_BN_new(); if (dh->priv_key == NULL) { CYASSL_MSG("Bad DH new priv"); - return 0; + return 0; } if (CyaSSL_BN_bin2bn(pub, pubSz, dh->pub_key) == NULL) { CYASSL_MSG("Bad DH bn2bin error pub"); - return 0; + return 0; } if (CyaSSL_BN_bin2bn(priv, privSz, dh->priv_key) == NULL) { CYASSL_MSG("Bad DH bn2bin error priv"); - return 0; + return 0; } CYASSL_MSG("CyaSSL_generate_key success"); - return 1; + return SSL_SUCCESS; } - /* return 1 on success, 0 otherwise */ + /* return key size on ok, 0 otherwise */ int CyaSSL_DH_compute_key(unsigned char* key, CYASSL_BIGNUM* otherPub, CYASSL_DH* dh) { @@ -6652,7 +10284,7 @@ static int initGlobalRNG = 0; if (dh == NULL || dh->priv_key == NULL || otherPub == NULL) { CYASSL_MSG("Bad function arguments"); - return 0; + return 0; } keySz = (word32)DH_size(dh); @@ -6673,7 +10305,7 @@ static int initGlobalRNG = 0; privSz = CyaSSL_BN_bn2bin(dh->priv_key, priv); pubSz = CyaSSL_BN_bn2bin(otherPub, pub); - + if (privSz <= 0 || pubSz <= 0) { CYASSL_MSG("Bad BN2bin set"); return 0; @@ -6688,8 +10320,10 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_compute_key success"); return (int)keySz; } + #endif /* NO_DH */ +#ifndef NO_DSA static void InitCyaSSL_DSA(CYASSL_DSA* dsa) { if (dsa) { @@ -6782,8 +10416,9 @@ static int initGlobalRNG = 0; return 0; /* key gen not needed by server */ } +#endif /* NO_DSA */ - +#ifndef NO_RSA static void InitCyaSSL_Rsa(CYASSL_RSA* rsa) { if (rsa) { @@ -6824,7 +10459,12 @@ static int initGlobalRNG = 0; } InitCyaSSL_Rsa(external); - InitRsaKey(key, NULL); + if (InitRsaKey(key, NULL) != 0) { + CYASSL_MSG("InitRsaKey CYASSL_RSA failure"); + XFREE(external, NULL, DYNAMIC_TYPE_RSA); + XFREE(key, NULL, DYNAMIC_TYPE_RSA); + return NULL; + } external->internal = key; return external; @@ -6854,34 +10494,38 @@ static int initGlobalRNG = 0; XFREE(rsa, NULL, DYNAMIC_TYPE_RSA); } } +#endif /* NO_RSA */ +#if !defined(NO_RSA) || !defined(NO_DSA) static int SetIndividualExternal(CYASSL_BIGNUM** bn, mp_int* mpi) { CYASSL_MSG("Entering SetIndividualExternal"); if (mpi == NULL) { CYASSL_MSG("mpi NULL error"); - return -1; + return SSL_FATAL_ERROR; } if (*bn == NULL) { *bn = CyaSSL_BN_new(); if (*bn == NULL) { CYASSL_MSG("SetIndividualExternal alloc failed"); - return -1; + return SSL_FATAL_ERROR; } } if (mp_copy(mpi, (mp_int*)((*bn)->internal)) != MP_OKAY) { CYASSL_MSG("mp_copy error"); - return -1; + return SSL_FATAL_ERROR; } return 0; } +#endif /* !NO_RSA && !NO_DSA */ +#ifndef NO_DSA static int SetDsaExternal(CYASSL_DSA* dsa) { DsaKey* key; @@ -6889,42 +10533,44 @@ static int initGlobalRNG = 0; if (dsa == NULL || dsa->internal == NULL) { CYASSL_MSG("dsa key NULL error"); - return -1; + return SSL_FATAL_ERROR; } key = (DsaKey*)dsa->internal; if (SetIndividualExternal(&dsa->p, &key->p) < 0) { CYASSL_MSG("dsa p key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&dsa->q, &key->q) < 0) { CYASSL_MSG("dsa q key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&dsa->g, &key->g) < 0) { CYASSL_MSG("dsa g key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&dsa->pub_key, &key->y) < 0) { CYASSL_MSG("dsa y key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&dsa->priv_key, &key->x) < 0) { CYASSL_MSG("dsa x key error"); - return -1; + return SSL_FATAL_ERROR; } dsa->exSet = 1; return 0; } +#endif /* NO_DSA */ +#ifndef NO_RSA static int SetRsaExternal(CYASSL_RSA* rsa) { RsaKey* key; @@ -6932,49 +10578,49 @@ static int initGlobalRNG = 0; if (rsa == NULL || rsa->internal == NULL) { CYASSL_MSG("rsa key NULL error"); - return -1; + return SSL_FATAL_ERROR; } key = (RsaKey*)rsa->internal; if (SetIndividualExternal(&rsa->n, &key->n) < 0) { CYASSL_MSG("rsa n key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&rsa->e, &key->e) < 0) { CYASSL_MSG("rsa e key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&rsa->d, &key->d) < 0) { CYASSL_MSG("rsa d key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&rsa->p, &key->p) < 0) { CYASSL_MSG("rsa p key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&rsa->q, &key->q) < 0) { CYASSL_MSG("rsa q key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&rsa->dmp1, &key->dP) < 0) { CYASSL_MSG("rsa dP key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&rsa->dmq1, &key->dQ) < 0) { CYASSL_MSG("rsa dQ key error"); - return -1; + return SSL_FATAL_ERROR; } if (SetIndividualExternal(&rsa->iqmp, &key->u) < 0) { CYASSL_MSG("rsa u key error"); - return -1; + return SSL_FATAL_ERROR; } rsa->exSet = 1; @@ -6983,6 +10629,7 @@ static int initGlobalRNG = 0; } + /* SSL_SUCCESS on ok */ int CyaSSL_RSA_generate_key_ex(CYASSL_RSA* rsa, int bits, CYASSL_BIGNUM* bn, void* cb) { @@ -6994,34 +10641,35 @@ static int initGlobalRNG = 0; (void)bits; (void)cb; (void)bn; - + if (InitRng(&rng) < 0) { CYASSL_MSG("RNG init failed"); - return -1; + return SSL_FATAL_ERROR; } #ifdef CYASSL_KEY_GEN if (MakeRsaKey((RsaKey*)rsa->internal, bits, 65537, &rng) < 0) { CYASSL_MSG("MakeRsaKey failed"); - return -1; + return SSL_FATAL_ERROR; } if (SetRsaExternal(rsa) < 0) { CYASSL_MSG("SetRsaExternal failed"); - return -1; + return SSL_FATAL_ERROR; } rsa->inSet = 1; - return 1; /* success */ + return SSL_SUCCESS; #else CYASSL_MSG("No Key Gen built in"); - return -1; + return SSL_FATAL_ERROR; #endif } + /* SSL_SUCCESS on ok */ int CyaSSL_RSA_blinding_on(CYASSL_RSA* rsa, CYASSL_BN_CTX* bn) { (void)rsa; @@ -7029,7 +10677,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_RSA_blinding_on"); - return 1; /* on by default */ + return SSL_SUCCESS; /* on by default */ } @@ -7044,7 +10692,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_RSA_public_encrypt"); - return -1; + return SSL_FATAL_ERROR; } @@ -7059,7 +10707,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_RSA_private_decrypt"); - return -1; + return SSL_FATAL_ERROR; } @@ -7072,46 +10720,50 @@ static int initGlobalRNG = 0; return CyaSSL_BN_num_bytes(rsa->n); } +#endif /* NO_RSA */ - /* return 0 on success, < 0 otherwise */ +#ifndef NO_DSA + /* return SSL_SUCCESS on success, < 0 otherwise */ int CyaSSL_DSA_do_sign(const unsigned char* d, unsigned char* sigRet, CYASSL_DSA* dsa) { RNG tmpRNG; - RNG* rng = &tmpRNG; + RNG* rng = &tmpRNG; CYASSL_MSG("CyaSSL_DSA_do_sign"); if (d == NULL || sigRet == NULL || dsa == NULL) { CYASSL_MSG("Bad function arguments"); - return -1; + return SSL_FATAL_ERROR; } if (dsa->inSet == 0) { CYASSL_MSG("No DSA internal set"); - return -1; + return SSL_FATAL_ERROR; } if (InitRng(&tmpRNG) != 0) { CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return -1; + return SSL_FATAL_ERROR; } rng = &globalRNG; } if (DsaSign(d, sigRet, (DsaKey*)dsa->internal, rng) < 0) { CYASSL_MSG("DsaSign failed"); - return -1; + return SSL_FATAL_ERROR; } - return 0; + return SSL_SUCCESS; } +#endif /* NO_DSA */ - /* return 1 on success, 0 otherwise */ +#ifndef NO_RSA + /* return SSL_SUCCES on ok, 0 otherwise */ int CyaSSL_RSA_sign(int type, const unsigned char* m, unsigned int mLen, unsigned char* sigRet, unsigned int* sigLen, CYASSL_RSA* rsa) @@ -7120,7 +10772,7 @@ static int initGlobalRNG = 0; word32 outLen; word32 signSz; RNG tmpRNG; - RNG* rng = &tmpRNG; + RNG* rng = &tmpRNG; CYASSL_MSG("CyaSSL_RSA_sign"); @@ -7139,12 +10791,12 @@ static int initGlobalRNG = 0; CYASSL_MSG("Bad RSA size"); return 0; } - + if (InitRng(&tmpRNG) != 0) { CYASSL_MSG("Bad RNG Init, trying global"); if (initGlobalRNG == 0) { CYASSL_MSG("Global RNG no Init"); - return 0; + return 0; } rng = &globalRNG; } @@ -7177,7 +10829,7 @@ static int initGlobalRNG = 0; } CYASSL_MSG("CyaSSL_RSA_sign success"); - return 1; /* success */ + return SSL_SUCCESS; } @@ -7192,11 +10844,11 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_RSA_public_decrypt"); - return -1; + return SSL_FATAL_ERROR; } - /* generate p-1 and q-1 */ + /* generate p-1 and q-1, SSL_SUCCESS on ok */ int CyaSSL_RSA_GenAdd(CYASSL_RSA* rsa) { int err; @@ -7207,27 +10859,30 @@ static int initGlobalRNG = 0; if (rsa == NULL || rsa->p == NULL || rsa->q == NULL || rsa->d == NULL || rsa->dmp1 == NULL || rsa->dmq1 == NULL) { CYASSL_MSG("rsa no init error"); - return -1; + return SSL_FATAL_ERROR; } if (mp_init(&tmp) != MP_OKAY) { CYASSL_MSG("mp_init error"); - return -1; + return SSL_FATAL_ERROR; } err = mp_sub_d((mp_int*)rsa->p->internal, 1, &tmp); - if (err != MP_OKAY) + if (err != MP_OKAY) { CYASSL_MSG("mp_sub_d error"); + } else err = mp_mod((mp_int*)rsa->d->internal, &tmp, (mp_int*)rsa->dmp1->internal); - if (err != MP_OKAY) + if (err != MP_OKAY) { CYASSL_MSG("mp_mod error"); + } else err = mp_sub_d((mp_int*)rsa->q->internal, 1, &tmp); - if (err != MP_OKAY) + if (err != MP_OKAY) { CYASSL_MSG("mp_sub_d error"); + } else err = mp_mod((mp_int*)rsa->d->internal, &tmp, (mp_int*)rsa->dmq1->internal); @@ -7235,10 +10890,11 @@ static int initGlobalRNG = 0; mp_clear(&tmp); if (err == MP_OKAY) - return 0; + return SSL_SUCCESS; else - return -1; + return SSL_FATAL_ERROR; } +#endif /* NO_RSA */ void CyaSSL_HMAC_Init(CYASSL_HMAC_CTX* ctx, const void* key, int keylen, @@ -7262,7 +10918,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("sha256 hmac"); ctx->type = SHA256; } - + /* has to be last since would pick or 256, 384, or 512 too */ else if (XSTRNCMP(type, "SHA", 3) == 0) { CYASSL_MSG("sha hmac"); @@ -7276,6 +10932,7 @@ static int initGlobalRNG = 0; if (key && keylen) { CYASSL_MSG("keying hmac"); HmacSetKey(&ctx->hmac, ctx->type, (const byte*)key, (word32)keylen); + /* OpenSSL compat, no error */ } } @@ -7288,6 +10945,7 @@ static int initGlobalRNG = 0; if (ctx && data) { CYASSL_MSG("updating hmac"); HmacUpdate(&ctx->hmac, data, (word32)len); + /* OpenSSL compat, no error */ } } @@ -7300,6 +10958,7 @@ static int initGlobalRNG = 0; if (ctx && hash) { CYASSL_MSG("final hmac"); HmacFinal(&ctx->hmac, hash); + /* OpenSSL compat, no error */ if (len) { CYASSL_MSG("setting output len"); @@ -7339,11 +10998,9 @@ static int initGlobalRNG = 0; switch(id) { case NID_md5: return CyaSSL_EVP_md5(); - break; case NID_sha1: return CyaSSL_EVP_sha1(); - break; default: CYASSL_MSG("Bad digest id value"); @@ -7380,7 +11037,6 @@ static int initGlobalRNG = 0; case ARC4_TYPE: CYASSL_MSG("returning arc4 state"); return (void*)&ctx->cipher.arc4.x; - break; default: CYASSL_MSG("bad x state type"); @@ -7401,7 +11057,6 @@ static int initGlobalRNG = 0; case ARC4_TYPE: CYASSL_MSG("returning arc4 state size"); return sizeof(Arc4); - break; default: CYASSL_MSG("bad x state type"); @@ -7426,7 +11081,7 @@ static int initGlobalRNG = 0; } if (doset) - Des3_SetIV(&ctx->cipher.des3, iv); + Des3_SetIV(&ctx->cipher.des3, iv); /* OpenSSL compat, no ret */ else memcpy(iv, &ctx->cipher.des3.reg, DES_BLOCK_SIZE); } @@ -7445,7 +11100,7 @@ static int initGlobalRNG = 0; } if (doset) - AesSetIV(&ctx->cipher.aes, iv); + AesSetIV(&ctx->cipher.aes, iv); /* OpenSSL compat, no ret */ else memcpy(iv, &ctx->cipher.aes.reg, AES_BLOCK_SIZE); } @@ -7487,7 +11142,7 @@ static int initGlobalRNG = 0; /* has to be last since would pick or 256, 384, or 512 too */ else if (XSTRNCMP(type, "SHA", 3) == 0) { return SHA_DIGEST_SIZE; - } + } return BAD_FUNC_ARG; } @@ -7504,7 +11159,6 @@ static int initGlobalRNG = 0; case AES_256_CBC_TYPE : CYASSL_MSG("AES CBC"); return AES_BLOCK_SIZE; - break; #ifdef CYASSL_AES_COUNTER case AES_128_CTR_TYPE : @@ -7512,33 +11166,28 @@ static int initGlobalRNG = 0; case AES_256_CTR_TYPE : CYASSL_MSG("AES CTR"); return AES_BLOCK_SIZE; - break; #endif case DES_CBC_TYPE : CYASSL_MSG("DES CBC"); return DES_BLOCK_SIZE; - break; - + case DES_EDE3_CBC_TYPE : CYASSL_MSG("DES EDE3 CBC"); return DES_BLOCK_SIZE; - break; case ARC4_TYPE : CYASSL_MSG("ARC4"); return 0; - break; case NULL_CIPHER_TYPE : CYASSL_MSG("NULL"); return 0; - break; default: { CYASSL_MSG("bad type"); } - } + } return 0; } @@ -7566,7 +11215,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_PEM_write_bio_RSAPrivateKey"); - return -1; + return SSL_FATAL_ERROR; } @@ -7586,7 +11235,7 @@ static int initGlobalRNG = 0; CYASSL_MSG("CyaSSL_PEM_write_bio_DSAPrivateKey"); - return -1; + return SSL_FATAL_ERROR; } @@ -7606,51 +11255,8 @@ static int initGlobalRNG = 0; -/* Return bytes written to buff or < 0 for error */ -int CyaSSL_KeyPemToDer(const unsigned char* pem, int pemSz, unsigned char* buff, - int buffSz, const char* pass) -{ - EncryptedInfo info; - int eccKey = 0; - int ret; - buffer der; - - (void)pass; - - CYASSL_ENTER("CyaSSL_KeyPemToDer"); - - if (pem == NULL || buff == NULL || buffSz <= 0) { - CYASSL_MSG("Bad pem der args"); - return BAD_FUNC_ARG; - } - - info.set = 0; - info.ctx = NULL; - info.consumed = 0; - der.buffer = NULL; - - ret = PemToDer(pem, pemSz, PRIVATEKEY_TYPE, &der, NULL, &info, &eccKey); - if (ret < 0) { - CYASSL_MSG("Bad Pem To Der"); - } - else { - if (der.length <= (word32)buffSz) { - XMEMCPY(buff, der.buffer, der.length); - ret = der.length; - } - else { - CYASSL_MSG("Bad der length"); - ret = BAD_FUNC_ARG; - } - } - - XFREE(der.buffer, NULL, DYANMIC_KEY_TYPE); - - return ret; -} - - -/* Load RSA from Der, 0 on success < 0 on error */ +#ifndef NO_RSA +/* Load RSA from Der, SSL_SUCCESS on success < 0 on error */ int CyaSSL_RSA_LoadDer(CYASSL_RSA* rsa, const unsigned char* der, int derSz) { word32 idx = 0; @@ -7671,16 +11277,18 @@ int CyaSSL_RSA_LoadDer(CYASSL_RSA* rsa, const unsigned char* der, int derSz) if (SetRsaExternal(rsa) < 0) { CYASSL_MSG("SetRsaExternal failed"); - return -1; + return SSL_FATAL_ERROR; } rsa->inSet = 1; - return 0; + return SSL_SUCCESS; } +#endif /* NO_RSA */ -/* Load DSA from Der, 0 on success < 0 on error */ +#ifndef NO_DSA +/* Load DSA from Der, SSL_SUCCESS on success < 0 on error */ int CyaSSL_DSA_LoadDer(CYASSL_DSA* dsa, const unsigned char* der, int derSz) { word32 idx = 0; @@ -7701,14 +11309,14 @@ int CyaSSL_DSA_LoadDer(CYASSL_DSA* dsa, const unsigned char* der, int derSz) if (SetDsaExternal(dsa) < 0) { CYASSL_MSG("SetDsaExternal failed"); - return -1; + return SSL_FATAL_ERROR; } dsa->inSet = 1; - return 0; + return SSL_SUCCESS; } - +#endif /* NO_DSA */ @@ -7763,8 +11371,49 @@ byte* CyaSSL_get_chain_cert(CYASSL_X509_CHAIN* chain, int idx) } +/* Get peer's CyaSSL X509 ceritifcate at index (idx) */ +CYASSL_X509* CyaSSL_get_chain_X509(CYASSL_X509_CHAIN* chain, int idx) +{ + int ret; + CYASSL_X509* x509; + DecodedCert dCert; + + CYASSL_ENTER("CyaSSL_get_chain_X509"); + if (chain == NULL) + return NULL; + + InitDecodedCert(&dCert, chain->certs[idx].buffer, chain->certs[idx].length, + NULL); + ret = ParseCertRelative(&dCert, CERT_TYPE, 0, NULL); + if (ret != 0) { + CYASSL_MSG("Failed to parse cert"); + FreeDecodedCert(&dCert); + return NULL; + } + + x509 = (CYASSL_X509*)XMALLOC(sizeof(CYASSL_X509), NULL, DYNAMIC_TYPE_X509); + if (x509 == NULL) { + CYASSL_MSG("Failed alloc X509"); + FreeDecodedCert(&dCert); + return NULL; + } + InitX509(x509, 1); + + ret = CopyDecodedToX509(x509, &dCert); + if (ret != 0) { + CYASSL_MSG("Failed to copy decoded"); + XFREE(x509, NULL, DYNAMIC_TYPE_X509); + x509 = NULL; + } + FreeDecodedCert(&dCert); + + return x509; +} + + /* Get peer's PEM ceritifcate at index (idx), output to buffer if inLen big - enough else return error (-1), output length is in *outLen */ + enough else return error (-1), output length is in *outLen + SSL_SUCCESS on ok */ int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN* chain, int idx, unsigned char* buf, int inLen, int* outLen) { @@ -7799,9 +11448,9 @@ int CyaSSL_get_chain_cert_pem(CYASSL_X509_CHAIN* chain, int idx, if ( (i + footerLen) > inLen) return BAD_FUNC_ARG; XMEMCPY(buf + i, footer, footerLen); - *outLen += headerLen + footerLen; + *outLen += headerLen + footerLen; - return 0; + return SSL_SUCCESS; } @@ -7819,34 +11468,164 @@ const byte* CyaSSL_get_sessionID(const CYASSL_SESSION* session) #endif /* SESSION_CERTS */ -long CyaSSL_CTX_OCSP_set_options(CYASSL_CTX* ctx, long options) +#ifndef NO_CERTS +#ifdef HAVE_PK_CALLBACKS + +#ifdef HAVE_ECC + +void CyaSSL_CTX_SetEccSignCb(CYASSL_CTX* ctx, CallbackEccSign cb) { - CYASSL_ENTER("CyaSSL_CTX_OCSP_set_options"); -#ifdef HAVE_OCSP - if (ctx != NULL) { - ctx->ocsp.enabled = (options & CYASSL_OCSP_ENABLE) != 0; - ctx->ocsp.useOverrideUrl = (options & CYASSL_OCSP_URL_OVERRIDE) != 0; - return 1; - } - return 0; -#else - (void)ctx; - (void)options; - return NOT_COMPILED_IN; -#endif + if (ctx) + ctx->EccSignCb = cb; } -int CyaSSL_CTX_OCSP_set_override_url(CYASSL_CTX* ctx, const char* url) +void CyaSSL_SetEccSignCtx(CYASSL* ssl, void *ctx) { - CYASSL_ENTER("CyaSSL_CTX_OCSP_set_override_url"); -#ifdef HAVE_OCSP - return CyaSSL_OCSP_set_override_url(&ctx->ocsp, url); -#else - (void)ctx; - (void)url; - return NOT_COMPILED_IN; -#endif + if (ssl) + ssl->EccSignCtx = ctx; +} + + +void* CyaSSL_GetEccSignCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->EccSignCtx; + + return NULL; +} + + +void CyaSSL_CTX_SetEccVerifyCb(CYASSL_CTX* ctx, CallbackEccVerify cb) +{ + if (ctx) + ctx->EccVerifyCb = cb; +} + + +void CyaSSL_SetEccVerifyCtx(CYASSL* ssl, void *ctx) +{ + if (ssl) + ssl->EccVerifyCtx = ctx; +} + + +void* CyaSSL_GetEccVerifyCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->EccVerifyCtx; + + return NULL; +} + +#endif /* HAVE_ECC */ + +#ifndef NO_RSA + +void CyaSSL_CTX_SetRsaSignCb(CYASSL_CTX* ctx, CallbackRsaSign cb) +{ + if (ctx) + ctx->RsaSignCb = cb; +} + + +void CyaSSL_SetRsaSignCtx(CYASSL* ssl, void *ctx) +{ + if (ssl) + ssl->RsaSignCtx = ctx; } +void* CyaSSL_GetRsaSignCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->RsaSignCtx; + + return NULL; +} + + +void CyaSSL_CTX_SetRsaVerifyCb(CYASSL_CTX* ctx, CallbackRsaVerify cb) +{ + if (ctx) + ctx->RsaVerifyCb = cb; +} + + +void CyaSSL_SetRsaVerifyCtx(CYASSL* ssl, void *ctx) +{ + if (ssl) + ssl->RsaVerifyCtx = ctx; +} + + +void* CyaSSL_GetRsaVerifyCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->RsaVerifyCtx; + + return NULL; +} + +void CyaSSL_CTX_SetRsaEncCb(CYASSL_CTX* ctx, CallbackRsaEnc cb) +{ + if (ctx) + ctx->RsaEncCb = cb; +} + + +void CyaSSL_SetRsaEncCtx(CYASSL* ssl, void *ctx) +{ + if (ssl) + ssl->RsaEncCtx = ctx; +} + + +void* CyaSSL_GetRsaEncCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->RsaEncCtx; + + return NULL; +} + +void CyaSSL_CTX_SetRsaDecCb(CYASSL_CTX* ctx, CallbackRsaDec cb) +{ + if (ctx) + ctx->RsaDecCb = cb; +} + + +void CyaSSL_SetRsaDecCtx(CYASSL* ssl, void *ctx) +{ + if (ssl) + ssl->RsaDecCtx = ctx; +} + + +void* CyaSSL_GetRsaDecCtx(CYASSL* ssl) +{ + if (ssl) + return ssl->RsaDecCtx; + + return NULL; +} + + +#endif /* NO_RSA */ + +#endif /* HAVE_PK_CALLBACKS */ +#endif /* NO_CERTS */ + + +#ifdef CYASSL_HAVE_WOLFSCEP + /* Used by autoconf to see if wolfSCEP is available */ + void CyaSSL_wolfSCEP(void) {} +#endif + + +#ifdef CYASSL_HAVE_CERT_SERVICE + /* Used by autoconf to see if cert service is available */ + void CyaSSL_cert_service(void) {} +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/src/tls.c b/FreeRTOS-Plus/Source/CyaSSL/src/tls.c index f5ef46007..edac823a9 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/src/tls.c +++ b/FreeRTOS-Plus/Source/CyaSSL/src/tls.c @@ -1,6 +1,6 @@ /* tls.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,16 +16,18 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #include #include -#include +#include #include @@ -43,16 +45,6 @@ #endif /* min */ -/* calculate XOR for TLSv1 PRF */ -static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha) -{ - word32 i; - - for (i = 0; i < digLen; i++) - digest[i] = md5[i] ^ sha[i]; -} - - #ifdef CYASSL_SHA384 #define PHASH_MAX_DIGEST_SIZE SHA384_DIGEST_SIZE #else @@ -60,70 +52,123 @@ static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha) #endif /* compute p_hash for MD5, SHA-1, SHA-256, or SHA-384 for TLSv1 PRF */ -static void p_hash(byte* result, word32 resLen, const byte* secret, +static int p_hash(byte* result, word32 resLen, const byte* secret, word32 secLen, const byte* seed, word32 seedLen, int hash) { - word32 len = MD5_DIGEST_SIZE; + word32 len = PHASH_MAX_DIGEST_SIZE; word32 times; word32 lastLen; word32 lastTime; word32 i; word32 idx = 0; + int ret; byte previous[PHASH_MAX_DIGEST_SIZE]; /* max size */ byte current[PHASH_MAX_DIGEST_SIZE]; /* max size */ Hmac hmac; - if (hash == md5_mac) { - hash = MD5; - } - else if (hash == sha_mac) { - len = SHA_DIGEST_SIZE; - hash = SHA; - } else if (hash == sha256_mac) { - len = SHA256_DIGEST_SIZE; - hash = SHA256; - } -#ifdef CYASSL_SHA384 - else if (hash == sha384_mac) - { - len = SHA384_DIGEST_SIZE; - hash = SHA384; - } + switch (hash) { + #ifndef NO_MD5 + case md5_mac: + { + len = MD5_DIGEST_SIZE; + hash = MD5; + } + break; + #endif + #ifndef NO_SHA256 + case sha256_mac: + { + len = SHA256_DIGEST_SIZE; + hash = SHA256; + } + break; + #endif + #ifdef CYASSL_SHA384 + case sha384_mac: + { + len = SHA384_DIGEST_SIZE; + hash = SHA384; + } + break; + #endif +#ifndef NO_SHA + case sha_mac: + default: + { + len = SHA_DIGEST_SIZE; + hash = SHA; + } + break; #endif + } times = resLen / len; lastLen = resLen % len; if (lastLen) times += 1; lastTime = times - 1; - HmacSetKey(&hmac, hash, secret, secLen); - HmacUpdate(&hmac, seed, seedLen); /* A0 = seed */ - HmacFinal(&hmac, previous); /* A1 */ + ret = HmacSetKey(&hmac, hash, secret, secLen); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, seed, seedLen); /* A0 = seed */ + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, previous); /* A1 */ + if (ret != 0) + return ret; for (i = 0; i < times; i++) { - HmacUpdate(&hmac, previous, len); - HmacUpdate(&hmac, seed, seedLen); - HmacFinal(&hmac, current); + ret = HmacUpdate(&hmac, previous, len); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, seed, seedLen); + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, current); + if (ret != 0) + return ret; if ( (i == lastTime) && lastLen) XMEMCPY(&result[idx], current, min(lastLen, sizeof(current))); else { XMEMCPY(&result[idx], current, len); idx += len; - HmacUpdate(&hmac, previous, len); - HmacFinal(&hmac, previous); + ret = HmacUpdate(&hmac, previous, len); + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, previous); + if (ret != 0) + return ret; } } + XMEMSET(previous, 0, sizeof previous); + XMEMSET(current, 0, sizeof current); + XMEMSET(&hmac, 0, sizeof hmac); + + return 0; } +#ifndef NO_OLD_TLS + +/* calculate XOR for TLSv1 PRF */ +static INLINE void get_xor(byte *digest, word32 digLen, byte* md5, byte* sha) +{ + word32 i; + + for (i = 0; i < digLen; i++) + digest[i] = md5[i] ^ sha[i]; +} + + /* compute TLSv1 PRF (pseudo random function using HMAC) */ -static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen, - const byte* label, word32 labLen, const byte* seed, word32 seedLen, - int useAtLeastSha256, int hash_type) +static int doPRF(byte* digest, word32 digLen, const byte* secret,word32 secLen, + const byte* label, word32 labLen, const byte* seed, + word32 seedLen) { + int ret; word32 half = (secLen + 1) / 2; byte md5_half[MAX_PRF_HALF]; /* half is real size */ @@ -133,11 +178,14 @@ static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen, byte sha_result[MAX_PRF_DIG]; /* digLen is real size */ if (half > MAX_PRF_HALF) - return; + return BUFFER_E; if (labLen + seedLen > MAX_PRF_LABSEED) - return; + return BUFFER_E; if (digLen > MAX_PRF_DIG) - return; + return BUFFER_E; + + XMEMSET(md5_result, 0, digLen); + XMEMSET(sha_result, 0, digLen); XMEMCPY(md5_half, secret, half); XMEMCPY(sha_half, secret + half - secLen % 2, half); @@ -145,21 +193,54 @@ static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen, XMEMCPY(labelSeed, label, labLen); XMEMCPY(labelSeed + labLen, seed, seedLen); + ret = p_hash(md5_result, digLen, md5_half, half, labelSeed, + labLen + seedLen, md5_mac); + if (ret != 0) + return ret; + ret = p_hash(sha_result, digLen, sha_half, half, labelSeed, + labLen + seedLen, sha_mac); + if (ret != 0) + return ret; + get_xor(digest, digLen, md5_result, sha_result); + + return 0; +} + +#endif + + +/* Wrapper to call straight thru to p_hash in TSL 1.2 cases to remove stack + use */ +static int PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen, + const byte* label, word32 labLen, const byte* seed, word32 seedLen, + int useAtLeastSha256, int hash_type) +{ + int ret = 0; + if (useAtLeastSha256) { + byte labelSeed[MAX_PRF_LABSEED]; /* labLen + seedLen is real size */ + + if (labLen + seedLen > MAX_PRF_LABSEED) + return BUFFER_E; + + XMEMCPY(labelSeed, label, labLen); + XMEMCPY(labelSeed + labLen, seed, seedLen); + /* If a cipher suite wants an algorithm better than sha256, it * should use better. */ if (hash_type < sha256_mac) hash_type = sha256_mac; - p_hash(digest, digLen, secret, secLen, labelSeed, labLen + seedLen, - hash_type); - return; + ret = p_hash(digest, digLen, secret, secLen, labelSeed, + labLen + seedLen, hash_type); } +#ifndef NO_OLD_TLS + else { + ret = doPRF(digest, digLen, secret, secLen, label, labLen, seed, + seedLen); + } +#endif - p_hash(md5_result, digLen, md5_half, half, labelSeed, labLen + seedLen, - md5_mac); - p_hash(sha_result, digLen, sha_half, half, labelSeed, labLen + seedLen, - sha_mac); - get_xor(digest, digLen, md5_result, sha_result); + return ret; } @@ -170,24 +251,35 @@ static void PRF(byte* digest, word32 digLen, const byte* secret, word32 secLen, #endif -void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) +int BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) { const byte* side; byte handshake_hash[HSHASH_SZ]; word32 hashSz = FINISHED_SZ; +#ifndef NO_OLD_TLS Md5Final(&ssl->hashMd5, handshake_hash); ShaFinal(&ssl->hashSha, &handshake_hash[MD5_DIGEST_SIZE]); +#endif + if (IsAtLeastTLSv1_2(ssl)) { #ifndef NO_SHA256 if (ssl->specs.mac_algorithm <= sha256_mac) { - Sha256Final(&ssl->hashSha256, handshake_hash); + int ret = Sha256Final(&ssl->hashSha256, handshake_hash); + + if (ret != 0) + return ret; + hashSz = SHA256_DIGEST_SIZE; } #endif #ifdef CYASSL_SHA384 if (ssl->specs.mac_algorithm == sha384_mac) { - Sha384Final(&ssl->hashSha384, handshake_hash); + int ret = Sha384Final(&ssl->hashSha384, handshake_hash); + + if (ret != 0) + return ret; + hashSz = SHA384_DIGEST_SIZE; } #endif @@ -198,12 +290,14 @@ void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) else side = tls_server; - PRF(hashes->md5, TLS_FINISHED_SZ, ssl->arrays.masterSecret, SECRET_LEN, - side, FINISHED_LABEL_SZ, handshake_hash, hashSz, IsAtLeastTLSv1_2(ssl), - ssl->specs.mac_algorithm); + return PRF((byte*)hashes, TLS_FINISHED_SZ, ssl->arrays->masterSecret, + SECRET_LEN, side, FINISHED_LABEL_SZ, handshake_hash, hashSz, + IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm); } +#ifndef NO_OLD_TLS + ProtocolVersion MakeTLSv1(void) { ProtocolVersion pv; @@ -223,6 +317,8 @@ ProtocolVersion MakeTLSv1_1(void) return pv; } +#endif + ProtocolVersion MakeTLSv1_2(void) { @@ -240,18 +336,21 @@ static const byte key_label [KEY_LABEL_SZ + 1] = "key expansion"; int DeriveTlsKeys(CYASSL* ssl) { + int ret; int length = 2 * ssl->specs.hash_size + 2 * ssl->specs.key_size + 2 * ssl->specs.iv_size; byte seed[SEED_LEN]; byte key_data[MAX_PRF_DIG]; - XMEMCPY(seed, ssl->arrays.serverRandom, RAN_LEN); - XMEMCPY(&seed[RAN_LEN], ssl->arrays.clientRandom, RAN_LEN); + XMEMCPY(seed, ssl->arrays->serverRandom, RAN_LEN); + XMEMCPY(&seed[RAN_LEN], ssl->arrays->clientRandom, RAN_LEN); - PRF(key_data, length, ssl->arrays.masterSecret, SECRET_LEN, key_label, - KEY_LABEL_SZ, seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), - ssl->specs.mac_algorithm); + ret = PRF(key_data, length, ssl->arrays->masterSecret, SECRET_LEN, + key_label, KEY_LABEL_SZ, seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), + ssl->specs.mac_algorithm); + if (ret != 0) + return ret; return StoreKeys(ssl, key_data); } @@ -259,22 +358,25 @@ int DeriveTlsKeys(CYASSL* ssl) int MakeTlsMasterSecret(CYASSL* ssl) { + int ret; byte seed[SEED_LEN]; - XMEMCPY(seed, ssl->arrays.clientRandom, RAN_LEN); - XMEMCPY(&seed[RAN_LEN], ssl->arrays.serverRandom, RAN_LEN); + XMEMCPY(seed, ssl->arrays->clientRandom, RAN_LEN); + XMEMCPY(&seed[RAN_LEN], ssl->arrays->serverRandom, RAN_LEN); - PRF(ssl->arrays.masterSecret, SECRET_LEN, - ssl->arrays.preMasterSecret, ssl->arrays.preMasterSz, - master_label, MASTER_LABEL_SZ, - seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm); + ret = PRF(ssl->arrays->masterSecret, SECRET_LEN, + ssl->arrays->preMasterSecret, ssl->arrays->preMasterSz, + master_label, MASTER_LABEL_SZ, + seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm); + if (ret != 0) + return ret; #ifdef SHOW_SECRETS { int i; printf("master secret: "); for (i = 0; i < SECRET_LEN; i++) - printf("%02x", ssl->arrays.masterSecret[i]); + printf("%02x", ssl->arrays->masterSecret[i]); printf("\n"); } #endif @@ -283,15 +385,52 @@ int MakeTlsMasterSecret(CYASSL* ssl) } -/*** next for static INLINE s copied from cyassl_int.c ***/ +/* Used by EAP-TLS and EAP-TTLS to derive keying material from + * the master_secret. */ +int CyaSSL_make_eap_keys(CYASSL* ssl, void* msk, unsigned int len, + const char* label) +{ + byte seed[SEED_LEN]; + + /* + * As per RFC-5281, the order of the client and server randoms is reversed + * from that used by the TLS protocol to derive keys. + */ + XMEMCPY(seed, ssl->arrays->clientRandom, RAN_LEN); + XMEMCPY(&seed[RAN_LEN], ssl->arrays->serverRandom, RAN_LEN); + + return PRF((byte*)msk, len, + ssl->arrays->masterSecret, SECRET_LEN, + (const byte *)label, (word32)strlen(label), + seed, SEED_LEN, IsAtLeastTLSv1_2(ssl), ssl->specs.mac_algorithm); + +} + + +/*** next for static INLINE s copied internal.c ***/ /* convert 16 bit integer to opaque */ -INLINE static void c16toa(word16 u16, byte* c) +static INLINE void c16toa(word16 u16, byte* c) { c[0] = (u16 >> 8) & 0xff; c[1] = u16 & 0xff; } +#ifdef HAVE_TLS_EXTENSIONS +/* convert opaque to 16 bit integer */ +static INLINE void ato16(const byte* c, word16* u16) +{ + *u16 = (c[0] << 8) | (c[1]); +} + +#ifdef HAVE_SNI +/* convert a 24 bit integer into a 32 bit one */ +static INLINE void c24to32(const word24 u24, word32* u32) +{ + *u32 = (u24[0] << 16) | (u24[1] << 8) | u24[2]; +} +#endif +#endif /* convert 32 bit integer to opaque */ static INLINE void c32toa(word32 u32, byte* c) @@ -308,7 +447,7 @@ static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify) #ifdef CYASSL_DTLS if (ssl->options.dtls) { if (verify) - return ssl->keys.dtls_peer_sequence_number; /* explicit from peer */ + return ssl->keys.dtls_state.curSeq; /* explicit from peer */ else return ssl->keys.dtls_sequence_number - 1; /* already incremented */ } @@ -325,207 +464,1514 @@ static INLINE word32 GetSEQIncrement(CYASSL* ssl, int verify) static INLINE word32 GetEpoch(CYASSL* ssl, int verify) { if (verify) - return ssl->keys.dtls_peer_epoch; + return ssl->keys.dtls_state.curEpoch; else - return ssl->keys.dtls_epoch; + return ssl->keys.dtls_epoch; } #endif /* CYASSL_DTLS */ -static INLINE const byte* GetMacSecret(CYASSL* ssl, int verify) +/*** end copy ***/ + + +/* return HMAC digest type in CyaSSL format */ +int CyaSSL_GetHmacType(CYASSL* ssl) { - if ( (ssl->options.side == CLIENT_END && !verify) || - (ssl->options.side == SERVER_END && verify) ) - return ssl->keys.client_write_MAC_secret; - else - return ssl->keys.server_write_MAC_secret; + if (ssl == NULL) + return BAD_FUNC_ARG; + + switch (ssl->specs.mac_algorithm) { + #ifndef NO_MD5 + case md5_mac: + { + return MD5; + } + #endif + #ifndef NO_SHA256 + case sha256_mac: + { + return SHA256; + } + #endif + #ifdef CYASSL_SHA384 + case sha384_mac: + { + return SHA384; + } + + #endif + #ifndef NO_SHA + case sha_mac: + { + return SHA; + } + #endif + #ifdef HAVE_BLAKE2 + case blake2b_mac: + { + return BLAKE2B_ID; + } + #endif + default: + { + return SSL_FATAL_ERROR; + } + } } -/*** end copy ***/ + +int CyaSSL_SetTlsHmacInner(CYASSL* ssl, byte* inner, word32 sz, int content, + int verify) +{ + if (ssl == NULL || inner == NULL) + return BAD_FUNC_ARG; + + XMEMSET(inner, 0, CYASSL_TLS_HMAC_INNER_SZ); + +#ifdef CYASSL_DTLS + if (ssl->options.dtls) + c16toa((word16)GetEpoch(ssl, verify), inner); +#endif + c32toa(GetSEQIncrement(ssl, verify), &inner[sizeof(word32)]); + inner[SEQ_SZ] = (byte)content; + inner[SEQ_SZ + ENUM_LEN] = ssl->version.major; + inner[SEQ_SZ + ENUM_LEN + ENUM_LEN] = ssl->version.minor; + c16toa((word16)sz, inner + SEQ_SZ + ENUM_LEN + VERSION_SZ); + + return 0; +} /* TLS type HMAC */ -void TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, +int TLS_hmac(CYASSL* ssl, byte* digest, const byte* in, word32 sz, int content, int verify) { Hmac hmac; - byte seq[SEQ_SZ] = { 0x00, 0x00, 0x00, 0x00 }; - byte length[LENGTH_SZ]; - byte inner[ENUM_LEN + VERSION_SZ + LENGTH_SZ]; /* type + version +len */ - int type; + int ret; + byte myInner[CYASSL_TLS_HMAC_INNER_SZ]; - c16toa((word16)sz, length); -#ifdef CYASSL_DTLS - if (ssl->options.dtls) - c16toa(GetEpoch(ssl, verify), seq); -#endif - c32toa(GetSEQIncrement(ssl, verify), &seq[sizeof(word32)]); - - if (ssl->specs.mac_algorithm == md5_mac) - type = MD5; - else if (ssl->specs.mac_algorithm == sha_mac) - type = SHA; - else - type = SHA256; - HmacSetKey(&hmac, type, GetMacSecret(ssl, verify), ssl->specs.hash_size); + if (ssl == NULL) + return BAD_FUNC_ARG; - HmacUpdate(&hmac, seq, SEQ_SZ); /* seq_num */ - inner[0] = (byte)content; /* type */ - inner[ENUM_LEN] = ssl->version.major; - inner[ENUM_LEN + ENUM_LEN] = ssl->version.minor; /* version */ - XMEMCPY(&inner[ENUM_LEN + VERSION_SZ], length, LENGTH_SZ); /* length */ - HmacUpdate(&hmac, inner, sizeof(inner)); - HmacUpdate(&hmac, in, sz); /* content */ - HmacFinal(&hmac, digest); + CyaSSL_SetTlsHmacInner(ssl, myInner, sz, content, verify); + + ret = HmacSetKey(&hmac, CyaSSL_GetHmacType(ssl), + CyaSSL_GetMacSecret(ssl, verify), ssl->specs.hash_size); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, myInner, sizeof(myInner)); + if (ret != 0) + return ret; + ret = HmacUpdate(&hmac, in, sz); /* content */ + if (ret != 0) + return ret; + ret = HmacFinal(&hmac, digest); + if (ret != 0) + return ret; + + return 0; } +#ifdef HAVE_TLS_EXTENSIONS -#ifndef NO_CYASSL_CLIENT +#define IS_OFF(semaphore, light) \ + ((semaphore)[(light) / 8] ^ (byte) (0x01 << ((light) % 8))) - CYASSL_METHOD* CyaTLSv1_client_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - if (method) - InitSSL_Method(method, MakeTLSv1()); - return method; - } +#define TURN_ON(semaphore, light) \ + ((semaphore)[(light) / 8] |= (byte) (0x01 << ((light) % 8))) +static int TLSX_Append(TLSX** list, TLSX_Type type) +{ + TLSX* extension; - CYASSL_METHOD* CyaTLSv1_1_client_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - if (method) - InitSSL_Method(method, MakeTLSv1_1()); - return method; - } + if (list == NULL) /* won't check type since this function is static */ + return BAD_FUNC_ARG; + if ((extension = XMALLOC(sizeof(TLSX), 0, DYNAMIC_TYPE_TLSX)) == NULL) + return MEMORY_E; -#ifndef NO_SHA256 /* can't use without SHA256 */ + extension->type = type; + extension->data = NULL; + extension->resp = 0; + extension->next = *list; + *list = extension; - CYASSL_METHOD* CyaTLSv1_2_client_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - if (method) - InitSSL_Method(method, MakeTLSv1_2()); - return method; - } + return 0; +} -#endif +#ifndef NO_CYASSL_SERVER +void TLSX_SetResponse(CYASSL* ssl, TLSX_Type type); + +void TLSX_SetResponse(CYASSL* ssl, TLSX_Type type) +{ + TLSX *ext = TLSX_Find(ssl->extensions, type); + + if (ext) + ext->resp = 1; +} - CYASSL_METHOD* CyaSSLv23_client_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - if (method) { -#ifndef NO_SHA256 /* 1.2 requires SHA256 */ - InitSSL_Method(method, MakeTLSv1_2()); -#else - InitSSL_Method(method, MakeTLSv1_1()); #endif - method->downgrade = 1; + +/* SNI - Server Name Indication */ + +#ifdef HAVE_SNI + +static void TLSX_SNI_Free(SNI* sni) +{ + if (sni) { + switch (sni->type) { + case CYASSL_SNI_HOST_NAME: + XFREE(sni->data.host_name, 0, DYNAMIC_TYPE_TLSX); + break; } - return method; + + XFREE(sni, 0, DYNAMIC_TYPE_TLSX); } +} + +static void TLSX_SNI_FreeAll(SNI* list) +{ + SNI* sni; + while ((sni = list)) { + list = sni->next; + TLSX_SNI_Free(sni); + } +} -#endif /* NO_CYASSL_CLIENT */ +static int TLSX_SNI_Append(SNI** list, byte type, const void* data, word16 size) +{ + SNI* sni; + if (list == NULL) + return BAD_FUNC_ARG; + if ((sni = XMALLOC(sizeof(SNI), 0, DYNAMIC_TYPE_TLSX)) == NULL) + return MEMORY_E; -#ifndef NO_CYASSL_SERVER + switch (type) { + case CYASSL_SNI_HOST_NAME: { + sni->data.host_name = XMALLOC(size + 1, 0, DYNAMIC_TYPE_TLSX); - CYASSL_METHOD* CyaTLSv1_server_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - if (method) { - InitSSL_Method(method, MakeTLSv1()); - method->side = SERVER_END; + if (sni->data.host_name) { + XSTRNCPY(sni->data.host_name, (const char*) data, size); + sni->data.host_name[size] = 0; + } else { + XFREE(sni, 0, DYNAMIC_TYPE_TLSX); + return MEMORY_E; + } } - return method; + break; + + default: /* invalid type */ + XFREE(sni, 0, DYNAMIC_TYPE_TLSX); + return BAD_FUNC_ARG; } + sni->type = type; + sni->next = *list; - CYASSL_METHOD* CyaTLSv1_1_server_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - if (method) { - InitSSL_Method(method, MakeTLSv1_1()); - method->side = SERVER_END; - } - return method; - } +#ifndef NO_CYASSL_SERVER + sni->options = 0; + sni->status = CYASSL_SNI_NO_MATCH; +#endif + *list = sni; -#ifndef NO_SHA256 /* can't use without SHA256 */ + return 0; +} - CYASSL_METHOD* CyaTLSv1_2_server_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - if (method) { - InitSSL_Method(method, MakeTLSv1_2()); - method->side = SERVER_END; +static word16 TLSX_SNI_GetSize(SNI* list) +{ + SNI* sni; + word16 length = OPAQUE16_LEN; /* list length */ + + while ((sni = list)) { + list = sni->next; + + length += ENUM_LEN + OPAQUE16_LEN; /* sni type + sni length */ + + switch (sni->type) { + case CYASSL_SNI_HOST_NAME: + length += XSTRLEN((char*) sni->data.host_name); + break; } - return method; } -#endif + return length; +} +static word16 TLSX_SNI_Write(SNI* list, byte* output) +{ + SNI* sni; + word16 length = 0; + word16 offset = OPAQUE16_LEN; /* list length offset */ - CYASSL_METHOD* CyaSSLv23_server_method(void) - { - CYASSL_METHOD* method = - (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, - DYNAMIC_TYPE_METHOD); - if (method) { -#ifndef NO_SHA256 /* 1.2 requires SHA256 */ - InitSSL_Method(method, MakeTLSv1_2()); -#else - InitSSL_Method(method, MakeTLSv1_1()); -#endif - method->side = SERVER_END; - method->downgrade = 1; + while ((sni = list)) { + list = sni->next; + + output[offset++] = sni->type; /* sni type */ + + switch (sni->type) { + case CYASSL_SNI_HOST_NAME: + length = XSTRLEN((char*) sni->data.host_name); + + c16toa(length, output + offset); /* sni length */ + offset += OPAQUE16_LEN; + + XMEMCPY(output + offset, sni->data.host_name, length); + + offset += length; + break; } - return method; } + c16toa(offset - OPAQUE16_LEN, output); /* writing list length */ + return offset; +} -#endif /* NO_CYASSL_SERVER */ +static SNI* TLSX_SNI_Find(SNI *list, byte type) +{ + SNI *sni = list; -#else /* NO_TLS */ + while (sni && sni->type != type) + sni = sni->next; -/* catch CyaSSL programming errors */ -void BuildTlsFinished(CYASSL* ssl, Hashes* hashes, const byte* sender) -{ - + return sni; } - -int DeriveTlsKeys(CYASSL* ssl) +#ifndef NO_CYASSL_SERVER +static void TLSX_SNI_SetStatus(TLSX* extensions, byte type, byte status) { - return NOT_COMPILED_IN; + TLSX* extension = TLSX_Find(extensions, SERVER_NAME_INDICATION); + SNI* sni = TLSX_SNI_Find(extension ? extension->data : NULL, type); + + if (sni) { + sni->status = status; + CYASSL_MSG("SNI did match!"); + } } +byte TLSX_SNI_Status(TLSX* extensions, byte type) +{ + TLSX* extension = TLSX_Find(extensions, SERVER_NAME_INDICATION); + SNI* sni = TLSX_SNI_Find(extension ? extension->data : NULL, type); -int MakeTlsMasterSecret(CYASSL* ssl) -{ - return NOT_COMPILED_IN; + if (sni) + return sni->status; + + return 0; } +#endif + +static int TLSX_SNI_Parse(CYASSL* ssl, byte* input, word16 length, + byte isRequest) +{ +#ifndef NO_CYASSL_SERVER + word16 size = 0; + word16 offset = 0; +#endif + + TLSX *extension = TLSX_Find(ssl->extensions, SERVER_NAME_INDICATION); + + if (!extension) + extension = TLSX_Find(ssl->ctx->extensions, SERVER_NAME_INDICATION); + + if (!extension || !extension->data) + return isRequest ? 0 : BUFFER_ERROR; /* not using SNI OR unexpected + SNI response from server. */ + + if (!isRequest) + return length ? BUFFER_ERROR : 0; /* SNI response must be empty! + Nothing else to do. */ + +#ifndef NO_CYASSL_SERVER + + if (OPAQUE16_LEN > length) + return BUFFER_ERROR; + + ato16(input, &size); + offset += OPAQUE16_LEN; + + /* validating sni list length */ + if (length != OPAQUE16_LEN + size) + return BUFFER_ERROR; + + for (size = 0; offset < length; offset += size) { + SNI *sni; + byte type = input[offset++]; + + if (offset + OPAQUE16_LEN > length) + return BUFFER_ERROR; + + ato16(input + offset, &size); + offset += OPAQUE16_LEN; + + if (offset + size > length) + return BUFFER_ERROR; + + if (!(sni = TLSX_SNI_Find((SNI *) extension->data, type))) { + continue; /* not using this SNI type */ + } + + switch(type) { + case CYASSL_SNI_HOST_NAME: { + byte matched = (XSTRLEN(sni->data.host_name) == size) + && (XSTRNCMP(sni->data.host_name, + (const char *) input + offset, size) == 0); + if (matched || sni->options & CYASSL_SNI_ANSWER_ON_MISMATCH) { + int r = TLSX_UseSNI(&ssl->extensions, + type, input + offset, size); + + if (r != SSL_SUCCESS) return r; /* throw error */ + + TLSX_SNI_SetStatus(ssl->extensions, type, + matched ? CYASSL_SNI_REAL_MATCH : CYASSL_SNI_FAKE_MATCH); + + } else if (!(sni->options & CYASSL_SNI_CONTINUE_ON_MISMATCH)) { + SendAlert(ssl, alert_fatal, unrecognized_name); + + return UNKNOWN_SNI_HOST_NAME_E; + } + break; + } + } + + TLSX_SetResponse(ssl, SERVER_NAME_INDICATION); + } + +#endif + + return 0; +} + +int TLSX_UseSNI(TLSX** extensions, byte type, const void* data, word16 size) +{ + TLSX* extension = NULL; + SNI* sni = NULL; + int ret = 0; + + if (extensions == NULL || data == NULL) + return BAD_FUNC_ARG; + + if ((ret = TLSX_SNI_Append(&sni, type, data, size)) != 0) + return ret; + + extension = *extensions; + + /* find SNI extension if it already exists. */ + while (extension && extension->type != SERVER_NAME_INDICATION) + extension = extension->next; + + /* push new SNI extension if it doesn't exists. */ + if (!extension) { + if ((ret = TLSX_Append(extensions, SERVER_NAME_INDICATION)) != 0) { + TLSX_SNI_Free(sni); + return ret; + } + + extension = *extensions; + } + + /* push new SNI object to extension data. */ + sni->next = (SNI*) extension->data; + extension->data = (void*) sni; + + /* look for another server name of the same type to remove (replacement) */ + do { + if (sni->next && sni->next->type == type) { + SNI *next = sni->next; + + sni->next = next->next; + TLSX_SNI_Free(next); + + break; + } + } while ((sni = sni->next)); + + return SSL_SUCCESS; +} + +#ifndef NO_CYASSL_SERVER +word16 TLSX_SNI_GetRequest(TLSX* extensions, byte type, void** data) +{ + TLSX* extension = TLSX_Find(extensions, SERVER_NAME_INDICATION); + SNI* sni = TLSX_SNI_Find(extension ? extension->data : NULL, type); + + if (sni && sni->status != CYASSL_SNI_NO_MATCH) { + switch (sni->type) { + case CYASSL_SNI_HOST_NAME: + *data = sni->data.host_name; + return XSTRLEN(*data); + } + } + + return 0; +} + +void TLSX_SNI_SetOptions(TLSX* extensions, byte type, byte options) +{ + TLSX* extension = TLSX_Find(extensions, SERVER_NAME_INDICATION); + SNI* sni = TLSX_SNI_Find(extension ? extension->data : NULL, type); + + if (sni) + sni->options = options; +} + +int TLSX_SNI_GetFromBuffer(const byte* clientHello, word32 helloSz, + byte type, byte* sni, word32* inOutSz) +{ + word32 offset = 0; + word32 len32 = 0; + word16 len16 = 0; + + if (helloSz < RECORD_HEADER_SZ + HANDSHAKE_HEADER_SZ + CLIENT_HELLO_FIRST) + return INCOMPLETE_DATA; + + /* TLS record header */ + if ((enum ContentType) clientHello[offset++] != handshake) + return BUFFER_ERROR; + + if (clientHello[offset++] != SSLv3_MAJOR) + return BUFFER_ERROR; + + if (clientHello[offset++] < TLSv1_MINOR) + return BUFFER_ERROR; + + ato16(clientHello + offset, &len16); + offset += OPAQUE16_LEN; + + if (offset + len16 > helloSz) + return INCOMPLETE_DATA; + + /* Handshake header */ + if ((enum HandShakeType) clientHello[offset] != client_hello) + return BUFFER_ERROR; + + c24to32(clientHello + offset + 1, &len32); + offset += HANDSHAKE_HEADER_SZ; + + if (offset + len32 > helloSz) + return BUFFER_ERROR; + + /* client hello */ + offset += VERSION_SZ + RAN_LEN; /* version, random */ + + if (helloSz < offset + clientHello[offset]) + return BUFFER_ERROR; + + offset += ENUM_LEN + clientHello[offset]; /* skip session id */ + + /* cypher suites */ + if (helloSz < offset + OPAQUE16_LEN) + return BUFFER_ERROR; + + ato16(clientHello + offset, &len16); + offset += OPAQUE16_LEN; + + if (helloSz < offset + len16) + return BUFFER_ERROR; + + offset += len16; /* skip cypher suites */ + + /* compression methods */ + if (helloSz < offset + 1) + return BUFFER_ERROR; + + if (helloSz < offset + clientHello[offset]) + return BUFFER_ERROR; + + offset += ENUM_LEN + clientHello[offset]; /* skip compression methods */ + + /* extensions */ + if (helloSz < offset + OPAQUE16_LEN) + return 0; /* no extensions in client hello. */ + + ato16(clientHello + offset, &len16); + offset += OPAQUE16_LEN; + + if (helloSz < offset + len16) + return BUFFER_ERROR; + + while (len16 >= OPAQUE16_LEN + OPAQUE16_LEN) { + word16 extType; + word16 extLen; + + ato16(clientHello + offset, &extType); + offset += OPAQUE16_LEN; + + ato16(clientHello + offset, &extLen); + offset += OPAQUE16_LEN; + + if (helloSz < offset + extLen) + return BUFFER_ERROR; + + if (extType != SERVER_NAME_INDICATION) { + offset += extLen; /* skip extension */ + } else { + word16 listLen; + + ato16(clientHello + offset, &listLen); + offset += OPAQUE16_LEN; + + if (helloSz < offset + listLen) + return BUFFER_ERROR; + + while (listLen > ENUM_LEN + OPAQUE16_LEN) { + byte sniType = clientHello[offset++]; + word16 sniLen; + + ato16(clientHello + offset, &sniLen); + offset += OPAQUE16_LEN; + + if (helloSz < offset + sniLen) + return BUFFER_ERROR; + + if (sniType != type) { + offset += sniLen; + listLen -= min(ENUM_LEN + OPAQUE16_LEN + sniLen, listLen); + continue; + } + + *inOutSz = min(sniLen, *inOutSz); + XMEMCPY(sni, clientHello + offset, *inOutSz); + + return SSL_SUCCESS; + } + } + + len16 -= min(2 * OPAQUE16_LEN + extLen, len16); + } + + return len16 ? BUFFER_ERROR : 0; +} + +#endif + +#define SNI_FREE_ALL TLSX_SNI_FreeAll +#define SNI_GET_SIZE TLSX_SNI_GetSize +#define SNI_WRITE TLSX_SNI_Write +#define SNI_PARSE TLSX_SNI_Parse + +#else + +#define SNI_FREE_ALL(list) +#define SNI_GET_SIZE(list) 0 +#define SNI_WRITE(a, b) 0 +#define SNI_PARSE(a, b, c, d) 0 + +#endif /* HAVE_SNI */ + +#ifdef HAVE_MAX_FRAGMENT + +static word16 TLSX_MFL_Write(byte* data, byte* output) +{ + output[0] = data[0]; + + return ENUM_LEN; +} + +static int TLSX_MFL_Parse(CYASSL* ssl, byte* input, word16 length, + byte isRequest) +{ + if (length != ENUM_LEN) + return BUFFER_ERROR; + + switch (*input) { + case CYASSL_MFL_2_9 : ssl->max_fragment = 512; break; + case CYASSL_MFL_2_10: ssl->max_fragment = 1024; break; + case CYASSL_MFL_2_11: ssl->max_fragment = 2048; break; + case CYASSL_MFL_2_12: ssl->max_fragment = 4096; break; + case CYASSL_MFL_2_13: ssl->max_fragment = 8192; break; + + default: + SendAlert(ssl, alert_fatal, illegal_parameter); + + return UNKNOWN_MAX_FRAG_LEN_E; + } + +#ifndef NO_CYASSL_SERVER + if (isRequest) { + int r = TLSX_UseMaxFragment(&ssl->extensions, *input); + + if (r != SSL_SUCCESS) return r; /* throw error */ + + TLSX_SetResponse(ssl, MAX_FRAGMENT_LENGTH); + } +#endif + + return 0; +} + +int TLSX_UseMaxFragment(TLSX** extensions, byte mfl) +{ + TLSX* extension = NULL; + byte* data = NULL; + int ret = 0; + + if (extensions == NULL) + return BAD_FUNC_ARG; + + if (mfl < CYASSL_MFL_2_9 || CYASSL_MFL_2_13 < mfl) + return BAD_FUNC_ARG; + + if ((data = XMALLOC(ENUM_LEN, 0, DYNAMIC_TYPE_TLSX)) == NULL) + return MEMORY_E; + + data[0] = mfl; + + /* push new MFL extension. */ + if ((ret = TLSX_Append(extensions, MAX_FRAGMENT_LENGTH)) != 0) { + XFREE(data, 0, DYNAMIC_TYPE_TLSX); + return ret; + } + + /* place new mfl to extension data. */ + extension = *extensions; + extension->data = (void*) data; + + /* remove duplicated extensions */ + do { + if (extension->next && extension->next->type == MAX_FRAGMENT_LENGTH) { + TLSX *next = extension->next; + + extension->next = next->next; + next->next = NULL; + + TLSX_FreeAll(next); + + break; + } + } while ((extension = extension->next)); + + return SSL_SUCCESS; +} + + +#define MFL_FREE_ALL(data) XFREE(data, 0, DYNAMIC_TYPE_TLSX) +#define MFL_GET_SIZE(data) ENUM_LEN +#define MFL_WRITE TLSX_MFL_Write +#define MFL_PARSE TLSX_MFL_Parse + +#else + +#define MFL_FREE_ALL(a) +#define MFL_GET_SIZE(a) 0 +#define MFL_WRITE(a, b) 0 +#define MFL_PARSE(a, b, c, d) 0 + +#endif /* HAVE_MAX_FRAGMENT */ + +#ifdef HAVE_TRUNCATED_HMAC + +int TLSX_UseTruncatedHMAC(TLSX** extensions) +{ + int ret = 0; + + if (extensions == NULL) + return BAD_FUNC_ARG; + + if (!TLSX_Find(*extensions, TRUNCATED_HMAC)) + if ((ret = TLSX_Append(extensions, TRUNCATED_HMAC)) != 0) + return ret; + + return SSL_SUCCESS; +} + +static int TLSX_THM_Parse(CYASSL* ssl, byte* input, word16 length, + byte isRequest) +{ + if (length != 0 || input == NULL) + return BUFFER_ERROR; + +#ifndef NO_CYASSL_SERVER + if (isRequest) { + int r = TLSX_UseTruncatedHMAC(&ssl->extensions); + + if (r != SSL_SUCCESS) return r; /* throw error */ + + TLSX_SetResponse(ssl, TRUNCATED_HMAC); + } +#endif + + ssl->truncated_hmac = 1; + + return 0; +} + +#define THM_PARSE TLSX_THM_Parse + +#else + +#define THM_PARSE(a, b, c, d) 0 + +#endif /* HAVE_TRUNCATED_HMAC */ + +#ifdef HAVE_SUPPORTED_CURVES + +#ifndef HAVE_ECC +#error Elliptic Curves Extension requires Elliptic Curve Cryptography. \ + Use --enable-ecc in the configure script or define HAVE_ECC. +#endif + +static void TLSX_EllipticCurve_FreeAll(EllipticCurve* list) +{ + EllipticCurve* curve; + + while ((curve = list)) { + list = curve->next; + XFREE(curve, 0, DYNAMIC_TYPE_TLSX); + } +} + +static int TLSX_EllipticCurve_Append(EllipticCurve** list, word16 name) +{ + EllipticCurve* curve; + + if (list == NULL) + return BAD_FUNC_ARG; + + if ((curve = XMALLOC(sizeof(EllipticCurve), 0, DYNAMIC_TYPE_TLSX)) == NULL) + return MEMORY_E; + + curve->name = name; + curve->next = *list; + + *list = curve; + + return 0; +} + +#ifndef NO_CYASSL_CLIENT + +static void TLSX_EllipticCurve_ValidateRequest(CYASSL* ssl, byte* semaphore) +{ + int i; + + for (i = 0; i < ssl->suites->suiteSz; i+= 2) + if (ssl->suites->suites[i] == ECC_BYTE) + return; + + /* No elliptic curve suite found */ + TURN_ON(semaphore, ELLIPTIC_CURVES); +} + +static word16 TLSX_EllipticCurve_GetSize(EllipticCurve* list) +{ + EllipticCurve* curve; + word16 length = OPAQUE16_LEN; /* list length */ + + while ((curve = list)) { + list = curve->next; + length += OPAQUE16_LEN; /* curve length */ + } + + return length; +} + +static word16 TLSX_EllipticCurve_WriteR(EllipticCurve* curve, byte* output); +static word16 TLSX_EllipticCurve_WriteR(EllipticCurve* curve, byte* output) +{ + word16 offset = 0; + + if (!curve) + return offset; + + offset = TLSX_EllipticCurve_WriteR(curve->next, output); + c16toa(curve->name, output + offset); + + return OPAQUE16_LEN + offset; +} + +static word16 TLSX_EllipticCurve_Write(EllipticCurve* list, byte* output) +{ + word16 length = TLSX_EllipticCurve_WriteR(list, output + OPAQUE16_LEN); + + c16toa(length, output); /* writing list length */ + + return OPAQUE16_LEN + length; +} + +#endif /* NO_CYASSL_CLIENT */ +#ifndef NO_CYASSL_SERVER + +static int TLSX_EllipticCurve_Parse(CYASSL* ssl, byte* input, word16 length, + byte isRequest) +{ + word16 offset; + word16 name; + int r; + + (void) isRequest; /* shut up compiler! */ + + if (OPAQUE16_LEN > length || length % OPAQUE16_LEN) + return BUFFER_ERROR; + + ato16(input, &offset); + + /* validating curve list length */ + if (length != OPAQUE16_LEN + offset) + return BUFFER_ERROR; + + while (offset) { + ato16(input + offset, &name); + offset -= OPAQUE16_LEN; + + r = TLSX_UseSupportedCurve(&ssl->extensions, name); + + if (r != SSL_SUCCESS) return r; /* throw error */ + } + + return 0; +} + +int TLSX_ValidateEllipticCurves(CYASSL* ssl, byte first, byte second) { + TLSX* extension = (first == ECC_BYTE) + ? TLSX_Find(ssl->extensions, ELLIPTIC_CURVES) + : NULL; + EllipticCurve* curve = NULL; + word32 oid = 0; + word16 octets = 0; /* acording to 'ecc_set_type ecc_sets[];' */ + int sig = 0; /* valitade signature */ + int key = 0; /* validate key */ + + if (!extension) + return 1; /* no suite restriction */ + + for (curve = extension->data; curve && !(sig && key); curve = curve->next) { + + switch (curve->name) { + case CYASSL_ECC_SECP160R1: oid = ECC_160R1; octets = 20; break; + case CYASSL_ECC_SECP192R1: oid = ECC_192R1; octets = 24; break; + case CYASSL_ECC_SECP224R1: oid = ECC_224R1; octets = 28; break; + case CYASSL_ECC_SECP256R1: oid = ECC_256R1; octets = 32; break; + case CYASSL_ECC_SECP384R1: oid = ECC_384R1; octets = 48; break; + case CYASSL_ECC_SECP521R1: oid = ECC_521R1; octets = 66; break; + default: continue; /* unsupported curve */ + } + + switch (second) { +#ifndef NO_DSA + /* ECDHE_ECDSA */ + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_RC4_128_SHA: + case TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384: + case TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8: + case TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8: + sig |= ssl->pkCurveOID == oid; + key |= ssl->eccTempKeySz == octets; + break; + + /* ECDH_ECDSA */ + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_RC4_128_SHA: + case TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384: + sig |= ssl->pkCurveOID == oid; + key |= ssl->pkCurveOID == oid; + break; +#endif +#ifndef NO_RSA + /* ECDHE_RSA */ + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA: + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA: + case TLS_ECDHE_RSA_WITH_RC4_128_SHA: + case TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384: + sig = 1; + key |= ssl->eccTempKeySz == octets; + break; + + /* ECDH_RSA */ + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA: + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA: + case TLS_ECDH_RSA_WITH_RC4_128_SHA: + case TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA: + case TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256: + case TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384: + case TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256: + case TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384: + sig = 1; + key |= ssl->pkCurveOID == oid; + break; +#endif + default: + sig = 1; + key = 1; + break; + } + } + + return sig && key; +} + +#endif /* NO_CYASSL_SERVER */ + +int TLSX_UseSupportedCurve(TLSX** extensions, word16 name) +{ + TLSX* extension = NULL; + EllipticCurve* curve = NULL; + int ret = 0; + + if (extensions == NULL) + return BAD_FUNC_ARG; + + if ((ret = TLSX_EllipticCurve_Append(&curve, name)) != 0) + return ret; + + extension = *extensions; + + /* find EllipticCurve extension if it already exists. */ + while (extension && extension->type != ELLIPTIC_CURVES) + extension = extension->next; + + /* push new EllipticCurve extension if it doesn't exists. */ + if (!extension) { + if ((ret = TLSX_Append(extensions, ELLIPTIC_CURVES)) != 0) { + XFREE(curve, 0, DYNAMIC_TYPE_TLSX); + return ret; + } + + extension = *extensions; + } + + /* push new EllipticCurve object to extension data. */ + curve->next = (EllipticCurve*) extension->data; + extension->data = (void*) curve; + + /* look for another curve of the same name to remove (replacement) */ + do { + if (curve->next && curve->next->name == name) { + EllipticCurve *next = curve->next; + + curve->next = next->next; + XFREE(next, 0, DYNAMIC_TYPE_TLSX); + + break; + } + } while ((curve = curve->next)); + + return SSL_SUCCESS; +} + +#define EC_FREE_ALL TLSX_EllipticCurve_FreeAll +#define EC_VALIDATE_REQUEST TLSX_EllipticCurve_ValidateRequest + +#ifndef NO_CYASSL_CLIENT +#define EC_GET_SIZE TLSX_EllipticCurve_GetSize +#define EC_WRITE TLSX_EllipticCurve_Write +#else +#define EC_GET_SIZE(list) 0 +#define EC_WRITE(a, b) 0 +#endif + +#ifndef NO_CYASSL_SERVER +#define EC_PARSE TLSX_EllipticCurve_Parse +#else +#define EC_PARSE(a, b, c, d) 0 +#endif + +#else + +#define EC_FREE_ALL(list) +#define EC_GET_SIZE(list) 0 +#define EC_WRITE(a, b) 0 +#define EC_PARSE(a, b, c, d) 0 +#define EC_VALIDATE_REQUEST(a, b) + +#endif /* HAVE_SUPPORTED_CURVES */ + +TLSX* TLSX_Find(TLSX* list, TLSX_Type type) +{ + TLSX* extension = list; + + while (extension && extension->type != type) + extension = extension->next; + + return extension; +} + +void TLSX_FreeAll(TLSX* list) +{ + TLSX* extension; + + while ((extension = list)) { + list = extension->next; + + switch (extension->type) { + case SERVER_NAME_INDICATION: + SNI_FREE_ALL((SNI *) extension->data); + break; + + case MAX_FRAGMENT_LENGTH: + MFL_FREE_ALL(extension->data); + break; + + case TRUNCATED_HMAC: + /* Nothing to do. */ + break; + + case ELLIPTIC_CURVES: + EC_FREE_ALL(extension->data); + break; + } + + XFREE(extension, 0, DYNAMIC_TYPE_TLSX); + } +} + +int TLSX_SupportExtensions(CYASSL* ssl) { + return ssl && (IsTLS(ssl) || ssl->version.major == DTLS_MAJOR); +} + +static word16 TLSX_GetSize(TLSX* list, byte* semaphore, byte isRequest) +{ + TLSX* extension; + word16 length = 0; + + while ((extension = list)) { + list = extension->next; + + if (!isRequest && !extension->resp) + continue; /* skip! */ + + if (IS_OFF(semaphore, extension->type)) { + /* type + data length */ + length += HELLO_EXT_TYPE_SZ + OPAQUE16_LEN; + + switch (extension->type) { + case SERVER_NAME_INDICATION: + if (isRequest) + length += SNI_GET_SIZE((SNI *) extension->data); + break; + case MAX_FRAGMENT_LENGTH: + length += MFL_GET_SIZE(extension->data); + break; + + case TRUNCATED_HMAC: + /* empty extension. */ + break; + + case ELLIPTIC_CURVES: + length += EC_GET_SIZE((EllipticCurve *) extension->data); + break; + } + + TURN_ON(semaphore, extension->type); + } + } + + return length; +} + +static word16 TLSX_Write(TLSX* list, byte* output, byte* semaphore, + byte isRequest) +{ + TLSX* extension; + word16 offset = 0; + word16 length_offset = 0; + + while ((extension = list)) { + list = extension->next; + + if (!isRequest && !extension->resp) + continue; /* skip! */ + + if (IS_OFF(semaphore, extension->type)) { + /* extension type */ + c16toa(extension->type, output + offset); + offset += HELLO_EXT_TYPE_SZ + OPAQUE16_LEN; + length_offset = offset; + + /* extension data should be written internally */ + switch (extension->type) { + case SERVER_NAME_INDICATION: + if (isRequest) + offset += SNI_WRITE((SNI *) extension->data, + output + offset); + break; + + case MAX_FRAGMENT_LENGTH: + offset += MFL_WRITE((byte *) extension->data, + output + offset); + break; + + case TRUNCATED_HMAC: + /* empty extension. */ + break; + + case ELLIPTIC_CURVES: + offset += EC_WRITE((EllipticCurve *) extension->data, + output + offset); + break; + } + + /* writing extension data length */ + c16toa(offset - length_offset, + output + length_offset - OPAQUE16_LEN); + + TURN_ON(semaphore, extension->type); + } + } + + return offset; +} + +#ifndef NO_CYASSL_CLIENT + +word16 TLSX_GetRequestSize(CYASSL* ssl) +{ + word16 length = 0; + + if (TLSX_SupportExtensions(ssl)) { + byte semaphore[16] = {0}; + + EC_VALIDATE_REQUEST(ssl, semaphore); + + if (ssl->extensions) + length += TLSX_GetSize(ssl->extensions, semaphore, 1); + + if (ssl->ctx && ssl->ctx->extensions) + length += TLSX_GetSize(ssl->ctx->extensions, semaphore, 1); + + if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz) + length += ssl->suites->hashSigAlgoSz + HELLO_EXT_LEN; + } + + if (length) + length += OPAQUE16_LEN; /* for total length storage */ + + return length; +} + +word16 TLSX_WriteRequest(CYASSL* ssl, byte* output) +{ + word16 offset = 0; + + if (TLSX_SupportExtensions(ssl) && output) { + byte semaphore[16] = {0}; + + offset += OPAQUE16_LEN; /* extensions length */ + + EC_VALIDATE_REQUEST(ssl, semaphore); + + if (ssl->extensions) + offset += TLSX_Write(ssl->extensions, output + offset, + semaphore, 1); + + if (ssl->ctx && ssl->ctx->extensions) + offset += TLSX_Write(ssl->ctx->extensions, output + offset, + semaphore, 1); + + if (IsAtLeastTLSv1_2(ssl) && ssl->suites->hashSigAlgoSz) + { + int i; + /* extension type */ + c16toa(HELLO_EXT_SIG_ALGO, output + offset); + offset += HELLO_EXT_TYPE_SZ; + + /* extension data length */ + c16toa(OPAQUE16_LEN + ssl->suites->hashSigAlgoSz, output + offset); + offset += OPAQUE16_LEN; + + /* sig algos length */ + c16toa(ssl->suites->hashSigAlgoSz, output + offset); + offset += OPAQUE16_LEN; + + /* sig algos */ + for (i = 0; i < ssl->suites->hashSigAlgoSz; i++, offset++) + output[offset] = ssl->suites->hashSigAlgo[i]; + } + + if (offset > OPAQUE16_LEN) + c16toa(offset - OPAQUE16_LEN, output); /* extensions length */ + } + + return offset; +} + +#endif /* NO_CYASSL_CLIENT */ + +#ifndef NO_CYASSL_SERVER + +word16 TLSX_GetResponseSize(CYASSL* ssl) +{ + word16 length = 0; + byte semaphore[16] = {0}; + + if (TLSX_SupportExtensions(ssl)) + length += TLSX_GetSize(ssl->extensions, semaphore, 0); + + /* All the response data is set at the ssl object only, so no ctx here. */ + + if (length) + length += OPAQUE16_LEN; /* for total length storage */ + + return length; +} + +word16 TLSX_WriteResponse(CYASSL *ssl, byte* output) +{ + word16 offset = 0; + + if (TLSX_SupportExtensions(ssl) && output) { + byte semaphore[16] = {0}; + + offset += OPAQUE16_LEN; /* extensions length */ + + offset += TLSX_Write(ssl->extensions, output + offset, semaphore, 0); + + if (offset > OPAQUE16_LEN) + c16toa(offset - OPAQUE16_LEN, output); /* extensions length */ + } + + return offset; +} + +#endif /* NO_CYASSL_SERVER */ + +int TLSX_Parse(CYASSL* ssl, byte* input, word16 length, byte isRequest, + Suites *suites) +{ + int ret = 0; + word16 offset = 0; + + if (!ssl || !input || !suites) + return BAD_FUNC_ARG; + + while (ret == 0 && offset < length) { + word16 type; + word16 size; + + if (length - offset < HELLO_EXT_TYPE_SZ + OPAQUE16_LEN) + return BUFFER_ERROR; + + ato16(input + offset, &type); + offset += HELLO_EXT_TYPE_SZ; + + ato16(input + offset, &size); + offset += OPAQUE16_LEN; + + if (offset + size > length) + return BUFFER_ERROR; + + switch (type) { + case SERVER_NAME_INDICATION: + CYASSL_MSG("SNI extension received"); + + ret = SNI_PARSE(ssl, input + offset, size, isRequest); + break; + + case MAX_FRAGMENT_LENGTH: + CYASSL_MSG("Max Fragment Length extension received"); + + ret = MFL_PARSE(ssl, input + offset, size, isRequest); + break; + + case TRUNCATED_HMAC: + CYASSL_MSG("Truncated HMAC extension received"); + + ret = THM_PARSE(ssl, input + offset, size, isRequest); + break; + + case ELLIPTIC_CURVES: + CYASSL_MSG("Elliptic Curves extension received"); + + ret = EC_PARSE(ssl, input + offset, size, isRequest); + break; + + case HELLO_EXT_SIG_ALGO: + if (isRequest) { + /* do not mess with offset inside the switch! */ + if (IsAtLeastTLSv1_2(ssl)) { + ato16(input + offset, &suites->hashSigAlgoSz); + + if (suites->hashSigAlgoSz > size - OPAQUE16_LEN) + return BUFFER_ERROR; + + XMEMCPY(suites->hashSigAlgo, + input + offset + OPAQUE16_LEN, + min(suites->hashSigAlgoSz, + HELLO_EXT_SIGALGO_MAX)); + } + } else { + CYASSL_MSG("Servers MUST NOT send SIG ALGO extension."); + } + + break; + } + + /* offset should be updated here! */ + offset += size; + } + + return ret; +} + +/* undefining semaphore macros */ +#undef IS_OFF +#undef TURN_ON + +#elif defined(HAVE_SNI) \ + || defined(HAVE_MAX_FRAGMENT) \ + || defined(HAVE_TRUNCATED_HMAC) \ + || defined(HAVE_SUPPORTED_CURVES) + +#error Using TLS extensions requires HAVE_TLS_EXTENSIONS to be defined. + +#endif /* HAVE_TLS_EXTENSIONS */ + + +#ifndef NO_CYASSL_CLIENT + +#ifndef NO_OLD_TLS + + CYASSL_METHOD* CyaTLSv1_client_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + if (method) + InitSSL_Method(method, MakeTLSv1()); + return method; + } + + + CYASSL_METHOD* CyaTLSv1_1_client_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + if (method) + InitSSL_Method(method, MakeTLSv1_1()); + return method; + } + +#endif /* !NO_OLD_TLS */ + +#ifndef NO_SHA256 /* can't use without SHA256 */ + + CYASSL_METHOD* CyaTLSv1_2_client_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + if (method) + InitSSL_Method(method, MakeTLSv1_2()); + return method; + } + +#endif + + + CYASSL_METHOD* CyaSSLv23_client_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + if (method) { +#ifndef NO_SHA256 /* 1.2 requires SHA256 */ + InitSSL_Method(method, MakeTLSv1_2()); +#else + InitSSL_Method(method, MakeTLSv1_1()); +#endif +#ifndef NO_OLD_TLS + method->downgrade = 1; +#endif + } + return method; + } + + +#endif /* NO_CYASSL_CLIENT */ + + + +#ifndef NO_CYASSL_SERVER + +#ifndef NO_OLD_TLS + + CYASSL_METHOD* CyaTLSv1_server_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + if (method) { + InitSSL_Method(method, MakeTLSv1()); + method->side = CYASSL_SERVER_END; + } + return method; + } + + + CYASSL_METHOD* CyaTLSv1_1_server_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + if (method) { + InitSSL_Method(method, MakeTLSv1_1()); + method->side = CYASSL_SERVER_END; + } + return method; + } + +#endif /* !NO_OLD_TLS */ + +#ifndef NO_SHA256 /* can't use without SHA256 */ + + CYASSL_METHOD* CyaTLSv1_2_server_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + if (method) { + InitSSL_Method(method, MakeTLSv1_2()); + method->side = CYASSL_SERVER_END; + } + return method; + } + +#endif + + + CYASSL_METHOD* CyaSSLv23_server_method(void) + { + CYASSL_METHOD* method = + (CYASSL_METHOD*) XMALLOC(sizeof(CYASSL_METHOD), 0, + DYNAMIC_TYPE_METHOD); + if (method) { +#ifndef NO_SHA256 /* 1.2 requires SHA256 */ + InitSSL_Method(method, MakeTLSv1_2()); +#else + InitSSL_Method(method, MakeTLSv1_1()); +#endif + method->side = CYASSL_SERVER_END; +#ifndef NO_OLD_TLS + method->downgrade = 1; +#endif /* !NO_OLD_TLS */ + } + return method; + } + + + +#endif /* NO_CYASSL_SERVER */ #endif /* NO_TLS */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSniffer.vcproj b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSniffer.vcproj index 1a4ca9b1d..b0b8c78b0 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSniffer.vcproj +++ b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSniffer.vcproj @@ -42,7 +42,7 @@ Name="VCCLCompilerTool" Optimization="0" AdditionalIncludeDirectories="../" - PreprocessorDefinitions="CYASSL_SNIFFER;SSL_SNIFFER_EXPORTS" + PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;CYASSL_SNIFFER;SSL_SNIFFER_EXPORTS" MinimalRebuild="true" BasicRuntimeChecks="3" RuntimeLibrary="3" @@ -118,7 +118,7 @@ Optimization="2" EnableIntrinsicFunctions="true" AdditionalIncludeDirectories="../" - PreprocessorDefinitions="CYASSL_SNIFFER;SSL_SNIFFER_EXPORTS" + PreprocessorDefinitions="OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;CYASSL_SNIFFER;SSL_SNIFFER_EXPORTS" RuntimeLibrary="2" EnableFunctionLevelLinking="true" UsePrecompiledHeader="0" diff --git a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSniffer.vcxproj b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSniffer.vcxproj new file mode 100644 index 000000000..9056a1469 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSniffer.vcxproj @@ -0,0 +1,181 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + {34FAE5A6-2B0F-4B55-86FE-0C43E4810F4D} + sslSniffer + Win32Proj + + + + DynamicLibrary + v110 + Unicode + true + + + DynamicLibrary + v110 + Unicode + true + + + DynamicLibrary + v110 + Unicode + + + DynamicLibrary + v110 + Unicode + + + + + + + + + + + + + + + + + + + <_ProjectFileVersion>11.0.61030.0 + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + true + + + true + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + false + + + false + + + + Disabled + ../;%(AdditionalIncludeDirectories) + OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;CYASSL_SNIFFER;SSL_SNIFFER_EXPORTS;%(PreprocessorDefinitions) + true + EnableFastChecks + MultiThreadedDebugDLL + + Level3 + EditAndContinue + + + Ws2_32.lib;%(AdditionalDependencies) + true + Windows + MachineX86 + + + + + Disabled + ../;%(AdditionalIncludeDirectories) + OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;CYASSL_SNIFFER;SSL_SNIFFER_EXPORTS;%(PreprocessorDefinitions) + EnableFastChecks + MultiThreadedDebugDLL + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Windows + + + + + MaxSpeed + true + ../;%(AdditionalIncludeDirectories) + OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;CYASSL_SNIFFER;SSL_SNIFFER_EXPORTS;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Windows + true + true + MachineX86 + + + + + MaxSpeed + true + ../;%(AdditionalIncludeDirectories) + OPENSSL_EXTRA;CYASSL_RIPEMD;CYASSL_SHA512;NO_PSK;CYASSL_SNIFFER;SSL_SNIFFER_EXPORTS;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Windows + true + true + + + + + + + + + + + + + + {73973223-5ee8-41ca-8e88-1d60e89a237b} + false + + + + + + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/include.am b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/include.am index cf2ed1c78..0d3c5a0ca 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/include.am @@ -2,11 +2,13 @@ # included from Top Level Makefile.am # All paths should be given relative to the root +if BUILD_SNIFFTEST noinst_PROGRAMS += sslSniffer/sslSnifferTest/snifftest sslSniffer_sslSnifferTest_snifftest_SOURCES = sslSniffer/sslSnifferTest/snifftest.c -if BUILD_SNIFFER sslSniffer_sslSnifferTest_snifftest_LDADD = src/libcyassl.la -lpcap sslSniffer_sslSnifferTest_snifftest_DEPENDENCIES = src/libcyassl.la endif EXTRA_DIST += sslSniffer/sslSniffer.vcproj +EXTRA_DIST += sslSniffer/sslSniffer.vcxproj EXTRA_DIST += sslSniffer/sslSnifferTest/sslSniffTest.vcproj +DISTCLEANFILES+= sslSniffer/sslSnifferTest/.libs/snifftest diff --git a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/snifftest.c b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/snifftest.c index a132538b6..60c80ad49 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/snifftest.c +++ b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/snifftest.c @@ -1,6 +1,6 @@ /* snifftest.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,13 +16,15 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #ifdef _WIN32 #define CYASSL_SNIFFER #endif @@ -32,7 +34,7 @@ /* blank build */ #include #include -int main() +int main(void) { printf("do ./configure --enable-sniffer to enable build support\n"); return EXIT_SUCCESS; @@ -67,26 +69,35 @@ enum { }; -pcap_t* pcap = 0; -pcap_if_t *alldevs; +pcap_t* pcap = NULL; +pcap_if_t* alldevs = NULL; -static void sig_handler(const int sig) + +static void FreeAll(void) { - printf("SIGINT handled = %d.\n", sig); if (pcap) pcap_close(pcap); - pcap_freealldevs(alldevs); + if (alldevs) + pcap_freealldevs(alldevs); #ifndef _WIN32 ssl_FreeSniffer(); #endif - exit(EXIT_SUCCESS); +} + +static void sig_handler(const int sig) +{ + printf("SIGINT handled = %d.\n", sig); + FreeAll(); + if (sig) + exit(EXIT_SUCCESS); } static void err_sys(const char* msg) { fprintf(stderr, "%s\n", msg); - exit(EXIT_FAILURE); + if (msg) + exit(EXIT_FAILURE); } @@ -110,7 +121,7 @@ static char* iptos(unsigned int addr) int main(int argc, char** argv) { - int ret; + int ret = 0; int inum; int port; int saveFile = 0; @@ -149,7 +160,9 @@ int main(int argc, char** argv) " installed correctly and you have sufficient permissions"); printf("Enter the interface number (1-%d): ", i); - scanf("%d", &inum); + ret = scanf("%d", &inum); + if (ret != 1) + printf("scanf port failed\n"); if (inum < 1 || inum > i) err_sys("Interface number out of range"); @@ -196,7 +209,9 @@ int main(int argc, char** argv) if (ret != 0) printf("pcap_activate failed %s\n", pcap_geterr(pcap)); printf("Enter the port to scan: "); - scanf("%d", &port); + ret = scanf("%d", &port); + if (ret != 1) + printf("scanf port failed\n"); SNPRINTF(filter, sizeof(filter), "tcp and port %d", port); @@ -208,6 +223,9 @@ int main(int argc, char** argv) ret = ssl_SetPrivateKey(server, port, "../../certs/server-key.pem", FILETYPE_PEM, NULL, err); + if (ret != 0) { + printf("Please run directly from sslSniffer/sslSnifferTest dir\n"); + } } else if (argc >= 3) { saveFile = 1; @@ -217,6 +235,7 @@ int main(int argc, char** argv) ret = -1; } else { + const char* passwd = NULL; /* defaults for server and port */ port = 443; server = "127.0.0.1"; @@ -227,14 +246,17 @@ int main(int argc, char** argv) if (argc >= 5) port = atoi(argv[4]); + if (argc >= 6) + passwd = argv[5]; + ret = ssl_SetPrivateKey(server, port, argv[2], - FILETYPE_PEM, NULL, err); + FILETYPE_PEM, passwd, err); } } else { /* usage error */ - printf( - "usage: ./snifftest or ./snifftest dump pemKey [server] [port]\n"); + printf( "usage: ./snifftest or ./snifftest dump pemKey" + " [server] [port] [password]\n"); exit(EXIT_FAILURE); } @@ -245,11 +267,13 @@ int main(int argc, char** argv) frame = NULL_IF_FRAME_LEN; while (1) { + static int packetNumber = 0; struct pcap_pkthdr header; const unsigned char* packet = pcap_next(pcap, &header); + packetNumber++; if (packet) { - byte data[65535]; + byte data[65535+16384]; /* may have a partial 16k record cached */ if (header.caplen > 40) { /* min ip(20) + min tcp(20) */ packet += frame; @@ -263,12 +287,13 @@ int main(int argc, char** argv) printf("ssl_Decode ret = %d, %s\n", ret, err); if (ret > 0) { data[ret] = 0; - printf("SSL App Data:%s\n", data); + printf("SSL App Data(%d:%d):%s\n", packetNumber, ret, data); } } else if (saveFile) break; /* we're done reading file */ } + FreeAll(); return EXIT_SUCCESS; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/sslSniffTest.vcproj b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/sslSniffTest.vcproj index 0a45e3ea1..ff9977fa9 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/sslSniffTest.vcproj +++ b/FreeRTOS-Plus/Source/CyaSSL/sslSniffer/sslSnifferTest/sslSniffTest.vcproj @@ -41,7 +41,7 @@ #endif +#include + #ifndef _WIN32 #define HAVE_CONFIG_H #endif @@ -174,7 +176,7 @@ int CyaSSL_swig_connect(CYASSL* ssl, const char* server, int port) char* CyaSSL_error_string(int err) { - static char buffer[80]; + static char buffer[CYASSL_MAX_ERROR_SZ]; return CyaSSL_ERR_error_string(err, buffer); } diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/api.c b/FreeRTOS-Plus/Source/CyaSSL/tests/api.c index 102dc09a5..8342da249 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/api.c +++ b/FreeRTOS-Plus/Source/CyaSSL/tests/api.c @@ -1,6 +1,6 @@ /* api.c API unit tests * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,9 +16,16 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ +#ifdef HAVE_CONFIG_H + #include +#endif + +#include +#include + #include #include #include @@ -31,19 +38,37 @@ static int test_CyaSSL_Init(void); static int test_CyaSSL_Cleanup(void); static int test_CyaSSL_Method_Allocators(void); static int test_CyaSSL_CTX_new(CYASSL_METHOD *method); -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) static int test_CyaSSL_CTX_use_certificate_file(void); static int test_CyaSSL_CTX_use_PrivateKey_file(void); static int test_CyaSSL_CTX_load_verify_locations(void); +#ifndef NO_RSA static int test_server_CyaSSL_new(void); static int test_client_CyaSSL_new(void); +#ifndef SINGLE_THREADED static int test_CyaSSL_read_write(void); -#endif +#endif /* SINGLE_THREADED */ +#endif /* NO_RSA */ +#endif /* NO_FILESYSTEM */ +#ifdef HAVE_SNI +static void test_CyaSSL_UseSNI(void); +#endif /* HAVE_SNI */ +#ifdef HAVE_MAX_FRAGMENT +static void test_CyaSSL_UseMaxFragment(void); +#endif /* HAVE_MAX_FRAGMENT */ +#ifdef HAVE_TRUNCATED_HMAC +static void test_CyaSSL_UseTruncatedHMAC(void); +#endif /* HAVE_TRUNCATED_HMAC */ +#ifdef HAVE_SUPPORTED_CURVES +static void test_CyaSSL_UseSupportedCurve(void); +#endif /* HAVE_SUPPORTED_CURVES */ /* test function helpers */ static int test_method(CYASSL_METHOD *method, const char *name); +#ifdef OPENSSL_EXTRA static int test_method2(CYASSL_METHOD *method, const char *name); -#ifndef NO_FILESYSTEM +#endif +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) static int test_ucf(CYASSL_CTX *ctx, const char* file, int type, int cond, const char* name); static int test_upkf(CYASSL_CTX *ctx, const char* file, int type, @@ -53,11 +78,18 @@ static int test_lvl(CYASSL_CTX *ctx, const char* file, const char* path, THREAD_RETURN CYASSL_THREAD test_server_nofail(void*); void test_client_nofail(void*); -#endif + +void run_cyassl_client(void* args); +THREAD_RETURN CYASSL_THREAD run_cyassl_server(void* args); + +void test_CyaSSL_client_server(callback_functions* client_callbacks, + callback_functions* server_callbacks); static const char* bogusFile = "/dev/null"; -static const char* testingFmt = " %s:"; -static const char* resultFmt = " %s\n"; +#endif + +#define testingFmt " %s:" +#define resultFmt " %s\n" static const char* passed = "passed"; static const char* failed = "failed"; @@ -71,14 +103,30 @@ int ApiTest(void) test_CyaSSL_Init(); test_CyaSSL_Method_Allocators(); test_CyaSSL_CTX_new(CyaSSLv23_server_method()); -#ifndef NO_FILESYSTEM +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) test_CyaSSL_CTX_use_certificate_file(); test_CyaSSL_CTX_use_PrivateKey_file(); test_CyaSSL_CTX_load_verify_locations(); +#ifndef NO_RSA test_server_CyaSSL_new(); test_client_CyaSSL_new(); +#ifndef SINGLE_THREADED test_CyaSSL_read_write(); -#endif +#endif /* SINGLE_THREADED */ +#endif /* NO_RSA */ +#endif /* NO_FILESYSTEM */ +#ifdef HAVE_SNI + test_CyaSSL_UseSNI(); +#endif /* HAVE_SNI */ +#ifdef HAVE_MAX_FRAGMENT + test_CyaSSL_UseMaxFragment(); +#endif /* HAVE_MAX_FRAGMENT */ +#ifdef HAVE_TRUNCATED_HMAC + test_CyaSSL_UseTruncatedHMAC(); +#endif /* HAVE_TRUNCATED_HMAC */ +#ifdef HAVE_SUPPORTED_CURVES + test_CyaSSL_UseSupportedCurve(); +#endif /* HAVE_SUPPORTED_CURVES */ test_CyaSSL_Cleanup(); printf(" End API Tests\n"); @@ -91,7 +139,7 @@ int test_CyaSSL_Init(void) printf(testingFmt, "CyaSSL_Init()"); result = CyaSSL_Init(); - printf(resultFmt, result ? failed : passed); + printf(resultFmt, result == SSL_SUCCESS ? passed : failed); return result; } @@ -102,7 +150,7 @@ static int test_CyaSSL_Cleanup(void) printf(testingFmt, "CyaSSL_Cleanup()"); result = CyaSSL_Cleanup(); - printf(resultFmt, result ? failed : passed); + printf(resultFmt, result == SSL_SUCCESS ? passed : failed); return result; } @@ -120,6 +168,7 @@ int test_method(CYASSL_METHOD *method, const char *name) return TEST_SUCCESS; } +#ifdef OPENSSL_EXTRA int test_method2(CYASSL_METHOD *method, const char *name) { printf(testingFmt, name); @@ -132,15 +181,18 @@ int test_method2(CYASSL_METHOD *method, const char *name) printf(resultFmt, passed); return TEST_SUCCESS; } +#endif int test_CyaSSL_Method_Allocators(void) { +#ifndef NO_OLD_TLS test_method(CyaSSLv3_server_method(), "CyaSSLv3_server_method()"); test_method(CyaSSLv3_client_method(), "CyaSSLv3_client_method()"); test_method(CyaTLSv1_server_method(), "CyaTLSv1_server_method()"); test_method(CyaTLSv1_client_method(), "CyaTLSv1_client_method()"); test_method(CyaTLSv1_1_server_method(), "CyaTLSv1_1_server_method()"); test_method(CyaTLSv1_1_client_method(), "CyaTLSv1_1_client_method()"); +#endif /* NO_OLD_TLS */ test_method(CyaTLSv1_2_server_method(), "CyaTLSv1_2_server_method()"); test_method(CyaTLSv1_2_client_method(), "CyaTLSv1_2_client_method()"); test_method(CyaSSLv23_client_method(), "CyaSSLv23_client_method()"); @@ -195,7 +247,370 @@ int test_CyaSSL_CTX_new(CYASSL_METHOD *method) return TEST_SUCCESS; } -#ifndef NO_FILESYSTEM +#ifdef HAVE_SNI +static void use_SNI_at_ctx(CYASSL_CTX* ctx) +{ + byte type = CYASSL_SNI_HOST_NAME; + char name[] = "www.yassl.com"; + + AssertIntEQ(SSL_SUCCESS, + CyaSSL_CTX_UseSNI(ctx, type, (void *) name, XSTRLEN(name))); +} + +static void use_SNI_at_ssl(CYASSL* ssl) +{ + byte type = CYASSL_SNI_HOST_NAME; + char name[] = "www.yassl.com"; + + AssertIntEQ(SSL_SUCCESS, + CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); +} + +static void different_SNI_at_ssl(CYASSL* ssl) +{ + byte type = CYASSL_SNI_HOST_NAME; + char name[] = "ww2.yassl.com"; + + AssertIntEQ(SSL_SUCCESS, + CyaSSL_UseSNI(ssl, type, (void *) name, XSTRLEN(name))); +} + +static void use_SNI_WITH_CONTINUE_at_ssl(CYASSL* ssl) +{ + byte type = CYASSL_SNI_HOST_NAME; + + use_SNI_at_ssl(ssl); + + CyaSSL_SNI_SetOptions(ssl, type, CYASSL_SNI_CONTINUE_ON_MISMATCH); +} + +static void use_SNI_WITH_FAKE_ANSWER_at_ssl(CYASSL* ssl) +{ + byte type = CYASSL_SNI_HOST_NAME; + + use_SNI_at_ssl(ssl); + + CyaSSL_SNI_SetOptions(ssl, type, CYASSL_SNI_ANSWER_ON_MISMATCH); +} + +static void verify_SNI_abort_on_client(CYASSL* ssl) +{ + AssertIntEQ(FATAL_ERROR, CyaSSL_get_error(ssl, 0)); +} + +static void verify_SNI_abort_on_server(CYASSL* ssl) +{ + AssertIntEQ(UNKNOWN_SNI_HOST_NAME_E, CyaSSL_get_error(ssl, 0)); +} + +static void verify_SNI_no_matching(CYASSL* ssl) +{ + byte type = CYASSL_SNI_HOST_NAME; + char* request = (char*) &type; /* to be overwriten */ + + AssertIntEQ(CYASSL_SNI_NO_MATCH, CyaSSL_SNI_Status(ssl, type)); + + AssertNotNull(request); + AssertIntEQ(0, CyaSSL_SNI_GetRequest(ssl, type, (void**) &request)); + AssertNull(request); +} + +static void verify_SNI_real_matching(CYASSL* ssl) +{ + byte type = CYASSL_SNI_HOST_NAME; + char* request = NULL; + char name[] = "www.yassl.com"; + word16 length = XSTRLEN(name); + + AssertIntEQ(CYASSL_SNI_REAL_MATCH, CyaSSL_SNI_Status(ssl, type)); + + AssertIntEQ(length, CyaSSL_SNI_GetRequest(ssl, type, (void**) &request)); + AssertNotNull(request); + AssertStrEQ(name, request); +} + +static void verify_SNI_fake_matching(CYASSL* ssl) +{ + byte type = CYASSL_SNI_HOST_NAME; + char* request = NULL; + char name[] = "ww2.yassl.com"; + word16 length = XSTRLEN(name); + + AssertIntEQ(CYASSL_SNI_FAKE_MATCH, CyaSSL_SNI_Status(ssl, type)); + + AssertIntEQ(length, CyaSSL_SNI_GetRequest(ssl, type, (void**) &request)); + AssertNotNull(request); + AssertStrEQ(name, request); +} + +static void test_CyaSSL_SNI_GetFromBuffer(void) +{ + byte buffer[] = { /* www.paypal.com */ + 0x00, 0x00, 0x00, 0x00, 0xff, 0x01, 0x00, 0x00, 0x60, 0x03, 0x03, 0x5c, + 0xc4, 0xb3, 0x8c, 0x87, 0xef, 0xa4, 0x09, 0xe0, 0x02, 0xab, 0x86, 0xca, + 0x76, 0xf0, 0x9e, 0x01, 0x65, 0xf6, 0xa6, 0x06, 0x13, 0x1d, 0x0f, 0xa5, + 0x79, 0xb0, 0xd4, 0x77, 0x22, 0xeb, 0x1a, 0x00, 0x00, 0x16, 0x00, 0x6b, + 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35, + 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x21, + 0x00, 0x00, 0x00, 0x13, 0x00, 0x11, 0x00, 0x00, 0x0e, 0x77, 0x77, 0x77, + 0x2e, 0x70, 0x61, 0x79, 0x70, 0x61, 0x6c, 0x2e, 0x63, 0x6f, 0x6d, 0x00, + 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 + }; + + byte buffer2[] = { /* api.textmate.org */ + 0x16, 0x03, 0x01, 0x00, 0xc6, 0x01, 0x00, 0x00, 0xc2, 0x03, 0x03, 0x52, + 0x8b, 0x7b, 0xca, 0x69, 0xec, 0x97, 0xd5, 0x08, 0x03, 0x50, 0xfe, 0x3b, + 0x99, 0xc3, 0x20, 0xce, 0xa5, 0xf6, 0x99, 0xa5, 0x71, 0xf9, 0x57, 0x7f, + 0x04, 0x38, 0xf6, 0x11, 0x0b, 0xb8, 0xd3, 0x00, 0x00, 0x5e, 0x00, 0xff, + 0xc0, 0x24, 0xc0, 0x23, 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x07, 0xc0, 0x08, + 0xc0, 0x28, 0xc0, 0x27, 0xc0, 0x14, 0xc0, 0x13, 0xc0, 0x11, 0xc0, 0x12, + 0xc0, 0x26, 0xc0, 0x25, 0xc0, 0x2a, 0xc0, 0x29, 0xc0, 0x05, 0xc0, 0x04, + 0xc0, 0x02, 0xc0, 0x03, 0xc0, 0x0f, 0xc0, 0x0e, 0xc0, 0x0c, 0xc0, 0x0d, + 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x35, + 0x00, 0x0a, 0x00, 0x67, 0x00, 0x6b, 0x00, 0x33, 0x00, 0x39, 0x00, 0x16, + 0x00, 0xaf, 0x00, 0xae, 0x00, 0x8d, 0x00, 0x8c, 0x00, 0x8a, 0x00, 0x8b, + 0x00, 0xb1, 0x00, 0xb0, 0x00, 0x2c, 0x00, 0x3b, 0x01, 0x00, 0x00, 0x3b, + 0x00, 0x00, 0x00, 0x15, 0x00, 0x13, 0x00, 0x00, 0x10, 0x61, 0x70, 0x69, + 0x2e, 0x74, 0x65, 0x78, 0x74, 0x6d, 0x61, 0x74, 0x65, 0x2e, 0x6f, 0x72, + 0x67, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, 0x18, 0x00, + 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x0d, 0x00, 0x0c, 0x00, + 0x0a, 0x05, 0x01, 0x04, 0x01, 0x02, 0x01, 0x04, 0x03, 0x02, 0x03 + }; + + byte buffer3[] = { /* no sni extension */ + 0x16, 0x03, 0x03, 0x00, 0x4d, 0x01, 0x00, 0x00, 0x49, 0x03, 0x03, 0xea, + 0xa1, 0x9f, 0x60, 0xdd, 0x52, 0x12, 0x13, 0xbd, 0x84, 0x34, 0xd5, 0x1c, + 0x38, 0x25, 0xa8, 0x97, 0xd2, 0xd5, 0xc6, 0x45, 0xaf, 0x1b, 0x08, 0xe4, + 0x1e, 0xbb, 0xdf, 0x9d, 0x39, 0xf0, 0x65, 0x00, 0x00, 0x16, 0x00, 0x6b, + 0x00, 0x67, 0x00, 0x39, 0x00, 0x33, 0x00, 0x3d, 0x00, 0x3c, 0x00, 0x35, + 0x00, 0x2f, 0x00, 0x05, 0x00, 0x04, 0x00, 0x0a, 0x01, 0x00, 0x00, 0x0a, + 0x00, 0x0d, 0x00, 0x06, 0x00, 0x04, 0x04, 0x01, 0x02, 0x01 + }; + + byte buffer4[] = { /* last extension has zero size */ + 0x16, 0x03, 0x01, 0x00, 0xba, 0x01, 0x00, 0x00, + 0xb6, 0x03, 0x03, 0x83, 0xa3, 0xe6, 0xdc, 0x16, 0xa1, 0x43, 0xe9, 0x45, + 0x15, 0xbd, 0x64, 0xa9, 0xb6, 0x07, 0xb4, 0x50, 0xc6, 0xdd, 0xff, 0xc2, + 0xd3, 0x0d, 0x4f, 0x36, 0xb4, 0x41, 0x51, 0x61, 0xc1, 0xa5, 0x9e, 0x00, + 0x00, 0x28, 0xcc, 0x14, 0xcc, 0x13, 0xc0, 0x2b, 0xc0, 0x2f, 0x00, 0x9e, + 0xc0, 0x0a, 0xc0, 0x09, 0xc0, 0x13, 0xc0, 0x14, 0xc0, 0x07, 0xc0, 0x11, + 0x00, 0x33, 0x00, 0x32, 0x00, 0x39, 0x00, 0x9c, 0x00, 0x2f, 0x00, 0x35, + 0x00, 0x0a, 0x00, 0x05, 0x00, 0x04, 0x01, 0x00, 0x00, 0x65, 0xff, 0x01, + 0x00, 0x01, 0x00, 0x00, 0x0a, 0x00, 0x08, 0x00, 0x06, 0x00, 0x17, 0x00, + 0x18, 0x00, 0x19, 0x00, 0x0b, 0x00, 0x02, 0x01, 0x00, 0x00, 0x23, 0x00, + 0x00, 0x33, 0x74, 0x00, 0x00, 0x00, 0x10, 0x00, 0x1b, 0x00, 0x19, 0x06, + 0x73, 0x70, 0x64, 0x79, 0x2f, 0x33, 0x08, 0x73, 0x70, 0x64, 0x79, 0x2f, + 0x33, 0x2e, 0x31, 0x08, 0x68, 0x74, 0x74, 0x70, 0x2f, 0x31, 0x2e, 0x31, + 0x75, 0x50, 0x00, 0x00, 0x00, 0x05, 0x00, 0x05, 0x01, 0x00, 0x00, 0x00, + 0x00, 0x00, 0x0d, 0x00, 0x12, 0x00, 0x10, 0x04, 0x01, 0x05, 0x01, 0x02, + 0x01, 0x04, 0x03, 0x05, 0x03, 0x02, 0x03, 0x04, 0x02, 0x02, 0x02, 0x00, + 0x12, 0x00, 0x00 + }; + + byte result[32] = {0}; + word32 length = 32; + + AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer4, sizeof(buffer4), + 0, result, &length)); + + AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer3, sizeof(buffer3), + 0, result, &length)); + + AssertIntEQ(0, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), + 1, result, &length)); + + AssertIntEQ(BUFFER_ERROR, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), + 0, result, &length)); + buffer[0] = 0x16; + + AssertIntEQ(BUFFER_ERROR, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), + 0, result, &length)); + buffer[1] = 0x03; + + AssertIntEQ(BUFFER_ERROR, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), + 0, result, &length)); + buffer[2] = 0x03; + + AssertIntEQ(INCOMPLETE_DATA, CyaSSL_SNI_GetFromBuffer(buffer, + sizeof(buffer), 0, result, &length)); + buffer[4] = 0x64; + + AssertIntEQ(SSL_SUCCESS, CyaSSL_SNI_GetFromBuffer(buffer, sizeof(buffer), + 0, result, &length)); + result[length] = 0; + AssertStrEQ("www.paypal.com", (const char*) result); + + length = 32; + + AssertIntEQ(SSL_SUCCESS, CyaSSL_SNI_GetFromBuffer(buffer2, sizeof(buffer2), + 0, result, &length)); + result[length] = 0; + AssertStrEQ("api.textmate.org", (const char*) result); +} + +void test_CyaSSL_UseSNI(void) +{ + callback_functions client_callbacks = {CyaSSLv23_client_method, 0, 0, 0}; + callback_functions server_callbacks = {CyaSSLv23_server_method, 0, 0, 0}; + + CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + CYASSL *ssl = CyaSSL_new(ctx); + + AssertNotNull(ctx); + AssertNotNull(ssl); + + /* error cases */ + AssertIntNE(SSL_SUCCESS, + CyaSSL_CTX_UseSNI(NULL, 0, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntNE(SSL_SUCCESS, + CyaSSL_UseSNI( NULL, 0, (void *) "ssl", XSTRLEN("ssl"))); + AssertIntNE(SSL_SUCCESS, + CyaSSL_CTX_UseSNI(ctx, -1, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntNE(SSL_SUCCESS, + CyaSSL_UseSNI( ssl, -1, (void *) "ssl", XSTRLEN("ssl"))); + AssertIntNE(SSL_SUCCESS, + CyaSSL_CTX_UseSNI(ctx, 0, (void *) NULL, XSTRLEN("ctx"))); + AssertIntNE(SSL_SUCCESS, + CyaSSL_UseSNI( ssl, 0, (void *) NULL, XSTRLEN("ssl"))); + + /* success case */ + AssertIntEQ(SSL_SUCCESS, + CyaSSL_CTX_UseSNI(ctx, 0, (void *) "ctx", XSTRLEN("ctx"))); + AssertIntEQ(SSL_SUCCESS, + CyaSSL_UseSNI( ssl, 0, (void *) "ssl", XSTRLEN("ssl"))); + + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); + +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) + + /* Testing success case at ctx */ + client_callbacks.ctx_ready = server_callbacks.ctx_ready = use_SNI_at_ctx; + server_callbacks.on_result = verify_SNI_real_matching; + + test_CyaSSL_client_server(&client_callbacks, &server_callbacks); + + /* Testing success case at ssl */ + client_callbacks.ctx_ready = server_callbacks.ctx_ready = NULL; + client_callbacks.ssl_ready = server_callbacks.ssl_ready = use_SNI_at_ssl; + + test_CyaSSL_client_server(&client_callbacks, &server_callbacks); + + /* Testing default mismatch behaviour */ + client_callbacks.ssl_ready = different_SNI_at_ssl; + client_callbacks.on_result = verify_SNI_abort_on_client; + server_callbacks.on_result = verify_SNI_abort_on_server; + + test_CyaSSL_client_server(&client_callbacks, &server_callbacks); + client_callbacks.on_result = NULL; + + /* Testing continue on mismatch */ + client_callbacks.ssl_ready = different_SNI_at_ssl; + server_callbacks.ssl_ready = use_SNI_WITH_CONTINUE_at_ssl; + server_callbacks.on_result = verify_SNI_no_matching; + + test_CyaSSL_client_server(&client_callbacks, &server_callbacks); + + /* Testing fake answer on mismatch */ + server_callbacks.ssl_ready = use_SNI_WITH_FAKE_ANSWER_at_ssl; + server_callbacks.on_result = verify_SNI_fake_matching; + + test_CyaSSL_client_server(&client_callbacks, &server_callbacks); + +#endif + + test_CyaSSL_SNI_GetFromBuffer(); +} +#endif /* HAVE_SNI */ + +#ifdef HAVE_MAX_FRAGMENT +static void test_CyaSSL_UseMaxFragment(void) +{ + CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + CYASSL *ssl = CyaSSL_new(ctx); + + AssertNotNull(ctx); + AssertNotNull(ssl); + + /* error cases */ + AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(NULL, CYASSL_MFL_2_9)); + AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment( NULL, CYASSL_MFL_2_9)); + AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, 0)); + AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, 6)); + AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment(ssl, 0)); + AssertIntNE(SSL_SUCCESS, CyaSSL_UseMaxFragment(ssl, 6)); + + /* success case */ + AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_9)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_10)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_11)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_12)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseMaxFragment(ctx, CYASSL_MFL_2_13)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_9)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_10)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_11)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_12)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_UseMaxFragment( ssl, CYASSL_MFL_2_13)); + + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); +} +#endif /* HAVE_MAX_FRAGMENT */ + +#ifdef HAVE_TRUNCATED_HMAC +static void test_CyaSSL_UseTruncatedHMAC(void) +{ + CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + CYASSL *ssl = CyaSSL_new(ctx); + + AssertNotNull(ctx); + AssertNotNull(ssl); + + /* error cases */ + AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseTruncatedHMAC(NULL)); + AssertIntNE(SSL_SUCCESS, CyaSSL_UseTruncatedHMAC(NULL)); + + /* success case */ + AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_UseTruncatedHMAC(ctx)); + AssertIntEQ(SSL_SUCCESS, CyaSSL_UseTruncatedHMAC(ssl)); + + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); +} +#endif /* HAVE_TRUNCATED_HMAC */ + +#ifdef HAVE_SUPPORTED_CURVES +static void test_CyaSSL_UseSupportedCurve(void) +{ + CYASSL_CTX *ctx = CyaSSL_CTX_new(CyaSSLv23_client_method()); + CYASSL *ssl = CyaSSL_new(ctx); + + AssertNotNull(ctx); + AssertNotNull(ssl); + +#ifndef NO_CYASSL_CLIENT + /* error cases */ + AssertIntNE(SSL_SUCCESS, + CyaSSL_CTX_UseSupportedCurve(NULL, CYASSL_ECC_SECP160R1)); + AssertIntNE(SSL_SUCCESS, CyaSSL_CTX_UseSupportedCurve(ctx, 0)); + + AssertIntNE(SSL_SUCCESS, + CyaSSL_UseSupportedCurve(NULL, CYASSL_ECC_SECP160R1)); + AssertIntNE(SSL_SUCCESS, CyaSSL_UseSupportedCurve(ssl, 0)); + + /* success case */ + AssertIntEQ(SSL_SUCCESS, + CyaSSL_CTX_UseSupportedCurve(ctx, CYASSL_ECC_SECP160R1)); + AssertIntEQ(SSL_SUCCESS, + CyaSSL_UseSupportedCurve(ssl, CYASSL_ECC_SECP160R1)); +#endif + + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); +} +#endif /* HAVE_SUPPORTED_CURVES */ + +#if !defined(NO_FILESYSTEM) && !defined(NO_CERTS) /* Helper for testing CyaSSL_CTX_use_certificate_file() */ int test_ucf(CYASSL_CTX *ctx, const char* file, int type, int cond, const char* name) @@ -237,6 +652,8 @@ int test_CyaSSL_CTX_use_certificate_file(void) failure */ /* Then set the parameters to legit values but set each item to bogus and call again. Finish with a successful success. */ + /* If the build is configured to not have RSA, loading the + certificate files will fail. */ test_ucf(NULL, NULL, 9999, SSL_FAILURE, "CyaSSL_CTX_use_certificate_file(NULL, NULL, 9999)"); @@ -246,8 +663,13 @@ int test_CyaSSL_CTX_use_certificate_file(void) "CyaSSL_CTX_use_certificate_file(ctx, bogusFile, SSL_FILETYPE_PEM)"); test_ucf(ctx, svrCert, 9999, SSL_FAILURE, "CyaSSL_CTX_use_certificate_file(ctx, svrCert, 9999)"); +#ifndef NO_RSA test_ucf(ctx, svrCert, SSL_FILETYPE_PEM, SSL_SUCCESS, "CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)"); +#else + test_ucf(ctx, svrCert, SSL_FILETYPE_PEM, SSL_FAILURE, + "NO_RSA: CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)"); +#endif CyaSSL_CTX_free(ctx); return TEST_SUCCESS; @@ -358,13 +780,20 @@ int test_CyaSSL_CTX_load_verify_locations(void) /* Add a test for the certs directory path loading. */ /* There is a leak here. If you load a second cert, the first one is lost. */ +#ifndef NO_RSA test_lvl(ctx, caCert, 0, SSL_SUCCESS, "CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)"); +#else + test_lvl(ctx, caCert, 0, SSL_FAILURE, + "NO_RSA: CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)"); +#endif CyaSSL_CTX_free(ctx); return TEST_SUCCESS; } +#ifndef NO_RSA + int test_server_CyaSSL_new(void) { int result; @@ -504,6 +933,8 @@ int test_client_CyaSSL_new(void) } +#ifndef SINGLE_THREADED + static int test_CyaSSL_read_write(void) { /* The unit testing for read and write shall happen simutaneously, since @@ -535,6 +966,7 @@ static int test_CyaSSL_read_write(void) InitTcpReady(&ready); server_args.signal = &ready; + client_args.signal = &ready; start_thread(test_server_nofail, &server_args, &serverThread); wait_tcp_ready(&server_args); test_client_nofail(&client_args); @@ -554,13 +986,15 @@ static int test_CyaSSL_read_write(void) FreeTcpReady(&ready); return test_result; -}; +} +#endif THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args) { SOCKET_T sockfd = 0; - int clientfd = 0; + SOCKET_T clientfd = 0; + word16 port = yasslPort; CYASSL_METHOD* method = 0; CYASSL_CTX* ctx = 0; @@ -574,6 +1008,11 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args) method = CyaSSLv23_server_method(); ctx = CyaSSL_CTX_new(method); +#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \ + !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL) + port = 0; +#endif + CyaSSL_CTX_set_verify(ctx, SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); @@ -584,45 +1023,45 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args) if (CyaSSL_CTX_load_verify_locations(ctx, cliCert, 0) != SSL_SUCCESS) { /*err_sys("can't load ca file, Please run from CyaSSL home dir");*/ - return 0; + goto done; } if (CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) { /*err_sys("can't load server cert chain file, " "Please run from CyaSSL home dir");*/ - return 0; + goto done; } if (CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) { /*err_sys("can't load server key file, " "Please run from CyaSSL home dir");*/ - return 0; + goto done; } ssl = CyaSSL_new(ctx); - tcp_accept(&sockfd, &clientfd, (func_args*)args, yasslPort, 0, 0); + tcp_accept(&sockfd, &clientfd, (func_args*)args, port, 0, 0); CloseSocket(sockfd); CyaSSL_set_fd(ssl, clientfd); #ifdef NO_PSK - #if !defined(NO_FILESYSTEM) && defined(OPENSSL_EXTRA) + #if !defined(NO_FILESYSTEM) && !defined(NO_DH) CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); - #else + #elif !defined(NO_DH) SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */ #endif #endif if (CyaSSL_accept(ssl) != SSL_SUCCESS) { int err = CyaSSL_get_error(ssl, 0); - char buffer[80]; + char buffer[CYASSL_MAX_ERROR_SZ]; printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer)); /*err_sys("SSL_accept failed");*/ - return 0; + goto done; } - idx = CyaSSL_read(ssl, input, sizeof(input)); + idx = CyaSSL_read(ssl, input, sizeof(input)-1); if (idx > 0) { input[idx] = 0; printf("Client message: %s\n", input); @@ -634,6 +1073,7 @@ THREAD_RETURN CYASSL_THREAD test_server_nofail(void* args) return 0; } +done: CyaSSL_shutdown(ssl); CyaSSL_free(ssl); CyaSSL_CTX_free(ctx); @@ -654,10 +1094,7 @@ void test_client_nofail(void* args) char msg[64] = "hello cyassl!"; char reply[1024]; int input; - int msgSz = strlen(msg); - - int argc = ((func_args*)args)->argc; - char** argv = ((func_args*)args)->argv; + int msgSz = (int)strlen(msg); ((func_args*)args)->return_code = TEST_FAIL; method = CyaSSLv23_client_method(); @@ -670,56 +1107,234 @@ void test_client_nofail(void* args) if (CyaSSL_CTX_load_verify_locations(ctx, caCert, 0) != SSL_SUCCESS) { /* err_sys("can't load ca file, Please run from CyaSSL home dir");*/ - return; + goto done2; } if (CyaSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM) != SSL_SUCCESS) { /*err_sys("can't load client cert file, " "Please run from CyaSSL home dir");*/ - return; + goto done2; } if (CyaSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM) != SSL_SUCCESS) { /*err_sys("can't load client key file, " "Please run from CyaSSL home dir");*/ - return; + goto done2; } - tcp_connect(&sockfd, yasslIP, yasslPort, 0); + tcp_connect(&sockfd, yasslIP, ((func_args*)args)->signal->port, 0); ssl = CyaSSL_new(ctx); CyaSSL_set_fd(ssl, sockfd); if (CyaSSL_connect(ssl) != SSL_SUCCESS) { int err = CyaSSL_get_error(ssl, 0); - char buffer[80]; + char buffer[CYASSL_MAX_ERROR_SZ]; printf("err = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer)); /*printf("SSL_connect failed");*/ - return; + goto done2; } if (CyaSSL_write(ssl, msg, msgSz) != msgSz) { /*err_sys("SSL_write failed");*/ - return; + goto done2; } - input = CyaSSL_read(ssl, reply, sizeof(reply)); + input = CyaSSL_read(ssl, reply, sizeof(reply)-1); if (input > 0) { reply[input] = 0; printf("Server response: %s\n", reply); } +done2: + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); + + CloseSocket(sockfd); ((func_args*)args)->return_code = TEST_SUCCESS; return; } +void run_cyassl_client(void* args) +{ + callback_functions* callbacks = ((func_args*)args)->callbacks; + + CYASSL_CTX* ctx = CyaSSL_CTX_new(callbacks->method()); + CYASSL* ssl = NULL; + SOCKET_T sfd = 0; + char msg[] = "hello cyassl server!"; + int len = (int) XSTRLEN(msg); + char input[1024]; + int idx; + ((func_args*)args)->return_code = TEST_FAIL; -#endif /* NO_FILESYSTEM */ +#ifdef OPENSSL_EXTRA + CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + + AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_load_verify_locations(ctx, caCert, 0)); + AssertIntEQ(SSL_SUCCESS, + CyaSSL_CTX_use_certificate_file(ctx, cliCert, SSL_FILETYPE_PEM)); + AssertIntEQ(SSL_SUCCESS, + CyaSSL_CTX_use_PrivateKey_file(ctx, cliKey, SSL_FILETYPE_PEM)); + + if (callbacks->ctx_ready) + callbacks->ctx_ready(ctx); + + tcp_connect(&sfd, yasslIP, ((func_args*)args)->signal->port, 0); + + ssl = CyaSSL_new(ctx); + CyaSSL_set_fd(ssl, sfd); + + if (callbacks->ssl_ready) + callbacks->ssl_ready(ssl); + + if (CyaSSL_connect(ssl) != SSL_SUCCESS) { + int err = CyaSSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer)); + + } else { + AssertIntEQ(len, CyaSSL_write(ssl, msg, len)); + + if (0 < (idx = CyaSSL_read(ssl, input, sizeof(input)-1))) { + input[idx] = 0; + printf("Server response: %s\n", input); + } + } + + if (callbacks->on_result) + callbacks->on_result(ssl); + + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); + CloseSocket(sfd); + ((func_args*)args)->return_code = TEST_SUCCESS; +} + +THREAD_RETURN CYASSL_THREAD run_cyassl_server(void* args) +{ + callback_functions* callbacks = ((func_args*)args)->callbacks; + + CYASSL_CTX* ctx = CyaSSL_CTX_new(callbacks->method()); + CYASSL* ssl = NULL; + SOCKET_T sfd = 0; + SOCKET_T cfd = 0; + word16 port = yasslPort; + + char msg[] = "I hear you fa shizzle!"; + int len = (int) XSTRLEN(msg); + char input[1024]; + int idx; + + ((func_args*)args)->return_code = TEST_FAIL; + +#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API) && \ + !defined(CYASSL_SNIFFER) && !defined(CYASSL_MDK_SHELL) + port = 0; +#endif + + CyaSSL_CTX_set_verify(ctx, + SSL_VERIFY_PEER | SSL_VERIFY_FAIL_IF_NO_PEER_CERT, 0); + +#ifdef OPENSSL_EXTRA + CyaSSL_CTX_set_default_passwd_cb(ctx, PasswordCallBack); +#endif + + + AssertIntEQ(SSL_SUCCESS, CyaSSL_CTX_load_verify_locations(ctx, cliCert, 0)); + + AssertIntEQ(SSL_SUCCESS, + CyaSSL_CTX_use_certificate_file(ctx, svrCert, SSL_FILETYPE_PEM)); + + AssertIntEQ(SSL_SUCCESS, + CyaSSL_CTX_use_PrivateKey_file(ctx, svrKey, SSL_FILETYPE_PEM)); + + if (callbacks->ctx_ready) + callbacks->ctx_ready(ctx); + + ssl = CyaSSL_new(ctx); + + tcp_accept(&sfd, &cfd, (func_args*)args, port, 0, 0); + CloseSocket(sfd); + + CyaSSL_set_fd(ssl, cfd); + +#ifdef NO_PSK + #if !defined(NO_FILESYSTEM) && !defined(NO_DH) + CyaSSL_SetTmpDH_file(ssl, dhParam, SSL_FILETYPE_PEM); + #elif !defined(NO_DH) + SetDH(ssl); /* will repick suites with DHE, higher priority than PSK */ + #endif +#endif + + if (callbacks->ssl_ready) + callbacks->ssl_ready(ssl); + + /* AssertIntEQ(SSL_SUCCESS, CyaSSL_accept(ssl)); */ + if (CyaSSL_accept(ssl) != SSL_SUCCESS) { + int err = CyaSSL_get_error(ssl, 0); + char buffer[CYASSL_MAX_ERROR_SZ]; + printf("error = %d, %s\n", err, CyaSSL_ERR_error_string(err, buffer)); + + } else { + if (0 < (idx = CyaSSL_read(ssl, input, sizeof(input)-1))) { + input[idx] = 0; + printf("Client message: %s\n", input); + } + + AssertIntEQ(len, CyaSSL_write(ssl, msg, len)); + + CyaSSL_shutdown(ssl); + } + + if (callbacks->on_result) + callbacks->on_result(ssl); + + CyaSSL_free(ssl); + CyaSSL_CTX_free(ctx); + CloseSocket(cfd); + + ((func_args*)args)->return_code = TEST_SUCCESS; + + return 0; +} + +void test_CyaSSL_client_server(callback_functions* client_callbacks, + callback_functions* server_callbacks) +{ + tcp_ready ready; + func_args client_args; + func_args server_args; + THREAD_TYPE serverThread; + + StartTCP(); + + client_args.callbacks = client_callbacks; + server_args.callbacks = server_callbacks; + + /* RUN Server side */ + InitTcpReady(&ready); + server_args.signal = &ready; + client_args.signal = &ready; + start_thread(run_cyassl_server, &server_args, &serverThread); + wait_tcp_ready(&server_args); + + /* RUN Client side */ + run_cyassl_client(&client_args); + join_thread(serverThread); + + FreeTcpReady(&ready); +} + +#endif /* SINGLE_THREADED*/ + +#endif /* NO_FILESYSTEM */ diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/hash.c b/FreeRTOS-Plus/Source/CyaSSL/tests/hash.c index b3a6cc962..e8a7e6df5 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/hash.c +++ b/FreeRTOS-Plus/Source/CyaSSL/tests/hash.c @@ -1,6 +1,6 @@ /* hash.c has unit tests * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,13 +16,15 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif +#include + #include #include @@ -36,8 +38,8 @@ #include typedef struct testVector { - char* input; - char* output; + const char* input; + const char* output; size_t inLen; size_t outLen; } testVector; @@ -49,7 +51,10 @@ int sha256_test(void); int sha512_test(void); int sha384_test(void); int ripemd_test(void); -int hmac_test(void); +int hmac_md5_test(void); +int hmac_sha_test(void); +int hmac_sha256_test(void); +int hmac_sha384_test(void); int HashTest(void) { @@ -65,17 +70,21 @@ int HashTest(void) printf( " MD4 test passed!\n"); #endif +#ifndef NO_MD5 if ( (ret = md5_test()) ) { printf( " MD5 test failed!\n"); return ret; } else printf( " MD5 test passed!\n"); +#endif +#ifndef NO_SHA if ( (ret = sha_test()) ) { printf( " SHA test failed!\n"); return ret; } else printf( " SHA test passed!\n"); +#endif #ifndef NO_SHA256 if ( (ret = sha256_test()) ) { @@ -110,11 +119,32 @@ int HashTest(void) #endif #ifndef NO_HMAC - if ( (ret = hmac_test()) ) { - printf( " HMAC test failed!\n"); - return ret; - } else - printf( " HMAC test passed!\n"); + #ifndef NO_MD5 + if ( (ret = hmac_md5_test()) ) { + printf( " HMAC-MD5 test failed!\n"); + return ret; + } else + printf( " HMAC-MD5 test passed!\n"); + #endif + + if ( (ret = hmac_sha_test()) ) + printf( " HMAC-SHA test failed!\n"); + else + printf( " HMAC-SHA test passed!\n"); + + #ifndef NO_SHA256 + if ( (ret = hmac_sha256_test()) ) + printf( " HMAC-SHA256 test failed!\n"); + else + printf( " HMAC-SHA256 test passed!\n"); + #endif + + #ifdef CYASSL_SHA384 + if ( (ret = hmac_sha384_test()) ) + printf( " HMAC-SHA384 test failed!\n"); + else + printf( " HMAC-SHA384 test passed!\n"); + #endif #endif printf(" End HASH Tests\n"); @@ -200,6 +230,8 @@ int md4_test(void) #endif /* NO_MD4 */ +#ifndef NO_MD5 + int md5_test(void) { Md5 md5; @@ -260,6 +292,9 @@ int md5_test(void) return 0; } +#endif /* NO_MD5 */ + +#ifndef NO_SHA int sha_test(void) { Sha sha; @@ -267,6 +302,7 @@ int sha_test(void) testVector a, b, c, d; testVector test_sha[4]; + int ret = 0; int times = sizeof(test_sha) / sizeof(struct testVector), i; a.input = "abc"; @@ -301,7 +337,9 @@ int sha_test(void) test_sha[2] = c; test_sha[3] = d; - InitSha(&sha); + ret = InitSha(&sha); + if (ret != 0) + return ret; for (i = 0; i < times; ++i) { ShaUpdate(&sha, (byte*)test_sha[i].input, (word32)test_sha[i].inLen); @@ -313,6 +351,7 @@ int sha_test(void) return 0; } +#endif /* NO_SHA */ #ifndef NO_SHA256 int sha256_test(void) @@ -322,6 +361,7 @@ int sha256_test(void) testVector a, b; testVector test_sha[2]; + int ret; int times = sizeof(test_sha) / sizeof(struct testVector), i; a.input = "abc"; @@ -341,11 +381,18 @@ int sha256_test(void) test_sha[0] = a; test_sha[1] = b; - InitSha256(&sha); + ret = InitSha256(&sha); + if (ret != 0) + return ret; for (i = 0; i < times; ++i) { - Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - Sha256Final(&sha, hash); + ret = Sha256Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return ret; + + ret = Sha256Final(&sha, hash); + if (ret != 0) + return ret; if (memcmp(hash, test_sha[i].output, SHA256_DIGEST_SIZE) != 0) return -10 - i; @@ -364,6 +411,7 @@ int sha512_test(void) testVector a, b; testVector test_sha[2]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + int ret; a.input = "abc"; a.output = "\xdd\xaf\x35\xa1\x93\x61\x7a\xba\xcc\x41\x73\x49\xae\x20\x41" @@ -387,11 +435,18 @@ int sha512_test(void) test_sha[0] = a; test_sha[1] = b; - InitSha512(&sha); + ret = InitSha512(&sha); + if (ret != 0) + return ret; for (i = 0; i < times; ++i) { - Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - Sha512Final(&sha, hash); + ret = Sha512Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return ret; + + ret = Sha512Final(&sha, hash); + if (ret != 0) + return ret; if (memcmp(hash, test_sha[i].output, SHA512_DIGEST_SIZE) != 0) return -10 - i; @@ -410,6 +465,7 @@ int sha384_test() testVector a, b; testVector test_sha[2]; int times = sizeof(test_sha) / sizeof(struct testVector), i; + int ret; a.input = "abc"; a.output = "\xcb\x00\x75\x3f\x45\xa3\x5e\x8b\xb5\xa0\x3d\x69\x9a\xc6\x50" @@ -431,11 +487,18 @@ int sha384_test() test_sha[0] = a; test_sha[1] = b; - InitSha384(&sha); + ret = InitSha384(&sha); + if (ret != 0) + return ret; for (i = 0; i < times; ++i) { - Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); - Sha384Final(&sha, hash); + ret = Sha384Update(&sha, (byte*)test_sha[i].input,(word32)test_sha[i].inLen); + if (ret != 0) + return ret; + + ret = Sha384Final(&sha, hash); + if (ret != 0) + return ret; if (memcmp(hash, test_sha[i].output, SHA384_DIGEST_SIZE) != 0) return -10 - i; @@ -500,8 +563,8 @@ int ripemd_test(void) } #endif /* CYASSL_RIPEMD */ -#ifndef NO_HMAC -int hmac_test(void) +#if !defined(NO_HMAC) && !defined(NO_MD5) +int hmac_md5_test(void) { Hmac hmac; byte hash[MD5_DIGEST_SIZE]; @@ -516,6 +579,7 @@ int hmac_test(void) testVector a, b, c; testVector test_hmac[3]; + int ret; int times = sizeof(test_hmac) / sizeof(testVector), i; a.input = "Hi There"; @@ -544,10 +608,20 @@ int hmac_test(void) test_hmac[2] = c; for (i = 0; i < times; ++i) { - HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); - HmacUpdate(&hmac, (byte*)test_hmac[i].input, +#if defined(HAVE_FIPS) + if (i == 1) + continue; /* fips not allowed */ +#endif + ret = HmacSetKey(&hmac, MD5, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4014; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, (word32)test_hmac[i].inLen); - HmacFinal(&hmac, hash); + if (ret != 0) + return -4015; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4016; if (memcmp(hash, test_hmac[i].output, MD5_DIGEST_SIZE) != 0) return -20 - i; @@ -557,3 +631,223 @@ int hmac_test(void) } #endif +#ifndef NO_HMAC +int hmac_sha_test(void) +{ + Hmac hmac; + byte hash[SHA_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xb6\x17\x31\x86\x55\x05\x72\x64\xe2\x8b\xc0\xb6\xfb\x37\x8c" + "\x8e\xf1\x46\xbe\x00"; + a.inLen = strlen(a.input); + a.outLen = strlen(a.output); + + b.input = "what do ya want for nothing?"; + b.output = "\xef\xfc\xdf\x6a\xe5\xeb\x2f\xa2\xd2\x74\x16\xd5\xf1\x84\xdf" + "\x9c\x25\x9a\x7c\x79"; + b.inLen = strlen(b.input); + b.outLen = strlen(b.output); + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x12\x5d\x73\x42\xb9\xac\x11\xcd\x91\xa3\x9a\xf4\x8a\xa1\x7b" + "\x4f\x63\xf1\x75\xd3"; + c.inLen = strlen(c.input); + c.outLen = strlen(c.output); + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) + if (i == 1) + continue; /* fips not allowed */ +#endif + ret = HmacSetKey(&hmac, SHA, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4017; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4018; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4019; + + if (memcmp(hash, test_hmac[i].output, SHA_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + +#if !defined(NO_HMAC) && !defined(NO_SHA256) +int hmac_sha256_test(void) +{ + Hmac hmac; + byte hash[SHA256_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xb0\x34\x4c\x61\xd8\xdb\x38\x53\x5c\xa8\xaf\xce\xaf\x0b\xf1" + "\x2b\x88\x1d\xc2\x00\xc9\x83\x3d\xa7\x26\xe9\x37\x6c\x2e\x32" + "\xcf\xf7"; + a.inLen = strlen(a.input); + a.outLen = strlen(a.output); + + b.input = "what do ya want for nothing?"; + b.output = "\x5b\xdc\xc1\x46\xbf\x60\x75\x4e\x6a\x04\x24\x26\x08\x95\x75" + "\xc7\x5a\x00\x3f\x08\x9d\x27\x39\x83\x9d\xec\x58\xb9\x64\xec" + "\x38\x43"; + b.inLen = strlen(b.input); + b.outLen = strlen(b.output); + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x77\x3e\xa9\x1e\x36\x80\x0e\x46\x85\x4d\xb8\xeb\xd0\x91\x81" + "\xa7\x29\x59\x09\x8b\x3e\xf8\xc1\x22\xd9\x63\x55\x14\xce\xd5" + "\x65\xfe"; + c.inLen = strlen(c.input); + c.outLen = strlen(c.output); + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) + if (i == 1) + continue; /* fips not allowed */ +#endif + ret = HmacSetKey(&hmac,SHA256, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4020; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4021; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4022; + + if (memcmp(hash, test_hmac[i].output, SHA256_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + + +#if !defined(NO_HMAC) && defined(CYASSL_SHA384) +int hmac_sha384_test(void) +{ + Hmac hmac; + byte hash[SHA384_DIGEST_SIZE]; + + const char* keys[]= + { + "\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b\x0b" + "\x0b\x0b\x0b", + "Jefe", + "\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA\xAA" + "\xAA\xAA\xAA" + }; + + testVector a, b, c; + testVector test_hmac[3]; + + int ret; + int times = sizeof(test_hmac) / sizeof(testVector), i; + + a.input = "Hi There"; + a.output = "\xaf\xd0\x39\x44\xd8\x48\x95\x62\x6b\x08\x25\xf4\xab\x46\x90" + "\x7f\x15\xf9\xda\xdb\xe4\x10\x1e\xc6\x82\xaa\x03\x4c\x7c\xeb" + "\xc5\x9c\xfa\xea\x9e\xa9\x07\x6e\xde\x7f\x4a\xf1\x52\xe8\xb2" + "\xfa\x9c\xb6"; + a.inLen = strlen(a.input); + a.outLen = strlen(a.output); + + b.input = "what do ya want for nothing?"; + b.output = "\xaf\x45\xd2\xe3\x76\x48\x40\x31\x61\x7f\x78\xd2\xb5\x8a\x6b" + "\x1b\x9c\x7e\xf4\x64\xf5\xa0\x1b\x47\xe4\x2e\xc3\x73\x63\x22" + "\x44\x5e\x8e\x22\x40\xca\x5e\x69\xe2\xc7\x8b\x32\x39\xec\xfa" + "\xb2\x16\x49"; + b.inLen = strlen(b.input); + b.outLen = strlen(b.output); + + c.input = "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD\xDD" + "\xDD\xDD\xDD\xDD\xDD\xDD"; + c.output = "\x88\x06\x26\x08\xd3\xe6\xad\x8a\x0a\xa2\xac\xe0\x14\xc8\xa8" + "\x6f\x0a\xa6\x35\xd9\x47\xac\x9f\xeb\xe8\x3e\xf4\xe5\x59\x66" + "\x14\x4b\x2a\x5a\xb3\x9d\xc1\x38\x14\xb9\x4e\x3a\xb6\xe1\x01" + "\xa3\x4f\x27"; + c.inLen = strlen(c.input); + c.outLen = strlen(c.output); + + test_hmac[0] = a; + test_hmac[1] = b; + test_hmac[2] = c; + + for (i = 0; i < times; ++i) { +#if defined(HAVE_FIPS) + if (i == 1) + continue; /* fips not allowed */ +#endif + ret = HmacSetKey(&hmac,SHA384, (byte*)keys[i], (word32)strlen(keys[i])); + if (ret != 0) + return -4023; + ret = HmacUpdate(&hmac, (byte*)test_hmac[i].input, + (word32)test_hmac[i].inLen); + if (ret != 0) + return -4024; + ret = HmacFinal(&hmac, hash); + if (ret != 0) + return -4025; + + if (memcmp(hash, test_hmac[i].output, SHA384_DIGEST_SIZE) != 0) + return -20 - i; + } + + return 0; +} +#endif + diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/include.am b/FreeRTOS-Plus/Source/CyaSSL/tests/include.am index d62e3f98a..8fcc542cf 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/tests/include.am @@ -3,26 +3,21 @@ # All paths should be given relative to the root -check_PROGRAMS += tests/unit -noinst_PROGRAMS += tests/unit -tests_unit_SOURCES = \ - tests/unit.c \ - tests/api.c \ - tests/suites.c \ +if BUILD_EXAMPLES +check_PROGRAMS += tests/unit.test +noinst_PROGRAMS += tests/unit.test +tests_unit_test_SOURCES = \ + tests/unit.c \ + tests/api.c \ + tests/suites.c \ tests/hash.c \ - examples/client/client.c \ - examples/server/server.c -tests_unit_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) $(PTHREAD_CFLAGS) -tests_unit_LDADD = src/libcyassl.la $(PTHREAD_LIBS) -tests_unit_DEPENDENCIES = src/libcyassl.la + examples/client/client.c \ + examples/server/server.c +tests_unit_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) +tests_unit_test_LDADD = src/libcyassl.la +tests_unit_test_DEPENDENCIES = src/libcyassl.la +endif EXTRA_DIST += tests/unit.h EXTRA_DIST += tests/test.conf \ - tests/test-openssl.conf \ - tests/test-hc128.conf \ - tests/test-psk.conf \ - tests/test-ntru.conf \ - tests/test-ecc.conf \ - tests/test-aesgcm.conf \ - tests/test-aesgcm-ecc.conf \ - tests/test-aesgcm-openssl.conf \ tests/test-dtls.conf +DISTCLEANFILES+= tests/.libs/unit.test diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/suites.c b/FreeRTOS-Plus/Source/CyaSSL/tests/suites.c index 6e59ed8af..aeb4fd24d 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/suites.c +++ b/FreeRTOS-Plus/Source/CyaSSL/tests/suites.c @@ -1,6 +1,6 @@ /* suites.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,46 +16,207 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + #include #include +#include #include #include #define MAX_ARGS 40 #define MAX_COMMAND_SZ 240 +#define MAX_SUITE_SZ 80 +#define NOT_BUILT_IN -123 +#ifdef NO_OLD_TLS + #define VERSION_TOO_OLD -124 +#endif + +#include "examples/client/client.h" +#include "examples/server/server.h" + + +static CYASSL_CTX* cipherSuiteCtx = NULL; +static char nonblockFlag[] = "-N"; +static char noVerifyFlag[] = "-d"; +static char portFlag[] = "-p"; +static char flagSep[] = " "; +static char svrPort[] = "0"; + + +#ifdef NO_OLD_TLS +/* if the protocol version is less than tls 1.2 return 1, else 0 */ +static int IsOldTlsVersion(const char* line) +{ + const char* find = "-v "; + char* begin = strstr(line, find); + + if (begin) { + int version = -1; + + begin += 3; + + version = atoi(begin); + + if (version < 3) + return 1; + } + + return 0; +} +#endif /* NO_OLD_TLS */ + + +/* if the cipher suite on line is valid store in suite and return 1, else 0 */ +static int IsValidCipherSuite(const char* line, char* suite) +{ + int found = 0; + int valid = 0; + + const char* find = "-l "; + const char* begin = strstr(line, find); + const char* end; + + suite[0] = '\0'; + if (begin) { + begin += 3; + + end = strstr(begin, " "); + + if (end) { + long len = end - begin; + if (len > MAX_SUITE_SZ) { + printf("suite too long!\n"); + return 0; + } + memcpy(suite, begin, len); + suite[len] = '\0'; + } + else + strncpy(suite, begin, MAX_SUITE_SZ); + + suite[MAX_SUITE_SZ] = '\0'; + found = 1; + } + + if (found) { + if (CyaSSL_CTX_set_cipher_list(cipherSuiteCtx, suite) == SSL_SUCCESS) + valid = 1; + } -void client_test(void*); -THREAD_RETURN CYASSL_THREAD server_test(void*); + return valid; +} -static void execute_test_case(int svr_argc, char** svr_argv, - int cli_argc, char** cli_argv) +static int execute_test_case(int svr_argc, char** svr_argv, + int cli_argc, char** cli_argv, + int addNoVerify, int addNonBlocking) { - func_args cliArgs = {cli_argc, cli_argv, 0, NULL}; - func_args svrArgs = {svr_argc, svr_argv, 0, NULL}; + func_args cliArgs = {cli_argc, cli_argv, 0, NULL, NULL}; + func_args svrArgs = {svr_argc, svr_argv, 0, NULL, NULL}; tcp_ready ready; THREAD_TYPE serverThread; char commandLine[MAX_COMMAND_SZ]; + char cipherSuite[MAX_SUITE_SZ+1]; int i; + size_t added = 0; static int tests = 1; commandLine[0] = '\0'; for (i = 0; i < svr_argc; i++) { + added += strlen(svr_argv[i]) + 2; + if (added >= MAX_COMMAND_SZ) { + printf("server command line too long\n"); + break; + } strcat(commandLine, svr_argv[i]); - strcat(commandLine, " "); + strcat(commandLine, flagSep); + } + + if (IsValidCipherSuite(commandLine, cipherSuite) == 0) { + #ifdef DEBUG_SUITE_TESTS + printf("cipher suite %s not supported in build\n", cipherSuite); + #endif + return NOT_BUILT_IN; + } + +#ifdef NO_OLD_TLS + if (IsOldTlsVersion(commandLine) == 1) { + #ifdef DEBUG_SUITE_TESTS + printf("protocol version on line %s is too old\n", commandLine); + #endif + return VERSION_TOO_OLD; + } +#endif + + if (addNoVerify) { + printf("repeating test with client cert request off\n"); + added += 4; /* -d plus space plus terminator */ + if (added >= MAX_COMMAND_SZ || svr_argc >= MAX_ARGS) + printf("server command line too long\n"); + else { + svr_argv[svr_argc++] = noVerifyFlag; + svrArgs.argc = svr_argc; + strcat(commandLine, noVerifyFlag); + strcat(commandLine, flagSep); + } } + if (addNonBlocking) { + printf("repeating test with non blocking on\n"); + added += 4; /* -N plus terminator */ + if (added >= MAX_COMMAND_SZ || svr_argc >= MAX_ARGS) + printf("server command line too long\n"); + else { + svr_argv[svr_argc++] = nonblockFlag; + svrArgs.argc = svr_argc; + strcat(commandLine, nonblockFlag); + strcat(commandLine, flagSep); + } + } + #ifndef USE_WINDOWS_API + /* add port 0 */ + if (svr_argc + 2 > MAX_ARGS) + printf("cannot add the magic port number flag to server\n"); + else + { + svr_argv[svr_argc++] = portFlag; + svr_argv[svr_argc++] = svrPort; + svrArgs.argc = svr_argc; + } + #endif printf("trying server command line[%d]: %s\n", tests, commandLine); commandLine[0] = '\0'; + added = 0; for (i = 0; i < cli_argc; i++) { + added += strlen(cli_argv[i]) + 2; + if (added >= MAX_COMMAND_SZ) { + printf("client command line too long\n"); + break; + } strcat(commandLine, cli_argv[i]); - strcat(commandLine, " "); + strcat(commandLine, flagSep); + } + if (addNonBlocking) { + added += 4; /* -N plus space plus terminator */ + if (added >= MAX_COMMAND_SZ) + printf("client command line too long\n"); + else { + cli_argv[cli_argc++] = nonblockFlag; + strcat(commandLine, nonblockFlag); + strcat(commandLine, flagSep); + cliArgs.argc = cli_argc; + } } printf("trying client command line[%d]: %s\n", tests++, commandLine); @@ -65,7 +226,20 @@ static void execute_test_case(int svr_argc, char** svr_argv, svrArgs.signal = &ready; start_thread(server_test, &svrArgs, &serverThread); wait_tcp_ready(&svrArgs); - + #ifndef USE_WINDOWS_API + if (ready.port != 0) + { + if (cli_argc + 2 > MAX_ARGS) + printf("cannot add the magic port number flag to client\n"); + else { + char portNumber[8]; + snprintf(portNumber, sizeof(portNumber), "%d", ready.port); + cli_argv[cli_argc++] = portFlag; + cli_argv[cli_argc++] = portNumber; + cliArgs.argc = cli_argc; + } + } + #endif /* start client */ client_test(&cliArgs); @@ -82,15 +256,17 @@ static void execute_test_case(int svr_argc, char** svr_argv, } FreeTcpReady(&ready); - + + return 0; } -void test_harness(void* vargs) +static void test_harness(void* vargs) { func_args* args = (func_args*)vargs; char* script; long sz, len; int cliMode = 0; /* server or client command flag, server first */ + int ret; FILE* file; char* svrArgs[MAX_ARGS]; int svrArgsSz; @@ -98,8 +274,7 @@ void test_harness(void* vargs) int cliArgsSz; char* cursor; char* comment; - char* fname = "tests/test.conf"; - + const char* fname = "tests/test.conf"; if (args->argc == 1) { printf("notice: using default file %s\n", fname); @@ -122,7 +297,7 @@ void test_harness(void* vargs) fseek(file, 0, SEEK_END); sz = ftell(file); rewind(file); - if (sz == 0) { + if (sz <= 0) { fprintf(stderr, "%s is empty\n", fname); fclose(file); args->return_code = 1; @@ -141,6 +316,7 @@ void test_harness(void* vargs) if (len != sz) { fprintf(stderr, "read error\n"); fclose(file); + free(script); args->return_code = 1; return; } @@ -170,7 +346,11 @@ void test_harness(void* vargs) case '#': /* Ignore lines that start with a #. */ comment = strsep(&cursor, "\n"); +#ifdef DEBUG_SUITE_TESTS printf("%s\n", comment); +#else + (void)comment; +#endif break; case '-': /* Parameters start with a -. They end in either a newline @@ -198,7 +378,13 @@ void test_harness(void* vargs) } if (do_it) { - execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs); + ret = execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs,0,0); + /* don't repeat if not supported in build */ + if (ret == 0) { + execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 0, 1); + execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 1, 0); + execute_test_case(svrArgsSz, svrArgs, cliArgsSz, cliArgs, 1, 1); + } svrArgsSz = 1; cliArgsSz = 1; cliMode = 0; @@ -213,7 +399,7 @@ void test_harness(void* vargs) int SuiteTest(void) { func_args args; - char argv0[2][32]; + char argv0[2][80]; char* myArgv[2]; printf(" Begin Cipher Suite Tests\n"); @@ -224,6 +410,14 @@ int SuiteTest(void) args.argv = myArgv; strcpy(argv0[0], "SuiteTest"); + (void)test_harness; + + cipherSuiteCtx = CyaSSL_CTX_new(CyaTLSv1_2_client_method()); + if (cipherSuiteCtx == NULL) { + printf("can't get cipher suite ctx\n"); + exit(EXIT_FAILURE); + } + /* default case */ args.argc = 1; printf("starting default cipher suite tests\n"); @@ -236,94 +430,6 @@ int SuiteTest(void) /* any extra cases will need another argument */ args.argc = 2; -#ifdef OPENSSL_EXTRA - /* add openssl extra suites */ - strcpy(argv0[1], "tests/test-openssl.conf"); - printf("starting openssl extra cipher suite tests\n"); - test_harness(&args); - if (args.return_code != 0) { - printf("error from script %d\n", args.return_code); - exit(EXIT_FAILURE); - } -#endif - -#ifdef HAVE_HC128 - /* add hc128 extra suites */ - strcpy(argv0[1], "tests/test-hc128.conf"); - printf("starting hc128 extra cipher suite tests\n"); - test_harness(&args); - if (args.return_code != 0) { - printf("error from script %d\n", args.return_code); - exit(EXIT_FAILURE); - } -#endif - -#ifndef NO_PSK - /* add psk extra suites */ - strcpy(argv0[1], "tests/test-psk.conf"); - printf("starting psk extra cipher suite tests\n"); - test_harness(&args); - if (args.return_code != 0) { - printf("error from script %d\n", args.return_code); - exit(EXIT_FAILURE); - } -#endif - -#ifdef HAVE_NTRU - /* add ntru extra suites */ - strcpy(argv0[1], "tests/test-ntru.conf"); - printf("starting ntru extra cipher suite tests\n"); - test_harness(&args); - if (args.return_code != 0) { - printf("error from script %d\n", args.return_code); - exit(EXIT_FAILURE); - } -#endif - -#ifdef HAVE_ECC - /* add ecc extra suites */ - strcpy(argv0[1], "tests/test-ecc.conf"); - printf("starting ecc extra cipher suite tests\n"); - test_harness(&args); - if (args.return_code != 0) { - printf("error from script %d\n", args.return_code); - exit(EXIT_FAILURE); - } -#endif - -#ifdef HAVE_AESGCM - /* add aesgcm extra suites */ - strcpy(argv0[1], "tests/test-aesgcm.conf"); - printf("starting aesgcm extra cipher suite tests\n"); - test_harness(&args); - if (args.return_code != 0) { - printf("error from script %d\n", args.return_code); - exit(EXIT_FAILURE); - } -#endif - -#if defined(HAVE_AESGCM) && defined(OPENSSL_EXTRA) - /* add aesgcm openssl extra suites */ - strcpy(argv0[1], "tests/test-aesgcm-openssl.conf"); - printf("starting aesgcm openssl extra cipher suite tests\n"); - test_harness(&args); - if (args.return_code != 0) { - printf("error from script %d\n", args.return_code); - exit(EXIT_FAILURE); - } -#endif - -#if defined(HAVE_AESGCM) && defined(HAVE_ECC) - /* add aesgcm ecc extra suites */ - strcpy(argv0[1], "tests/test-aesgcm-ecc.conf"); - printf("starting aesgcm ecc extra cipher suite tests\n"); - test_harness(&args); - if (args.return_code != 0) { - printf("error from script %d\n", args.return_code); - exit(EXIT_FAILURE); - } -#endif - #ifdef CYASSL_DTLS /* add dtls extra suites */ strcpy(argv0[1], "tests/test-dtls.conf"); @@ -337,6 +443,8 @@ int SuiteTest(void) printf(" End Cipher Suite Tests\n"); + CyaSSL_CTX_free(cipherSuiteCtx); + return args.return_code; } diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-ecc.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-ecc.conf deleted file mode 100644 index 7aff47f9a..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-ecc.conf +++ /dev/null @@ -1,80 +0,0 @@ -# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 --v 3 --l ECDHE-ECDSA-AES128-GCM-SHA256 --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 --v 3 --l ECDHE-ECDSA-AES128-GCM-SHA256 --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 --v 3 --l ECDHE-ECDSA-AES256-GCM-SHA384 --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 --v 3 --l ECDHE-ECDSA-AES256-GCM-SHA384 --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 --v 3 --l ECDH-ECDSA-AES128-GCM-SHA256 --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 --v 3 --l ECDH-ECDSA-AES128-GCM-SHA256 --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384 --v 3 --l ECDH-ECDSA-AES256-GCM-SHA384 --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384 --v 3 --l ECDH-ECDSA-AES256-GCM-SHA384 --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 --v 3 --l ECDHE-RSA-AES128-GCM-SHA256 - -# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 --v 3 --l ECDHE-RSA-AES128-GCM-SHA256 - -# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 --v 3 --l ECDHE-RSA-AES256-GCM-SHA384 - -# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 --v 3 --l ECDHE-RSA-AES256-GCM-SHA384 - -# server TLSv1.2 ECDH-RSA-AES128-GCM-SHA256 --v 3 --l ECDH-RSA-AES128-GCM-SHA256 --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-RSA-AES128-GCM-SHA256 --v 3 --l ECDH-RSA-AES128-GCM-SHA256 - -# server TLSv1.2 ECDH-RSA-AES256-GCM-SHA384 --v 3 --l ECDH-RSA-AES256-GCM-SHA384 --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-RSA-AES256-GCM-SHA384 --v 3 --l ECDH-RSA-AES256-GCM-SHA384 - diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-openssl.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-openssl.conf deleted file mode 100644 index 006e27216..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm-openssl.conf +++ /dev/null @@ -1,16 +0,0 @@ -# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 --v 3 --l DHE-RSA-AES128-GCM-SHA256 - -# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 --v 3 --l DHE-RSA-AES128-GCM-SHA256 - -# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384 --v 3 --l DHE-RSA-AES256-GCM-SHA384 - -# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384 --v 3 --l DHE-RSA-AES256-GCM-SHA384 - diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm.conf deleted file mode 100644 index 9efc5a578..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-aesgcm.conf +++ /dev/null @@ -1,16 +0,0 @@ -# server TLSv1.2 RSA-AES128-GCM-SHA256 --v 3 --l AES128-GCM-SHA256 - -# client TLSv1.2 RSA-AES128-GCM-SHA256 --v 3 --l AES128-GCM-SHA256 - -# server TLSv1.2 RSA-AES256-GCM-SHA384 --v 3 --l AES256-GCM-SHA384 - -# client TLSv1.2 RSA-AES256-GCM-SHA384 --v 3 --l AES256-GCM-SHA384 - diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-dtls.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-dtls.conf index 7cffa9660..cc3a6aeb5 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-dtls.conf +++ b/FreeRTOS-Plus/Source/CyaSSL/tests/test-dtls.conf @@ -1,64 +1,818 @@ # server DTLSv1 RC4-SHA -u +-v 2 -l RC4-SHA # client DTLSv1 RC4-SHA -u +-v 2 -l RC4-SHA -# server DTLSv1 RC4-MD5 +# server DTLSv1.2 RC4-SHA -u --l RC4-MD5 +-v 3 +-l RC4-SHA -# client DTLSv1 RC4-MD5 +# client DTLSv1.2 RC4-SHA -u --l RC4-MD5 +-v 3 +-l RC4-SHA # server DTLSv1 DES-CBC3-SHA -u +-v 2 -l DES-CBC3-SHA # client DTLSv1 DES-CBC3-SHA -u +-v 2 +-l DES-CBC3-SHA + +# server DTLSv1.2 DES-CBC3-SHA +-u +-v 3 +-l DES-CBC3-SHA + +# client DTLSv1.2 DES-CBC3-SHA +-u +-v 3 -l DES-CBC3-SHA # server DTLSv1 AES128-SHA -u +-v 2 -l AES128-SHA # client DTLSv1 AES128-SHA -u +-v 2 +-l AES128-SHA + +# server DTLSv1.2 AES128-SHA +-u +-v 3 +-l AES128-SHA + +# client DTLSv1.2 AES128-SHA +-u +-v 3 -l AES128-SHA # server DTLSv1 AES256-SHA -u +-v 2 -l AES256-SHA # client DTLSv1 AES256-SHA -u +-v 2 +-l AES256-SHA + +# server DTLSv1.2 AES256-SHA +-u +-v 3 +-l AES256-SHA + +# client DTLSv1.2 AES256-SHA +-u +-v 3 -l AES256-SHA # server DTLSv1 AES128-SHA256 -u +-v 2 -l AES128-SHA256 # client DTLSv1 AES128-SHA256 -u +-v 2 +-l AES128-SHA256 + +# server DTLSv1.2 AES128-SHA256 +-u +-v 3 +-l AES128-SHA256 + +# client DTLSv1.2 AES128-SHA256 +-u +-v 3 -l AES128-SHA256 # server DTLSv1 AES256-SHA256 -u +-v 2 -l AES256-SHA256 # client DTLSv1 AES256-SHA256 -u +-v 2 +-l AES256-SHA256 + +# server DTLSv1.2 AES256-SHA256 +-u +-v 3 -l AES256-SHA256 -# server DTLSv1 RABBIT-SHA +# client DTLSv1.2 AES256-SHA256 +-u +-v 3 +-l AES256-SHA256 + +# server DTLSv1 ECDHE-RSA-RC4 +-u +-v 2 +-l ECDHE-RSA-RC4-SHA + +# client DTLSv1 ECDHE-RSA-RC4 +-u +-v 2 +-l ECDHE-RSA-RC4-SHA + +# server DTLSv1.1 ECDHE-RSA-DES3 +-u +-v 2 +-l ECDHE-RSA-DES-CBC3-SHA + +# client DTLSv1.1 ECDHE-RSA-DES3 +-u +-v 2 +-l ECDHE-RSA-DES-CBC3-SHA + +# server DTLSv1.1 ECDHE-RSA-AES128 +-u +-v 2 +-l ECDHE-RSA-AES128-SHA + +# client DTLSv1.1 ECDHE-RSA-AES128 +-u +-v 2 +-l ECDHE-RSA-AES128-SHA + +# server DTLSv1.1 ECDHE-RSA-AES256 +-u +-v 2 +-l ECDHE-RSA-AES256-SHA + +# client DTLSv1.1 ECDHE-RSA-AES256 +-u +-v 2 +-l ECDHE-RSA-AES256-SHA + +# server DTLSv1.2 ECDHE-RSA-RC4 +-u +-v 3 +-l ECDHE-RSA-RC4-SHA + +# client DTLSv1.2 ECDHE-RSA-RC4 +-u +-v 3 +-l ECDHE-RSA-RC4-SHA + +# server DTLSv1.2 ECDHE-RSA-DES3 +-u +-v 3 +-l ECDHE-RSA-DES-CBC3-SHA + +# client DTLSv1.2 ECDHE-RSA-DES3 +-u +-v 3 +-l ECDHE-RSA-DES-CBC3-SHA + +# server DTLSv1.2 ECDHE-RSA-AES128 +-u +-v 3 +-l ECDHE-RSA-AES128-SHA + +# client DTLSv1.2 ECDHE-RSA-AES128 +-u +-v 3 +-l ECDHE-RSA-AES128-SHA + +# server DTLSv1.2 ECDHE-RSA-AES128-SHA256 +-u +-v 3 +-l ECDHE-RSA-AES128-SHA256 + +# client DTLSv1.2 ECDHE-RSA-AES128-SHA256 +-u +-v 3 +-l ECDHE-RSA-AES128-SHA256 + +# server DTLSv1.2 ECDHE-RSA-AES256 +-u +-v 3 +-l ECDHE-RSA-AES256-SHA + +# client DTLSv1.2 ECDHE-RSA-AES256 +-u +-v 3 +-l ECDHE-RSA-AES256-SHA + +# server DTLSv1.1 ECDHE-EDCSA-RC4 +-u +-v 2 +-l ECDHE-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDHE-ECDSA-RC4 +-u +-v 2 +-l ECDHE-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.1 ECDHE-ECDSA-DES3 +-u +-v 2 +-l ECDHE-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDHE-ECDSA-DES3 +-u +-v 2 +-l ECDHE-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.1 ECDHE-ECDSA-AES128 +-u +-v 2 +-l ECDHE-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDHE-ECDSA-AES128 +-u +-v 2 +-l ECDHE-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.1 ECDHE-ECDSA-AES256 +-u +-v 2 +-l ECDHE-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDHE-ECDSA-AES256 +-u +-v 2 +-l ECDHE-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-ECDSA-RC4 +-u +-v 3 +-l ECDHE-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-RC4 +-u +-v 3 +-l ECDHE-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-ECDSA-DES3 +-u +-v 3 +-l ECDHE-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-DES3 +-u +-v 3 +-l ECDHE-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-ECDSA-AES128 +-u +-v 3 +-l ECDHE-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-AES128 +-u +-v 3 +-l ECDHE-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-ECDSA-AES128-SHA256 +-u +-v 3 +-l ECDHE-ECDSA-AES128-SHA256 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-AES128-SHA256 +-u +-v 3 +-l ECDHE-ECDSA-AES128-SHA256 +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-ECDSA-AES256 +-u +-v 3 +-l ECDHE-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-AES256 +-u +-v 3 +-l ECDHE-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.1 ECDH-RSA-RC4 +-u +-v 2 +-l ECDH-RSA-RC4-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDH-RSA-RC4 +-u +-v 2 +-l ECDH-RSA-RC4-SHA + +# server DTLSv1.1 ECDH-RSA-DES3 +-u +-v 2 +-l ECDH-RSA-DES-CBC3-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDH-RSA-DES3 +-u +-v 2 +-l ECDH-RSA-DES-CBC3-SHA + +# server DTLSv1.1 ECDH-RSA-AES128 +-u +-v 2 +-l ECDH-RSA-AES128-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDH-RSA-AES128 +-u +-v 2 +-l ECDH-RSA-AES128-SHA + +# server DTLSv1.1 ECDH-RSA-AES256 +-u +-v 2 +-l ECDH-RSA-AES256-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDH-RSA-AES256 +-u +-v 2 +-l ECDH-RSA-AES256-SHA + +# server DTLSv1.2 ECDH-RSA-RC4 +-u +-v 3 +-l ECDH-RSA-RC4-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-RSA-RC4 +-u +-v 3 +-l ECDH-RSA-RC4-SHA + +# server DTLSv1.2 ECDH-RSA-DES3 +-u +-v 3 +-l ECDH-RSA-DES-CBC3-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-RSA-DES3 +-u +-v 3 +-l ECDH-RSA-DES-CBC3-SHA + +# server DTLSv1.2 ECDH-RSA-AES128 +-u +-v 3 +-l ECDH-RSA-AES128-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-RSA-AES128 +-u +-v 3 +-l ECDH-RSA-AES128-SHA + +# server DTLSv1.2 ECDH-RSA-AES128-SHA256 +-u +-v 3 +-l ECDH-RSA-AES128-SHA256 +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-RSA-AES128-SHA256 +-u +-v 3 +-l ECDH-RSA-AES128-SHA256 + +# server DTLSv1.2 ECDH-RSA-AES256 +-u +-v 3 +-l ECDH-RSA-AES256-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-RSA-AES256 +-u +-v 3 +-l ECDH-RSA-AES256-SHA + +# server DTLSv1.1 ECDH-EDCSA-RC4 +-u +-v 2 +-l ECDH-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDH-ECDSA-RC4 +-u +-v 2 +-l ECDH-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.1 ECDH-ECDSA-DES3 +-u +-v 2 +-l ECDH-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDH-ECDSA-DES3 +-u +-v 2 +-l ECDH-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.1 ECDH-ECDSA-AES128 +-u +-v 2 +-l ECDH-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDH-ECDSA-AES128 +-u +-v 2 +-l ECDH-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.1 ECDH-ECDSA-AES256 +-u +-v 2 +-l ECDH-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.1 ECDH-ECDSA-AES256 +-u +-v 2 +-l ECDH-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-ECDSA-RC4 +-u +-v 3 +-l ECDH-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-ECDSA-RC4 +-u +-v 3 +-l ECDH-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDH-ECDSA-DES3 +-u +-v 3 +-l ECDH-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-ECDSA-DES3 +-u +-v 3 +-l ECDH-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDH-ECDSA-AES128 +-u +-v 3 +-l ECDH-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-ECDSA-AES128 +-u +-v 3 +-l ECDH-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDH-ECDSA-AES128-SHA256 +-u +-v 3 +-l ECDH-ECDSA-AES128-SHA256 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-ECDSA-AES128-SHA256 +-u +-v 3 +-l ECDH-ECDSA-AES128-SHA256 +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDH-ECDSA-AES256 +-u +-v 3 +-l ECDH-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-ECDSA-AES256 +-u +-v 3 +-l ECDH-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-RSA-AES256-SHA384 +-u +-v 3 +-l ECDHE-RSA-AES256-SHA384 + +# client DTLSv1.2 ECDHE-RSA-AES256-SHA384 +-u +-v 3 +-l ECDHE-RSA-AES256-SHA384 + +# server DTLSv1.2 ECDHE-ECDSA-AES256-SHA384 +-u +-v 3 +-l ECDHE-ECDSA-AES256-SHA384 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-AES256-SHA384 +-u +-v 3 +-l ECDHE-ECDSA-AES256-SHA384 +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDH-RSA-AES256-SHA384 +-u +-v 3 +-l ECDH-RSA-AES256-SHA384 +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-RSA-AES256-SHA384 +-u +-v 3 +-l ECDH-RSA-AES256-SHA384 + +# server DTLSv1.2 ECDH-ECDSA-AES256-SHA384 +-u +-v 3 +-l ECDH-ECDSA-AES256-SHA384 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-ECDSA-AES256-SHA384 +-u +-v 3 +-l ECDH-ECDSA-AES256-SHA384 +-A ./certs/server-ecc.pem + +# server DTLSv1 PSK-AES128 +-s +-u +-v 2 +-l PSK-AES128-CBC-SHA + +# client DTLSv1 PSK-AES128 +-s +-u +-v 2 +-l PSK-AES128-CBC-SHA + +# server DTLSv1 PSK-AES256 +-s +-u +-v 2 +-l PSK-AES256-CBC-SHA + +# client DTLSv1 PSK-AES256 +-s +-u +-v 2 +-l PSK-AES256-CBC-SHA + +# server DTLSv1.2 PSK-AES128 +-s +-u +-v 3 +-l PSK-AES128-CBC-SHA + +# client DTLSv1.2 PSK-AES128 +-s +-u +-v 3 +-l PSK-AES128-CBC-SHA + +# server DTLSv1.2 PSK-AES256 +-s +-u +-v 3 +-l PSK-AES256-CBC-SHA + +# client DTLSv1.2 PSK-AES256 +-s +-u +-v 3 +-l PSK-AES256-CBC-SHA + +# server DTLSv1.2 PSK-AES128-SHA256 +-s +-u +-v 3 +-l PSK-AES128-CBC-SHA256 + +# client DTLSv1.2 PSK-AES128-SHA256 +-s +-u +-v 3 +-l PSK-AES128-CBC-SHA256 + +# server DTLSv1.2 PSK-AES256-SHA384 +-s +-u +-v 3 +-l PSK-AES256-CBC-SHA384 + +# client DTLSv1.2 PSK-AES256-SHA384 +-s +-u +-v 3 +-l PSK-AES256-CBC-SHA384 + +# server DTLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 +-u +-v 3 +-l ECDHE-ECDSA-AES128-GCM-SHA256 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 +-u +-v 3 +-l ECDHE-ECDSA-AES128-GCM-SHA256 +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 +-u +-v 3 +-l ECDHE-ECDSA-AES256-GCM-SHA384 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 +-u +-v 3 +-l ECDHE-ECDSA-AES256-GCM-SHA384 +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 +-u +-v 3 +-l ECDH-ECDSA-AES128-GCM-SHA256 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 +-u +-v 3 +-l ECDH-ECDSA-AES128-GCM-SHA256 +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384 +-u +-v 3 +-l ECDH-ECDSA-AES256-GCM-SHA384 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384 +-u +-v 3 +-l ECDH-ECDSA-AES256-GCM-SHA384 +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 +-u +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 + +# client DTLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 +-u +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 + +# server DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 +-u +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 + +# client DTLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 +-u +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 + +# server DTLSv1.2 ECDH-RSA-AES128-GCM-SHA256 +-u +-v 3 +-l ECDH-RSA-AES128-GCM-SHA256 +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-RSA-AES128-GCM-SHA256 +-u +-v 3 +-l ECDH-RSA-AES128-GCM-SHA256 + +# server DTLSv1.2 ECDH-RSA-AES256-GCM-SHA384 +-u +-v 3 +-l ECDH-RSA-AES256-GCM-SHA384 +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDH-RSA-AES256-GCM-SHA384 +-u +-v 3 +-l ECDH-RSA-AES256-GCM-SHA384 + +# server DTLSv1.2 PSK-AES128-GCM-SHA256 +-u +-s +-v 3 +-l PSK-AES128-GCM-SHA256 + +# client DTLSv1.2 PSK-AES128-GCM-SHA256 +-u +-s +-v 3 +-l PSK-AES128-GCM-SHA256 + +# server DTLSv1.2 PSK-AES256-GCM-SHA384 +-u +-s +-v 3 +-l PSK-AES256-GCM-SHA384 + +# client DTLSv1.2 PSK-AES256-GCM-SHA384 +-u +-s +-v 3 +-l PSK-AES256-GCM-SHA384 + +# server DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8 +-u +-v 3 +-l ECDHE-ECDSA-AES128-CCM-8 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client DTLSv1.2 ECDHE-ECDSA-AES128-CCM-8 +-u +-v 3 +-l ECDHE-ECDSA-AES128-CCM-8 +-A ./certs/server-ecc.pem + +# server DTLSv1.2 ECDHE-ECDSA-AES256-CCM-8 -u --l RABBIT-SHA +-v 3 +-l ECDHE-ECDSA-AES256-CCM-8 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem -# client DTLSv1 RABBIT-SHA +# client DTLSv1.2 ECDHE-ECDSA-AES256-CCM-8 -u --l RABBIT-SHA +-v 3 +-l ECDHE-ECDSA-AES256-CCM-8 +-A ./certs/server-ecc.pem diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-ecc.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-ecc.conf deleted file mode 100644 index ca1bc56f5..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-ecc.conf +++ /dev/null @@ -1,480 +0,0 @@ -# server TLSv1 ECDHE-RSA-RC4 --v 1 --l ECDHE-RSA-RC4-SHA - -# client TLSv1 ECDHE-RSA-RC4 --v 1 --l ECDHE-RSA-RC4-SHA - -# server TLSv1 ECDHE-RSA-DES3 --v 1 --l ECDHE-RSA-DES-CBC3-SHA - -# client TLSv1 ECDHE-RSA-DES3 --v 1 --l ECDHE-RSA-DES-CBC3-SHA - -# server TLSv1 ECDHE-RSA-AES128 --v 1 --l ECDHE-RSA-AES128-SHA - -# client TLSv1 ECDHE-RSA-AES128 --v 1 --l ECDHE-RSA-AES128-SHA - -# server TLSv1 ECDHE-RSA-AES256 --v 1 --l ECDHE-RSA-AES256-SHA - -# client TLSv1 ECDHE-RSA-AES256 --v 1 --l ECDHE-RSA-AES256-SHA - -# server TLSv1.1 ECDHE-RSA-RC4 --v 2 --l ECDHE-RSA-RC4-SHA - -# client TLSv1.1 ECDHE-RSA-RC4 --v 2 --l ECDHE-RSA-RC4-SHA - -# server TLSv1.1 ECDHE-RSA-DES3 --v 2 --l ECDHE-RSA-DES-CBC3-SHA - -# client TLSv1.1 ECDHE-RSA-DES3 --v 2 --l ECDHE-RSA-DES-CBC3-SHA - -# server TLSv1.1 ECDHE-RSA-AES128 --v 2 --l ECDHE-RSA-AES128-SHA - -# client TLSv1.1 ECDHE-RSA-AES128 --v 2 --l ECDHE-RSA-AES128-SHA - -# server TLSv1.1 ECDHE-RSA-AES256 --v 2 --l ECDHE-RSA-AES256-SHA - -# client TLSv1.1 ECDHE-RSA-AES256 --v 2 --l ECDHE-RSA-AES256-SHA - -# server TLSv1.2 ECDHE-RSA-RC4 --v 3 --l ECDHE-RSA-RC4-SHA - -# client TLSv1.2 ECDHE-RSA-RC4 --v 3 --l ECDHE-RSA-RC4-SHA - -# server TLSv1.2 ECDHE-RSA-DES3 --v 3 --l ECDHE-RSA-DES-CBC3-SHA - -# client TLSv1.2 ECDHE-RSA-DES3 --v 3 --l ECDHE-RSA-DES-CBC3-SHA - -# server TLSv1.2 ECDHE-RSA-AES128 --v 3 --l ECDHE-RSA-AES128-SHA - -# client TLSv1.2 ECDHE-RSA-AES128 --v 3 --l ECDHE-RSA-AES128-SHA - -# server TLSv1.2 ECDHE-RSA-AES256 --v 3 --l ECDHE-RSA-AES256-SHA - -# client TLSv1.2 ECDHE-RSA-AES256 --v 3 --l ECDHE-RSA-AES256-SHA - -# server TLSv1 ECDHE-ECDSA-RC4 --v 1 --l ECDHE-ECDSA-RC4-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDHE-ECDSA-RC4 --v 1 --l ECDHE-ECDSA-RC4-SHA --A ./certs/server-ecc.pem - -# server TLSv1 ECDHE-ECDSA-DES3 --v 1 --l ECDHE-ECDSA-DES-CBC3-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDHE-ECDSA-DES3 --v 1 --l ECDHE-ECDSA-DES-CBC3-SHA --A ./certs/server-ecc.pem - -# server TLSv1 ECDHE-ECDSA-AES128 --v 1 --l ECDHE-ECDSA-AES128-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDHE-ECDSA-AES128 --v 1 --l ECDHE-ECDSA-AES128-SHA --A ./certs/server-ecc.pem - -# server TLSv1 ECDHE-ECDSA-AES256 --v 1 --l ECDHE-ECDSA-AES256-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDHE-ECDSA-AES256 --v 1 --l ECDHE-ECDSA-AES256-SHA --A ./certs/server-ecc.pem - -# server TLSv1.1 ECDHE-EDCSA-RC4 --v 2 --l ECDHE-ECDSA-RC4-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDHE-ECDSA-RC4 --v 2 --l ECDHE-ECDSA-RC4-SHA --A ./certs/server-ecc.pem - -# server TLSv1.1 ECDHE-ECDSA-DES3 --v 2 --l ECDHE-ECDSA-DES-CBC3-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDHE-ECDSA-DES3 --v 2 --l ECDHE-ECDSA-DES-CBC3-SHA --A ./certs/server-ecc.pem - -# server TLSv1.1 ECDHE-ECDSA-AES128 --v 2 --l ECDHE-ECDSA-AES128-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDHE-ECDSA-AES128 --v 2 --l ECDHE-ECDSA-AES128-SHA --A ./certs/server-ecc.pem - -# server TLSv1.1 ECDHE-ECDSA-AES256 --v 2 --l ECDHE-ECDSA-AES256-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDHE-ECDSA-AES256 --v 2 --l ECDHE-ECDSA-AES256-SHA --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDHE-ECDSA-RC4 --v 3 --l ECDHE-ECDSA-RC4-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDHE-ECDSA-RC4 --v 3 --l ECDHE-ECDSA-RC4-SHA --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDHE-ECDSA-DES3 --v 3 --l ECDHE-ECDSA-DES-CBC3-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDHE-ECDSA-DES3 --v 3 --l ECDHE-ECDSA-DES-CBC3-SHA --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDHE-ECDSA-AES128 --v 3 --l ECDHE-ECDSA-AES128-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDHE-ECDSA-AES128 --v 3 --l ECDHE-ECDSA-AES128-SHA --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDHE-ECDSA-AES256 --v 3 --l ECDHE-ECDSA-AES256-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDHE-ECDSA-AES256 --v 3 --l ECDHE-ECDSA-AES256-SHA --A ./certs/server-ecc.pem - -# server TLSv1 ECDH-RSA-RC4 --v 1 --l ECDH-RSA-RC4-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDH-RSA-RC4 --v 1 --l ECDH-RSA-RC4-SHA - -# server TLSv1 ECDH-RSA-DES3 --v 1 --l ECDH-RSA-DES-CBC3-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDH-RSA-DES3 --v 1 --l ECDH-RSA-DES-CBC3-SHA - -# server TLSv1 ECDH-RSA-AES128 --v 1 --l ECDH-RSA-AES128-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDH-RSA-AES128 --v 1 --l ECDH-RSA-AES128-SHA - -# server TLSv1 ECDH-RSA-AES256 --v 1 --l ECDH-RSA-AES256-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDH-RSA-AES256 --v 1 --l ECDH-RSA-AES256-SHA - -# server TLSv1.1 ECDH-RSA-RC4 --v 2 --l ECDH-RSA-RC4-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDH-RSA-RC4 --v 2 --l ECDH-RSA-RC4-SHA - -# server TLSv1.1 ECDH-RSA-DES3 --v 2 --l ECDH-RSA-DES-CBC3-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDH-RSA-DES3 --v 2 --l ECDH-RSA-DES-CBC3-SHA - -# server TLSv1.1 ECDH-RSA-AES128 --v 2 --l ECDH-RSA-AES128-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDH-RSA-AES128 --v 2 --l ECDH-RSA-AES128-SHA - -# server TLSv1.1 ECDH-RSA-AES256 --v 2 --l ECDH-RSA-AES256-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDH-RSA-AES256 --v 2 --l ECDH-RSA-AES256-SHA - -# server TLSv1.2 ECDH-RSA-RC4 --v 3 --l ECDH-RSA-RC4-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-RSA-RC4 --v 3 --l ECDH-RSA-RC4-SHA - -# server TLSv1.2 ECDH-RSA-DES3 --v 3 --l ECDH-RSA-DES-CBC3-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-RSA-DES3 --v 3 --l ECDH-RSA-DES-CBC3-SHA - -# server TLSv1.2 ECDH-RSA-AES128 --v 3 --l ECDH-RSA-AES128-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-RSA-AES128 --v 3 --l ECDH-RSA-AES128-SHA - -# server TLSv1.2 ECDH-RSA-AES256 --v 3 --l ECDH-RSA-AES256-SHA --c ./certs/server-ecc-rsa.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-RSA-AES256 --v 3 --l ECDH-RSA-AES256-SHA - -# server TLSv1 ECDH-ECDSA-RC4 --v 1 --l ECDH-ECDSA-RC4-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDH-ECDSA-RC4 --v 1 --l ECDH-ECDSA-RC4-SHA --A ./certs/server-ecc.pem - -# server TLSv1 ECDH-ECDSA-DES3 --v 1 --l ECDH-ECDSA-DES-CBC3-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDH-ECDSA-DES3 --v 1 --l ECDH-ECDSA-DES-CBC3-SHA --A ./certs/server-ecc.pem - -# server TLSv1 ECDH-ECDSA-AES128 --v 1 --l ECDH-ECDSA-AES128-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDH-ECDSA-AES128 --v 1 --l ECDH-ECDSA-AES128-SHA --A ./certs/server-ecc.pem - -# server TLSv1 ECDH-ECDSA-AES256 --v 1 --l ECDH-ECDSA-AES256-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1 ECDH-ECDSA-AES256 --v 1 --l ECDH-ECDSA-AES256-SHA --A ./certs/server-ecc.pem - -# server TLSv1.1 ECDH-EDCSA-RC4 --v 2 --l ECDH-ECDSA-RC4-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDH-ECDSA-RC4 --v 2 --l ECDH-ECDSA-RC4-SHA --A ./certs/server-ecc.pem - -# server TLSv1.1 ECDH-ECDSA-DES3 --v 2 --l ECDH-ECDSA-DES-CBC3-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDH-ECDSA-DES3 --v 2 --l ECDH-ECDSA-DES-CBC3-SHA --A ./certs/server-ecc.pem - -# server TLSv1.1 ECDH-ECDSA-AES128 --v 2 --l ECDH-ECDSA-AES128-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDH-ECDSA-AES128 --v 2 --l ECDH-ECDSA-AES128-SHA --A ./certs/server-ecc.pem - -# server TLSv1.1 ECDH-ECDSA-AES256 --v 2 --l ECDH-ECDSA-AES256-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.1 ECDH-ECDSA-AES256 --v 2 --l ECDH-ECDSA-AES256-SHA --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDHE-ECDSA-RC4 --v 3 --l ECDH-ECDSA-RC4-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-ECDSA-RC4 --v 3 --l ECDH-ECDSA-RC4-SHA --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDH-ECDSA-DES3 --v 3 --l ECDH-ECDSA-DES-CBC3-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-ECDSA-DES3 --v 3 --l ECDH-ECDSA-DES-CBC3-SHA --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDH-ECDSA-AES128 --v 3 --l ECDH-ECDSA-AES128-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-ECDSA-AES128 --v 3 --l ECDH-ECDSA-AES128-SHA --A ./certs/server-ecc.pem - -# server TLSv1.2 ECDH-ECDSA-AES256 --v 3 --l ECDH-ECDSA-AES256-SHA --c ./certs/server-ecc.pem --k ./certs/ecc-key.pem - -# client TLSv1.2 ECDH-ECDSA-AES256 --v 3 --l ECDH-ECDSA-AES256-SHA --A ./certs/server-ecc.pem - diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-hc128.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-hc128.conf deleted file mode 100644 index feb0b1228..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-hc128.conf +++ /dev/null @@ -1,48 +0,0 @@ -# server TLSv1 HC128-SHA --v 1 --l HC128-SHA - -# client TLSv1 HC128-SHA --v 1 --l HC128-SHA - -# server TLSv1 HC128-MD5 --v 1 --l HC128-MD5 - -# client TLSv1 HC128-MD5 --v 1 --l HC128-MD5 - -# server TLSv1.1 HC128-SHA --v 2 --l HC128-SHA - -# client TLSv1.1 HC128-SHA --v 2 --l HC128-SHA - -# server TLSv1.1 HC128-MD5 --v 2 --l HC128-MD5 - -# client TLSv1.1 HC128-MD5 --v 2 --l HC128-MD5 - -# server TLSv1.2 HC128-SHA --v 3 --l HC128-SHA - -# client TLSv1.2 HC128-SHA --v 3 --l HC128-SHA - -# server TLSv1.2 HC128-MD5 --v 3 --l HC128-MD5 - -# client TLSv1.2 HC128-MD5 --v 3 --l HC128-MD5 - diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-ntru.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-ntru.conf deleted file mode 100644 index 7674fb572..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-ntru.conf +++ /dev/null @@ -1,132 +0,0 @@ -# server TLSv1 NTRU_RC4 --v 1 --l NTRU-RC4-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1 NTRU_RC4 --v 1 --l NTRU-RC4-SHA - -# server TLSv1 NTRU_DES3 --v 1 --l NTRU-DES-CBC3-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1 NTRU_DES3 --v 1 --l NTRU-DES-CBC3-SHA - -# server TLSv1 NTRU_AES128 --v 1 --l NTRU-AES128-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1 NTRU_AES128 --v 1 --l NTRU-AES128-SHA - -# server TLSv1 NTRU_AES256 --v 1 --l NTRU-AES256-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1 NTRU_AES256 --v 1 --l NTRU-AES256-SHA - -# server TLSv1.1 NTRU_RC4 --v 2 --l NTRU-RC4-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1.1 NTRU_RC4 --v 2 --l NTRU-RC4-SHA - -# server TLSv1.1 NTRU_DES3 --v 2 --l NTRU-DES-CBC3-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1.1 NTRU_DES3 --v 2 --l NTRU-DES-CBC3-SHA - -# server TLSv1.1 NTRU_AES128 --v 2 --l NTRU-AES128-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1.1 NTRU_AES128 --v 2 --l NTRU-AES128-SHA - -# server TLSv1.1 NTRU_AES256 --v 2 --l NTRU-AES256-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1.1 NTRU_AES256 --v 2 --l NTRU-AES256-SHA - -# server TLSv1.2 NTRU_RC4 --v 3 --l NTRU-RC4-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1.2 NTRU_RC4 --v 3 --l NTRU-RC4-SHA - -# server TLSv1.2 NTRU_DES3 --v 3 --l NTRU-DES-CBC3-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1.2 NTRU_DES3 --v 3 --l NTRU-DES-CBC3-SHA - -# server TLSv1.2 NTRU_AES128 --v 3 --l NTRU-AES128-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1.2 NTRU_AES128 --v 3 --l NTRU-AES128-SHA - -# server TLSv1.2 NTRU_AES256 --v 3 --l NTRU-AES256-SHA --n --c ./certs/ntru-cert.pem --k ./certs/ntru-key.raw - -# client TLSv1.2 NTRU_AES256 --v 3 --l NTRU-AES256-SHA - diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-openssl.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-openssl.conf deleted file mode 100644 index 22a287a4a..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-openssl.conf +++ /dev/null @@ -1,96 +0,0 @@ -# server TLSv1 DHE AES128 --v 1 --l DHE-RSA-AES128-SHA - -# client TLSv1 DHE AES128 --v 1 --l DHE-RSA-AES128-SHA - -# server TLSv1 DHE AES256 --v 1 --l DHE-RSA-AES256-SHA - -# client TLSv1 DHE AES256 --v 1 --l DHE-RSA-AES256-SHA - -# server TLSv1 DHE AES128-SHA256 --v 1 --l DHE-RSA-AES128-SHA256 - -# client TLSv1 DHE AES128-SHA256 --v 1 --l DHE-RSA-AES128-SHA256 - -# server TLSv1 DHE AES256-SHA256 --v 1 --l DHE-RSA-AES256-SHA256 - -# client TLSv1 DHE AES256-SHA256 --v 1 --l DHE-RSA-AES256-SHA256 - -# server TLSv1.1 DHE AES128 --v 2 --l DHE-RSA-AES128-SHA - -# client TLSv1.1 DHE AES128 --v 2 --l DHE-RSA-AES128-SHA - -# server TLSv1.1 DHE AES256 --v 2 --l DHE-RSA-AES256-SHA - -# client TLSv1.1 DHE AES256 --v 2 --l DHE-RSA-AES256-SHA - -# server TLSv1.1 DHE AES128-SHA256 --v 2 --l DHE-RSA-AES128-SHA256 - -# client TLSv1.1 DHE AES128-SHA256 --v 2 --l DHE-RSA-AES128-SHA256 - -# server TLSv1.1 DHE AES256-SHA256 --v 2 --l DHE-RSA-AES256-SHA256 - -# client TLSv1.1 DHE AES256-SHA256 --v 2 --l DHE-RSA-AES256-SHA256 - -# server TLSv1.2 DHE AES128 --v 3 --l DHE-RSA-AES128-SHA - -# client TLSv1.2 DHE AES128 --v 3 --l DHE-RSA-AES128-SHA - -# server TLSv1.2 DHE AES256 --v 3 --l DHE-RSA-AES256-SHA - -# client TLSv1.2 DHE AES256 --v 3 --l DHE-RSA-AES256-SHA - -# server TLSv1.2 DHE AES128-SHA256 --v 3 --l DHE-RSA-AES128-SHA256 - -# client TLSv1.2 DHE AES128-SHA256 --v 3 --l DHE-RSA-AES128-SHA256 - -# server TLSv1.2 DHE AES256-SHA256 --v 3 --l DHE-RSA-AES256-SHA256 - -# client TLSv1.2 DHE AES256-SHA256 --v 3 --l DHE-RSA-AES256-SHA256 - diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test-psk.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test-psk.conf deleted file mode 100644 index ca4b918fd..000000000 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test-psk.conf +++ /dev/null @@ -1,60 +0,0 @@ -# server TLSv1 PSK-AES128 --s --v 1 --l PSK-AES128-CBC-SHA - -# client TLSv1 PSK-AES128 --s --v 1 --l PSK-AES128-CBC-SHA - -# server TLSv1 PSK-AES256 --s --v 1 --l PSK-AES256-CBC-SHA - -# client TLSv1 PSK-AES256 --s --v 1 --l PSK-AES256-CBC-SHA - -# server TLSv1.1 PSK-AES128 --s --v 2 --l PSK-AES128-CBC-SHA - -# client TLSv1.1 PSK-AES128 --s --v 2 --l PSK-AES128-CBC-SHA - -# server TLSv1.1 PSK-AES256 --s --v 2 --l PSK-AES256-CBC-SHA - -# client TLSv1.1 PSK-AES256 --s --v 2 --l PSK-AES256-CBC-SHA - -# server TLSv1.2 PSK-AES128 --s --v 3 --l PSK-AES128-CBC-SHA - -# client TLSv1.2 PSK-AES128 --s --v 3 --l PSK-AES128-CBC-SHA - -# server TLSv1.2 PSK-AES256 --s --v 3 --l PSK-AES256-CBC-SHA - -# client TLSv1.2 PSK-AES256 --s --v 3 --l PSK-AES256-CBC-SHA - diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/test.conf b/FreeRTOS-Plus/Source/CyaSSL/tests/test.conf index a4a20762c..71735d2cd 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/test.conf +++ b/FreeRTOS-Plus/Source/CyaSSL/tests/test.conf @@ -78,14 +78,6 @@ -v 1 -l AES256-SHA256 -# server TLSv1 RABBIT-SHA --v 1 --l RABBIT-SHA - -# client TLSv1 RABBIT-SHA --v 1 --l RABBIT-SHA - # server TLSv1.1 RC4-SHA -v 2 -l RC4-SHA @@ -142,14 +134,6 @@ -v 2 -l AES256-SHA256 -# server TLSv1.1 RABBIT-SHA --v 2 --l RABBIT-SHA - -# client TLSv1.1 RABBIT-SHA --v 2 --l RABBIT-SHA - # server TLSv1.2 RC4-SHA -v 3 -l RC4-SHA @@ -206,11 +190,1735 @@ -v 3 -l AES256-SHA256 -# server TLSv1.2 RABBIT-SHA +# server TLSv1 ECDHE-RSA-RC4 +-v 1 +-l ECDHE-RSA-RC4-SHA + +# client TLSv1 ECDHE-RSA-RC4 +-v 1 +-l ECDHE-RSA-RC4-SHA + +# server TLSv1 ECDHE-RSA-DES3 +-v 1 +-l ECDHE-RSA-DES-CBC3-SHA + +# client TLSv1 ECDHE-RSA-DES3 +-v 1 +-l ECDHE-RSA-DES-CBC3-SHA + +# server TLSv1 ECDHE-RSA-AES128 +-v 1 +-l ECDHE-RSA-AES128-SHA + +# client TLSv1 ECDHE-RSA-AES128 +-v 1 +-l ECDHE-RSA-AES128-SHA + +# server TLSv1 ECDHE-RSA-AES256 +-v 1 +-l ECDHE-RSA-AES256-SHA + +# client TLSv1 ECDHE-RSA-AES256 +-v 1 +-l ECDHE-RSA-AES256-SHA + +# server TLSv1.1 ECDHE-RSA-RC4 +-v 2 +-l ECDHE-RSA-RC4-SHA + +# client TLSv1.1 ECDHE-RSA-RC4 +-v 2 +-l ECDHE-RSA-RC4-SHA + +# server TLSv1.1 ECDHE-RSA-DES3 +-v 2 +-l ECDHE-RSA-DES-CBC3-SHA + +# client TLSv1.1 ECDHE-RSA-DES3 +-v 2 +-l ECDHE-RSA-DES-CBC3-SHA + +# server TLSv1.1 ECDHE-RSA-AES128 +-v 2 +-l ECDHE-RSA-AES128-SHA + +# client TLSv1.1 ECDHE-RSA-AES128 +-v 2 +-l ECDHE-RSA-AES128-SHA + +# server TLSv1.1 ECDHE-RSA-AES256 +-v 2 +-l ECDHE-RSA-AES256-SHA + +# client TLSv1.1 ECDHE-RSA-AES256 +-v 2 +-l ECDHE-RSA-AES256-SHA + +# server TLSv1.2 ECDHE-RSA-RC4 -v 3 --l RABBIT-SHA +-l ECDHE-RSA-RC4-SHA -# client TLSv1.2 RABBIT-SHA +# client TLSv1.2 ECDHE-RSA-RC4 -v 3 --l RABBIT-SHA +-l ECDHE-RSA-RC4-SHA + +# server TLSv1.2 ECDHE-RSA-DES3 +-v 3 +-l ECDHE-RSA-DES-CBC3-SHA + +# client TLSv1.2 ECDHE-RSA-DES3 +-v 3 +-l ECDHE-RSA-DES-CBC3-SHA + +# server TLSv1.2 ECDHE-RSA-AES128 +-v 3 +-l ECDHE-RSA-AES128-SHA + +# client TLSv1.2 ECDHE-RSA-AES128 +-v 3 +-l ECDHE-RSA-AES128-SHA + +# server TLSv1.2 ECDHE-RSA-AES128-SHA256 +-v 3 +-l ECDHE-RSA-AES128-SHA256 + +# client TLSv1.2 ECDHE-RSA-AES128-SHA256 +-v 3 +-l ECDHE-RSA-AES128-SHA256 + +# server TLSv1.2 ECDHE-RSA-AES256 +-v 3 +-l ECDHE-RSA-AES256-SHA + +# client TLSv1.2 ECDHE-RSA-AES256 +-v 3 +-l ECDHE-RSA-AES256-SHA + +# server TLSv1 ECDHE-ECDSA-RC4 +-v 1 +-l ECDHE-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDHE-ECDSA-RC4 +-v 1 +-l ECDHE-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server TLSv1 ECDHE-ECDSA-DES3 +-v 1 +-l ECDHE-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDHE-ECDSA-DES3 +-v 1 +-l ECDHE-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server TLSv1 ECDHE-ECDSA-AES128 +-v 1 +-l ECDHE-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDHE-ECDSA-AES128 +-v 1 +-l ECDHE-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server TLSv1 ECDHE-ECDSA-AES256 +-v 1 +-l ECDHE-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDHE-ECDSA-AES256 +-v 1 +-l ECDHE-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.1 ECDHE-EDCSA-RC4 +-v 2 +-l ECDHE-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDHE-ECDSA-RC4 +-v 2 +-l ECDHE-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.1 ECDHE-ECDSA-DES3 +-v 2 +-l ECDHE-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDHE-ECDSA-DES3 +-v 2 +-l ECDHE-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.1 ECDHE-ECDSA-AES128 +-v 2 +-l ECDHE-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDHE-ECDSA-AES128 +-v 2 +-l ECDHE-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.1 ECDHE-ECDSA-AES256 +-v 2 +-l ECDHE-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDHE-ECDSA-AES256 +-v 2 +-l ECDHE-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-ECDSA-RC4 +-v 3 +-l ECDHE-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-RC4 +-v 3 +-l ECDHE-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-ECDSA-DES3 +-v 3 +-l ECDHE-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-DES3 +-v 3 +-l ECDHE-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-ECDSA-AES128 +-v 3 +-l ECDHE-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES128 +-v 3 +-l ECDHE-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-ECDSA-AES128-SHA256 +-v 3 +-l ECDHE-ECDSA-AES128-SHA256 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES128-SHA256 +-v 3 +-l ECDHE-ECDSA-AES128-SHA256 +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-ECDSA-AES256 +-v 3 +-l ECDHE-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES256 +-v 3 +-l ECDHE-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server TLSv1 ECDH-RSA-RC4 +-v 1 +-l ECDH-RSA-RC4-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDH-RSA-RC4 +-v 1 +-l ECDH-RSA-RC4-SHA + +# server TLSv1 ECDH-RSA-DES3 +-v 1 +-l ECDH-RSA-DES-CBC3-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDH-RSA-DES3 +-v 1 +-l ECDH-RSA-DES-CBC3-SHA + +# server TLSv1 ECDH-RSA-AES128 +-v 1 +-l ECDH-RSA-AES128-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDH-RSA-AES128 +-v 1 +-l ECDH-RSA-AES128-SHA + +# server TLSv1 ECDH-RSA-AES256 +-v 1 +-l ECDH-RSA-AES256-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDH-RSA-AES256 +-v 1 +-l ECDH-RSA-AES256-SHA + +# server TLSv1.1 ECDH-RSA-RC4 +-v 2 +-l ECDH-RSA-RC4-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDH-RSA-RC4 +-v 2 +-l ECDH-RSA-RC4-SHA + +# server TLSv1.1 ECDH-RSA-DES3 +-v 2 +-l ECDH-RSA-DES-CBC3-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDH-RSA-DES3 +-v 2 +-l ECDH-RSA-DES-CBC3-SHA + +# server TLSv1.1 ECDH-RSA-AES128 +-v 2 +-l ECDH-RSA-AES128-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDH-RSA-AES128 +-v 2 +-l ECDH-RSA-AES128-SHA + +# server TLSv1.1 ECDH-RSA-AES256 +-v 2 +-l ECDH-RSA-AES256-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDH-RSA-AES256 +-v 2 +-l ECDH-RSA-AES256-SHA + +# server TLSv1.2 ECDH-RSA-RC4 +-v 3 +-l ECDH-RSA-RC4-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-RSA-RC4 +-v 3 +-l ECDH-RSA-RC4-SHA + +# server TLSv1.2 ECDH-RSA-DES3 +-v 3 +-l ECDH-RSA-DES-CBC3-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-RSA-DES3 +-v 3 +-l ECDH-RSA-DES-CBC3-SHA + +# server TLSv1.2 ECDH-RSA-AES128 +-v 3 +-l ECDH-RSA-AES128-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-RSA-AES128 +-v 3 +-l ECDH-RSA-AES128-SHA + +# server TLSv1.2 ECDH-RSA-AES128-SHA256 +-v 3 +-l ECDH-RSA-AES128-SHA256 +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-RSA-AES128-SHA256 +-v 3 +-l ECDH-RSA-AES128-SHA256 + +# server TLSv1.2 ECDH-RSA-AES256 +-v 3 +-l ECDH-RSA-AES256-SHA +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-RSA-AES256 +-v 3 +-l ECDH-RSA-AES256-SHA + +# server TLSv1 ECDH-ECDSA-RC4 +-v 1 +-l ECDH-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDH-ECDSA-RC4 +-v 1 +-l ECDH-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server TLSv1 ECDH-ECDSA-DES3 +-v 1 +-l ECDH-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDH-ECDSA-DES3 +-v 1 +-l ECDH-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server TLSv1 ECDH-ECDSA-AES128 +-v 1 +-l ECDH-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDH-ECDSA-AES128 +-v 1 +-l ECDH-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server TLSv1 ECDH-ECDSA-AES256 +-v 1 +-l ECDH-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1 ECDH-ECDSA-AES256 +-v 1 +-l ECDH-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.1 ECDH-EDCSA-RC4 +-v 2 +-l ECDH-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDH-ECDSA-RC4 +-v 2 +-l ECDH-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.1 ECDH-ECDSA-DES3 +-v 2 +-l ECDH-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDH-ECDSA-DES3 +-v 2 +-l ECDH-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.1 ECDH-ECDSA-AES128 +-v 2 +-l ECDH-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDH-ECDSA-AES128 +-v 2 +-l ECDH-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.1 ECDH-ECDSA-AES256 +-v 2 +-l ECDH-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.1 ECDH-ECDSA-AES256 +-v 2 +-l ECDH-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-ECDSA-RC4 +-v 3 +-l ECDH-ECDSA-RC4-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-ECDSA-RC4 +-v 3 +-l ECDH-ECDSA-RC4-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDH-ECDSA-DES3 +-v 3 +-l ECDH-ECDSA-DES-CBC3-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-ECDSA-DES3 +-v 3 +-l ECDH-ECDSA-DES-CBC3-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDH-ECDSA-AES128 +-v 3 +-l ECDH-ECDSA-AES128-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-ECDSA-AES128 +-v 3 +-l ECDH-ECDSA-AES128-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDH-ECDSA-AES128-SHA256 +-v 3 +-l ECDH-ECDSA-AES128-SHA256 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-ECDSA-AES128-SHA256 +-v 3 +-l ECDH-ECDSA-AES128-SHA256 +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDH-ECDSA-AES256 +-v 3 +-l ECDH-ECDSA-AES256-SHA +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-ECDSA-AES256 +-v 3 +-l ECDH-ECDSA-AES256-SHA +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-RSA-AES256-SHA384 +-v 3 +-l ECDHE-RSA-AES256-SHA384 + +# client TLSv1.2 ECDHE-RSA-AES256-SHA384 +-v 3 +-l ECDHE-RSA-AES256-SHA384 + +# server TLSv1.2 ECDHE-ECDSA-AES256-SHA384 +-v 3 +-l ECDHE-ECDSA-AES256-SHA384 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES256-SHA384 +-v 3 +-l ECDHE-ECDSA-AES256-SHA384 +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDH-RSA-AES256-SHA384 +-v 3 +-l ECDH-RSA-AES256-SHA384 +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-RSA-AES256-SHA384 +-v 3 +-l ECDH-RSA-AES256-SHA384 + +# server TLSv1.2 ECDH-ECDSA-AES256-SHA384 +-v 3 +-l ECDH-ECDSA-AES256-SHA384 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-ECDSA-AES256-SHA384 +-v 3 +-l ECDH-ECDSA-AES256-SHA384 +-A ./certs/server-ecc.pem + +# server TLSv1 HC128-SHA +-v 1 +-l HC128-SHA + +# client TLSv1 HC128-SHA +-v 1 +-l HC128-SHA + +# server TLSv1 HC128-MD5 +-v 1 +-l HC128-MD5 + +# client TLSv1 HC128-MD5 +-v 1 +-l HC128-MD5 + +# server TLSv1 HC128-B2B256 +-v 1 +-l HC128-B2B256 + +# client TLSv1 HC128-B2B256 +-v 1 +-l HC128-B2B256 + +# server TLSv1 AES128-B2B256 +-v 1 +-l AES128-B2B256 + +# client TLSv1 AES128-B2B256 +-v 1 +-l AES128-B2B256 + +# server TLSv1 AES256-B2B256 +-v 1 +-l AES256-B2B256 + +# client TLSv1 AES256-B2B256 +-v 1 +-l AES256-B2B256 + +# server TLSv1.1 HC128-SHA +-v 2 +-l HC128-SHA + +# client TLSv1.1 HC128-SHA +-v 2 +-l HC128-SHA + +# server TLSv1.1 HC128-MD5 +-v 2 +-l HC128-MD5 + +# client TLSv1.1 HC128-MD5 +-v 2 +-l HC128-MD5 + +# server TLSv1.1 HC128-B2B256 +-v 2 +-l HC128-B2B256 + +# client TLSv1.1 HC128-B2B256 +-v 2 +-l HC128-B2B256 + +# server TLSv1.1 AES128-B2B256 +-v 2 +-l AES128-B2B256 + +# client TLSv1.1 AES128-B2B256 +-v 2 +-l AES128-B2B256 + +# server TLSv1.1 AES256-B2B256 +-v 2 +-l AES256-B2B256 + +# client TLSv1.1 AES256-B2B256 +-v 2 +-l AES256-B2B256 + +# server TLSv1.2 HC128-SHA +-v 3 +-l HC128-SHA + +# client TLSv1.2 HC128-SHA +-v 3 +-l HC128-SHA + +# server TLSv1.2 HC128-MD5 +-v 3 +-l HC128-MD5 + +# client TLSv1.2 HC128-MD5 +-v 3 +-l HC128-MD5 + +# server TLSv1.2 HC128-B2B256 +-v 3 +-l HC128-B2B256 + +# client TLSv1.2 HC128-B2B256 +-v 3 +-l HC128-B2B256 + +# server TLSv1.2 AES128-B2B256 +-v 3 +-l AES128-B2B256 + +# client TLSv1.2 AES128-B2B256 +-v 3 +-l AES128-B2B256 + +# server TLSv1.2 AES256-B2B256 +-v 3 +-l AES256-B2B256 + +# client TLSv1.2 AES256-B2B256 +-v 3 +-l AES256-B2B256 + +# server TLSv1 RABBIT-SHA +-v 1 +-l RABBIT-SHA + +# client TLSv1 RABBIT-SHA +-v 1 +-l RABBIT-SHA + +# server TLSv1.1 RABBIT-SHA +-v 2 +-l RABBIT-SHA + +# client TLSv1.1 RABBIT-SHA +-v 2 +-l RABBIT-SHA + +# server TLSv1.2 RABBIT-SHA +-v 3 +-l RABBIT-SHA + +# client TLSv1.2 RABBIT-SHA +-v 3 +-l RABBIT-SHA + +# server TLSv1 NTRU_RC4 +-v 1 +-l NTRU-RC4-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1 NTRU_RC4 +-v 1 +-l NTRU-RC4-SHA + +# server TLSv1 NTRU_DES3 +-v 1 +-l NTRU-DES-CBC3-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1 NTRU_DES3 +-v 1 +-l NTRU-DES-CBC3-SHA + +# server TLSv1 NTRU_AES128 +-v 1 +-l NTRU-AES128-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1 NTRU_AES128 +-v 1 +-l NTRU-AES128-SHA + +# server TLSv1 NTRU_AES256 +-v 1 +-l NTRU-AES256-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1 NTRU_AES256 +-v 1 +-l NTRU-AES256-SHA + +# server TLSv1.1 NTRU_RC4 +-v 2 +-l NTRU-RC4-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1.1 NTRU_RC4 +-v 2 +-l NTRU-RC4-SHA + +# server TLSv1.1 NTRU_DES3 +-v 2 +-l NTRU-DES-CBC3-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1.1 NTRU_DES3 +-v 2 +-l NTRU-DES-CBC3-SHA + +# server TLSv1.1 NTRU_AES128 +-v 2 +-l NTRU-AES128-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1.1 NTRU_AES128 +-v 2 +-l NTRU-AES128-SHA + +# server TLSv1.1 NTRU_AES256 +-v 2 +-l NTRU-AES256-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1.1 NTRU_AES256 +-v 2 +-l NTRU-AES256-SHA + +# server TLSv1.2 NTRU_RC4 +-v 3 +-l NTRU-RC4-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1.2 NTRU_RC4 +-v 3 +-l NTRU-RC4-SHA + +# server TLSv1.2 NTRU_DES3 +-v 3 +-l NTRU-DES-CBC3-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1.2 NTRU_DES3 +-v 3 +-l NTRU-DES-CBC3-SHA + +# server TLSv1.2 NTRU_AES128 +-v 3 +-l NTRU-AES128-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1.2 NTRU_AES128 +-v 3 +-l NTRU-AES128-SHA + +# server TLSv1.2 NTRU_AES256 +-v 3 +-l NTRU-AES256-SHA +-n +-c ./certs/ntru-cert.pem +-k ./certs/ntru-key.raw + +# client TLSv1.2 NTRU_AES256 +-v 3 +-l NTRU-AES256-SHA + +# server TLSv1 DHE AES128 +-v 1 +-l DHE-RSA-AES128-SHA + +# client TLSv1 DHE AES128 +-v 1 +-l DHE-RSA-AES128-SHA + +# server TLSv1 DHE AES256 +-v 1 +-l DHE-RSA-AES256-SHA + +# client TLSv1 DHE AES256 +-v 1 +-l DHE-RSA-AES256-SHA + +# server TLSv1 DHE AES128-SHA256 +-v 1 +-l DHE-RSA-AES128-SHA256 + +# client TLSv1 DHE AES128-SHA256 +-v 1 +-l DHE-RSA-AES128-SHA256 + +# server TLSv1 DHE AES256-SHA256 +-v 1 +-l DHE-RSA-AES256-SHA256 + +# client TLSv1 DHE AES256-SHA256 +-v 1 +-l DHE-RSA-AES256-SHA256 + +# server TLSv1.1 DHE AES128 +-v 2 +-l DHE-RSA-AES128-SHA + +# client TLSv1.1 DHE AES128 +-v 2 +-l DHE-RSA-AES128-SHA + +# server TLSv1.1 DHE AES256 +-v 2 +-l DHE-RSA-AES256-SHA + +# client TLSv1.1 DHE AES256 +-v 2 +-l DHE-RSA-AES256-SHA + +# server TLSv1.1 DHE AES128-SHA256 +-v 2 +-l DHE-RSA-AES128-SHA256 + +# client TLSv1.1 DHE AES128-SHA256 +-v 2 +-l DHE-RSA-AES128-SHA256 + +# server TLSv1.1 DHE AES256-SHA256 +-v 2 +-l DHE-RSA-AES256-SHA256 + +# client TLSv1.1 DHE AES256-SHA256 +-v 2 +-l DHE-RSA-AES256-SHA256 + +# server TLSv1.2 DHE AES128 +-v 3 +-l DHE-RSA-AES128-SHA + +# client TLSv1.2 DHE AES128 +-v 3 +-l DHE-RSA-AES128-SHA + +# server TLSv1.2 DHE AES256 +-v 3 +-l DHE-RSA-AES256-SHA + +# client TLSv1.2 DHE AES256 +-v 3 +-l DHE-RSA-AES256-SHA + +# server TLSv1.2 DHE AES128-SHA256 +-v 3 +-l DHE-RSA-AES128-SHA256 + +# client TLSv1.2 DHE AES128-SHA256 +-v 3 +-l DHE-RSA-AES128-SHA256 + +# server TLSv1.2 DHE AES256-SHA256 +-v 3 +-l DHE-RSA-AES256-SHA256 + +# client TLSv1.2 DHE AES256-SHA256 +-v 3 +-l DHE-RSA-AES256-SHA256 + +# server TLSv1 PSK-AES128 +-s +-v 1 +-l PSK-AES128-CBC-SHA + +# client TLSv1 PSK-AES128 +-s +-v 1 +-l PSK-AES128-CBC-SHA + +# server TLSv1 PSK-AES256 +-s +-v 1 +-l PSK-AES256-CBC-SHA + +# client TLSv1 PSK-AES256 +-s +-v 1 +-l PSK-AES256-CBC-SHA + +# server TLSv1.1 PSK-AES128 +-s +-v 2 +-l PSK-AES128-CBC-SHA + +# client TLSv1.1 PSK-AES128 +-s +-v 2 +-l PSK-AES128-CBC-SHA + +# server TLSv1.1 PSK-AES256 +-s +-v 2 +-l PSK-AES256-CBC-SHA + +# client TLSv1.1 PSK-AES256 +-s +-v 2 +-l PSK-AES256-CBC-SHA + +# server TLSv1.2 PSK-AES128 +-s +-v 3 +-l PSK-AES128-CBC-SHA + +# client TLSv1.2 PSK-AES128 +-s +-v 3 +-l PSK-AES128-CBC-SHA + +# server TLSv1.2 PSK-AES256 +-s +-v 3 +-l PSK-AES256-CBC-SHA + +# client TLSv1.2 PSK-AES256 +-s +-v 3 +-l PSK-AES256-CBC-SHA + +# server TLSv1.0 PSK-AES128-SHA256 +-s +-v 1 +-l PSK-AES128-CBC-SHA256 + +# client TLSv1.0 PSK-AES128-SHA256 +-s +-v 1 +-l PSK-AES128-CBC-SHA256 + +# server TLSv1.1 PSK-AES128-SHA256 +-s +-v 2 +-l PSK-AES128-CBC-SHA256 + +# client TLSv1.1 PSK-AES128-SHA256 +-s +-v 2 +-l PSK-AES128-CBC-SHA256 + +# server TLSv1.2 PSK-AES128-SHA256 +-s +-v 3 +-l PSK-AES128-CBC-SHA256 + +# client TLSv1.2 PSK-AES128-SHA256 +-s +-v 3 +-l PSK-AES128-CBC-SHA256 + +# server TLSv1.0 PSK-AES256-SHA384 +-s +-v 1 +-l PSK-AES256-CBC-SHA384 + +# client TLSv1.0 PSK-AES256-SHA384 +-s +-v 1 +-l PSK-AES256-CBC-SHA384 + +# server TLSv1.1 PSK-AES256-SHA384 +-s +-v 2 +-l PSK-AES256-CBC-SHA384 + +# client TLSv1.1 PSK-AES256-SHA384 +-s +-v 2 +-l PSK-AES256-CBC-SHA384 + +# server TLSv1.2 PSK-AES256-SHA384 +-s +-v 3 +-l PSK-AES256-CBC-SHA384 + +# client TLSv1.2 PSK-AES256-SHA384 +-s +-v 3 +-l PSK-AES256-CBC-SHA384 + +# server TLSv1.0 PSK-NULL +-s +-v 1 +-l PSK-NULL-SHA + +# client TLSv1.0 PSK-NULL +-s +-v 1 +-l PSK-NULL-SHA + +# server TLSv1.1 PSK-NULL +-s +-v 2 +-l PSK-NULL-SHA + +# client TLSv1.1 PSK-NULL +-s +-v 2 +-l PSK-NULL-SHA + +# server TLSv1.2 PSK-NULL +-s +-v 3 +-l PSK-NULL-SHA + +# client TLSv1.2 PSK-NULL +-s +-v 3 +-l PSK-NULL-SHA + +# server TLSv1.2 PSK-NULL-SHA256 +-s +-v 3 +-l PSK-NULL-SHA256 + +# client TLSv1.2 PSK-NULL-SHA256 +-s +-v 3 +-l PSK-NULL-SHA256 + +# server TLSv1.2 PSK-NULL-SHA384 +-s +-v 3 +-l PSK-NULL-SHA384 + +# client TLSv1.2 PSK-NULL-SHA384 +-s +-v 3 +-l PSK-NULL-SHA384 + +# server TLSv1.2 PSK-NULL +-s +-v 3 +-l PSK-NULL-SHA + +# client TLSv1.2 PSK-NULL +-s +-v 3 +-l PSK-NULL-SHA + +# server TLSv1.2 PSK-NULL-SHA256 +-s +-v 3 +-l PSK-NULL-SHA256 + +# client TLSv1.2 PSK-NULL-SHA256 +-s +-v 3 +-l PSK-NULL-SHA256 + +# server TLSv1.0 RSA-NULL-SHA +-v 1 +-l NULL-SHA + +# client TLSv1.0 RSA-NULL-SHA +-v 1 +-l NULL-SHA + +# server TLSv1.1 RSA-NULL-SHA +-v 2 +-l NULL-SHA + +# client TLSv1.1 RSA-NULL-SHA +-v 2 +-l NULL-SHA + +# server TLSv1.2 RSA-NULL-SHA +-v 3 +-l NULL-SHA + +# client TLSv1.2 RSA-NULL-SHA +-v 3 +-l NULL-SHA + +# server TLSv1.0 RSA-NULL-SHA256 +-v 1 +-l NULL-SHA256 + +# client TLSv1.0 RSA-NULL-SHA256 +-v 1 +-l NULL-SHA256 + +# server TLSv1.1 RSA-NULL-SHA256 +-v 2 +-l NULL-SHA256 + +# client TLSv1.1 RSA-NULL-SHA256 +-v 2 +-l NULL-SHA256 + +# server TLSv1.2 RSA-NULL-SHA256 +-v 3 +-l NULL-SHA256 + +# client TLSv1.2 RSA-NULL-SHA256 +-v 3 +-l NULL-SHA256 + +# server TLSv1 CAMELLIA128-SHA +-v 1 +-l CAMELLIA128-SHA + +# client TLSv1 CAMELLIA128-SHA +-v 1 +-l CAMELLIA128-SHA + +# server TLSv1 CAMELLIA256-SHA +-v 1 +-l CAMELLIA256-SHA + +# client TLSv1 CAMELLIA256-SHA +-v 1 +-l CAMELLIA256-SHA + +# server TLSv1 CAMELLIA128-SHA256 +-v 1 +-l CAMELLIA128-SHA256 + +# client TLSv1 CAMELLIA128-SHA256 +-v 1 +-l CAMELLIA128-SHA256 + +# server TLSv1 CAMELLIA256-SHA256 +-v 1 +-l CAMELLIA256-SHA256 + +# client TLSv1 CAMELLIA256-SHA256 +-v 1 +-l CAMELLIA256-SHA256 + +# server TLSv1.1 CAMELLIA128-SHA +-v 2 +-l CAMELLIA128-SHA + +# client TLSv1.1 CAMELLIA128-SHA +-v 2 +-l CAMELLIA128-SHA + +# server TLSv1.1 CAMELLIA256-SHA +-v 2 +-l CAMELLIA256-SHA + +# client TLSv1.1 CAMELLIA256-SHA +-v 2 +-l CAMELLIA256-SHA + +# server TLSv1.1 CAMELLIA128-SHA256 +-v 2 +-l CAMELLIA128-SHA256 + +# client TLSv1.1 CAMELLIA128-SHA256 +-v 2 +-l CAMELLIA128-SHA256 + +# server TLSv1.1 CAMELLIA256-SHA256 +-v 2 +-l CAMELLIA256-SHA256 + +# client TLSv1.1 CAMELLIA256-SHA256 +-v 2 +-l CAMELLIA256-SHA256 + +# server TLSv1.2 CAMELLIA128-SHA +-v 3 +-l CAMELLIA128-SHA + +# client TLSv1.2 CAMELLIA128-SHA +-v 3 +-l CAMELLIA128-SHA + +# server TLSv1.2 CAMELLIA256-SHA +-v 3 +-l CAMELLIA256-SHA + +# client TLSv1.2 CAMELLIA256-SHA +-v 3 +-l CAMELLIA256-SHA + +# server TLSv1.2 CAMELLIA128-SHA256 +-v 3 +-l CAMELLIA128-SHA256 + +# client TLSv1.2 CAMELLIA128-SHA256 +-v 3 +-l CAMELLIA128-SHA256 + +# server TLSv1.2 CAMELLIA256-SHA256 +-v 3 +-l CAMELLIA256-SHA256 + +# client TLSv1.2 CAMELLIA256-SHA256 +-v 3 +-l CAMELLIA256-SHA256 + +# server TLSv1 DHE-RSA-CAMELLIA128-SHA +-v 1 +-l DHE-RSA-CAMELLIA128-SHA + +# client TLSv1 DHE-RSA-CAMELLIA128-SHA +-v 1 +-l DHE-RSA-CAMELLIA128-SHA + +# server TLSv1 DHE-RSA-CAMELLIA256-SHA +-v 1 +-l DHE-RSA-CAMELLIA256-SHA + +# client TLSv1 DHE-RSA-CAMELLIA256-SHA +-v 1 +-l DHE-RSA-CAMELLIA256-SHA + +# server TLSv1 DHE-RSA-CAMELLIA128-SHA256 +-v 1 +-l DHE-RSA-CAMELLIA128-SHA256 + +# client TLSv1 DHE-RSA-CAMELLIA128-SHA256 +-v 1 +-l DHE-RSA-CAMELLIA128-SHA256 + +# server TLSv1 DHE-RSA-CAMELLIA256-SHA256 +-v 1 +-l DHE-RSA-CAMELLIA256-SHA256 + +# client TLSv1 DHE-RSA-CAMELLIA256-SHA256 +-v 1 +-l DHE-RSA-CAMELLIA256-SHA256 + +# server TLSv1.1 DHE-RSA-CAMELLIA128-SHA +-v 2 +-l DHE-RSA-CAMELLIA128-SHA + +# client TLSv1.1 DHE-RSA-CAMELLIA128-SHA +-v 2 +-l DHE-RSA-CAMELLIA128-SHA + +# server TLSv1.1 DHE-RSA-CAMELLIA256-SHA +-v 2 +-l DHE-RSA-CAMELLIA256-SHA + +# client TLSv1.1 DHE-RSA-CAMELLIA256-SHA +-v 2 +-l DHE-RSA-CAMELLIA256-SHA + +# server TLSv1.1 DHE-RSA-CAMELLIA128-SHA256 +-v 2 +-l DHE-RSA-CAMELLIA128-SHA256 + +# client TLSv1.1 DHE-RSA-CAMELLIA128-SHA256 +-v 2 +-l DHE-RSA-CAMELLIA128-SHA256 + +# server TLSv1.1 DHE-RSA-CAMELLIA256-SHA256 +-v 2 +-l DHE-RSA-CAMELLIA256-SHA256 + +# client TLSv1.1 DHE-RSA-CAMELLIA256-SHA256 +-v 2 +-l DHE-RSA-CAMELLIA256-SHA256 + +# server TLSv1.2 DHE-RSA-CAMELLIA128-SHA +-v 3 +-l DHE-RSA-CAMELLIA128-SHA + +# client TLSv1.2 DHE-RSA-CAMELLIA128-SHA +-v 3 +-l DHE-RSA-CAMELLIA128-SHA + +# server TLSv1.2 DHE-RSA-CAMELLIA256-SHA +-v 3 +-l DHE-RSA-CAMELLIA256-SHA + +# client TLSv1.2 DHE-RSA-CAMELLIA256-SHA +-v 3 +-l DHE-RSA-CAMELLIA256-SHA + +# server TLSv1.2 DHE-RSA-CAMELLIA128-SHA256 +-v 3 +-l DHE-RSA-CAMELLIA128-SHA256 + +# client TLSv1.2 DHE-RSA-CAMELLIA128-SHA256 +-v 3 +-l DHE-RSA-CAMELLIA128-SHA256 + +# server TLSv1.2 DHE-RSA-CAMELLIA256-SHA256 +-v 3 +-l DHE-RSA-CAMELLIA256-SHA256 + +# client TLSv1.2 DHE-RSA-CAMELLIA256-SHA256 +-v 3 +-l DHE-RSA-CAMELLIA256-SHA256 + +# server TLSv1.2 RSA-AES128-GCM-SHA256 +-v 3 +-l AES128-GCM-SHA256 + +# client TLSv1.2 RSA-AES128-GCM-SHA256 +-v 3 +-l AES128-GCM-SHA256 + +# server TLSv1.2 RSA-AES256-GCM-SHA384 +-v 3 +-l AES256-GCM-SHA384 + +# client TLSv1.2 RSA-AES256-GCM-SHA384 +-v 3 +-l AES256-GCM-SHA384 + +# server TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 +-v 3 +-l ECDHE-ECDSA-AES128-GCM-SHA256 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES128-GCM-SHA256 +-v 3 +-l ECDHE-ECDSA-AES128-GCM-SHA256 +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 +-v 3 +-l ECDHE-ECDSA-AES256-GCM-SHA384 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES256-GCM-SHA384 +-v 3 +-l ECDHE-ECDSA-AES256-GCM-SHA384 +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 +-v 3 +-l ECDH-ECDSA-AES128-GCM-SHA256 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-ECDSA-AES128-GCM-SHA256 +-v 3 +-l ECDH-ECDSA-AES128-GCM-SHA256 +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384 +-v 3 +-l ECDH-ECDSA-AES256-GCM-SHA384 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-ECDSA-AES256-GCM-SHA384 +-v 3 +-l ECDH-ECDSA-AES256-GCM-SHA384 +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 + +# client TLSv1.2 ECDHE-RSA-AES128-GCM-SHA256 +-v 3 +-l ECDHE-RSA-AES128-GCM-SHA256 + +# server TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 + +# client TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 +-v 3 +-l ECDHE-RSA-AES256-GCM-SHA384 + +# server TLSv1.2 ECDH-RSA-AES128-GCM-SHA256 +-v 3 +-l ECDH-RSA-AES128-GCM-SHA256 +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-RSA-AES128-GCM-SHA256 +-v 3 +-l ECDH-RSA-AES128-GCM-SHA256 + +# server TLSv1.2 ECDH-RSA-AES256-GCM-SHA384 +-v 3 +-l ECDH-RSA-AES256-GCM-SHA384 +-c ./certs/server-ecc-rsa.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDH-RSA-AES256-GCM-SHA384 +-v 3 +-l ECDH-RSA-AES256-GCM-SHA384 + +# server TLSv1.2 DHE-RSA-AES128-GCM-SHA256 +-v 3 +-l DHE-RSA-AES128-GCM-SHA256 + +# client TLSv1.2 DHE-RSA-AES128-GCM-SHA256 +-v 3 +-l DHE-RSA-AES128-GCM-SHA256 + +# server TLSv1.2 DHE-RSA-AES256-GCM-SHA384 +-v 3 +-l DHE-RSA-AES256-GCM-SHA384 + +# client TLSv1.2 DHE-RSA-AES256-GCM-SHA384 +-v 3 +-l DHE-RSA-AES256-GCM-SHA384 + +# server TLSv1.2 PSK-AES128-GCM-SHA256 +-s +-v 3 +-l PSK-AES128-GCM-SHA256 + +# client TLSv1.2 PSK-AES128-GCM-SHA256 +-s +-v 3 +-l PSK-AES128-GCM-SHA256 + +# server TLSv1.2 PSK-AES256-GCM-SHA384 +-s +-v 3 +-l PSK-AES256-GCM-SHA384 + +# client TLSv1.2 PSK-AES256-GCM-SHA384 +-s +-v 3 +-l PSK-AES256-GCM-SHA384 + +# server TLSv1.2 AES128-CCM-8 +-v 3 +-l AES128-CCM-8 + +# client TLSv1.2 AES128-CCM-8 +-v 3 +-l AES128-CCM-8 + +# server TLSv1.2 AES256-CCM-8 +-v 3 +-l AES256-CCM-8 + +# client TLSv1.2 AES256-CCM-8 +-v 3 +-l AES256-CCM-8 + +# server TLSv1.2 ECDHE-ECDSA-AES128-CCM-8 +-v 3 +-l ECDHE-ECDSA-AES128-CCM-8 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES128-CCM-8 +-v 3 +-l ECDHE-ECDSA-AES128-CCM-8 +-A ./certs/server-ecc.pem + +# server TLSv1.2 ECDHE-ECDSA-AES256-CCM-8 +-v 3 +-l ECDHE-ECDSA-AES256-CCM-8 +-c ./certs/server-ecc.pem +-k ./certs/ecc-key.pem + +# client TLSv1.2 ECDHE-ECDSA-AES256-CCM-8 +-v 3 +-l ECDHE-ECDSA-AES256-CCM-8 +-A ./certs/server-ecc.pem + +# server TLSv1.2 PSK-AES128-CCM +-s +-v 3 +-l PSK-AES128-CCM + +# client TLSv1.2 PSK-AES128-CCM +-s +-v 3 +-l PSK-AES128-CCM + +# server TLSv1.2 PSK-AES256-CCM +-s +-v 3 +-l PSK-AES256-CCM + +# client TLSv1.2 PSK-AES256-CCM +-s +-v 3 +-l PSK-AES256-CCM + +# server TLSv1.2 PSK-AES128-CCM-8 +-s +-v 3 +-l PSK-AES128-CCM-8 + +# client TLSv1.2 PSK-AES128-CCM-8 +-s +-v 3 +-l PSK-AES128-CCM-8 + +# server TLSv1.2 PSK-AES256-CCM-8 +-s +-v 3 +-l PSK-AES256-CCM-8 + +# client TLSv1.2 PSK-AES256-CCM-8 +-s +-v 3 +-l PSK-AES256-CCM-8 + +# server TLSv1.0 DHE-PSK-AES128-CBC-SHA256 +-s +-v 1 +-l DHE-PSK-AES128-CBC-SHA256 + +# client TLSv1.0 DHE-PSK-AES128-CBC-SHA256 +-s +-v 1 +-l DHE-PSK-AES128-CBC-SHA256 + +# server TLSv1.1 DHE-PSK-AES128-CBC-SHA256 +-s +-v 2 +-l DHE-PSK-AES128-CBC-SHA256 + +# client TLSv1.1 DHE-PSK-AES128-CBC-SHA256 +-s +-v 2 +-l DHE-PSK-AES128-CBC-SHA256 + +# server TLSv1.2 DHE-PSK-AES128-CBC-SHA256 +-s +-v 3 +-l DHE-PSK-AES128-CBC-SHA256 + +# client TLSv1.2 DHE-PSK-AES128-CBC-SHA256 +-s +-v 3 +-l DHE-PSK-AES128-CBC-SHA256 + +# server TLSv1.0 DHE-PSK-AES256-CBC-SHA384 +-s +-v 1 +-l DHE-PSK-AES256-CBC-SHA384 + +# client TLSv1.0 DHE-PSK-AES256-CBC-SHA384 +-s +-v 1 +-l DHE-PSK-AES256-CBC-SHA384 + +# server TLSv1.1 DHE-PSK-AES256-CBC-SHA384 +-s +-v 2 +-l DHE-PSK-AES256-CBC-SHA384 + +# client TLSv1.1 DHE-PSK-AES256-CBC-SHA384 +-s +-v 2 +-l DHE-PSK-AES256-CBC-SHA384 + +# server TLSv1.2 DHE-PSK-AES256-CBC-SHA384 +-s +-v 3 +-l DHE-PSK-AES256-CBC-SHA384 + +# client TLSv1.2 DHE-PSK-AES256-CBC-SHA384 +-s +-v 3 +-l DHE-PSK-AES256-CBC-SHA384 + +# server TLSv1.0 DHE-PSK-NULL-SHA256 +-s +-v 1 +-l DHE-PSK-NULL-SHA256 + +# client TLSv1.0 DHE-PSK-NULL-SHA256 +-s +-v 1 +-l DHE-PSK-NULL-SHA256 + +# server TLSv1.1 DHE-PSK-NULL-SHA256 +-s +-v 2 +-l DHE-PSK-NULL-SHA256 + +# client TLSv1.1 DHE-PSK-NULL-SHA256 +-s +-v 2 +-l DHE-PSK-NULL-SHA256 + +# server TLSv1.2 DHE-PSK-NULL-SHA256 +-s +-v 3 +-l DHE-PSK-NULL-SHA256 + +# client TLSv1.2 DHE-PSK-NULL-SHA256 +-s +-v 3 +-l DHE-PSK-NULL-SHA256 + +# server TLSv1.0 DHE-PSK-NULL-SHA384 +-s +-v 1 +-l DHE-PSK-NULL-SHA384 + +# client TLSv1.0 DHE-PSK-NULL-SHA384 +-s +-v 1 +-l DHE-PSK-NULL-SHA384 + +# server TLSv1.1 DHE-PSK-NULL-SHA384 +-s +-v 2 +-l DHE-PSK-NULL-SHA384 + +# client TLSv1.1 DHE-PSK-NULL-SHA384 +-s +-v 2 +-l DHE-PSK-NULL-SHA384 + +# server TLSv1.2 DHE-PSK-NULL-SHA384 +-s +-v 3 +-l DHE-PSK-NULL-SHA384 + +# client TLSv1.2 DHE-PSK-NULL-SHA384 +-s +-v 3 +-l DHE-PSK-NULL-SHA384 + +# server TLSv1.2 DHE-PSK-AES128-GCM-SHA256 +-s +-v 3 +-l DHE-PSK-AES128-GCM-SHA256 + +# client TLSv1.2 DHE-PSK-AES128-GCM-SHA256 +-s +-v 3 +-l DHE-PSK-AES128-GCM-SHA256 + +# server TLSv1.2 DHE-PSK-AES256-GCM-SHA384 +-s +-v 3 +-l DHE-PSK-AES256-GCM-SHA384 + +# client TLSv1.2 DHE-PSK-AES256-GCM-SHA384 +-s +-v 3 +-l DHE-PSK-AES256-GCM-SHA384 + +# server TLSv1.2 DHE-PSK-AES128-CCM +-s +-v 3 +-l DHE-PSK-AES128-CCM + +# client TLSv1.2 DHE-PSK-AES128-CCM +-s +-v 3 +-l DHE-PSK-AES128-CCM + +# server TLSv1.2 DHE-PSK-AES256-CCM +-s +-v 3 +-l DHE-PSK-AES256-CCM + +# client TLSv1.2 DHE-PSK-AES256-CCM +-s +-v 3 +-l DHE-PSK-AES256-CCM diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/unit.c b/FreeRTOS-Plus/Source/CyaSSL/tests/unit.c index 1fbcc9cb5..287ad3cf7 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/unit.c +++ b/FreeRTOS-Plus/Source/CyaSSL/tests/unit.c @@ -1,4 +1,10 @@ /* unit.c unit tests driver */ +#ifdef HAVE_CONFIG_H + #include +#endif + +#include + #include #include @@ -11,7 +17,20 @@ int main(int argc, char** argv) { int ret; - printf("staring unit tests...\n"); + (void)argc; + (void)argv; + printf("starting unit tests...\n"); + +#ifdef HAVE_CAVIUM + ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + + if (CurrentDir("tests") || CurrentDir("_build")) + ChangeDirBack(1); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); if ( (ret = ApiTest()) != 0) { printf("api test failed with %d\n", ret); @@ -23,18 +42,27 @@ int main(int argc, char** argv) return ret; } +#ifndef SINGLE_THREADED if ( (ret = SuiteTest()) != 0){ printf("suite test failed with %d\n", ret); return ret; } +#endif + +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif return 0; } + void wait_tcp_ready(func_args* args) { -#ifdef _POSIX_THREADS +#ifdef SINGLE_THREADED + (void)args; +#elif defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_mutex_lock(&args->signal->mutex); if (!args->signal->ready) @@ -42,13 +70,19 @@ void wait_tcp_ready(func_args* args) args->signal->ready = 0; /* reset */ pthread_mutex_unlock(&args->signal->mutex); +#else + (void)args; #endif } void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread) { -#ifdef _POSIX_THREADS +#ifdef SINGLE_THREADED + (void)fun; + (void)args; + (void)thread; +#elif defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_create(thread, 0, fun, args); return; #else @@ -59,12 +93,14 @@ void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread) void join_thread(THREAD_TYPE thread) { -#ifdef _POSIX_THREADS +#ifdef SINGLE_THREADED + (void)thread; +#elif defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_join(thread, 0); #else - int res = WaitForSingleObject(thread, INFINITE); + int res = WaitForSingleObject((HANDLE)thread, INFINITE); assert(res == WAIT_OBJECT_0); - res = CloseHandle(thread); + res = CloseHandle((HANDLE)thread); assert(res); #endif } @@ -73,7 +109,9 @@ void join_thread(THREAD_TYPE thread) void InitTcpReady(tcp_ready* ready) { ready->ready = 0; -#ifdef _POSIX_THREADS + ready->port = 0; +#ifdef SINGLE_THREADED +#elif defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_mutex_init(&ready->mutex, 0); pthread_cond_init(&ready->cond, 0); #endif @@ -82,8 +120,13 @@ void InitTcpReady(tcp_ready* ready) void FreeTcpReady(tcp_ready* ready) { -#ifdef _POSIX_THREADS +#ifdef SINGLE_THREADED + (void)ready; +#elif defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_mutex_destroy(&ready->mutex); pthread_cond_destroy(&ready->cond); +#else + (void)ready; #endif -} \ No newline at end of file +} + diff --git a/FreeRTOS-Plus/Source/CyaSSL/tests/unit.h b/FreeRTOS-Plus/Source/CyaSSL/tests/unit.h index 840893cda..f20f52ff7 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/tests/unit.h +++ b/FreeRTOS-Plus/Source/CyaSSL/tests/unit.h @@ -5,9 +5,60 @@ #include /* thread and tcp stuff */ +#define Fail(description, result) do { \ + printf("\nERROR - %s line %d failed with:", __FILE__, __LINE__); \ + printf("\n\n test: "); printf description; \ + printf("\n\n result: "); printf result; \ + abort(); \ +} while(0) + +#define Assert(test, description, result) if (!(test)) Fail(description, result) + +#define AssertTrue(x) Assert( (x), ("%s is true", #x), (#x " => FALSE")) +#define AssertFalse(x) Assert(!(x), ("%s is false", #x), (#x " => TRUE")) +#define AssertNotNull(x) Assert( (x), ("%s is not null", #x), (#x " => NULL")) + +#define AssertNull(x) do { \ + void* _x = (void *) (x); \ + \ + Assert(!_x, ("%s is null", #x), (#x " => %p", _x)); \ +} while(0) + +#define AssertInt(x, y, op, er) do { \ + int _x = x; \ + int _y = y; \ + \ + Assert(_x op _y, ("%s " #op " %s", #x, #y), ("%d " #er " %d", _x, _y)); \ +} while(0) + +#define AssertIntEQ(x, y) AssertInt(x, y, ==, !=) +#define AssertIntNE(x, y) AssertInt(x, y, !=, ==) +#define AssertIntGT(x, y) AssertInt(x, y, >, <=) +#define AssertIntLT(x, y) AssertInt(x, y, <, >=) +#define AssertIntGE(x, y) AssertInt(x, y, >=, <) +#define AssertIntLE(x, y) AssertInt(x, y, <=, >) + +#define AssertStr(x, y, op, er) do { \ + const char* _x = x; \ + const char* _y = y; \ + int _z = strcmp(_x, _y); \ + \ + Assert(_z op 0, ("%s " #op " %s", #x, #y), \ + ("\"%s\" " #er " \"%s\"", _x, _y));\ +} while(0) + +#define AssertStrEQ(x, y) AssertStr(x, y, ==, !=) +#define AssertStrNE(x, y) AssertStr(x, y, !=, ==) +#define AssertStrGT(x, y) AssertStr(x, y, >, <=) +#define AssertStrLT(x, y) AssertStr(x, y, <, >=) +#define AssertStrGE(x, y) AssertStr(x, y, >=, <) +#define AssertStrLE(x, y) AssertStr(x, y, <=, >) + + int ApiTest(void); int SuiteTest(void); int HashTest(void); -#endif /* CyaSSL_UNIT_H */ \ No newline at end of file +#endif /* CyaSSL_UNIT_H */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/testsuite/include.am b/FreeRTOS-Plus/Source/CyaSSL/testsuite/include.am index 1772ac124..e9c5eb5bd 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/testsuite/include.am +++ b/FreeRTOS-Plus/Source/CyaSSL/testsuite/include.am @@ -3,20 +3,24 @@ # All paths should be given relative to the root -check_PROGRAMS += testsuite/testsuite -noinst_PROGRAMS += testsuite/testsuite -testsuite_testsuite_SOURCES = \ +if BUILD_EXAMPLES +check_PROGRAMS += testsuite/testsuite.test +noinst_PROGRAMS += testsuite/testsuite.test +testsuite_testsuite_test_SOURCES = \ ctaocrypt/test/test.c \ examples/client/client.c \ examples/echoclient/echoclient.c \ examples/echoserver/echoserver.c \ examples/server/server.c \ testsuite/testsuite.c -testsuite_testsuite_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) $(PTHREAD_CFLAGS) -testsuite_testsuite_LDADD = src/libcyassl.la $(PTHREAD_LIBS) -testsuite_testsuite_DEPENDENCIES = src/libcyassl.la +testsuite_testsuite_test_CFLAGS = -DNO_MAIN_DRIVER $(AM_CFLAGS) +testsuite_testsuite_test_LDADD = src/libcyassl.la +testsuite_testsuite_test_DEPENDENCIES = src/libcyassl.la +endif EXTRA_DIST += testsuite/testsuite.sln EXTRA_DIST += testsuite/testsuite-ntru.vcproj EXTRA_DIST += testsuite/testsuite.vcproj +EXTRA_DIST += testsuite/testsuite.vcxproj EXTRA_DIST += input EXTRA_DIST += quit +DISTCLEANFILES+= testsuite/.libs/testsuite.test diff --git a/FreeRTOS-Plus/Source/CyaSSL/testsuite/testsuite.c b/FreeRTOS-Plus/Source/CyaSSL/testsuite/testsuite.c index ebcb0c28f..419704f0c 100644 --- a/FreeRTOS-Plus/Source/CyaSSL/testsuite/testsuite.c +++ b/FreeRTOS-Plus/Source/CyaSSL/testsuite/testsuite.c @@ -1,6 +1,6 @@ /* testsuite.c * - * Copyright (C) 2006-2012 Sawtooth Consulting Ltd. + * Copyright (C) 2006-2014 wolfSSL Inc. * * This file is part of CyaSSL. * @@ -16,77 +16,86 @@ * * You should have received a copy of the GNU General Public License * along with this program; if not, write to the Free Software - * Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA + * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA */ #ifdef HAVE_CONFIG_H #include #endif -#include +#include + #include -#include +#include "ctaocrypt/test/test.h" -#ifdef SINGLE_THREADED - #error testsuite needs threads to run, please run ctaocrypt/test, \ - and the examples/ individually -#endif +#ifndef SINGLE_THREADED + +#include +#include -void ctaocrypt_test(void*); +#include "examples/echoclient/echoclient.h" +#include "examples/echoserver/echoserver.h" +#include "examples/server/server.h" +#include "examples/client/client.h" -void client_test(void*); -void echoclient_test(void*); -THREAD_RETURN CYASSL_THREAD server_test(void*); -THREAD_RETURN CYASSL_THREAD echoserver_test(void*); +void file_test(const char* file, byte* hash); -void file_test(char* file, byte* hash); +void simple_test(func_args*); enum { NUMARGS = 3 }; +#ifndef USE_WINDOWS_API + static const char outputName[] = "/tmp/output"; +#else + static const char outputName[] = "output"; +#endif + int myoptind = 0; char* myoptarg = NULL; - int main(int argc, char** argv) { - func_args args; func_args server_args; tcp_ready ready; THREAD_TYPE serverThread; +#ifdef HAVE_CAVIUM + int ret = OpenNitroxDevice(CAVIUM_DIRECT, CAVIUM_DEV_ID); + if (ret != 0) + err_sys("Cavium OpenNitroxDevice failed"); +#endif /* HAVE_CAVIUM */ + StartTCP(); - args.argc = server_args.argc = argc; - args.argv = server_args.argv = argv; + server_args.argc = argc; + server_args.argv = argv; CyaSSL_Init(); -#ifdef DEBUG_CYASSL +#if defined(DEBUG_CYASSL) && !defined(HAVE_VALGRIND) CyaSSL_Debugging_ON(); #endif - if (CurrentDir("testsuite")) + if (CurrentDir("testsuite") || CurrentDir("_build")) ChangeDirBack(1); - else if (CurrentDir("build")) /* Xcode->Preferences->Locations->Build */ - ChangeDirBack(2); /* Location "Place build product in locations - specified by targets", uses build/Debug */ + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); /* Xcode->Preferences->Locations->Locations*/ + /* Derived Data Advanced -> Custom */ + /* Relative to Workspace, Build/Products */ + /* Debug or Release */ + server_args.signal = &ready; + InitTcpReady(&ready); + /* CTaoCrypt test */ - ctaocrypt_test(&args); - if (args.return_code != 0) return args.return_code; + ctaocrypt_test(&server_args); + if (server_args.return_code != 0) return server_args.return_code; /* Simple CyaSSL client server test */ - InitTcpReady(&ready); - server_args.signal = &ready; - start_thread(server_test, &server_args, &serverThread); - wait_tcp_ready(&server_args); - - client_test(&args); - if (args.return_code != 0) return args.return_code; - join_thread(serverThread); + simple_test(&server_args); if (server_args.return_code != 0) return server_args.return_code; /* Echo input yaSSL client server test */ @@ -104,13 +113,16 @@ int main(int argc, char** argv) myArgv[1] = argc1; myArgv[2] = argc2; - echo_args.argc = NUMARGS; + echo_args.argc = 3; echo_args.argv = myArgv; strcpy(echo_args.argv[0], "echoclient"); strcpy(echo_args.argv[1], "input"); - strcpy(echo_args.argv[2], "output"); - remove("output"); + strcpy(echo_args.argv[2], outputName); + remove(outputName); + + /* Share the signal, it has the new port number in it. */ + echo_args.signal = server_args.signal; /* make sure OK */ echoclient_test(&echo_args); @@ -131,11 +143,11 @@ int main(int argc, char** argv) /* validate output equals input */ { - byte input[MD5_DIGEST_SIZE]; - byte output[MD5_DIGEST_SIZE]; + byte input[SHA256_DIGEST_SIZE]; + byte output[SHA256_DIGEST_SIZE]; file_test("input", input); - file_test("output", output); + file_test(outputName, output); if (memcmp(input, output, sizeof(input)) != 0) return EXIT_FAILURE; } @@ -143,15 +155,96 @@ int main(int argc, char** argv) CyaSSL_Cleanup(); FreeTcpReady(&ready); +#ifdef HAVE_CAVIUM + CspShutdown(CAVIUM_DEV_ID); +#endif printf("\nAll tests passed!\n"); return EXIT_SUCCESS; } +void simple_test(func_args* args) +{ + THREAD_TYPE serverThread; + + func_args svrArgs; + char *svrArgv[9]; + char argc0s[32]; + char argc1s[32]; + char argc2s[32]; + char argc3s[32]; + char argc4s[32]; + char argc5s[32]; + char argc6s[32]; + char argc7s[32]; + char argc8s[32]; + + func_args cliArgs; + char *cliArgv[NUMARGS]; + char argc0c[32]; + char argc1c[32]; + char argc2c[32]; + + svrArgv[0] = argc0s; + svrArgv[1] = argc1s; + svrArgv[2] = argc2s; + svrArgv[3] = argc3s; + svrArgv[4] = argc4s; + svrArgv[5] = argc5s; + svrArgv[6] = argc6s; + svrArgv[7] = argc7s; + svrArgv[8] = argc8s; + cliArgv[0] = argc0c; + cliArgv[1] = argc1c; + cliArgv[2] = argc2c; + + svrArgs.argc = 1; + svrArgs.argv = svrArgv; + svrArgs.return_code = 0; + cliArgs.argc = 1; + cliArgs.argv = cliArgv; + cliArgs.return_code = 0; + + strcpy(svrArgs.argv[0], "SimpleServer"); + #if !defined(USE_WINDOWS_API) && !defined(CYASSL_SNIFFER) + strcpy(svrArgs.argv[svrArgs.argc++], "-p"); + strcpy(svrArgs.argv[svrArgs.argc++], "0"); + #endif + #ifdef HAVE_NTRU + strcpy(svrArgs.argv[svrArgs.argc++], "-d"); + strcpy(svrArgs.argv[svrArgs.argc++], "-n"); + strcpy(svrArgs.argv[svrArgs.argc++], "-c"); + strcpy(svrArgs.argv[svrArgs.argc++], "./certs/ntru-cert.pem"); + strcpy(svrArgs.argv[svrArgs.argc++], "-k"); + strcpy(svrArgs.argv[svrArgs.argc++], "./certs/ntru-key.raw"); + #endif + /* Set the last arg later, when it is known. */ + + args->return_code = 0; + svrArgs.signal = args->signal; + start_thread(server_test, &svrArgs, &serverThread); + wait_tcp_ready(&svrArgs); + + /* Setting the actual port number. */ + strcpy(cliArgs.argv[0], "SimpleClient"); + #ifndef USE_WINDOWS_API + cliArgs.argc = NUMARGS; + strcpy(cliArgs.argv[1], "-p"); + snprintf(cliArgs.argv[2], sizeof(argc2c), "%d", svrArgs.signal->port); + #endif + + client_test(&cliArgs); + if (cliArgs.return_code != 0) { + args->return_code = cliArgs.return_code; + return; + } + join_thread(serverThread); + if (svrArgs.return_code != 0) args->return_code = svrArgs.return_code; +} void wait_tcp_ready(func_args* args) { -#ifdef _POSIX_THREADS +#if defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_mutex_lock(&args->signal->mutex); if (!args->signal->ready) @@ -159,13 +252,15 @@ void wait_tcp_ready(func_args* args) args->signal->ready = 0; /* reset */ pthread_mutex_unlock(&args->signal->mutex); +#else + (void)args; #endif } void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread) { -#ifdef _POSIX_THREADS +#if defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_create(thread, 0, fun, args); return; #else @@ -176,12 +271,12 @@ void start_thread(THREAD_FUNC fun, func_args* args, THREAD_TYPE* thread) void join_thread(THREAD_TYPE thread) { -#ifdef _POSIX_THREADS +#if defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_join(thread, 0); #else - int res = WaitForSingleObject(thread, INFINITE); + int res = WaitForSingleObject((HANDLE)thread, INFINITE); assert(res == WAIT_OBJECT_0); - res = CloseHandle(thread); + res = CloseHandle((HANDLE)thread); assert(res); #endif } @@ -190,7 +285,8 @@ void join_thread(THREAD_TYPE thread) void InitTcpReady(tcp_ready* ready) { ready->ready = 0; -#ifdef _POSIX_THREADS + ready->port = 0; +#if defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_mutex_init(&ready->mutex, 0); pthread_cond_init(&ready->cond, 0); #endif @@ -199,34 +295,50 @@ void InitTcpReady(tcp_ready* ready) void FreeTcpReady(tcp_ready* ready) { -#ifdef _POSIX_THREADS +#if defined(_POSIX_THREADS) && !defined(__MINGW32__) pthread_mutex_destroy(&ready->mutex); pthread_cond_destroy(&ready->cond); +#else + (void)ready; #endif } -void file_test(char* file, byte* check) +void file_test(const char* file, byte* check) { FILE* f; - int i = 0, j; - Md5 md5; + int i = 0, j, ret; + Sha256 sha256; byte buf[1024]; - byte md5sum[MD5_DIGEST_SIZE]; + byte shasum[SHA256_DIGEST_SIZE]; - InitMd5(&md5); + ret = InitSha256(&sha256); + if (ret != 0) { + printf("Can't InitSha256 %d\n", ret); + return; + } if( !( f = fopen( file, "rb" ) )) { printf("Can't open %s\n", file); return; } - while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 ) - Md5Update(&md5, buf, i); + while( ( i = (int)fread(buf, 1, sizeof(buf), f )) > 0 ) { + ret = Sha256Update(&sha256, buf, i); + if (ret != 0) { + printf("Can't Sha256Update %d\n", ret); + return; + } + } - Md5Final(&md5, md5sum); - memcpy(check, md5sum, sizeof(md5sum)); + ret = Sha256Final(&sha256, shasum); + if (ret != 0) { + printf("Can't Sha256Final %d\n", ret); + return; + } + + memcpy(check, shasum, sizeof(shasum)); - for(j = 0; j < MD5_DIGEST_SIZE; ++j ) - printf( "%02x", md5sum[j] ); + for(j = 0; j < SHA256_DIGEST_SIZE; ++j ) + printf( "%02x", shasum[j] ); printf(" %s\n", file); @@ -234,3 +346,35 @@ void file_test(char* file, byte* check) } +#else /* SINGLE_THREADED */ + + +int myoptind = 0; +char* myoptarg = NULL; + + +int main(int argc, char** argv) +{ + func_args server_args; + + server_args.argc = argc; + server_args.argv = argv; + + if (CurrentDir("testsuite") || CurrentDir("_build")) + ChangeDirBack(1); + else if (CurrentDir("Debug") || CurrentDir("Release")) + ChangeDirBack(3); /* Xcode->Preferences->Locations->Locations*/ + /* Derived Data Advanced -> Custom */ + /* Relative to Workspace, Build/Products */ + /* Debug or Release */ + + ctaocrypt_test(&server_args); + if (server_args.return_code != 0) return server_args.return_code; + + printf("\nAll tests passed!\n"); + return EXIT_SUCCESS; +} + + +#endif /* SINGLE_THREADED */ + diff --git a/FreeRTOS-Plus/Source/CyaSSL/testsuite/testsuite.vcxproj b/FreeRTOS-Plus/Source/CyaSSL/testsuite/testsuite.vcxproj new file mode 100644 index 000000000..7bbd19dc5 --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/testsuite/testsuite.vcxproj @@ -0,0 +1,180 @@ + + + + + Debug + Win32 + + + Debug + x64 + + + Release + Win32 + + + Release + x64 + + + + {611E8971-46E0-4D0A-B5A1-632C3B00CB80} + testsuite + Win32Proj + + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + true + + + Application + v110 + Unicode + + + Application + v110 + Unicode + + + + + + + + + + + + + + + + + + + <_ProjectFileVersion>11.0.61030.0 + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + true + + + true + + + $(SolutionDir)$(Configuration)\ + $(Configuration)\ + false + + + false + + + + Disabled + ../;%(AdditionalIncludeDirectories) + NO_MAIN_DRIVER;CYASSL_RIPEMD;CYASSL_SHA512;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + true + EnableFastChecks + MultiThreadedDebugDLL + + Level3 + EditAndContinue + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + MachineX86 + + + + + Disabled + ../;%(AdditionalIncludeDirectories) + NO_MAIN_DRIVER;CYASSL_RIPEMD;CYASSL_SHA512;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + EnableFastChecks + MultiThreadedDebugDLL + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + + + + + MaxSpeed + true + ../;%(AdditionalIncludeDirectories) + NO_MAIN_DRIVER;CYASSL_RIPEMD;CYASSL_SHA512;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + MachineX86 + + + + + MaxSpeed + true + ../;%(AdditionalIncludeDirectories) + NO_MAIN_DRIVER;CYASSL_RIPEMD;CYASSL_SHA512;OPENSSL_EXTRA;NO_PSK;%(PreprocessorDefinitions) + MultiThreadedDLL + true + + + Level3 + ProgramDatabase + + + Ws2_32.lib;%(AdditionalDependencies) + true + Console + true + true + + + + + + + + + + + + + {73973223-5ee8-41ca-8e88-1d60e89a237b} + false + + + + + + \ No newline at end of file diff --git a/FreeRTOS-Plus/Source/CyaSSL/valgrind-error.sh b/FreeRTOS-Plus/Source/CyaSSL/valgrind-error.sh new file mode 100644 index 000000000..7f7441c3e --- /dev/null +++ b/FreeRTOS-Plus/Source/CyaSSL/valgrind-error.sh @@ -0,0 +1,22 @@ +#!/bin/sh +# +# +# Our valgrind "error" wrapper. + +valgrind --leak-check=full -q "$@" 2> valgrind.tmp + +result="$?" + +# verify no errors + +output="`cat valgrind.tmp`" + +if [ "$output" != "" ]; then + cat valgrind.tmp >&2 + result=1 +fi + +rm valgrind.tmp + +exit $result + diff --git a/FreeRTOS-Plus/Source/FreeRTOS-Plus-FAT-SL/media-drv/ram/ramdrv_f.c b/FreeRTOS-Plus/Source/FreeRTOS-Plus-FAT-SL/media-drv/ram/ramdrv_f.c index 30e443ee8..0c120e322 100644 --- a/FreeRTOS-Plus/Source/FreeRTOS-Plus-FAT-SL/media-drv/ram/ramdrv_f.c +++ b/FreeRTOS-Plus/Source/FreeRTOS-Plus-FAT-SL/media-drv/ram/ramdrv_f.c @@ -1,29 +1,29 @@ /* * FreeRTOS+FAT SL V1.0.1 (C) 2014 HCC Embedded * - * The FreeRTOS+FAT SL license terms are different to the FreeRTOS license + * The FreeRTOS+FAT SL license terms are different to the FreeRTOS license * terms. - * - * FreeRTOS+FAT SL uses a dual license model that allows the software to be used - * under a standard GPL open source license, or a commercial license. The - * standard GPL license (unlike the modified GPL license under which FreeRTOS - * itself is distributed) requires that all software statically linked with - * FreeRTOS+FAT SL is also distributed under the same GPL V2 license terms. + * + * FreeRTOS+FAT SL uses a dual license model that allows the software to be used + * under a standard GPL open source license, or a commercial license. The + * standard GPL license (unlike the modified GPL license under which FreeRTOS + * itself is distributed) requires that all software statically linked with + * FreeRTOS+FAT SL is also distributed under the same GPL V2 license terms. * Details of both license options follow: - * + * * - Open source licensing - * FreeRTOS+FAT SL is a free download and may be used, modified, evaluated and - * distributed without charge provided the user adheres to version two of the - * GNU General Public License (GPL) and does not remove the copyright notice or + * distributed without charge provided the user adheres to version two of the + * GNU General Public License (GPL) and does not remove the copyright notice or * this text. The GPL V2 text is available on the gnu.org web site, and on the * following URL: http://www.FreeRTOS.org/gpl-2.0.txt. - * + * * - Commercial licensing - * Businesses and individuals who for commercial or other reasons cannot comply - * with the terms of the GPL V2 license must obtain a commercial license before - * incorporating FreeRTOS+FAT SL into proprietary software for distribution in - * any form. Commercial licenses can be purchased from - * http://shop.freertos.org/fat_sl and do not require any source files to be + * with the terms of the GPL V2 license must obtain a commercial license before + * incorporating FreeRTOS+FAT SL into proprietary software for distribution in + * any form. Commercial licenses can be purchased from + * http://shop.freertos.org/fat_sl and do not require any source files to be * changed. * * FreeRTOS+FAT SL is distributed in the hope that it will be useful. You @@ -47,23 +47,17 @@ #error Incompatible MDRIVER_RAM version number! #endif +/* The array used as the RAM disk storage. */ +static char ramdrv[ MDRIVER_RAM_VOLUME0_SIZE ]; -char ramdrv0[MDRIVER_RAM_VOLUME0_SIZE]; +/* The F_DRIVER structure that is filled with the RAM disk versions of the read +sector, write sector, etc. functions. */ +static F_DRIVER t_driver; -typedef struct -{ - char * ramdrv; - unsigned long maxsector; - int use; - F_DRIVER * driver; -} t_RamDrv; - -static F_DRIVER t_drivers[1]; +static const unsigned long maxsector = MDRIVER_RAM_VOLUME0_SIZE / MDRIVER_RAM_SECTOR_SIZE; -static t_RamDrv RamDrv[1] = -{ - { ramdrv0, ( MDRIVER_RAM_VOLUME0_SIZE / MDRIVER_RAM_SECTOR_SIZE ), 0, &t_drivers[0] } -}; +/* Disk not initialized yet. */ +static char in_use = 0; /**************************************************************************** @@ -74,14 +68,23 @@ static int ram_readsector ( F_DRIVER * driver, void * data, unsigned long sector long len; char * d = (char *)data; char * s; - t_RamDrv * p = (t_RamDrv *)( driver->user_ptr ); - if ( sector >= p->maxsector ) + /* Not used. */ + ( void ) driver; + + /* Check for valid sector. */ + if ( sector >= maxsector ) { return MDRIVER_RAM_ERR_SECTOR; } - s = p->ramdrv; + if( in_use == 0 ) + { + return MDRIVER_RAM_ERR_NOTAVAILABLE; + } + + /* Locate offset into RAM disk for sector. */ + s = ramdrv; s += sector * MDRIVER_RAM_SECTOR_SIZE; len = MDRIVER_RAM_SECTOR_SIZE; @@ -91,6 +94,7 @@ static int ram_readsector ( F_DRIVER * driver, void * data, unsigned long sector long * dd = (long *)d; long * ss = (long *)s; len >>= 2; + /* Read words. */ while ( len-- ) { *dd++ = *ss++; @@ -101,6 +105,7 @@ static int ram_readsector ( F_DRIVER * driver, void * data, unsigned long sector #endif /* if MDRIVER_MEM_LONG_ACCESS */ + /* Read bytes. */ while ( len-- ) { *d++ = *s++; @@ -117,14 +122,23 @@ static int ram_writesector ( F_DRIVER * driver, void * data, unsigned long secto long len; char * s = (char *)data; char * d; - t_RamDrv * p = (t_RamDrv *)( driver->user_ptr ); - if ( sector >= p->maxsector ) + /* Not used. */ + ( void ) driver; + + /* Check for valid sector. */ + if ( sector >= maxsector ) { return MDRIVER_RAM_ERR_SECTOR; } - d = p->ramdrv; + if( in_use == 0 ) + { + return MDRIVER_RAM_ERR_NOTAVAILABLE; + } + + /* Locate offset into RAM disk for sector. */ + d = ramdrv; d += sector * MDRIVER_RAM_SECTOR_SIZE; len = MDRIVER_RAM_SECTOR_SIZE; @@ -134,6 +148,8 @@ static int ram_writesector ( F_DRIVER * driver, void * data, unsigned long secto long * dd = (long *)d; long * ss = (long *)s; len >>= 2; + + /* Write words. */ while ( len-- ) { *dd++ = *ss++; @@ -141,9 +157,9 @@ static int ram_writesector ( F_DRIVER * driver, void * data, unsigned long secto return MDRIVER_RAM_NO_ERROR; } - #endif /* if MDRIVER_MEM_LONG_ACCESS */ + /* Write bytes. */ while ( len-- ) { *d++ = *s++; @@ -171,9 +187,10 @@ static int ram_writesector ( F_DRIVER * driver, void * data, unsigned long secto ***************************************************************************/ static int ram_getphy ( F_DRIVER * driver, F_PHY * phy ) { - t_RamDrv * p = (t_RamDrv *)( driver->user_ptr ); + /* Not used. */ + ( void ) driver; - phy->number_of_sectors = p->maxsector; + phy->number_of_sectors = maxsector; phy->bytes_per_sector = MDRIVER_RAM_SECTOR_SIZE; return MDRIVER_RAM_NO_ERROR; @@ -193,12 +210,11 @@ static int ram_getphy ( F_DRIVER * driver, F_PHY * phy ) ***************************************************************************/ static void ram_release ( F_DRIVER * driver ) { - t_RamDrv * p = (t_RamDrv *)( driver->user_ptr ); + /* Not used. */ + ( void ) driver; - if ( p == RamDrv ) - { - p->use = 0; - } + /* Disk no longer in use. */ + in_use = 0; } @@ -220,30 +236,20 @@ static void ram_release ( F_DRIVER * driver ) ***************************************************************************/ F_DRIVER * ram_initfunc ( unsigned long driver_param ) { - t_RamDrv * p; + ( void ) driver_param; - p = RamDrv + driver_param; - - if ( p != RamDrv ) - { - return 0; - } - - if ( p->use ) - { - return 0; - } + if( in_use ) + return NULL; - (void)psp_memset( p->driver, 0, sizeof( F_DRIVER ) ); + (void)psp_memset( &t_driver, 0, sizeof( F_DRIVER ) ); - p->driver->readsector = ram_readsector; - p->driver->writesector = ram_writesector; - p->driver->getphy = ram_getphy; - p->driver->release = ram_release; - p->driver->user_ptr = p; + t_driver.readsector = ram_readsector; + t_driver.writesector = ram_writesector; + t_driver.getphy = ram_getphy; + t_driver.release = ram_release; - p->use = 1; + in_use = 1; - return p->driver; + return &t_driver; } /* ram_initfunc */ -- 2.39.5