CyaSSL - CyaSSL changed for NucleoF401RE board: implemente…

Users » Vanger » Code » CyaSSL

CyaSSL changed for NucleoF401RE board: implemented random and time functions for build. (Has trouble with wildcard domains like *.google.com, *.yahoo.com)

Fork of CyaSSL by wolf SSL

cyassl/test.h@4:e505054279ed, 2015-01-14 (annotated)

Committer:: Vanger
Date:: Wed Jan 14 22:07:14 2015 +0000
Revision:: 4:e505054279ed
Parent:: 0:1239e9b70ca2

Implemented some platform specific functions in the Cyassl library code: time functions, seed random functions, and also changed the settings.h file to define settings specific to the platform being used

Who changed what in which revision?

User	Revision	Line number	New contents of line
wolfSSL	0:1239e9b70ca2	1	/* test.h */
wolfSSL	0:1239e9b70ca2	2
wolfSSL	0:1239e9b70ca2	3	#ifndef CyaSSL_TEST_H
wolfSSL	0:1239e9b70ca2	4	#define CyaSSL_TEST_H
wolfSSL	0:1239e9b70ca2	5
wolfSSL	0:1239e9b70ca2	6	#include <stdio.h>
wolfSSL	0:1239e9b70ca2	7	#include <stdlib.h>
wolfSSL	0:1239e9b70ca2	8	#include <assert.h>
wolfSSL	0:1239e9b70ca2	9	#include <ctype.h>
wolfSSL	0:1239e9b70ca2	10	#include <cyassl/ssl.h>
wolfSSL	0:1239e9b70ca2	11	#include <cyassl/ctaocrypt/types.h>
wolfSSL	0:1239e9b70ca2	12
wolfSSL	0:1239e9b70ca2	13	#ifdef ATOMIC_USER
wolfSSL	0:1239e9b70ca2	14	#include <cyassl/ctaocrypt/aes.h>
wolfSSL	0:1239e9b70ca2	15	#include <cyassl/ctaocrypt/arc4.h>
wolfSSL	0:1239e9b70ca2	16	#include <cyassl/ctaocrypt/hmac.h>
wolfSSL	0:1239e9b70ca2	17	#endif
wolfSSL	0:1239e9b70ca2	18	#ifdef HAVE_PK_CALLBACKS
wolfSSL	0:1239e9b70ca2	19	#include <cyassl/ctaocrypt/random.h>
wolfSSL	0:1239e9b70ca2	20	#include <cyassl/ctaocrypt/asn.h>
wolfSSL	0:1239e9b70ca2	21	#ifdef HAVE_ECC
wolfSSL	0:1239e9b70ca2	22	#include <cyassl/ctaocrypt/ecc.h>
wolfSSL	0:1239e9b70ca2	23	#endif /* HAVE_ECC */
wolfSSL	0:1239e9b70ca2	24	#endif /HAVE_PK_CALLBACKS /
wolfSSL	0:1239e9b70ca2	25
wolfSSL	0:1239e9b70ca2	26	#ifdef USE_WINDOWS_API
wolfSSL	0:1239e9b70ca2	27	#include <winsock2.h>
wolfSSL	0:1239e9b70ca2	28	#include <process.h>
wolfSSL	0:1239e9b70ca2	29	#ifdef TEST_IPV6 /* don't require newer SDK for IPV4 */
wolfSSL	0:1239e9b70ca2	30	#include <ws2tcpip.h>
wolfSSL	0:1239e9b70ca2	31	#include <wspiapi.h>
wolfSSL	0:1239e9b70ca2	32	#endif
wolfSSL	0:1239e9b70ca2	33	#define SOCKET_T SOCKET
wolfSSL	0:1239e9b70ca2	34	#define SNPRINTF _snprintf
wolfSSL	0:1239e9b70ca2	35	#elif defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	36	#include <string.h>
wolfSSL	0:1239e9b70ca2	37	#else
wolfSSL	0:1239e9b70ca2	38	#include <string.h>
wolfSSL	0:1239e9b70ca2	39	#include <sys/types.h>
wolfSSL	0:1239e9b70ca2	40	#ifndef CYASSL_LEANPSK
wolfSSL	0:1239e9b70ca2	41	#include <unistd.h>
wolfSSL	0:1239e9b70ca2	42	#include <netdb.h>
wolfSSL	0:1239e9b70ca2	43	#include <netinet/in.h>
wolfSSL	0:1239e9b70ca2	44	#include <netinet/tcp.h>
wolfSSL	0:1239e9b70ca2	45	#include <arpa/inet.h>
wolfSSL	0:1239e9b70ca2	46	#include <sys/ioctl.h>
wolfSSL	0:1239e9b70ca2	47	#include <sys/time.h>
wolfSSL	0:1239e9b70ca2	48	#include <sys/socket.h>
wolfSSL	0:1239e9b70ca2	49	#include <pthread.h>
wolfSSL	0:1239e9b70ca2	50	#include <fcntl.h>
wolfSSL	0:1239e9b70ca2	51	#ifdef TEST_IPV6
wolfSSL	0:1239e9b70ca2	52	#include <netdb.h>
wolfSSL	0:1239e9b70ca2	53	#endif
wolfSSL	0:1239e9b70ca2	54	#endif
wolfSSL	0:1239e9b70ca2	55	#define SOCKET_T int
wolfSSL	0:1239e9b70ca2	56	#ifndef SO_NOSIGPIPE
wolfSSL	0:1239e9b70ca2	57	#include <signal.h> /* ignore SIGPIPE */
wolfSSL	0:1239e9b70ca2	58	#endif
wolfSSL	0:1239e9b70ca2	59	#define SNPRINTF snprintf
wolfSSL	0:1239e9b70ca2	60	#endif /* USE_WINDOWS_API */
wolfSSL	0:1239e9b70ca2	61
wolfSSL	0:1239e9b70ca2	62	#ifdef HAVE_CAVIUM
wolfSSL	0:1239e9b70ca2	63	#include "cavium_sysdep.h"
wolfSSL	0:1239e9b70ca2	64	#include "cavium_common.h"
wolfSSL	0:1239e9b70ca2	65	#include "cavium_ioctl.h"
wolfSSL	0:1239e9b70ca2	66	#endif
wolfSSL	0:1239e9b70ca2	67
wolfSSL	0:1239e9b70ca2	68	#ifdef _MSC_VER
wolfSSL	0:1239e9b70ca2	69	/* disable conversion warning */
wolfSSL	0:1239e9b70ca2	70	/* 4996 warning to use MS extensions e.g., strcpy_s instead of strncpy */
wolfSSL	0:1239e9b70ca2	71	#pragma warning(disable:4244 4996)
wolfSSL	0:1239e9b70ca2	72	#endif
wolfSSL	0:1239e9b70ca2	73
wolfSSL	0:1239e9b70ca2	74
wolfSSL	0:1239e9b70ca2	75	#if defined(__MACH__) \|\| defined(USE_WINDOWS_API)
wolfSSL	0:1239e9b70ca2	76	#ifndef _SOCKLEN_T
wolfSSL	0:1239e9b70ca2	77	typedef int socklen_t;
wolfSSL	0:1239e9b70ca2	78	#endif
wolfSSL	0:1239e9b70ca2	79	#endif
wolfSSL	0:1239e9b70ca2	80
wolfSSL	0:1239e9b70ca2	81
wolfSSL	0:1239e9b70ca2	82	/* HPUX doesn't use socklent_t for third parameter to accept, unless
wolfSSL	0:1239e9b70ca2	83	_XOPEN_SOURCE_EXTENDED is defined */
wolfSSL	0:1239e9b70ca2	84	#if !defined(__hpux__) && !defined(CYASSL_MDK_ARM) && !defined(CYASSL_IAR_ARM)
wolfSSL	0:1239e9b70ca2	85	typedef socklen_t* ACCEPT_THIRD_T;
wolfSSL	0:1239e9b70ca2	86	#else
wolfSSL	0:1239e9b70ca2	87	#if defined _XOPEN_SOURCE_EXTENDED
wolfSSL	0:1239e9b70ca2	88	typedef socklen_t* ACCEPT_THIRD_T;
wolfSSL	0:1239e9b70ca2	89	#else
wolfSSL	0:1239e9b70ca2	90	typedef int* ACCEPT_THIRD_T;
wolfSSL	0:1239e9b70ca2	91	#endif
wolfSSL	0:1239e9b70ca2	92	#endif
wolfSSL	0:1239e9b70ca2	93
wolfSSL	0:1239e9b70ca2	94
wolfSSL	0:1239e9b70ca2	95	#ifdef USE_WINDOWS_API
wolfSSL	0:1239e9b70ca2	96	#define CloseSocket(s) closesocket(s)
wolfSSL	0:1239e9b70ca2	97	#define StartTCP() { WSADATA wsd; WSAStartup(0x0002, &wsd); }
wolfSSL	0:1239e9b70ca2	98	#elif defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	99	#define CloseSocket(s) closesocket(s)
wolfSSL	0:1239e9b70ca2	100	#define StartTCP()
wolfSSL	0:1239e9b70ca2	101	#else
wolfSSL	0:1239e9b70ca2	102	#define CloseSocket(s) close(s)
wolfSSL	0:1239e9b70ca2	103	#define StartTCP()
wolfSSL	0:1239e9b70ca2	104	#endif
wolfSSL	0:1239e9b70ca2	105
wolfSSL	0:1239e9b70ca2	106
wolfSSL	0:1239e9b70ca2	107	#ifdef SINGLE_THREADED
wolfSSL	0:1239e9b70ca2	108	typedef unsigned int THREAD_RETURN;
wolfSSL	0:1239e9b70ca2	109	typedef void* THREAD_TYPE;
wolfSSL	0:1239e9b70ca2	110	#define CYASSL_THREAD
wolfSSL	0:1239e9b70ca2	111	#else
wolfSSL	0:1239e9b70ca2	112	#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
wolfSSL	0:1239e9b70ca2	113	typedef void* THREAD_RETURN;
wolfSSL	0:1239e9b70ca2	114	typedef pthread_t THREAD_TYPE;
wolfSSL	0:1239e9b70ca2	115	#define CYASSL_THREAD
wolfSSL	0:1239e9b70ca2	116	#define INFINITE -1
wolfSSL	0:1239e9b70ca2	117	#define WAIT_OBJECT_0 0L
wolfSSL	0:1239e9b70ca2	118	#elif defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	119	typedef unsigned int THREAD_RETURN;
wolfSSL	0:1239e9b70ca2	120	typedef int THREAD_TYPE;
wolfSSL	0:1239e9b70ca2	121	#define CYASSL_THREAD
wolfSSL	0:1239e9b70ca2	122	#else
wolfSSL	0:1239e9b70ca2	123	typedef unsigned int THREAD_RETURN;
wolfSSL	0:1239e9b70ca2	124	typedef intptr_t THREAD_TYPE;
wolfSSL	0:1239e9b70ca2	125	#define CYASSL_THREAD __stdcall
wolfSSL	0:1239e9b70ca2	126	#endif
wolfSSL	0:1239e9b70ca2	127	#endif
wolfSSL	0:1239e9b70ca2	128
wolfSSL	0:1239e9b70ca2	129
wolfSSL	0:1239e9b70ca2	130	#ifdef TEST_IPV6
wolfSSL	0:1239e9b70ca2	131	typedef struct sockaddr_in6 SOCKADDR_IN_T;
wolfSSL	0:1239e9b70ca2	132	#define AF_INET_V AF_INET6
wolfSSL	0:1239e9b70ca2	133	#else
wolfSSL	0:1239e9b70ca2	134	typedef struct sockaddr_in SOCKADDR_IN_T;
wolfSSL	0:1239e9b70ca2	135	#define AF_INET_V AF_INET
wolfSSL	0:1239e9b70ca2	136	#endif
wolfSSL	0:1239e9b70ca2	137
wolfSSL	0:1239e9b70ca2	138
wolfSSL	0:1239e9b70ca2	139	#define SERVER_DEFAULT_VERSION 3
wolfSSL	0:1239e9b70ca2	140	#define SERVER_DTLS_DEFAULT_VERSION (-2)
wolfSSL	0:1239e9b70ca2	141	#define SERVER_INVALID_VERSION (-99)
wolfSSL	0:1239e9b70ca2	142	#define CLIENT_DEFAULT_VERSION 3
wolfSSL	0:1239e9b70ca2	143	#define CLIENT_DTLS_DEFAULT_VERSION (-2)
wolfSSL	0:1239e9b70ca2	144	#define CLIENT_INVALID_VERSION (-99)
wolfSSL	0:1239e9b70ca2	145
wolfSSL	0:1239e9b70ca2	146	/* all certs relative to CyaSSL home directory now */
wolfSSL	0:1239e9b70ca2	147	#define caCert "./certs/ca-cert.pem"
wolfSSL	0:1239e9b70ca2	148	#define eccCert "./certs/server-ecc.pem"
wolfSSL	0:1239e9b70ca2	149	#define eccKey "./certs/ecc-key.pem"
wolfSSL	0:1239e9b70ca2	150	#define svrCert "./certs/server-cert.pem"
wolfSSL	0:1239e9b70ca2	151	#define svrKey "./certs/server-key.pem"
wolfSSL	0:1239e9b70ca2	152	#define cliCert "./certs/client-cert.pem"
wolfSSL	0:1239e9b70ca2	153	#define cliKey "./certs/client-key.pem"
wolfSSL	0:1239e9b70ca2	154	#define ntruCert "./certs/ntru-cert.pem"
wolfSSL	0:1239e9b70ca2	155	#define ntruKey "./certs/ntru-key.raw"
wolfSSL	0:1239e9b70ca2	156	#define dhParam "./certs/dh2048.pem"
wolfSSL	0:1239e9b70ca2	157	#define cliEccKey "./certs/ecc-client-key.pem"
wolfSSL	0:1239e9b70ca2	158	#define cliEccCert "./certs/client-ecc-cert.pem"
wolfSSL	0:1239e9b70ca2	159	#define crlPemDir "./certs/crl"
wolfSSL	0:1239e9b70ca2	160
wolfSSL	0:1239e9b70ca2	161	typedef struct tcp_ready {
wolfSSL	0:1239e9b70ca2	162	word16 ready; /* predicate */
wolfSSL	0:1239e9b70ca2	163	word16 port;
wolfSSL	0:1239e9b70ca2	164	#if defined(_POSIX_THREADS) && !defined(__MINGW32__)
wolfSSL	0:1239e9b70ca2	165	pthread_mutex_t mutex;
wolfSSL	0:1239e9b70ca2	166	pthread_cond_t cond;
wolfSSL	0:1239e9b70ca2	167	#endif
wolfSSL	0:1239e9b70ca2	168	} tcp_ready;
wolfSSL	0:1239e9b70ca2	169
wolfSSL	0:1239e9b70ca2	170
wolfSSL	0:1239e9b70ca2	171	void InitTcpReady(tcp_ready*);
wolfSSL	0:1239e9b70ca2	172	void FreeTcpReady(tcp_ready*);
wolfSSL	0:1239e9b70ca2	173
wolfSSL	0:1239e9b70ca2	174	typedef CYASSL_METHOD* (*method_provider)(void);
wolfSSL	0:1239e9b70ca2	175	typedef void (ctx_callback)(CYASSL_CTX ctx);
wolfSSL	0:1239e9b70ca2	176	typedef void (ssl_callback)(CYASSL ssl);
wolfSSL	0:1239e9b70ca2	177
wolfSSL	0:1239e9b70ca2	178	typedef struct callback_functions {
wolfSSL	0:1239e9b70ca2	179	method_provider method;
wolfSSL	0:1239e9b70ca2	180	ctx_callback ctx_ready;
wolfSSL	0:1239e9b70ca2	181	ssl_callback ssl_ready;
wolfSSL	0:1239e9b70ca2	182	ssl_callback on_result;
wolfSSL	0:1239e9b70ca2	183	} callback_functions;
wolfSSL	0:1239e9b70ca2	184
wolfSSL	0:1239e9b70ca2	185	typedef struct func_args {
wolfSSL	0:1239e9b70ca2	186	int argc;
wolfSSL	0:1239e9b70ca2	187	char** argv;
wolfSSL	0:1239e9b70ca2	188	int return_code;
wolfSSL	0:1239e9b70ca2	189	tcp_ready* signal;
wolfSSL	0:1239e9b70ca2	190	callback_functions *callbacks;
wolfSSL	0:1239e9b70ca2	191	} func_args;
wolfSSL	0:1239e9b70ca2	192
wolfSSL	0:1239e9b70ca2	193	void wait_tcp_ready(func_args*);
wolfSSL	0:1239e9b70ca2	194
wolfSSL	0:1239e9b70ca2	195	typedef THREAD_RETURN CYASSL_THREAD THREAD_FUNC(void*);
wolfSSL	0:1239e9b70ca2	196
wolfSSL	0:1239e9b70ca2	197	void start_thread(THREAD_FUNC, func_args, THREAD_TYPE);
wolfSSL	0:1239e9b70ca2	198	void join_thread(THREAD_TYPE);
wolfSSL	0:1239e9b70ca2	199
wolfSSL	0:1239e9b70ca2	200	/* yaSSL */
wolfSSL	0:1239e9b70ca2	201	#ifndef TEST_IPV6
wolfSSL	0:1239e9b70ca2	202	static const char* const yasslIP = "127.0.0.1";
wolfSSL	0:1239e9b70ca2	203	#else
wolfSSL	0:1239e9b70ca2	204	static const char* const yasslIP = "::1";
wolfSSL	0:1239e9b70ca2	205	#endif
wolfSSL	0:1239e9b70ca2	206	static const word16 yasslPort = 11111;
wolfSSL	0:1239e9b70ca2	207
wolfSSL	0:1239e9b70ca2	208	static INLINE void err_sys(const char* msg)
wolfSSL	0:1239e9b70ca2	209	{
wolfSSL	0:1239e9b70ca2	210	printf("yassl error: %s\n", msg);
wolfSSL	0:1239e9b70ca2	211	if (msg)
wolfSSL	0:1239e9b70ca2	212	exit(EXIT_FAILURE);
wolfSSL	0:1239e9b70ca2	213	}
wolfSSL	0:1239e9b70ca2	214
wolfSSL	0:1239e9b70ca2	215
wolfSSL	0:1239e9b70ca2	216	#define MY_EX_USAGE 2
wolfSSL	0:1239e9b70ca2	217
wolfSSL	0:1239e9b70ca2	218	extern int myoptind;
wolfSSL	0:1239e9b70ca2	219	extern char* myoptarg;
wolfSSL	0:1239e9b70ca2	220
wolfSSL	0:1239e9b70ca2	221	static INLINE int mygetopt(int argc, char** argv, const char* optstring)
wolfSSL	0:1239e9b70ca2	222	{
wolfSSL	0:1239e9b70ca2	223	static char* next = NULL;
wolfSSL	0:1239e9b70ca2	224
wolfSSL	0:1239e9b70ca2	225	char c;
wolfSSL	0:1239e9b70ca2	226	char* cp;
wolfSSL	0:1239e9b70ca2	227
wolfSSL	0:1239e9b70ca2	228	if (myoptind == 0)
wolfSSL	0:1239e9b70ca2	229	next = NULL; /* we're starting new/over */
wolfSSL	0:1239e9b70ca2	230
wolfSSL	0:1239e9b70ca2	231	if (next == NULL \|\| *next == '\0') {
wolfSSL	0:1239e9b70ca2	232	if (myoptind == 0)
wolfSSL	0:1239e9b70ca2	233	myoptind++;
wolfSSL	0:1239e9b70ca2	234
wolfSSL	0:1239e9b70ca2	235	if (myoptind >= argc \|\| argv[myoptind][0] != '-' \|\|
wolfSSL	0:1239e9b70ca2	236	argv[myoptind][1] == '\0') {
wolfSSL	0:1239e9b70ca2	237	myoptarg = NULL;
wolfSSL	0:1239e9b70ca2	238	if (myoptind < argc)
wolfSSL	0:1239e9b70ca2	239	myoptarg = argv[myoptind];
wolfSSL	0:1239e9b70ca2	240
wolfSSL	0:1239e9b70ca2	241	return -1;
wolfSSL	0:1239e9b70ca2	242	}
wolfSSL	0:1239e9b70ca2	243
wolfSSL	0:1239e9b70ca2	244	if (strcmp(argv[myoptind], "--") == 0) {
wolfSSL	0:1239e9b70ca2	245	myoptind++;
wolfSSL	0:1239e9b70ca2	246	myoptarg = NULL;
wolfSSL	0:1239e9b70ca2	247
wolfSSL	0:1239e9b70ca2	248	if (myoptind < argc)
wolfSSL	0:1239e9b70ca2	249	myoptarg = argv[myoptind];
wolfSSL	0:1239e9b70ca2	250
wolfSSL	0:1239e9b70ca2	251	return -1;
wolfSSL	0:1239e9b70ca2	252	}
wolfSSL	0:1239e9b70ca2	253
wolfSSL	0:1239e9b70ca2	254	next = argv[myoptind];
wolfSSL	0:1239e9b70ca2	255	next++; /* skip - */
wolfSSL	0:1239e9b70ca2	256	myoptind++;
wolfSSL	0:1239e9b70ca2	257	}
wolfSSL	0:1239e9b70ca2	258
wolfSSL	0:1239e9b70ca2	259	c = *next++;
wolfSSL	0:1239e9b70ca2	260	/* The C++ strchr can return a different value */
wolfSSL	0:1239e9b70ca2	261	cp = (char*)strchr(optstring, c);
wolfSSL	0:1239e9b70ca2	262
wolfSSL	0:1239e9b70ca2	263	if (cp == NULL \|\| c == ':')
wolfSSL	0:1239e9b70ca2	264	return '?';
wolfSSL	0:1239e9b70ca2	265
wolfSSL	0:1239e9b70ca2	266	cp++;
wolfSSL	0:1239e9b70ca2	267
wolfSSL	0:1239e9b70ca2	268	if (*cp == ':') {
wolfSSL	0:1239e9b70ca2	269	if (*next != '\0') {
wolfSSL	0:1239e9b70ca2	270	myoptarg = next;
wolfSSL	0:1239e9b70ca2	271	next = NULL;
wolfSSL	0:1239e9b70ca2	272	}
wolfSSL	0:1239e9b70ca2	273	else if (myoptind < argc) {
wolfSSL	0:1239e9b70ca2	274	myoptarg = argv[myoptind];
wolfSSL	0:1239e9b70ca2	275	myoptind++;
wolfSSL	0:1239e9b70ca2	276	}
wolfSSL	0:1239e9b70ca2	277	else
wolfSSL	0:1239e9b70ca2	278	return '?';
wolfSSL	0:1239e9b70ca2	279	}
wolfSSL	0:1239e9b70ca2	280
wolfSSL	0:1239e9b70ca2	281	return c;
wolfSSL	0:1239e9b70ca2	282	}
wolfSSL	0:1239e9b70ca2	283
wolfSSL	0:1239e9b70ca2	284
wolfSSL	0:1239e9b70ca2	285	#if defined(OPENSSL_EXTRA) \|\| defined(HAVE_WEBSERVER)
wolfSSL	0:1239e9b70ca2	286
wolfSSL	0:1239e9b70ca2	287	static INLINE int PasswordCallBack(char* passwd, int sz, int rw, void* userdata)
wolfSSL	0:1239e9b70ca2	288	{
wolfSSL	0:1239e9b70ca2	289	(void)rw;
wolfSSL	0:1239e9b70ca2	290	(void)userdata;
wolfSSL	0:1239e9b70ca2	291	strncpy(passwd, "yassl123", sz);
wolfSSL	0:1239e9b70ca2	292	return 8;
wolfSSL	0:1239e9b70ca2	293	}
wolfSSL	0:1239e9b70ca2	294
wolfSSL	0:1239e9b70ca2	295	#endif
wolfSSL	0:1239e9b70ca2	296
wolfSSL	0:1239e9b70ca2	297
wolfSSL	0:1239e9b70ca2	298	#if defined(KEEP_PEER_CERT) \|\| defined(SESSION_CERTS)
wolfSSL	0:1239e9b70ca2	299
wolfSSL	0:1239e9b70ca2	300	static INLINE void ShowX509(CYASSL_X509* x509, const char* hdr)
wolfSSL	0:1239e9b70ca2	301	{
wolfSSL	0:1239e9b70ca2	302	char* altName;
wolfSSL	0:1239e9b70ca2	303	char* issuer = CyaSSL_X509_NAME_oneline(
wolfSSL	0:1239e9b70ca2	304	CyaSSL_X509_get_issuer_name(x509), 0, 0);
wolfSSL	0:1239e9b70ca2	305	char* subject = CyaSSL_X509_NAME_oneline(
wolfSSL	0:1239e9b70ca2	306	CyaSSL_X509_get_subject_name(x509), 0, 0);
wolfSSL	0:1239e9b70ca2	307	byte serial[32];
wolfSSL	0:1239e9b70ca2	308	int ret;
wolfSSL	0:1239e9b70ca2	309	int sz = sizeof(serial);
wolfSSL	0:1239e9b70ca2	310
wolfSSL	0:1239e9b70ca2	311	printf("%s\n issuer : %s\n subject: %s\n", hdr, issuer, subject);
wolfSSL	0:1239e9b70ca2	312
wolfSSL	0:1239e9b70ca2	313	while ( (altName = CyaSSL_X509_get_next_altname(x509)) != NULL)
wolfSSL	0:1239e9b70ca2	314	printf(" altname = %s\n", altName);
wolfSSL	0:1239e9b70ca2	315
wolfSSL	0:1239e9b70ca2	316	ret = CyaSSL_X509_get_serial_number(x509, serial, &sz);
wolfSSL	0:1239e9b70ca2	317	if (ret == SSL_SUCCESS) {
wolfSSL	0:1239e9b70ca2	318	int i;
wolfSSL	0:1239e9b70ca2	319	int strLen;
wolfSSL	0:1239e9b70ca2	320	char serialMsg[80];
wolfSSL	0:1239e9b70ca2	321
wolfSSL	0:1239e9b70ca2	322	/* testsuite has multiple threads writing to stdout, get output
wolfSSL	0:1239e9b70ca2	323	message ready to write once */
wolfSSL	0:1239e9b70ca2	324	strLen = sprintf(serialMsg, " serial number");
wolfSSL	0:1239e9b70ca2	325	for (i = 0; i < sz; i++)
wolfSSL	0:1239e9b70ca2	326	sprintf(serialMsg + strLen + (i*3), ":%02x ", serial[i]);
wolfSSL	0:1239e9b70ca2	327	printf("%s\n", serialMsg);
wolfSSL	0:1239e9b70ca2	328	}
wolfSSL	0:1239e9b70ca2	329
wolfSSL	0:1239e9b70ca2	330	XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
wolfSSL	0:1239e9b70ca2	331	XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL);
wolfSSL	0:1239e9b70ca2	332	}
wolfSSL	0:1239e9b70ca2	333
wolfSSL	0:1239e9b70ca2	334	#endif /* KEEP_PEER_CERT \|\| SESSION_CERTS */
wolfSSL	0:1239e9b70ca2	335
wolfSSL	0:1239e9b70ca2	336
wolfSSL	0:1239e9b70ca2	337	static INLINE void showPeer(CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	338	{
wolfSSL	0:1239e9b70ca2	339
wolfSSL	0:1239e9b70ca2	340	CYASSL_CIPHER* cipher;
wolfSSL	0:1239e9b70ca2	341	#ifdef KEEP_PEER_CERT
wolfSSL	0:1239e9b70ca2	342	CYASSL_X509* peer = CyaSSL_get_peer_certificate(ssl);
wolfSSL	0:1239e9b70ca2	343	if (peer)
wolfSSL	0:1239e9b70ca2	344	ShowX509(peer, "peer's cert info:");
wolfSSL	0:1239e9b70ca2	345	else
wolfSSL	0:1239e9b70ca2	346	printf("peer has no cert!\n");
wolfSSL	0:1239e9b70ca2	347	#endif
wolfSSL	0:1239e9b70ca2	348	printf("SSL version is %s\n", CyaSSL_get_version(ssl));
wolfSSL	0:1239e9b70ca2	349
wolfSSL	0:1239e9b70ca2	350	cipher = CyaSSL_get_current_cipher(ssl);
wolfSSL	0:1239e9b70ca2	351	printf("SSL cipher suite is %s\n", CyaSSL_CIPHER_get_name(cipher));
wolfSSL	0:1239e9b70ca2	352
wolfSSL	0:1239e9b70ca2	353	#if defined(SESSION_CERTS) && defined(SHOW_CERTS)
wolfSSL	0:1239e9b70ca2	354	{
wolfSSL	0:1239e9b70ca2	355	CYASSL_X509_CHAIN* chain = CyaSSL_get_peer_chain(ssl);
wolfSSL	0:1239e9b70ca2	356	int count = CyaSSL_get_chain_count(chain);
wolfSSL	0:1239e9b70ca2	357	int i;
wolfSSL	0:1239e9b70ca2	358
wolfSSL	0:1239e9b70ca2	359	for (i = 0; i < count; i++) {
wolfSSL	0:1239e9b70ca2	360	int length;
wolfSSL	0:1239e9b70ca2	361	unsigned char buffer[3072];
wolfSSL	0:1239e9b70ca2	362	CYASSL_X509* chainX509;
wolfSSL	0:1239e9b70ca2	363
wolfSSL	0:1239e9b70ca2	364	CyaSSL_get_chain_cert_pem(chain,i,buffer, sizeof(buffer), &length);
wolfSSL	0:1239e9b70ca2	365	buffer[length] = 0;
wolfSSL	0:1239e9b70ca2	366	printf("cert %d has length %d data = \n%s\n", i, length, buffer);
wolfSSL	0:1239e9b70ca2	367
wolfSSL	0:1239e9b70ca2	368	chainX509 = CyaSSL_get_chain_X509(chain, i);
wolfSSL	0:1239e9b70ca2	369	if (chainX509)
wolfSSL	0:1239e9b70ca2	370	ShowX509(chainX509, "session cert info:");
wolfSSL	0:1239e9b70ca2	371	else
wolfSSL	0:1239e9b70ca2	372	printf("get_chain_X509 failed\n");
wolfSSL	0:1239e9b70ca2	373	CyaSSL_FreeX509(chainX509);
wolfSSL	0:1239e9b70ca2	374	}
wolfSSL	0:1239e9b70ca2	375	}
wolfSSL	0:1239e9b70ca2	376	#endif
wolfSSL	0:1239e9b70ca2	377	(void)ssl;
wolfSSL	0:1239e9b70ca2	378	}
wolfSSL	0:1239e9b70ca2	379
wolfSSL	0:1239e9b70ca2	380
wolfSSL	0:1239e9b70ca2	381	static INLINE void build_addr(SOCKADDR_IN_T* addr, const char* peer,
wolfSSL	0:1239e9b70ca2	382	word16 port, int udp)
wolfSSL	0:1239e9b70ca2	383	{
wolfSSL	0:1239e9b70ca2	384	int useLookup = 0;
wolfSSL	0:1239e9b70ca2	385	(void)useLookup;
wolfSSL	0:1239e9b70ca2	386	(void)udp;
wolfSSL	0:1239e9b70ca2	387
wolfSSL	0:1239e9b70ca2	388	memset(addr, 0, sizeof(SOCKADDR_IN_T));
wolfSSL	0:1239e9b70ca2	389
wolfSSL	0:1239e9b70ca2	390	#ifndef TEST_IPV6
wolfSSL	0:1239e9b70ca2	391	/* peer could be in human readable form */
wolfSSL	0:1239e9b70ca2	392	if ( (peer != INADDR_ANY) && isalpha((int)peer[0])) {
wolfSSL	0:1239e9b70ca2	393	#ifdef CYASSL_MDK_ARM
wolfSSL	0:1239e9b70ca2	394	int err;
wolfSSL	0:1239e9b70ca2	395	struct hostent* entry = gethostbyname(peer, &err);
wolfSSL	0:1239e9b70ca2	396	#else
wolfSSL	0:1239e9b70ca2	397	struct hostent* entry = gethostbyname(peer);
wolfSSL	0:1239e9b70ca2	398	#endif
wolfSSL	0:1239e9b70ca2	399
wolfSSL	0:1239e9b70ca2	400	if (entry) {
wolfSSL	0:1239e9b70ca2	401	memcpy(&addr->sin_addr.s_addr, entry->h_addr_list[0],
wolfSSL	0:1239e9b70ca2	402	entry->h_length);
wolfSSL	0:1239e9b70ca2	403	useLookup = 1;
wolfSSL	0:1239e9b70ca2	404	}
wolfSSL	0:1239e9b70ca2	405	else
wolfSSL	0:1239e9b70ca2	406	err_sys("no entry for host");
wolfSSL	0:1239e9b70ca2	407	}
wolfSSL	0:1239e9b70ca2	408	#endif
wolfSSL	0:1239e9b70ca2	409
wolfSSL	0:1239e9b70ca2	410
wolfSSL	0:1239e9b70ca2	411	#ifndef TEST_IPV6
wolfSSL	0:1239e9b70ca2	412	#if defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	413	addr->sin_family = PF_INET;
wolfSSL	0:1239e9b70ca2	414	#else
wolfSSL	0:1239e9b70ca2	415	addr->sin_family = AF_INET_V;
wolfSSL	0:1239e9b70ca2	416	#endif
wolfSSL	0:1239e9b70ca2	417	addr->sin_port = htons(port);
wolfSSL	0:1239e9b70ca2	418	if (peer == INADDR_ANY)
wolfSSL	0:1239e9b70ca2	419	addr->sin_addr.s_addr = INADDR_ANY;
wolfSSL	0:1239e9b70ca2	420	else {
wolfSSL	0:1239e9b70ca2	421	if (!useLookup)
wolfSSL	0:1239e9b70ca2	422	addr->sin_addr.s_addr = inet_addr(peer);
wolfSSL	0:1239e9b70ca2	423	}
wolfSSL	0:1239e9b70ca2	424	#else
wolfSSL	0:1239e9b70ca2	425	addr->sin6_family = AF_INET_V;
wolfSSL	0:1239e9b70ca2	426	addr->sin6_port = htons(port);
wolfSSL	0:1239e9b70ca2	427	if (peer == INADDR_ANY)
wolfSSL	0:1239e9b70ca2	428	addr->sin6_addr = in6addr_any;
wolfSSL	0:1239e9b70ca2	429	else {
wolfSSL	0:1239e9b70ca2	430	#ifdef HAVE_GETADDRINFO
wolfSSL	0:1239e9b70ca2	431	struct addrinfo hints;
wolfSSL	0:1239e9b70ca2	432	struct addrinfo* answer = NULL;
wolfSSL	0:1239e9b70ca2	433	int ret;
wolfSSL	0:1239e9b70ca2	434	char strPort[80];
wolfSSL	0:1239e9b70ca2	435
wolfSSL	0:1239e9b70ca2	436	memset(&hints, 0, sizeof(hints));
wolfSSL	0:1239e9b70ca2	437
wolfSSL	0:1239e9b70ca2	438	hints.ai_family = AF_INET_V;
wolfSSL	0:1239e9b70ca2	439	hints.ai_socktype = udp ? SOCK_DGRAM : SOCK_STREAM;
wolfSSL	0:1239e9b70ca2	440	hints.ai_protocol = udp ? IPPROTO_UDP : IPPROTO_TCP;
wolfSSL	0:1239e9b70ca2	441
wolfSSL	0:1239e9b70ca2	442	SNPRINTF(strPort, sizeof(strPort), "%d", port);
wolfSSL	0:1239e9b70ca2	443	strPort[79] = '\0';
wolfSSL	0:1239e9b70ca2	444
wolfSSL	0:1239e9b70ca2	445	ret = getaddrinfo(peer, strPort, &hints, &answer);
wolfSSL	0:1239e9b70ca2	446	if (ret < 0 \|\| answer == NULL)
wolfSSL	0:1239e9b70ca2	447	err_sys("getaddrinfo failed");
wolfSSL	0:1239e9b70ca2	448
wolfSSL	0:1239e9b70ca2	449	memcpy(addr, answer->ai_addr, answer->ai_addrlen);
wolfSSL	0:1239e9b70ca2	450	freeaddrinfo(answer);
wolfSSL	0:1239e9b70ca2	451	#else
wolfSSL	0:1239e9b70ca2	452	printf("no ipv6 getaddrinfo, loopback only tests/examples\n");
wolfSSL	0:1239e9b70ca2	453	addr->sin6_addr = in6addr_loopback;
wolfSSL	0:1239e9b70ca2	454	#endif
wolfSSL	0:1239e9b70ca2	455	}
wolfSSL	0:1239e9b70ca2	456	#endif
wolfSSL	0:1239e9b70ca2	457	}
wolfSSL	0:1239e9b70ca2	458
wolfSSL	0:1239e9b70ca2	459
wolfSSL	0:1239e9b70ca2	460	static INLINE void tcp_socket(SOCKET_T* sockfd, int udp)
wolfSSL	0:1239e9b70ca2	461	{
wolfSSL	0:1239e9b70ca2	462	if (udp)
wolfSSL	0:1239e9b70ca2	463	*sockfd = socket(AF_INET_V, SOCK_DGRAM, 0);
wolfSSL	0:1239e9b70ca2	464	else
wolfSSL	0:1239e9b70ca2	465	*sockfd = socket(AF_INET_V, SOCK_STREAM, 0);
wolfSSL	0:1239e9b70ca2	466
wolfSSL	0:1239e9b70ca2	467	#ifdef USE_WINDOWS_API
wolfSSL	0:1239e9b70ca2	468	if (*sockfd == INVALID_SOCKET)
wolfSSL	0:1239e9b70ca2	469	err_sys("socket failed\n");
wolfSSL	0:1239e9b70ca2	470	#else
wolfSSL	0:1239e9b70ca2	471	if (*sockfd < 0)
wolfSSL	0:1239e9b70ca2	472	err_sys("socket failed\n");
wolfSSL	0:1239e9b70ca2	473	#endif
wolfSSL	0:1239e9b70ca2	474
wolfSSL	0:1239e9b70ca2	475	#ifndef USE_WINDOWS_API
wolfSSL	0:1239e9b70ca2	476	#ifdef SO_NOSIGPIPE
wolfSSL	0:1239e9b70ca2	477	{
wolfSSL	0:1239e9b70ca2	478	int on = 1;
wolfSSL	0:1239e9b70ca2	479	socklen_t len = sizeof(on);
wolfSSL	0:1239e9b70ca2	480	int res = setsockopt(*sockfd, SOL_SOCKET, SO_NOSIGPIPE, &on, len);
wolfSSL	0:1239e9b70ca2	481	if (res < 0)
wolfSSL	0:1239e9b70ca2	482	err_sys("setsockopt SO_NOSIGPIPE failed\n");
wolfSSL	0:1239e9b70ca2	483	}
wolfSSL	0:1239e9b70ca2	484	#elif defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	485	/* nothing to define */
wolfSSL	0:1239e9b70ca2	486	#else /* no S_NOSIGPIPE */
wolfSSL	0:1239e9b70ca2	487	signal(SIGPIPE, SIG_IGN);
wolfSSL	0:1239e9b70ca2	488	#endif /* S_NOSIGPIPE */
wolfSSL	0:1239e9b70ca2	489
wolfSSL	0:1239e9b70ca2	490	#if defined(TCP_NODELAY)
wolfSSL	0:1239e9b70ca2	491	if (!udp)
wolfSSL	0:1239e9b70ca2	492	{
wolfSSL	0:1239e9b70ca2	493	int on = 1;
wolfSSL	0:1239e9b70ca2	494	socklen_t len = sizeof(on);
wolfSSL	0:1239e9b70ca2	495	int res = setsockopt(*sockfd, IPPROTO_TCP, TCP_NODELAY, &on, len);
wolfSSL	0:1239e9b70ca2	496	if (res < 0)
wolfSSL	0:1239e9b70ca2	497	err_sys("setsockopt TCP_NODELAY failed\n");
wolfSSL	0:1239e9b70ca2	498	}
wolfSSL	0:1239e9b70ca2	499	#endif
wolfSSL	0:1239e9b70ca2	500	#endif /* USE_WINDOWS_API */
wolfSSL	0:1239e9b70ca2	501	}
wolfSSL	0:1239e9b70ca2	502
wolfSSL	0:1239e9b70ca2	503	static INLINE void tcp_connect(SOCKET_T* sockfd, const char* ip, word16 port,
wolfSSL	0:1239e9b70ca2	504	int udp)
wolfSSL	0:1239e9b70ca2	505	{
wolfSSL	0:1239e9b70ca2	506	SOCKADDR_IN_T addr;
wolfSSL	0:1239e9b70ca2	507	build_addr(&addr, ip, port, udp);
wolfSSL	0:1239e9b70ca2	508	tcp_socket(sockfd, udp);
wolfSSL	0:1239e9b70ca2	509
wolfSSL	0:1239e9b70ca2	510	if (!udp) {
wolfSSL	0:1239e9b70ca2	511	if (connect(sockfd, (const struct sockaddr)&addr, sizeof(addr)) != 0)
wolfSSL	0:1239e9b70ca2	512	err_sys("tcp connect failed");
wolfSSL	0:1239e9b70ca2	513	}
wolfSSL	0:1239e9b70ca2	514	}
wolfSSL	0:1239e9b70ca2	515
wolfSSL	0:1239e9b70ca2	516
wolfSSL	0:1239e9b70ca2	517	static INLINE void udp_connect(SOCKET_T* sockfd, void* addr, int addrSz)
wolfSSL	0:1239e9b70ca2	518	{
wolfSSL	0:1239e9b70ca2	519	if (connect(sockfd, (const struct sockaddr)addr, addrSz) != 0)
wolfSSL	0:1239e9b70ca2	520	err_sys("tcp connect failed");
wolfSSL	0:1239e9b70ca2	521	}
wolfSSL	0:1239e9b70ca2	522
wolfSSL	0:1239e9b70ca2	523
wolfSSL	0:1239e9b70ca2	524	enum {
wolfSSL	0:1239e9b70ca2	525	TEST_SELECT_FAIL,
wolfSSL	0:1239e9b70ca2	526	TEST_TIMEOUT,
wolfSSL	0:1239e9b70ca2	527	TEST_RECV_READY,
wolfSSL	0:1239e9b70ca2	528	TEST_ERROR_READY
wolfSSL	0:1239e9b70ca2	529	};
wolfSSL	0:1239e9b70ca2	530
wolfSSL	0:1239e9b70ca2	531
wolfSSL	0:1239e9b70ca2	532	#if !defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	533	static INLINE int tcp_select(SOCKET_T socketfd, int to_sec)
wolfSSL	0:1239e9b70ca2	534	{
wolfSSL	0:1239e9b70ca2	535	fd_set recvfds, errfds;
wolfSSL	0:1239e9b70ca2	536	SOCKET_T nfds = socketfd + 1;
wolfSSL	0:1239e9b70ca2	537	struct timeval timeout = { (to_sec > 0) ? to_sec : 0, 0};
wolfSSL	0:1239e9b70ca2	538	int result;
wolfSSL	0:1239e9b70ca2	539
wolfSSL	0:1239e9b70ca2	540	FD_ZERO(&recvfds);
wolfSSL	0:1239e9b70ca2	541	FD_SET(socketfd, &recvfds);
wolfSSL	0:1239e9b70ca2	542	FD_ZERO(&errfds);
wolfSSL	0:1239e9b70ca2	543	FD_SET(socketfd, &errfds);
wolfSSL	0:1239e9b70ca2	544
wolfSSL	0:1239e9b70ca2	545	result = select(nfds, &recvfds, NULL, &errfds, &timeout);
wolfSSL	0:1239e9b70ca2	546
wolfSSL	0:1239e9b70ca2	547	if (result == 0)
wolfSSL	0:1239e9b70ca2	548	return TEST_TIMEOUT;
wolfSSL	0:1239e9b70ca2	549	else if (result > 0) {
wolfSSL	0:1239e9b70ca2	550	if (FD_ISSET(socketfd, &recvfds))
wolfSSL	0:1239e9b70ca2	551	return TEST_RECV_READY;
wolfSSL	0:1239e9b70ca2	552	else if(FD_ISSET(socketfd, &errfds))
wolfSSL	0:1239e9b70ca2	553	return TEST_ERROR_READY;
wolfSSL	0:1239e9b70ca2	554	}
wolfSSL	0:1239e9b70ca2	555
wolfSSL	0:1239e9b70ca2	556	return TEST_SELECT_FAIL;
wolfSSL	0:1239e9b70ca2	557	}
wolfSSL	0:1239e9b70ca2	558	#endif /* !CYASSL_MDK_ARM */
wolfSSL	0:1239e9b70ca2	559
wolfSSL	0:1239e9b70ca2	560
wolfSSL	0:1239e9b70ca2	561	static INLINE void tcp_listen(SOCKET_T* sockfd, word16* port, int useAnyAddr,
wolfSSL	0:1239e9b70ca2	562	int udp)
wolfSSL	0:1239e9b70ca2	563	{
wolfSSL	0:1239e9b70ca2	564	SOCKADDR_IN_T addr;
wolfSSL	0:1239e9b70ca2	565
wolfSSL	0:1239e9b70ca2	566	/* don't use INADDR_ANY by default, firewall may block, make user switch
wolfSSL	0:1239e9b70ca2	567	on */
wolfSSL	0:1239e9b70ca2	568	build_addr(&addr, (useAnyAddr ? INADDR_ANY : yasslIP), *port, udp);
wolfSSL	0:1239e9b70ca2	569	tcp_socket(sockfd, udp);
wolfSSL	0:1239e9b70ca2	570
wolfSSL	0:1239e9b70ca2	571	#if !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	572	{
wolfSSL	0:1239e9b70ca2	573	int res, on = 1;
wolfSSL	0:1239e9b70ca2	574	socklen_t len = sizeof(on);
wolfSSL	0:1239e9b70ca2	575	res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
wolfSSL	0:1239e9b70ca2	576	if (res < 0)
wolfSSL	0:1239e9b70ca2	577	err_sys("setsockopt SO_REUSEADDR failed\n");
wolfSSL	0:1239e9b70ca2	578	}
wolfSSL	0:1239e9b70ca2	579	#endif
wolfSSL	0:1239e9b70ca2	580
wolfSSL	0:1239e9b70ca2	581	if (bind(sockfd, (const struct sockaddr)&addr, sizeof(addr)) != 0)
wolfSSL	0:1239e9b70ca2	582	err_sys("tcp bind failed");
wolfSSL	0:1239e9b70ca2	583	if (!udp) {
wolfSSL	0:1239e9b70ca2	584	if (listen(*sockfd, 5) != 0)
wolfSSL	0:1239e9b70ca2	585	err_sys("tcp listen failed");
wolfSSL	0:1239e9b70ca2	586	}
wolfSSL	0:1239e9b70ca2	587	#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API)
wolfSSL	0:1239e9b70ca2	588	if (*port == 0) {
wolfSSL	0:1239e9b70ca2	589	socklen_t len = sizeof(addr);
wolfSSL	0:1239e9b70ca2	590	if (getsockname(sockfd, (struct sockaddr)&addr, &len) == 0) {
wolfSSL	0:1239e9b70ca2	591	#ifndef TEST_IPV6
wolfSSL	0:1239e9b70ca2	592	*port = ntohs(addr.sin_port);
wolfSSL	0:1239e9b70ca2	593	#else
wolfSSL	0:1239e9b70ca2	594	*port = ntohs(addr.sin6_port);
wolfSSL	0:1239e9b70ca2	595	#endif
wolfSSL	0:1239e9b70ca2	596	}
wolfSSL	0:1239e9b70ca2	597	}
wolfSSL	0:1239e9b70ca2	598	#endif
wolfSSL	0:1239e9b70ca2	599	}
wolfSSL	0:1239e9b70ca2	600
wolfSSL	0:1239e9b70ca2	601
wolfSSL	0:1239e9b70ca2	602	static INLINE int udp_read_connect(SOCKET_T sockfd)
wolfSSL	0:1239e9b70ca2	603	{
wolfSSL	0:1239e9b70ca2	604	SOCKADDR_IN_T cliaddr;
wolfSSL	0:1239e9b70ca2	605	byte b[1500];
wolfSSL	0:1239e9b70ca2	606	int n;
wolfSSL	0:1239e9b70ca2	607	socklen_t len = sizeof(cliaddr);
wolfSSL	0:1239e9b70ca2	608
wolfSSL	0:1239e9b70ca2	609	n = (int)recvfrom(sockfd, (char*)b, sizeof(b), MSG_PEEK,
wolfSSL	0:1239e9b70ca2	610	(struct sockaddr*)&cliaddr, &len);
wolfSSL	0:1239e9b70ca2	611	if (n > 0) {
wolfSSL	0:1239e9b70ca2	612	if (connect(sockfd, (const struct sockaddr*)&cliaddr,
wolfSSL	0:1239e9b70ca2	613	sizeof(cliaddr)) != 0)
wolfSSL	0:1239e9b70ca2	614	err_sys("udp connect failed");
wolfSSL	0:1239e9b70ca2	615	}
wolfSSL	0:1239e9b70ca2	616	else
wolfSSL	0:1239e9b70ca2	617	err_sys("recvfrom failed");
wolfSSL	0:1239e9b70ca2	618
wolfSSL	0:1239e9b70ca2	619	return sockfd;
wolfSSL	0:1239e9b70ca2	620	}
wolfSSL	0:1239e9b70ca2	621
wolfSSL	0:1239e9b70ca2	622	static INLINE void udp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
wolfSSL	0:1239e9b70ca2	623	int useAnyAddr, word16 port, func_args* args)
wolfSSL	0:1239e9b70ca2	624	{
wolfSSL	0:1239e9b70ca2	625	SOCKADDR_IN_T addr;
wolfSSL	0:1239e9b70ca2	626
wolfSSL	0:1239e9b70ca2	627	(void)args;
wolfSSL	0:1239e9b70ca2	628	build_addr(&addr, (useAnyAddr ? INADDR_ANY : yasslIP), port, 1);
wolfSSL	0:1239e9b70ca2	629	tcp_socket(sockfd, 1);
wolfSSL	0:1239e9b70ca2	630
wolfSSL	0:1239e9b70ca2	631
wolfSSL	0:1239e9b70ca2	632	#if !defined(USE_WINDOWS_API) && !defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	633	{
wolfSSL	0:1239e9b70ca2	634	int res, on = 1;
wolfSSL	0:1239e9b70ca2	635	socklen_t len = sizeof(on);
wolfSSL	0:1239e9b70ca2	636	res = setsockopt(*sockfd, SOL_SOCKET, SO_REUSEADDR, &on, len);
wolfSSL	0:1239e9b70ca2	637	if (res < 0)
wolfSSL	0:1239e9b70ca2	638	err_sys("setsockopt SO_REUSEADDR failed\n");
wolfSSL	0:1239e9b70ca2	639	}
wolfSSL	0:1239e9b70ca2	640	#endif
wolfSSL	0:1239e9b70ca2	641
wolfSSL	0:1239e9b70ca2	642	if (bind(sockfd, (const struct sockaddr)&addr, sizeof(addr)) != 0)
wolfSSL	0:1239e9b70ca2	643	err_sys("tcp bind failed");
wolfSSL	0:1239e9b70ca2	644
wolfSSL	0:1239e9b70ca2	645	#if defined(NO_MAIN_DRIVER) && !defined(USE_WINDOWS_API)
wolfSSL	0:1239e9b70ca2	646	if (port == 0) {
wolfSSL	0:1239e9b70ca2	647	socklen_t len = sizeof(addr);
wolfSSL	0:1239e9b70ca2	648	if (getsockname(sockfd, (struct sockaddr)&addr, &len) == 0) {
wolfSSL	0:1239e9b70ca2	649	#ifndef TEST_IPV6
wolfSSL	0:1239e9b70ca2	650	port = ntohs(addr.sin_port);
wolfSSL	0:1239e9b70ca2	651	#else
wolfSSL	0:1239e9b70ca2	652	port = ntohs(addr.sin6_port);
wolfSSL	0:1239e9b70ca2	653	#endif
wolfSSL	0:1239e9b70ca2	654	}
wolfSSL	0:1239e9b70ca2	655	}
wolfSSL	0:1239e9b70ca2	656	#endif
wolfSSL	0:1239e9b70ca2	657
wolfSSL	0:1239e9b70ca2	658	#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
wolfSSL	0:1239e9b70ca2	659	/* signal ready to accept data */
wolfSSL	0:1239e9b70ca2	660	{
wolfSSL	0:1239e9b70ca2	661	tcp_ready* ready = args->signal;
wolfSSL	0:1239e9b70ca2	662	pthread_mutex_lock(&ready->mutex);
wolfSSL	0:1239e9b70ca2	663	ready->ready = 1;
wolfSSL	0:1239e9b70ca2	664	ready->port = port;
wolfSSL	0:1239e9b70ca2	665	pthread_cond_signal(&ready->cond);
wolfSSL	0:1239e9b70ca2	666	pthread_mutex_unlock(&ready->mutex);
wolfSSL	0:1239e9b70ca2	667	}
wolfSSL	0:1239e9b70ca2	668	#endif
wolfSSL	0:1239e9b70ca2	669
wolfSSL	0:1239e9b70ca2	670	clientfd = udp_read_connect(sockfd);
wolfSSL	0:1239e9b70ca2	671	}
wolfSSL	0:1239e9b70ca2	672
wolfSSL	0:1239e9b70ca2	673	static INLINE void tcp_accept(SOCKET_T* sockfd, SOCKET_T* clientfd,
wolfSSL	0:1239e9b70ca2	674	func_args* args, word16 port, int useAnyAddr,
wolfSSL	0:1239e9b70ca2	675	int udp)
wolfSSL	0:1239e9b70ca2	676	{
wolfSSL	0:1239e9b70ca2	677	SOCKADDR_IN_T client;
wolfSSL	0:1239e9b70ca2	678	socklen_t client_len = sizeof(client);
wolfSSL	0:1239e9b70ca2	679
wolfSSL	0:1239e9b70ca2	680	if (udp) {
wolfSSL	0:1239e9b70ca2	681	udp_accept(sockfd, clientfd, useAnyAddr, port, args);
wolfSSL	0:1239e9b70ca2	682	return;
wolfSSL	0:1239e9b70ca2	683	}
wolfSSL	0:1239e9b70ca2	684
wolfSSL	0:1239e9b70ca2	685	tcp_listen(sockfd, &port, useAnyAddr, udp);
wolfSSL	0:1239e9b70ca2	686
wolfSSL	0:1239e9b70ca2	687	#if defined(_POSIX_THREADS) && defined(NO_MAIN_DRIVER) && !defined(__MINGW32__)
wolfSSL	0:1239e9b70ca2	688	/* signal ready to tcp_accept */
wolfSSL	0:1239e9b70ca2	689	{
wolfSSL	0:1239e9b70ca2	690	tcp_ready* ready = args->signal;
wolfSSL	0:1239e9b70ca2	691	pthread_mutex_lock(&ready->mutex);
wolfSSL	0:1239e9b70ca2	692	ready->ready = 1;
wolfSSL	0:1239e9b70ca2	693	ready->port = port;
wolfSSL	0:1239e9b70ca2	694	pthread_cond_signal(&ready->cond);
wolfSSL	0:1239e9b70ca2	695	pthread_mutex_unlock(&ready->mutex);
wolfSSL	0:1239e9b70ca2	696	}
wolfSSL	0:1239e9b70ca2	697	#endif
wolfSSL	0:1239e9b70ca2	698
wolfSSL	0:1239e9b70ca2	699	clientfd = accept(sockfd, (struct sockaddr*)&client,
wolfSSL	0:1239e9b70ca2	700	(ACCEPT_THIRD_T)&client_len);
wolfSSL	0:1239e9b70ca2	701	#ifdef USE_WINDOWS_API
wolfSSL	0:1239e9b70ca2	702	if (*clientfd == INVALID_SOCKET)
wolfSSL	0:1239e9b70ca2	703	err_sys("tcp accept failed");
wolfSSL	0:1239e9b70ca2	704	#else
wolfSSL	0:1239e9b70ca2	705	if (*clientfd == -1)
wolfSSL	0:1239e9b70ca2	706	err_sys("tcp accept failed");
wolfSSL	0:1239e9b70ca2	707	#endif
wolfSSL	0:1239e9b70ca2	708	}
wolfSSL	0:1239e9b70ca2	709
wolfSSL	0:1239e9b70ca2	710
wolfSSL	0:1239e9b70ca2	711	static INLINE void tcp_set_nonblocking(SOCKET_T* sockfd)
wolfSSL	0:1239e9b70ca2	712	{
wolfSSL	0:1239e9b70ca2	713	#ifdef USE_WINDOWS_API
wolfSSL	0:1239e9b70ca2	714	unsigned long blocking = 1;
wolfSSL	0:1239e9b70ca2	715	int ret = ioctlsocket(*sockfd, FIONBIO, &blocking);
wolfSSL	0:1239e9b70ca2	716	if (ret == SOCKET_ERROR)
wolfSSL	0:1239e9b70ca2	717	err_sys("ioctlsocket failed");
wolfSSL	0:1239e9b70ca2	718	#elif defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	719	/* non blocking not suppported, for now */
wolfSSL	0:1239e9b70ca2	720	#else
wolfSSL	0:1239e9b70ca2	721	int flags = fcntl(*sockfd, F_GETFL, 0);
wolfSSL	0:1239e9b70ca2	722	if (flags < 0)
wolfSSL	0:1239e9b70ca2	723	err_sys("fcntl get failed");
wolfSSL	0:1239e9b70ca2	724	flags = fcntl(*sockfd, F_SETFL, flags \| O_NONBLOCK);
wolfSSL	0:1239e9b70ca2	725	if (flags < 0)
wolfSSL	0:1239e9b70ca2	726	err_sys("fcntl set failed");
wolfSSL	0:1239e9b70ca2	727	#endif
wolfSSL	0:1239e9b70ca2	728	}
wolfSSL	0:1239e9b70ca2	729
wolfSSL	0:1239e9b70ca2	730
wolfSSL	0:1239e9b70ca2	731	#ifndef NO_PSK
wolfSSL	0:1239e9b70ca2	732
wolfSSL	0:1239e9b70ca2	733	static INLINE unsigned int my_psk_client_cb(CYASSL* ssl, const char* hint,
wolfSSL	0:1239e9b70ca2	734	char* identity, unsigned int id_max_len, unsigned char* key,
wolfSSL	0:1239e9b70ca2	735	unsigned int key_max_len)
wolfSSL	0:1239e9b70ca2	736	{
wolfSSL	0:1239e9b70ca2	737	(void)ssl;
wolfSSL	0:1239e9b70ca2	738	(void)hint;
wolfSSL	0:1239e9b70ca2	739	(void)key_max_len;
wolfSSL	0:1239e9b70ca2	740
wolfSSL	0:1239e9b70ca2	741	/* identity is OpenSSL testing default for openssl s_client, keep same */
wolfSSL	0:1239e9b70ca2	742	strncpy(identity, "Client_identity", id_max_len);
wolfSSL	0:1239e9b70ca2	743
wolfSSL	0:1239e9b70ca2	744
wolfSSL	0:1239e9b70ca2	745	/* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
wolfSSL	0:1239e9b70ca2	746	unsigned binary */
wolfSSL	0:1239e9b70ca2	747	key[0] = 26;
wolfSSL	0:1239e9b70ca2	748	key[1] = 43;
wolfSSL	0:1239e9b70ca2	749	key[2] = 60;
wolfSSL	0:1239e9b70ca2	750	key[3] = 77;
wolfSSL	0:1239e9b70ca2	751
wolfSSL	0:1239e9b70ca2	752	return 4; /* length of key in octets or 0 for error */
wolfSSL	0:1239e9b70ca2	753	}
wolfSSL	0:1239e9b70ca2	754
wolfSSL	0:1239e9b70ca2	755
wolfSSL	0:1239e9b70ca2	756	static INLINE unsigned int my_psk_server_cb(CYASSL* ssl, const char* identity,
wolfSSL	0:1239e9b70ca2	757	unsigned char* key, unsigned int key_max_len)
wolfSSL	0:1239e9b70ca2	758	{
wolfSSL	0:1239e9b70ca2	759	(void)ssl;
wolfSSL	0:1239e9b70ca2	760	(void)key_max_len;
wolfSSL	0:1239e9b70ca2	761
wolfSSL	0:1239e9b70ca2	762	/* identity is OpenSSL testing default for openssl s_client, keep same */
wolfSSL	0:1239e9b70ca2	763	if (strncmp(identity, "Client_identity", 15) != 0)
wolfSSL	0:1239e9b70ca2	764	return 0;
wolfSSL	0:1239e9b70ca2	765
wolfSSL	0:1239e9b70ca2	766	/* test key in hex is 0x1a2b3c4d , in decimal 439,041,101 , we're using
wolfSSL	0:1239e9b70ca2	767	unsigned binary */
wolfSSL	0:1239e9b70ca2	768	key[0] = 26;
wolfSSL	0:1239e9b70ca2	769	key[1] = 43;
wolfSSL	0:1239e9b70ca2	770	key[2] = 60;
wolfSSL	0:1239e9b70ca2	771	key[3] = 77;
wolfSSL	0:1239e9b70ca2	772
wolfSSL	0:1239e9b70ca2	773	return 4; /* length of key in octets or 0 for error */
wolfSSL	0:1239e9b70ca2	774	}
wolfSSL	0:1239e9b70ca2	775
wolfSSL	0:1239e9b70ca2	776	#endif /* NO_PSK */
wolfSSL	0:1239e9b70ca2	777
wolfSSL	0:1239e9b70ca2	778
wolfSSL	0:1239e9b70ca2	779	#ifdef USE_WINDOWS_API
wolfSSL	0:1239e9b70ca2	780
wolfSSL	0:1239e9b70ca2	781	#define WIN32_LEAN_AND_MEAN
wolfSSL	0:1239e9b70ca2	782	#include <windows.h>
wolfSSL	0:1239e9b70ca2	783
wolfSSL	0:1239e9b70ca2	784	static INLINE double current_time()
wolfSSL	0:1239e9b70ca2	785	{
wolfSSL	0:1239e9b70ca2	786	static int init = 0;
wolfSSL	0:1239e9b70ca2	787	static LARGE_INTEGER freq;
wolfSSL	0:1239e9b70ca2	788
wolfSSL	0:1239e9b70ca2	789	LARGE_INTEGER count;
wolfSSL	0:1239e9b70ca2	790
wolfSSL	0:1239e9b70ca2	791	if (!init) {
wolfSSL	0:1239e9b70ca2	792	QueryPerformanceFrequency(&freq);
wolfSSL	0:1239e9b70ca2	793	init = 1;
wolfSSL	0:1239e9b70ca2	794	}
wolfSSL	0:1239e9b70ca2	795
wolfSSL	0:1239e9b70ca2	796	QueryPerformanceCounter(&count);
wolfSSL	0:1239e9b70ca2	797
wolfSSL	0:1239e9b70ca2	798	return (double)count.QuadPart / freq.QuadPart;
wolfSSL	0:1239e9b70ca2	799	}
wolfSSL	0:1239e9b70ca2	800
wolfSSL	0:1239e9b70ca2	801	#else
wolfSSL	0:1239e9b70ca2	802
wolfSSL	0:1239e9b70ca2	803	#if !defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	804	#include <sys/time.h>
wolfSSL	0:1239e9b70ca2	805
wolfSSL	0:1239e9b70ca2	806	static INLINE double current_time(void)
wolfSSL	0:1239e9b70ca2	807	{
wolfSSL	0:1239e9b70ca2	808	struct timeval tv;
wolfSSL	0:1239e9b70ca2	809	gettimeofday(&tv, 0);
wolfSSL	0:1239e9b70ca2	810
wolfSSL	0:1239e9b70ca2	811	return (double)tv.tv_sec + (double)tv.tv_usec / 1000000;
wolfSSL	0:1239e9b70ca2	812	}
wolfSSL	0:1239e9b70ca2	813
wolfSSL	0:1239e9b70ca2	814	#endif
wolfSSL	0:1239e9b70ca2	815	#endif /* USE_WINDOWS_API */
wolfSSL	0:1239e9b70ca2	816
wolfSSL	0:1239e9b70ca2	817
wolfSSL	0:1239e9b70ca2	818	#if defined(NO_FILESYSTEM) && !defined(NO_CERTS)
wolfSSL	0:1239e9b70ca2	819
wolfSSL	0:1239e9b70ca2	820	enum {
wolfSSL	0:1239e9b70ca2	821	CYASSL_CA = 1,
wolfSSL	0:1239e9b70ca2	822	CYASSL_CERT = 2,
wolfSSL	0:1239e9b70ca2	823	CYASSL_KEY = 3
wolfSSL	0:1239e9b70ca2	824	};
wolfSSL	0:1239e9b70ca2	825
wolfSSL	0:1239e9b70ca2	826	static INLINE void load_buffer(CYASSL_CTX* ctx, const char* fname, int type)
wolfSSL	0:1239e9b70ca2	827	{
wolfSSL	0:1239e9b70ca2	828	/* test buffer load */
wolfSSL	0:1239e9b70ca2	829	long sz = 0;
wolfSSL	0:1239e9b70ca2	830	byte buff[10000];
wolfSSL	0:1239e9b70ca2	831	FILE* file = fopen(fname, "rb");
wolfSSL	0:1239e9b70ca2	832
wolfSSL	0:1239e9b70ca2	833	if (!file)
wolfSSL	0:1239e9b70ca2	834	err_sys("can't open file for buffer load "
wolfSSL	0:1239e9b70ca2	835	"Please run from CyaSSL home directory if not");
wolfSSL	0:1239e9b70ca2	836	fseek(file, 0, SEEK_END);
wolfSSL	0:1239e9b70ca2	837	sz = ftell(file);
wolfSSL	0:1239e9b70ca2	838	rewind(file);
wolfSSL	0:1239e9b70ca2	839	fread(buff, sizeof(buff), 1, file);
wolfSSL	0:1239e9b70ca2	840
wolfSSL	0:1239e9b70ca2	841	if (type == CYASSL_CA) {
wolfSSL	0:1239e9b70ca2	842	if (CyaSSL_CTX_load_verify_buffer(ctx, buff, sz, SSL_FILETYPE_PEM)
wolfSSL	0:1239e9b70ca2	843	!= SSL_SUCCESS)
wolfSSL	0:1239e9b70ca2	844	err_sys("can't load buffer ca file");
wolfSSL	0:1239e9b70ca2	845	}
wolfSSL	0:1239e9b70ca2	846	else if (type == CYASSL_CERT) {
wolfSSL	0:1239e9b70ca2	847	if (CyaSSL_CTX_use_certificate_buffer(ctx, buff, sz,
wolfSSL	0:1239e9b70ca2	848	SSL_FILETYPE_PEM) != SSL_SUCCESS)
wolfSSL	0:1239e9b70ca2	849	err_sys("can't load buffer cert file");
wolfSSL	0:1239e9b70ca2	850	}
wolfSSL	0:1239e9b70ca2	851	else if (type == CYASSL_KEY) {
wolfSSL	0:1239e9b70ca2	852	if (CyaSSL_CTX_use_PrivateKey_buffer(ctx, buff, sz,
wolfSSL	0:1239e9b70ca2	853	SSL_FILETYPE_PEM) != SSL_SUCCESS)
wolfSSL	0:1239e9b70ca2	854	err_sys("can't load buffer key file");
wolfSSL	0:1239e9b70ca2	855	}
wolfSSL	0:1239e9b70ca2	856	}
wolfSSL	0:1239e9b70ca2	857
wolfSSL	0:1239e9b70ca2	858	#endif /* NO_FILESYSTEM */
wolfSSL	0:1239e9b70ca2	859
wolfSSL	0:1239e9b70ca2	860	#ifdef VERIFY_CALLBACK
wolfSSL	0:1239e9b70ca2	861
wolfSSL	0:1239e9b70ca2	862	static INLINE int myVerify(int preverify, CYASSL_X509_STORE_CTX* store)
wolfSSL	0:1239e9b70ca2	863	{
wolfSSL	0:1239e9b70ca2	864	(void)preverify;
wolfSSL	0:1239e9b70ca2	865	char buffer[CYASSL_MAX_ERROR_SZ];
wolfSSL	0:1239e9b70ca2	866
wolfSSL	0:1239e9b70ca2	867	#ifdef OPENSSL_EXTRA
wolfSSL	0:1239e9b70ca2	868	CYASSL_X509* peer;
wolfSSL	0:1239e9b70ca2	869	#endif
wolfSSL	0:1239e9b70ca2	870
wolfSSL	0:1239e9b70ca2	871	printf("In verification callback, error = %d, %s\n", store->error,
wolfSSL	0:1239e9b70ca2	872	CyaSSL_ERR_error_string(store->error, buffer));
wolfSSL	0:1239e9b70ca2	873	#ifdef OPENSSL_EXTRA
wolfSSL	0:1239e9b70ca2	874	peer = store->current_cert;
wolfSSL	0:1239e9b70ca2	875	if (peer) {
wolfSSL	0:1239e9b70ca2	876	char* issuer = CyaSSL_X509_NAME_oneline(
wolfSSL	0:1239e9b70ca2	877	CyaSSL_X509_get_issuer_name(peer), 0, 0);
wolfSSL	0:1239e9b70ca2	878	char* subject = CyaSSL_X509_NAME_oneline(
wolfSSL	0:1239e9b70ca2	879	CyaSSL_X509_get_subject_name(peer), 0, 0);
wolfSSL	0:1239e9b70ca2	880	printf("peer's cert info:\n issuer : %s\n subject: %s\n", issuer,
wolfSSL	0:1239e9b70ca2	881	subject);
wolfSSL	0:1239e9b70ca2	882	XFREE(subject, 0, DYNAMIC_TYPE_OPENSSL);
wolfSSL	0:1239e9b70ca2	883	XFREE(issuer, 0, DYNAMIC_TYPE_OPENSSL);
wolfSSL	0:1239e9b70ca2	884	}
wolfSSL	0:1239e9b70ca2	885	else
wolfSSL	0:1239e9b70ca2	886	printf("peer has no cert!\n");
wolfSSL	0:1239e9b70ca2	887	#endif
wolfSSL	0:1239e9b70ca2	888	printf("Subject's domain name is %s\n", store->domain);
wolfSSL	0:1239e9b70ca2	889
wolfSSL	0:1239e9b70ca2	890	printf("Allowing to continue anyway (shouldn't do this, EVER!!!)\n");
wolfSSL	0:1239e9b70ca2	891	return 1;
wolfSSL	0:1239e9b70ca2	892	}
wolfSSL	0:1239e9b70ca2	893
wolfSSL	0:1239e9b70ca2	894	#endif /* VERIFY_CALLBACK */
wolfSSL	0:1239e9b70ca2	895
wolfSSL	0:1239e9b70ca2	896
wolfSSL	0:1239e9b70ca2	897	#ifdef HAVE_CRL
wolfSSL	0:1239e9b70ca2	898
wolfSSL	0:1239e9b70ca2	899	static INLINE void CRL_CallBack(const char* url)
wolfSSL	0:1239e9b70ca2	900	{
wolfSSL	0:1239e9b70ca2	901	printf("CRL callback url = %s\n", url);
wolfSSL	0:1239e9b70ca2	902	}
wolfSSL	0:1239e9b70ca2	903
wolfSSL	0:1239e9b70ca2	904	#endif
wolfSSL	0:1239e9b70ca2	905
wolfSSL	0:1239e9b70ca2	906	#ifndef NO_CERTS
wolfSSL	0:1239e9b70ca2	907
wolfSSL	0:1239e9b70ca2	908	static INLINE void CaCb(unsigned char* der, int sz, int type)
wolfSSL	0:1239e9b70ca2	909	{
wolfSSL	0:1239e9b70ca2	910	(void)der;
wolfSSL	0:1239e9b70ca2	911	printf("Got CA cache add callback, derSz = %d, type = %d\n", sz, type);
wolfSSL	0:1239e9b70ca2	912	}
wolfSSL	0:1239e9b70ca2	913
wolfSSL	0:1239e9b70ca2	914
wolfSSL	0:1239e9b70ca2	915	static INLINE void SetDH(CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	916	{
wolfSSL	0:1239e9b70ca2	917	/* dh1024 p */
wolfSSL	0:1239e9b70ca2	918	static unsigned char p[] =
wolfSSL	0:1239e9b70ca2	919	{
wolfSSL	0:1239e9b70ca2	920	0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
wolfSSL	0:1239e9b70ca2	921	0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
wolfSSL	0:1239e9b70ca2	922	0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
wolfSSL	0:1239e9b70ca2	923	0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
wolfSSL	0:1239e9b70ca2	924	0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
wolfSSL	0:1239e9b70ca2	925	0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
wolfSSL	0:1239e9b70ca2	926	0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
wolfSSL	0:1239e9b70ca2	927	0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
wolfSSL	0:1239e9b70ca2	928	0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
wolfSSL	0:1239e9b70ca2	929	0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
wolfSSL	0:1239e9b70ca2	930	0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
wolfSSL	0:1239e9b70ca2	931	};
wolfSSL	0:1239e9b70ca2	932
wolfSSL	0:1239e9b70ca2	933	/* dh1024 g */
wolfSSL	0:1239e9b70ca2	934	static unsigned char g[] =
wolfSSL	0:1239e9b70ca2	935	{
wolfSSL	0:1239e9b70ca2	936	0x02,
wolfSSL	0:1239e9b70ca2	937	};
wolfSSL	0:1239e9b70ca2	938
wolfSSL	0:1239e9b70ca2	939	CyaSSL_SetTmpDH(ssl, p, sizeof(p), g, sizeof(g));
wolfSSL	0:1239e9b70ca2	940	}
wolfSSL	0:1239e9b70ca2	941
wolfSSL	0:1239e9b70ca2	942	static INLINE void SetDHCtx(CYASSL_CTX* ctx)
wolfSSL	0:1239e9b70ca2	943	{
wolfSSL	0:1239e9b70ca2	944	/* dh1024 p */
wolfSSL	0:1239e9b70ca2	945	static unsigned char p[] =
wolfSSL	0:1239e9b70ca2	946	{
wolfSSL	0:1239e9b70ca2	947	0xE6, 0x96, 0x9D, 0x3D, 0x49, 0x5B, 0xE3, 0x2C, 0x7C, 0xF1, 0x80, 0xC3,
wolfSSL	0:1239e9b70ca2	948	0xBD, 0xD4, 0x79, 0x8E, 0x91, 0xB7, 0x81, 0x82, 0x51, 0xBB, 0x05, 0x5E,
wolfSSL	0:1239e9b70ca2	949	0x2A, 0x20, 0x64, 0x90, 0x4A, 0x79, 0xA7, 0x70, 0xFA, 0x15, 0xA2, 0x59,
wolfSSL	0:1239e9b70ca2	950	0xCB, 0xD5, 0x23, 0xA6, 0xA6, 0xEF, 0x09, 0xC4, 0x30, 0x48, 0xD5, 0xA2,
wolfSSL	0:1239e9b70ca2	951	0x2F, 0x97, 0x1F, 0x3C, 0x20, 0x12, 0x9B, 0x48, 0x00, 0x0E, 0x6E, 0xDD,
wolfSSL	0:1239e9b70ca2	952	0x06, 0x1C, 0xBC, 0x05, 0x3E, 0x37, 0x1D, 0x79, 0x4E, 0x53, 0x27, 0xDF,
wolfSSL	0:1239e9b70ca2	953	0x61, 0x1E, 0xBB, 0xBE, 0x1B, 0xAC, 0x9B, 0x5C, 0x60, 0x44, 0xCF, 0x02,
wolfSSL	0:1239e9b70ca2	954	0x3D, 0x76, 0xE0, 0x5E, 0xEA, 0x9B, 0xAD, 0x99, 0x1B, 0x13, 0xA6, 0x3C,
wolfSSL	0:1239e9b70ca2	955	0x97, 0x4E, 0x9E, 0xF1, 0x83, 0x9E, 0xB5, 0xDB, 0x12, 0x51, 0x36, 0xF7,
wolfSSL	0:1239e9b70ca2	956	0x26, 0x2E, 0x56, 0xA8, 0x87, 0x15, 0x38, 0xDF, 0xD8, 0x23, 0xC6, 0x50,
wolfSSL	0:1239e9b70ca2	957	0x50, 0x85, 0xE2, 0x1F, 0x0D, 0xD5, 0xC8, 0x6B,
wolfSSL	0:1239e9b70ca2	958	};
wolfSSL	0:1239e9b70ca2	959
wolfSSL	0:1239e9b70ca2	960	/* dh1024 g */
wolfSSL	0:1239e9b70ca2	961	static unsigned char g[] =
wolfSSL	0:1239e9b70ca2	962	{
wolfSSL	0:1239e9b70ca2	963	0x02,
wolfSSL	0:1239e9b70ca2	964	};
wolfSSL	0:1239e9b70ca2	965
wolfSSL	0:1239e9b70ca2	966	CyaSSL_CTX_SetTmpDH(ctx, p, sizeof(p), g, sizeof(g));
wolfSSL	0:1239e9b70ca2	967	}
wolfSSL	0:1239e9b70ca2	968
wolfSSL	0:1239e9b70ca2	969	#endif /* !NO_CERTS */
wolfSSL	0:1239e9b70ca2	970
wolfSSL	0:1239e9b70ca2	971	#ifdef HAVE_CAVIUM
wolfSSL	0:1239e9b70ca2	972
wolfSSL	0:1239e9b70ca2	973	static INLINE int OpenNitroxDevice(int dma_mode,int dev_id)
wolfSSL	0:1239e9b70ca2	974	{
wolfSSL	0:1239e9b70ca2	975	Csp1CoreAssignment core_assign;
wolfSSL	0:1239e9b70ca2	976	Uint32 device;
wolfSSL	0:1239e9b70ca2	977
wolfSSL	0:1239e9b70ca2	978	if (CspInitialize(CAVIUM_DIRECT,CAVIUM_DEV_ID))
wolfSSL	0:1239e9b70ca2	979	return -1;
wolfSSL	0:1239e9b70ca2	980	if (Csp1GetDevType(&device))
wolfSSL	0:1239e9b70ca2	981	return -1;
wolfSSL	0:1239e9b70ca2	982	if (device != NPX_DEVICE) {
wolfSSL	0:1239e9b70ca2	983	if (ioctl(gpkpdev_hdlr[CAVIUM_DEV_ID], IOCTL_CSP1_GET_CORE_ASSIGNMENT,
wolfSSL	0:1239e9b70ca2	984	(Uint32 *)&core_assign)!= 0)
wolfSSL	0:1239e9b70ca2	985	return -1;
wolfSSL	0:1239e9b70ca2	986	}
wolfSSL	0:1239e9b70ca2	987	CspShutdown(CAVIUM_DEV_ID);
wolfSSL	0:1239e9b70ca2	988
wolfSSL	0:1239e9b70ca2	989	return CspInitialize(dma_mode, dev_id);
wolfSSL	0:1239e9b70ca2	990	}
wolfSSL	0:1239e9b70ca2	991
wolfSSL	0:1239e9b70ca2	992	#endif /* HAVE_CAVIUM */
wolfSSL	0:1239e9b70ca2	993
wolfSSL	0:1239e9b70ca2	994
wolfSSL	0:1239e9b70ca2	995	#ifdef USE_WINDOWS_API
wolfSSL	0:1239e9b70ca2	996
wolfSSL	0:1239e9b70ca2	997	/* do back x number of directories */
wolfSSL	0:1239e9b70ca2	998	static INLINE void ChangeDirBack(int x)
wolfSSL	0:1239e9b70ca2	999	{
wolfSSL	0:1239e9b70ca2	1000	char path[MAX_PATH];
wolfSSL	0:1239e9b70ca2	1001
wolfSSL	0:1239e9b70ca2	1002	if (x == 1)
wolfSSL	0:1239e9b70ca2	1003	strncpy(path, "..\\", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1004	else if (x == 2)
wolfSSL	0:1239e9b70ca2	1005	strncpy(path, "..\\..\\", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1006	else if (x == 3)
wolfSSL	0:1239e9b70ca2	1007	strncpy(path, "..\\..\\..\\", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1008	else if (x == 4)
wolfSSL	0:1239e9b70ca2	1009	strncpy(path, "..\\..\\..\\..\\", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1010	else
wolfSSL	0:1239e9b70ca2	1011	strncpy(path, ".\\", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1012
wolfSSL	0:1239e9b70ca2	1013	SetCurrentDirectoryA(path);
wolfSSL	0:1239e9b70ca2	1014	}
wolfSSL	0:1239e9b70ca2	1015
wolfSSL	0:1239e9b70ca2	1016	/* does current dir contain str */
wolfSSL	0:1239e9b70ca2	1017	static INLINE int CurrentDir(const char* str)
wolfSSL	0:1239e9b70ca2	1018	{
wolfSSL	0:1239e9b70ca2	1019	char path[MAX_PATH];
wolfSSL	0:1239e9b70ca2	1020	char* baseName;
wolfSSL	0:1239e9b70ca2	1021
wolfSSL	0:1239e9b70ca2	1022	GetCurrentDirectoryA(sizeof(path), path);
wolfSSL	0:1239e9b70ca2	1023
wolfSSL	0:1239e9b70ca2	1024	baseName = strrchr(path, '\\');
wolfSSL	0:1239e9b70ca2	1025	if (baseName)
wolfSSL	0:1239e9b70ca2	1026	baseName++;
wolfSSL	0:1239e9b70ca2	1027	else
wolfSSL	0:1239e9b70ca2	1028	baseName = path;
wolfSSL	0:1239e9b70ca2	1029
wolfSSL	0:1239e9b70ca2	1030	if (strstr(baseName, str))
wolfSSL	0:1239e9b70ca2	1031	return 1;
wolfSSL	0:1239e9b70ca2	1032
wolfSSL	0:1239e9b70ca2	1033	return 0;
wolfSSL	0:1239e9b70ca2	1034	}
wolfSSL	0:1239e9b70ca2	1035
wolfSSL	0:1239e9b70ca2	1036	#elif defined(CYASSL_MDK_ARM)
wolfSSL	0:1239e9b70ca2	1037	/* KEIL-RL File System does not support relative directry */
wolfSSL	0:1239e9b70ca2	1038	#else
wolfSSL	0:1239e9b70ca2	1039
wolfSSL	0:1239e9b70ca2	1040	#ifndef MAX_PATH
wolfSSL	0:1239e9b70ca2	1041	#define MAX_PATH 256
wolfSSL	0:1239e9b70ca2	1042	#endif
wolfSSL	0:1239e9b70ca2	1043
wolfSSL	0:1239e9b70ca2	1044	/* do back x number of directories */
wolfSSL	0:1239e9b70ca2	1045	static INLINE void ChangeDirBack(int x)
wolfSSL	0:1239e9b70ca2	1046	{
wolfSSL	0:1239e9b70ca2	1047	char path[MAX_PATH];
wolfSSL	0:1239e9b70ca2	1048
wolfSSL	0:1239e9b70ca2	1049	if (x == 1)
wolfSSL	0:1239e9b70ca2	1050	strncpy(path, "../", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1051	else if (x == 2)
wolfSSL	0:1239e9b70ca2	1052	strncpy(path, "../../", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1053	else if (x == 3)
wolfSSL	0:1239e9b70ca2	1054	strncpy(path, "../../../", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1055	else if (x == 4)
wolfSSL	0:1239e9b70ca2	1056	strncpy(path, "../../../../", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1057	else
wolfSSL	0:1239e9b70ca2	1058	strncpy(path, "./", MAX_PATH);
wolfSSL	0:1239e9b70ca2	1059
wolfSSL	0:1239e9b70ca2	1060	if (chdir(path) < 0)
wolfSSL	0:1239e9b70ca2	1061	printf("chdir to %s failed\n", path);
wolfSSL	0:1239e9b70ca2	1062	}
wolfSSL	0:1239e9b70ca2	1063
wolfSSL	0:1239e9b70ca2	1064	/* does current dir contain str */
wolfSSL	0:1239e9b70ca2	1065	static INLINE int CurrentDir(const char* str)
wolfSSL	0:1239e9b70ca2	1066	{
wolfSSL	0:1239e9b70ca2	1067	char path[MAX_PATH];
wolfSSL	0:1239e9b70ca2	1068	char* baseName;
wolfSSL	0:1239e9b70ca2	1069
wolfSSL	0:1239e9b70ca2	1070	if (getcwd(path, sizeof(path)) == NULL) {
wolfSSL	0:1239e9b70ca2	1071	printf("no current dir?\n");
wolfSSL	0:1239e9b70ca2	1072	return 0;
wolfSSL	0:1239e9b70ca2	1073	}
wolfSSL	0:1239e9b70ca2	1074
wolfSSL	0:1239e9b70ca2	1075	baseName = strrchr(path, '/');
wolfSSL	0:1239e9b70ca2	1076	if (baseName)
wolfSSL	0:1239e9b70ca2	1077	baseName++;
wolfSSL	0:1239e9b70ca2	1078	else
wolfSSL	0:1239e9b70ca2	1079	baseName = path;
wolfSSL	0:1239e9b70ca2	1080
wolfSSL	0:1239e9b70ca2	1081	if (strstr(baseName, str))
wolfSSL	0:1239e9b70ca2	1082	return 1;
wolfSSL	0:1239e9b70ca2	1083
wolfSSL	0:1239e9b70ca2	1084	return 0;
wolfSSL	0:1239e9b70ca2	1085	}
wolfSSL	0:1239e9b70ca2	1086
wolfSSL	0:1239e9b70ca2	1087	#endif /* USE_WINDOWS_API */
wolfSSL	0:1239e9b70ca2	1088
wolfSSL	0:1239e9b70ca2	1089
wolfSSL	0:1239e9b70ca2	1090	#ifdef USE_CYASSL_MEMORY
wolfSSL	0:1239e9b70ca2	1091
wolfSSL	0:1239e9b70ca2	1092	typedef struct memoryStats {
wolfSSL	0:1239e9b70ca2	1093	size_t totalAllocs; /* number of allocations */
wolfSSL	0:1239e9b70ca2	1094	size_t totalBytes; /* total number of bytes allocated */
wolfSSL	0:1239e9b70ca2	1095	size_t peakBytes; /* concurrent max bytes */
wolfSSL	0:1239e9b70ca2	1096	size_t currentBytes; /* total current bytes in use */
wolfSSL	0:1239e9b70ca2	1097	} memoryStats;
wolfSSL	0:1239e9b70ca2	1098
wolfSSL	0:1239e9b70ca2	1099	typedef struct memHint {
wolfSSL	0:1239e9b70ca2	1100	size_t thisSize; /* size of this memory */
wolfSSL	0:1239e9b70ca2	1101	void* thisMemory; /* actual memory for user */
wolfSSL	0:1239e9b70ca2	1102	} memHint;
wolfSSL	0:1239e9b70ca2	1103
wolfSSL	0:1239e9b70ca2	1104	typedef struct memoryTrack {
wolfSSL	0:1239e9b70ca2	1105	union {
wolfSSL	0:1239e9b70ca2	1106	memHint hint;
wolfSSL	0:1239e9b70ca2	1107	byte alignit[16]; /* make sure we have strong alignment */
wolfSSL	0:1239e9b70ca2	1108	} u;
wolfSSL	0:1239e9b70ca2	1109	} memoryTrack;
wolfSSL	0:1239e9b70ca2	1110
wolfSSL	0:1239e9b70ca2	1111	#if defined(CYASSL_TRACK_MEMORY)
wolfSSL	0:1239e9b70ca2	1112	#define DO_MEM_STATS
wolfSSL	0:1239e9b70ca2	1113	static memoryStats ourMemStats;
wolfSSL	0:1239e9b70ca2	1114	#endif
wolfSSL	0:1239e9b70ca2	1115
wolfSSL	0:1239e9b70ca2	1116	static INLINE void* TrackMalloc(size_t sz)
wolfSSL	0:1239e9b70ca2	1117	{
wolfSSL	0:1239e9b70ca2	1118	memoryTrack* mt;
wolfSSL	0:1239e9b70ca2	1119
wolfSSL	0:1239e9b70ca2	1120	if (sz == 0)
wolfSSL	0:1239e9b70ca2	1121	return NULL;
wolfSSL	0:1239e9b70ca2	1122
wolfSSL	0:1239e9b70ca2	1123	mt = (memoryTrack*)malloc(sizeof(memoryTrack) + sz);
wolfSSL	0:1239e9b70ca2	1124	if (mt == NULL)
wolfSSL	0:1239e9b70ca2	1125	return NULL;
wolfSSL	0:1239e9b70ca2	1126
wolfSSL	0:1239e9b70ca2	1127	mt->u.hint.thisSize = sz;
wolfSSL	0:1239e9b70ca2	1128	mt->u.hint.thisMemory = (byte*)mt + sizeof(memoryTrack);
wolfSSL	0:1239e9b70ca2	1129
wolfSSL	0:1239e9b70ca2	1130	#ifdef DO_MEM_STATS
wolfSSL	0:1239e9b70ca2	1131	ourMemStats.totalAllocs++;
wolfSSL	0:1239e9b70ca2	1132	ourMemStats.totalBytes += sz;
wolfSSL	0:1239e9b70ca2	1133	ourMemStats.currentBytes += sz;
wolfSSL	0:1239e9b70ca2	1134	if (ourMemStats.currentBytes > ourMemStats.peakBytes)
wolfSSL	0:1239e9b70ca2	1135	ourMemStats.peakBytes = ourMemStats.currentBytes;
wolfSSL	0:1239e9b70ca2	1136	#endif
wolfSSL	0:1239e9b70ca2	1137
wolfSSL	0:1239e9b70ca2	1138	return mt->u.hint.thisMemory;
wolfSSL	0:1239e9b70ca2	1139	}
wolfSSL	0:1239e9b70ca2	1140
wolfSSL	0:1239e9b70ca2	1141
wolfSSL	0:1239e9b70ca2	1142	static INLINE void TrackFree(void* ptr)
wolfSSL	0:1239e9b70ca2	1143	{
wolfSSL	0:1239e9b70ca2	1144	memoryTrack* mt;
wolfSSL	0:1239e9b70ca2	1145
wolfSSL	0:1239e9b70ca2	1146	if (ptr == NULL)
wolfSSL	0:1239e9b70ca2	1147	return;
wolfSSL	0:1239e9b70ca2	1148
wolfSSL	0:1239e9b70ca2	1149	mt = (memoryTrack*)ptr;
wolfSSL	0:1239e9b70ca2	1150	--mt; /* same as minus sizeof(memoryTrack), removes header */
wolfSSL	0:1239e9b70ca2	1151
wolfSSL	0:1239e9b70ca2	1152	#ifdef DO_MEM_STATS
wolfSSL	0:1239e9b70ca2	1153	ourMemStats.currentBytes -= mt->u.hint.thisSize;
wolfSSL	0:1239e9b70ca2	1154	#endif
wolfSSL	0:1239e9b70ca2	1155
wolfSSL	0:1239e9b70ca2	1156	free(mt);
wolfSSL	0:1239e9b70ca2	1157	}
wolfSSL	0:1239e9b70ca2	1158
wolfSSL	0:1239e9b70ca2	1159
wolfSSL	0:1239e9b70ca2	1160	static INLINE void* TrackRealloc(void* ptr, size_t sz)
wolfSSL	0:1239e9b70ca2	1161	{
wolfSSL	0:1239e9b70ca2	1162	void* ret = TrackMalloc(sz);
wolfSSL	0:1239e9b70ca2	1163
wolfSSL	0:1239e9b70ca2	1164	if (ptr) {
wolfSSL	0:1239e9b70ca2	1165	/* if realloc is bigger, don't overread old ptr */
wolfSSL	0:1239e9b70ca2	1166	memoryTrack* mt = (memoryTrack*)ptr;
wolfSSL	0:1239e9b70ca2	1167	--mt; /* same as minus sizeof(memoryTrack), removes header */
wolfSSL	0:1239e9b70ca2	1168
wolfSSL	0:1239e9b70ca2	1169	if (mt->u.hint.thisSize < sz)
wolfSSL	0:1239e9b70ca2	1170	sz = mt->u.hint.thisSize;
wolfSSL	0:1239e9b70ca2	1171	}
wolfSSL	0:1239e9b70ca2	1172
wolfSSL	0:1239e9b70ca2	1173	if (ret && ptr)
wolfSSL	0:1239e9b70ca2	1174	memcpy(ret, ptr, sz);
wolfSSL	0:1239e9b70ca2	1175
wolfSSL	0:1239e9b70ca2	1176	if (ret)
wolfSSL	0:1239e9b70ca2	1177	TrackFree(ptr);
wolfSSL	0:1239e9b70ca2	1178
wolfSSL	0:1239e9b70ca2	1179	return ret;
wolfSSL	0:1239e9b70ca2	1180	}
wolfSSL	0:1239e9b70ca2	1181
wolfSSL	0:1239e9b70ca2	1182	static INLINE void InitMemoryTracker(void)
wolfSSL	0:1239e9b70ca2	1183	{
wolfSSL	0:1239e9b70ca2	1184	if (CyaSSL_SetAllocators(TrackMalloc, TrackFree, TrackRealloc) != 0)
wolfSSL	0:1239e9b70ca2	1185	err_sys("CyaSSL SetAllocators failed for track memory");
wolfSSL	0:1239e9b70ca2	1186
wolfSSL	0:1239e9b70ca2	1187	#ifdef DO_MEM_STATS
wolfSSL	0:1239e9b70ca2	1188	ourMemStats.totalAllocs = 0;
wolfSSL	0:1239e9b70ca2	1189	ourMemStats.totalBytes = 0;
wolfSSL	0:1239e9b70ca2	1190	ourMemStats.peakBytes = 0;
wolfSSL	0:1239e9b70ca2	1191	ourMemStats.currentBytes = 0;
wolfSSL	0:1239e9b70ca2	1192	#endif
wolfSSL	0:1239e9b70ca2	1193	}
wolfSSL	0:1239e9b70ca2	1194
wolfSSL	0:1239e9b70ca2	1195	static INLINE void ShowMemoryTracker(void)
wolfSSL	0:1239e9b70ca2	1196	{
wolfSSL	0:1239e9b70ca2	1197	#ifdef DO_MEM_STATS
wolfSSL	0:1239e9b70ca2	1198	printf("total Allocs = %9lu\n",
wolfSSL	0:1239e9b70ca2	1199	(unsigned long)ourMemStats.totalAllocs);
wolfSSL	0:1239e9b70ca2	1200	printf("total Bytes = %9lu\n",
wolfSSL	0:1239e9b70ca2	1201	(unsigned long)ourMemStats.totalBytes);
wolfSSL	0:1239e9b70ca2	1202	printf("peak Bytes = %9lu\n",
wolfSSL	0:1239e9b70ca2	1203	(unsigned long)ourMemStats.peakBytes);
wolfSSL	0:1239e9b70ca2	1204	printf("current Bytes = %9lu\n",
wolfSSL	0:1239e9b70ca2	1205	(unsigned long)ourMemStats.currentBytes);
wolfSSL	0:1239e9b70ca2	1206	#endif
wolfSSL	0:1239e9b70ca2	1207	}
wolfSSL	0:1239e9b70ca2	1208
wolfSSL	0:1239e9b70ca2	1209	#endif /* USE_CYASSL_MEMORY */
wolfSSL	0:1239e9b70ca2	1210
wolfSSL	0:1239e9b70ca2	1211
wolfSSL	0:1239e9b70ca2	1212	#ifdef HAVE_STACK_SIZE
wolfSSL	0:1239e9b70ca2	1213
wolfSSL	0:1239e9b70ca2	1214	typedef THREAD_RETURN CYASSL_THREAD (thread_func)(void args);
wolfSSL	0:1239e9b70ca2	1215
wolfSSL	0:1239e9b70ca2	1216
wolfSSL	0:1239e9b70ca2	1217	static INLINE void StackSizeCheck(func_args* args, thread_func tf)
wolfSSL	0:1239e9b70ca2	1218	{
wolfSSL	0:1239e9b70ca2	1219	int ret, i, used;
wolfSSL	0:1239e9b70ca2	1220	unsigned char* myStack;
wolfSSL	0:1239e9b70ca2	1221	int stackSize = 1024*128;
wolfSSL	0:1239e9b70ca2	1222	pthread_attr_t myAttr;
wolfSSL	0:1239e9b70ca2	1223	pthread_t threadId;
wolfSSL	0:1239e9b70ca2	1224
wolfSSL	0:1239e9b70ca2	1225	#ifdef PTHREAD_STACK_MIN
wolfSSL	0:1239e9b70ca2	1226	if (stackSize < PTHREAD_STACK_MIN)
wolfSSL	0:1239e9b70ca2	1227	stackSize = PTHREAD_STACK_MIN;
wolfSSL	0:1239e9b70ca2	1228	#endif
wolfSSL	0:1239e9b70ca2	1229
wolfSSL	0:1239e9b70ca2	1230	ret = posix_memalign((void**)&myStack, sysconf(_SC_PAGESIZE), stackSize);
wolfSSL	0:1239e9b70ca2	1231	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1232	err_sys("posix_memalign failed\n");
wolfSSL	0:1239e9b70ca2	1233
wolfSSL	0:1239e9b70ca2	1234	memset(myStack, 0x01, stackSize);
wolfSSL	0:1239e9b70ca2	1235
wolfSSL	0:1239e9b70ca2	1236	ret = pthread_attr_init(&myAttr);
wolfSSL	0:1239e9b70ca2	1237	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1238	err_sys("attr_init failed");
wolfSSL	0:1239e9b70ca2	1239
wolfSSL	0:1239e9b70ca2	1240	ret = pthread_attr_setstack(&myAttr, myStack, stackSize);
wolfSSL	0:1239e9b70ca2	1241	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1242	err_sys("attr_setstackaddr failed");
wolfSSL	0:1239e9b70ca2	1243
wolfSSL	0:1239e9b70ca2	1244	ret = pthread_create(&threadId, &myAttr, tf, args);
wolfSSL	0:1239e9b70ca2	1245	if (ret != 0) {
wolfSSL	0:1239e9b70ca2	1246	perror("pthread_create failed");
wolfSSL	0:1239e9b70ca2	1247	exit(EXIT_FAILURE);
wolfSSL	0:1239e9b70ca2	1248	}
wolfSSL	0:1239e9b70ca2	1249
wolfSSL	0:1239e9b70ca2	1250	ret = pthread_join(threadId, NULL);
wolfSSL	0:1239e9b70ca2	1251	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1252	err_sys("pthread_join failed");
wolfSSL	0:1239e9b70ca2	1253
wolfSSL	0:1239e9b70ca2	1254	for (i = 0; i < stackSize; i++) {
wolfSSL	0:1239e9b70ca2	1255	if (myStack[i] != 0x01) {
wolfSSL	0:1239e9b70ca2	1256	break;
wolfSSL	0:1239e9b70ca2	1257	}
wolfSSL	0:1239e9b70ca2	1258	}
wolfSSL	0:1239e9b70ca2	1259
wolfSSL	0:1239e9b70ca2	1260	used = stackSize - i;
wolfSSL	0:1239e9b70ca2	1261	printf("stack used = %d\n", used);
wolfSSL	0:1239e9b70ca2	1262	}
wolfSSL	0:1239e9b70ca2	1263
wolfSSL	0:1239e9b70ca2	1264
wolfSSL	0:1239e9b70ca2	1265	#endif /* HAVE_STACK_SIZE */
wolfSSL	0:1239e9b70ca2	1266
wolfSSL	0:1239e9b70ca2	1267
wolfSSL	0:1239e9b70ca2	1268	#ifdef STACK_TRAP
wolfSSL	0:1239e9b70ca2	1269
wolfSSL	0:1239e9b70ca2	1270	/* good settings
wolfSSL	0:1239e9b70ca2	1271	--enable-debug --disable-shared C_EXTRA_FLAGS="-DUSER_TIME -DTFM_TIMING_RESISTANT -DPOSITIVE_EXP_ONLY -DSTACK_TRAP"
wolfSSL	0:1239e9b70ca2	1272
wolfSSL	0:1239e9b70ca2	1273	*/
wolfSSL	0:1239e9b70ca2	1274
wolfSSL	0:1239e9b70ca2	1275	#ifdef HAVE_STACK_SIZE
wolfSSL	0:1239e9b70ca2	1276	/* client only for now, setrlimit will fail if pthread_create() called */
wolfSSL	0:1239e9b70ca2	1277	/* STACK_SIZE does pthread_create() on client */
wolfSSL	0:1239e9b70ca2	1278	#error "can't use STACK_TRAP with STACK_SIZE, setrlimit will fail"
wolfSSL	0:1239e9b70ca2	1279	#endif /* HAVE_STACK_SIZE */
wolfSSL	0:1239e9b70ca2	1280
wolfSSL	0:1239e9b70ca2	1281	static INLINE void StackTrap(void)
wolfSSL	0:1239e9b70ca2	1282	{
wolfSSL	0:1239e9b70ca2	1283	struct rlimit rl;
wolfSSL	0:1239e9b70ca2	1284	if (getrlimit(RLIMIT_STACK, &rl) != 0)
wolfSSL	0:1239e9b70ca2	1285	err_sys("getrlimit failed");
wolfSSL	0:1239e9b70ca2	1286	printf("rlim_cur = %llu\n", rl.rlim_cur);
wolfSSL	0:1239e9b70ca2	1287	rl.rlim_cur = 102421; / adjust trap size here */
wolfSSL	0:1239e9b70ca2	1288	if (setrlimit(RLIMIT_STACK, &rl) != 0) {
wolfSSL	0:1239e9b70ca2	1289	perror("setrlimit");
wolfSSL	0:1239e9b70ca2	1290	err_sys("setrlimit failed");
wolfSSL	0:1239e9b70ca2	1291	}
wolfSSL	0:1239e9b70ca2	1292	}
wolfSSL	0:1239e9b70ca2	1293
wolfSSL	0:1239e9b70ca2	1294	#else /* STACK_TRAP */
wolfSSL	0:1239e9b70ca2	1295
wolfSSL	0:1239e9b70ca2	1296	static INLINE void StackTrap(void)
wolfSSL	0:1239e9b70ca2	1297	{
wolfSSL	0:1239e9b70ca2	1298	}
wolfSSL	0:1239e9b70ca2	1299
wolfSSL	0:1239e9b70ca2	1300	#endif /* STACK_TRAP */
wolfSSL	0:1239e9b70ca2	1301
wolfSSL	0:1239e9b70ca2	1302
wolfSSL	0:1239e9b70ca2	1303	#ifdef ATOMIC_USER
wolfSSL	0:1239e9b70ca2	1304
wolfSSL	0:1239e9b70ca2	1305	/* Atomic Encrypt Context example */
wolfSSL	0:1239e9b70ca2	1306	typedef struct AtomicEncCtx {
wolfSSL	0:1239e9b70ca2	1307	int keySetup; /* have we done key setup yet */
wolfSSL	0:1239e9b70ca2	1308	Aes aes; /* for aes example */
wolfSSL	0:1239e9b70ca2	1309	} AtomicEncCtx;
wolfSSL	0:1239e9b70ca2	1310
wolfSSL	0:1239e9b70ca2	1311
wolfSSL	0:1239e9b70ca2	1312	/* Atomic Decrypt Context example */
wolfSSL	0:1239e9b70ca2	1313	typedef struct AtomicDecCtx {
wolfSSL	0:1239e9b70ca2	1314	int keySetup; /* have we done key setup yet */
wolfSSL	0:1239e9b70ca2	1315	Aes aes; /* for aes example */
wolfSSL	0:1239e9b70ca2	1316	} AtomicDecCtx;
wolfSSL	0:1239e9b70ca2	1317
wolfSSL	0:1239e9b70ca2	1318
wolfSSL	0:1239e9b70ca2	1319	static INLINE int myMacEncryptCb(CYASSL* ssl, unsigned char* macOut,
wolfSSL	0:1239e9b70ca2	1320	const unsigned char* macIn, unsigned int macInSz, int macContent,
wolfSSL	0:1239e9b70ca2	1321	int macVerify, unsigned char* encOut, const unsigned char* encIn,
wolfSSL	0:1239e9b70ca2	1322	unsigned int encSz, void* ctx)
wolfSSL	0:1239e9b70ca2	1323	{
wolfSSL	0:1239e9b70ca2	1324	int ret;
wolfSSL	0:1239e9b70ca2	1325	Hmac hmac;
wolfSSL	0:1239e9b70ca2	1326	byte myInner[CYASSL_TLS_HMAC_INNER_SZ];
wolfSSL	0:1239e9b70ca2	1327	AtomicEncCtx* encCtx = (AtomicEncCtx*)ctx;
wolfSSL	0:1239e9b70ca2	1328	const char* tlsStr = "TLS";
wolfSSL	0:1239e9b70ca2	1329
wolfSSL	0:1239e9b70ca2	1330	/* example supports (d)tls aes */
wolfSSL	0:1239e9b70ca2	1331	if (CyaSSL_GetBulkCipher(ssl) != cyassl_aes) {
wolfSSL	0:1239e9b70ca2	1332	printf("myMacEncryptCb not using AES\n");
wolfSSL	0:1239e9b70ca2	1333	return -1;
wolfSSL	0:1239e9b70ca2	1334	}
wolfSSL	0:1239e9b70ca2	1335
wolfSSL	0:1239e9b70ca2	1336	if (strstr(CyaSSL_get_version(ssl), tlsStr) == NULL) {
wolfSSL	0:1239e9b70ca2	1337	printf("myMacEncryptCb not using (D)TLS\n");
wolfSSL	0:1239e9b70ca2	1338	return -1;
wolfSSL	0:1239e9b70ca2	1339	}
wolfSSL	0:1239e9b70ca2	1340
wolfSSL	0:1239e9b70ca2	1341	/* hmac, not needed if aead mode */
wolfSSL	0:1239e9b70ca2	1342	CyaSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify);
wolfSSL	0:1239e9b70ca2	1343
wolfSSL	0:1239e9b70ca2	1344	ret = HmacSetKey(&hmac, CyaSSL_GetHmacType(ssl),
wolfSSL	0:1239e9b70ca2	1345	CyaSSL_GetMacSecret(ssl, macVerify), CyaSSL_GetHmacSize(ssl));
wolfSSL	0:1239e9b70ca2	1346	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1347	return ret;
wolfSSL	0:1239e9b70ca2	1348	ret = HmacUpdate(&hmac, myInner, sizeof(myInner));
wolfSSL	0:1239e9b70ca2	1349	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1350	return ret;
wolfSSL	0:1239e9b70ca2	1351	ret = HmacUpdate(&hmac, macIn, macInSz);
wolfSSL	0:1239e9b70ca2	1352	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1353	return ret;
wolfSSL	0:1239e9b70ca2	1354	ret = HmacFinal(&hmac, macOut);
wolfSSL	0:1239e9b70ca2	1355	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1356	return ret;
wolfSSL	0:1239e9b70ca2	1357
wolfSSL	0:1239e9b70ca2	1358
wolfSSL	0:1239e9b70ca2	1359	/* encrypt setup on first time */
wolfSSL	0:1239e9b70ca2	1360	if (encCtx->keySetup == 0) {
wolfSSL	0:1239e9b70ca2	1361	int keyLen = CyaSSL_GetKeySize(ssl);
wolfSSL	0:1239e9b70ca2	1362	const byte* key;
wolfSSL	0:1239e9b70ca2	1363	const byte* iv;
wolfSSL	0:1239e9b70ca2	1364
wolfSSL	0:1239e9b70ca2	1365	if (CyaSSL_GetSide(ssl) == CYASSL_CLIENT_END) {
wolfSSL	0:1239e9b70ca2	1366	key = CyaSSL_GetClientWriteKey(ssl);
wolfSSL	0:1239e9b70ca2	1367	iv = CyaSSL_GetClientWriteIV(ssl);
wolfSSL	0:1239e9b70ca2	1368	}
wolfSSL	0:1239e9b70ca2	1369	else {
wolfSSL	0:1239e9b70ca2	1370	key = CyaSSL_GetServerWriteKey(ssl);
wolfSSL	0:1239e9b70ca2	1371	iv = CyaSSL_GetServerWriteIV(ssl);
wolfSSL	0:1239e9b70ca2	1372	}
wolfSSL	0:1239e9b70ca2	1373
wolfSSL	0:1239e9b70ca2	1374	ret = AesSetKey(&encCtx->aes, key, keyLen, iv, AES_ENCRYPTION);
wolfSSL	0:1239e9b70ca2	1375	if (ret != 0) {
wolfSSL	0:1239e9b70ca2	1376	printf("AesSetKey failed in myMacEncryptCb\n");
wolfSSL	0:1239e9b70ca2	1377	return ret;
wolfSSL	0:1239e9b70ca2	1378	}
wolfSSL	0:1239e9b70ca2	1379	encCtx->keySetup = 1;
wolfSSL	0:1239e9b70ca2	1380	}
wolfSSL	0:1239e9b70ca2	1381
wolfSSL	0:1239e9b70ca2	1382	/* encrypt */
wolfSSL	0:1239e9b70ca2	1383	return AesCbcEncrypt(&encCtx->aes, encOut, encIn, encSz);
wolfSSL	0:1239e9b70ca2	1384	}
wolfSSL	0:1239e9b70ca2	1385
wolfSSL	0:1239e9b70ca2	1386
wolfSSL	0:1239e9b70ca2	1387	static INLINE int myDecryptVerifyCb(CYASSL* ssl,
wolfSSL	0:1239e9b70ca2	1388	unsigned char* decOut, const unsigned char* decIn,
wolfSSL	0:1239e9b70ca2	1389	unsigned int decSz, int macContent, int macVerify,
wolfSSL	0:1239e9b70ca2	1390	unsigned int* padSz, void* ctx)
wolfSSL	0:1239e9b70ca2	1391	{
wolfSSL	0:1239e9b70ca2	1392	AtomicDecCtx* decCtx = (AtomicDecCtx*)ctx;
wolfSSL	0:1239e9b70ca2	1393	int ret = 0;
wolfSSL	0:1239e9b70ca2	1394	int macInSz = 0;
wolfSSL	0:1239e9b70ca2	1395	int ivExtra = 0;
wolfSSL	0:1239e9b70ca2	1396	int digestSz = CyaSSL_GetHmacSize(ssl);
wolfSSL	0:1239e9b70ca2	1397	unsigned int pad = 0;
wolfSSL	0:1239e9b70ca2	1398	unsigned int padByte = 0;
wolfSSL	0:1239e9b70ca2	1399	Hmac hmac;
wolfSSL	0:1239e9b70ca2	1400	byte myInner[CYASSL_TLS_HMAC_INNER_SZ];
wolfSSL	0:1239e9b70ca2	1401	byte verify[MAX_DIGEST_SIZE];
wolfSSL	0:1239e9b70ca2	1402	const char* tlsStr = "TLS";
wolfSSL	0:1239e9b70ca2	1403
wolfSSL	0:1239e9b70ca2	1404	/* example supports (d)tls aes */
wolfSSL	0:1239e9b70ca2	1405	if (CyaSSL_GetBulkCipher(ssl) != cyassl_aes) {
wolfSSL	0:1239e9b70ca2	1406	printf("myMacEncryptCb not using AES\n");
wolfSSL	0:1239e9b70ca2	1407	return -1;
wolfSSL	0:1239e9b70ca2	1408	}
wolfSSL	0:1239e9b70ca2	1409
wolfSSL	0:1239e9b70ca2	1410	if (strstr(CyaSSL_get_version(ssl), tlsStr) == NULL) {
wolfSSL	0:1239e9b70ca2	1411	printf("myMacEncryptCb not using (D)TLS\n");
wolfSSL	0:1239e9b70ca2	1412	return -1;
wolfSSL	0:1239e9b70ca2	1413	}
wolfSSL	0:1239e9b70ca2	1414
wolfSSL	0:1239e9b70ca2	1415	/decrypt /
wolfSSL	0:1239e9b70ca2	1416	if (decCtx->keySetup == 0) {
wolfSSL	0:1239e9b70ca2	1417	int keyLen = CyaSSL_GetKeySize(ssl);
wolfSSL	0:1239e9b70ca2	1418	const byte* key;
wolfSSL	0:1239e9b70ca2	1419	const byte* iv;
wolfSSL	0:1239e9b70ca2	1420
wolfSSL	0:1239e9b70ca2	1421	/* decrypt is from other side (peer) */
wolfSSL	0:1239e9b70ca2	1422	if (CyaSSL_GetSide(ssl) == CYASSL_SERVER_END) {
wolfSSL	0:1239e9b70ca2	1423	key = CyaSSL_GetClientWriteKey(ssl);
wolfSSL	0:1239e9b70ca2	1424	iv = CyaSSL_GetClientWriteIV(ssl);
wolfSSL	0:1239e9b70ca2	1425	}
wolfSSL	0:1239e9b70ca2	1426	else {
wolfSSL	0:1239e9b70ca2	1427	key = CyaSSL_GetServerWriteKey(ssl);
wolfSSL	0:1239e9b70ca2	1428	iv = CyaSSL_GetServerWriteIV(ssl);
wolfSSL	0:1239e9b70ca2	1429	}
wolfSSL	0:1239e9b70ca2	1430
wolfSSL	0:1239e9b70ca2	1431	ret = AesSetKey(&decCtx->aes, key, keyLen, iv, AES_DECRYPTION);
wolfSSL	0:1239e9b70ca2	1432	if (ret != 0) {
wolfSSL	0:1239e9b70ca2	1433	printf("AesSetKey failed in myDecryptVerifyCb\n");
wolfSSL	0:1239e9b70ca2	1434	return ret;
wolfSSL	0:1239e9b70ca2	1435	}
wolfSSL	0:1239e9b70ca2	1436	decCtx->keySetup = 1;
wolfSSL	0:1239e9b70ca2	1437	}
wolfSSL	0:1239e9b70ca2	1438
wolfSSL	0:1239e9b70ca2	1439	/* decrypt */
wolfSSL	0:1239e9b70ca2	1440	ret = AesCbcDecrypt(&decCtx->aes, decOut, decIn, decSz);
wolfSSL	0:1239e9b70ca2	1441
wolfSSL	0:1239e9b70ca2	1442	if (CyaSSL_GetCipherType(ssl) == CYASSL_AEAD_TYPE) {
wolfSSL	0:1239e9b70ca2	1443	*padSz = CyaSSL_GetAeadMacSize(ssl);
wolfSSL	0:1239e9b70ca2	1444	return 0; /* hmac, not needed if aead mode */
wolfSSL	0:1239e9b70ca2	1445	}
wolfSSL	0:1239e9b70ca2	1446
wolfSSL	0:1239e9b70ca2	1447	if (CyaSSL_GetCipherType(ssl) == CYASSL_BLOCK_TYPE) {
wolfSSL	0:1239e9b70ca2	1448	pad = *(decOut + decSz - 1);
wolfSSL	0:1239e9b70ca2	1449	padByte = 1;
wolfSSL	0:1239e9b70ca2	1450	if (CyaSSL_IsTLSv1_1(ssl))
wolfSSL	0:1239e9b70ca2	1451	ivExtra = CyaSSL_GetCipherBlockSize(ssl);
wolfSSL	0:1239e9b70ca2	1452	}
wolfSSL	0:1239e9b70ca2	1453
wolfSSL	0:1239e9b70ca2	1454	*padSz = CyaSSL_GetHmacSize(ssl) + pad + padByte;
wolfSSL	0:1239e9b70ca2	1455	macInSz = decSz - ivExtra - digestSz - pad - padByte;
wolfSSL	0:1239e9b70ca2	1456
wolfSSL	0:1239e9b70ca2	1457	CyaSSL_SetTlsHmacInner(ssl, myInner, macInSz, macContent, macVerify);
wolfSSL	0:1239e9b70ca2	1458
wolfSSL	0:1239e9b70ca2	1459	ret = HmacSetKey(&hmac, CyaSSL_GetHmacType(ssl),
wolfSSL	0:1239e9b70ca2	1460	CyaSSL_GetMacSecret(ssl, macVerify), digestSz);
wolfSSL	0:1239e9b70ca2	1461	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1462	return ret;
wolfSSL	0:1239e9b70ca2	1463	ret = HmacUpdate(&hmac, myInner, sizeof(myInner));
wolfSSL	0:1239e9b70ca2	1464	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1465	return ret;
wolfSSL	0:1239e9b70ca2	1466	ret = HmacUpdate(&hmac, decOut + ivExtra, macInSz);
wolfSSL	0:1239e9b70ca2	1467	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1468	return ret;
wolfSSL	0:1239e9b70ca2	1469	ret = HmacFinal(&hmac, verify);
wolfSSL	0:1239e9b70ca2	1470	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1471	return ret;
wolfSSL	0:1239e9b70ca2	1472
wolfSSL	0:1239e9b70ca2	1473	if (memcmp(verify, decOut + decSz - digestSz - pad - padByte,
wolfSSL	0:1239e9b70ca2	1474	digestSz) != 0) {
wolfSSL	0:1239e9b70ca2	1475	printf("myDecryptVerify verify failed\n");
wolfSSL	0:1239e9b70ca2	1476	return -1;
wolfSSL	0:1239e9b70ca2	1477	}
wolfSSL	0:1239e9b70ca2	1478
wolfSSL	0:1239e9b70ca2	1479	return ret;
wolfSSL	0:1239e9b70ca2	1480	}
wolfSSL	0:1239e9b70ca2	1481
wolfSSL	0:1239e9b70ca2	1482
wolfSSL	0:1239e9b70ca2	1483	static INLINE void SetupAtomicUser(CYASSL_CTX* ctx, CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	1484	{
wolfSSL	0:1239e9b70ca2	1485	AtomicEncCtx* encCtx;
wolfSSL	0:1239e9b70ca2	1486	AtomicDecCtx* decCtx;
wolfSSL	0:1239e9b70ca2	1487
wolfSSL	0:1239e9b70ca2	1488	encCtx = (AtomicEncCtx*)malloc(sizeof(AtomicEncCtx));
wolfSSL	0:1239e9b70ca2	1489	if (encCtx == NULL)
wolfSSL	0:1239e9b70ca2	1490	err_sys("AtomicEncCtx malloc failed");
wolfSSL	0:1239e9b70ca2	1491	memset(encCtx, 0, sizeof(AtomicEncCtx));
wolfSSL	0:1239e9b70ca2	1492
wolfSSL	0:1239e9b70ca2	1493	decCtx = (AtomicDecCtx*)malloc(sizeof(AtomicDecCtx));
wolfSSL	0:1239e9b70ca2	1494	if (decCtx == NULL) {
wolfSSL	0:1239e9b70ca2	1495	free(encCtx);
wolfSSL	0:1239e9b70ca2	1496	err_sys("AtomicDecCtx malloc failed");
wolfSSL	0:1239e9b70ca2	1497	}
wolfSSL	0:1239e9b70ca2	1498	memset(decCtx, 0, sizeof(AtomicDecCtx));
wolfSSL	0:1239e9b70ca2	1499
wolfSSL	0:1239e9b70ca2	1500	CyaSSL_CTX_SetMacEncryptCb(ctx, myMacEncryptCb);
wolfSSL	0:1239e9b70ca2	1501	CyaSSL_SetMacEncryptCtx(ssl, encCtx);
wolfSSL	0:1239e9b70ca2	1502
wolfSSL	0:1239e9b70ca2	1503	CyaSSL_CTX_SetDecryptVerifyCb(ctx, myDecryptVerifyCb);
wolfSSL	0:1239e9b70ca2	1504	CyaSSL_SetDecryptVerifyCtx(ssl, decCtx);
wolfSSL	0:1239e9b70ca2	1505	}
wolfSSL	0:1239e9b70ca2	1506
wolfSSL	0:1239e9b70ca2	1507
wolfSSL	0:1239e9b70ca2	1508	static INLINE void FreeAtomicUser(CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	1509	{
wolfSSL	0:1239e9b70ca2	1510	AtomicEncCtx* encCtx = CyaSSL_GetMacEncryptCtx(ssl);
wolfSSL	0:1239e9b70ca2	1511	AtomicDecCtx* decCtx = CyaSSL_GetDecryptVerifyCtx(ssl);
wolfSSL	0:1239e9b70ca2	1512
wolfSSL	0:1239e9b70ca2	1513	free(decCtx);
wolfSSL	0:1239e9b70ca2	1514	free(encCtx);
wolfSSL	0:1239e9b70ca2	1515	}
wolfSSL	0:1239e9b70ca2	1516
wolfSSL	0:1239e9b70ca2	1517	#endif /* ATOMIC_USER */
wolfSSL	0:1239e9b70ca2	1518
wolfSSL	0:1239e9b70ca2	1519
wolfSSL	0:1239e9b70ca2	1520	#ifdef HAVE_PK_CALLBACKS
wolfSSL	0:1239e9b70ca2	1521
wolfSSL	0:1239e9b70ca2	1522	#ifdef HAVE_ECC
wolfSSL	0:1239e9b70ca2	1523
wolfSSL	0:1239e9b70ca2	1524	static INLINE int myEccSign(CYASSL* ssl, const byte* in, word32 inSz,
wolfSSL	0:1239e9b70ca2	1525	byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
wolfSSL	0:1239e9b70ca2	1526	{
wolfSSL	0:1239e9b70ca2	1527	RNG rng;
wolfSSL	0:1239e9b70ca2	1528	int ret;
wolfSSL	0:1239e9b70ca2	1529	word32 idx = 0;
wolfSSL	0:1239e9b70ca2	1530	ecc_key myKey;
wolfSSL	0:1239e9b70ca2	1531
wolfSSL	0:1239e9b70ca2	1532	(void)ssl;
wolfSSL	0:1239e9b70ca2	1533	(void)ctx;
wolfSSL	0:1239e9b70ca2	1534
wolfSSL	0:1239e9b70ca2	1535	ret = InitRng(&rng);
wolfSSL	0:1239e9b70ca2	1536	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1537	return ret;
wolfSSL	0:1239e9b70ca2	1538
wolfSSL	0:1239e9b70ca2	1539	ecc_init(&myKey);
wolfSSL	0:1239e9b70ca2	1540
wolfSSL	0:1239e9b70ca2	1541	ret = EccPrivateKeyDecode(key, &idx, &myKey, keySz);
wolfSSL	0:1239e9b70ca2	1542	if (ret == 0)
wolfSSL	0:1239e9b70ca2	1543	ret = ecc_sign_hash(in, inSz, out, outSz, &rng, &myKey);
wolfSSL	0:1239e9b70ca2	1544	ecc_free(&myKey);
wolfSSL	0:1239e9b70ca2	1545
wolfSSL	0:1239e9b70ca2	1546	return ret;
wolfSSL	0:1239e9b70ca2	1547	}
wolfSSL	0:1239e9b70ca2	1548
wolfSSL	0:1239e9b70ca2	1549
wolfSSL	0:1239e9b70ca2	1550	static INLINE int myEccVerify(CYASSL* ssl, const byte* sig, word32 sigSz,
wolfSSL	0:1239e9b70ca2	1551	const byte* hash, word32 hashSz, const byte* key, word32 keySz,
wolfSSL	0:1239e9b70ca2	1552	int* result, void* ctx)
wolfSSL	0:1239e9b70ca2	1553	{
wolfSSL	0:1239e9b70ca2	1554	int ret;
wolfSSL	0:1239e9b70ca2	1555	ecc_key myKey;
wolfSSL	0:1239e9b70ca2	1556
wolfSSL	0:1239e9b70ca2	1557	(void)ssl;
wolfSSL	0:1239e9b70ca2	1558	(void)ctx;
wolfSSL	0:1239e9b70ca2	1559
wolfSSL	0:1239e9b70ca2	1560	ecc_init(&myKey);
wolfSSL	0:1239e9b70ca2	1561
wolfSSL	0:1239e9b70ca2	1562	ret = ecc_import_x963(key, keySz, &myKey);
wolfSSL	0:1239e9b70ca2	1563	if (ret == 0)
wolfSSL	0:1239e9b70ca2	1564	ret = ecc_verify_hash(sig, sigSz, hash, hashSz, result, &myKey);
wolfSSL	0:1239e9b70ca2	1565	ecc_free(&myKey);
wolfSSL	0:1239e9b70ca2	1566
wolfSSL	0:1239e9b70ca2	1567	return ret;
wolfSSL	0:1239e9b70ca2	1568	}
wolfSSL	0:1239e9b70ca2	1569
wolfSSL	0:1239e9b70ca2	1570	#endif /* HAVE_ECC */
wolfSSL	0:1239e9b70ca2	1571
wolfSSL	0:1239e9b70ca2	1572	#ifndef NO_RSA
wolfSSL	0:1239e9b70ca2	1573
wolfSSL	0:1239e9b70ca2	1574	static INLINE int myRsaSign(CYASSL* ssl, const byte* in, word32 inSz,
wolfSSL	0:1239e9b70ca2	1575	byte* out, word32* outSz, const byte* key, word32 keySz, void* ctx)
wolfSSL	0:1239e9b70ca2	1576	{
wolfSSL	0:1239e9b70ca2	1577	RNG rng;
wolfSSL	0:1239e9b70ca2	1578	int ret;
wolfSSL	0:1239e9b70ca2	1579	word32 idx = 0;
wolfSSL	0:1239e9b70ca2	1580	RsaKey myKey;
wolfSSL	0:1239e9b70ca2	1581
wolfSSL	0:1239e9b70ca2	1582	(void)ssl;
wolfSSL	0:1239e9b70ca2	1583	(void)ctx;
wolfSSL	0:1239e9b70ca2	1584
wolfSSL	0:1239e9b70ca2	1585	ret = InitRng(&rng);
wolfSSL	0:1239e9b70ca2	1586	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1587	return ret;
wolfSSL	0:1239e9b70ca2	1588
wolfSSL	0:1239e9b70ca2	1589	InitRsaKey(&myKey, NULL);
wolfSSL	0:1239e9b70ca2	1590
wolfSSL	0:1239e9b70ca2	1591	ret = RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
wolfSSL	0:1239e9b70ca2	1592	if (ret == 0)
wolfSSL	0:1239e9b70ca2	1593	ret = RsaSSL_Sign(in, inSz, out, *outSz, &myKey, &rng);
wolfSSL	0:1239e9b70ca2	1594	if (ret > 0) { /* save and convert to 0 success */
wolfSSL	0:1239e9b70ca2	1595	*outSz = ret;
wolfSSL	0:1239e9b70ca2	1596	ret = 0;
wolfSSL	0:1239e9b70ca2	1597	}
wolfSSL	0:1239e9b70ca2	1598	FreeRsaKey(&myKey);
wolfSSL	0:1239e9b70ca2	1599
wolfSSL	0:1239e9b70ca2	1600	return ret;
wolfSSL	0:1239e9b70ca2	1601	}
wolfSSL	0:1239e9b70ca2	1602
wolfSSL	0:1239e9b70ca2	1603
wolfSSL	0:1239e9b70ca2	1604	static INLINE int myRsaVerify(CYASSL* ssl, byte* sig, word32 sigSz,
wolfSSL	0:1239e9b70ca2	1605	byte** out,
wolfSSL	0:1239e9b70ca2	1606	const byte* key, word32 keySz,
wolfSSL	0:1239e9b70ca2	1607	void* ctx)
wolfSSL	0:1239e9b70ca2	1608	{
wolfSSL	0:1239e9b70ca2	1609	int ret;
wolfSSL	0:1239e9b70ca2	1610	word32 idx = 0;
wolfSSL	0:1239e9b70ca2	1611	RsaKey myKey;
wolfSSL	0:1239e9b70ca2	1612
wolfSSL	0:1239e9b70ca2	1613	(void)ssl;
wolfSSL	0:1239e9b70ca2	1614	(void)ctx;
wolfSSL	0:1239e9b70ca2	1615
wolfSSL	0:1239e9b70ca2	1616	InitRsaKey(&myKey, NULL);
wolfSSL	0:1239e9b70ca2	1617
wolfSSL	0:1239e9b70ca2	1618	ret = RsaPublicKeyDecode(key, &idx, &myKey, keySz);
wolfSSL	0:1239e9b70ca2	1619	if (ret == 0)
wolfSSL	0:1239e9b70ca2	1620	ret = RsaSSL_VerifyInline(sig, sigSz, out, &myKey);
wolfSSL	0:1239e9b70ca2	1621	FreeRsaKey(&myKey);
wolfSSL	0:1239e9b70ca2	1622
wolfSSL	0:1239e9b70ca2	1623	return ret;
wolfSSL	0:1239e9b70ca2	1624	}
wolfSSL	0:1239e9b70ca2	1625
wolfSSL	0:1239e9b70ca2	1626
wolfSSL	0:1239e9b70ca2	1627	static INLINE int myRsaEnc(CYASSL* ssl, const byte* in, word32 inSz,
wolfSSL	0:1239e9b70ca2	1628	byte* out, word32* outSz, const byte* key,
wolfSSL	0:1239e9b70ca2	1629	word32 keySz, void* ctx)
wolfSSL	0:1239e9b70ca2	1630	{
wolfSSL	0:1239e9b70ca2	1631	int ret;
wolfSSL	0:1239e9b70ca2	1632	word32 idx = 0;
wolfSSL	0:1239e9b70ca2	1633	RsaKey myKey;
wolfSSL	0:1239e9b70ca2	1634	RNG rng;
wolfSSL	0:1239e9b70ca2	1635
wolfSSL	0:1239e9b70ca2	1636	(void)ssl;
wolfSSL	0:1239e9b70ca2	1637	(void)ctx;
wolfSSL	0:1239e9b70ca2	1638
wolfSSL	0:1239e9b70ca2	1639	ret = InitRng(&rng);
wolfSSL	0:1239e9b70ca2	1640	if (ret != 0)
wolfSSL	0:1239e9b70ca2	1641	return ret;
wolfSSL	0:1239e9b70ca2	1642
wolfSSL	0:1239e9b70ca2	1643	InitRsaKey(&myKey, NULL);
wolfSSL	0:1239e9b70ca2	1644
wolfSSL	0:1239e9b70ca2	1645	ret = RsaPublicKeyDecode(key, &idx, &myKey, keySz);
wolfSSL	0:1239e9b70ca2	1646	if (ret == 0) {
wolfSSL	0:1239e9b70ca2	1647	ret = RsaPublicEncrypt(in, inSz, out, *outSz, &myKey, &rng);
wolfSSL	0:1239e9b70ca2	1648	if (ret > 0) {
wolfSSL	0:1239e9b70ca2	1649	*outSz = ret;
wolfSSL	0:1239e9b70ca2	1650	ret = 0; /* reset to success */
wolfSSL	0:1239e9b70ca2	1651	}
wolfSSL	0:1239e9b70ca2	1652	}
wolfSSL	0:1239e9b70ca2	1653	FreeRsaKey(&myKey);
wolfSSL	0:1239e9b70ca2	1654
wolfSSL	0:1239e9b70ca2	1655	return ret;
wolfSSL	0:1239e9b70ca2	1656	}
wolfSSL	0:1239e9b70ca2	1657
wolfSSL	0:1239e9b70ca2	1658	static INLINE int myRsaDec(CYASSL* ssl, byte* in, word32 inSz,
wolfSSL	0:1239e9b70ca2	1659	byte** out,
wolfSSL	0:1239e9b70ca2	1660	const byte* key, word32 keySz, void* ctx)
wolfSSL	0:1239e9b70ca2	1661	{
wolfSSL	0:1239e9b70ca2	1662	int ret;
wolfSSL	0:1239e9b70ca2	1663	word32 idx = 0;
wolfSSL	0:1239e9b70ca2	1664	RsaKey myKey;
wolfSSL	0:1239e9b70ca2	1665
wolfSSL	0:1239e9b70ca2	1666	(void)ssl;
wolfSSL	0:1239e9b70ca2	1667	(void)ctx;
wolfSSL	0:1239e9b70ca2	1668
wolfSSL	0:1239e9b70ca2	1669	InitRsaKey(&myKey, NULL);
wolfSSL	0:1239e9b70ca2	1670
wolfSSL	0:1239e9b70ca2	1671	ret = RsaPrivateKeyDecode(key, &idx, &myKey, keySz);
wolfSSL	0:1239e9b70ca2	1672	if (ret == 0) {
wolfSSL	0:1239e9b70ca2	1673	ret = RsaPrivateDecryptInline(in, inSz, out, &myKey);
wolfSSL	0:1239e9b70ca2	1674	}
wolfSSL	0:1239e9b70ca2	1675	FreeRsaKey(&myKey);
wolfSSL	0:1239e9b70ca2	1676
wolfSSL	0:1239e9b70ca2	1677	return ret;
wolfSSL	0:1239e9b70ca2	1678	}
wolfSSL	0:1239e9b70ca2	1679
wolfSSL	0:1239e9b70ca2	1680	#endif /* NO_RSA */
wolfSSL	0:1239e9b70ca2	1681
wolfSSL	0:1239e9b70ca2	1682	static INLINE void SetupPkCallbacks(CYASSL_CTX* ctx, CYASSL* ssl)
wolfSSL	0:1239e9b70ca2	1683	{
wolfSSL	0:1239e9b70ca2	1684	(void)ctx;
wolfSSL	0:1239e9b70ca2	1685	(void)ssl;
wolfSSL	0:1239e9b70ca2	1686
wolfSSL	0:1239e9b70ca2	1687	#ifdef HAVE_ECC
wolfSSL	0:1239e9b70ca2	1688	CyaSSL_CTX_SetEccSignCb(ctx, myEccSign);
wolfSSL	0:1239e9b70ca2	1689	CyaSSL_CTX_SetEccVerifyCb(ctx, myEccVerify);
wolfSSL	0:1239e9b70ca2	1690	#endif /* HAVE_ECC */
wolfSSL	0:1239e9b70ca2	1691	#ifndef NO_RSA
wolfSSL	0:1239e9b70ca2	1692	CyaSSL_CTX_SetRsaSignCb(ctx, myRsaSign);
wolfSSL	0:1239e9b70ca2	1693	CyaSSL_CTX_SetRsaVerifyCb(ctx, myRsaVerify);
wolfSSL	0:1239e9b70ca2	1694	CyaSSL_CTX_SetRsaEncCb(ctx, myRsaEnc);
wolfSSL	0:1239e9b70ca2	1695	CyaSSL_CTX_SetRsaDecCb(ctx, myRsaDec);
wolfSSL	0:1239e9b70ca2	1696	#endif /* NO_RSA */
wolfSSL	0:1239e9b70ca2	1697	}
wolfSSL	0:1239e9b70ca2	1698
wolfSSL	0:1239e9b70ca2	1699	#endif /* HAVE_PK_CALLBACKS */
wolfSSL	0:1239e9b70ca2	1700
wolfSSL	0:1239e9b70ca2	1701
wolfSSL	0:1239e9b70ca2	1702
wolfSSL	0:1239e9b70ca2	1703
wolfSSL	0:1239e9b70ca2	1704
wolfSSL	0:1239e9b70ca2	1705	#if defined(__hpux__) \|\| defined(__MINGW32__)
wolfSSL	0:1239e9b70ca2	1706
wolfSSL	0:1239e9b70ca2	1707	/* HP/UX doesn't have strsep, needed by test/suites.c */
wolfSSL	0:1239e9b70ca2	1708	static INLINE char* strsep(char *stringp, const char delim)
wolfSSL	0:1239e9b70ca2	1709	{
wolfSSL	0:1239e9b70ca2	1710	char* start;
wolfSSL	0:1239e9b70ca2	1711	char* end;
wolfSSL	0:1239e9b70ca2	1712
wolfSSL	0:1239e9b70ca2	1713	start = *stringp;
wolfSSL	0:1239e9b70ca2	1714	if (start == NULL)
wolfSSL	0:1239e9b70ca2	1715	return NULL;
wolfSSL	0:1239e9b70ca2	1716
wolfSSL	0:1239e9b70ca2	1717	if ((end = strpbrk(start, delim))) {
wolfSSL	0:1239e9b70ca2	1718	*end++ = '\0';
wolfSSL	0:1239e9b70ca2	1719	*stringp = end;
wolfSSL	0:1239e9b70ca2	1720	} else {
wolfSSL	0:1239e9b70ca2	1721	*stringp = NULL;
wolfSSL	0:1239e9b70ca2	1722	}
wolfSSL	0:1239e9b70ca2	1723
wolfSSL	0:1239e9b70ca2	1724	return start;
wolfSSL	0:1239e9b70ca2	1725	}
wolfSSL	0:1239e9b70ca2	1726
wolfSSL	0:1239e9b70ca2	1727	#endif /* __hpux__ */
wolfSSL	0:1239e9b70ca2	1728
wolfSSL	0:1239e9b70ca2	1729	#endif /* CyaSSL_TEST_H */
wolfSSL	0:1239e9b70ca2	1730
wolfSSL	0:1239e9b70ca2	1731

Repository toolbox

Export to desktop IDE

Repository details

Type:	Library
Created:	14 Jan 2015
Imports:	1
Forks:	0
Commits:	5
Dependents:	0
Dependencies:	0
Followers:	2

cyassl/test.h@4:e505054279ed, 2015-01-14 (annotated)

Who changed what in which revision?

Repository toolbox

Repository details

Important Information for this Arm website

Access Warning