arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-04-21 10:26:06 +03:00
Code

fixed regular_square. Some scan-build tweaks. Made os_port.h "private".

Browse Source 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@181 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich 2010-12-29 11:49:30 +00:00
parent 7e570e3943
commit 0d2e75b9c7
16 changed files with 48 additions and 65 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
config/Config.in
View File

@ -101,12 +101,6 @@ config CONFIG_EXTRA_LDFLAGS_OPTIONS
endmenu endmenu
source ssl/Config.in source ssl/Config.in
config CONFIG_AXHTTPD
bool "Enable HTTP/HTTPS Web Server"
default y
help
Build the AXHTTPD web server
config CONFIG_AXTLSWRAP config CONFIG_AXTLSWRAP
depends on !CONFIG_PLATFORM_WIN32 depends on !CONFIG_PLATFORM_WIN32
bool "Enable axtlswrap" bool "Enable axtlswrap"
@ -115,6 +109,12 @@ config CONFIG_AXTLSWRAP
axtlswrap is similar to sslwrap - http://www.rickk.com/sslwrap. axtlswrap is similar to sslwrap - http://www.rickk.com/sslwrap.
It enables SSL for processes that don't have native SSL support. It enables SSL for processes that don't have native SSL support.
config CONFIG_AXHTTPD
bool "Enable HTTP/HTTPS Web Server"
default y
help
Build the AXHTTPD web server
source httpd/Config.in source httpd/Config.in
source bindings/Config.in source bindings/Config.in
source samples/Config.in source samples/Config.in

2
crypto/aes.c
View File

@ -168,7 +168,7 @@ static void AES_decrypt(const AES_CTX *ctx, uint32_t *data);
x^8+x^4+x^3+x+1 */ x^8+x^4+x^3+x+1 */
static unsigned char AES_xtime(uint32_t x) static unsigned char AES_xtime(uint32_t x)
{ {
return x = (x&0x80) ? (x<<1)^0x1b : x<<1; return (x&0x80) ? (x<<1)^0x1b : x<<1;
} }
/** /**

15
crypto/bigint.c
View File

@ -926,7 +926,7 @@ bigint *bi_multiply(BI_CTX *ctx, bigint *bia, bigint *bib)
/* /*
* Perform the actual square operion. It takes into account overflow. * Perform the actual square operion. It takes into account overflow.
*/ */
bigint *regular_square(BI_CTX *ctx, bigint *bi) static bigint *regular_square(BI_CTX *ctx, bigint *bi)
{ {
int t = bi->size; int t = bi->size;
int i = 0, j; int i = 0, j;
@ -939,13 +939,13 @@ bigint *regular_square(BI_CTX *ctx, bigint *bi)
do do
{ {
long_comp tmp = w[2*i] + (long_comp)x[i]*x[i]; long_comp tmp = w[2*i] + (long_comp)x[i]*x[i];
uint8_t c = 0, q = 0; uint8_t c = 0;
w[2*i] = (comp)tmp; w[2*i] = (comp)tmp;
carry = (comp)(tmp >> COMP_BIT_SIZE); carry = (comp)(tmp >> COMP_BIT_SIZE);
for (j = i+1; j < t; j++) for (j = i+1; j < t; j++)
{ {
c = q = 0; c = 0;
long_comp xx = (long_comp)x[i]*x[j]; long_comp xx = (long_comp)x[i]*x[j];
if (COMP_MAX-xx < xx) if (COMP_MAX-xx < xx)
c = 1; c = 1;
@ -958,7 +958,7 @@ bigint *regular_square(BI_CTX *ctx, bigint *bi)
tmp += w[i+j]; tmp += w[i+j];
if (COMP_MAX-tmp < carry) if (COMP_MAX-tmp < carry)
c = q = 1; c = 1;
tmp += carry; tmp += carry;
w[i+j] = (comp)tmp; w[i+j] = (comp)tmp;
@ -968,10 +968,9 @@ bigint *regular_square(BI_CTX *ctx, bigint *bi)
carry += COMP_RADIX; carry += COMP_RADIX;
} }
w[i+t] += carry; tmp = carry + w[i+t];
w[i+t] = (comp)tmp;
if (c && !q) w[i+t+1] = tmp >> COMP_BIT_SIZE;
w[i+t+1] = 1; /* add carry */
} while (++i < t); } while (++i < t);
bi_free(ctx, bi); bi_free(ctx, bi);

2
samples/c/axssl.c
View File

@ -310,7 +310,6 @@ static void do_server(int argc, char *argv[])
if ((client_fd = accept(server_fd, if ((client_fd = accept(server_fd,
(struct sockaddr *)&client_addr, &client_len)) < 0) (struct sockaddr *)&client_addr, &client_len)) < 0)
{ {
res = 1;
break; break;
} }
@ -683,7 +682,6 @@ static void do_client(int argc, char *argv[])
for (;;) for (;;)
{ {
uint8_t buf[1024]; uint8_t buf[1024];
res = SSL_OK;
/* allow parallel reading of server and standard input */ /* allow parallel reading of server and standard input */
FD_SET(client_fd, &read_set); FD_SET(client_fd, &read_set);

2
ssl/BigIntConfig.in
View File

@ -8,7 +8,7 @@ menu "BigInt Options"
choice choice
prompt "Reduction Algorithm" prompt "Reduction Algorithm"
default CONFIG_BIGINT_MONTGOMERY default CONFIG_BIGINT_CLASSICAL
config CONFIG_BIGINT_CLASSICAL config CONFIG_BIGINT_CLASSICAL
bool "Classical" bool "Classical"

1
ssl/gen_cert.c
View File

@ -33,6 +33,7 @@
#ifdef CONFIG_SSL_GENERATE_X509_CERT #ifdef CONFIG_SSL_GENERATE_X509_CERT
#include <string.h> #include <string.h>
#include <stdlib.h> #include <stdlib.h>
#include "os_port.h"
#include "ssl.h" #include "ssl.h"
/** /**

4
ssl/loader.c
View File

@ -41,7 +41,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <stdio.h> #include <stdio.h>
#include "os_port.h"
#include "ssl.h" #include "ssl.h"
static int do_obj(SSL_CTX *ssl_ctx, int obj_type, static int do_obj(SSL_CTX *ssl_ctx, int obj_type,
@ -77,7 +77,7 @@ EXP_FUNC int STDCALL ssl_obj_load(SSL_CTX *ssl_ctx, int obj_type,
} }
/* is the file a PEM file? */ /* is the file a PEM file? */
if (strncmp((char *)ssl_obj->buf, begin, strlen(begin)) == 0) if (strstr((char *)ssl_obj->buf, begin) != NULL)
{ {
#ifdef CONFIG_SSL_HAS_PEM #ifdef CONFIG_SSL_HAS_PEM
ret = ssl_obj_PEM_load(ssl_ctx, obj_type, ssl_obj, password); ret = ssl_obj_PEM_load(ssl_ctx, obj_type, ssl_obj, password);

1
ssl/openssl.c
View File

@ -42,6 +42,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <stdarg.h> #include <stdarg.h>
#include "os_port.h"
#include "ssl.h" #include "ssl.h"
#define OPENSSL_CTX_ATTR ((OPENSSL_CTX *)ssl_ctx->bonus_attr) #define OPENSSL_CTX_ATTR ((OPENSSL_CTX *)ssl_ctx->bonus_attr)

15
ssl/p12.c
View File

@ -62,7 +62,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <stdio.h> #include <stdio.h>
#include "os_port.h"
#include "ssl.h" #include "ssl.h"
/* all commented out if not used */ /* all commented out if not used */
@ -233,15 +233,14 @@ static int p8_decrypt(const char *uni_pass, int uni_pass_len,
int pkcs12_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password) int pkcs12_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password)
{ {
uint8_t *buf = ssl_obj->buf; uint8_t *buf = ssl_obj->buf;
int all_ok = 0, len, iterations, auth_safes_start, int len, iterations, auth_safes_start,
auth_safes_end, auth_safes_len, key_offset, offset = 0; auth_safes_end, auth_safes_len, key_offset, offset = 0;
int all_certs = 0; int all_certs = 0;
uint8_t *version = NULL, *auth_safes = NULL, *cert, *orig_mac; uint8_t *version = NULL, *auth_safes = NULL, *cert, *orig_mac;
uint8_t key[SHA1_SIZE]; uint8_t key[SHA1_SIZE];
uint8_t mac[SHA1_SIZE]; uint8_t mac[SHA1_SIZE];
const uint8_t *salt; const uint8_t *salt;
int uni_pass_len, ret; int uni_pass_len, ret = SSL_OK;
int error_code = SSL_ERROR_NOT_SUPPORTED;
char *uni_pass = make_uni_pass(password, &uni_pass_len); char *uni_pass = make_uni_pass(password, &uni_pass_len);
static const uint8_t pkcs_data[] = /* pkc7 data */ static const uint8_t pkcs_data[] = /* pkc7 data */
{ 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01 }; { 0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01 };
@ -260,7 +259,7 @@ int pkcs12_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password)
if (asn1_get_int(buf, &offset, &version) < 0 || *version != 3) if (asn1_get_int(buf, &offset, &version) < 0 || *version != 3)
{ {
error_code = SSL_ERROR_INVALID_VERSION; ret = SSL_ERROR_INVALID_VERSION;
goto error; goto error;
} }
@ -414,17 +413,15 @@ int pkcs12_decode(SSL_CTX *ssl_ctx, SSLObjLoader *ssl_obj, const char *password)
if (memcmp(mac, orig_mac, SHA1_SIZE)) if (memcmp(mac, orig_mac, SHA1_SIZE))
{ {
error_code = SSL_ERROR_INVALID_HMAC; ret = SSL_ERROR_INVALID_HMAC;
goto error; goto error;
} }
all_ok = 1;
error: error:
free(version); free(version);
free(uni_pass); free(uni_pass);
free(auth_safes); free(auth_safes);
return all_ok ? SSL_OK : error_code; return ret;
} }
/* /*

1
ssl/test/killopenssl.sh
View File

@ -1,3 +1,2 @@
#!/bin/sh #!/bin/sh
ps -ef|grep openssl | /usr/bin/awk '{print $2}' |xargs kill -9 ps -ef|grep openssl | /usr/bin/awk '{print $2}' |xargs kill -9
sleep 1

31
ssl/test/ssltest.c
View File

@ -66,7 +66,6 @@ static int g_port = 19001;
#define TEST1_SIZE 16 #define TEST1_SIZE 16
#define TEST2_SIZE 32 #define TEST2_SIZE 32
#if 0
static int AES_test(BI_CTX *bi_ctx) static int AES_test(BI_CTX *bi_ctx)
{ {
AES_CTX aes_key; AES_CTX aes_key;
@ -420,7 +419,6 @@ static int HMAC_test(BI_CTX *bi_ctx)
end: end:
return res; return res;
} }
#endif
/************************************************************************** /**************************************************************************
* BIGINT tests * BIGINT tests
@ -472,36 +470,21 @@ static int BIGINT_test(BI_CTX *ctx)
* Multiply with psssible carry issue (8 bit) * Multiply with psssible carry issue (8 bit)
*/ */
{ {
int i; bigint *bi_x = bi_str_import(ctx,
bigint *bi_x = bi_str_import(
ctx,
"AFD5060E224B70DA99EFB385BA5C0D2BEA0AD1DAAA52686E1A02D677BC65C1DA7A496BBDCC02999E8814F10AFC4B8E0DD4E6687E0762CE717A5EA1E452B5C56065C8431F0FB9D23CFF3A4B4149798C0670AF7F9565A0EAE5CF1AB16A1F0C3DD5E485DC5ABB96EBE0B6778A15B7302CBCE358E4BF2E2E30932758AC6EFA9F5828"); "AFD5060E224B70DA99EFB385BA5C0D2BEA0AD1DAAA52686E1A02D677BC65C1DA7A496BBDCC02999E8814F10AFC4B8E0DD4E6687E0762CE717A5EA1E452B5C56065C8431F0FB9D23CFF3A4B4149798C0670AF7F9565A0EAE5CF1AB16A1F0C3DD5E485DC5ABB96EBE0B6778A15B7302CBCE358E4BF2E2E30932758AC6EFA9F5828");
uint8_t exp_sqr_result[bi_x->size*2];
uint8_t exp_mlt_result[bi_x->size*2];
bigint *arg2 = bi_clone(ctx, bi_x); bigint *arg2 = bi_clone(ctx, bi_x);
bigint *arg3 = bi_clone(ctx, bi_x); bigint *arg3 = bi_clone(ctx, bi_x);
bigint *sqr_result = bi_square(ctx, bi_x); bigint *sqr_result = bi_square(ctx, bi_x);
bigint *mlt_result = bi_multiply(ctx, arg2, arg3); bigint *mlt_result = bi_multiply(ctx, arg2, arg3);
//bi_print("SQR_RESULT", sqr_result);
//bi_print("MLT_RESULT", mlt_result);
if (bi_compare(sqr_result, mlt_result) != 0) if (bi_compare(sqr_result, mlt_result) != 0)
{ {
bi_export(ctx, sqr_result, exp_sqr_result, sizeof(exp_sqr_result)); bi_print("SQR_RESULT", sqr_result);
bi_export(ctx, mlt_result, exp_mlt_result, sizeof(exp_mlt_result)); bi_print("MLT_RESULT", mlt_result);
bi_free(ctx, sqr_result); bi_free(ctx, sqr_result);
bi_free(ctx, mlt_result); bi_free(ctx, mlt_result);
for (i = 0; i < sizeof(exp_sqr_result); i++)
{
if (exp_sqr_result[i] != exp_mlt_result[i])
{
printf("Error: SQUARE failed %d %02x %02x\n", i,
exp_sqr_result[i], exp_mlt_result[i]);
goto end; goto end;
} }
}
}
bi_free(ctx, sqr_result); bi_free(ctx, sqr_result);
bi_free(ctx, mlt_result); bi_free(ctx, mlt_result);
@ -1203,6 +1186,7 @@ int SSL_server_tests(void)
NULL, "abcd", DEFAULT_SVR_OPTION))) NULL, "abcd", DEFAULT_SVR_OPTION)))
goto cleanup; goto cleanup;
//#if 0
/* /*
* AES128 Encrypted invalid key * AES128 Encrypted invalid key
*/ */
@ -1215,6 +1199,7 @@ int SSL_server_tests(void)
printf("SSL server test \"%s\" passed\n", "AES128 encrypted invalid key"); printf("SSL server test \"%s\" passed\n", "AES128 encrypted invalid key");
TTY_FLUSH(); TTY_FLUSH();
//#endif
/* /*
* PKCS#8 key (encrypted) * PKCS#8 key (encrypted)
@ -1328,7 +1313,7 @@ static int SSL_client_test(
#endif #endif
} }
usleep(500000); /* allow server to start */ sleep(5); /* allow server to start */
if (*ssl_ctx == NULL) if (*ssl_ctx == NULL)
{ {
@ -1590,6 +1575,7 @@ cleanup:
{ {
ssl_display_error(ret); ssl_display_error(ret);
printf("Error: A client test failed\n"); printf("Error: A client test failed\n");
system("sh ../ssl/test/killopenssl.sh");
exit(1); exit(1);
} }
else else
@ -1685,7 +1671,6 @@ static int SSL_basic_test(void)
if (size < SSL_OK) /* got some alert or something nasty */ if (size < SSL_OK) /* got some alert or something nasty */
{ {
printf("Server ");
ssl_display_error(size); ssl_display_error(size);
ret = size; ret = size;
break; break;
@ -1958,7 +1943,6 @@ int main(int argc, char *argv[])
bi_ctx = bi_initialize(); bi_ctx = bi_initialize();
#if 0
if (AES_test(bi_ctx)) if (AES_test(bi_ctx))
{ {
printf("AES tests failed\n"); printf("AES tests failed\n");
@ -1993,7 +1977,6 @@ int main(int argc, char *argv[])
goto cleanup; goto cleanup;
} }
TTY_FLUSH(); TTY_FLUSH();
#endif
if (BIGINT_test(bi_ctx)) if (BIGINT_test(bi_ctx))
{ {

5
ssl/tls1.c
View File

@ -36,6 +36,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <stdio.h> #include <stdio.h>
#include <stdarg.h> #include <stdarg.h>
#include "os_port.h"
#include "ssl.h" #include "ssl.h"
/* The session expiry time */ /* The session expiry time */
@ -1635,9 +1636,13 @@ SSL_SESSION *ssl_session_update(int max_sessions, SSL_SESSION *ssl_sessions[],
} }
/* ok, we've used up all of our sessions. So blow the oldest session away */ /* ok, we've used up all of our sessions. So blow the oldest session away */
if (oldest_sess != NULL)
{
oldest_sess->conn_time = tm; oldest_sess->conn_time = tm;
memset(oldest_sess->session_id, 0, sizeof(SSL_SESSION_ID_SIZE)); memset(oldest_sess->session_id, 0, sizeof(SSL_SESSION_ID_SIZE));
memset(oldest_sess->master_secret, 0, sizeof(SSL_SECRET_SIZE)); memset(oldest_sess->master_secret, 0, sizeof(SSL_SECRET_SIZE));
}
SSL_CTX_UNLOCK(ssl->ssl_ctx->mutex); SSL_CTX_UNLOCK(ssl->ssl_ctx->mutex);
return oldest_sess; return oldest_sess;
} }

1
ssl/tls1.h
View File

@ -42,7 +42,6 @@ extern "C" {
#include "version.h" #include "version.h"
#include "crypto.h" #include "crypto.h"
#include "os_port.h"
#include "crypto_misc.h" #include "crypto_misc.h"
#define SSL_RANDOM_SIZE 32 #define SSL_RANDOM_SIZE 32

4
ssl/tls1_clnt.c
View File

@ -32,7 +32,7 @@
#include <string.h> #include <string.h>
#include <time.h> #include <time.h>
#include <stdio.h> #include <stdio.h>
#include "os_port.h"
#include "ssl.h" #include "ssl.h"
#ifdef CONFIG_SSL_ENABLE_CLIENT /* all commented out if no client */ #ifdef CONFIG_SSL_ENABLE_CLIENT /* all commented out if no client */
@ -79,7 +79,7 @@ EXP_FUNC SSL * STDCALL ssl_client_new(SSL_CTX *ssl_ctx, int client_fd, const
*/ */
int do_clnt_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len) int do_clnt_handshake(SSL *ssl, int handshake_type, uint8_t *buf, int hs_len)
{ {
int ret = SSL_OK; int ret;
/* To get here the state must be valid */ /* To get here the state must be valid */
switch (handshake_type) switch (handshake_type)

5
ssl/tls1_svr.c
View File

@ -31,7 +31,7 @@
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
#include <stdio.h> #include <stdio.h>
#include "os_port.h"
#include "ssl.h" #include "ssl.h"
static const uint8_t g_hello_done[] = { HS_SERVER_HELLO_DONE, 0, 0, 0 }; static const uint8_t g_hello_done[] = { HS_SERVER_HELLO_DONE, 0, 0, 0 };
@ -416,8 +416,9 @@ static int process_client_key_xchg(SSL *ssl)
#else #else
ssl->next_state = HS_FINISHED; ssl->next_state = HS_FINISHED;
#endif #endif
error:
ssl->dc->bm_proc_index += rsa_ctx->num_octets+offset; ssl->dc->bm_proc_index += rsa_ctx->num_octets+offset;
error:
return ret; return ret;
} }

2
www/index.html
View File

File diff suppressed because one or more lines are too long