arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-06-12 01:53:07 +03:00
Code Activity

new trunk

Browse Source 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@78 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich
2007-03-14 12:03:51 +00:00
parent 974cf12924
commit 73dfbb7568
177 changed files with 46362 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

89
bindings/Config.in Normal file
View File

@ -0,0 +1,89 @@
#
# For a description of the syntax of this configuration file,
# see scripts/config/Kconfig-language.txt
#
menu "Language Bindings"
config CONFIG_BINDINGS
bool "Create language bindings"
default n
help
axTLS supports language bindings in C#, VB.NET, Java and Perl.
Select Y here if you want to build the various language bindings.
config CONFIG_CSHARP_BINDINGS
bool "Create C# bindings"
default n
depends on CONFIG_BINDINGS
help
Build C# bindings.
This requires .NET to be installed on Win32 platforms and mono to be
installed on all other platforms.
config CONFIG_VBNET_BINDINGS
bool "Create VB.NET bindings"
default n
depends on CONFIG_BINDINGS
help
Build VB.NET bindings.
This requires the .NET to be installed and is only built under Win32
platforms.
menu ".Net Framework"
depends on CONFIG_CSHARP_BINDINGS || CONFIG_VBNET_BINDINGS
config CONFIG_DOT_NET_FRAMEWORK_BASE
string "Location of .NET Framework"
default "c:\\WINDOWS\\Microsoft.NET\\Framework\\v2.0.50727"
endmenu
config CONFIG_JAVA_BINDINGS
bool "Create Java bindings"
default n
depends on CONFIG_BINDINGS
help
Build Java bindings.
Current Issues (see README):
* Needs Java 1.4 or better.
* If building under Win32 it will use the Win32 JDK.
menu "Java Home"
depends on CONFIG_JAVA_BINDINGS
config CONFIG_JAVA_HOME
string "Location of JDK"
default "c:\\Program Files\\Java\\jdk1.5.0_06" if CONFIG_PLATFORM_WIN32 || CONFIG_PLATFORM_CYGWIN
default "/usr/local/jdk142" if !CONFIG_PLATFORM_WIN32 && !CONFIG_PLATFORM_CYGWIN
depends on CONFIG_JAVA_BINDINGS
help
The location of Sun's JDK.
endmenu
config CONFIG_PERL_BINDINGS
bool "Create Perl bindings"
default n
depends on CONFIG_BINDINGS
help
Build Perl bindings.
Current Issues (see README):
* 64 bit versions don't work at present.
* libperl.so needs to be in the shared library path.
menu "Perl Home"
depends on CONFIG_PERL_BINDINGS && CONFIG_PLATFORM_WIN32
config CONFIG_PERL_CORE
string "Location of Perl CORE"
default "c:\\perl\\lib\\CORE"
help:
works with ActiveState
"http://www.activestate.com/Products/ActivePerl"
config CONFIG_PERL_LIB
string "Name of Perl Library"
default "perl58.lib"
endmenu
endmenu

63
bindings/Makefile Normal file
View File

@ -0,0 +1,63 @@
#
# Copyright(C) 2006 Cameron Rich
#
# This library is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this library; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
all:
include ../config/.config
include ../config/makefile.conf
ifdef CONFIG_CSHARP_BINDINGS
all: csharp/axInterface.cs
endif
ifdef CONFIG_VBNET_BINDINGS
all: vbnet/axInterface.vb
endif
ifdef CONFIG_JAVA_BINDINGS
all: java/axtlsj.java
endif
ifdef CONFIG_PERL_BINDINGS
all: perl/axTLSp_wrap.c
endif
csharp/axInterface.cs: ../ssl/ssl.h
@perl ./generate_interface.pl -csharp
vbnet/axInterface.vb: ../ssl/ssl.h
@perl ./generate_interface.pl -vbnet
java/axTLSj.i: ../ssl/ssl.h
@perl ./generate_SWIG_interface.pl -java
java/axtlsj.java: java/axTLSj.i $(wildcard java/SSL*.java)
@cd java; swig -java -package axTLSj axTLSj.i; $(MAKE)
perl/axTLSp.i: ../ssl/ssl.h
@perl ./generate_SWIG_interface.pl -perl
perl/axTLSp_wrap.c: perl/axTLSp.i
@cd perl; swig -perl5 axTLSp.i; $(MAKE)
clean::
$(MAKE) -C csharp clean
$(MAKE) -C vbnet clean
$(MAKE) -C java clean
$(MAKE) -C perl clean

43
bindings/README Normal file
View File

@ -0,0 +1,43 @@
===============================================================================
= Language Bindings =
===============================================================================
The tools to generate the various language bindings are done here.
SWIG 1.3.24 or better is required for creating the Java and Perl bindings.
Perl scripts are used to parse ssl.h and automagically give the appropriate
bindings.
At present, the four languages supported are:
* C#
* VB.NET
* Java
* Perl
To generate each binding run the following:
C#:
> generate_interface.pl -csharp
VB.NET:
> generate_interface.pl -vbnet
Java:
> generate_SWIG_interface.pl -java
> cd java; swig -java -package axTLSj -noextern axTLSj.i
Perl:
> generate_SWIG_interface.pl -perl
> cd perl; swig -noextern -perl axTLSp.i
Java and Perl both create a library each called libaxtlsj.so and libaxtlsp.so
(or axtlsj.dll and atlsp.dll on Win32 platforms).
Note: the "-noextern" is deprecated in swig 1.3.27 and newer. The "-noextern"
option was required to get Win32 bindings to work (which is why is has probably
been deprecated).
Each binding (except for Perl) has an extra helper interface to make life
easier.

23
bindings/csharp/Makefile Normal file
View File

@ -0,0 +1,23 @@
#
# Copyright(C) 2006 Cameron Rich
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
include ../../config/.config
include ../../config/makefile.conf
clean::
@rm -f axssl* axInterface.cs

477
bindings/csharp/axTLS.cs Normal file
View File

@ -0,0 +1,477 @@
/*
* Copyright(C) 2006 Cameron Rich
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/**
* A wrapper around the unmanaged interface to give a semi-decent C# API
*/
using System;
using System.Runtime.InteropServices;
using System.Net.Sockets;
/**
* @defgroup csharp_api C# API.
*
* Ensure that the appropriate Dispose() methods are called when finished with
* various objects - otherwise memory leaks will result.
* @{
*/
namespace axTLS
{
/**
* @class SSL
* @ingroup csharp_api
* @brief A representation of an SSL connection.
*/
public class SSL
{
public IntPtr m_ssl; /**< A pointer to the real SSL type */
/**
* @brief Store the reference to an SSL context.
* @param ip [in] A reference to an SSL object.
*/
public SSL(IntPtr ip)
{
m_ssl = ip;
}
/**
* @brief Free any used resources on this connection.
*
* A "Close Notify" message is sent on this connection (if possible).
* It is up to the application to close the socket.
*/
public void Dispose()
{
axtls.ssl_free(m_ssl);
}
/**
* @brief Return the result of a handshake.
* @return SSL_OK if the handshake is complete and ok.
* @see ssl.h for the error code list.
*/
public int HandshakeStatus()
{
return axtls.ssl_handshake_status(m_ssl);
}
/**
* @brief Return the SSL cipher id.
* @return The cipher id which is one of:
* - SSL_AES128_SHA (0x2f)
* - SSL_AES256_SHA (0x35)
* - SSL_RC4_128_SHA (0x05)
* - SSL_RC4_128_MD5 (0x04)
*/
public byte GetCipherId()
{
return axtls.ssl_get_cipher_id(m_ssl);
}
/**
* @brief Get the session id for a handshake.
*
* This will be a 32 byte sequence and is available after the first
* handshaking messages are sent.
* @return The session id as a 32 byte sequence.
* @note A SSLv23 handshake may have only 16 valid bytes.
*/
public byte[] GetSessionId()
{
byte[] result = new byte[axtls.SSL_SESSION_ID_SIZE];
IntPtr ptr = axtls.ssl_get_session_id(m_ssl);
Marshal.Copy(ptr, result, 0, axtls.SSL_SESSION_ID_SIZE);
return result;
}
/**
* @brief Retrieve an X.509 distinguished name component.
*
* When a handshake is complete and a certificate has been exchanged,
* then the details of the remote certificate can be retrieved.
*
* This will usually be used by a client to check that the server's
* common name matches the URL.
*
* A full handshake needs to occur for this call to work.
*
* @param component [in] one of:
* - SSL_X509_CERT_COMMON_NAME
* - SSL_X509_CERT_ORGANIZATION
* - SSL_X509_CERT_ORGANIZATIONAL_NAME
* - SSL_X509_CA_CERT_COMMON_NAME
* - SSL_X509_CA_CERT_ORGANIZATION
* - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME
* @return The appropriate string (or null if not defined)
*/
public string GetCertificateDN(int component)
{
return axtls.ssl_get_cert_dn(m_ssl, component);
}
}
/**
* @class SSLUtil
* @ingroup csharp_api
* @brief Some global helper functions.
*/
public class SSLUtil
{
/**
* @brief Return the build mode of the axTLS project.
* @return The build mode is one of:
* - SSL_BUILD_SERVER_ONLY
* - SSL_BUILD_ENABLE_VERIFICATION
* - SSL_BUILD_ENABLE_CLIENT
* - SSL_BUILD_FULL_MODE
*/
public static int BuildMode()
{
return axtls.ssl_get_config(axtls.SSL_BUILD_MODE);
}
/**
* @brief Return the number of chained certificates that the
* client/server supports.
* @return The number of supported server certificates.
*/
public static int MaxCerts()
{
return axtls.ssl_get_config(axtls.SSL_MAX_CERT_CFG_OFFSET);
}
/**
* @brief Return the number of CA certificates that the client/server
* supports.
* @return The number of supported CA certificates.
*/
public static int MaxCACerts()
{
return axtls.ssl_get_config(axtls.SSL_MAX_CA_CERT_CFG_OFFSET);
}
/**
* @brief Indicate if PEM is supported.
* @return true if PEM supported.
*/
public static bool HasPEM()
{
return axtls.ssl_get_config(axtls.SSL_HAS_PEM) > 0 ? true : false;
}
/**
* @brief Display the text string of the error.
* @param error_code [in] The integer error code.
*/
public static void DisplayError(int error_code)
{
axtls.ssl_display_error(error_code);
}
/**
* @brief Return the version of the axTLS project.
*/
public static string Version()
{
return axtls.ssl_version();
}
}
/**
* @class SSLCTX
* @ingroup csharp_api
* @brief A base object for SSLServer/SSLClient.
*/
public class SSLCTX
{
/**
* @brief A reference to the real client/server context.
*/
protected IntPtr m_ctx;
/**
* @brief Establish a new client/server context.
*
* This function is called before any client/server SSL connections are
* made. If multiple threads are used, then each thread will have its
* own SSLCTX context. Any number of connections may be made with a
* single context.
*
* Each new connection will use the this context's private key and
* certificate chain. If a different certificate chain is required,
* then a different context needs to be be used.
*
* @param options [in] Any particular options. At present the options
* supported are:
* - SSL_SERVER_VERIFY_LATER (client only): Don't stop a handshake if
* the server authentication fails. The certificate can be
* authenticated later with a call to VerifyCert().
* - SSL_CLIENT_AUTHENTICATION (server only): Enforce client
* authentication i.e. each handshake will include a "certificate
* request" message from the server.
* - SSL_NO_DEFAULT_KEY: Don't use the default key/certificate. The
* user will load the key/certificate explicitly.
* - SSL_DISPLAY_BYTES (full mode build only): Display the byte
* sequences during the handshake.
* - SSL_DISPLAY_STATES (full mode build only): Display the state
* changes during the handshake.
* - SSL_DISPLAY_CERTS (full mode build only): Display the
* certificates that are passed during a handshake.
* - SSL_DISPLAY_RSA (full mode build only): Display the RSA key
* details that are passed during a handshake.
* @param num_sessions [in] The number of sessions to be used for
* session caching. If this value is 0, then there is no session
* caching.
* @return A client/server context.
*/
protected SSLCTX(uint options, int num_sessions)
{
m_ctx = axtls.ssl_ctx_new(options, num_sessions);
}
/**
* @brief Remove a client/server context.
*
* Frees any used resources used by this context. Each connection will
* be sent a "Close Notify" alert (if possible).
*/
public void Dispose()
{
axtls.ssl_ctx_free(m_ctx);
}
/**
* @brief Read the SSL data stream.
* @param ssl [in] An SSL object reference.
* @param in_data [out] After a successful read, the decrypted data
* will be here. It will be null otherwise.
* @return The number of decrypted bytes:
* - if > 0, then the handshaking is complete and we are returning the
* number of decrypted bytes.
* - SSL_OK if the handshaking stage is successful (but not yet
* complete).
* - < 0 if an error.
* @see ssl.h for the error code list.
* @note Use in_data before doing any successive ssl calls.
*/
public int Read(SSL ssl, out byte[] in_data)
{
IntPtr ptr = IntPtr.Zero;
int ret = axtls.ssl_read(ssl.m_ssl, ref ptr);
if (ret > axtls.SSL_OK)
{
in_data = new byte[ret];
Marshal.Copy(ptr, in_data, 0, ret);
}
else
{
in_data = null;
}
return ret;
}
/**
* @brief Write to the SSL data stream.
* @param ssl [in] An SSL obect reference.
* @param out_data [in] The data to be written
* @return The number of bytes sent, or if < 0 if an error.
* @see ssl.h for the error code list.
*/
public int Write(SSL ssl, byte[] out_data)
{
return axtls.ssl_write(ssl.m_ssl, out_data, out_data.Length);
}
/**
* @brief Write to the SSL data stream.
* @param ssl [in] An SSL obect reference.
* @param out_data [in] The data to be written
* @param out_len [in] The number of bytes to be written
* @return The number of bytes sent, or if < 0 if an error.
* @see ssl.h for the error code list.
*/
public int Write(SSL ssl, byte[] out_data, int out_len)
{
return axtls.ssl_write(ssl.m_ssl, out_data, out_len);
}
/**
* @brief Find an ssl object based on a Socket reference.
*
* Goes through the list of SSL objects maintained in a client/server
* context to look for a socket match.
* @param s [in] A reference to a <A HREF="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemnetsocketssocketclasstopic.asp">Socket</A> object.
* @return A reference to the SSL object. Returns null if the object
* could not be found.
*/
public SSL Find(Socket s)
{
int client_fd = s.Handle.ToInt32();
return new SSL(axtls. ssl_find(m_ctx, client_fd));
}
/**
* @brief Authenticate a received certificate.
*
* This call is usually made by a client after a handshake is complete
* and the context is in SSL_SERVER_VERIFY_LATER mode.
* @param ssl [in] An SSL object reference.
* @return SSL_OK if the certificate is verified.
*/
public int VerifyCert(SSL ssl)
{
return axtls.ssl_verify_cert(ssl.m_ssl);
}
/**
* @brief Force the client to perform its handshake again.
*
* For a client this involves sending another "client hello" message.
* For the server is means sending a "hello request" message.
*
* This is a blocking call on the client (until the handshake
* completes).
* @param ssl [in] An SSL object reference.
* @return SSL_OK if renegotiation instantiation was ok
*/
public int Renegotiate(SSL ssl)
{
return axtls.ssl_renegotiate(ssl.m_ssl);
}
/**
* @brief Load a file into memory that is in binary DER or ASCII PEM
* format.
*
* These are temporary objects that are used to load private keys,
* certificates etc into memory.
* @param obj_type [in] The format of the file. Can be one of:
* - SSL_OBJ_X509_CERT (no password required)
* - SSL_OBJ_X509_CACERT (no password required)
* - SSL_OBJ_RSA_KEY (AES128/AES256 PEM encryption supported)
* - SSL_OBJ_P8 (RC4-128 encrypted data supported)
* - SSL_OBJ_P12 (RC4-128 encrypted data supported)
*
* PEM files are automatically detected (if supported).
* @param filename [in] The location of a file in DER/PEM format.
* @param password [in] The password used. Can be null if not required.
* @return SSL_OK if all ok
*/
public int ObjLoad(int obj_type, string filename, string password)
{
return axtls.ssl_obj_load(m_ctx, obj_type, filename, password);
}
/**
* @brief Transfer binary data into the object loader.
*
* These are temporary objects that are used to load private keys,
* certificates etc into memory.
* @param obj_type [in] The format of the memory data.
* @param data [in] The binary data to be loaded.
* @param len [in] The amount of data to be loaded.
* @param password [in] The password used. Can be null if not required.
* @return SSL_OK if all ok
*/
public int ObjLoad(int obj_type, byte[] data, int len, string password)
{
return axtls.ssl_obj_memory_load(m_ctx, obj_type,
data, len, password);
}
}
/**
* @class SSLServer
* @ingroup csharp_api
* @brief The server context.
*
* All server connections are started within a server context.
*/
public class SSLServer : SSLCTX
{
/**
* @brief Start a new server context.
*
* @see SSLCTX for details.
*/
public SSLServer(uint options, int num_sessions) :
base(options, num_sessions) {}
/**
* @brief Establish a new SSL connection to an SSL client.
*
* It is up to the application to establish the initial socket
* connection.
*
* Call Dispose() when the connection is to be removed.
* @param s [in] A reference to a <A HREF="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemnetsocketssocketclasstopic.asp">Socket</A> object.
* @return An SSL object reference.
*/
public SSL Connect(Socket s)
{
int client_fd = s.Handle.ToInt32();
return new SSL(axtls.ssl_server_new(m_ctx, client_fd));
}
}
/**
* @class SSLClient
* @ingroup csharp_api
* @brief The client context.
*
* All client connections are started within a client context.
*/
public class SSLClient : SSLCTX
{
/**
* @brief Start a new client context.
*
* @see SSLCTX for details.
*/
public SSLClient(uint options, int num_sessions) :
base(options, num_sessions) {}
/**
* @brief Establish a new SSL connection to an SSL server.
*
* It is up to the application to establish the initial socket
* connection.
*
* This is a blocking call - it will finish when the handshake is
* complete (or has failed).
*
* Call Dispose() when the connection is to be removed.
* @param s [in] A reference to a <A HREF="http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cpref/html/frlrfsystemnetsocketssocketclasstopic.asp">Socket</A> object.
* @param session_id [in] A 32 byte session id for session resumption.
* This can be null if no session resumption is not required.
* @return An SSL object reference. Use SSL.handshakeStatus() to check
* if a handshake succeeded.
*/
public SSL Connect(Socket s, byte[] session_id)
{
int client_fd = s.Handle.ToInt32();
return new SSL(axtls. ssl_client_new(m_ctx, client_fd, session_id));
}
}
}
/** @} */

328
bindings/generate_SWIG_interface.pl Executable file
View File

@ -0,0 +1,328 @@
#!/usr/bin/perl
#
# Copyright(C) 2006 Cameron Rich
#
# This library is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this library; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
#===============================================================
# Transforms function signature into SWIG format
sub transformSignature
{
foreach $item (@_)
{
$line =~ s/STDCALL //g;
$line =~ s/EXP_FUNC/extern/g;
# make API Java more 'byte' friendly
$line =~ s/uint32_t/int/g;
$line =~ s/const uint8_t \* /const unsigned char \* /g;
$line =~ s/\(void\)/()/g;
if ($ARGV[0] eq "-java")
{
$line =~ s/.*ssl_read.*//g;
$line =~ s/const uint8_t \*(\w+)/const signed char $1\[\]/g;
$line =~ s/uint8_t/signed char/g;
}
else
{
$line =~ s/const uint8_t \*(\w+)/const unsigned char $1\[\]/g;
$line =~ s/uint8_t/unsigned char/g;
}
}
return $line;
}
# Parse input file
sub parseFile
{
foreach $line (@_)
{
# test for a #define
if (!$skip && $line =~ m/^#define/)
{
$splitDefine = 1 if $line =~ m/\\$/;
print DATA_OUT $line;
# check line is not split
next if $splitDefine == 1;
}
# pick up second line of #define statement
if ($splitDefine)
{
print DATA_OUT $line;
# check line is not split
$splitDefine = ($line =~ m/\\$/);
next;
}
# test for function declaration
if (!$skip && $line =~ /EXP_FUNC/ && $line !~/\/\*/)
{
$line = transformSignature($line);
$splitFunctionDeclaration = $line !~ /;/;
print DATA_OUT $line;
next;
}
if ($splitFunctionDeclaration)
{
$line = transformSignature($line);
$splitFunctionDeclaration = $line !~ /;/;
print DATA_OUT $line;
next;
}
}
}
#===============================================================
# Determine which module to build from cammand-line options
use strict;
use Getopt::Std;
my $module;
my $interfaceFile;
my $data_file;
my $skip;
my $splitLine;
my @raw_data;
if (not defined $ARGV[0])
{
goto ouch;
}
if ($ARGV[0] eq "-java")
{
print "Generating Java interface file\n";
$module = "axtlsj";
$interfaceFile = "java/axTLSj.i";
}
elsif ($ARGV[0] eq "-perl")
{
print "Generating Perl interface file\n";
$module = "axtlsp";
$interfaceFile = "perl/axTLSp.i";
}
else
{
ouch:
die "Usage: $0 [-java | -perl]\n";
}
# Input file required to generate SWIG interface file.
$data_file = "../ssl/ssl.h";
# Open input files
open(DATA_IN, $data_file) || die("Could not open file ($data_file)!");
@raw_data = <DATA_IN>;
# Open output file
open(DATA_OUT, ">$interfaceFile") || die("Cannot Open File");
#
# I wish I could say it was easy to generate the Perl/Java bindings, but each
# had their own set of challenges... :-(.
#
print DATA_OUT << "END";
%module $module\n
/* include our own header */
%inline %{
#include "ssl.h"
%}
%include "typemaps.i"
/* Some SWIG magic to make the API a bit more Java friendly */
#ifdef SWIGJAVA
%apply long { SSL * };
%apply long { SSL_CTX * };
%apply long { SSLObjLoader * };
/* allow "unsigned char []" to become "byte[]" */
%include "arrays_java.i"
/* convert these pointers to use long */
%apply signed char[] {unsigned char *};
%apply signed char[] {signed char *};
/* allow ssl_get_session_id() to return "byte[]" */
%typemap(out) unsigned char * ssl_get_session_id \"if (result) jresult = SWIG_JavaArrayOutSchar(jenv, result, SSL_SESSION_ID_SIZE);\"
/* allow ssl_client_new() to have a null session_id input */
%typemap(in) const signed char session_id[] (jbyte *jarr) {
if (jarg3 == NULL)
{
jresult = (jint)ssl_client_new(arg1,arg2,NULL);
return jresult;
}
if (!SWIG_JavaArrayInSchar(jenv, &jarr, &arg3, jarg3)) return 0;
}
/* Lot's of work required for an ssl_read() due to its various custom
* requirements.
*/
%native (ssl_read) int ssl_read(SSL *ssl, jobject in_data);
%{
JNIEXPORT jint JNICALL Java_axTLSj_axtlsjJNI_ssl_1read(JNIEnv *jenv, jclass jcls, jint jarg1, jobject jarg2) {
jint jresult = 0 ;
SSL *arg1;
unsigned char *arg2;
jbyte *jarr;
int result;
JNIEnv e = *jenv;
jclass holder_class;
jfieldID fid;
arg1 = (SSL *)jarg1;
result = (int)ssl_read(arg1, &arg2);
/* find the "m_buf" entry in the SSLReadHolder class */
if (!(holder_class = e->GetObjectClass(jenv,jarg2)) ||
!(fid = e->GetFieldID(jenv,holder_class, "m_buf", "[B")))
return SSL_NOT_OK;
if (result > SSL_OK)
{
int i;
/* create a new byte array to hold the read data */
jbyteArray jarray = e->NewByteArray(jenv, result);
/* copy the bytes across to the java byte array */
jarr = e->GetByteArrayElements(jenv, jarray, 0);
for (i = 0; i < result; i++)
jarr[i] = (jbyte)arg2[i];
/* clean up and set the new m_buf object */
e->ReleaseByteArrayElements(jenv, jarray, jarr, 0);
e->SetObjectField(jenv, jarg2, fid, jarray);
}
else /* set to null */
e->SetObjectField(jenv, jarg2, fid, NULL);
jresult = (jint)result;
return jresult;
}
%}
/* Big hack to get hold of a socket's file descriptor */
%typemap (jtype) long "Object"
%typemap (jstype) long "Object"
%native (getFd) int getFd(long sock);
%{
JNIEXPORT jint JNICALL Java_axTLSj_axtlsjJNI_getFd(JNIEnv *env, jclass jcls, jobject sock)
{
JNIEnv e = *env;
jfieldID fid;
jobject impl;
jobject fdesc;
/* get the SocketImpl from the Socket */
if (!(jcls = e->GetObjectClass(env,sock)) ||
!(fid = e->GetFieldID(env,jcls,"impl","Ljava/net/SocketImpl;")) ||
!(impl = e->GetObjectField(env,sock,fid))) return -1;
/* get the FileDescriptor from the SocketImpl */
if (!(jcls = e->GetObjectClass(env,impl)) ||
!(fid = e->GetFieldID(env,jcls,"fd","Ljava/io/FileDescriptor;")) ||
!(fdesc = e->GetObjectField(env,impl,fid))) return -1;
/* get the fd from the FileDescriptor */
if (!(jcls = e->GetObjectClass(env,fdesc)) ||
!(fid = e->GetFieldID(env,jcls,"fd","I"))) return -1;
/* return the descriptor */
return e->GetIntField(env,fdesc,fid);
}
%}
#endif
/* Some SWIG magic to make the API a bit more Perl friendly */
#ifdef SWIGPERL
/* for ssl_session_id() */
%typemap(out) const unsigned char * {
SV *svs = newSVpv((const char *)\$1, SSL_SESSION_ID_SIZE);
\$result = newRV(svs);
sv_2mortal(\$result);
argvi++;
}
/* for ssl_write() */
%typemap(in) const unsigned char out_data[] {
SV* tempsv;
if (!SvROK(\$input))
croak("Argument \$argnum is not a reference.");
tempsv = SvRV(\$input);
if (SvTYPE(tempsv) != SVt_PV)
croak("Argument \$argnum is not an string.");
\$1 = (unsigned char *)SvPV(tempsv, PL_na);
}
/* for ssl_read() */
%typemap(in) unsigned char **in_data (unsigned char *buf) {
\$1 = &buf;
}
%typemap(argout) unsigned char **in_data {
if (result > SSL_OK) {
SV *svs = newSVpv(*\$1, result);
\$result = newRV(svs);
sv_2mortal(\$result);
argvi++;
}
}
%typemap(freearg) unsigned char *in_data {
free(buf\$argnum);
}
/* for ssl_client_new() */
%typemap(in) const unsigned char session_id[] {
/* check for a reference */
if (SvOK(\$input) && SvROK(\$input)) {
SV* tempsv = SvRV(\$input);
if (SvTYPE(tempsv) != SVt_PV)
croak("Argument \$argnum is not an string.");
\$1 = (unsigned char *)SvPV(tempsv, PL_na);
}
else
\$1 = NULL;
}
#endif
END
# Initialise loop variables
$skip = 1;
$splitLine = 0;
parseFile(@raw_data);
close(DATA_IN);
close(DATA_OUT);
#===============================================================

307
bindings/generate_interface.pl Executable file
View File

@ -0,0 +1,307 @@
#!/usr/bin/perl -w
#
# Copyright(C) 2006 Cameron Rich
#
# This library is free software; you can redistribute it and/or modify
# it under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This library is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU Lesser General Public License for more details.
#
# You should have received a copy of the GNU Lesser General Public License
# along with this library; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
#===============================================================
# This application transforms ssl.h into interfaces that can be used by
# other language bindings. It is "SWIG"-like in nature in that various
# files are generated based on the axTLS API.
#
# The file produced is axInterface.? (depending on the file extension).
#
#===============================================================
use strict;
my $CSHARP = 0;
my $VBNET = 1;
my $binding;
my $skip = 0;
my $signature_ret_type;
# Transforms function signature into an Interface format
sub transformSignature
{
my $item;
my ($line) = @_;
foreach $item ($line)
{
# our very basic preprocessor
if ($binding == $CSHARP)
{
$line =~ s/STDCALL //;
$line =~ s/EXP_FUNC/ [DllImport ("axtls")]\n public static extern/;
$line =~ s/uint32_t/uint/g;
$line =~ s/uint8_t \*\*/ref IntPtr /g;
$line =~ s/const uint8_t \* /IntPtr /g;
$line =~ s/const uint8_t \*/byte[] /g; # note: subtle diff
$line =~ s/uint8_t \* ?/byte[] /g;
$line =~ s/uint8_t ?/byte /g;
$line =~ s/const char \* ?/string /g;
$line =~ s/const SSL_CTX \* ?/IntPtr /g;
$line =~ s/SSL_CTX \* ?/IntPtr /g;
$line =~ s/SSLObjLoader \* ?/IntPtr /g;
$line =~ s/const SSL \* ?/IntPtr /g;
$line =~ s/SSL \* ?/IntPtr /g;
$line =~ s/\(void\)/()/g;
}
elsif ($binding == $VBNET)
{
if ($line =~ /EXP_FUNC/)
{
# Procedure or function?
my $invariant = $line =~ /void /;
my $proc = $invariant ? "Sub" : "Function";
($signature_ret_type) = $line =~ /EXP_FUNC (.*) STDCALL/;
$line =~ s/EXP_FUNC .* STDCALL / <DllImport("axtls")> Public Shared $proc _\n /;
$signature_ret_type =~ s/const uint8_t \*/As IntPtr/;
$signature_ret_type =~ s/const char \*/As String/;
$signature_ret_type =~ s/SSL_CTX \*/As IntPtr/;
$signature_ret_type =~ s/SSLObjLoader \*/As IntPtr/;
$signature_ret_type =~ s/SSL \*/As IntPtr/;
$signature_ret_type =~ s/uint8_t/As Byte/;
$signature_ret_type =~ s/int/As Integer/;
$signature_ret_type =~ s/void//;
$signature_ret_type .= "\n End $proc\n\n";
}
$line =~ s/uint32_t (\w+)/ByVal $1 As Integer/g;
$line =~ s/int (\w+)/ByVal $1 As Integer/g;
$line =~ s/uint8_t \*\* ?(\w+)/ByRef $1 As IntPtr/g;
$line =~ s/const uint8_t \* ?(\w+)/ByVal $1() As Byte/g;
$line =~ s/uint8_t \* ?(\w+)/ByVal $1() As Byte/g;
$line =~ s/const char \* ?(\w+)/ByVal $1 As String/g;
$line =~ s/const SSL_CTX \* ?(\w+)/ByVal $1 As IntPtr/g;
$line =~ s/SSL_CTX \* ?(\w+)/ByVal $1 As IntPtr/g;
$line =~ s/SSLObjLoader \* ?(\w+)/ByVal $1 As IntPtr/g;
$line =~ s/const SSL \* ?(\w+)/ByVal $1 As IntPtr/g;
$line =~ s/SSL \* ?(\w+)/ByVal $1 As IntPtr/g;
$line =~ s/void \* ?(\w+)/Byval $1 As IntPtr/g;
$line =~ s/\(void\)/()/g;
$line =~ s/void//g;
$line =~ s/;\n/ $signature_ret_type;/;
}
}
return $line;
}
# Parse input file
sub parseFile
{
my (@file) = @_;
my $line;
my $splitDefine = 0;
my $splitFunctionDeclaration;
my $vb_hack = " ";
my $vb_line_hack = 0;
$skip = 0;
foreach $line (@file)
{
# test for a #define
if (!$skip && $line =~ m/^#define/)
{
$splitDefine = 1 if $line =~ m/\\$/;
if ($binding == $VBNET)
{
$line =~ s/\|/Or/g;
$line =~ s/ 0x/ &H/;
}
my ($name, $value) = $line =~ /#define (\w+) +([^\\]*)[\\]?\n/;
if (defined $name && defined $value)
{
# C# constant translation
if ($binding == $CSHARP)
{
$line = " public const int $name = $value";
}
# VB.NET constant translation
elsif ($binding == $VBNET)
{
$line = " Public Const $name As Integer = $value";
}
}
next if $line =~ /#define/; # ignore any other defines
print DATA_OUT $line;
# check line is not split
next if $splitDefine == 1;
print DATA_OUT ";" if $binding == $CSHARP;
print DATA_OUT "\n";
}
# pick up second line of #define statement
if ($splitDefine)
{
if ($line !~ /\\$/)
{
$line =~ s/$/;/ if $binding == $CSHARP; # add the ";"
}
$line =~ s/ ?\| ?/ Or /g
if ($binding == $VBNET);
# check line is not split
$splitDefine = ($line =~ m/\\$/);
# ignore trailing "\"
$line =~ s/\\$// if $binding == $CSHARP;
$line =~ s/\\$/_/ if $binding == $VBNET;
print DATA_OUT $line;
next;
}
# test for function declaration
if (!$skip && $line =~ /EXP_FUNC/ && $line !~ /\/\*/)
{
$line = transformSignature($line);
$splitFunctionDeclaration = $line !~ /;/;
$line =~ s/;// if ($binding == $VBNET);
$line =~ s/\n$/ _\n/ if ($binding == $VBNET) &&
$splitFunctionDeclaration;
print DATA_OUT $line;
next;
}
if ($splitFunctionDeclaration)
{
$line = transformSignature($line);
$splitFunctionDeclaration = $line !~ /;/;
$line =~ s/;// if ($binding == $VBNET);
$line =~ s/\n/ _\n/ if ($binding == $VBNET) &&
$splitFunctionDeclaration == 1;
print DATA_OUT $line;
next;
}
}
}
#===============================================================
# Determine which module to build from command-line options
use strict;
use Getopt::Std;
my $binding_prefix;
my $binding_suffix;
my $data_file;
my @raw_data;
if (not defined $ARGV[0])
{
goto ouch;
}
if ($ARGV[0] eq "-csharp")
{
print "Generating C# interface file\n";
$binding_prefix = "csharp";
$binding_suffix = "cs";
$binding = $CSHARP;
}
elsif ($ARGV[0] eq "-vbnet")
{
print "Generating VB.NET interface file\n";
$binding_prefix = "vbnet";
$binding_suffix = "vb";
$binding = $VBNET;
}
else
{
ouch:
die "Usage: $0 [-csharp | -vbnet]\n";
}
my $interfaceFile = "$binding_prefix/axInterface.$binding_suffix";
# Input file required to generate interface file.
$data_file = "../ssl/ssl.h";
# Open input files
open(DATA_IN, $data_file) || die("Could not open file ($data_file)!");
@raw_data = <DATA_IN>;
# Open output file
if ($binding == $CSHARP || $binding == $VBNET)
{
open(DATA_OUT, ">$interfaceFile") || die("Cannot Open File");
}
# SPEC interface file header
if ($binding == $CSHARP)
{
# generate the C#/C interface file
print DATA_OUT << "END";
// The C# to C interface definition file for the axTLS project
// Do not modify - this file is generated
using System;
using System.Runtime.InteropServices;
namespace axTLS
{
public class axtls
{
END
}
elsif ($binding == $VBNET)
{
# generate the VB.NET/C interface file
print DATA_OUT << "END";
' The VB.NET to C interface definition file for the axTLS project
' Do not modify - this file is generated
Imports System
Imports System.Runtime.InteropServices
Namespace axTLSvb
Public Class axtls
END
}
parseFile(@raw_data);
# finish up
if ($binding == $CSHARP)
{
print DATA_OUT " };\n";
print DATA_OUT "};\n";
}
elsif ($binding == $VBNET)
{
print DATA_OUT " End Class\nEnd Namespace\n";
}
close(DATA_IN);
close(DATA_OUT);
#===============================================================

93
bindings/java/Makefile Normal file
View File

@ -0,0 +1,93 @@
#
# Copyright(C) 2006 Cameron Rich
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
include ../../config/.config
include ../../config/makefile.conf
include ../../config/makefile.java.conf
all: lib jar
JAR=../../$(STAGE)/axtls.jar
ifdef CONFIG_PLATFORM_WIN32
TARGET=../../$(STAGE)/axtlsj.dll
else
TARGET=../../$(STAGE)/libaxtlsj.so
endif
lib: $(TARGET)
axTLSj_wrap.o : axTLSj_wrap.c
JAVA_FILES= \
axtlsjJNI.java \
axtlsjConstants.java \
axtlsj.java \
SSLReadHolder.java \
SSL.java \
SSLUtil.java \
SSLCTX.java \
SSLServer.java \
SSLClient.java
OBJ=axTLSj_wrap.o
AXOLOTLS_HOME=../..
SSL_HOME=$(AXOLOTLS_HOME)/ssl
CONFIG_HOME=$(AXOLOTLS_HOME)/config
JAVA_CLASSES:=$(JAVA_FILES:%.java=classes/axTLSj/%.class)
ifdef CONFIG_PLATFORM_WIN32
CFLAGS += /I"$(shell cygpath -w $(SSL_HOME))"
CFLAGS += /I"$(shell cygpath -w $(CONFIG_HOME))"
LDFLAGS += axtls.lib /libpath:"../../$(STAGE)"
include ../../config/makefile.post
$(TARGET) : $(OBJ)
$(LD) $(LDFLAGS) $(LDSHARED) /out:$@ $(OBJ)
else # Not Win32
ifdef CONFIG_PLATFORM_CYGWIN
SSL_HOME:=$(shell cygpath -u $(SSL_HOME))
CONFIG_HOME:=$(shell cygpath -u $(CONFIG_HOME))
endif
CFLAGS += -I$(SSL_HOME)
CFLAGS += -I$(CONFIG_HOME)
$(TARGET) : $(OBJ)
$(LD) $(LDFLAGS) -L ../../$(STAGE) $(LDSHARED) -o $@ $(OBJ) -laxtls
endif
jar: $(OBJ) $(JAR)
# if we are doing the samples then defer creating the jar until then
$(JAR): $(JAVA_CLASSES)
ifndef CONFIG_JAVA_SAMPLES
jar cvf $@ -C classes axTLSj
else
@if [ ! -f $(JAR) ]; then touch $(JAR); fi
endif
classes/axTLSj/%.class : %.java
javac -d classes -classpath classes $^
clean::
@rm -f $(JAR) $(TARGET) SWIG* axtls* *.i *.c
@rm -fr classes/*

125
bindings/java/SSL.java Normal file
View File

@ -0,0 +1,125 @@
/*
* Copyright(C) 2006 Cameron Rich
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* A wrapper around the unmanaged interface to give a semi-decent Java API
*/
package axTLSj;
import java.io.*;
import java.util.*;
/**
* @defgroup java_api Java API.
*
* Ensure that the appropriate dispose() methods are called when finished with
* various objects - otherwise memory leaks will result.
*/
/**
* @class SSL
* @ingroup java_api
* @brief A representation of an SSL connection.
*
*/
public class SSL
{
public int m_ssl; /**< A pointer to the real SSL type */
/**
* @brief Store the reference to an SSL context.
* @param ip [in] A reference to an SSL object.
*/
public SSL(int ip)
{
m_ssl = ip;
}
/**
* @brief Free any used resources on this connection.
*
* A "Close Notify" message is sent on this connection (if possible). It
* is up to the application to close the socket.
*/
public void dispose()
{
axtlsj.ssl_free(m_ssl);
}
/**
* @brief Return the result of a handshake.
* @return SSL_OK if the handshake is complete and ok.
* @see ssl.h for the error code list.
*/
public int handshakeStatus()
{
return axtlsj.ssl_handshake_status(m_ssl);
}
/**
* @brief Return the SSL cipher id.
* @return The cipher id which is one of:
* - SSL_AES128_SHA (0x2f)
* - SSL_AES256_SHA (0x35)
* - SSL_RC4_128_SHA (0x05)
* - SSL_RC4_128_MD5 (0x04)
*/
public byte getCipherId()
{
return axtlsj.ssl_get_cipher_id(m_ssl);
}
/**
* @brief Get the session id for a handshake.
*
* This will be a 32 byte sequence and is available after the first
* handshaking messages are sent.
* @return The session id as a 32 byte sequence.
* @note A SSLv23 handshake may have only 16 valid bytes.
*/
public byte[] getSessionId()
{
return axtlsj.ssl_get_session_id(m_ssl);
}
/**
* @brief Retrieve an X.509 distinguished name component.
*
* When a handshake is complete and a certificate has been exchanged,
* then the details of the remote certificate can be retrieved.
*
* This will usually be used by a client to check that the server's common
* name matches the URL.
*
* A full handshake needs to occur for this call to work.
*
* @param component [in] one of:
* - SSL_X509_CERT_COMMON_NAME
* - SSL_X509_CERT_ORGANIZATION
* - SSL_X509_CERT_ORGANIZATIONAL_NAME
* - SSL_X509_CA_CERT_COMMON_NAME
* - SSL_X509_CA_CERT_ORGANIZATION
* - SSL_X509_CA_CERT_ORGANIZATIONAL_NAME
* @return The appropriate string (or null if not defined)
*/
public String getCertificateDN(int component)
{
return axtlsj.ssl_get_cert_dn(m_ssl, component);
}
}

219
bindings/java/SSLCTX.java Normal file
View File

@ -0,0 +1,219 @@
/*
* Copyright(C) 2006 Cameron Rich
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* A wrapper around the unmanaged interface to give a semi-decent Java API
*/
package axTLSj;
import java.net.*;
/**
* @class SSLCTX
* @ingroup java_api
* @brief A base object for SSLServer/SSLClient.
*/
public class SSLCTX
{
/**
* A reference to the real client/server context.
*/
protected int m_ctx;
/**
* @brief Establish a new client/server context.
*
* This function is called before any client/server SSL connections are
* made. If multiple threads are used, then each thread will have its
* own SSLCTX context. Any number of connections may be made with a single
* context.
*
* Each new connection will use the this context's private key and
* certificate chain. If a different certificate chain is required, then a
* different context needs to be be used.
*
* @param options [in] Any particular options. At present the options
* supported are:
* - SSL_SERVER_VERIFY_LATER (client only): Don't stop a handshake if the
* server authentication fails. The certificate can be authenticated later
* with a call to verifyCert().
* - SSL_CLIENT_AUTHENTICATION (server only): Enforce client authentication
* i.e. each handshake will include a "certificate request" message from
* the server.
* - SSL_NO_DEFAULT_KEY: Don't use the default key/certificate. The user
* will load the key/certificate explicitly.
* - SSL_DISPLAY_BYTES (full mode build only): Display the byte sequences
* during the handshake.
* - SSL_DISPLAY_STATES (full mode build only): Display the state changes
* during the handshake.
* - SSL_DISPLAY_CERTS (full mode build only): Display the certificates that
* are passed during a handshake.
* - SSL_DISPLAY_RSA (full mode build only): Display the RSA key details
* that are passed during a handshake.
*
* @param num_sessions [in] The number of sessions to be used for session
* caching. If this value is 0, then there is no session caching.
*
* If this option is null, then the default internal private key/
* certificate pair is used (if CONFIG_SSL_USE_DEFAULT_KEY is set).
*
* The resources used by this object are automatically freed.
* @return A client/server context.
*/
protected SSLCTX(int options, int num_sessions)
{
m_ctx = axtlsj.ssl_ctx_new(options, num_sessions);
}
/**
* @brief Remove a client/server context.
*
* Frees any used resources used by this context. Each connection will be
* sent a "Close Notify" alert (if possible).
*/
public void dispose()
{
axtlsj.ssl_ctx_free(m_ctx);
}
/**
* @brief Read the SSL data stream.
* @param ssl [in] An SSL object reference.
* @param rh [out] After a successful read, the decrypted data can be
* retrieved with rh.getData(). It will be null otherwise.
* @return The number of decrypted bytes:
* - if > 0, then the handshaking is complete and we are returning the
* number of decrypted bytes.
* - SSL_OK if the handshaking stage is successful (but not yet complete).
* - < 0 if an error.
* @see ssl.h for the error code list.
* @note Use rh before doing any successive ssl calls.
*/
public int read(SSL ssl, SSLReadHolder rh)
{
return axtlsj.ssl_read(ssl.m_ssl, rh);
}
/**
* @brief Write to the SSL data stream.
* @param ssl [in] An SSL obect reference.
* @param out_data [in] The data to be written
* @return The number of bytes sent, or if < 0 if an error.
* @see ssl.h for the error code list.
*/
public int write(SSL ssl, byte[] out_data)
{
return axtlsj.ssl_write(ssl.m_ssl, out_data, out_data.length);
}
/**
* @brief Write to the SSL data stream.
* @param ssl [in] An SSL obect reference.
* @param out_data [in] The data to be written
* @param out_len [in] The number of bytes to be written
* @return The number of bytes sent, or if < 0 if an error.
* @see ssl.h for the error code list.
*/
public int write(SSL ssl, byte[] out_data, int out_len)
{
return axtlsj.ssl_write(ssl.m_ssl, out_data, out_len);
}
/**
* @brief Find an ssl object based on a Socket reference.
*
* Goes through the list of SSL objects maintained in a client/server
* context to look for a socket match.
* @param s [in] A reference to a <A HREF="http://java.sun.com/j2se/1.4.2/docs/api">Socket</A> object.
* @return A reference to the SSL object. Returns null if the object
* could not be found.
*/
public SSL find(Socket s)
{
int client_fd = axtlsj.getFd(s);
return new SSL(axtlsj.ssl_find(m_ctx, client_fd));
}
/**
* @brief Authenticate a received certificate.
*
* This call is usually made by a client after a handshake is complete
* and the context is in SSL_SERVER_VERIFY_LATER mode.
* @param ssl [in] An SSL object reference.
* @return SSL_OK if the certificate is verified.
*/
public int verifyCert(SSL ssl)
{
return axtlsj.ssl_verify_cert(ssl.m_ssl);
}
/**
* @brief Force the client to perform its handshake again.
*
* For a client this involves sending another "client hello" message.
* For the server is means sending a "hello request" message.
*
* This is a blocking call on the client (until the handshake completes).
* @param ssl [in] An SSL object reference.
* @return SSL_OK if renegotiation instantiation was ok
*/
public int renegotiate(SSL ssl)
{
return axtlsj.ssl_renegotiate(ssl.m_ssl);
}
/**
* @brief Load a file into memory that is in binary DER or ASCII PEM format.
*
* These are temporary objects that are used to load private keys,
* certificates etc into memory.
* @param obj_type [in] The format of the file. Can be one of:
* - SSL_OBJ_X509_CERT (no password required)
* - SSL_OBJ_X509_CACERT (no password required)
* - SSL_OBJ_RSA_KEY (AES128/AES256 PEM encryption supported)
* - SSL_OBJ_P8 (RC4-128 encrypted data supported)
* - SSL_OBJ_P12 (RC4-128 encrypted data supported)
*
* PEM files are automatically detected (if supported).
* @param filename [in] The location of a file in DER/PEM format.
* @param password [in] The password used. Can be null if not required.
* @return SSL_OK if all ok
*/
public int objLoad(int obj_type, String filename, String password)
{
return axtlsj.ssl_obj_load(m_ctx, obj_type, filename, password);
}
/**
* @brief Transfer binary data into the object loader.
*
* These are temporary objects that are used to load private keys,
* certificates etc into memory.
* @param obj_type [in] The format of the memory data.
* @param data [in] The binary data to be loaded.
* @param len [in] The amount of data to be loaded.
* @param password [in] The password used. Can be null if not required.
* @return SSL_OK if all ok
*/
public int objLoad(int obj_type, byte[] data, int len, String password)
{
return axtlsj.ssl_obj_memory_load(m_ctx, obj_type, data, len, password);
}
}

66
bindings/java/SSLClient.java Normal file
View File

@ -0,0 +1,66 @@
/*
* Copyright(C) 2006 Cameron Rich
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* A wrapper around the unmanaged interface to give a semi-decent Java API
*/
package axTLSj;
import java.net.*;
/**
* @class SSLClient
* @ingroup java_api
* @brief The client context.
*
* All client connections are started within a client context.
*/
public class SSLClient extends SSLCTX
{
/**
* @brief Start a new client context.
*
* @see SSLCTX for details.
*/
public SSLClient(int options, int num_sessions)
{
super(options, num_sessions);
}
/**
* @brief Establish a new SSL connection to an SSL server.
*
* It is up to the application to establish the initial socket connection.
*
* This is a blocking call - it will finish when the handshake is
* complete (or has failed).
*
* Call dispose() when the connection is to be removed.
* @param s [in] A reference to a <A HREF="http://java.sun.com/j2se/1.4.2/docs/api">Socket</A> object.
* @param session_id [in] A 32 byte session id for session resumption. This
* can be null if no session resumption is not required.
* @return An SSL object reference. Use SSL.handshakeStatus() to check
* if a handshake succeeded.
*/
public SSL connect(Socket s, byte[] session_id)
{
int client_fd = axtlsj.getFd(s);
return new SSL(axtlsj.ssl_client_new(m_ctx, client_fd, session_id));
}
}

49
bindings/java/SSLReadHolder.java Normal file
View File

@ -0,0 +1,49 @@
/*
* Copyright(C) 2006 Cameron Rich
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* A wrapper around the unmanaged interface to give a semi-decent Java API
*/
package axTLSj;
/**
* @class SSLReadHolder
* @ingroup java_api
* @brief A holder for data read in an SSL read.
*/
public class SSLReadHolder
{
/**
* @brief Contruct a new read holder object.
*/
public SSLReadHolder()
{
m_buf = null;
}
/**
* @brief Retrieve the reference to the read data.
*/
public byte[] getData()
{
return m_buf;
}
private byte[] m_buf;
}

60
bindings/java/SSLServer.java Normal file
View File

@ -0,0 +1,60 @@
/*
* Copyright(C) 2006 Cameron Rich
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* A wrapper around the unmanaged interface to give a semi-decent Java API
*/
package axTLSj;
import java.net.*;
/**
* @class SSLServer
* @ingroup java_api
* @brief The server context.
*
* All server connections are started within a server context.
*/
public class SSLServer extends SSLCTX
{
/**
* @brief Start a new server context.
*
* @see SSLCTX for details.
*/
public SSLServer(int options, int num_sessions)
{
super(options, num_sessions);
}
/**
* @brief Establish a new SSL connection to an SSL client.
*
* It is up to the application to establish the initial socket connection.
*
* Call dispose() when the connection is to be removed.
* @param s [in] A reference to a <A HREF="http://java.sun.com/j2se/1.4.2/docs/api">Socket</A> object.
* @return An SSL object reference.
*/
public SSL connect(Socket s)
{
int client_fd = axtlsj.getFd(s);
return new SSL(axtlsj.ssl_server_new(m_ctx, client_fd));
}
}

104
bindings/java/SSLUtil.java Normal file
View File

@ -0,0 +1,104 @@
/*
* Copyright(C) 2006 Cameron Rich
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* A wrapper around the unmanaged interface to give a semi-decent Java API
*/
package axTLSj;
import java.io.*;
import java.util.*;
/**
* @class SSLUtil
* @ingroup java_api
* @brief Some global helper functions.
*
*/
public class SSLUtil
{
/**
* @brief Load up the ddl/shared library
*/
static
{
System.loadLibrary("axtlsj");
}
/**
* @brief Return the build mode of the axTLS project.
* @return The build mode is one of:
* - SSL_BUILD_SERVER_ONLY
* - SSL_BUILD_ENABLE_VERIFICATION
* - SSL_BUILD_ENABLE_CLIENT
* - SSL_BUILD_FULL_MODE
*/
public static int buildMode()
{
return axtlsj.ssl_get_config(axtlsj.SSL_BUILD_MODE);
}
/**
* @brief Return the number of chained certificates that the client/server
* supports.
* @return The number of supported client/server certificates.
*/
public static int maxCerts()
{
return axtlsj.ssl_get_config(axtlsj.SSL_MAX_CERT_CFG_OFFSET);
}
/**
* @brief Return the number of CA certificates that the client/server
* supports.
* @return The number of supported CA certificates.
*/
public static int maxCACerts()
{
return axtlsj.ssl_get_config(axtlsj.SSL_MAX_CA_CERT_CFG_OFFSET);
}
/**
* @brief Indicate if PEM is supported.
* @return true if PEM supported.
*/
public static boolean hasPEM()
{
return axtlsj.ssl_get_config(axtlsj.SSL_HAS_PEM) > 0 ? true : false;
}
/**
* @brief Display the text string of the error.
* @param error_code [in] The integer error code.
* @see ssl.h for the error code list.
*/
public static void displayError(int error_code)
{
axtlsj.ssl_display_error(error_code);
}
/**
* @brief Return the version of the axTLS project.
*/
public static String version()
{
return axtlsj.ssl_version();
}
}

81
bindings/perl/Makefile Normal file
View File

@ -0,0 +1,81 @@
#
# Copyright(C) 2006 Cameron Rich
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
include ../../config/.config
include ../../config/makefile.conf
all: lib
ifdef CONFIG_PLATFORM_WIN32
TARGET=../../$(STAGE)/axtlsp.dll
else
TARGET=../../$(STAGE)/libaxtlsp.so
endif
ifneq ($(MAKECMDGOALS), clean)
ifdef CONFIG_PLATFORM_WIN32
PERL5_CORE:=$(shell cygpath -w "$(CONFIG_PERL_CORE)")
else
PERL5_CORE= $(shell perl -e 'use Config; print $$Config{archlib};')/CORE
endif
all: test_perl
test_perl:
@if ! [ -d "$(PERL5_CORE)" ]; then \
echo "*** Error: Perl not installed at $(CONFIG_PERL_CORE) - go to " \
"http://www.cpan.org/authors/id/G/GR/GRAHAMC/SiePerl-5.8.0-bin-1.0-Win32.INSTALL.exe" && exit 1; \
fi
endif
lib: $(TARGET)
AXTLS_HOME=../..
SSL_HOME=$(AXTLS_HOME)/ssl
CONFIG_HOME=$(AXTLS_HOME)/config
OBJ:=axTLSp_wrap.o
include ../../config/makefile.post
ifndef CONFIG_PLATFORM_WIN32 # Linux/Unix/Cygwin
#
# Could have used libperl.a, but it increases the library to over 1MB, so just
# use libperl.so. But this needs to be in the shared library path for things to
# work.
#
$(TARGET) : $(OBJ)
$(LD) $(LDFLAGS) -L ../../$(STAGE) -L$(PERL5_CORE) $(LDSHARED) -o $@ $(OBJ) -laxtls -lperl
ifdef CONFIG_PLATFORM_CYGWIN
cd ../../$(STAGE); ln -sf $(notdir $@) axtlsp.dll
endif
@install axtlsp.pm ../../$(STAGE)
CFLAGS += -D__USE_GNU -I$(CONFIG_HOME) -I$(SSL_HOME) -I$(PERL5_CORE)
else
CFLAGS += /I"`cygpath -w $(CONFIG_HOME)`" /I"`cygpath -w $(SSL_HOME)`"
CFLAGS += /I"$(PERL5_CORE)"
LDFLAGS += $(CONFIG_PERL_LIB) /libpath:"$(PERL5_CORE)" axtls.lib /libpath:"../../$(STAGE)"
$(TARGET) : $(OBJ)
$(LD) $(LDFLAGS) $(LDSHARED) /out:$@ $(OBJ)
install axtlsp.pm ../../$(STAGE)
endif # WIN32
clean::
@rm -f $(TARGET) axtls* *.i axTLSp* *.c .depend ../../$(STAGE)/axtlsp.pm

23
bindings/vbnet/Makefile Normal file
View File

@ -0,0 +1,23 @@
#
# Copyright(C) 2006 Cameron Rich
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
include ../../config/.config
include ../../config/makefile.conf
clean::
@rm -f axssl* axInterface.vb

179
bindings/vbnet/axTLSvb.vb Normal file
View File

@ -0,0 +1,179 @@
'
' Copyright(C) 2006 Cameron Rich
'
' This program is free software you can redistribute it and/or modify
' it under the terms of the GNU General Public License as published by
' the Free Software Foundation either version 2.1 of the License, or
' (at your option As ) any later version.
'
' This program is distributed in the hope that it will be useful,
' but WITHOUT ANY WARRANTY without even the implied warranty of
' MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
' GNU Lesser General Public License for more details.
'
' You should have received a copy of the GNU General Public License
' along with this program if not, write to the Free Software
' Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
'
'
' A wrapper around the unmanaged Integererface to give a semi-decent VB.NET API
'
Imports System
Imports System.Runtime.InteropServices
Imports System.Net.Sockets
Imports axTLSvb
Namespace axTLSvb
Public Class SSL
Public m_ssl As IntPtr
Public Sub New(ByRef ip As IntPtr)
m_ssl = ip
End Sub
Public Sub Dispose()
axtls.ssl_free(m_ssl)
End Sub
Public Function HandshakeStatus() As Integer
Return axtls.ssl_handshake_status(m_ssl)
End Function
Public Function GetCipherId() As Byte
Return axtls.ssl_get_cipher_id(m_ssl)
End Function
Public Function GetSessionId() As Byte()
Dim result(axtls.SSL_SESSION_ID_SIZE) As Byte
Dim ptr As IntPtr = axtls.ssl_get_session_id(m_ssl)
Marshal.Copy(ptr, result, 0, axtls.SSL_SESSION_ID_SIZE)
Return result
End Function
Public Function GetCertificateDN(component As Integer) As String
Return axtls.ssl_get_cert_dn(m_ssl, component)
End Function
End Class
Public Class SSLUtil
Private dummy As Integer ' need something here
Public Shared Function BuildMode() As Integer
Return axtls.ssl_get_config(axtls.SSL_BUILD_MODE)
End Function
Public Shared Function MaxCerts() As Integer
Return axtls.ssl_get_config(axtls.SSL_MAX_CERT_CFG_OFFSET)
End Function
Public Shared Function MaxCACerts() As Integer
Return axtls.ssl_get_config(axtls.SSL_MAX_CA_CERT_CFG_OFFSET)
End Function
Public Shared Function HasPEM() As Boolean
If axtls.ssl_get_config(axtls.SSL_HAS_PEM) > 0 Then
Return True
Else
Return False
End If
End Function
Public Shared Sub DisplayError(ByVal error_code As Integer)
axtls.ssl_display_error(error_code)
End Sub
Public Shared Function Version() As String
Return axtls.ssl_version()
End Function
End Class
Public Class SSLCTX
Protected m_ctx As IntPtr
Protected Sub New(ByVal options As Integer, _
ByVal num_sessions As Integer)
m_ctx = axtls.ssl_ctx_new(options, num_sessions)
End Sub
Public Sub Dispose()
axtls.ssl_ctx_free(m_ctx)
End Sub
Public Function Read(ByVal ssl As SSL, ByRef in_data As Byte()) As Integer
Dim ptr As IntPtr = IntPtr.Zero
Dim ret as Integer = axtls.ssl_read(ssl.m_ssl, ptr)
If ret > axtls.SSL_OK Then
ReDim in_data(ret)
Marshal.Copy(ptr, in_data, 0, ret)
Else
in_data = Nothing
End If
Return ret
End Function
Public Function Write(ByVal ssl As SSL, _
ByVal data As Byte(), len As Integer) As Integer
Return axtls.ssl_write(ssl.m_ssl, data, len)
End Function
Public Function Find(ByVal s As Socket) As SSL
Dim client_fd As Integer = s.Handle.ToInt32()
Return New SSL(axtls.ssl_find(m_ctx, client_fd))
End Function
Public Function VerifyCert(ByVal ssl As SSL) As Integer
Return axtls.ssl_verify_cert(ssl.m_ssl)
End Function
Public Function Renegotiate(ByVal ssl As SSL) As Integer
Return axtls.ssl_renegotiate(ssl.m_ssl)
End Function
Public Function ObjLoad(ByVal obj_type As Integer, _
ByVal filename As String, _
password As String) As Integer
Return axtls.ssl_obj_load(m_ctx, obj_type, filename, password)
End Function
Public Function ObjLoad(ByVal obj_type As Integer, _
ByVal data As Byte(), ByVal len As Integer, _
password As String) As Integer
Return axtls.ssl_obj_memory_load( _
m_ctx, obj_type, data, len, password)
End Function
End Class
Public Class SSLServer
Inherits SSLCTX
Public Sub New(ByVal options As Integer, _
ByVal num_sessions As Integer)
MyBase.New(options, num_sessions)
End Sub
Public Function Connect(ByVal s As Socket) As SSL
Dim client_fd As Integer = s.Handle.ToInt32()
Return New SSL(axtls.ssl_server_new(m_ctx, client_fd))
End Function
End Class
Public Class SSLClient
Inherits SSLCTX
Public Sub New(ByVal options As Integer, _
ByVal num_sessions As Integer)
MyBase.New(options, num_sessions)
End Sub
Public Function Connect(ByVal s As Socket, _
ByVal session_id As Byte()) As SSL
Dim client_fd As Integer = s.Handle.ToInt32()
Return New SSL( axtls.ssl_client_new(m_ctx, client_fd, session_id))
End Function
End Class
End Namespace