arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-06-12 01:53:07 +03:00
Code Activity

new trunk

Browse Source 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@78 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich
2007-03-14 12:03:51 +00:00
parent 974cf12924
commit 73dfbb7568
177 changed files with 46362 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

39
samples/java/Makefile Normal file
View File

@ -0,0 +1,39 @@
#
# Copyright(C) 2006 Cameron Rich
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
#
include ../../config/.config
include ../../config/makefile.conf
include ../../config/makefile.java.conf
all : sample
JAR=../../$(STAGE)/axtls.jar
CLASSES=../../bindings/java/classes
sample : $(JAR)
$(JAR) : $(CLASSES)/axssl.class $(wildcard $(CLASSES)/axTLSj/*.class)
jar mcvf manifest.mf $@ -C $(CLASSES) axTLSj -C $(CLASSES) axssl.class
JAVA_FILES=axssl.java
JAVA_CLASSES:=$(JAVA_FILES:%.java=$(CLASSES)/axTLSj/%.class)
$(CLASSES)/%.class : %.java
javac -d $(CLASSES) -classpath $(CLASSES) $^
clean::
-@rm -f $(TARGET)

746
samples/java/axssl.java Normal file
View File

@ -0,0 +1,746 @@
/*
* Copyright(C) 2006 Cameron Rich
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2.1 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Lesser General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
*/
/*
* Demonstrate the use of the axTLS library in Java with a set of
* command-line parameters similar to openssl. In fact, openssl clients
* should be able to communicate with axTLS servers and visa-versa. *
* This code has various bits enabled depending on the configuration. To enable
* the most interesting version, compile with the 'full mode' enabled.
*
* To see what options you have, run the following:
* > java -jar axtls.jar s_server -?
* > java -jar axtls.jar s_client -?
*
* The axtls/axtlsj shared libraries must be in the same directory or be found
* by the OS.
*/
import java.io.*;
import java.util.*;
import java.net.*;
import axTLSj.*;
public class axssl
{
/*
* Main()
*/
public static void main(String[] args)
{
if (args.length == 1 && args[0].equals("version"))
{
System.out.println("axtls.jar " + SSLUtil.version());
System.exit(0);
}
axssl runner = new axssl();
try
{
if (args.length < 1 ||
(!args[0].equals("s_server") &&
!args[0].equals("s_client")))
{
runner.print_options(args.length > 0 ? args[0] : "");
}
int build_mode = SSLUtil.buildMode();
if (args[0].equals("s_server"))
runner.do_server(build_mode, args);
else
runner.do_client(build_mode, args);
}
catch (Exception e)
{
System.out.println(e);
}
}
/*
* do_server()
*/
private void do_server(int build_mode, String[] args)
throws Exception
{
int i = 1;
int port = 4433;
int options = axtlsj.SSL_DISPLAY_CERTS;
boolean quiet = false;
String password = null;
String private_key_file = null;
/* organise the cert/ca_cert lists */
int cert_size = SSLUtil.maxCerts();
int ca_cert_size = SSLUtil.maxCACerts();
String[] cert = new String[cert_size];
String[] ca_cert = new String[ca_cert_size];
int cert_index = 0;
int ca_cert_index = 0;
while (i < args.length)
{
if (args[i].equals("-accept"))
{
if (i >= args.length-1)
{
print_server_options(build_mode, args[i]);
}
port = Integer.parseInt(args[++i]);
}
else if (args[i].equals("-quiet"))
{
quiet = true;
options &= ~(int)axtlsj.SSL_DISPLAY_CERTS;
}
else if (build_mode >= axtlsj.SSL_BUILD_SERVER_ONLY)
{
if (args[i].equals("-cert"))
{
if (i >= args.length-1 || cert_index >= cert_size)
{
print_server_options(build_mode, args[i]);
}
cert[cert_index++] = args[++i];
}
else if (args[i].equals("-key"))
{
if (i >= args.length-1)
{
print_server_options(build_mode, args[i]);
}
private_key_file = args[++i];
options |= axtlsj.SSL_NO_DEFAULT_KEY;
}
else if (args[i].equals("-pass"))
{
if (i >= args.length-1)
{
print_server_options(build_mode, args[i]);
}
password = args[++i];
}
else if (build_mode >= axtlsj.SSL_BUILD_ENABLE_VERIFICATION)
{
if (args[i].equals("-verify"))
{
options |= axtlsj.SSL_CLIENT_AUTHENTICATION;
}
else if (args[i].equals("-CAfile"))
{
if (i >= args.length-1 || ca_cert_index >= ca_cert_size)
{
print_server_options(build_mode, args[i]);
}
ca_cert[ca_cert_index++] = args[++i];
}
else if (build_mode == axtlsj.SSL_BUILD_FULL_MODE)
{
if (args[i].equals("-debug"))
{
options |= axtlsj.SSL_DISPLAY_BYTES;
}
else if (args[i].equals("-state"))
{
options |= axtlsj.SSL_DISPLAY_STATES;
}
else if (args[i].equals("-show-rsa"))
{
options |= axtlsj.SSL_DISPLAY_RSA;
}
else
print_server_options(build_mode, args[i]);
}
else
print_server_options(build_mode, args[i]);
}
else
print_server_options(build_mode, args[i]);
}
else
print_server_options(build_mode, args[i]);
i++;
}
/* Create socket for incoming connections */
ServerSocket server_sock = new ServerSocket(port);
/**********************************************************************
* This is where the interesting stuff happens. Up until now we've
* just been setting up sockets etc. Now we do the SSL handshake.
**********************************************************************/
SSLServer ssl_ctx = new SSLServer(options,
axtlsj.SSL_DEFAULT_SVR_SESS);
if (ssl_ctx == null)
throw new Exception("Error: Server context is invalid");
if (private_key_file != null)
{
int obj_type = axtlsj.SSL_OBJ_RSA_KEY;
if (private_key_file.endsWith(".p8"))
obj_type = axtlsj.SSL_OBJ_PKCS8;
else if (private_key_file.endsWith(".p12"))
obj_type = axtlsj.SSL_OBJ_PKCS12;
if (ssl_ctx.objLoad(obj_type,
private_key_file, password) != axtlsj.SSL_OK)
{
throw new Exception("Error: Private key '" + private_key_file +
"' is undefined.");
}
}
for (i = 0; i < cert_index; i++)
{
if (ssl_ctx.objLoad(axtlsj.SSL_OBJ_X509_CERT,
cert[i], null) != axtlsj.SSL_OK)
{
throw new Exception("Certificate '" + cert[i] +
"' is undefined.");
}
}
for (i = 0; i < ca_cert_index; i++)
{
if (ssl_ctx.objLoad(axtlsj.SSL_OBJ_X509_CACERT,
ca_cert[i], null) != axtlsj.SSL_OK)
{
throw new Exception("Certificate '" + ca_cert[i] +
"' is undefined.");
}
}
int res;
SSLReadHolder rh = new SSLReadHolder();
for (;;)
{
if (!quiet)
{
System.out.println("ACCEPT");
}
Socket client_sock = server_sock.accept();
SSL ssl = ssl_ctx.connect(client_sock);
while ((res = ssl_ctx.read(ssl, rh)) == axtlsj.SSL_OK)
{
/* check when the connection has been established */
if (ssl.handshakeStatus() == axtlsj.SSL_OK)
break;
/* could do something else here */
}
if (res == axtlsj.SSL_OK) /* connection established and ok */
{
if (!quiet)
{
display_session_id(ssl);
display_cipher(ssl);
}
/* now read (and display) whatever the client sends us */
for (;;)
{
/* keep reading until we get something interesting */
while ((res = ssl_ctx.read(ssl, rh)) == axtlsj.SSL_OK)
{
/* could do something else here */
}
if (res < axtlsj.SSL_OK)
{
if (!quiet)
{
System.out.println("CONNECTION CLOSED");
}
break;
}
/* convert to String */
byte[] buf = rh.getData();
char[] str = new char[res];
for (i = 0; i < res; i++)
{
str[i] = (char)buf[i];
}
System.out.print(str);
}
}
else if (!quiet)
{
SSLUtil.displayError(res);
}
/* client was disconnected or the handshake failed. */
ssl.dispose();
client_sock.close();
}
/* ssl_ctx.dispose(); */
}
/*
* do_client()
*/
private void do_client(int build_mode, String[] args)
throws Exception
{
if (build_mode < axtlsj.SSL_BUILD_ENABLE_CLIENT)
print_client_options(build_mode, args[1]);
int i = 1, res;
int port = 4433;
boolean quiet = false;
String password = null;
int reconnect = 0;
String private_key_file = null;
String hostname = "127.0.0.1";
/* organise the cert/ca_cert lists */
int cert_index = 0;
int ca_cert_index = 0;
int cert_size = SSLUtil.maxCerts();
int ca_cert_size = SSLUtil.maxCACerts();
String[] cert = new String[cert_size];
String[] ca_cert = new String[ca_cert_size];
int options = axtlsj.SSL_SERVER_VERIFY_LATER|axtlsj.SSL_DISPLAY_CERTS;
byte[] session_id = null;
while (i < args.length)
{
if (args[i].equals("-connect"))
{
String host_port;
if (i >= args.length-1)
{
print_client_options(build_mode, args[i]);
}
host_port = args[++i];
int index_colon;
if ((index_colon = host_port.indexOf(':')) < 0)
print_client_options(build_mode, args[i]);
hostname = new String(host_port.toCharArray(),
0, index_colon);
port = Integer.parseInt(new String(host_port.toCharArray(),
index_colon+1, host_port.length()-index_colon-1));
}
else if (args[i].equals("-cert"))
{
if (i >= args.length-1 || cert_index >= cert_size)
{
print_client_options(build_mode, args[i]);
}
cert[cert_index++] = args[++i];
}
else if (args[i].equals("-CAfile"))
{
if (i >= args.length-1 || ca_cert_index >= ca_cert_size)
{
print_client_options(build_mode, args[i]);
}
ca_cert[ca_cert_index++] = args[++i];
}
else if (args[i].equals("-key"))
{
if (i >= args.length-1)
{
print_client_options(build_mode, args[i]);
}
private_key_file = args[++i];
options |= axtlsj.SSL_NO_DEFAULT_KEY;
}
else if (args[i].equals("-verify"))
{
options &= ~(int)axtlsj.SSL_SERVER_VERIFY_LATER;
}
else if (args[i].equals("-reconnect"))
{
reconnect = 4;
}
else if (args[i].equals("-quiet"))
{
quiet = true;
options &= ~(int)axtlsj.SSL_DISPLAY_CERTS;
}
else if (args[i].equals("-pass"))
{
if (i >= args.length-1)
{
print_server_options(build_mode, args[i]);
}
password = args[++i];
}
else if (build_mode == axtlsj.SSL_BUILD_FULL_MODE)
{
if (args[i].equals("-debug"))
{
options |= axtlsj.SSL_DISPLAY_BYTES;
}
else if (args[i].equals("-state"))
{
options |= axtlsj.SSL_DISPLAY_STATES;
}
else if (args[i].equals("-show-rsa"))
{
options |= axtlsj.SSL_DISPLAY_RSA;
}
else
print_client_options(build_mode, args[i]);
}
else /* don't know what this is */
print_client_options(build_mode, args[i]);
i++;
}
Socket client_sock = new Socket(hostname, port);
if (!client_sock.isConnected())
{
System.out.println("could not connect");
throw new Exception();
}
if (!quiet)
{
System.out.println("CONNECTED");
}
/**********************************************************************
* This is where the interesting stuff happens. Up until now we've
* just been setting up sockets etc. Now we do the SSL handshake.
**********************************************************************/
SSLClient ssl_ctx = new SSLClient(options,
axtlsj.SSL_DEFAULT_CLNT_SESS);
if (ssl_ctx == null)
{
throw new Exception("Error: Client context is invalid");
}
if (private_key_file != null)
{
int obj_type = axtlsj.SSL_OBJ_RSA_KEY;
if (private_key_file.endsWith(".p8"))
obj_type = axtlsj.SSL_OBJ_PKCS8;
else if (private_key_file.endsWith(".p12"))
obj_type = axtlsj.SSL_OBJ_PKCS12;
if (ssl_ctx.objLoad(obj_type,
private_key_file, password) != axtlsj.SSL_OK)
{
throw new Exception("Error: Private key '" + private_key_file +
"' is undefined.");
}
}
for (i = 0; i < cert_index; i++)
{
if (ssl_ctx.objLoad(axtlsj.SSL_OBJ_X509_CERT,
cert[i], null) != axtlsj.SSL_OK)
{
throw new Exception("Certificate '" + cert[i] +
"' is undefined.");
}
}
for (i = 0; i < ca_cert_index; i++)
{
if (ssl_ctx.objLoad(axtlsj.SSL_OBJ_X509_CACERT,
ca_cert[i], null) != axtlsj.SSL_OK)
{
throw new Exception("Certificate '" + ca_cert[i] +
"' is undefined.");
}
}
SSL ssl = null;
/* Try session resumption? */
if (reconnect > 0)
{
while (reconnect-- > 0)
{
ssl = ssl_ctx.connect(client_sock, session_id);
if ((res = ssl.handshakeStatus()) != axtlsj.SSL_OK)
{
if (!quiet)
{
SSLUtil.displayError(res);
}
ssl.dispose();
throw new Exception();
}
display_session_id(ssl);
session_id = ssl.getSessionId();
if (reconnect > 0)
{
ssl.dispose();
client_sock.close();
/* and reconnect */
client_sock = new Socket(hostname, port);
}
}
}
else
{
ssl = ssl_ctx.connect(client_sock, null);
}
/* check the return status */
if ((res = ssl.handshakeStatus()) != axtlsj.SSL_OK)
{
if (!quiet)
{
SSLUtil.displayError(res);
}
throw new Exception();
}
if (!quiet)
{
String common_name =
ssl.getCertificateDN(axtlsj.SSL_X509_CERT_COMMON_NAME);
if (common_name != null)
{
System.out.println("Common Name:\t\t" + common_name);
}
display_session_id(ssl);
display_cipher(ssl);
}
BufferedReader in = new BufferedReader(
new InputStreamReader(System.in));
for (;;)
{
String user_input = in.readLine();
if (user_input == null)
break;
byte[] buf = new byte[user_input.length()+2];
buf[buf.length-2] = (byte)'\n'; /* add the carriage return */
buf[buf.length-1] = 0; /* null terminate */
for (i = 0; i < buf.length-2; i++)
{
buf[i] = (byte)user_input.charAt(i);
}
if ((res = ssl_ctx.write(ssl, buf)) < axtlsj.SSL_OK)
{
if (!quiet)
{
SSLUtil.displayError(res);
}
break;
}
}
ssl_ctx.dispose();
}
/**
* We've had some sort of command-line error. Print out the basic options.
*/
private void print_options(String option)
{
System.out.println("axssl: Error: '" + option +
"' is an invalid command.");
System.out.println("usage: axtlsj.jar [s_server|s_client|version] " +
"[args ...]");
System.exit(1);
}
/**
* We've had some sort of command-line error. Print out the server options.
*/
private void print_server_options(int build_mode, String option)
{
int cert_size = SSLUtil.maxCerts();
int ca_cert_size = SSLUtil.maxCACerts();
System.out.println("unknown option " + option);
System.out.println("usage: s_server [args ...]");
System.out.println(" -accept arg\t- port to accept on (default " +
"is 4433)");
System.out.println(" -quiet\t\t- No server output");
if (build_mode >= axtlsj.SSL_BUILD_SERVER_ONLY)
{
System.out.println(" -cert arg\t- certificate file to add (in " +
"addition to default) to chain -");
System.out.println("\t\t Can repeat up to " + cert_size + " times");
System.out.println(" -key arg\t- Private key file to use");
System.out.println(" -pass\t\t- private key file pass phrase source");
}
if (build_mode >= axtlsj.SSL_BUILD_ENABLE_VERIFICATION)
{
System.out.println(" -verify\t- turn on peer certificate " +
"verification");
System.out.println(" -CAfile arg\t- Certificate authority. ");
System.out.println("\t\t Can repeat up to " +
ca_cert_size + " times");
}
if (build_mode == axtlsj.SSL_BUILD_FULL_MODE)
{
System.out.println(" -debug\t\t- Print more output");
System.out.println(" -state\t\t- Show state messages");
System.out.println(" -show-rsa\t- Show RSA state");
}
System.exit(1);
}
/**
* We've had some sort of command-line error. Print out the client options.
*/
private void print_client_options(int build_mode, String option)
{
int cert_size = SSLUtil.maxCerts();
int ca_cert_size = SSLUtil.maxCACerts();
System.out.println("unknown option " + option);
if (build_mode >= axtlsj.SSL_BUILD_ENABLE_CLIENT)
{
System.out.println("usage: s_client [args ...]");
System.out.println(" -connect host:port - who to connect to " +
"(default is localhost:4433)");
System.out.println(" -verify\t- turn on peer certificate " +
"verification");
System.out.println(" -cert arg\t- certificate file to use");
System.out.println(" -key arg\t- Private key file to use");
System.out.println("\t\t Can repeat up to " + cert_size +
" times");
System.out.println(" -CAfile arg\t- Certificate authority.");
System.out.println("\t\t Can repeat up to " + ca_cert_size +
" times");
System.out.println(" -quiet\t\t- No client output");
System.out.println(" -pass\t\t- private key file pass " +
"phrase source");
System.out.println(" -reconnect\t- Drop and re-make the " +
"connection with the same Session-ID");
if (build_mode == axtlsj.SSL_BUILD_FULL_MODE)
{
System.out.println(" -debug\t\t- Print more output");
System.out.println(" -state\t\t- Show state messages");
System.out.println(" -show-rsa\t- Show RSA state");
}
}
else
{
System.out.println("Change configuration to allow this feature");
}
System.exit(1);
}
/**
* Display what cipher we are using
*/
private void display_cipher(SSL ssl)
{
System.out.print("CIPHER is ");
byte ciph_id = ssl.getCipherId();
if (ciph_id == axtlsj.SSL_AES128_SHA)
System.out.println("AES128-SHA");
else if (ciph_id == axtlsj.SSL_AES256_SHA)
System.out.println("AES256-SHA");
else if (ciph_id == axtlsj.SSL_RC4_128_SHA)
System.out.println("RC4-SHA");
else if (ciph_id == axtlsj.SSL_RC4_128_MD5)
System.out.println("RC4-MD5");
else
System.out.println("Unknown - " + ssl.getCipherId());
}
public char toHexChar(int i)
{
if ((0 <= i) && (i <= 9 ))
return (char)('0' + i);
else
return (char)('a' + (i-10));
}
public void bytesToHex(byte[] data)
{
StringBuffer buf = new StringBuffer();
for (int i = 0; i < data.length; i++ )
{
buf.append(toHexChar((data[i]>>>4)&0x0F));
buf.append(toHexChar(data[i]&0x0F));
}
System.out.println(buf);
}
/**
* Display what session id we have.
*/
private void display_session_id(SSL ssl)
{
byte[] session_id = ssl.getSessionId();
int i;
System.out.println("-----BEGIN SSL SESSION PARAMETERS-----");
bytesToHex(session_id);
System.out.println("-----END SSL SESSION PARAMETERS-----");
}
}

1
samples/java/manifest.mf Normal file
View File

@ -0,0 +1 @@
Main-Class: axssl