arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-07-30 16:24:09 +03:00
Code Activity

* Added SHA256

Browse Source 
* Return code checked for get_random()
* MD2 code removed.

git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@238 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich
2014-11-19 03:51:22 +00:00
parent 9ef84f9234
commit 82a7638efa
15 changed files with 531 additions and 288 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
ssl/test/camster_duckdns_org.crt Normal file
View File

@ -0,0 +1,31 @@
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIQRKGXkBbin0Hge3vNu4Z04TANBgkqhkiG9w0BAQsFADCB
kDELMAkGA1UEBhMCR0IxGzAZBgNVBAgTEkdyZWF0ZXIgTWFuY2hlc3RlcjEQMA4G
A1UEBxMHU2FsZm9yZDEaMBgGA1UEChMRQ09NT0RPIENBIExpbWl0ZWQxNjA0BgNV
BAMTLUNPTU9ETyBSU0EgRG9tYWluIFZhbGlkYXRpb24gU2VjdXJlIFNlcnZlciBD
QTAeFw0xNDExMTIwMDAwMDBaFw0xNzExMTEyMzU5NTlaMFcxITAfBgNVBAsTGERv
bWFpbiBDb250cm9sIFZhbGlkYXRlZDEUMBIGA1UECxMLUG9zaXRpdmVTU0wxHDAa
BgNVBAMTE2NhbXN0ZXIuZHVja2Rucy5vcmcwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCvKi9/3GOq1pqgnIQR2hTxr1kv17pUzpQeAVOZVCd/q6KbMrsw
ayPj41hJd+EVtu6DV8Zd/Rxv4P6i2HTRWev9aE2+vFfTmhIZG0HUZqs3Fbq6yONn
ox8d7Dsu/vwIkyaIE9mMAYYr81bX86v8cmvCHatCO/lluwUqjnXUjYpMOpTopHjC
hNzUe63ZtUDVmXfTBHneO5GLZqhQSSX7rd33cJzkojGCoPSFP5TUhN5WGyRi+xa2
bD+Q5xXlC4f/WVXiZxGiGPrWIpQBO5Y5o33S6Vo2ck9Bvg2g1atsR02m+yARtmH3
+IDlvg7DeyLL3AXgUwDNHnRb0t9LVDXcYOJnAgMBAAGjggHpMIIB5TAfBgNVHSME
GDAWgBSQr2o6lFoL2JDqElZz30O0Oija5zAdBgNVHQ4EFgQUGNRX8FYKZUYa1F4+
L7nyHOn3ArcwDgYDVR0PAQH/BAQDAgWgMAwGA1UdEwEB/wQCMAAwHQYDVR0lBBYw
FAYIKwYBBQUHAwEGCCsGAQUFBwMCME8GA1UdIARIMEYwOgYLKwYBBAGyMQECAgcw
KzApBggrBgEFBQcCARYdaHR0cHM6Ly9zZWN1cmUuY29tb2RvLmNvbS9DUFMwCAYG
Z4EMAQIBMFQGA1UdHwRNMEswSaBHoEWGQ2h0dHA6Ly9jcmwuY29tb2RvY2EuY29t
L0NPTU9ET1JTQURvbWFpblZhbGlkYXRpb25TZWN1cmVTZXJ2ZXJDQS5jcmwwgYUG
CCsGAQUFBwEBBHkwdzBPBggrBgEFBQcwAoZDaHR0cDovL2NydC5jb21vZG9jYS5j
b20vQ09NT0RPUlNBRG9tYWluVmFsaWRhdGlvblNlY3VyZVNlcnZlckNBLmNydDAk
BggrBgEFBQcwAYYYaHR0cDovL29jc3AuY29tb2RvY2EuY29tMDcGA1UdEQQwMC6C
E2NhbXN0ZXIuZHVja2Rucy5vcmeCF3d3dy5jYW1zdGVyLmR1Y2tkbnMub3JnMA0G
CSqGSIb3DQEBCwUAA4IBAQBpfJIXHPyoxbXlS1Jy5V4oDpDR+vKRIXXUPDp6GlmK
6w8W7M536W7JamLrT8wbA04hKgtjQkXD8pXZPFHBNJ92Lza5fKB/KiIlObz386lK
Z9AVc10TwWlkZlFYhYVhQ+kpTtcUUdj5QI2org81s9XQoSViVOM8cxIuYk/er20g
jY3Nvdbjg4dtakH1nsITGMYLN+wJglSAq1QGSQ76fLyYhMfF25nNjPYP96SFf1Dd
XinknP2tED6ukzIgfkimlyn2/XIbnz4Xry8ouq4x/cPd8MOcffWt1QWlGIel5B8i
I1vtVHceHSsHjnnNPSkXIn0/lpc5vzVZ+bw9yLt+Lvc6
-----END CERTIFICATE-----

224
ssl/test/ssltest.c
View File

@ -1,5 +1,5 @@
/*
* Copyright (c) 2007, Cameron Rich
* Copyright (c) 2007-2014, Cameron Rich
*
* All rights reserved.
*
@ -302,6 +302,60 @@ end:
return res;
}
/**************************************************************************
* SHA256 tests
*
* Run through a couple of the SHA-2 tests to verify that SHA256 is correct.
**************************************************************************/
static int SHA256_test(BI_CTX *bi_ctx)
{
SHA256_CTX ctx;
uint8_t ct[SHA256_SIZE];
uint8_t digest[SHA256_SIZE];
int res = 1;
{
const char *in_str = "abc";
bigint *ct_bi = bi_str_import(bi_ctx,
"BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD");
bi_export(bi_ctx, ct_bi, ct, SHA256_SIZE);
SHA256_Init(&ctx);
SHA256_Update(&ctx, (const uint8_t *)in_str, strlen(in_str));
SHA256_Final(digest, &ctx);
if (memcmp(digest, ct, sizeof(ct)))
{
printf("Error: SHA256 # failed\n");
goto end;
}
}
{
const char *in_str =
"abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq";
bigint *ct_bi = bi_str_import(bi_ctx,
"248D6A61D20638B8E5C026930C3E6039A33CE45964FF2167F6ECEDD419DB06C1");
bi_export(bi_ctx, ct_bi, ct, SHA256_SIZE);
SHA256_Init(&ctx);
SHA256_Update(&ctx, (const uint8_t *)in_str, strlen(in_str));
SHA256_Final(digest, &ctx);
if (memcmp(digest, ct, sizeof(ct)))
{
printf("Error: SHA256 #2 failed\n");
goto end;
}
}
res = 0;
printf("All SHA256 tests passed\n");
end:
return res;
}
/**************************************************************************
* MD5 tests
*
@ -521,6 +575,8 @@ static int RSA_test(void)
int len;
uint8_t *buf;
RNG_initialize();
/* extract the private key elements */
len = get_file("../ssl/test/axTLS.key_1024", &buf);
if (asn1_get_private_key(buf, len, &rsa_ctx) < 0)
@ -547,11 +603,16 @@ static int RSA_test(void)
goto end;
}
RSA_encrypt(rsa_ctx, (const uint8_t *)"abc", 3, enc_data2, 0);
if (RSA_encrypt(rsa_ctx, (const uint8_t *)"abc", 3, enc_data2, 0) < 0)
{
printf("Error: ENCRYPT #2 failed\n");
goto end;
}
RSA_decrypt(rsa_ctx, enc_data2, dec_data2, sizeof(dec_data2), 1);
if (memcmp("abc", dec_data2, 3))
{
printf("Error: ENCRYPT/DECRYPT #2 failed\n");
printf("Error: DECRYPT #2 failed\n");
goto end;
}
@ -560,6 +621,7 @@ static int RSA_test(void)
printf("All RSA tests passed\n");
end:
RNG_terminate();
return res;
}
@ -648,8 +710,8 @@ static int cert_tests(void)
free(buf);
ssl_ctx = ssl_ctx_new(0, 0);
len = get_file("../ssl/test/verisign.x509_ca", &buf);
if ((res = add_cert_auth(ssl_ctx, buf, len)) <0)
if ((res = ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CERT,
"../ssl/test/camster_duckdns_org.crt", NULL)) != SSL_OK)
{
printf("Cert #7\n");
ssl_display_error(res);
@ -657,23 +719,12 @@ static int cert_tests(void)
}
ssl_ctx_free(ssl_ctx);
free(buf);
if (get_file("../ssl/test/verisign.x509_my_cert", &buf) < 0 ||
x509_new(buf, &len, &x509_ctx))
{
printf("Cert #8\n");
ssl_display_error(res);
goto bad_cert;
}
x509_free(x509_ctx);
free(buf);
ssl_ctx = ssl_ctx_new(0, 0);
if ((res = ssl_obj_load(ssl_ctx,
SSL_OBJ_X509_CERT, "../ssl/test/ms_iis.cer", NULL)) != SSL_OK)
{
printf("Cert #9\n");
ssl_display_error(res);
goto bad_cert;
}
@ -683,14 +734,14 @@ static int cert_tests(void)
if (get_file("../ssl/test/qualityssl.com.der", &buf) < 0 ||
x509_new(buf, &len, &x509_ctx))
{
printf("Cert #9\n");
printf("Cert #10\n");
res = -1;
goto bad_cert;
}
if (strcmp(x509_ctx->subject_alt_dnsnames[1], "qualityssl.com"))
{
printf("Cert #9 (2)\n");
printf("Cert #11\n");
res = -1;
goto bad_cert;
}
@ -701,7 +752,7 @@ static int cert_tests(void)
if (ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CACERT,
"../ssl/test/ca-bundle.crt", NULL))
{
printf("Cert #10\n");
printf("Cert #12\n");
goto bad_cert;
}
@ -2061,64 +2112,64 @@ error:
* Header issue
*
**************************************************************************/
static void do_header_issue(void)
{
char axtls_buf[2048];
#ifndef WIN32
pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, NULL);
#endif
sprintf(axtls_buf, "./axssl s_client -connect localhost:%d", g_port);
SYSTEM(axtls_buf);
}
static int header_issue(void)
{
FILE *f = fopen("../ssl/test/header_issue.dat", "r");
int server_fd = -1, client_fd = -1, ret = 1;
uint8_t buf[2048];
int size = 0;
struct sockaddr_in client_addr;
socklen_t clnt_len = sizeof(client_addr);
#ifndef WIN32
pthread_t thread;
#endif
if (f == NULL || (server_fd = server_socket_init(&g_port)) < 0)
goto error;
#ifndef WIN32
pthread_create(&thread, NULL,
(void *(*)(void *))do_header_issue, NULL);
pthread_detach(thread);
#else
CreateThread(NULL, 1024, (LPTHREAD_START_ROUTINE)do_header_issue,
NULL, 0, NULL);
#endif
if ((client_fd = accept(server_fd,
(struct sockaddr *) &client_addr, &clnt_len)) < 0)
{
ret = SSL_ERROR_SOCK_SETUP_FAILURE;
goto error;
}
size = fread(buf, 1, sizeof(buf), f);
if (SOCKET_WRITE(client_fd, buf, size) < 0)
{
ret = SSL_ERROR_SOCK_SETUP_FAILURE;
goto error;
}
usleep(200000);
ret = 0;
error:
fclose(f);
SOCKET_CLOSE(client_fd);
SOCKET_CLOSE(server_fd);
TTY_FLUSH();
SYSTEM("killall axssl");
return ret;
}
//static void do_header_issue(void)
//{
// char axtls_buf[2048];
//#ifndef WIN32
// pthread_setcanceltype(PTHREAD_CANCEL_ASYNCHRONOUS, NULL);
//#endif
// sprintf(axtls_buf, "./axssl s_client -connect localhost:%d", g_port);
// SYSTEM(axtls_buf);
//}
//
//static int header_issue(void)
//{
// FILE *f = fopen("../ssl/test/header_issue.dat", "r");
// int server_fd = -1, client_fd = -1, ret = 1;
// uint8_t buf[2048];
// int size = 0;
// struct sockaddr_in client_addr;
// socklen_t clnt_len = sizeof(client_addr);
//#ifndef WIN32
// pthread_t thread;
//#endif
//
// if (f == NULL || (server_fd = server_socket_init(&g_port)) < 0)
// goto error;
//
//#ifndef WIN32
// pthread_create(&thread, NULL,
// (void *(*)(void *))do_header_issue, NULL);
// pthread_detach(thread);
//#else
// CreateThread(NULL, 1024, (LPTHREAD_START_ROUTINE)do_header_issue,
// NULL, 0, NULL);
//#endif
// if ((client_fd = accept(server_fd,
// (struct sockaddr *) &client_addr, &clnt_len)) < 0)
// {
// ret = SSL_ERROR_SOCK_SETUP_FAILURE;
// goto error;
// }
//
// size = fread(buf, 1, sizeof(buf), f);
// if (SOCKET_WRITE(client_fd, buf, size) < 0)
// {
// ret = SSL_ERROR_SOCK_SETUP_FAILURE;
// goto error;
// }
//
// usleep(200000);
//
// ret = 0;
//error:
// fclose(f);
// SOCKET_CLOSE(client_fd);
// SOCKET_CLOSE(server_fd);
// TTY_FLUSH();
// SYSTEM("killall axssl");
// return ret;
//}
/**************************************************************************
* main()
@ -2178,6 +2229,13 @@ int main(int argc, char *argv[])
}
TTY_FLUSH();
if (SHA256_test(bi_ctx))
{
printf("SHA256 tests failed\n");
goto cleanup;
}
TTY_FLUSH();
if (HMAC_test(bi_ctx))
{
printf("HMAC tests failed\n");
@ -2234,11 +2292,11 @@ int main(int argc, char *argv[])
SYSTEM("sh ../ssl/test/killopenssl.sh");
if (header_issue())
{
printf("Header tests failed\n"); TTY_FLUSH();
goto cleanup;
}
// if (header_issue())
// {
// printf("Header tests failed\n"); TTY_FLUSH();
// goto cleanup;
// }
ret = 0; /* all ok */
printf("**** ALL TESTS PASSED ****\n"); TTY_FLUSH();

BIN
ssl/test/verisign.x509_ca
View File

Binary file not shown.

BIN
ssl/test/verisign.x509_my_cert
View File

Binary file not shown.