arduino/esp8266
1
0
Fork 0
mirror of https://github.com/esp8266/Arduino.git synced 2025-06-16 11:21:18 +03:00
Code Activity

final touches to 1.1.8

Browse Source 
git-svn-id: svn://svn.code.sf.net/p/axtls/code/trunk@147 9a5d90b5-6617-0410-8a86-bb477d3ed2e3
This commit is contained in:
cameronrich
2007-12-04 21:31:48 +00:00
parent 3cd0ded46d
commit bf4238d4e7
9 changed files with 60 additions and 77 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
samples/c/axssl.c
View File

@ -668,7 +668,7 @@ static void do_client(int argc, char *argv[])
SSL_X509_CERT_COMMON_NAME); SSL_X509_CERT_COMMON_NAME);
if (common_name) if (common_name)
{ {
printf("Common Name:\t\t%s\n", common_name); printf("Common Name:\t\t\t%s\n", common_name);
} }
display_session_id(ssl); display_session_id(ssl);

2
samples/csharp/axssl.cs
View File

@ -571,7 +571,7 @@ public class axssl
if (common_name != null) if (common_name != null)
{ {
Console.WriteLine("Common Name:\t\t" + common_name); Console.WriteLine("Common Name:\t\t\t" + common_name);
} }
display_session_id(ssl); display_session_id(ssl);

2
samples/java/axssl.java
View File

@ -562,7 +562,7 @@ public class axssl
if (common_name != null) if (common_name != null)
{ {
System.out.println("Common Name:\t\t" + common_name); System.out.println("Common Name:\t\t\t" + common_name);
} }
display_session_id(ssl); display_session_id(ssl);

2
samples/lua/axssl.lua
View File

@ -482,7 +482,7 @@ function do_client(build_mode)
axtlsl.SSL_X509_CERT_COMMON_NAME) axtlsl.SSL_X509_CERT_COMMON_NAME)
if common_name ~= nil then if common_name ~= nil then
print("Common Name:\t\t"..common_name) print("Common Name:\t\t\t"..common_name)
end end
display_session_id(ssl) display_session_id(ssl)

2
samples/perl/axssl.pl
View File

@ -470,7 +470,7 @@ sub do_client
my $common_name = axtlsp::ssl_get_cert_dn($ssl, my $common_name = axtlsp::ssl_get_cert_dn($ssl,
$axtlsp::SSL_X509_CERT_COMMON_NAME); $axtlsp::SSL_X509_CERT_COMMON_NAME);
printf("Common Name:\t\t%s\n", $common_name) if defined $common_name; printf("Common Name:\t\t\t%s\n", $common_name) if defined $common_name;
display_session_id($ssl); display_session_id($ssl);
display_cipher($ssl); display_cipher($ssl);
} }

3
samples/vbnet/axssl.vb
View File

@ -485,7 +485,8 @@ Public Class axssl
If common_name <> Nothing If common_name <> Nothing
Console.WriteLine("Common Name:" & _ Console.WriteLine("Common Name:" & _
ControlChars.Tab & ControlChars.Tab & common_name) ControlChars.Tab & ControlChars.Tab & _
ControlChars.Tab & common_name)
End If End If
display_session_id(ssl) display_session_id(ssl)

2
ssl/Config.in
View File

@ -180,7 +180,7 @@ config CONFIG_SSL_X509_ORGANIZATION_NAME
help help
The organization name for the generated X.509 certificate. The organization name for the generated X.509 certificate.
If this is blank, then $USERDOMAIN will be used. This field is optional.
config CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME config CONFIG_SSL_X509_ORGANIZATION_UNIT_NAME
string "X.509 Organization Unit Name" string "X.509 Organization Unit Name"

98
ssl/gen_cert.c
View File

@ -39,36 +39,6 @@
* Generate a basic X.509 certificate * Generate a basic X.509 certificate
*/ */
/* OBJECT IDENTIFIER sha1withRSAEncryption (1 2 840 113549 1 1 5) */
static const uint8_t sig_oid[] =
{
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05
};
/* OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) */
static const uint8_t rsa_enc_oid[] =
{
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01
};
/* INTEGER 65537 */
static const uint8_t pub_key_seq[] =
{
0x02, 0x03, 0x01, 0x00, 0x01
};
/* 0x00 + SEQUENCE {
SEQUENCE {
OBJECT IDENTIFIER sha1 (1 3 14 3 2 26)
NULL
}
OCTET STRING */
static const uint8_t asn1_sig[] =
{
0x30, 0x21, 0x30, 0x09, 0x06, 0x05, 0x2b, 0x0e, 0x03, 0x02,
0x1a, 0x05, 0x00, 0x04, 0x14
};
static uint8_t set_gen_length(int len, uint8_t *buf, int *offset) static uint8_t set_gen_length(int len, uint8_t *buf, int *offset)
{ {
if (len < 0x80) /* short form */ if (len < 0x80) /* short form */
@ -129,21 +99,23 @@ static void adjust_with_size(int seq_size, int seq_start,
static void gen_serial_number(uint8_t *buf, int *offset) static void gen_serial_number(uint8_t *buf, int *offset)
{ {
buf[(*offset)++] = ASN1_INTEGER; static const uint8_t ser_oid[] = { ASN1_INTEGER, 1, 0x7F };
buf[(*offset)++] = 1; memcpy(&buf[*offset], ser_oid , sizeof(ser_oid));
buf[(*offset)++] = 0x7F; *offset += sizeof(ser_oid);
} }
static void gen_signature_alg(uint8_t *buf, int *offset) static void gen_signature_alg(uint8_t *buf, int *offset)
{ {
buf[(*offset)++] = ASN1_SEQUENCE; /* OBJECT IDENTIFIER sha1withRSAEncryption (1 2 840 113549 1 1 5) */
set_gen_length(13, buf, offset); static const uint8_t sig_oid[] =
buf[(*offset)++] = ASN1_OID; {
set_gen_length(sizeof(sig_oid), buf, offset); ASN1_SEQUENCE, 0x0d, ASN1_OID, 0x09,
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x05,
ASN1_NULL, 0x00
};
memcpy(&buf[*offset], sig_oid, sizeof(sig_oid)); memcpy(&buf[*offset], sig_oid, sizeof(sig_oid));
*offset += sizeof(sig_oid); *offset += sizeof(sig_oid);
buf[(*offset)++] = ASN1_NULL;
buf[(*offset)++] = 0;
} }
static int gen_dn(const char *name, uint8_t dn_type, static int gen_dn(const char *name, uint8_t dn_type,
@ -193,18 +165,22 @@ static int gen_issuer(const char * dn[], uint8_t *buf, int *offset)
fqdn_len = strlen(fqdn); fqdn_len = strlen(fqdn);
fqdn[fqdn_len++] = '.'; fqdn[fqdn_len++] = '.';
getdomainname(&fqdn[fqdn_len], sizeof(fqdn)-fqdn_len); getdomainname(&fqdn[fqdn_len], sizeof(fqdn)-fqdn_len);
fqdn_len = strlen(fqdn);
if (fqdn[fqdn_len-1] == '.') /* ensure '.' is not last char */
fqdn[fqdn_len-1] = 0;
dn[X509_COMMON_NAME] = fqdn; dn[X509_COMMON_NAME] = fqdn;
} }
if ((ret = gen_dn(dn[X509_COMMON_NAME], 3, buf, offset))) if ((ret = gen_dn(dn[X509_COMMON_NAME], 3, buf, offset)))
goto error; goto error;
if (dn[X509_ORGANIZATION] == NULL || strlen(dn[X509_ORGANIZATION]) == 0) if (dn[X509_ORGANIZATION] != NULL && strlen(dn[X509_ORGANIZATION]) > 0)
dn[X509_ORGANIZATION] = getenv("USERDOMAIN"); {
if ((ret = gen_dn(dn[X509_ORGANIZATIONAL_UNIT], 10, buf, offset)))
if (dn[X509_ORGANIZATION] != NULL &&
((ret = gen_dn(dn[X509_ORGANIZATION], 10, buf, offset))))
goto error; goto error;
}
if (dn[X509_ORGANIZATIONAL_UNIT] != NULL && if (dn[X509_ORGANIZATIONAL_UNIT] != NULL &&
strlen(dn[X509_ORGANIZATIONAL_UNIT]) > 0) strlen(dn[X509_ORGANIZATIONAL_UNIT]) > 0)
@ -219,17 +195,17 @@ error:
return ret; return ret;
} }
static const uint8_t time_seq[] = static void gen_utc_time(uint8_t *buf, int *offset)
{ {
static const uint8_t time_seq[] =
{
ASN1_SEQUENCE, 30, ASN1_SEQUENCE, 30,
ASN1_UTC_TIME, 13, ASN1_UTC_TIME, 13,
'0', '7', '0', '1', '0', '1', '0', '0', '0', '0', '0', '0', 'Z', '0', '7', '0', '1', '0', '1', '0', '0', '0', '0', '0', '0', 'Z',
ASN1_UTC_TIME, 13, /* make it good for 30 or so years */ ASN1_UTC_TIME, 13, /* make it good for 30 or so years */
'3', '8', '0', '1', '0', '1', '0', '0', '0', '0', '0', '0', 'Z' '3', '8', '0', '1', '0', '1', '0', '0', '0', '0', '0', '0', 'Z'
}; };
static void gen_utc_time(uint8_t *buf, int *offset)
{
/* fixed time */ /* fixed time */
memcpy(&buf[*offset], time_seq, sizeof(time_seq)); memcpy(&buf[*offset], time_seq, sizeof(time_seq));
*offset += sizeof(time_seq); *offset += sizeof(time_seq);
@ -237,6 +213,11 @@ static void gen_utc_time(uint8_t *buf, int *offset)
static void gen_pub_key2(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset) static void gen_pub_key2(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset)
{ {
static const uint8_t pub_key_seq[] =
{
ASN1_INTEGER, 0x03, 0x01, 0x00, 0x01 /* INTEGER 65537 */
};
int seq_offset; int seq_offset;
int pub_key_size = rsa_ctx->num_octets; int pub_key_size = rsa_ctx->num_octets;
uint8_t *block = (uint8_t *)alloca(pub_key_size); uint8_t *block = (uint8_t *)alloca(pub_key_size);
@ -272,18 +253,20 @@ static void gen_pub_key1(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset)
static void gen_pub_key(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset) static void gen_pub_key(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset)
{ {
/* OBJECT IDENTIFIER rsaEncryption (1 2 840 113549 1 1 1) */
static const uint8_t rsa_enc_oid[] =
{
ASN1_SEQUENCE, 0x0d, ASN1_OID, 0x09,
0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x01, 0x01,
ASN1_NULL, 0x00
};
int seq_offset; int seq_offset;
int seq_size = pre_adjust_with_size( int seq_size = pre_adjust_with_size(
ASN1_SEQUENCE, &seq_offset, buf, offset); ASN1_SEQUENCE, &seq_offset, buf, offset);
buf[(*offset)++] = ASN1_SEQUENCE;
set_gen_length(13, buf, offset);
buf[(*offset)++] = ASN1_OID;
set_gen_length(sizeof(rsa_enc_oid), buf, offset);
memcpy(&buf[*offset], rsa_enc_oid, sizeof(rsa_enc_oid)); memcpy(&buf[*offset], rsa_enc_oid, sizeof(rsa_enc_oid));
*offset += sizeof(rsa_enc_oid); *offset += sizeof(rsa_enc_oid);
buf[(*offset)++] = ASN1_NULL;
buf[(*offset)++] = 0;
gen_pub_key1(rsa_ctx, buf, offset); gen_pub_key1(rsa_ctx, buf, offset);
adjust_with_size(seq_size, seq_offset, buf, offset); adjust_with_size(seq_size, seq_offset, buf, offset);
} }
@ -291,6 +274,13 @@ static void gen_pub_key(const RSA_CTX *rsa_ctx, uint8_t *buf, int *offset)
static void gen_signature(const RSA_CTX *rsa_ctx, const uint8_t *sha_dgst, static void gen_signature(const RSA_CTX *rsa_ctx, const uint8_t *sha_dgst,
uint8_t *buf, int *offset) uint8_t *buf, int *offset)
{ {
static const uint8_t asn1_sig[] =
{
ASN1_SEQUENCE, 0x21, ASN1_SEQUENCE, 0x09, ASN1_OID, 0x05,
0x2b, 0x0e, 0x03, 0x02, 0x1a, /* sha1 (1 3 14 3 2 26) */
ASN1_NULL, 0x00, ASN1_OCTET_STRING, 0x14
};
uint8_t *enc_block = (uint8_t *)alloca(rsa_ctx->num_octets); uint8_t *enc_block = (uint8_t *)alloca(rsa_ctx->num_octets);
uint8_t *block = (uint8_t *)alloca(sizeof(asn1_sig) + SHA1_SIZE); uint8_t *block = (uint8_t *)alloca(sizeof(asn1_sig) + SHA1_SIZE);
int sig_size; int sig_size;

12
ssl/x509.c
View File

@ -455,6 +455,8 @@ void x509_print(const X509_CTX *cert, CA_CERT_CTX *ca_cert_ctx)
{ {
x509_print(cert->next, ca_cert_ctx); x509_print(cert->next, ca_cert_ctx);
} }
TTY_FLUSH();
} }
const char * x509_display_error(int error) const char * x509_display_error(int error)
@ -463,43 +465,33 @@ const char * x509_display_error(int error)
{ {
case X509_NOT_OK: case X509_NOT_OK:
return "X509 not ok"; return "X509 not ok";
break;
case X509_VFY_ERROR_NO_TRUSTED_CERT: case X509_VFY_ERROR_NO_TRUSTED_CERT:
return "No trusted cert is available"; return "No trusted cert is available";
break;
case X509_VFY_ERROR_BAD_SIGNATURE: case X509_VFY_ERROR_BAD_SIGNATURE:
return "Bad signature"; return "Bad signature";
break;
case X509_VFY_ERROR_NOT_YET_VALID: case X509_VFY_ERROR_NOT_YET_VALID:
return "Cert is not yet valid"; return "Cert is not yet valid";
break;
case X509_VFY_ERROR_EXPIRED: case X509_VFY_ERROR_EXPIRED:
return "Cert has expired"; return "Cert has expired";
break;
case X509_VFY_ERROR_SELF_SIGNED: case X509_VFY_ERROR_SELF_SIGNED:
return "Cert is self-signed"; return "Cert is self-signed";
break;
case X509_VFY_ERROR_INVALID_CHAIN: case X509_VFY_ERROR_INVALID_CHAIN:
return "Chain is invalid (check order of certs)"; return "Chain is invalid (check order of certs)";
break;
case X509_VFY_ERROR_UNSUPPORTED_DIGEST: case X509_VFY_ERROR_UNSUPPORTED_DIGEST:
return "Unsupported digest"; return "Unsupported digest";
break;
case X509_INVALID_PRIV_KEY: case X509_INVALID_PRIV_KEY:
return "Invalid private key"; return "Invalid private key";
break;
default: default:
return "Unknown"; return "Unknown";
break;
} }
} }
#endif /* CONFIG_SSL_FULL_MODE */ #endif /* CONFIG_SSL_FULL_MODE */