summaryrefslogtreecommitdiff
path: root/ccast/axTLS
diff options
context:
space:
mode:
authorJörg Frings-Fürst <debian@jff-webhosting.net>2017-12-01 10:32:14 +0100
committerJörg Frings-Fürst <debian@jff-webhosting.net>2017-12-01 10:32:14 +0100
commit4097e27114d227692d53c5d28487e12a3833cd24 (patch)
treed5c2a62c4db97de94f92150340612c64d3997669 /ccast/axTLS
parentf8a0a4e1c775a90c313cb83201eec4cea4e9a7da (diff)
parent5514d94483c98e3320b202b1bb882023a7d12027 (diff)
Merge branch 'feature/upstream' into develop
Diffstat (limited to 'ccast/axTLS')
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/Jamfile2
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/aes.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/asn1.c34
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/axTLS_config.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/axTLS_version.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/bigint.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/bigint.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/bigint_impl.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/cert.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/crypto.h1
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/crypto_misc.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/crypto_misc.h2
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/gen_cert.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/hmac.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/loader.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/md2.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/md5.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/openssl.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/os_int.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/os_port.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/os_port.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/p12.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/private_key.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/rc4.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/rsa.c44
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/sha1.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/ssl.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/temp0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/tls1.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/tls1.h0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/tls1_clnt.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/tls1_svr.c0
-rwxr-xr-x[-rw-r--r--]ccast/axTLS/x509.c0
33 files changed, 82 insertions, 1 deletions
diff --git a/ccast/axTLS/Jamfile b/ccast/axTLS/Jamfile
index 9a8aff4..5466680 100644..100755
--- a/ccast/axTLS/Jamfile
+++ b/ccast/axTLS/Jamfile
@@ -13,7 +13,7 @@ if $(NT) {
}
}
-# tiff library
+# axTLS library
LIBSRCS =
aes.c
asn1.c
diff --git a/ccast/axTLS/aes.c b/ccast/axTLS/aes.c
index 9b07e27..9b07e27 100644..100755
--- a/ccast/axTLS/aes.c
+++ b/ccast/axTLS/aes.c
diff --git a/ccast/axTLS/asn1.c b/ccast/axTLS/asn1.c
index b082275..b5e678e 100644..100755
--- a/ccast/axTLS/asn1.c
+++ b/ccast/axTLS/asn1.c
@@ -201,6 +201,40 @@ int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx)
}
/**
+ * Read the modulus and public exponent of an RSA certificate.
+ */
+int asn1_get_public_key(const uint8_t *cert, int *offset, RSA_CTX **rsa_ctx)
+{
+ int ret = X509_NOT_OK, mod_len, pub_len;
+ uint8_t *modulus = NULL, *pub_exp = NULL;
+ int len;
+
+ /* Hmm. Not checking that the two ints are within the squence ... */
+ if ((len = asn1_next_obj(cert, offset, ASN1_SEQUENCE)) < 0)
+ goto end_pub_key;
+
+ if ((mod_len = asn1_get_int(cert, offset, &modulus)) <= 0) {
+ ret = X509_INVALID_PUB_KEY;
+ goto end_pub_key;
+ }
+ if ((pub_len = asn1_get_int(cert, offset, &pub_exp)) <= 0) {
+ free(modulus);
+ ret = X509_INVALID_PUB_KEY;
+ goto end_pub_key;
+ }
+
+ RSA_pub_key_new(rsa_ctx, modulus, mod_len, pub_exp, pub_len);
+
+ free(modulus);
+ free(pub_exp);
+
+ ret = X509_OK;
+
+end_pub_key:
+ return ret;
+}
+
+/**
* Get the time of a certificate. Ignore hours/minutes/seconds.
*/
static int asn1_get_utc_time(const uint8_t *buf, int *offset, time_t *t)
diff --git a/ccast/axTLS/axTLS_config.h b/ccast/axTLS/axTLS_config.h
index ffda4e3..ffda4e3 100644..100755
--- a/ccast/axTLS/axTLS_config.h
+++ b/ccast/axTLS/axTLS_config.h
diff --git a/ccast/axTLS/axTLS_version.h b/ccast/axTLS/axTLS_version.h
index e8158cc..e8158cc 100644..100755
--- a/ccast/axTLS/axTLS_version.h
+++ b/ccast/axTLS/axTLS_version.h
diff --git a/ccast/axTLS/bigint.c b/ccast/axTLS/bigint.c
index e9ca04c..e9ca04c 100644..100755
--- a/ccast/axTLS/bigint.c
+++ b/ccast/axTLS/bigint.c
diff --git a/ccast/axTLS/bigint.h b/ccast/axTLS/bigint.h
index 2966a3e..2966a3e 100644..100755
--- a/ccast/axTLS/bigint.h
+++ b/ccast/axTLS/bigint.h
diff --git a/ccast/axTLS/bigint_impl.h b/ccast/axTLS/bigint_impl.h
index 820620d..820620d 100644..100755
--- a/ccast/axTLS/bigint_impl.h
+++ b/ccast/axTLS/bigint_impl.h
diff --git a/ccast/axTLS/cert.h b/ccast/axTLS/cert.h
index 30c7b65..30c7b65 100644..100755
--- a/ccast/axTLS/cert.h
+++ b/ccast/axTLS/cert.h
diff --git a/ccast/axTLS/crypto.h b/ccast/axTLS/crypto.h
index bf2c187..904000d 100644..100755
--- a/ccast/axTLS/crypto.h
+++ b/ccast/axTLS/crypto.h
@@ -204,6 +204,7 @@ void RSA_pub_key_new(RSA_CTX **rsa_ctx,
void RSA_free(RSA_CTX *ctx);
int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data,
int is_decryption);
+int RSA_decrypt2(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data);
bigint *RSA_private(const RSA_CTX *c, bigint *bi_msg);
#if defined(CONFIG_SSL_CERT_VERIFICATION) || defined(CONFIG_SSL_GENERATE_X509_CERT)
bigint *RSA_sign_verify(BI_CTX *ctx, const uint8_t *sig, int sig_len,
diff --git a/ccast/axTLS/crypto_misc.c b/ccast/axTLS/crypto_misc.c
index f43fd04..f43fd04 100644..100755
--- a/ccast/axTLS/crypto_misc.c
+++ b/ccast/axTLS/crypto_misc.c
diff --git a/ccast/axTLS/crypto_misc.h b/ccast/axTLS/crypto_misc.h
index acb5c73..d1c843c 100644..100755
--- a/ccast/axTLS/crypto_misc.h
+++ b/ccast/axTLS/crypto_misc.h
@@ -55,6 +55,7 @@ extern "C" {
#define X509_VFY_ERROR_INVALID_CHAIN -7
#define X509_VFY_ERROR_UNSUPPORTED_DIGEST -8
#define X509_INVALID_PRIV_KEY -9
+#define X509_INVALID_PUB_KEY -10
/*
* The Distinguished Name
@@ -128,6 +129,7 @@ const char * x509_display_error(int error);
int get_asn1_length(const uint8_t *buf, int *offset);
int asn1_get_private_key(const uint8_t *buf, int len, RSA_CTX **rsa_ctx);
+int asn1_get_public_key(const uint8_t *cert, int *offset, RSA_CTX **rsa_ctx);
int asn1_next_obj(const uint8_t *buf, int *offset, int obj_type);
int asn1_skip_obj(const uint8_t *buf, int *offset, int obj_type);
int asn1_get_int(const uint8_t *buf, int *offset, uint8_t **object);
diff --git a/ccast/axTLS/gen_cert.c b/ccast/axTLS/gen_cert.c
index fa22c4e..fa22c4e 100644..100755
--- a/ccast/axTLS/gen_cert.c
+++ b/ccast/axTLS/gen_cert.c
diff --git a/ccast/axTLS/hmac.c b/ccast/axTLS/hmac.c
index 24a04d7..24a04d7 100644..100755
--- a/ccast/axTLS/hmac.c
+++ b/ccast/axTLS/hmac.c
diff --git a/ccast/axTLS/loader.c b/ccast/axTLS/loader.c
index 92167be..92167be 100644..100755
--- a/ccast/axTLS/loader.c
+++ b/ccast/axTLS/loader.c
diff --git a/ccast/axTLS/md2.c b/ccast/axTLS/md2.c
index dee909a..dee909a 100644..100755
--- a/ccast/axTLS/md2.c
+++ b/ccast/axTLS/md2.c
diff --git a/ccast/axTLS/md5.c b/ccast/axTLS/md5.c
index 7f50713..7f50713 100644..100755
--- a/ccast/axTLS/md5.c
+++ b/ccast/axTLS/md5.c
diff --git a/ccast/axTLS/openssl.c b/ccast/axTLS/openssl.c
index e3f8972..e3f8972 100644..100755
--- a/ccast/axTLS/openssl.c
+++ b/ccast/axTLS/openssl.c
diff --git a/ccast/axTLS/os_int.h b/ccast/axTLS/os_int.h
index 8ae5878..8ae5878 100644..100755
--- a/ccast/axTLS/os_int.h
+++ b/ccast/axTLS/os_int.h
diff --git a/ccast/axTLS/os_port.c b/ccast/axTLS/os_port.c
index 0bb74f8..0bb74f8 100644..100755
--- a/ccast/axTLS/os_port.c
+++ b/ccast/axTLS/os_port.c
diff --git a/ccast/axTLS/os_port.h b/ccast/axTLS/os_port.h
index 8ede75a..8ede75a 100644..100755
--- a/ccast/axTLS/os_port.h
+++ b/ccast/axTLS/os_port.h
diff --git a/ccast/axTLS/p12.c b/ccast/axTLS/p12.c
index 2bafaf7..2bafaf7 100644..100755
--- a/ccast/axTLS/p12.c
+++ b/ccast/axTLS/p12.c
diff --git a/ccast/axTLS/private_key.h b/ccast/axTLS/private_key.h
index ce7985c..ce7985c 100644..100755
--- a/ccast/axTLS/private_key.h
+++ b/ccast/axTLS/private_key.h
diff --git a/ccast/axTLS/rc4.c b/ccast/axTLS/rc4.c
index 12a1211..12a1211 100644..100755
--- a/ccast/axTLS/rc4.c
+++ b/ccast/axTLS/rc4.c
diff --git a/ccast/axTLS/rsa.c b/ccast/axTLS/rsa.c
index e707f2b..14948eb 100644..100755
--- a/ccast/axTLS/rsa.c
+++ b/ccast/axTLS/rsa.c
@@ -188,6 +188,50 @@ int RSA_decrypt(const RSA_CTX *ctx, const uint8_t *in_data,
}
/**
+ * @brief Use PKCS1.5 for decryption.
+ * @param ctx [in] The context
+ * @param in_data [in] The data to encrypt
+ * @param out_data [out] The decrypted data.
+ * @return The number of bytes that were originally encrypted. -1 on error.
+ */
+int RSA_decrypt2(const RSA_CTX *ctx, const uint8_t *in_data, uint8_t *out_data)
+{
+ const int byte_size = ctx->num_octets;
+ int i, size;
+ bigint *decrypted_bi, *dat_bi;
+ uint8_t *block = (uint8_t *)malloc(byte_size);
+
+ /* decrypt */
+ dat_bi = bi_import(ctx->bi_ctx, in_data, byte_size);
+
+ decrypted_bi = RSA_public(ctx, dat_bi); /* Frees dat_bi and exponent ? */
+
+ /* convert to a normal block (frees decrypted_bi) */
+ bi_export(ctx->bi_ctx, decrypted_bi, block, byte_size);
+
+
+ /* We assume this is padded with "0001ff....ff00" */
+ i = 2;
+ while (block[i++] == 0xff && i < byte_size)
+ ;
+
+ /* Skip last 0x00 */
+ if (i < byte_size && block[i] == 0x00)
+ i++;
+
+ size = byte_size - i;
+
+ /* get only the bit we want */
+ if (size > 0) {
+ memcpy(out_data, &block[i], size);
+ }
+
+ free(block);
+
+ return size ? size : -1;
+}
+
+/**
* Performs m = c^d mod n
*/
bigint *RSA_private(const RSA_CTX *c, bigint *bi_msg)
diff --git a/ccast/axTLS/sha1.c b/ccast/axTLS/sha1.c
index 1082733..1082733 100644..100755
--- a/ccast/axTLS/sha1.c
+++ b/ccast/axTLS/sha1.c
diff --git a/ccast/axTLS/ssl.h b/ccast/axTLS/ssl.h
index 3f001da..3f001da 100644..100755
--- a/ccast/axTLS/ssl.h
+++ b/ccast/axTLS/ssl.h
diff --git a/ccast/axTLS/temp b/ccast/axTLS/temp
index 859e8be..859e8be 100644..100755
--- a/ccast/axTLS/temp
+++ b/ccast/axTLS/temp
diff --git a/ccast/axTLS/tls1.c b/ccast/axTLS/tls1.c
index d8ce892..d8ce892 100644..100755
--- a/ccast/axTLS/tls1.c
+++ b/ccast/axTLS/tls1.c
diff --git a/ccast/axTLS/tls1.h b/ccast/axTLS/tls1.h
index 14c6382..14c6382 100644..100755
--- a/ccast/axTLS/tls1.h
+++ b/ccast/axTLS/tls1.h
diff --git a/ccast/axTLS/tls1_clnt.c b/ccast/axTLS/tls1_clnt.c
index cb8b990..cb8b990 100644..100755
--- a/ccast/axTLS/tls1_clnt.c
+++ b/ccast/axTLS/tls1_clnt.c
diff --git a/ccast/axTLS/tls1_svr.c b/ccast/axTLS/tls1_svr.c
index 51c9d76..51c9d76 100644..100755
--- a/ccast/axTLS/tls1_svr.c
+++ b/ccast/axTLS/tls1_svr.c
diff --git a/ccast/axTLS/x509.c b/ccast/axTLS/x509.c
index c2ca49f..c2ca49f 100644..100755
--- a/ccast/axTLS/x509.c
+++ b/ccast/axTLS/x509.c