static inline int iobuf_ssl_setup(IOBuf *buf) { int rc = 0; buf->use_ssl = 1; buf->handshake_performed = 0; rc = ssl_init(&buf->ssl); check(rc == 0, "Failed to initialize SSL structure."); ssl_set_endpoint(&buf->ssl, SSL_IS_SERVER); ssl_set_authmode(&buf->ssl, IO_SSL_VERIFY_METHOD); havege_init(&buf->hs); ssl_set_rng(&buf->ssl, havege_rand, &buf->hs); #ifndef DEBUG ssl_set_dbg(&buf->ssl, ssl_debug, NULL); #endif ssl_set_bio(&buf->ssl, ssl_fdrecv_wrapper, buf, ssl_fdsend_wrapper, buf); ssl_set_session(&buf->ssl, 1, 0, &buf->ssn); ssl_set_scb(&buf->ssl, simple_get_session, simple_set_session); memset(&buf->ssn, 0, sizeof(buf->ssn)); return 0; error: return -1; }
unsigned char * mk_session_key(uint32_t * len) { // We will generate it completely at random, // which may not be the best idea (see weak keys // for GCM mode). int i; unsigned char * key; if (!HSinitted) { havege_init(&HS); HSinitted++; } key = malloc(4 * sizeof(int)); if (key == NULL) return NULL; for (i = 0; i < 4; i++) { ((int*) key)[i] = havege_rand(&HS); } *len = 4 * sizeof(uint32_t); return key; }
result_t crypto_base::randomBytes(int32_t size, obj_ptr<Buffer_base> &retVal, exlib::AsyncEvent *ac) { if (!ac) return CHECK_ERROR(CALL_E_NOSYNC); time_t t; int i, ret; havege_state hs; unsigned char buf[1024]; std::string strBuf; strBuf.resize(size); havege_init(&hs); t = time(NULL); for (i = 0; i < size; i += sizeof(buf)) { ret = havege_random(&hs, buf, sizeof(buf)); if (ret != 0) return CHECK_ERROR(_ssl::setError(ret)); memcpy(&strBuf[i], buf, size - i > (int)sizeof(buf) ? (int)sizeof(buf) : size - i); } if (t == time(NULL)) t--; retVal = new Buffer(strBuf); return 0; }
void entropy_init( entropy_context *ctx ) { memset( ctx, 0, sizeof(entropy_context) ); #if defined(POLARSSL_THREADING_C) polarssl_mutex_init( &ctx->mutex ); #endif #if defined(POLARSSL_ENTROPY_SHA512_ACCUMULATOR) sha512_starts( &ctx->accumulator, 0 ); #else sha256_starts( &ctx->accumulator, 0 ); #endif #if defined(POLARSSL_HAVEGE_C) havege_init( &ctx->havege_data ); #endif #if !defined(POLARSSL_NO_DEFAULT_ENTROPY_SOURCES) #if !defined(POLARSSL_NO_PLATFORM_ENTROPY) entropy_add_source( ctx, platform_entropy_poll, NULL, ENTROPY_MIN_PLATFORM ); #endif #if defined(POLARSSL_TIMING_C) entropy_add_source( ctx, hardclock_poll, NULL, ENTROPY_MIN_HARDCLOCK ); #endif #if defined(POLARSSL_HAVEGE_C) entropy_add_source( ctx, havege_poll, &ctx->havege_data, ENTROPY_MIN_HAVEGE ); #endif #endif /* POLARSSL_NO_DEFAULT_ENTROPY_SOURCES */ }
IOBuf *IOBuf_create(size_t len, int fd, IOBufType type) { IOBuf *buf = h_calloc(sizeof(IOBuf), 1); check_mem(buf); buf->fd = fd; buf->len = len; buf->buf = h_malloc(len + 1); check_mem(buf->buf); hattach(buf->buf, buf); buf->type = type; if(type == IOBUF_SSL) { buf->use_ssl = 1; buf->handshake_performed = 0; ssl_init(&buf->ssl); ssl_set_endpoint(&buf->ssl, SSL_IS_SERVER); ssl_set_authmode(&buf->ssl, SSL_VERIFY_NONE); havege_init(&buf->hs); ssl_set_rng(&buf->ssl, havege_rand, &buf->hs); ssl_set_dbg(&buf->ssl, ssl_debug, NULL); ssl_set_bio(&buf->ssl, ssl_fdrecv_wrapper, buf, ssl_fdsend_wrapper, buf); ssl_set_session(&buf->ssl, 1, 0, &buf->ssn); memset(&buf->ssn, 0, sizeof(buf->ssn)); buf->send = ssl_send; buf->recv = ssl_recv; buf->stream_file = ssl_stream_file; } else if(type == IOBUF_NULL) { buf->send = null_send; buf->recv = null_recv; buf->stream_file = null_stream_file; } else if(type == IOBUF_FILE) { buf->send = file_send; buf->recv = file_recv; buf->stream_file = plain_stream_file; } else if(type == IOBUF_SOCKET) { buf->send = plaintext_send; buf->recv = plaintext_recv; buf->stream_file = plain_stream_file; } else { sentinel("Invalid IOBufType given: %d", type); } return buf; error: if(buf) h_free(buf); return NULL; }
Config* getRemoteConfig() { if(config == NULL) { config = new Config(); havege_init(&(config->havegeState)); config->load(getPluginConfigPath()); } return config; }
bool ssl_aio_stream::ssl_client_init() { #ifdef HAS_POLARSSL ACL_VSTREAM* stream = get_vstream(); acl_assert(stream); // 0. Initialize the RNG and the session data havege_init((havege_state*) hs_); int ret; if ((ret = ssl_init((ssl_context*) ssl_)) != 0) { logger_error("failed, ssl_init returned %d", ret); return false; } ssl_set_endpoint((ssl_context*) ssl_, SSL_IS_CLIENT); ssl_set_authmode((ssl_context*) ssl_, SSL_VERIFY_NONE); ssl_set_rng((ssl_context*) ssl_, ::havege_random, hs_); //ssl_set_dbg((ssl_context*) ssl_, my_debug, stdout); ssl_set_bio((ssl_context*) ssl_, __sock_read, this, __sock_send, this); const int* cipher_suites = ssl_list_ciphersuites(); if (cipher_suites == NULL) { logger_error("ssl_list_ciphersuites null"); return false; } ssl_set_ciphersuites((ssl_context*) ssl_, cipher_suites); ssl_set_session((ssl_context*) ssl_, (ssl_session*) ssn_); acl_vstream_ctl(stream, ACL_VSTREAM_CTL_READ_FN, __ssl_read, ACL_VSTREAM_CTL_WRITE_FN, __ssl_send, ACL_VSTREAM_CTL_CTX, this, ACL_VSTREAM_CTL_END); acl_tcp_set_nodelay(ACL_VSTREAM_SOCK(stream)); #endif return true; }
int main( int argc, char *argv[] ) { FILE *f; time_t t; int i, j, k; havege_state hs; unsigned char buf[1024]; if( argc < 2 ) { fprintf( stderr, "usage: %s <output filename>\n", argv[0] ); return( 1 ); } if( ( f = fopen( argv[1], "wb+" ) ) == NULL ) { printf( "failed to open '%s' for writing.\n", argv[0] ); return( 1 ); } havege_init( &hs ); t = time( NULL ); for( i = 0, k = 32768; i < k; i++ ) { for( j = 0; j < sizeof( buf ); j++ ) buf[j] = havege_rand( &hs ); fwrite( buf, sizeof( buf ), 1, f ); printf( "Generating 32Mb of data in file '%s'... %04.1f" \ "%% done\r", argv[1], (100 * (float) (i + 1)) / k ); fflush( stdout ); } if( t == time( NULL ) ) t--; fclose( f ); return( 0 ); }
extern uint32_t encrypt(unsigned char * key, uint32_t keylen, unsigned char * in, uint32_t inlen, unsigned char * out) { gcm_ctx_256b ctx; int i; if (!HSinitted) { havege_init(&HS); HSinitted++; } for (i = 0; i < 4; i++) { ((int*) (out + inlen + 16))[i] = havege_rand(&HS); } gcm_init_256b(&ctx,key,keylen * 8); gcm_encrypt_256b(&ctx, out + inlen + 16,16,in,inlen,NULL,0,out,out + inlen); gcm_destroy_256b(&ctx); return 32 + inlen; }
int gen_key( unsigned char *key, int key_lenght){ int i = 0; int ret = 1; havege_state *hs = malloc(sizeof( havege_state)) ; if( hs == NULL ) return -1; havege_init(hs); ret = havege_random( hs, key, key_lenght); for( i= 0; i < key_lenght; i++) printf("%c",key[i]); free(hs); return ret; }
PUBLIC int sslUpgrade(Webs *wp) { EstSocket *est; WebsSocket *sp; assert(wp); if ((est = malloc(sizeof(EstSocket))) == 0) { return -1; } wp->ssl = est; ssl_free(&est->ctx); havege_init(&est->hs); ssl_init(&est->ctx); ssl_set_endpoint(&est->ctx, 1); ssl_set_authmode(&est->ctx, BIT_GOAHEAD_VERIFY_PEER ? SSL_VERIFY_OPTIONAL : SSL_VERIFY_NO_CHECK); ssl_set_rng(&est->ctx, havege_rand, &est->hs); ssl_set_dbg(&est->ctx, estTrace, NULL); sp = socketPtr(wp->sid); ssl_set_bio(&est->ctx, net_recv, &sp->sock, net_send, &sp->sock); ssl_set_ciphers(&est->ctx, estConfig.ciphers); ssl_set_session(&est->ctx, 1, 0, &est->session); memset(&est->session, 0, sizeof(ssl_session)); ssl_set_ca_chain(&est->ctx, *BIT_GOAHEAD_CA ? &estConfig.ca : NULL, NULL); if (*BIT_GOAHEAD_CERTIFICATE && *BIT_GOAHEAD_KEY) { ssl_set_own_cert(&est->ctx, &estConfig.cert, &estConfig.rsa); } ssl_set_dh_param(&est->ctx, dhKey, dhg); if (estHandshake(wp) < 0) { return -1; } return 0; }
/* * Initialise the given ctr_drbg context, using a personalisation string and an * entropy gathering function. */ ctr_drbg_context * rand_ctx_get() { static havege_state hs = {0}; static entropy_context ec = {0}; static ctr_drbg_context cd_ctx = {0}; static bool rand_initialised = false; if (!rand_initialised) { struct gc_arena gc = gc_new(); struct buffer pers_string = alloc_buf_gc(100, &gc); /* * Personalisation string, should be as unique as possible (see NIST * 800-90 section 8.7.1). We have very little information at this stage. * Include Program Name, memory address of the context and PID. */ buf_printf(&pers_string, "OpenVPN %0u %p %s", platform_getpid(), &cd_ctx, time_string(0, 0, 0, &gc)); /* Initialise PolarSSL RNG, and built-in entropy sources */ havege_init(&hs); entropy_init(&ec); if (0 != entropy_add_source(&ec, hardclock_poll, NULL, ENTROPY_MIN_HARDCLOCK)) msg (M_FATAL, "Failed to add hardclock to entropy pool"); if (0 != entropy_add_source(&ec, havege_poll, &hs, ENTROPY_MIN_HAVEGE)) msg (M_FATAL, "Failed to add havege to entropy pool"); if (0 != ctr_drbg_init(&cd_ctx, entropy_func, &ec, BPTR(&pers_string), BLEN(&pers_string))) msg (M_FATAL, "Failed to initialize random generator"); gc_free(&gc); rand_initialised = true; } return &cd_ctx; }
void receiver(int sender, int receiver, char *s_pub_key, char *r_priv_key, char *s_nonce, char *r_nonce) /*@ requires [_]public_invar(nsl_pub) &*& [_]decryption_key_classifier(nsl_public_key) &*& principal(receiver, _) &*& [?f1]cryptogram(s_pub_key, 8 * KEY_SIZE, ?s_pub_key_ccs, ?s_pub_key_cg) &*& s_pub_key_cg == cg_public_key(sender, ?s_id) &*& [?f2]cryptogram(r_priv_key, 8 * KEY_SIZE, ?r_priv_key_ccs, ?r_priv_key_cg) &*& r_priv_key_cg == cg_private_key(receiver, ?r_id) &*& chars(s_nonce, NONCE_SIZE, _) &*& chars(r_nonce, NONCE_SIZE, _); @*/ /*@ ensures principal(receiver, _) &*& [f1]cryptogram(s_pub_key, 8 * KEY_SIZE, s_pub_key_ccs, s_pub_key_cg) &*& [f2]cryptogram(r_priv_key, 8 * KEY_SIZE, r_priv_key_ccs, r_priv_key_cg) &*& cryptogram(r_nonce, NONCE_SIZE, ?r_nonce_ccs, ?r_nonce_cg) &*& r_nonce_cg == cg_nonce(receiver, _) &*& ( col || bad(sender) || bad(receiver) ? chars(s_nonce, NONCE_SIZE, _) : cryptogram(s_nonce, NONCE_SIZE, ?s_nonce_ccs, ?s_nonce_cg) &*& s_nonce_cg == cg_nonce(sender, _) &*& cg_info(s_nonce_cg) == int_pair(1, int_pair(receiver, r_id)) &*& cg_info(r_nonce_cg) == int_pair(2, int_pair(sender, int_pair(sender, int_pair(receiver, r_id)))) ); @*/ { //@ open principal(receiver, _); int socket1; int socket2; pk_context s_context; pk_context r_context; havege_state havege_state; if(net_bind(&socket1, NULL, SERVER_PORT) != 0) abort(); if(net_accept(socket1, &socket2, NULL) != 0) abort(); if(net_set_block(socket2) != 0) abort(); //@ close pk_context(&s_context); pk_init(&s_context); if (pk_parse_public_key(&s_context, s_pub_key, (unsigned int) 8 * KEY_SIZE) != 0) abort(); //@ close pk_context(&r_context); pk_init(&r_context); if (pk_parse_key(&r_context, r_priv_key, (unsigned int) 8 * KEY_SIZE, NULL, 0) != 0) abort(); // Generate NB //@ close havege_state(&havege_state); havege_init(&havege_state); //@ close principal(receiver, _); receiver_msg1(&socket2, &havege_state, &r_context, sender, receiver, s_nonce); //@ open principal(receiver, _); //@ assert receiver_inter(?p_orig, ?c_orig, ?p_inst, ?s_nonce_ccs, ?s_nonce_cg); //@ int info = int_pair(sender, int_pair(p_inst, int_pair(p_orig, c_orig))); //@ close random_request(receiver, int_pair(2, info), false); if (havege_random(&havege_state, r_nonce, NONCE_SIZE) != 0) abort(); //@ close principal(receiver, _); receiver_msg2(&socket2, &havege_state, &s_context, receiver, s_nonce, r_nonce); //@ if (col || bad(p_inst) || bad(receiver)) chars_to_crypto_chars(s_nonce, NONCE_SIZE); //@ close receiver_inter(p_orig, c_orig, p_inst, s_nonce_ccs, s_nonce_cg); receiver_msg3(&socket2, &havege_state, &r_context, sender, receiver, s_nonce, r_nonce); /*@ if (col || bad(sender) || bad(receiver)) crypto_chars_to_chars(s_nonce, NONCE_SIZE); @*/ havege_free(&havege_state); //@ open havege_state(&havege_state); //@ pk_release_context_with_key(&s_context); pk_free(&s_context); //@ open pk_context(&s_context); //@ pk_release_context_with_key(&r_context); pk_free(&r_context); //@ open pk_context(&r_context); net_close(socket2); net_close(socket1); }
void sender(int sender, int receiver, char *s_priv_key, char *r_pub_key, char *s_nonce, char *r_nonce) /*@ requires [_]public_invar(nsl_pub) &*& [_]decryption_key_classifier(nsl_public_key) &*& principal(sender, _) &*& [?f1]cryptogram(s_priv_key, 8 * KEY_SIZE, ?s_priv_key_ccs, ?s_priv_key_cg) &*& s_priv_key_cg == cg_private_key(sender, ?s_id) &*& [?f2]cryptogram(r_pub_key, 8 * KEY_SIZE, ?r_pub_key_ccs, ?r_pub_key_cg) &*& r_pub_key_cg == cg_public_key(receiver, ?r_id) &*& chars(s_nonce, NONCE_SIZE, _) &*& chars(r_nonce, NONCE_SIZE, _); @*/ /*@ ensures principal(sender, _) &*& [f1]cryptogram(s_priv_key, 8 * KEY_SIZE, s_priv_key_ccs, s_priv_key_cg) &*& [f2]cryptogram(r_pub_key, 8 * KEY_SIZE, r_pub_key_ccs, r_pub_key_cg) &*& cryptogram(s_nonce, NONCE_SIZE, ?s_nonce_ccs, ?s_nonce_cg) &*& s_nonce_cg == cg_nonce(sender, _) &*& cg_info(s_nonce_cg) == int_pair(1, int_pair(receiver, r_id)) &*& col || bad(sender) || bad(receiver) ? chars(r_nonce, NONCE_SIZE, _) : cryptogram(r_nonce, NONCE_SIZE, _, ?r_nonce_cg) &*& r_nonce_cg == cg_nonce(receiver, _) &*& cg_info(r_nonce_cg) == int_pair(2, int_pair(sender, int_pair(sender, int_pair(receiver, r_id)))); @*/ { int socket; pk_context s_context; pk_context r_context; havege_state havege_state; net_usleep(20000); if(net_connect(&socket, NULL, SERVER_PORT) != 0) abort(); if(net_set_block(socket) != 0) abort(); //@ close pk_context(&s_context); pk_init(&s_context); if (pk_parse_key(&s_context, s_priv_key, (unsigned int) 8 * KEY_SIZE, NULL, 0) != 0) abort(); //@ close pk_context(&r_context); pk_init(&r_context); if (pk_parse_public_key(&r_context, r_pub_key, (unsigned int) 8 * KEY_SIZE) != 0) abort(); // Generate NA //@ open principal(sender, _); //@ close havege_state(&havege_state); havege_init(&havege_state); //@ close random_request(sender, int_pair(1, int_pair(receiver, r_id)), false); if (havege_random(&havege_state, s_nonce, NONCE_SIZE) != 0) abort(); //@ assert cryptogram(s_nonce, NONCE_SIZE, ?cs_s_nonce, ?cg_s_nonce); //@ close principal(sender, _); sender_msg1(&socket, &havege_state, &r_context, sender, s_nonce); sender_msg2(&socket, &havege_state, &s_context, sender, receiver, s_nonce, r_nonce); sender_msg3(&socket, &havege_state, &r_context, sender, r_nonce); havege_free(&havege_state); //@ open havege_state(&havege_state); //@ pk_release_context_with_key(&s_context); pk_free(&s_context); //@ open pk_context(&s_context); //@ pk_release_context_with_key(&r_context); pk_free(&r_context); //@ open pk_context(&r_context); net_close(socket); }
int main( int argc, char *argv[] ) { int keysize; unsigned long i, j, tsc; unsigned char tmp[64]; #if defined(POLARSSL_ARC4_C) arc4_context arc4; #endif #if defined(POLARSSL_DES_C) des3_context des3; des_context des; #endif #if defined(POLARSSL_AES_C) aes_context aes; #endif #if defined(POLARSSL_CAMELLIA_C) camellia_context camellia; #endif #if defined(POLARSSL_RSA_C) && defined(POLARSSL_BIGNUM_C) && \ defined(POLARSSL_GENPRIME) rsa_context rsa; #endif #if defined(POLARSSL_HAVEGE_C) havege_state hs; #endif #if defined(POLARSSL_CTR_DRBG_C) ctr_drbg_context ctr_drbg; #endif ((void) argc); ((void) argv); memset( buf, 0xAA, sizeof( buf ) ); printf( "\n" ); #if defined(POLARSSL_MD4_C) printf( HEADER_FORMAT, "MD4" ); fflush( stdout ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) md4( buf, BUFSIZE, tmp ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) md4( buf, BUFSIZE, tmp ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_MD5_C) printf( HEADER_FORMAT, "MD5" ); fflush( stdout ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) md5( buf, BUFSIZE, tmp ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) md5( buf, BUFSIZE, tmp ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_SHA1_C) printf( HEADER_FORMAT, "SHA-1" ); fflush( stdout ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) sha1( buf, BUFSIZE, tmp ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) sha1( buf, BUFSIZE, tmp ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_SHA2_C) printf( HEADER_FORMAT, "SHA-256" ); fflush( stdout ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) sha2( buf, BUFSIZE, tmp, 0 ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) sha2( buf, BUFSIZE, tmp, 0 ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_SHA4_C) printf( HEADER_FORMAT, "SHA-512" ); fflush( stdout ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) sha4( buf, BUFSIZE, tmp, 0 ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) sha4( buf, BUFSIZE, tmp, 0 ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_ARC4_C) printf( HEADER_FORMAT, "ARC4" ); fflush( stdout ); arc4_setup( &arc4, tmp, 32 ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) arc4_crypt( &arc4, BUFSIZE, buf, buf ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) arc4_crypt( &arc4, BUFSIZE, buf, buf ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_DES_C) printf( HEADER_FORMAT, "3DES" ); fflush( stdout ); des3_set3key_enc( &des3, tmp ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); printf( HEADER_FORMAT, "DES" ); fflush( stdout ); des_setkey_enc( &des, tmp ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ); tsc = hardclock(); for( j = 0; j < 1024; j++ ) des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_AES_C) for( keysize = 128; keysize <= 256; keysize += 64 ) { printf( " AES-%d : ", keysize ); fflush( stdout ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); aes_setkey_enc( &aes, tmp, keysize ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf ); tsc = hardclock(); for( j = 0; j < 4096; j++ ) aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); } #endif #if defined(POLARSSL_CAMELLIA_C) for( keysize = 128; keysize <= 256; keysize += 64 ) { printf( " CAMELLIA-%d : ", keysize ); fflush( stdout ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); camellia_setkey_enc( &camellia, tmp, keysize ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT, BUFSIZE, tmp, buf, buf ); tsc = hardclock(); for( j = 0; j < 4096; j++ ) camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT, BUFSIZE, tmp, buf, buf ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); } #endif #if defined(POLARSSL_HAVEGE_C) printf( HEADER_FORMAT, "HAVEGE" ); fflush( stdout ); havege_init( &hs ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) havege_random( &hs, buf, BUFSIZE ); tsc = hardclock(); for( j = 1; j < 1024; j++ ) havege_random( &hs, buf, BUFSIZE ); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_CTR_DRBG_C) printf( HEADER_FORMAT, "CTR_DRBG (NOPR)" ); fflush( stdout ); if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) exit(1); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) exit(1); tsc = hardclock(); for( j = 1; j < 1024; j++ ) if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) exit(1); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); printf( HEADER_FORMAT, "CTR_DRBG (PR)" ); fflush( stdout ); if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) exit(1); ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_ON ); set_alarm( 1 ); for( i = 1; ! alarmed; i++ ) if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) exit(1); tsc = hardclock(); for( j = 1; j < 1024; j++ ) if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) exit(1); printf( "%9lu Kb/s, %9lu cycles/byte\n", i * BUFSIZE / 1024, ( hardclock() - tsc ) / ( j * BUFSIZE ) ); #endif #if defined(POLARSSL_RSA_C) && defined(POLARSSL_BIGNUM_C) && \ defined(POLARSSL_GENPRIME) rsa_init( &rsa, RSA_PKCS_V15, 0 ); rsa_gen_key( &rsa, myrand, NULL, 1024, 65537 ); printf( HEADER_FORMAT, "RSA-1024" ); fflush( stdout ); set_alarm( 3 ); for( i = 1; ! alarmed; i++ ) { buf[0] = 0; rsa_public( &rsa, buf, buf ); } printf( "%9lu public/s\n", i / 3 ); printf( HEADER_FORMAT, "RSA-1024" ); fflush( stdout ); set_alarm( 3 ); for( i = 1; ! alarmed; i++ ) { buf[0] = 0; rsa_private( &rsa, buf, buf ); } printf( "%9lu private/s\n", i / 3 ); rsa_free( &rsa ); rsa_init( &rsa, RSA_PKCS_V15, 0 ); rsa_gen_key( &rsa, myrand, NULL, 2048, 65537 ); printf( HEADER_FORMAT, "RSA-2048" ); fflush( stdout ); set_alarm( 3 ); for( i = 1; ! alarmed; i++ ) { buf[0] = 0; rsa_public( &rsa, buf, buf ); } printf( "%9lu public/s\n", i / 3 ); printf( HEADER_FORMAT, "RSA-2048" ); fflush( stdout ); set_alarm( 3 ); for( i = 1; ! alarmed; i++ ) { buf[0] = 0; rsa_private( &rsa, buf, buf ); } printf( "%9lu private/s\n", i / 3 ); rsa_free( &rsa ); rsa_init( &rsa, RSA_PKCS_V15, 0 ); rsa_gen_key( &rsa, myrand, NULL, 4096, 65537 ); printf( HEADER_FORMAT, "RSA-4096" ); fflush( stdout ); set_alarm( 3 ); for( i = 1; ! alarmed; i++ ) { buf[0] = 0; rsa_public( &rsa, buf, buf ); } printf( "%9lu public/s\n", i / 3 ); printf( HEADER_FORMAT, "RSA-4096" ); fflush( stdout ); set_alarm( 3 ); for( i = 1; ! alarmed; i++ ) { buf[0] = 0; rsa_private( &rsa, buf, buf ); } printf( "%9lu private/s\n", i / 3 ); rsa_free( &rsa ); #endif printf( "\n" ); #if defined(_WIN32) printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( 0 ); }
int main(int argc, char **argv) //@ : main_full(main_app) //@ requires module(main_app, true); //@ ensures true; { pthread_t a_thread; havege_state havege_state; printf("\n\tExecuting \""); printf("yahalom protocol"); printf("\" ... \n\n"); //@ PROTOCOL_INIT(yahalom) //@ int server = principal_create(); //@ assert server == 1; //@ int sender = principal_create(); //@ assert sender == 2; //@ int receiver = principal_create(); //@ assert receiver == 3; //@ int attacker = principal_create(); //@ assume (bad(attacker)); //@ close havege_state(&havege_state); havege_init(&havege_state); //@ assume (bad(attacker)); //@ close pthread_run_pre(attacker_t)(NULL, some(attacker)); pthread_create(&a_thread, NULL, &attacker_t, NULL); int i = 0; #ifdef EXECUTE while (i++ < 10) #else while (true) #endif /*@ invariant [_]public_invar(yahalom_pub) &*& [_]decryption_key_classifier(yahalom_public_key) &*& havege_state_initialized(&havege_state) &*& principal(server, ?serv_count) &*& principal(sender, ?send_count) &*& principal(receiver, ?rcvr_count); @*/ { char s_key[KEY_SIZE]; char r_key[KEY_SIZE]; char key1[KEY_SIZE]; char key2[KEY_SIZE]; //@ open principal(sender, _); //@ close random_request(sender, int_pair(3, server), true); if (havege_random(&havege_state, s_key, KEY_SIZE) != 0) abort(); //@ close principal(sender, _); //@ assert cryptogram(s_key, KEY_SIZE, ?cs_s_key, ?cg_s_key); //@ assert cg_s_key == cg_symmetric_key(sender, send_count + 1); //@ open principal(receiver, _); //@ close random_request(receiver, int_pair(3, server), true); if (havege_random(&havege_state, r_key, KEY_SIZE) != 0) abort(); //@ close principal(receiver, _); //@ assert cryptogram(r_key, KEY_SIZE, ?cs_r_key, ?cg_r_key); //@ assert cg_r_key == cg_symmetric_key(receiver, rcvr_count + 1); { pthread_t serv_thread, s_thread, r_thread; struct yahalom_args serv_args, s_args, r_args; serv_args.server = 1; serv_args.sender = 2; serv_args.receiver = 3; serv_args.s_key = s_key; serv_args.r_key = r_key; s_args.server = 1; s_args.sender = 2; s_args.receiver = 3; s_args.s_key = s_key; s_args.key = key1; r_args.server = 1; r_args.sender = 2; r_args.receiver = 3; r_args.r_key = r_key; r_args.key = key2; //@ close pthread_run_pre(server_t)(&serv_args, ?serv_data); pthread_create(&serv_thread, NULL, &server_t, &serv_args); //@ close pthread_run_pre(sender_t)(&s_args, ?s_data); pthread_create(&s_thread, NULL, &sender_t, &s_args); //@ close pthread_run_pre(receiver_t)(&r_args, ?r_data); pthread_create(&r_thread, NULL, &receiver_t, &r_args); pthread_join(serv_thread, NULL); //@ open pthread_run_post(server_t)(&serv_args, serv_data); pthread_join(s_thread, NULL); //@ open pthread_run_post(sender_t)(&s_args, s_data); pthread_join(r_thread, NULL); //@ open pthread_run_post(receiver_t)(&r_args, r_data); } //@ open cryptogram(key1, KEY_SIZE, ?cs_key1, _); zeroize(key1, KEY_SIZE); //@ open cryptogram(key2, KEY_SIZE, ?cs_key2, _); zeroize(key2, KEY_SIZE); //@ open [1/2]cryptogram(s_key, KEY_SIZE, _, _); //@ open [1/2]cryptogram(s_key, KEY_SIZE, _, _); zeroize(s_key, KEY_SIZE); //@ open [1/2]cryptogram(r_key, KEY_SIZE, _, _); //@ open [1/2]cryptogram(r_key, KEY_SIZE, _, _); zeroize(r_key, KEY_SIZE); printf(" |%i| ", i); } printf("\n\n\t\tDone\n"); return 0; }
int main(int argc, char **argv) //@ : main_full(main_app) //@ requires module(main_app, true); //@ ensures true; { pthread_t a_thread; havege_state havege_state; printf("\n\tExecuting \""); printf("enc_then_hmac protocol"); printf("\" ... \n\n"); //@ PROTOCOL_INIT(enc_then_hmac) //@ int attacker = principal_create(); //@ int sender = principal_create(); //@ int receiver = principal_create(); //@ assume (!bad(sender) && !bad(receiver)); //@ close havege_state(&havege_state); havege_init(&havege_state); //@ assume (bad(attacker)); //@ close pthread_run_pre(attacker_t)(NULL, some(attacker)); pthread_create(&a_thread, NULL, &attacker_t, NULL); int i = 0; #ifdef EXECUTE while (i++ < 10) #else while (true) #endif /*@ invariant [_]public_invar(enc_then_hmac_pub) &*& [_]decryption_key_classifier(enc_then_hmac_public_key) &*& !bad(sender) && !bad(receiver) &*& havege_state_initialized(&havege_state) &*& principal(sender, ?count) &*& principal(receiver, _); @*/ { char* enc_key; char* hmac_key; int temp; enc_key = malloc(KEY_SIZE); if (enc_key == 0) abort(); hmac_key = malloc(KEY_SIZE); if (hmac_key == 0) abort(); //@ open principal(sender, _); //@ close random_request(sender, 0, true); if (havege_random(&havege_state, enc_key, KEY_SIZE) != 0) abort(); //@ assume (shared_with(sender, count + 1) == receiver); //@ assert cryptogram(enc_key, KEY_SIZE, ?enc_cs_key, ?enc_cg_key); //@ assert enc_cg_key == cg_symmetric_key(sender, count + 1); //@ close random_request(sender, count + 1, true); if (havege_random(&havege_state, hmac_key, KEY_SIZE) != 0) abort(); //@ assume (shared_with(sender, count + 2) == receiver); //@ assert cryptogram(hmac_key, KEY_SIZE, ?hmac_cs_key, ?hmac_cg_key); //@ assert hmac_cg_key == cg_symmetric_key(sender, count + 2); { pthread_t s_thread, r_thread; struct enc_then_hmac_args s_args; struct enc_then_hmac_args r_args; char s_message[MSG_LEN]; char r_message[MAX_SIZE]; //@ assert chars(s_message, MSG_LEN, ?msg_cs); //@ public_chars(s_message, MSG_LEN); //@ chars_to_secret_crypto_chars(s_message, MSG_LEN); //@ s_args.sender = sender; //@ s_args.receiver = receiver; s_args.enc_key = enc_key; s_args.hmac_key = hmac_key; s_args.msg = s_message; //@ assume (send(sender, receiver, msg_cs) == true); //@ r_args.sender = sender; //@ r_args.receiver = receiver; r_args.enc_key = enc_key; r_args.hmac_key = hmac_key; r_args.msg = r_message; //@ close principal(sender, _); //@ close pthread_run_pre(sender_t)(&s_args, ?s_data); //@ close pthread_run_pre(receiver_t)(&r_args, ?r_data); pthread_create(&r_thread, NULL, &receiver_t, &r_args); pthread_create(&s_thread, NULL, &sender_t, &s_args); pthread_join(s_thread, NULL); //@ open pthread_run_post(sender_t)(&s_args, s_data); pthread_join(r_thread, NULL); //@ open pthread_run_post(receiver_t)(&r_args, r_data); //@ open [1/2]cryptogram(enc_key, KEY_SIZE, enc_cs_key, _); //@ open [1/2]cryptogram(enc_key, KEY_SIZE, enc_cs_key, _); //@ open [1/2]cryptogram(hmac_key, KEY_SIZE, hmac_cs_key, _); //@ open [1/2]cryptogram(hmac_key, KEY_SIZE, hmac_cs_key, _); if (r_args.length != MSG_LEN) abort(); //@ public_crypto_chars(s_message, MSG_LEN); #ifdef EXECUTE if (memcmp(s_message, r_message, MSG_LEN) != 0) abort(); #endif //@ open principal(sender, _); //@ close principal(sender, _); zeroize(r_message, r_args.length); } zeroize(enc_key, KEY_SIZE); free((void*) enc_key); zeroize(hmac_key, KEY_SIZE); free((void*) hmac_key); printf(" |%i| ", i); } printf("\n\n\t\tDone\n"); return 0; }
int main(void) { int ret, len, server_fd = -1; unsigned char buf[1024]; havege_state hs; ssl_context ssl; ssl_session ssn; /* * 0. Initialize the RNG and the session data */ havege_init(&hs); memset(&ssl, 0, sizeof(ssl)); memset(&ssn, 0, sizeof(ssl_session)); /* * 1. Start the connection */ printf("\n . Connecting to tcp/%s/%4d...", SERVER_NAME, SERVER_PORT); fflush(stdout); if ((ret = net_connect(&server_fd, SERVER_NAME, SERVER_PORT)) != 0) { printf(" failed\n ! net_connect returned %d\n\n", ret); goto exit; } printf(" ok\n"); /* * 2. Setup stuff */ printf(" . Setting up the SSL/TLS structure..."); fflush(stdout); if ((ret = ssl_init(&ssl)) != 0) { printf(" failed\n ! ssl_init returned %d\n\n", ret); goto exit; } printf(" ok\n"); ssl_set_endpoint(&ssl, SSL_IS_CLIENT); ssl_set_authmode(&ssl, SSL_VERIFY_NONE); ssl_set_rng(&ssl, havege_rand, &hs); ssl_set_dbg(&ssl, my_debug, stdout); ssl_set_bio(&ssl, net_recv, &server_fd, net_send, &server_fd); ssl_set_ciphers(&ssl, ssl_default_ciphers); ssl_set_session(&ssl, 1, 600, &ssn); /* * 3. Write the GET request */ printf(" > Write to server:"); fflush(stdout); len = sprintf((char *)buf, GET_REQUEST); while ((ret = ssl_write(&ssl, buf, len)) <= 0) { if (ret != TROPICSSL_ERR_NET_TRY_AGAIN) { printf(" failed\n ! ssl_write returned %d\n\n", ret); goto exit; } } len = ret; printf(" %d bytes written\n\n%s", len, (char *)buf); /* * 7. Read the HTTP response */ printf(" < Read from server:"); fflush(stdout); do { len = sizeof(buf) - 1; memset(buf, 0, sizeof(buf)); ret = ssl_read(&ssl, buf, len); if (ret == TROPICSSL_ERR_NET_TRY_AGAIN) continue; if (ret == TROPICSSL_ERR_SSL_PEER_CLOSE_NOTIFY) break; if (ret <= 0) { printf("failed\n ! ssl_read returned %d\n\n", ret); break; } len = ret; printf(" %d bytes read\n\n%s", len, (char *)buf); } while (0); ssl_close_notify(&ssl); exit: net_close(server_fd); ssl_free(&ssl); memset(&ssl, 0, sizeof(ssl)); #ifdef WIN32 printf(" + Press Enter to exit this program.\n"); fflush(stdout); getchar(); #endif return (ret); }
/* * This function loads all the client/CA certificates and CRLs. Setup the TLS * layer and do all necessary magic. */ CURLcode Curl_polarssl_connect(struct connectdata *conn, int sockindex) { struct SessionHandle *data = conn->data; bool sni = TRUE; /* default is SNI enabled */ int ret = -1; #ifdef ENABLE_IPV6 struct in6_addr addr; #else struct in_addr addr; #endif void *old_session = NULL; size_t old_session_size = 0; char buffer[1024]; if(conn->ssl[sockindex].state == ssl_connection_complete) return CURLE_OK; /* PolarSSL only supports SSLv3 and TLSv1 */ if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) { failf(data, "PolarSSL does not support SSLv2"); return CURLE_SSL_CONNECT_ERROR; } else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) sni = FALSE; /* SSLv3 has no SNI */ havege_init(&conn->ssl[sockindex].hs); /* Load the trusted CA */ memset(&conn->ssl[sockindex].cacert, 0, sizeof(x509_cert)); if(data->set.str[STRING_SSL_CAFILE]) { ret = x509parse_crtfile(&conn->ssl[sockindex].cacert, data->set.str[STRING_SSL_CAFILE]); if(ret) { failf(data, "Error reading ca cert file %s: -0x%04X", data->set.str[STRING_SSL_CAFILE], -ret); if(data->set.ssl.verifypeer) return CURLE_SSL_CACERT_BADFILE; } } /* Load the client certificate */ memset(&conn->ssl[sockindex].clicert, 0, sizeof(x509_cert)); if(data->set.str[STRING_CERT]) { ret = x509parse_crtfile(&conn->ssl[sockindex].clicert, data->set.str[STRING_CERT]); if(ret) { failf(data, "Error reading client cert file %s: -0x%04X", data->set.str[STRING_CERT], -ret); return CURLE_SSL_CERTPROBLEM; } } /* Load the client private key */ if(data->set.str[STRING_KEY]) { ret = x509parse_keyfile(&conn->ssl[sockindex].rsa, data->set.str[STRING_KEY], data->set.str[STRING_KEY_PASSWD]); if(ret) { failf(data, "Error reading private key %s: -0x%04X", data->set.str[STRING_KEY], -ret); return CURLE_SSL_CERTPROBLEM; } } /* Load the CRL */ memset(&conn->ssl[sockindex].crl, 0, sizeof(x509_crl)); if(data->set.str[STRING_SSL_CRLFILE]) { ret = x509parse_crlfile(&conn->ssl[sockindex].crl, data->set.str[STRING_SSL_CRLFILE]); if(ret) { failf(data, "Error reading CRL file %s: -0x%04X", data->set.str[STRING_SSL_CRLFILE], -ret); return CURLE_SSL_CRL_BADFILE; } } infof(data, "PolarSSL: Connected to %s:%d\n", conn->host.name, conn->remote_port); havege_init(&conn->ssl[sockindex].hs); if(ssl_init(&conn->ssl[sockindex].ssl)) { failf(data, "PolarSSL: ssl_init failed"); return CURLE_SSL_CONNECT_ERROR; } ssl_set_endpoint(&conn->ssl[sockindex].ssl, SSL_IS_CLIENT); ssl_set_authmode(&conn->ssl[sockindex].ssl, SSL_VERIFY_OPTIONAL); ssl_set_rng(&conn->ssl[sockindex].ssl, havege_rand, &conn->ssl[sockindex].hs); ssl_set_bio(&conn->ssl[sockindex].ssl, net_recv, &conn->sock[sockindex], net_send, &conn->sock[sockindex]); ssl_set_ciphers(&conn->ssl[sockindex].ssl, ssl_default_ciphers); if(!Curl_ssl_getsessionid(conn, &old_session, &old_session_size)) { memcpy(&conn->ssl[sockindex].ssn, old_session, old_session_size); infof(data, "PolarSSL re-using session\n"); } ssl_set_session(&conn->ssl[sockindex].ssl, 1, 600, &conn->ssl[sockindex].ssn); ssl_set_ca_chain(&conn->ssl[sockindex].ssl, &conn->ssl[sockindex].cacert, &conn->ssl[sockindex].crl, conn->host.name); ssl_set_own_cert(&conn->ssl[sockindex].ssl, &conn->ssl[sockindex].clicert, &conn->ssl[sockindex].rsa); if(!Curl_inet_pton(AF_INET, conn->host.name, &addr) && #ifdef ENABLE_IPV6 !Curl_inet_pton(AF_INET6, conn->host.name, &addr) && #endif sni && ssl_set_hostname(&conn->ssl[sockindex].ssl, conn->host.name)) { infof(data, "WARNING: failed to configure " "server name indication (SNI) TLS extension\n"); } infof(data, "PolarSSL: performing SSL/TLS handshake...\n"); #ifdef POLARSSL_DEBUG ssl_set_dbg(&conn->ssl[sockindex].ssl, polarssl_debug, data); #endif for(;;) { if(!(ret = ssl_handshake(&conn->ssl[sockindex].ssl))) break; else if(ret != POLARSSL_ERR_NET_TRY_AGAIN) { failf(data, "ssl_handshake returned -0x%04X", -ret); return CURLE_SSL_CONNECT_ERROR; } else { /* wait for data from server... */ long timeout_ms = Curl_timeleft(data, NULL, TRUE); if(timeout_ms < 0) { failf(data, "SSL connection timeout"); return CURLE_OPERATION_TIMEDOUT; } switch(Curl_socket_ready(conn->sock[sockindex], CURL_SOCKET_BAD, timeout_ms)) { case 0: failf(data, "SSL handshake timeout"); return CURLE_OPERATION_TIMEDOUT; break; case CURL_CSELECT_IN: continue; break; default: return CURLE_SSL_CONNECT_ERROR; break; } } } infof(data, "PolarSSL: Handshake complete, cipher is %s\n", ssl_get_cipher(&conn->ssl[sockindex].ssl)); ret = ssl_get_verify_result(&conn->ssl[sockindex].ssl); if(ret && data->set.ssl.verifypeer) { if(ret & BADCERT_EXPIRED) failf(data, "Cert verify failed: BADCERT_EXPIRED\n"); if(ret & BADCERT_REVOKED) failf(data, "Cert verify failed: BADCERT_REVOKED"); if(ret & BADCERT_CN_MISMATCH) failf(data, "Cert verify failed: BADCERT_CN_MISMATCH"); if(ret & BADCERT_NOT_TRUSTED) failf(data, "Cert verify failed: BADCERT_NOT_TRUSTED"); return CURLE_SSL_CACERT; } if(conn->ssl[sockindex].ssl.peer_cert) { /* If the session was resumed, there will be no peer certs */ memset(buffer, 0, sizeof(buffer)); if(x509parse_cert_info(buffer, sizeof(buffer), (char *)"* ", conn->ssl[sockindex].ssl.peer_cert) != -1) infof(data, "Dumping cert info:\n%s\n", buffer); } conn->ssl[sockindex].state = ssl_connection_complete; conn->recv[sockindex] = polarssl_recv; conn->send[sockindex] = polarssl_send; /* Save the current session data for possible re-use */ { void *new_session = malloc(sizeof(conn->ssl[sockindex].ssn)); if(new_session) { memcpy(new_session, &conn->ssl[sockindex].ssn, sizeof(conn->ssl[sockindex].ssn)); if(old_session) Curl_ssl_delsessionid(conn, old_session); return Curl_ssl_addsessionid(conn, new_session, sizeof(conn->ssl[sockindex].ssn)); } } return CURLE_OK; }
int main( int argc, char *argv[] ) { int ret = 0, server_fd; unsigned char buf[1024]; havege_state hs; ssl_context ssl; ssl_session ssn; x509_cert clicert; rsa_context rsa; int i, j, n; char *p, *q; if( argc == 0 ) { usage: printf( USAGE ); goto exit; } opt.mode = DFL_MODE; opt.filename = DFL_FILENAME; opt.server_name = DFL_SERVER_NAME; opt.server_port = DFL_SERVER_PORT; opt.debug_level = DFL_DEBUG_LEVEL; for( i = 1; i < argc; i++ ) { n = strlen( argv[i] ); for( j = 0; j < n; j++ ) { if( argv[i][j] >= 'A' && argv[i][j] <= 'Z' ) argv[i][j] |= 0x20; } p = argv[i]; if( ( q = strchr( p, '=' ) ) == NULL ) goto usage; *q++ = '\0'; if( strcmp( p, "mode" ) == 0 ) { if( strcmp( q, "file" ) == 0 ) opt.mode = MODE_FILE; else if( strcmp( q, "ssl" ) == 0 ) opt.mode = MODE_SSL; else goto usage; } else if( strcmp( p, "filename" ) == 0 ) opt.filename = q; else if( strcmp( p, "server_name" ) == 0 ) opt.server_name = q; else if( strcmp( p, "server_port" ) == 0 ) { opt.server_port = atoi( q ); if( opt.server_port < 1 || opt.server_port > 65535 ) goto usage; } else if( strcmp( p, "debug_level" ) == 0 ) { opt.debug_level = atoi( q ); if( opt.debug_level < 0 || opt.debug_level > 65535 ) goto usage; } else goto usage; } if( opt.mode == MODE_FILE ) { x509_cert crt; memset( &crt, 0, sizeof( x509_cert ) ); /* * 1.1. Load the certificate */ printf( "\n . Loading the certificate ..." ); fflush( stdout ); ret = x509parse_crtfile( &crt, opt.filename ); if( ret != 0 ) { printf( " failed\n ! x509parse_crt returned %d\n\n", ret ); x509_free( &crt ); goto exit; } printf( " ok\n" ); /* * 1.2 Print the certificate */ printf( " . Peer certificate information ...\n" ); ret = x509parse_cert_info( (char *) buf, sizeof( buf ) - 1, " ", &crt ); if( ret == -1 ) { printf( " failed\n ! x509parse_cert_info returned %d\n\n", ret ); x509_free( &crt ); goto exit; } printf( "%s\n", buf ); x509_free( &crt ); } else if( opt.mode == MODE_SSL ) { /* * 1. Initialize the RNG and the session data */ havege_init( &hs ); memset( &ssn, 0, sizeof( ssl_session ) ); /* * 2. Start the connection */ printf( " . SSL connection to tcp/%s/%-4d...", opt.server_name, opt.server_port ); fflush( stdout ); if( ( ret = net_connect( &server_fd, opt.server_name, opt.server_port ) ) != 0 ) { printf( " failed\n ! net_connect returned %d\n\n", ret ); goto exit; } /* * 3. Setup stuff */ if( ( ret = ssl_init( &ssl ) ) != 0 ) { printf( " failed\n ! ssl_init returned %d\n\n", ret ); goto exit; } ssl_set_endpoint( &ssl, SSL_IS_CLIENT ); ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); ssl_set_rng( &ssl, havege_rand, &hs ); ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_bio( &ssl, net_recv, &server_fd, net_send, &server_fd ); ssl_set_ciphers( &ssl, ssl_default_ciphers ); ssl_set_session( &ssl, 1, 600, &ssn ); ssl_set_own_cert( &ssl, &clicert, &rsa ); ssl_set_hostname( &ssl, opt.server_name ); /* * 4. Handshake */ while( ( ret = ssl_handshake( &ssl ) ) != 0 ) { if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) { printf( " failed\n ! ssl_handshake returned %d\n\n", ret ); goto exit; } } printf( " ok\n" ); /* * 5. Print the certificate */ printf( " . Peer certificate information ...\n" ); ret = x509parse_cert_info( (char *) buf, sizeof( buf ) - 1, " ", ssl.peer_cert ); if( ret == -1 ) { printf( " failed\n ! x509parse_cert_info returned %d\n\n", ret ); goto exit; } printf( "%s\n", buf ); ssl_close_notify( &ssl ); } else goto usage; exit: net_close( server_fd ); x509_free( &clicert ); rsa_free( &rsa ); ssl_free( &ssl ); memset( &ssl, 0, sizeof( ssl ) ); #ifdef WIN32 printf( " + Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main() //@ : main //@ requires true; //@ ensures true; { pthread_t a_thread; havege_state havege_state; int* principals = malloc(sizeof(int)); if (principals == 0) abort(); *principals = 0; printf("\n\tExecuting \""); printf("secure_storage"); printf(" protocol"); printf("\" ... \n\n"); //@ PACK_PROOF_OBLIGATIONS(ss) //@ close exists(ss_polarssl_pub); //@ polarssl_init(); //@ int sender = polarssl_create_principal(); (*principals)++; //@ int receiver = polarssl_create_principal(); (*principals)++; //@ close havege_state(&havege_state); havege_init(&havege_state); //@ close pthread_run_pre(attacker_t)(principals, _); pthread_create(&a_thread, NULL, &attacker_t, principals); int i = 0; #ifdef EXECUTE while (i++ < 10) #else while (true) #endif /*@ invariant [2/3]polarssl_world(ss_polarssl_pub) &*& havege_state_initialized(&havege_state) &*& polarssl_generated_values(sender, ?count_s); @*/ { char* key; char* message; int temp; int message_len; //@ close random_request(sender, 0, true); key = malloc(KEY_BYTE_SIZE); if (key == 0) abort(); if (havege_random(&havege_state, key, KEY_BYTE_SIZE) != 0) abort(); r_int_with_bounds(&havege_state, &temp, POLARSSL_MIN_HMAC_INPUT_BYTE_SIZE, POLARSSL_MAX_MESSAGE_BYTE_SIZE - 65); message_len = temp; message = malloc(message_len); if (message == 0) abort(); //@ assert chars(message, message_len, ?msg_cs); //@ polarssl_public_generated_chars_assume(ss_polarssl_pub, msg_cs); { pthread_t s_thread, r_thread; struct ss_args s_args; struct ss_args r_args; /*@ open polarssl_cryptogram(key, KEY_BYTE_SIZE, ?key_cs, polarssl_symmetric_key(sender, count_s + 1)); @*/ //@ assert chars(key, KEY_BYTE_SIZE, ?cs_key); s_args.key_len = KEY_BYTE_SIZE; s_args.key = key; s_args.message_len = message_len; s_args.message = malloc(message_len); if (s_args.message == 0) abort(); memcpy(s_args.message, message, (unsigned int) message_len); /*@ close polarssl_public_message(ss_polarssl_pub) (s_args.message, message_len, msg_cs); @*/ r_args.key_len = KEY_BYTE_SIZE; r_args.key = key; /*@ close polarssl_cryptogram(key, KEY_BYTE_SIZE, key_cs, polarssl_symmetric_key(sender, count_s + 1)); @*/ //@ assume (app_send_event(sender, msg_cs)); //@ close pthread_run_pre(sender_t)(&s_args, _); pthread_create(&s_thread, NULL, &sender_t, &s_args); //@ close pthread_run_pre(receiver_t)(&r_args, _); pthread_create(&r_thread, NULL, &receiver_t, &r_args); pthread_join(s_thread, NULL); //@ open pthread_run_post(sender_t)(&s_args, _); pthread_join(r_thread, NULL); //@ open pthread_run_post(receiver_t)(&r_args, _); /*@ open polarssl_public_message(ss_polarssl_pub) (s_args.message, _, ?s_cs); @*/ //@ assert true == app_send_event(sender, s_cs); free(s_args.message); /*@ open polarssl_public_message(ss_polarssl_pub) (r_args.message, _, ?r_cs); @*/ /*@ if (!bad(sender)) { assert true == app_send_event(sender, r_cs); } @*/ free(r_args.message); //@ open [1/2]polarssl_cryptogram(key, _, _, _); //@ open [1/2]polarssl_cryptogram(key, _, _, _); } free(key); free(message); } //@ havege_exit(&havege_state); //@ open havege_state(&havege_state); //@ destroy_polarssl_principal(sender); //@ destroy_polarssl_principal(receiver); printf("Done\n"); //@ leak malloc_block_ints(principals, 1); //@ leak [_]polarssl_world(_); return 0; }
/********************************************************************************************************* ** 函数名称: __vpnClientConnect ** 功能描述: VPN 客户端链接服务器 ** 输 入 : pvpnctx VPN 上下文 (除了 VPNCTX_iVerifyOpt 有初值, 其他字段必须经过清空) ** cpcCACrtFile CA 证书文件 .pem or .crt ** cpcPrivateCrtFile 私有证书文件 .pem or .crt ** cpcKeyFile 私有密钥文件 .pem or .key ** cpcKeyPassword 私有密钥文件解密密码, 如果密钥文件不存在密码, 则为 NULL ** inaddr SSL 服务器地址 ** usPort SSL 服务器端口 (网络字节序) ** iSSLTimeoutSec 超时时间(单位秒, 推荐: 600) ** 输 出 : ERROR ** 全局变量: ** 调用模块: *********************************************************************************************************/ INT __vpnClientOpen (__PVPN_CONTEXT pvpnctx, CPCHAR cpcCACrtFile, CPCHAR cpcPrivateCrtFile, CPCHAR cpcKeyFile, CPCHAR cpcKeyPassword, struct in_addr inaddr, u16_t usPort, INT iSSLTimeoutSec) { INT i; INT iError = PX_ERROR; struct sockaddr_in sockaddrinRemote; (VOID)iSSLTimeoutSec; /* 新的 PolarSSL 暂未使用 */ if (pvpnctx == LW_NULL) { return (PX_ERROR); } pvpnctx->VPNCTX_iMode = __VPN_SSL_CLIENT; /* 设置为 client 模式 */ pvpnctx->VPNCTX_iSocket = PX_ERROR; /* 没有创建 socket */ havege_init(&pvpnctx->VPNCTX_haveagestat); /* 初始化随机数 */ if (pvpnctx->VPNCTX_iVerifyOpt != SSL_VERIFY_NONE) { /* 需要认证证书 */ /* * 安装 CA 证书和客户端证书 */ iError = x509parse_crtfile(&pvpnctx->VPNCTX_x509certCA, cpcCACrtFile); if (iError != ERROR_NONE) { _DebugHandle(__ERRORMESSAGE_LEVEL, "CA root certificate error.\r\n"); return (PX_ERROR); } iError = x509parse_crtfile(&pvpnctx->VPNCTX_x509certPrivate, cpcPrivateCrtFile); if (iError != ERROR_NONE) { _DebugHandle(__ERRORMESSAGE_LEVEL, "client certificate error.\r\n"); goto __error_handle; } /* * 安装 RSA 私有密钥 */ if (cpcKeyFile) { iError = x509parse_keyfile(&pvpnctx->VPNCTX_rasctx, cpcKeyFile, cpcKeyPassword); } else { iError = x509parse_keyfile(&pvpnctx->VPNCTX_rasctx, cpcPrivateCrtFile, cpcKeyPassword); } if (iError != ERROR_NONE) { _DebugHandle(__ERRORMESSAGE_LEVEL, "key file error.\r\n"); goto __error_handle; } } /* * 链接 SSL 服务器 */ pvpnctx->VPNCTX_iSocket = socket(AF_INET, SOCK_STREAM, IPPROTO_TCP); if (pvpnctx->VPNCTX_iSocket < 0) { _DebugHandle(__ERRORMESSAGE_LEVEL, "can not create socket.\r\n"); goto __error_handle; } lib_bzero(&sockaddrinRemote, sizeof(sockaddrinRemote)); sockaddrinRemote.sin_len = sizeof(struct sockaddr_in); sockaddrinRemote.sin_family = AF_INET; sockaddrinRemote.sin_addr = inaddr; sockaddrinRemote.sin_port = usPort; if(connect(pvpnctx->VPNCTX_iSocket, (struct sockaddr *)&sockaddrinRemote, sizeof(struct sockaddr_in)) < 0) { _DebugHandle(__ERRORMESSAGE_LEVEL, "can not connect server.\r\n"); goto __error_handle; } havege_init(&pvpnctx->VPNCTX_haveagestat); /* 初始化随机数 */ /* * 初始化 SSL/STL */ if (ssl_init(&pvpnctx->VPNCTX_sslctx) != ERROR_NONE) { _DebugHandle(__ERRORMESSAGE_LEVEL, "can not init ssl context.\r\n"); goto __error_handle; } ssl_set_endpoint(&pvpnctx->VPNCTX_sslctx, SSL_IS_CLIENT); ssl_set_authmode(&pvpnctx->VPNCTX_sslctx, pvpnctx->VPNCTX_iVerifyOpt); ssl_set_rng(&pvpnctx->VPNCTX_sslctx, havege_random, &pvpnctx->VPNCTX_haveagestat); ssl_set_dbg(&pvpnctx->VPNCTX_sslctx, LW_NULL, stdout); /* 不需要 DEBUG 信息 */ ssl_set_bio(&pvpnctx->VPNCTX_sslctx, net_recv, &pvpnctx->VPNCTX_iSocket, net_send, &pvpnctx->VPNCTX_iSocket); ssl_set_ciphersuites(&pvpnctx->VPNCTX_sslctx, ssl_default_ciphersuites); ssl_set_session(&pvpnctx->VPNCTX_sslctx, &pvpnctx->VPNCTX_sslsn); ssl_set_ca_chain(&pvpnctx->VPNCTX_sslctx, &pvpnctx->VPNCTX_x509certCA, LW_NULL, LW_NULL); ssl_set_own_cert(&pvpnctx->VPNCTX_sslctx, &pvpnctx->VPNCTX_x509certPrivate, &pvpnctx->VPNCTX_rasctx); ssl_set_hostname(&pvpnctx->VPNCTX_sslctx, LW_NULL); /* 不设置服务器名 */ for (i = 0; i < __VPN_SSL_HANDSHAKE_MAX_TIME; i++) { iError = ssl_handshake(&pvpnctx->VPNCTX_sslctx); /* 握手 */ if (iError == ERROR_NONE) { break; } else if ((iError != POLARSSL_ERR_NET_WANT_READ) && (iError != POLARSSL_ERR_NET_WANT_WRITE)) { _DebugHandle(__ERRORMESSAGE_LEVEL, "can not handshake.\r\n"); goto __error_handle; } } if (i >= __VPN_SSL_HANDSHAKE_MAX_TIME) { goto __error_handle; } return (ERROR_NONE); __error_handle: if (pvpnctx->VPNCTX_iSocket >= 0) { net_close(pvpnctx->VPNCTX_iSocket); } x509_free(&pvpnctx->VPNCTX_x509certPrivate); x509_free(&pvpnctx->VPNCTX_x509certCA); rsa_free(&pvpnctx->VPNCTX_rasctx); ssl_free(&pvpnctx->VPNCTX_sslctx); return (PX_ERROR); }
int main( int argc, char *argv[] ) { int keysize, i; unsigned char tmp[200]; char title[TITLE_LEN]; todo_list todo; if( argc == 1 ) memset( &todo, 1, sizeof( todo ) ); else { memset( &todo, 0, sizeof( todo ) ); for( i = 1; i < argc; i++ ) { if( strcmp( argv[i], "md4" ) == 0 ) todo.md4 = 1; else if( strcmp( argv[i], "md5" ) == 0 ) todo.md5 = 1; else if( strcmp( argv[i], "ripemd160" ) == 0 ) todo.ripemd160 = 1; else if( strcmp( argv[i], "sha1" ) == 0 ) todo.sha1 = 1; else if( strcmp( argv[i], "sha256" ) == 0 ) todo.sha256 = 1; else if( strcmp( argv[i], "sha512" ) == 0 ) todo.sha512 = 1; else if( strcmp( argv[i], "arc4" ) == 0 ) todo.arc4 = 1; else if( strcmp( argv[i], "des3" ) == 0 ) todo.des3 = 1; else if( strcmp( argv[i], "des" ) == 0 ) todo.des = 1; else if( strcmp( argv[i], "aes_cbc" ) == 0 ) todo.aes_cbc = 1; else if( strcmp( argv[i], "aes_gcm" ) == 0 ) todo.aes_gcm = 1; else if( strcmp( argv[i], "camellia" ) == 0 ) todo.camellia = 1; else if( strcmp( argv[i], "blowfish" ) == 0 ) todo.blowfish = 1; else if( strcmp( argv[i], "havege" ) == 0 ) todo.havege = 1; else if( strcmp( argv[i], "ctr_drbg" ) == 0 ) todo.ctr_drbg = 1; else if( strcmp( argv[i], "hmac_drbg" ) == 0 ) todo.hmac_drbg = 1; else if( strcmp( argv[i], "rsa" ) == 0 ) todo.rsa = 1; else if( strcmp( argv[i], "dhm" ) == 0 ) todo.dhm = 1; else if( strcmp( argv[i], "ecdsa" ) == 0 ) todo.ecdsa = 1; else if( strcmp( argv[i], "ecdh" ) == 0 ) todo.ecdh = 1; else { printf( "Unrecognized option: %s\n", argv[i] ); printf( "Available options:" OPTIONS ); } } } printf( "\n" ); memset( buf, 0xAA, sizeof( buf ) ); #if defined(POLARSSL_MD4_C) if( todo.md4 ) TIME_AND_TSC( "MD4", md4( buf, BUFSIZE, tmp ) ); #endif #if defined(POLARSSL_MD5_C) if( todo.md5 ) TIME_AND_TSC( "MD5", md5( buf, BUFSIZE, tmp ) ); #endif #if defined(POLARSSL_RIPEMD160_C) if( todo.ripemd160 ) TIME_AND_TSC( "RIPEMD160", ripemd160( buf, BUFSIZE, tmp ) ); #endif #if defined(POLARSSL_SHA1_C) if( todo.sha1 ) TIME_AND_TSC( "SHA-1", sha1( buf, BUFSIZE, tmp ) ); #endif #if defined(POLARSSL_SHA256_C) if( todo.sha256 ) TIME_AND_TSC( "SHA-256", sha256( buf, BUFSIZE, tmp, 0 ) ); #endif #if defined(POLARSSL_SHA512_C) if( todo.sha512 ) TIME_AND_TSC( "SHA-512", sha512( buf, BUFSIZE, tmp, 0 ) ); #endif #if defined(POLARSSL_ARC4_C) if( todo.arc4 ) { arc4_context arc4; arc4_setup( &arc4, tmp, 32 ); TIME_AND_TSC( "ARC4", arc4_crypt( &arc4, BUFSIZE, buf, buf ) ); } #endif #if defined(POLARSSL_DES_C) && defined(POLARSSL_CIPHER_MODE_CBC) if( todo.des3 ) { des3_context des3; des3_set3key_enc( &des3, tmp ); TIME_AND_TSC( "3DES", des3_crypt_cbc( &des3, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); } if( todo.des ) { des_context des; des_setkey_enc( &des, tmp ); TIME_AND_TSC( "DES", des_crypt_cbc( &des, DES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); } #endif #if defined(POLARSSL_AES_C) #if defined(POLARSSL_CIPHER_MODE_CBC) if( todo.aes_cbc ) { aes_context aes; for( keysize = 128; keysize <= 256; keysize += 64 ) { snprintf( title, sizeof( title ), "AES-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); aes_setkey_enc( &aes, tmp, keysize ); TIME_AND_TSC( title, aes_crypt_cbc( &aes, AES_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); } } #endif #if defined(POLARSSL_GCM_C) if( todo.aes_gcm ) { gcm_context gcm; for( keysize = 128; keysize <= 256; keysize += 64 ) { snprintf( title, sizeof( title ), "AES-GCM-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); gcm_init( &gcm, POLARSSL_CIPHER_ID_AES, tmp, keysize ); TIME_AND_TSC( title, gcm_crypt_and_tag( &gcm, GCM_ENCRYPT, BUFSIZE, tmp, 12, NULL, 0, buf, buf, 16, tmp ) ); gcm_free( &gcm ); } } #endif #endif #if defined(POLARSSL_CAMELLIA_C) && defined(POLARSSL_CIPHER_MODE_CBC) if( todo.camellia ) { camellia_context camellia; for( keysize = 128; keysize <= 256; keysize += 64 ) { snprintf( title, sizeof( title ), "CAMELLIA-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); camellia_setkey_enc( &camellia, tmp, keysize ); TIME_AND_TSC( title, camellia_crypt_cbc( &camellia, CAMELLIA_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); } } #endif #if defined(POLARSSL_BLOWFISH_C) && defined(POLARSSL_CIPHER_MODE_CBC) if( todo.blowfish ) { blowfish_context blowfish; for( keysize = 128; keysize <= 256; keysize += 64 ) { snprintf( title, sizeof( title ), "BLOWFISH-CBC-%d", keysize ); memset( buf, 0, sizeof( buf ) ); memset( tmp, 0, sizeof( tmp ) ); blowfish_setkey( &blowfish, tmp, keysize ); TIME_AND_TSC( title, blowfish_crypt_cbc( &blowfish, BLOWFISH_ENCRYPT, BUFSIZE, tmp, buf, buf ) ); } } #endif #if defined(POLARSSL_HAVEGE_C) if( todo.havege ) { havege_state hs; havege_init( &hs ); TIME_AND_TSC( "HAVEGE", havege_random( &hs, buf, BUFSIZE ) ); } #endif #if defined(POLARSSL_CTR_DRBG_C) if( todo.ctr_drbg ) { ctr_drbg_context ctr_drbg; if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) exit(1); TIME_AND_TSC( "CTR_DRBG (NOPR)", if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) exit(1) ); if( ctr_drbg_init( &ctr_drbg, myrand, NULL, NULL, 0 ) != 0 ) exit(1); ctr_drbg_set_prediction_resistance( &ctr_drbg, CTR_DRBG_PR_ON ); TIME_AND_TSC( "CTR_DRBG (PR)", if( ctr_drbg_random( &ctr_drbg, buf, BUFSIZE ) != 0 ) exit(1) ); }
int sign(unsigned char *output,unsigned char *input, int input_len, char *pri_key_file) { unsigned char * cipher = NULL; unsigned char * k_c = NULL; unsigned char sign[128]; int ret; FILE *fkey; rsa_context rsa_ctx; havege_state prng_ctx; cipher = (unsigned char *)malloc((32)*sizeof(char)); /* ********************** HASH controle integrite *********************** */ k_c = (unsigned char *)malloc(2*KEY_LENGTH*sizeof(unsigned char)); memset(k_c, 0, 2*KEY_LENGTH); //generation de la clef symetrique de KEY_LENGTH bits gen_key(k_c, KEY_LENGTH); sha2_hmac(k_c, KEY_LENGTH, input, input_len, cipher, 0); print_hex(k_c, KEY_LENGTH, "cle secrete utilisée pour le hash : "); /* *** Read the private asymetric key in the file*** */ if( ( fkey = fopen( pri_key_file, "rb" ) ) == NULL ) { ret = 1; printf( " failed\n ! Could not open %s\n" \ " ! Please run rsa_genkey first\n\n",pri_key_file ); goto cleanup; } rsa_init( &rsa_ctx, RSA_PKCS_V15, 0 ); if( ( ret = mpi_read_file( &rsa_ctx.N , 16, fkey ) ) != 0 || ( ret = mpi_read_file( &rsa_ctx.E , 16, fkey ) ) != 0 || ( ret = mpi_read_file( &rsa_ctx.D , 16, fkey ) ) != 0 || ( ret = mpi_read_file( &rsa_ctx.P , 16, fkey ) ) != 0 || ( ret = mpi_read_file( &rsa_ctx.Q , 16, fkey ) ) != 0 || ( ret = mpi_read_file( &rsa_ctx.DP, 16, fkey ) ) != 0 || ( ret = mpi_read_file( &rsa_ctx.DQ, 16, fkey ) ) != 0 || ( ret = mpi_read_file( &rsa_ctx.QP, 16, fkey ) ) != 0 ) { printf( " failed\n ! mpi_read_file returned %d\n\n", ret ); goto cleanup; } rsa_ctx.len = ( mpi_msb( &rsa_ctx.N ) + 7 ) >> 3; fclose( fkey ); /* *** SYM_K(key) : chiffrement RSA de la clé de chiffrement key (16) => rsa-1024 bits = 128 octets en sortie *** */ /* *** cipher = ASYM_Kpriv (Hash) *** */ havege_init(&prng_ctx); memset(sign, 0, 128); if( ( ret = rsa_pkcs1_encrypt( &rsa_ctx, havege_random, &prng_ctx, RSA_PRIVATE, KEY_LENGTH, cipher, sign ) ) != 0 ) { printf( " failed\n ! rsa_pkcs1_encrypt returned %d\n\n", ret ); goto cleanup; } print_hex(sign, sizeof(sign), "Hash chiffrée avec RSA : "); /* *** ASYM_Kpub (K) *** */ output = (unsigned char *) malloc( 128 * sizeof(unsigned char)); memcpy(output, sign, 128); cleanup: if(cipher != NULL) { memset(cipher, 0, 32); free(cipher); } if(k_c != NULL) { memset(k_c, 0, 2*KEY_LENGTH); free(k_c); } memset(&prng_ctx,0x00, sizeof(havege_state)); memset(&rsa_ctx, 0x00, sizeof(rsa_ctx)); memset(sign, 0, 128); return ret; }
int main( void ) { int ret; rsa_context rsa; havege_state hs; FILE *fpub = NULL; FILE *fpriv = NULL; printf( "\n . Seeding the random number generator..." ); fflush( stdout ); havege_init( &hs ); printf( " ok\n . Generating the RSA key [ %d-bit ]...", KEY_SIZE ); fflush( stdout ); rsa_init( &rsa, RSA_PKCS_V15, 0 ); if( ( ret = rsa_gen_key( &rsa, havege_rand, &hs, KEY_SIZE, EXPONENT ) ) != 0 ) { printf( " failed\n ! rsa_gen_key returned %d\n\n", ret ); goto exit; } printf( " ok\n . Exporting the public key in rsa_pub.txt...." ); fflush( stdout ); if( ( fpub = fopen( "rsa_pub.txt", "wb+" ) ) == NULL ) { printf( " failed\n ! could not open rsa_pub.txt for writing\n\n" ); ret = 1; goto exit; } if( ( ret = mpi_write_file( "N = ", &rsa.N, 16, fpub ) ) != 0 || ( ret = mpi_write_file( "E = ", &rsa.E, 16, fpub ) ) != 0 ) { printf( " failed\n ! mpi_write_file returned %d\n\n", ret ); goto exit; } printf( " ok\n . Exporting the private key in rsa_priv.txt..." ); fflush( stdout ); if( ( fpriv = fopen( "rsa_priv.txt", "wb+" ) ) == NULL ) { printf( " failed\n ! could not open rsa_priv.txt for writing\n" ); ret = 1; goto exit; } if( ( ret = mpi_write_file( "N = " , &rsa.N , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "E = " , &rsa.E , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "D = " , &rsa.D , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "P = " , &rsa.P , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "Q = " , &rsa.Q , 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "DP = ", &rsa.DP, 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "DQ = ", &rsa.DQ, 16, fpriv ) ) != 0 || ( ret = mpi_write_file( "QP = ", &rsa.QP, 16, fpriv ) ) != 0 ) { printf( " failed\n ! mpi_write_file returned %d\n\n", ret ); goto exit; } /* printf( " ok\n . Generating the certificate..." ); x509write_init_raw( &cert ); x509write_add_pubkey( &cert, &rsa ); x509write_add_subject( &cert, "CN='localhost'" ); x509write_add_validity( &cert, "2007-09-06 17:00:32", "2010-09-06 17:00:32" ); x509write_create_selfsign( &cert, &rsa ); x509write_crtfile( &cert, "cert.der", X509_OUTPUT_DER ); x509write_crtfile( &cert, "cert.pem", X509_OUTPUT_PEM ); x509write_free_raw( &cert ); */ printf( " ok\n\n" ); exit: if( fpub != NULL ) fclose( fpub ); if( fpriv != NULL ) fclose( fpriv ); rsa_free( &rsa ); #ifdef WIN32 printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
int main( void ) { int ret, len; int listen_fd; int client_fd; unsigned char buf[1024]; havege_state hs; ssl_context ssl; ssl_session ssn; x509_cert srvcert; rsa_context rsa; /* * 1. Load the certificates and private RSA key */ printf( "\n . Loading the server cert. and key..." ); fflush( stdout ); memset( &srvcert, 0, sizeof( x509_cert ) ); /* * This demonstration program uses embedded test certificates. * Instead, you may want to use x509parse_crtfile() to read the * server and CA certificates, as well as x509parse_keyfile(). */ ret = x509parse_crt( &srvcert, (unsigned char *) test_srv_crt, strlen( test_srv_crt ) ); if( ret != 0 ) { printf( " failed\n ! x509parse_crt returned %d\n\n", ret ); goto exit; } ret = x509parse_crt( &srvcert, (unsigned char *) test_ca_crt, strlen( test_ca_crt ) ); if( ret != 0 ) { printf( " failed\n ! x509parse_crt returned %d\n\n", ret ); goto exit; } ret = x509parse_key( &rsa, (unsigned char *) test_srv_key, strlen( test_srv_key ), NULL, 0 ); if( ret != 0 ) { printf( " failed\n ! x509parse_key returned %d\n\n", ret ); goto exit; } printf( " ok\n" ); /* * 2. Setup the listening TCP socket */ printf( " . Bind on https://localhost:4433/ ..." ); fflush( stdout ); if( ( ret = net_bind( &listen_fd, NULL, 4433 ) ) != 0 ) { printf( " failed\n ! net_bind returned %d\n\n", ret ); goto exit; } printf( " ok\n" ); /* * 3. Wait until a client connects */ #ifdef WIN32 ShellExecute( NULL, "open", "https://localhost:4433/", NULL, NULL, SW_SHOWNORMAL ); #endif client_fd = -1; memset( &ssl, 0, sizeof( ssl ) ); accept: net_close( client_fd ); ssl_free( &ssl ); printf( " . Waiting for a remote connection ..." ); fflush( stdout ); if( ( ret = net_accept( listen_fd, &client_fd, NULL ) ) != 0 ) { printf( " failed\n ! net_accept returned %d\n\n", ret ); goto exit; } printf( " ok\n" ); /* * 4. Setup stuff */ printf( " . Setting up the RNG and SSL data...." ); fflush( stdout ); havege_init( &hs ); if( ( ret = ssl_init( &ssl ) ) != 0 ) { printf( " failed\n ! ssl_init returned %d\n\n", ret ); goto accept; } printf( " ok\n" ); ssl_set_endpoint( &ssl, SSL_IS_SERVER ); ssl_set_authmode( &ssl, SSL_VERIFY_NONE ); ssl_set_rng( &ssl, havege_rand, &hs ); ssl_set_dbg( &ssl, my_debug, stdout ); ssl_set_bio( &ssl, net_recv, &client_fd, net_send, &client_fd ); ssl_set_scb( &ssl, my_get_session, my_set_session ); ssl_set_ciphers( &ssl, my_ciphers ); ssl_set_session( &ssl, 1, 0, &ssn ); memset( &ssn, 0, sizeof( ssl_session ) ); ssl_set_ca_chain( &ssl, srvcert.next, NULL, NULL ); ssl_set_own_cert( &ssl, &srvcert, &rsa ); ssl_set_dh_param( &ssl, my_dhm_P, my_dhm_G ); /* * 5. Handshake */ printf( " . Performing the SSL/TLS handshake..." ); fflush( stdout ); while( ( ret = ssl_handshake( &ssl ) ) != 0 ) { if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) { printf( " failed\n ! ssl_handshake returned %d\n\n", ret ); goto accept; } } printf( " ok\n" ); /* * 6. Read the HTTP Request */ printf( " < Read from client:" ); fflush( stdout ); do { len = sizeof( buf ) - 1; memset( buf, 0, sizeof( buf ) ); ret = ssl_read( &ssl, buf, len ); if( ret == POLARSSL_ERR_NET_TRY_AGAIN ) continue; if( ret <= 0 ) { switch( ret ) { case POLARSSL_ERR_SSL_PEER_CLOSE_NOTIFY: printf( " connection was closed gracefully\n" ); break; case POLARSSL_ERR_NET_CONN_RESET: printf( " connection was reset by peer\n" ); break; default: printf( " ssl_read returned %d\n", ret ); break; } break; } len = ret; printf( " %d bytes read\n\n%s", len, (char *) buf ); } while( 0 ); /* * 7. Write the 200 Response */ printf( " > Write to client:" ); fflush( stdout ); len = sprintf( (char *) buf, HTTP_RESPONSE, ssl_get_cipher( &ssl ) ); while( ( ret = ssl_write( &ssl, buf, len ) ) <= 0 ) { if( ret == POLARSSL_ERR_NET_CONN_RESET ) { printf( " failed\n ! peer closed the connection\n\n" ); goto accept; } if( ret != POLARSSL_ERR_NET_TRY_AGAIN ) { printf( " failed\n ! ssl_write returned %d\n\n", ret ); goto exit; } } len = ret; printf( " %d bytes written\n\n%s\n", len, (char *) buf ); ssl_close_notify( &ssl ); goto accept; exit: net_close( client_fd ); x509_free( &srvcert ); rsa_free( &rsa ); ssl_free( &ssl ); cur = s_list_1st; while( cur != NULL ) { prv = cur; cur = cur->next; memset( prv, 0, sizeof( ssl_session ) ); free( prv ); } memset( &ssl, 0, sizeof( ssl_context ) ); #ifdef WIN32 printf( " Press Enter to exit this program.\n" ); fflush( stdout ); getchar(); #endif return( ret ); }
tcpcon_t * tcp_connect(const char *hostname, int port, char *errbuf, size_t errbufsize, int timeout, int ssl) { struct net_hostent *hp; char *tmphstbuf; int fd, r, err, herr, optval; const char *errtxt; struct sockaddr_in in; socklen_t errlen = sizeof(int); if(!strcmp(hostname, "localhost")) { if((fd = getstreamsocket(AF_INET, errbuf, errbufsize)) == -1) return NULL; memset(&in, 0, sizeof(in)); in.sin_family = AF_INET; in.sin_port = htons(port); in.sin_addr.s_addr = htonl(INADDR_LOOPBACK); r = netConnect(fd, (struct sockaddr *)&in, sizeof(struct sockaddr_in)); } else { herr = 0; tmphstbuf = NULL; /* free NULL is a nop */ hp = netGetHostByName(hostname); if(hp == NULL) herr = h_errno; if(herr != 0) { switch(herr) { case HOST_NOT_FOUND: errtxt = "Unknown host"; break; case NO_ADDRESS: errtxt = "The requested name is valid but does not have an IP address"; break; case NO_RECOVERY: errtxt = "A non-recoverable name server error occurred"; break; case TRY_AGAIN: errtxt = "A temporary error occurred on an authoritative name server"; break; default: errtxt = "Unknown error"; break; } snprintf(errbuf, errbufsize, "%s", errtxt); free(tmphstbuf); return NULL; } else if(hp == NULL) { snprintf(errbuf, errbufsize, "Resolver internal error"); free(tmphstbuf); return NULL; } if((fd = getstreamsocket(hp->h_addrtype, errbuf, errbufsize)) == -1) { free(tmphstbuf); return NULL; } switch(hp->h_addrtype) { case AF_INET: memset(&in, 0, sizeof(in)); in.sin_family = AF_INET; in.sin_port = htons(port); lv2_void* netaddrlist = (lv2_void*)(u64)hp->h_addr_list; memcpy(&in.sin_addr, (char*)(u64)netaddrlist[0], sizeof(struct in_addr)); r = netConnect(fd, (struct sockaddr *)&in, sizeof(struct sockaddr_in)); break; default: snprintf(errbuf, errbufsize, "Invalid protocol family"); free(tmphstbuf); return NULL; } free(tmphstbuf); } if(r < 0) { if(net_errno == NET_EINPROGRESS) { struct pollfd pfd; pfd.fd = fd; pfd.events = POLLOUT; pfd.revents = 0; r = netPoll(&pfd, 1, timeout); if(r == 0) { /* Timeout */ snprintf(errbuf, errbufsize, "Connection attempt timed out"); netClose(fd); return NULL; } if(r == -1) { snprintf(errbuf, errbufsize, "poll() error: %s", strerror(net_errno)); netClose(fd); return NULL; } netGetSockOpt(fd, SOL_SOCKET, SO_ERROR, (void *)&err, &errlen); } else { err = net_errno; } } else { err = 0; } if(err != 0) { snprintf(errbuf, errbufsize, "%s", strerror(err)); netClose(fd); return NULL; } optval = 0; r = netSetSockOpt(fd, SOL_SOCKET, SO_NBIO, &optval, sizeof(optval)); if(r < 0) { snprintf(errbuf, errbufsize, "Unable to go blocking: %s", strerror(net_errno)); netClose(fd); return NULL; } tcpcon_t *tc = calloc(1, sizeof(tcpcon_t)); tc->fd = fd; htsbuf_queue_init(&tc->spill, 0); if(ssl) { #if ENABLE_POLARSSL if(1) { tc->ssl = malloc(sizeof(ssl_context)); if(ssl_init(tc->ssl)) { snprintf(errbuf, errlen, "SSL failed to initialize"); close(fd); free(tc->ssl); free(tc); return NULL; } tc->ssn = malloc(sizeof(ssl_session)); tc->hs = malloc(sizeof(havege_state)); havege_init(tc->hs); memset(tc->ssn, 0, sizeof(ssl_session)); ssl_set_endpoint(tc->ssl, SSL_IS_CLIENT ); ssl_set_authmode(tc->ssl, SSL_VERIFY_NONE ); ssl_set_rng(tc->ssl, havege_rand, tc->hs ); ssl_set_bio(tc->ssl, net_recv, &tc->fd, net_send, &tc->fd); ssl_set_ciphers(tc->ssl, ssl_default_ciphers ); ssl_set_session(tc->ssl, 1, 600, tc->ssn ); tc->read = polarssl_read; tc->write = polarssl_write; } else #endif { snprintf(errbuf, errlen, "SSL not supported"); tcp_close(tc); return NULL; } } else { tc->read = tcp_read; tc->write = tcp_write; } return tc; }
void app_send(char *key, char *message, int message_len) /*@ requires polarssl_generated_values(?creator, ?count1) &*& [?f0]polarssl_world(sc_auth_polarssl_pub) &*& [?f1]polarssl_cryptogram(key, KEY_BYTE_SIZE, ?key_cs, ?key_cg) &*& key_cg == polarssl_symmetric_key(creator, ?key_id) &*& [?f2]chars(message, message_len, ?m_cs) &*& message_len >= POLARSSL_MIN_ENCRYPTED_BYTE_SIZE &*& message_len < POLARSSL_MAX_MESSAGE_BYTE_SIZE - 84 &*& bad(creator) ? [_]polarssl_public_generated_chars(sc_auth_polarssl_pub)(m_cs) : true == app_send_event(creator, m_cs); @*/ /*@ ensures polarssl_generated_values(creator, ?count2) &*& count2 > count1 &*& [f0]polarssl_world(sc_auth_polarssl_pub) &*& [f1]polarssl_cryptogram(key, KEY_BYTE_SIZE, key_cs, key_cg) &*& [f2]chars(message, message_len, m_cs); @*/ { int socket; havege_state havege_state; char iv[16]; // init { net_usleep(20000); if(net_connect(&socket, NULL, APP_RECEIVE_PORT) != 0) abort(); if(net_set_block(socket) != 0) abort(); //@ close havege_state(&havege_state); havege_init(&havege_state); } // iv stuff { //@ close random_request(creator, 0, false); if (havege_random(&havege_state, iv, 16) != 0) abort(); } //@ open polarssl_cryptogram(iv, 16, ?iv_cs, _); char* m = malloc(16 + message_len + 16); if (m == 0) abort(); memcpy(m, iv, 16); //@ assert chars(m, 16, iv_cs); //@ assert chars(m + 16, message_len + 16, ?cs1); //@ polarssl_public_generated_chars_assume(sc_auth_polarssl_pub, iv_cs); // encrypt message { unsigned int temp; gcm_context gcm_context; //@ close gcm_context(&gcm_context); //@ open [f1]polarssl_cryptogram(key, KEY_BYTE_SIZE, key_cs, key_cg); //@ close polarssl_key_id(creator, key_id); if (gcm_init(&gcm_context, POLARSSL_AES_CIPHER_ID, key, (unsigned int) KEY_BYTE_SIZE * 8) != 0) abort(); //@ close [f1]polarssl_cryptogram(key, KEY_BYTE_SIZE, key_cs, key_cg); //@ chars_split(m + 16, message_len); if (gcm_crypt_and_tag(&gcm_context, POLARSSL_GCM_ENCRYPT, (unsigned int) message_len, iv, 16, NULL, 0, message, m + 16, 16, (char*) ((m + 16) + message_len)) != 0) abort(); gcm_free(&gcm_context); //@ open gcm_context(&gcm_context); } //@ assert polarssl_cryptogram(m + 16, message_len, ?e_cs, ?e_cg); /*@ assert e_cg == polarssl_auth_encrypted( creator, key_id, ?t_cs, m_cs, iv_cs); @*/ //@ close sc_auth_polarssl_pub(e_cg); //@ leak sc_auth_polarssl_pub(e_cg); /*@ polarssl_public_message_from_cryptogram( sc_auth_polarssl_pub, m + 16, message_len, e_cs, e_cg); @*/ /*@ open polarssl_public_message(sc_auth_polarssl_pub) (m + 16, message_len, e_cs); @*/ //@ assert chars(m + 16 + message_len, 16, t_cs); //@ chars_join(m); //@ chars_join(m); //@ assert chars(m, 16 + message_len + 16, ?cs); //@ append_assoc(iv_cs, e_cs, t_cs); //@ assert cs == append(iv_cs, append(e_cs, t_cs)); //@ polarssl_public_generated_chars_assume(sc_auth_polarssl_pub, t_cs); /*@ polarssl_public_generated_chars_join( sc_auth_polarssl_pub, iv_cs, e_cs); @*/ /*@ polarssl_public_generated_chars_join( sc_auth_polarssl_pub, append(iv_cs, e_cs), t_cs); @*/ /*@ close polarssl_public_message(sc_auth_polarssl_pub) (m, 16 + message_len + 16, append(iv_cs, append(e_cs, t_cs))); @*/ net_send(&socket, m, (unsigned int) 16 + (unsigned int) message_len + 16); //@ open polarssl_public_message(sc_auth_polarssl_pub)(m, _, _); { free(m); havege_free(&havege_state); //@ open havege_state(&havege_state); net_close(socket); } }
static CURLcode polarssl_connect_step1(struct connectdata *conn, int sockindex) { struct SessionHandle *data = conn->data; struct ssl_connect_data* connssl = &conn->ssl[sockindex]; bool sni = TRUE; /* default is SNI enabled */ int ret = -1; #ifdef ENABLE_IPV6 struct in6_addr addr; #else struct in_addr addr; #endif void *old_session = NULL; size_t old_session_size = 0; char errorbuf[128]; memset(errorbuf, 0, sizeof(errorbuf)); /* PolarSSL only supports SSLv3 and TLSv1 */ if(data->set.ssl.version == CURL_SSLVERSION_SSLv2) { failf(data, "PolarSSL does not support SSLv2"); return CURLE_SSL_CONNECT_ERROR; } else if(data->set.ssl.version == CURL_SSLVERSION_SSLv3) sni = FALSE; /* SSLv3 has no SNI */ #if POLARSSL_VERSION_NUMBER<0x01010000 havege_init(&connssl->hs); #else #ifdef THREADING_SUPPORT entropy_init_mutex(&entropy); if((ret = ctr_drbg_init(&connssl->ctr_drbg, entropy_func_mutex, &entropy, connssl->ssn.id, connssl->ssn.length)) != 0) { #ifdef POLARSSL_ERROR_C error_strerror(ret, errorbuf, sizeof(errorbuf)); #endif /* POLARSSL_ERROR_C */ failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n", -ret, errorbuf); } #else entropy_init(&connssl->entropy); if((ret = ctr_drbg_init(&connssl->ctr_drbg, entropy_func, &connssl->entropy, connssl->ssn.id, connssl->ssn.length)) != 0) { #ifdef POLARSSL_ERROR_C error_strerror(ret, errorbuf, sizeof(errorbuf)); #endif /* POLARSSL_ERROR_C */ failf(data, "Failed - PolarSSL: ctr_drbg_init returned (-0x%04X) %s\n", -ret, errorbuf); } #endif /* THREADING_SUPPORT */ #endif /* POLARSSL_VERSION_NUMBER<0x01010000 */ /* Load the trusted CA */ memset(&connssl->cacert, 0, sizeof(x509_cert)); if(data->set.str[STRING_SSL_CAFILE]) { ret = x509parse_crtfile(&connssl->cacert, data->set.str[STRING_SSL_CAFILE]); if(ret<0) { #ifdef POLARSSL_ERROR_C error_strerror(ret, errorbuf, sizeof(errorbuf)); #endif /* POLARSSL_ERROR_C */ failf(data, "Error reading ca cert file %s - PolarSSL: (-0x%04X) %s", data->set.str[STRING_SSL_CAFILE], -ret, errorbuf); if(data->set.ssl.verifypeer) return CURLE_SSL_CACERT_BADFILE; } } /* Load the client certificate */ memset(&connssl->clicert, 0, sizeof(x509_cert)); if(data->set.str[STRING_CERT]) { ret = x509parse_crtfile(&connssl->clicert, data->set.str[STRING_CERT]); if(ret) { #ifdef POLARSSL_ERROR_C error_strerror(ret, errorbuf, sizeof(errorbuf)); #endif /* POLARSSL_ERROR_C */ failf(data, "Error reading client cert file %s - PolarSSL: (-0x%04X) %s", data->set.str[STRING_CERT], -ret, errorbuf); return CURLE_SSL_CERTPROBLEM; } } /* Load the client private key */ if(data->set.str[STRING_KEY]) { ret = x509parse_keyfile(&connssl->rsa, data->set.str[STRING_KEY], data->set.str[STRING_KEY_PASSWD]); if(ret) { #ifdef POLARSSL_ERROR_C error_strerror(ret, errorbuf, sizeof(errorbuf)); #endif /* POLARSSL_ERROR_C */ failf(data, "Error reading private key %s - PolarSSL: (-0x%04X) %s", data->set.str[STRING_KEY], -ret, errorbuf); return CURLE_SSL_CERTPROBLEM; } } /* Load the CRL */ memset(&connssl->crl, 0, sizeof(x509_crl)); if(data->set.str[STRING_SSL_CRLFILE]) { ret = x509parse_crlfile(&connssl->crl, data->set.str[STRING_SSL_CRLFILE]); if(ret) { #ifdef POLARSSL_ERROR_C error_strerror(ret, errorbuf, sizeof(errorbuf)); #endif /* POLARSSL_ERROR_C */ failf(data, "Error reading CRL file %s - PolarSSL: (-0x%04X) %s", data->set.str[STRING_SSL_CRLFILE], -ret, errorbuf); return CURLE_SSL_CRL_BADFILE; } } infof(data, "PolarSSL: Connecting to %s:%d\n", conn->host.name, conn->remote_port); if(ssl_init(&connssl->ssl)) { failf(data, "PolarSSL: ssl_init failed"); return CURLE_SSL_CONNECT_ERROR; } ssl_set_endpoint(&connssl->ssl, SSL_IS_CLIENT); ssl_set_authmode(&connssl->ssl, SSL_VERIFY_OPTIONAL); #if POLARSSL_VERSION_NUMBER<0x01010000 ssl_set_rng(&connssl->ssl, havege_rand, &connssl->hs); #else ssl_set_rng(&connssl->ssl, ctr_drbg_random, &connssl->ctr_drbg); #endif /* POLARSSL_VERSION_NUMBER<0x01010000 */ ssl_set_bio(&connssl->ssl, net_recv, &conn->sock[sockindex], net_send, &conn->sock[sockindex]); #if POLARSSL_VERSION_NUMBER<0x01000000 ssl_set_ciphers(&connssl->ssl, ssl_default_ciphers); #else ssl_set_ciphersuites(&connssl->ssl, ssl_default_ciphersuites); #endif if(!Curl_ssl_getsessionid(conn, &old_session, &old_session_size)) { memcpy(&connssl->ssn, old_session, old_session_size); infof(data, "PolarSSL re-using session\n"); } /* PolarSSL SVN revision r1316 to r1317, matching <1.2.0 is to cover Ubuntu's 1.1.4 version and the like */ #if POLARSSL_VERSION_NUMBER<0x01020000 ssl_set_session(&connssl->ssl, 1, 600, &connssl->ssn); #else ssl_set_session(&connssl->ssl, &connssl->ssn); #endif ssl_set_ca_chain(&connssl->ssl, &connssl->cacert, &connssl->crl, conn->host.name); ssl_set_own_cert(&connssl->ssl, &connssl->clicert, &connssl->rsa); if(!Curl_inet_pton(AF_INET, conn->host.name, &addr) && #ifdef ENABLE_IPV6 !Curl_inet_pton(AF_INET6, conn->host.name, &addr) && #endif sni && ssl_set_hostname(&connssl->ssl, conn->host.name)) { infof(data, "WARNING: failed to configure " "server name indication (SNI) TLS extension\n"); } #ifdef POLARSSL_DEBUG ssl_set_dbg(&connssl->ssl, polarssl_debug, data); #endif connssl->connecting_state = ssl_connect_2; return CURLE_OK; }
tcpcon_t * tcp_connect(const char *hostname, int port, char *errbuf, size_t errbufsize, int timeout, int ssl) { struct hostent *hp; char *tmphstbuf; int fd, val, r, err, herr; const char *errtxt; #if !defined(__APPLE__) struct hostent hostbuf; size_t hstbuflen; int res; #endif struct sockaddr_in6 in6; struct sockaddr_in in; socklen_t errlen = sizeof(int); if(!strcmp(hostname, "localhost")) { if((fd = getstreamsocket(AF_INET, errbuf, errbufsize)) == -1) return NULL; memset(&in, 0, sizeof(in)); in.sin_family = AF_INET; in.sin_port = htons(port); in.sin_addr.s_addr = htonl(INADDR_LOOPBACK); r = connect(fd, (struct sockaddr *)&in, sizeof(struct sockaddr_in)); } else { #if defined(__APPLE__) herr = 0; tmphstbuf = NULL; /* free NULL is a nop */ /* TODO: AF_INET6 */ hp = gethostbyname(hostname); if(hp == NULL) herr = h_errno; #else hstbuflen = 1024; tmphstbuf = malloc(hstbuflen); while((res = gethostbyname_r(hostname, &hostbuf, tmphstbuf, hstbuflen, &hp, &herr)) == ERANGE) { hstbuflen *= 2; tmphstbuf = realloc(tmphstbuf, hstbuflen); } #endif if(herr != 0) { switch(herr) { case HOST_NOT_FOUND: errtxt = "Unknown host"; break; case NO_ADDRESS: errtxt = "The requested name is valid but does not have an IP address"; break; case NO_RECOVERY: errtxt = "A non-recoverable name server error occurred"; break; case TRY_AGAIN: errtxt = "A temporary error occurred on an authoritative name server"; break; default: errtxt = "Unknown error"; break; } snprintf(errbuf, errbufsize, "%s", errtxt); free(tmphstbuf); return NULL; } else if(hp == NULL) { snprintf(errbuf, errbufsize, "Resolver internal error"); free(tmphstbuf); return NULL; } if((fd = getstreamsocket(hp->h_addrtype, errbuf, errbufsize)) == -1) { free(tmphstbuf); return NULL; } switch(hp->h_addrtype) { case AF_INET: memset(&in, 0, sizeof(in)); in.sin_family = AF_INET; in.sin_port = htons(port); memcpy(&in.sin_addr, hp->h_addr_list[0], sizeof(struct in_addr)); r = connect(fd, (struct sockaddr *)&in, sizeof(struct sockaddr_in)); break; case AF_INET6: memset(&in6, 0, sizeof(in6)); in6.sin6_family = AF_INET6; in6.sin6_port = htons(port); memcpy(&in6.sin6_addr, hp->h_addr_list[0], sizeof(struct in6_addr)); r = connect(fd, (struct sockaddr *)&in, sizeof(struct sockaddr_in6)); break; default: snprintf(errbuf, errbufsize, "Invalid protocol family"); free(tmphstbuf); return NULL; } free(tmphstbuf); } if(r == -1) { if(errno == EINPROGRESS) { struct pollfd pfd; pfd.fd = fd; pfd.events = POLLOUT; pfd.revents = 0; r = poll(&pfd, 1, timeout); if(r == 0) { /* Timeout */ snprintf(errbuf, errbufsize, "Connection attempt timed out"); close(fd); return NULL; } if(r == -1) { snprintf(errbuf, errbufsize, "poll() error: %s", strerror(errno)); close(fd); return NULL; } getsockopt(fd, SOL_SOCKET, SO_ERROR, (void *)&err, &errlen); } else { err = errno; } } else { err = 0; } if(err != 0) { snprintf(errbuf, errbufsize, "%s", strerror(err)); close(fd); return NULL; } fcntl(fd, F_SETFL, fcntl(fd, F_GETFL) & ~O_NONBLOCK); val = 1; setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, &val, sizeof(val)); tcpcon_t *tc = calloc(1, sizeof(tcpcon_t)); tc->fd = fd; htsbuf_queue_init(&tc->spill, 0); if(ssl) { #if ENABLE_OPENSSL if(showtime_ssl_ctx != NULL) { char errmsg[120]; if((tc->ssl = SSL_new(showtime_ssl_ctx)) == NULL) { ERR_error_string(ERR_get_error(), errmsg); snprintf(errbuf, errlen, "SSL: %s", errmsg); tcp_close(tc); return NULL; } if(SSL_set_fd(tc->ssl, tc->fd) == 0) { ERR_error_string(ERR_get_error(), errmsg); snprintf(errbuf, errlen, "SSL fd: %s", errmsg); tcp_close(tc); return NULL; } if(SSL_connect(tc->ssl) <= 0) { ERR_error_string(ERR_get_error(), errmsg); snprintf(errbuf, errlen, "SSL connect: %s", errmsg); tcp_close(tc); return NULL; } SSL_set_mode(tc->ssl, SSL_MODE_AUTO_RETRY); tc->read = ssl_read; tc->write = ssl_write; } else #elif ENABLE_POLARSSL if(1) { tc->ssl = malloc(sizeof(ssl_context)); if(ssl_init(tc->ssl)) { snprintf(errbuf, errlen, "SSL failed to initialize"); close(fd); free(tc->ssl); free(tc); return NULL; } tc->ssn = malloc(sizeof(ssl_session)); tc->hs = malloc(sizeof(havege_state)); havege_init(tc->hs); memset(tc->ssn, 0, sizeof(ssl_session)); ssl_set_endpoint(tc->ssl, SSL_IS_CLIENT ); ssl_set_authmode(tc->ssl, SSL_VERIFY_NONE ); ssl_set_rng(tc->ssl, havege_rand, tc->hs ); ssl_set_bio(tc->ssl, net_recv, &tc->fd, net_send, &tc->fd); ssl_set_ciphers(tc->ssl, ssl_default_ciphers ); ssl_set_session(tc->ssl, 1, 600, tc->ssn ); tc->read = polarssl_read; tc->write = polarssl_write; } else #endif { snprintf(errbuf, errlen, "SSL not supported"); tcp_close(tc); return NULL; } } else { tc->read = tcp_read; tc->write = tcp_write; } return tc; }