mirror
/
esp-idf
kopia lustrzana https://github.com/espressif/esp-idf
1
0
Forkuj 0
Kod Zgłoszenia Projekty Wydania Wiki Aktywność

components/openssl: add license header

pull/42/merge
dongheng 2016-09-22 10:28:08 +08:00
rodzic b89168d0f1
commit 6bd3d62d7c
23 zmienionych plików z 819 dodań i 235 usunięć
Pokaż statystyki Ściągnij plik aktualizacji Ściągnij plik porównania Expand all files Collapse all files

1
components/openssl/Makefile.projbuild
Wyświetl plik

@ -1,4 +1,3 @@
# Anyone compiling mbedTLS code needs the name of the
# alternative config file
CFLAGS += -DMBEDTLS_CONFIG_FILE='"mbedtls/esp_config.h"'

14
components/openssl/include/internal/ssl3.h
Wyświetl plik

@ -1,3 +1,17 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL3_H_
#define _SSL3_H_

20
components/openssl/include/internal/ssl_cert.h
Wyświetl plik

@ -1,11 +1,23 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_CERT_H_
#define _SSL_CERT_H_
#include "ssl_pkey.h"
#include "ssl_x509.h"
CERT *ssl_cert_new(void);
#include "ssl_types.h"
CERT* ssl_cert_new(void);
void ssl_cert_free(CERT *c);
#endif

14
components/openssl/include/internal/ssl_code.h
Wyświetl plik

@ -1,3 +1,17 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_CODE_H_
#define _SSL_CODE_H_

20
components/openssl/include/internal/ssl_dbg.h
Wyświetl plik

@ -1,13 +1,29 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_DEBUG_H_
#define _SSL_DEBUG_H_
#define SSL_DEBUG_ENBALE 0
#define SSL_DEBUG_ENBALE 1
#define SSL_DEBUG_LEVEL 0
#define SSL_ASSERT_ENABLE 1
#define SSL_DEBUG_LOCATION_ENABLE 1
#if SSL_DEBUG_ENBALE
#define SSL_PRINT os_printf
extern int ets_printf(const char *fmt, ...);
#define SSL_PRINT ets_printf
#else
#define SSL_PRINT(...)
#endif

14
components/openssl/include/internal/ssl_lib.h
Wyświetl plik

@ -1,3 +1,17 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_LIB_H_
#define _SSL_LIB_H_

53
components/openssl/include/internal/ssl_methods.h
Wyświetl plik

@ -1,3 +1,17 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_METHODS_H_
#define _SSL_METHODS_H_
@ -8,7 +22,7 @@
set_fd, get_fd, \
set_bufflen, \
get_state) \
static const SSL_METHOD_FUNC func_name = { \
static const SSL_METHOD_FUNC func_name LOCAL_ATRR = { \
new, \
free, \
handshake, \
@ -25,7 +39,7 @@
#define IMPLEMENT_TLS_METHOD(ver, mode, fun, func_name) \
const SSL_METHOD* func_name(void) { \
static const SSL_METHOD func_name##_data = { \
static const SSL_METHOD func_name##_data LOCAL_ATRR = { \
ver, \
mode, \
&(fun), \
@ -35,7 +49,7 @@
#define IMPLEMENT_SSL_METHOD(ver, mode, fun, func_name) \
const SSL_METHOD* func_name(void) { \
static const SSL_METHOD func_name##_data = { \
static const SSL_METHOD func_name##_data LOCAL_ATRR = { \
ver, \
mode, \
&(fun), \
@ -43,4 +57,37 @@
return &func_name##_data; \
}
#define IMPLEMENT_X509_METHOD(func_name, \
new, \
free, \
load, \
unload) \
const X509_METHOD* func_name(void) { \
static const X509_METHOD func_name##_data LOCAL_ATRR = { \
new, \
free, \
load, \
unload, \
}; \
return &func_name##_data; \
}
#define IMPLEMENT_PKEY_METHOD(func_name, \
new, \
free, \
load, \
unload) \
const PKEY_METHOD* func_name(void) { \
static const PKEY_METHOD func_name##_data LOCAL_ATRR = { \
new, \
free, \
load, \
unload, \
}; \
return &func_name##_data; \
}
const X509_METHOD* X509_method(void);
const PKEY_METHOD* EVP_PKEY_method(void);
#endif

18
components/openssl/include/internal/ssl_pkey.h
Wyświetl plik

@ -1,9 +1,25 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_PKEY_H_
#define _SSL_PKEY_H_
#include "ssl_types.h"
EVP_PKEY *d2i_PrivateKey(int type,
EVP_PKEY* EVP_PKEY_new(void);
EVP_PKEY* d2i_PrivateKey(int type,
EVP_PKEY **a,
const unsigned char **pp,
long length);

14
components/openssl/include/internal/ssl_rsa.h
Wyświetl plik

@ -1,3 +1,17 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_RSA_H_
#define _SSL_RSA_H_

53
components/openssl/include/internal/ssl_types.h
Wyświetl plik

@ -1,8 +1,21 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_TYPES_H_
#define _SSL_TYPES_H_
#include "ssl_code.h"
#include <stddef.h>
typedef void SSL_CIPHER;
@ -47,15 +60,25 @@ typedef struct x509_st X509;
struct evp_pkey_st;
typedef struct evp_pkey_st EVP_PKEY;
struct x509_method_st;
typedef struct x509_method_st X509_METHOD;
struct pkey_method_st;
typedef struct pkey_method_st PKEY_METHOD;
struct evp_pkey_st {
void *pkey_pm;
const PKEY_METHOD *method;
};
struct x509_st {
/* X509 certification platform private point */
void *x509_pm;
const X509_METHOD *method;
};
struct cert_st {
@ -111,6 +134,8 @@ struct ssl_ctx_st
long session_timeout;
int read_ahead;
int read_buffer_len;
};
struct ssl_st
@ -183,8 +208,34 @@ struct ssl_method_func_st {
OSSL_HANDSHAKE_STATE (*ssl_get_state)(const SSL *ssl);
};
struct x509_method_st {
int (*x509_new)(X509 *x);
void (*x509_free)(X509 *x);
int (*x509_load)(X509 *x, const unsigned char *buf, int len);
void (*x509_unload)(X509 *x);
};
struct pkey_method_st {
int (*pkey_new)(EVP_PKEY *pkey);
void (*pkey_free)(EVP_PKEY *pkey);
int (*pkey_load)(EVP_PKEY *pkey, const unsigned char *buf, int len);
void (*pkey_unload)(EVP_PKEY *pkey);
};
typedef int (*next_proto_cb)(SSL *ssl, unsigned char **out,
unsigned char *outlen, const unsigned char *in,
unsigned int inlen, void *arg);
#define SSL_METHOD_CALL(f, s, ...) s->method->func->ssl_##f(s, ##__VA_ARGS__)
#define X509_METHOD_CALL(f, x, ...) x->method->x509_##f(x, ##__VA_ARGS__)
#define EVP_PKEY_METHOD_CALL(f, k, ...) k->method->pkey_##f(k, ##__VA_ARGS__)
#endif

14
components/openssl/include/internal/ssl_x509.h
Wyświetl plik

@ -1,3 +1,17 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_X509_H_
#define _SSL_X509_H_

14
components/openssl/include/internal/tls1.h
Wyświetl plik

@ -1,3 +1,17 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _TLS1_H_
#define _TLS1_H_

19
components/openssl/include/openssl/ssl.h
Wyświetl plik

@ -1,6 +1,21 @@
#ifndef HEADER_SSL_H
#define HEADER_SSL_H
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_H_
#define _SSL_H_
#include "ssl_port.h"
#include "internal/ssl_types.h"
/*

40
components/openssl/include/platform/ssl_pm.h
Wyświetl plik

@ -1,14 +1,24 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_PM_H_
#define _SSL_PM_H_
#include "ssl_types.h"
#include "esp_types.h"
#include "esp_system.h"
#include "ssl_port.h"
void* ssl_zalloc(size_t size);
void *ssl_malloc(size_t size);
void ssl_free(void *p);
void* ssl_memcpy(void *to, const void *from, size_t size);
#define LOCAL_ATRR
int ssl_pm_new(SSL *ssl);
void ssl_pm_free(SSL *ssl);
@ -28,15 +38,15 @@ OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl);
void ssl_pm_set_bufflen(SSL *ssl, int len);
void* x509_pm_new(void);
void x509_pm_free(void *pm);
int x509_pm_load_crt(void *pm, const unsigned char *buffer, int len);
void x509_pm_unload_crt(void *pm);
void x509_pm_start_ca(void *ssl, void *pm);
int x509_pm_new(X509 *x);
void x509_pm_free(X509 *x);
int x509_pm_load(X509 *x, const unsigned char *buffer, int len);
void x509_pm_unload(X509 *x);
void x509_pm_start_ca(X509 *x);
void* pkey_pm_new(void);
void pkey_pm_free(void *pm);
int pkey_pm_load_crt(void *pm, const unsigned char *buffer, int len);
void pkey_pm_unload_crt(void *pm);
int pkey_pm_new(EVP_PKEY *pkey);
void pkey_pm_free(EVP_PKEY *pkey);
int pkey_pm_load(EVP_PKEY *pkey, const unsigned char *buffer, int len);
void pkey_pm_unload(EVP_PKEY *pkey);
#endif

27
components/openssl/include/platform/ssl_port.h
Wyświetl plik

@ -1,17 +1,16 @@
/* Copyright 2015-2016 Espressif Systems (Wuxi) PTE LTD
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#ifndef _SSL_PORT_H_
#define _SSL_PORT_H_

75
components/openssl/library/ssl_cert.c
Wyświetl plik

@ -1,29 +1,68 @@
#include "ssl_cert.h"
#include "ssl_dbg.h"
#include "ssl_pm.h"
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "ssl_cert.h"
#include "ssl_pkey.h"
#include "ssl_x509.h"
#include "ssl_dbg.h"
#include "ssl_port.h"
/*
* ssl_cert_new - create a certification object include private key object
*
* @param none
*
* @return certification object point or NULL if failed
*/
CERT *ssl_cert_new(void)
{
return ssl_zalloc(sizeof(CERT));
CERT *cert;
cert = ssl_zalloc(sizeof(CERT));
if (!cert)
SSL_RET(failed1, "ssl_zalloc\n");
cert->pkey = EVP_PKEY_new();
if (!cert->pkey)
SSL_RET(failed2, "EVP_PKEY_new\n");
cert->x509 = sk_X509_NAME_new_null();
if (!cert->x509)
SSL_RET(failed3, "sk_X509_NAME_new_null\n");
return cert;
failed3:
EVP_PKEY_free(cert->pkey);
failed2:
ssl_free(cert);
failed1:
return NULL;
}
/*
* ssl_cert_free - free a certification object
*
* @param c - certification object point
*
* @return none
*/
void ssl_cert_free(CERT *c)
{
if (c->x509)
X509_free(c->x509);
X509_free(c->x509);
if (c->pkey)
EVP_PKEY_free(c->pkey);
EVP_PKEY_free(c->pkey);
ssl_free(c);
}
int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
{
SSL_ASSERT(ctx);
SSL_ASSERT(x);
ctx->client_CA = x;
return 1;
}

101
components/openssl/library/ssl_lib.c
Wyświetl plik

@ -1,11 +1,35 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "ssl_lib.h"
#include "ssl_pkey.h"
#include "ssl_x509.h"
#include "ssl_cert.h"
#include "ssl_dbg.h"
#include "ssl_pm.h"
#include "ssl_port.h"
#define SSL_SEND_DATA_MAX_LENGTH 1460
/*
* ossl_statem_in_error - Discover whether the current connection is in the error state
*
* @param ssl - SSL point
*
* @return
* 1 : Yes
* 0 : no
*/
int ossl_statem_in_error(const SSL *ssl)
{
if (ssl->statem.state == MSG_FLOW_ERROR)
@ -23,7 +47,7 @@ int ossl_statem_in_error(const SSL *ssl)
*/
int SSL_want(const SSL *ssl)
{
return 0;
return ssl->rwstate;
}
/*
@ -131,7 +155,7 @@ OSSL_HANDSHAKE_STATE SSL_get_state(const SSL *ssl)
SSL_ASSERT(ssl);
state = ssl->method->func->ssl_get_state(ssl);
state = SSL_METHOD_CALL(get_state, ssl);
return state;
}
@ -154,15 +178,15 @@ SSL_CTX* SSL_CTX_new(const SSL_METHOD *method)
client_ca = sk_X509_NAME_new_null();
if (!client_ca)
SSL_ERR(-2, go_failed1, "ssl_ctx_new:ctx:[%d]\n", ret);
SSL_ERR(-2, go_failed1, "sk_X509_NAME_new_null\n");
cert = ssl_cert_new();
if (!cert)
SSL_ERR(-2, go_failed2, "ssl_ctx_new:ctx:[%d]\n", ret);
SSL_ERR(-2, go_failed2, "ssl_cert_new\n");
ctx = (SSL_CTX *)ssl_zalloc(sizeof(SSL_CTX));
if (!ctx)
SSL_ERR(-2, go_failed3, "ssl_ctx_new:ctx:[%d]\n", ret);
SSL_ERR(-2, go_failed3, "ssl_ctx_new:ctx\n");
ctx->method = method;
ctx->cert = cert;
@ -215,6 +239,8 @@ int SSL_CTX_set_ssl_version(SSL_CTX *ctx, const SSL_METHOD *meth)
ctx->method = meth;
ctx->version = meth->version;
return 1;
}
@ -258,10 +284,12 @@ SSL *SSL_new(SSL_CTX *ctx)
ssl->version = ctx->version;
ssl->options = ctx->options;
ret = ssl->method->func->ssl_new(ssl);
ret = SSL_METHOD_CALL(new, ssl);
if (ret)
SSL_RET(failed2, "ssl_new\n");
ssl->rwstate = SSL_NOTHING;
return ssl;
failed2:
@ -281,7 +309,7 @@ void SSL_free(SSL *ssl)
{
SSL_ASSERT(ssl);
ssl->method->func->ssl_free(ssl);
SSL_METHOD_CALL(free, ssl);
ssl_free(ssl);
}
@ -302,7 +330,7 @@ int SSL_do_handshake(SSL *ssl)
SSL_ASSERT(ssl);
ret = ssl->method->func->ssl_handshake(ssl);
ret = SSL_METHOD_CALL(handshake, ssl);
return ret;
}
@ -357,7 +385,7 @@ int SSL_shutdown(SSL *ssl)
if (SSL_get_state(ssl) != TLS_ST_OK) return 0;
ret = ssl->method->func->ssl_shutdown(ssl);
ret = SSL_METHOD_CALL(shutdown, ssl);
return ret;
}
@ -381,9 +409,9 @@ int SSL_clear(SSL *ssl)
if (1 != ret)
SSL_ERR(0, go_failed1, "SSL_shutdown\n");
ssl->method->func->ssl_free(ssl);
SSL_METHOD_CALL(free, ssl);
ret = ssl->method->func->ssl_new(ssl);
ret = SSL_METHOD_CALL(new, ssl);
if (!ret)
SSL_ERR(0, go_failed1, "ssl_new\n");
@ -413,7 +441,11 @@ int SSL_read(SSL *ssl, void *buffer, int len)
SSL_ASSERT(buffer);
SSL_ASSERT(len);
ret = ssl->method->func->ssl_read(ssl, buffer, len);
ssl->rwstate = SSL_READING;
ret = SSL_METHOD_CALL(read, ssl, buffer, len);
ssl->rwstate = SSL_NOTHING;
return ret;
}
@ -440,6 +472,8 @@ int SSL_write(SSL *ssl, const void *buffer, int len)
SSL_ASSERT(buffer);
SSL_ASSERT(len);
ssl->rwstate = SSL_WRITING;
send_bytes = len;
pbuf = (const unsigned char *)buffer;
@ -451,13 +485,15 @@ int SSL_write(SSL *ssl, const void *buffer, int len)
else
bytes = send_bytes;
ret = ssl->method->func->ssl_send(ssl, buffer, len);
ret = SSL_METHOD_CALL(send, ssl, buffer, len);
if (ret > 0) {
pbuf += ret;
send_bytes -= ret;
}
} while (ret > 0 && send_bytes);
ssl->rwstate = SSL_NOTHING;
send_bytes = len - send_bytes;
if (send_bytes >= 0)
ret = send_bytes;
@ -518,11 +554,11 @@ int SSL_set_ssl_method(SSL *ssl, const SSL_METHOD *method)
if (1 != ret)
SSL_ERR(0, go_failed1, "SSL_shutdown\n");
ssl->method->func->ssl_free(ssl);
SSL_METHOD_CALL(free, ssl);
ssl->method = method;
ret = ssl->method->func->ssl_new(ssl);
ret = SSL_METHOD_CALL(new, ssl);
if (!ret)
SSL_ERR(0, go_failed1, "ssl_new\n");
} else {
@ -579,7 +615,7 @@ int SSL_pending(const SSL *ssl)
SSL_ASSERT(ssl);
ret = ssl->method->func->ssl_pending(ssl);
ret = SSL_METHOD_CALL(pending, ssl);
return ret;
}
@ -705,7 +741,7 @@ int SSL_get_fd(const SSL *ssl)
SSL_ASSERT(ssl);
ret = ssl->method->func->ssl_get_fd(ssl, 0);
ret = SSL_METHOD_CALL(get_fd, ssl, 0);
return ret;
}
@ -725,7 +761,7 @@ int SSL_get_rfd(const SSL *ssl)
SSL_ASSERT(ssl);
ret = ssl->method->func->ssl_get_fd(ssl, 0);
ret = SSL_METHOD_CALL(get_fd, ssl, 0);
return ret;
}
@ -745,7 +781,7 @@ int SSL_get_wfd(const SSL *ssl)
SSL_ASSERT(ssl);
ret = ssl->method->func->ssl_get_fd(ssl, 0);
ret = SSL_METHOD_CALL(get_fd, ssl, 0);
return ret;
}
@ -767,7 +803,7 @@ int SSL_set_fd(SSL *ssl, int fd)
SSL_ASSERT(ssl);
SSL_ASSERT(fd >= 0);
ssl->method->func->ssl_set_fd(ssl, fd, 0);
SSL_METHOD_CALL(set_fd, ssl, fd, 0);
return 1;
}
@ -789,7 +825,7 @@ int SSL_set_rfd(SSL *ssl, int fd)
SSL_ASSERT(ssl);
SSL_ASSERT(fd >= 0);
ssl->method->func->ssl_set_fd(ssl, fd, 0);
SSL_METHOD_CALL(set_fd, ssl, fd, 0);
return 1;
}
@ -811,7 +847,7 @@ int SSL_set_wfd(SSL *ssl, int fd)
SSL_ASSERT(ssl);
SSL_ASSERT(fd >= 0);
ssl->method->func->ssl_set_fd(ssl, fd, 0);
SSL_METHOD_CALL(set_fd, ssl, fd, 0);
return 1;
}
@ -1451,7 +1487,7 @@ void SSL_CTX_set_default_read_buffer_len(SSL_CTX *ctx, size_t len)
SSL_ASSERT(ctx);
SSL_ASSERT(len);
ctx->method->func->ssl_set_bufflen(NULL, len);
ctx->read_buffer_len = len;
}
/*
@ -1467,7 +1503,7 @@ void SSL_set_default_read_buffer_len(SSL *ssl, size_t len)
SSL_ASSERT(ssl);
SSL_ASSERT(len);
ssl->method->func->ssl_set_bufflen(ssl, len);
SSL_METHOD_CALL(set_bufflen, ssl, len);
}
/*
@ -1688,3 +1724,18 @@ long SSL_set_timeout(SSL *ssl, long t)
return t;
}
/*
* SSL_set_verify - set the SSL verifying of the SSL context
*
* @param ctx - SSL point
* @param mode - verifying mode
* @param verify_callback - verifying callback function
*
* @return none
*/
void SSL_set_verify(SSL *ssl, int mode, int (*verify_callback)(int, X509_STORE_CTX *))
{
SSL_ASSERT(ssl);
SSL_ASSERT(verify_callback);
}

42
components/openssl/library/ssl_methods.c
Wyświetl plik

@ -1,7 +1,24 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "ssl_lib.h"
#include "ssl_methods.h"
#include "ssl_pm.h"
/*
* TLS method function collection
*/
IMPLEMENT_TLS_METHOD_FUNC(TLS_method_func,
ssl_pm_new, ssl_pm_free,
ssl_pm_handshake, ssl_pm_shutdown, ssl_pm_clear,
@ -10,6 +27,9 @@ IMPLEMENT_TLS_METHOD_FUNC(TLS_method_func,
ssl_pm_set_bufflen,
ssl_pm_get_state);
/*
* TLS or SSL client method collection
*/
IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 0, TLS_method_func, TLS_client_method);
IMPLEMENT_TLS_METHOD(TLS1_2_VERSION, 0, TLS_method_func, TLSv1_2_client_method);
@ -20,7 +40,9 @@ IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_client_method);
IMPLEMENT_SSL_METHOD(SSL3_VERSION, 0, TLS_method_func, SSLv3_client_method);
/*
* TLS or SSL server method collection
*/
IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, 1, TLS_method_func, TLS_server_method);
IMPLEMENT_TLS_METHOD(TLS1_1_VERSION, 1, TLS_method_func, TLSv1_1_server_method);
@ -31,7 +53,9 @@ IMPLEMENT_TLS_METHOD(TLS1_VERSION, 0, TLS_method_func, TLSv1_server_method);
IMPLEMENT_SSL_METHOD(SSL3_VERSION, 1, TLS_method_func, SSLv3_server_method);
/*
* TLS or SSL method collection
*/
IMPLEMENT_TLS_METHOD(TLS_ANY_VERSION, -1, TLS_method_func, TLS_method);
IMPLEMENT_SSL_METHOD(TLS1_2_VERSION, -1, TLS_method_func, TLSv1_2_method);
@ -41,3 +65,17 @@ IMPLEMENT_SSL_METHOD(TLS1_1_VERSION, -1, TLS_method_func, TLSv1_1_method);
IMPLEMENT_SSL_METHOD(TLS1_VERSION, -1, TLS_method_func, TLSv1_method);
IMPLEMENT_SSL_METHOD(SSL3_VERSION, -1, TLS_method_func, SSLv3_method);
/*
* X509 certification method collection
*/
IMPLEMENT_X509_METHOD(X509_method,
x509_pm_new, x509_pm_free,
x509_pm_load, x509_pm_unload);
/*
* private key method collection
*/
IMPLEMENT_PKEY_METHOD(EVP_PKEY_method,
pkey_pm_new, pkey_pm_free,
pkey_pm_load, pkey_pm_unload);

111
components/openssl/library/ssl_pkey.c
Wyświetl plik

@ -1,50 +1,109 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "ssl_lib.h"
#include "ssl_pkey.h"
#include "ssl_methods.h"
#include "ssl_dbg.h"
#include "ssl_pm.h"
#include "ssl_port.h"
EVP_PKEY *d2i_PrivateKey(int type,
EVP_PKEY **a,
const unsigned char **pp,
long length)
/*
* EVP_PKEY_new - create a private key object
*
* @param none
*
* @return private key object point or NULL if failed
*/
EVP_PKEY* EVP_PKEY_new(void)
{
EVP_PKEY *pkey;
void *pkey_pm;
int ret;
SSL_ASSERT(pp);
SSL_ASSERT(*pp);
SSL_ASSERT(length);
EVP_PKEY *pkey;
pkey = ssl_malloc(sizeof(EVP_PKEY));
if (!pkey)
SSL_RET(failed1, "ssl_malloc\n");
pkey_pm = pkey_pm_new();
if (!pkey_pm)
SSL_RET(failed2, "pkey_pm_new\n");
pkey->method = EVP_PKEY_method();
ret = pkey_pm_load_crt(pkey_pm, *pp, length);
ret = EVP_PKEY_METHOD_CALL(new, pkey);
if (ret)
SSL_RET(failed3, "pkey_pm_load_crt\n");
pkey->pkey_pm = pkey_pm;
if (a)
*a = pkey;
SSL_RET(failed2, "pkey_new\n");
return pkey;
failed3:
pkey_pm_free(pkey_pm);
failed2:
ssl_free(pkey);
failed1:
return NULL;
}
void EVP_PKEY_free(EVP_PKEY *x)
/*
* EVP_PKEY_free - free a private key object
*
* @param pkey - private key object point
*
* @return none
*/
void EVP_PKEY_free(EVP_PKEY *pkey)
{
pkey_pm_unload_crt(x->pkey_pm);
pkey_pm_free(x->pkey_pm);
ssl_free(x);
EVP_PKEY_METHOD_CALL(free, pkey);
ssl_free(pkey);
}
/*
* d2i_PrivateKey - load a character key context into system context. If '*a' is pointed to the
* private key, then load key into it. Or create a new private key object
*
* @param type - private key type
* @param a - a point pointed to a private key point
* @param pp - a point pointed to the key context memory point
* @param length - key bytes
*
* @return private key object point or NULL if failed
*/
EVP_PKEY *d2i_PrivateKey(int type,
EVP_PKEY **a,
const unsigned char **pp,
long length)
{
int ret;
EVP_PKEY *pkey;
SSL_ASSERT(pp);
SSL_ASSERT(*pp);
SSL_ASSERT(length);
if (a && *a) {
pkey = *a;
} else {
pkey = EVP_PKEY_new();;
if (!pkey)
SSL_RET(failed1, "ssl_malloc\n");
}
ret = EVP_PKEY_METHOD_CALL(load, pkey, *pp, length);
if (ret)
SSL_RET(failed2, "pkey_pm_load_crt\n");
if (a)
*a = pkey;
return pkey;
failed2:
EVP_PKEY_free(pkey);
failed1:
return NULL;
}

82
components/openssl/library/ssl_rsa.c
Wyświetl plik

@ -1,10 +1,33 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "ssl_lib.h"
#include "ssl_rsa.h"
#include "ssl_pkey.h"
#include "ssl_x509.h"
#include "ssl_dbg.h"
#include "ssl_pm.h"
/*
* SSL_CTX_use_certificate - set the SSL context certification
*
* @param ctx - SSL context point
* @param x - X509 certification point
*
* @return
* 1 : OK
* 0 : failed
*/
int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
{
SSL_ASSERT(ctx);
@ -15,13 +38,24 @@ int SSL_CTX_use_certificate(SSL_CTX *ctx, X509 *x)
return 1;
}
/*
* SSL_CTX_use_certificate_ASN1 - load certification into the SSL context
*
* @param ctx - SSL context point
* @param len - certification context bytes
* @param d - certification context point
*
* @return
* 1 : OK
* 0 : failed
*/
int SSL_CTX_use_certificate_ASN1(SSL_CTX *ctx, int len,
const unsigned char *d)
{
int ret;
X509 *cert;
cert = d2i_X509(NULL, d, len);
cert = d2i_X509(&ctx->cert->x509, d, len);
if (!cert)
SSL_RET(failed1, "d2i_X509\n");
@ -37,6 +71,16 @@ failed1:
return 0;
}
/*
* SSL_CTX_use_certificate - set the SSL context private key
*
* @param ctx - SSL context point
* @param x - private key point
*
* @return
* 1 : OK
* 0 : failed
*/
int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
{
SSL_ASSERT(ctx);
@ -47,13 +91,25 @@ int SSL_CTX_use_PrivateKey(SSL_CTX *ctx, EVP_PKEY *pkey)
return 1;
}
/*
* SSL_CTX_use_PrivateKey_ASN1 - load private key into the SSL context
*
* @param type - private key type
* @param ctx - SSL context point
* @param d - private key context point
* @param len - private key context bytes
*
* @return
* 1 : OK
* 0 : failed
*/
int SSL_CTX_use_PrivateKey_ASN1(int type, SSL_CTX *ctx,
const unsigned char *d, long len)
{
int ret;
EVP_PKEY *pkey;
pkey = d2i_PrivateKey(0, NULL, &d, len);
pkey = d2i_PrivateKey(0, &ctx->cert->pkey, &d, len);
if (!pkey)
SSL_RET(failed1, "d2i_PrivateKey\n");
@ -68,3 +124,23 @@ failed2:
failed1:
return 0;
}
/*
* SSL_CTX_add_client_CA - set SSL context client CA certification
*
* @param ctx - SSL context point
* @param x - client CA certification point
*
* @return
* 1 : OK
* 0 : failed
*/
int SSL_CTX_add_client_CA(SSL_CTX *ctx, X509 *x)
{
SSL_ASSERT(ctx);
SSL_ASSERT(x);
ctx->client_CA = x;
return 1;
}

118
components/openssl/library/ssl_x509.c
Wyświetl plik

@ -1,54 +1,100 @@
#include "ssl_x509.h"
#include "ssl_dbg.h"
#include "ssl_pm.h"
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "ssl_x509.h"
#include "ssl_methods.h"
#include "ssl_dbg.h"
#include "ssl_port.h"
/*
* sk_X509_NAME_new_null - create a X509 certification object
*
* @param none
*
* @return X509 certification object point or NULL if failed
*/
X509* sk_X509_NAME_new_null(void)
{
return ssl_malloc(sizeof(X509));
}
X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len)
{
X509 *x509_crt;
void *x509_pm;
int ret;
X509 *x;
SSL_ASSERT(cert);
SSL_ASSERT(buffer);
SSL_ASSERT(len);
x = ssl_malloc(sizeof(X509));
if (!x)
SSL_RET(failed1, "ssl_malloc\n");
x509_crt = sk_X509_NAME_new_null();
if (!x509_crt)
SSL_RET(failed1, "");
x->method = X509_method();
x509_pm = x509_pm_new();
if (!x509_pm)
SSL_RET(failed2, "");
ret = x509_pm_load_crt(x509_pm, buffer, len);
ret = x->method->x509_new(x);
if (ret)
SSL_RET(failed3, "");
SSL_RET(failed2, "x509_new\n");
x509_crt->x509_pm = x509_pm;
if (cert)
*cert = x509_crt;
return x;
return x509_crt;
failed3:
x509_pm_free(x509_pm);
failed2:
ssl_free(x509_crt);
ssl_free(x);
failed1:
return NULL;
}
void X509_free(X509 *cert)
/*
* X509_free - free a X509 certification object
*
* @param x - X509 certification object point
*
* @return none
*/
void X509_free(X509 *x)
{
if (cert->x509_pm) {
x509_pm_unload_crt(cert->x509_pm);
x509_pm_free(cert->x509_pm);
}
ssl_free(cert);
X509_METHOD_CALL(free, x);
ssl_free(x);
};
/*
* d2i_X509 - load a character certification context into system context. If '*cert' is pointed to the
* certification, then load certification into it. Or create a new X509 certification object
*
* @param cert - a point pointed to X509 certification
* @param buffer - a point pointed to the certification context memory point
* @param length - certification bytes
*
* @return X509 certification object point or NULL if failed
*/
X509* d2i_X509(X509 **cert, const unsigned char *buffer, long len)
{
int ret;
X509 *x;
SSL_ASSERT(buffer);
SSL_ASSERT(len);
if (cert && *cert) {
x = *cert;
} else {
x = sk_X509_NAME_new_null();
if (!x)
SSL_RET(failed1, "sk_X509_NAME_new_null\n");
}
ret = X509_METHOD_CALL(load, x, buffer, len);
if (ret)
SSL_RET(failed2, "x509_load\n");
return x;
failed2:
X509_free(x);
failed1:
return NULL;
}

163
components/openssl/platform/ssl_pm.c
Wyświetl plik

@ -1,4 +1,19 @@
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include "ssl_pm.h"
#include "ssl_port.h"
#include "ssl_dbg.h"
#include <string.h>
@ -30,11 +45,15 @@ struct ssl_pm
struct x509_pm
{
int load;
mbedtls_x509_crt x509_crt;
};
struct pkey_pm
{
int load;
mbedtls_pk_context pkey;
};
@ -42,44 +61,6 @@ struct pkey_pm
unsigned int max_content_len;
/*********************************************************************************************/
/********************************* SSL general interface *************************************/
void* ssl_zalloc(size_t size)
{
void *p = malloc(size);
if (p)
memset(p, 0, size);
return p;
}
void *ssl_malloc(size_t size)
{
return ssl_zalloc(size);
}
void ssl_free(void *p)
{
free(p);
}
void* ssl_memcpy(void *to, const void *from, size_t size)
{
return memcpy(to, from, size);
}
void ssl_speed_up_enter(void)
{
}
void ssl_speed_up_exit(void)
{
}
/*********************************************************************************************/
/************************************ SSL arch interface *************************************/
@ -90,13 +71,18 @@ int ssl_pm_new(SSL *ssl)
char *pers;
int endpoint;
int mode;
int version;
SSL_CTX *ctx = ssl->ctx;
const SSL_METHOD *method = ssl->method;
ssl_pm = malloc(sizeof(struct ssl_pm));
struct x509_pm *x509_pm;
struct pkey_pm *pkey_pm;
ssl_pm = ssl_malloc(sizeof(struct ssl_pm));
if (!ssl_pm)
return -1;
SSL_ERR(ret, failed1, "ssl_malloc\n");
if (method->endpoint) {
pers = "server";
@ -124,21 +110,34 @@ int ssl_pm_new(SSL *ssl)
if (ret)
SSL_ERR(ret, failed2, "mbedtls_ssl_config_defaults:[-0x%x]\n", -ret);
if (TLS1_2_VERSION == ssl->version)
version = MBEDTLS_SSL_MINOR_VERSION_3;
else if (TLS1_1_VERSION == ssl->version)
version = MBEDTLS_SSL_MINOR_VERSION_2;
else if (TLS1_VERSION == ssl->version)
version = MBEDTLS_SSL_MINOR_VERSION_1;
else
version = MBEDTLS_SSL_MINOR_VERSION_0;
mbedtls_ssl_conf_max_version(&ssl_pm->conf, MBEDTLS_SSL_MAJOR_VERSION_3, version);
mbedtls_ssl_conf_rng(&ssl_pm->conf, mbedtls_ctr_drbg_random, &ssl_pm->ctr_drbg);
mbedtls_ssl_conf_dbg(&ssl_pm->conf, NULL, NULL);
if (ctx->client_CA->x509_pm) {
struct x509_pm *x509_pm = (struct x509_pm *)ctx->client_CA->x509_pm;
x509_pm = (struct x509_pm *)ctx->client_CA->x509_pm;
if (x509_pm->load) {
mbedtls_ssl_conf_ca_chain(&ssl_pm->conf, &x509_pm->x509_crt, NULL);
mbedtls_ssl_conf_ca_chain(&ssl_pm->conf, &x509_pm->x509_crt, NULL);
mbedtls_ssl_conf_authmode(&ssl_pm->conf, MBEDTLS_SSL_VERIFY_REQUIRED);
mode = MBEDTLS_SSL_VERIFY_REQUIRED;
} else {
mbedtls_ssl_conf_authmode(&ssl_pm->conf, MBEDTLS_SSL_VERIFY_NONE);
mode = MBEDTLS_SSL_VERIFY_NONE;
}
if (ctx->cert->x509 &&
ctx->cert->pkey) {
struct x509_pm *x509_pm = (struct x509_pm *)ctx->cert->x509->x509_pm;
struct pkey_pm *pkey_pm = (struct pkey_pm *)ctx->cert->pkey->pkey_pm;
mbedtls_ssl_conf_authmode(&ssl_pm->conf, mode);
pkey_pm = (struct pkey_pm *)ctx->cert->pkey->pkey_pm;
if (pkey_pm->load) {
x509_pm = (struct x509_pm *)ctx->cert->x509->x509_pm;
ret = mbedtls_ssl_conf_own_cert(&ssl_pm->conf, &x509_pm->x509_crt, &pkey_pm->pkey);
if (ret)
@ -332,21 +331,24 @@ OSSL_HANDSHAKE_STATE ssl_pm_get_state(const SSL *ssl)
return state;
}
void* x509_pm_new(void)
int x509_pm_new(X509 *x)
{
return ssl_malloc(sizeof(struct x509_pm));
struct x509_pm *x509_pm;
x509_pm = ssl_malloc(sizeof(struct x509_pm));
if (!x509_pm)
return -1;
x->x509_pm = x509_pm;
return 0;
}
void x509_pm_free(void *pm)
{
ssl_free(pm);
}
int x509_pm_load_crt(void *pm, const unsigned char *buffer, int len)
int x509_pm_load(X509 *x, const unsigned char *buffer, int len)
{
int ret;
unsigned char *load_buf;
struct x509_pm *x509_pm = (struct x509_pm *)pm;
struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm;
load_buf = ssl_malloc(len + 1);
if (!load_buf)
@ -362,34 +364,48 @@ int x509_pm_load_crt(void *pm, const unsigned char *buffer, int len)
if (ret)
SSL_RET(failed1, "");
x509_pm->load = 1;
return 0;
failed1:
return -1;
}
void x509_pm_unload_crt(void *pm)
void x509_pm_unload(X509 *x)
{
struct x509_pm *x509_pm = (struct x509_pm *)pm;
struct x509_pm *x509_pm = (struct x509_pm *)x->x509_pm;
mbedtls_x509_crt_free(&x509_pm->x509_crt);
x509_pm->load = 0;
}
void* pkey_pm_new(void)
void x509_pm_free(X509 *x)
{
return ssl_malloc(sizeof(struct pkey_pm));
x509_pm_unload(x);
ssl_free(x->x509_pm);
}
void pkey_pm_free(void *pm)
int pkey_pm_new(EVP_PKEY *pkey)
{
ssl_free(pm);
struct pkey_pm *pkey_pm;
pkey_pm = ssl_malloc(sizeof(struct pkey_pm));
if (!pkey_pm)
return -1;
pkey->pkey_pm = pkey_pm;
return 0;
}
int pkey_pm_load_crt(void *pm, const unsigned char *buffer, int len)
int pkey_pm_load(EVP_PKEY *pkey, const unsigned char *buffer, int len)
{
int ret;
unsigned char *load_buf;
struct pkey_pm *pkey_pm = (struct pkey_pm *)pm;
struct pkey_pm *pkey_pm = (struct pkey_pm *)pkey->pkey_pm;
load_buf = ssl_malloc(len + 1);
if (!load_buf)
@ -405,17 +421,28 @@ int pkey_pm_load_crt(void *pm, const unsigned char *buffer, int len)
if (ret)
SSL_RET(failed1, "");
pkey_pm->load = 1;
return 0;
failed1:
return -1;
}
void pkey_pm_unload_crt(void *pm)
void pkey_pm_unload(EVP_PKEY *pkey)
{
struct pkey_pm *pkey_pm = (struct pkey_pm *)pm;
struct pkey_pm *pkey_pm = (struct pkey_pm *)pkey->pkey_pm;
mbedtls_pk_free(&pkey_pm->pkey);
pkey_pm->load = 0;
}
void pkey_pm_free(EVP_PKEY *pkey)
{
pkey_pm_unload(pkey);
ssl_free(pkey->pkey_pm);
}
void ssl_pm_set_bufflen(SSL *ssl, int len)

27
components/openssl/platform/ssl_port.c
Wyświetl plik

@ -1,17 +1,16 @@
/* Copyright 2015-2016 Espressif Systems (Wuxi) PTE LTD
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
// Copyright 2015-2016 Espressif Systems (Shanghai) PTE LTD
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
#include <string.h>
#include "ssl_port.h"