| List: | Commits | « Previous MessageNext Message » | |
| From: | msvensson | Date: | October 16 2006 12:20pm |
| Subject: | bk commit into 5.0 tree (msvensson:1.2302) | ||
| View as plain text | |||
Below is the list of changes that have just been committed into a local 5.0 repository of msvensson. When msvensson does a push these changes will be propagated to the main repository and, within 24 hours after the push, to the public repository. For information on how to access the public repository see http://dev.mysql.com/doc/mysql/en/installing-source-tree.html ChangeSet@stripped, 2006-10-16 12:19:59+02:00, msvensson@shellback.(none) +48 -0 Update yassl to 1.4.5 extra/yassl/README@stripped, 2006-10-16 03:48:52+02:00, msvensson@shellback.(none) +36 -13 Import patch yassl.diff extra/yassl/examples/client/client.cpp@stripped, 2006-10-12 21:06:48+02:00, msvensson@shellback.(none) +49 -26 Import patch yassl.diff extra/yassl/examples/echoclient/echoclient.cpp@stripped, 2006-09-28 21:29:19+02:00, msvensson@shellback.(none) +11 -12 Import patch yassl.diff extra/yassl/examples/server/server.cpp@stripped, 2006-09-28 21:29:19+02:00, msvensson@shellback.(none) +29 -1 Import patch yassl.diff extra/yassl/include/factory.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +1 -6 Import patch yassl.diff extra/yassl/include/openssl/prefix_ssl.h@stripped, 2006-10-16 12:19:56+02:00, msvensson@shellback.(none) +3 -0 Prefix the new TLSv1_1* methods and SSL_set_compression extra/yassl/include/openssl/ssl.h@stripped, 2006-10-16 03:48:52+02:00, msvensson@shellback.(none) +7 -1 Import patch yassl.diff extra/yassl/include/yassl_error.hpp@stripped, 2006-10-11 23:31:37+02:00, msvensson@shellback.(none) +3 -1 Import patch yassl.diff extra/yassl/include/yassl_imp.hpp@stripped, 2006-10-16 03:48:52+02:00, msvensson@shellback.(none) +6 -5 Import patch yassl.diff extra/yassl/include/yassl_int.hpp@stripped, 2006-10-16 10:28:31+02:00, msvensson@shellback.(none) +15 -0 Import patch yassl.diff extra/yassl/include/yassl_types.hpp@stripped, 2006-10-11 23:31:37+02:00, msvensson@shellback.(none) +2 -1 Import patch yassl.diff extra/yassl/src/handshake.cpp@stripped, 2006-10-16 03:48:52+02:00, msvensson@shellback.(none) +68 -13 Import patch yassl.diff extra/yassl/src/make.bat@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +1 -1 Import patch yassl.diff extra/yassl/src/ssl.cpp@stripped, 2006-10-16 03:48:52+02:00, msvensson@shellback.(none) +25 -0 Import patch yassl.diff extra/yassl/src/yassl_error.cpp@stripped, 2006-10-11 23:31:37+02:00, msvensson@shellback.(none) +8 -0 Import patch yassl.diff extra/yassl/src/yassl_imp.cpp@stripped, 2006-10-16 03:48:52+02:00, msvensson@shellback.(none) +72 -25 Import patch yassl.diff extra/yassl/src/yassl_int.cpp@stripped, 2006-10-16 03:48:52+02:00, msvensson@shellback.(none) +138 -0 Import patch yassl.diff extra/yassl/taocrypt/benchmark/make.bat@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +1 -1 Import patch yassl.diff extra/yassl/taocrypt/include/aes.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +9 -4 Import patch yassl.diff extra/yassl/taocrypt/include/arc4.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +2 -1 Import patch yassl.diff extra/yassl/taocrypt/include/asn.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +5 -1 Import patch yassl.diff extra/yassl/taocrypt/include/block.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +6 -1 Import patch yassl.diff extra/yassl/taocrypt/include/blowfish.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +13 -5 Import patch yassl.diff extra/yassl/taocrypt/include/des.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +11 -14 Import patch yassl.diff extra/yassl/taocrypt/include/hmac.hpp@stripped, 2006-10-16 10:30:36+02:00, msvensson@shellback.(none) +5 -5 Import patch yassl.diff extra/yassl/taocrypt/include/integer.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +7 -3 Import patch yassl.diff extra/yassl/taocrypt/include/md5.hpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +7 -0 Import patch yassl.diff extra/yassl/taocrypt/include/misc.hpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +11 -8 Import patch yassl.diff extra/yassl/taocrypt/include/modes.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +20 -2 Import patch yassl.diff extra/yassl/taocrypt/include/ripemd.hpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +7 -0 Import patch yassl.diff extra/yassl/taocrypt/include/sha.hpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +7 -0 Import patch yassl.diff extra/yassl/taocrypt/include/twofish.hpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +12 -5 Import patch yassl.diff extra/yassl/taocrypt/src/aes.cpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +6 -20 Import patch yassl.diff extra/yassl/taocrypt/src/algebra.cpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +5 -1 Import patch yassl.diff extra/yassl/taocrypt/src/arc4.cpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +12 -3 Import patch yassl.diff extra/yassl/taocrypt/src/blowfish.cpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +6 -19 Import patch yassl.diff extra/yassl/taocrypt/src/des.cpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +11 -43 Import patch yassl.diff extra/yassl/taocrypt/src/integer.cpp@stripped, 2006-10-11 23:31:37+02:00, msvensson@shellback.(none) +33 -46 Import patch yassl.diff extra/yassl/taocrypt/src/make.bat@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +3 -2 Import patch yassl.diff extra/yassl/taocrypt/src/md4.cpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +5 -1 Import patch yassl.diff extra/yassl/taocrypt/src/md5.cpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +15 -22 Import patch yassl.diff extra/yassl/taocrypt/src/misc.cpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +137 -0 Import patch yassl.diff extra/yassl/taocrypt/src/ripemd.cpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +17 -21 Import patch yassl.diff extra/yassl/taocrypt/src/sha.cpp@stripped, 2006-10-05 23:32:32+02:00, msvensson@shellback.(none) +19 -22 Import patch yassl.diff extra/yassl/taocrypt/src/twofish.cpp@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +6 -19 Import patch yassl.diff extra/yassl/taocrypt/test/make.bat@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +1 -1 Import patch yassl.diff extra/yassl/testsuite/make.bat@stripped, 2006-10-05 05:18:12+02:00, msvensson@shellback.(none) +1 -1 Import patch yassl.diff extra/yassl/testsuite/test.hpp@stripped, 2006-09-28 21:29:19+02:00, msvensson@shellback.(none) +28 -8 Import patch yassl.diff # This is a BitKeeper patch. What follows are the unified diffs for the # set of deltas contained in the patch. The rest of the patch, the part # that BitKeeper cares about, is below these diffs. # User: msvensson # Host: shellback.(none) # Root: /home/msvensson/mysql/yassl_import/my50-yassl_import --- 1.4/extra/yassl/examples/client/client.cpp 2006-10-16 12:20:04 +02:00 +++ 1.5/extra/yassl/examples/client/client.cpp 2006-10-16 12:20:04 +02:00 @@ -5,6 +5,35 @@ //#define TEST_RESUME +void ClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg) +{ + SSL_CTX_free(ctx); + SSL_free(ssl); + tcp_close(sockfd); + err_sys(msg); +} + + +#ifdef NON_BLOCKING + void NonBlockingSSL_Connect(SSL* ssl, SSL_CTX* ctx, SOCKET_T& sockfd) + { + int ret = SSL_connect(ssl); + while (ret == SSL_FATAL_ERROR && SSL_get_error(ssl, 0) == + SSL_ERROR_WANT_READ) { + printf("... client would block\n"); + #ifdef _WIN32 + Sleep(1000); + #else + sleep(1); + #endif + ret = SSL_connect(ssl); + } + if (ret != SSL_SUCCESS) + ClientError(ctx, ssl, sockfd, "SSL_connect failed"); + } +#endif + + void client_test(void* args) { #ifdef _WIN32 @@ -18,6 +47,9 @@ set_args(argc, argv, *static_cast<func_args*>(args)); tcp_connect(sockfd); +#ifdef NON_BLOCKING + tcp_set_nonblocking(sockfd); +#endif SSL_METHOD* method = TLSv1_client_method(); SSL_CTX* ctx = SSL_CTX_new(method); @@ -27,13 +59,13 @@ SSL_set_fd(ssl, sockfd); + +#ifdef NON_BLOCKING + NonBlockingSSL_Connect(ssl, ctx, sockfd); +#else if (SSL_connect(ssl) != SSL_SUCCESS) - { - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys("SSL_connect failed"); - } + ClientError(ctx, ssl, sockfd, "SSL_connect failed"); +#endif showPeer(ssl); const char* cipher = 0; @@ -49,16 +81,14 @@ char msg[] = "hello yassl!"; if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) - { - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys("SSL_write failed"); - } + ClientError(ctx, ssl, sockfd, "SSL_write failed"); char reply[1024]; - reply[SSL_read(ssl, reply, sizeof(reply))] = 0; + int input = SSL_read(ssl, reply, sizeof(reply)); + if (input > 0) { + reply[input] = 0; printf("Server response: %s\n", reply); + } #ifdef TEST_RESUME SSL_SESSION* session = SSL_get_session(ssl); @@ -75,24 +105,17 @@ SSL_set_session(sslResume, session); if (SSL_connect(sslResume) != SSL_SUCCESS) - { - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys("SSL resume failed"); - } + ClientError(ctx, sslResume, sockfd, "SSL_resume failed"); showPeer(sslResume); if (SSL_write(sslResume, msg, sizeof(msg)) != sizeof(msg)) - { - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys("SSL_write failed"); - } + ClientError(ctx, sslResume, sockfd, "SSL_write failed"); - reply[SSL_read(sslResume, reply, sizeof(reply))] = 0; + input = SSL_read(sslResume, reply, sizeof(reply)); + if (input > 0) { + reply[input] = 0; printf("Server response: %s\n", reply); + } SSL_shutdown(sslResume); SSL_free(sslResume); --- 1.3/extra/yassl/examples/echoclient/echoclient.cpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/examples/echoclient/echoclient.cpp 2006-10-16 12:20:04 +02:00 @@ -3,6 +3,15 @@ #include "../../testsuite/test.hpp" +void EchoClientError(SSL_CTX* ctx, SSL* ssl, SOCKET_T& sockfd, const char* msg) +{ + SSL_CTX_free(ctx); + SSL_free(ssl); + tcp_close(sockfd); + err_sys(msg); +} + + void echoclient_test(void* args) { #ifdef _WIN32 @@ -43,12 +52,7 @@ SSL_set_fd(ssl, sockfd); if (SSL_connect(ssl) != SSL_SUCCESS) - { - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys("SSL_connect failed"); - } + EchoClientError(ctx, ssl, sockfd, "SSL_connect failed"); char send[1024]; char reply[1024]; @@ -57,12 +61,7 @@ int sendSz = strlen(send) + 1; if (SSL_write(ssl, send, sendSz) != sendSz) - { - SSL_CTX_free(ctx); - SSL_free(ssl); - tcp_close(sockfd); - err_sys("SSL_write failed"); - } + EchoClientError(ctx, ssl, sockfd, "SSL_write failed"); if (strncmp(send, "quit", 4) == 0) { fputs("sending server shutdown command: quit!\n", fout); --- 1.4/extra/yassl/examples/server/server.cpp 2006-10-16 12:20:04 +02:00 +++ 1.5/extra/yassl/examples/server/server.cpp 2006-10-16 12:20:04 +02:00 @@ -13,6 +13,26 @@ } +#ifdef NON_BLOCKING + void NonBlockingSSL_Accept(SSL* ssl, SSL_CTX* ctx, SOCKET_T& clientfd) + { + int ret = SSL_accept(ssl); + while (ret == SSL_FATAL_ERROR && SSL_get_error(ssl, 0) == + SSL_ERROR_WANT_READ) { + printf("... server would block\n"); + #ifdef _WIN32 + Sleep(1000); + #else + sleep(1); + #endif + ret = SSL_accept(ssl); + } + if (ret != SSL_SUCCESS) + ServerError(ctx, ssl, clientfd, "SSL_accept failed"); + } +#endif + + THREAD_RETURN YASSL_API server_test(void* args) { #ifdef _WIN32 @@ -41,15 +61,22 @@ SSL* ssl = SSL_new(ctx); SSL_set_fd(ssl, clientfd); +#ifdef NON_BLOCKING + NonBlockingSSL_Accept(ssl, ctx, clientfd); +#else if (SSL_accept(ssl) != SSL_SUCCESS) ServerError(ctx, ssl, clientfd, "SSL_accept failed"); +#endif showPeer(ssl); printf("Using Cipher Suite: %s\n", SSL_get_cipher(ssl)); char command[1024]; - command[SSL_read(ssl, command, sizeof(command))] = 0; + int input = SSL_read(ssl, command, sizeof(command)); + if (input > 0) { + command[input] = 0; printf("First client command: %s\n", command); + } char msg[] = "I hear you, fa shizzle!"; if (SSL_write(ssl, msg, sizeof(msg)) != sizeof(msg)) @@ -82,3 +109,4 @@ } #endif // NO_MAIN_DRIVER + --- 1.2/extra/yassl/src/make.bat 2006-10-16 12:20:04 +02:00 +++ 1.3/extra/yassl/src/make.bat 2006-10-16 12:20:04 +02:00 @@ -1,7 +1,7 @@ REM quick and dirty build file for testing different MSDEVs setlocal -set myFLAGS= /I../include /I../mySTL /I../taocrypt/include /W3 /c /ZI +set myFLAGS= /I../include /I../taocrypt/mySTL /I../taocrypt/include /W3 /c /ZI cl %myFLAGS% buffer.cpp cl %myFLAGS% cert_wrapper.cpp --- 1.2/extra/yassl/taocrypt/benchmark/make.bat 2006-10-16 12:20:04 +02:00 +++ 1.3/extra/yassl/taocrypt/benchmark/make.bat 2006-10-16 12:20:04 +02:00 @@ -1,7 +1,7 @@ REM quick and dirty build file for testing different MSDEVs setlocal -set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2 +set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 cl %myFLAGS% benchmark.cpp --- 1.3/extra/yassl/taocrypt/include/blowfish.hpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/taocrypt/include/blowfish.hpp 2006-10-16 12:20:04 +02:00 @@ -32,12 +32,21 @@ #include "misc.hpp" #include "modes.hpp" -#include STL_ALGORITHM_FILE +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif namespace STL = STL_NAMESPACE; +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_BLOWFISH_ASM +#endif + + namespace TaoCrypt { enum { BLOWFISH_BLOCK_SIZE = 8 }; @@ -49,15 +58,14 @@ enum { BLOCK_SIZE = BLOWFISH_BLOCK_SIZE, ROUNDS = 16 }; Blowfish(CipherDir DIR, Mode MODE) - : Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {} + : Mode_BASE(BLOCK_SIZE, DIR, MODE) {} +#ifdef DO_BLOWFISH_ASM void Process(byte*, const byte*, word32); +#endif void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } private: - CipherDir dir_; - Mode mode_; - static const word32 p_init_[ROUNDS + 2]; static const word32 s_init_[4 * 256]; --- 1.3/extra/yassl/taocrypt/include/twofish.hpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/taocrypt/include/twofish.hpp 2006-10-16 12:20:04 +02:00 @@ -32,12 +32,20 @@ #include "misc.hpp" #include "modes.hpp" -#include STL_ALGORITHM_FILE +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif namespace STL = STL_NAMESPACE; +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_TWOFISH_ASM +#endif + namespace TaoCrypt { enum { TWOFISH_BLOCK_SIZE = 16 }; @@ -49,15 +57,14 @@ enum { BLOCK_SIZE = TWOFISH_BLOCK_SIZE }; Twofish(CipherDir DIR, Mode MODE) - : Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {} + : Mode_BASE(BLOCK_SIZE, DIR, MODE) {} +#ifdef DO_TWOFISH_ASM void Process(byte*, const byte*, word32); +#endif void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } private: - CipherDir dir_; - Mode mode_; - static const byte q_[2][256]; static const word32 mds_[4][256]; --- 1.3/extra/yassl/taocrypt/src/blowfish.cpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/taocrypt/src/blowfish.cpp 2006-10-16 12:20:04 +02:00 @@ -37,34 +37,21 @@ -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_BLOWFISH_ASM -#endif - namespace TaoCrypt { -#if !defined(DO_BLOWFISH_ASM) - -// Generic Version -void Blowfish::Process(byte* out, const byte* in, word32 sz) -{ - if (mode_ == ECB) - ECB_Process(out, in, sz); - else if (mode_ == CBC) - if (dir_ == ENCRYPTION) - CBC_Encrypt(out, in, sz); - else - CBC_Decrypt(out, in, sz); -} - -#else +#if defined(DO_BLOWFISH_ASM) // ia32 optimized version void Blowfish::Process(byte* out, const byte* in, word32 sz) { + if (!isMMX) { + Mode_BASE::Process(out, in, sz); + return; + } + word32 blocks = sz / BLOCK_SIZE; if (mode_ == ECB) --- 1.4/extra/yassl/taocrypt/src/make.bat 2006-10-16 12:20:04 +02:00 +++ 1.5/extra/yassl/taocrypt/src/make.bat 2006-10-16 12:20:04 +02:00 @@ -1,7 +1,7 @@ REM quick and dirty build file for testing different MSDEVs setlocal -set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2 +set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 cl %myFLAGS% aes.cpp cl %myFLAGS% aestables.cpp @@ -21,6 +21,7 @@ cl %myFLAGS% hash.cpp cl %myFLAGS% integer.cpp cl %myFLAGS% md2.cpp +cl %myFLAGS% md4.cpp cl %myFLAGS% md5.cpp cl %myFLAGS% misc.cpp @@ -33,5 +34,5 @@ cl %myFLAGS% tftables.cpp cl %myFLAGS% twofish.cpp -link.exe -lib /out:taocrypt.lib aes.obj aestables.obj algebra.obj arc4.obj asn.obj bftables.obj blowfish.obj coding.obj des.obj dh.obj dsa.obj file.obj hash.obj integer.obj md2.obj md5.obj misc.obj random.obj ripemd.obj rsa.obj sha.obj template_instnt.obj tftables.obj twofish.obj +link.exe -lib /out:taocrypt.lib aes.obj aestables.obj algebra.obj arc4.obj asn.obj bftables.obj blowfish.obj coding.obj des.obj dh.obj dsa.obj file.obj hash.obj integer.obj md2.obj md4.obj md5.obj misc.obj random.obj ripemd.obj rsa.obj sha.obj template_instnt.obj tftables.obj twofish.obj --- 1.3/extra/yassl/taocrypt/src/md4.cpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/taocrypt/src/md4.cpp 2006-10-16 12:20:04 +02:00 @@ -28,7 +28,11 @@ #include "runtime.hpp" #include "md4.hpp" -#include STL_ALGORITHM_FILE +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif namespace STL = STL_NAMESPACE; --- 1.2/extra/yassl/taocrypt/src/twofish.cpp 2006-10-16 12:20:04 +02:00 +++ 1.3/extra/yassl/taocrypt/src/twofish.cpp 2006-10-16 12:20:04 +02:00 @@ -35,33 +35,20 @@ #include "twofish.hpp" -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_TWOFISH_ASM -#endif - namespace TaoCrypt { -#if !defined(DO_TWOFISH_ASM) - -// Generic Version -void Twofish::Process(byte* out, const byte* in, word32 sz) -{ - if (mode_ == ECB) - ECB_Process(out, in, sz); - else if (mode_ == CBC) - if (dir_ == ENCRYPTION) - CBC_Encrypt(out, in, sz); - else - CBC_Decrypt(out, in, sz); -} - -#else +#if defined(DO_TWOFISH_ASM) // ia32 optimized version void Twofish::Process(byte* out, const byte* in, word32 sz) { + if (!isMMX) { + Mode_BASE::Process(out, in, sz); + return; + } + word32 blocks = sz / BLOCK_SIZE; if (mode_ == ECB) --- 1.2/extra/yassl/taocrypt/test/make.bat 2006-10-16 12:20:04 +02:00 +++ 1.3/extra/yassl/taocrypt/test/make.bat 2006-10-16 12:20:04 +02:00 @@ -1,7 +1,7 @@ REM quick and dirty build file for testing different MSDEVs setlocal -set myFLAGS= /I../include /I../../mySTL /c /W3 /G6 /O2 +set myFLAGS= /I../include /I../mySTL /c /W3 /G6 /O2 cl %myFLAGS% test.cpp --- 1.2/extra/yassl/testsuite/make.bat 2006-10-16 12:20:04 +02:00 +++ 1.3/extra/yassl/testsuite/make.bat 2006-10-16 12:20:04 +02:00 @@ -1,7 +1,7 @@ REM quick and dirty build file for testing different MSDEVs setlocal -set myFLAGS= /I../include /I../taocrypt/include /I../mySTL /c /W3 /G6 /O2 /MT /D"WIN32" /D"NO_MAIN_DRIVER" +set myFLAGS= /I../include /I../taocrypt/include /I../taocrypt/mySTL /c /W3 /G6 /O2 /MT /D"WIN32" /D"NO_MAIN_DRIVER" cl %myFLAGS% testsuite.cpp cl %myFLAGS% ../examples/client/client.cpp --- 1.8/extra/yassl/testsuite/test.hpp 2006-10-16 12:20:04 +02:00 +++ 1.9/extra/yassl/testsuite/test.hpp 2006-10-16 12:20:04 +02:00 @@ -9,6 +9,8 @@ #include <stdlib.h> #include <assert.h> +//#define NON_BLOCKING // test server and client example (not echos) + #ifdef _WIN32 #include <winsock2.h> #include <process.h> @@ -23,6 +25,9 @@ #include <sys/types.h> #include <sys/socket.h> #include <pthread.h> +#ifdef NON_BLOCKING + #include <fcntl.h> +#endif #define SOCKET_T int #endif /* _WIN32 */ @@ -259,6 +264,20 @@ } +inline void tcp_set_nonblocking(SOCKET_T& sockfd) +{ +#ifdef NON_BLOCKING + #ifdef _WIN32 + unsigned long blocking = 1; + int ret = ioctlsocket(sockfd, FIONBIO, &blocking); + #else + int flags = fcntl(sockfd, F_GETFL, 0); + int ret = fcntl(sockfd, F_SETFL, flags | O_NONBLOCK); + #endif +#endif +} + + inline void tcp_socket(SOCKET_T& sockfd, sockaddr_in& addr) { sockfd = socket(AF_INET, SOCK_STREAM, 0); @@ -286,8 +305,7 @@ sockaddr_in addr; tcp_socket(sockfd, addr); - if (connect(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) - { + if (connect(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) { tcp_close(sockfd); err_sys("tcp connect failed"); } @@ -299,19 +317,18 @@ sockaddr_in addr; tcp_socket(sockfd, addr); - if (bind(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) - { + if (bind(sockfd, (const sockaddr*)&addr, sizeof(addr)) != 0) { tcp_close(sockfd); err_sys("tcp bind failed"); } - if (listen(sockfd, 3) != 0) - { + if (listen(sockfd, 3) != 0) { tcp_close(sockfd); err_sys("tcp listen failed"); } } + inline void tcp_accept(SOCKET_T& sockfd, SOCKET_T& clientfd, func_args& args) { tcp_listen(sockfd); @@ -330,11 +347,14 @@ clientfd = accept(sockfd, (sockaddr*)&client, (ACCEPT_THIRD_T)&client_len); - if (clientfd == -1) - { + if (clientfd == -1) { tcp_close(sockfd); err_sys("tcp accept failed"); } + +#ifdef NON_BLOCKING + tcp_set_nonblocking(clientfd); +#endif } --- 1.3/extra/yassl/include/openssl/prefix_ssl.h 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/include/openssl/prefix_ssl.h 2006-10-16 12:20:04 +02:00 @@ -98,6 +98,8 @@ #define SSLv3_client_method yaSSLv3_client_method #define TLSv1_server_method yaTLSv1_server_method #define TLSv1_client_method yaTLSv1_client_method +#define TLSv1_1_server_method yaTLSv1_1_server_method +#define TLSv1_1_client_method yaTLSv1_1_client_method #define SSLv23_server_method yaSSLv23_server_method #define SSL_CTX_use_certificate_file yaSSL_CTX_use_certificate_file #define SSL_CTX_use_PrivateKey_file yaSSL_CTX_use_PrivateKey_file @@ -159,3 +161,4 @@ #define MD5_Init yaMD5_Init #define MD5_Update yaMD5_Update #define MD5_Final yaMD5_Final +#define SSL_set_compression yaSSL_set_compression --- 1.6/extra/yassl/README 2006-10-16 12:20:04 +02:00 +++ 1.7/extra/yassl/README 2006-10-16 12:20:04 +02:00 @@ -1,4 +1,39 @@ -yaSSL Release notes, version 1.4.0 (08/13/06) +yaSSL Release notes, version 1.4.5 (10/15/06) + + + This release of yaSSL contains bug fixes, portability enhancements, + zlib compression support, removal of assembly instructions at runtime if + not supported, and initial TLS 1.1 support. + + + Compression Notes: yaSSL uses zlib for compression and the compression + should only be used if yaSSL is at both ends because the implementation + details aren't yet standard. If you'd like to turn compression on use + the SSL_set_compression() function on the client before calling + SSL_connect(). If both the client and server were built with zlib support + then the connection will use compression. If the client isn't built with + support then SSL_set_compression() will return an error (-1). + + To build yaSSL with zlib support on Unix simply have zlib support on your + system and configure will find it if it's in the standard locations. If + it's somewhere else use the option ./configure --with-zlib=DIR. If you'd + like to disable compression support in yaSSL use ./configure --without-zlib. + + To build yaSSL with zlib support on Windows: + + 1) download zlib from http://www.zlib.net/ + 2) follow the instructions in zlib from projects/visualc6/README.txt + for how to add the zlib project into the yaSSL workspace noting that + you'll need to add configuration support for "Win32 Debug" and + "Win32 Release" in note 3 under "To use:". + 3) define HAVE_LIBZ when building yaSSL + + +See normal build instructions below under 1.0.6. +See libcurl build instructions below under 1.3.0. + + +********************yaSSL Release notes, version 1.4.0 (08/13/06) This release of yaSSL contains bug fixes, portability enhancements, @@ -121,18 +156,6 @@ run Debug\testsuite.exe from yaSSL-Home\testsuite to test the build - ---To enable ia32 assembly for TaoCrypt ciphers and message digests - - On MSVC this is always on - - On GCC **, use ./configure --enable-ia32-asm - - ** This isn't on by default because of the use of intel syntax and the - problem that olders versions of gas have with some addressing statements. - If you enable this and get assemler errors during compilation or can't - pass the TaoCrypt tests, please send todd@stripped a message and disable - this option in the meantime. ***************** yaSSL Release notes, version 1.0.5 --- 1.5/extra/yassl/include/factory.hpp 2006-10-16 12:20:04 +02:00 +++ 1.6/extra/yassl/include/factory.hpp 2006-10-16 12:20:04 +02:00 @@ -42,12 +42,7 @@ namespace STL = STL_NAMESPACE; -// VC60 workaround: it doesn't allow typename in some places -#if defined(_MSC_VER) && (_MSC_VER < 1300) - #define CPP_TYPENAME -#else - #define CPP_TYPENAME typename -#endif + namespace yaSSL { --- 1.17/extra/yassl/include/openssl/ssl.h 2006-10-16 12:20:04 +02:00 +++ 1.18/extra/yassl/include/openssl/ssl.h 2006-10-16 12:20:04 +02:00 @@ -41,7 +41,7 @@ #include "rsa.h" -#define YASSL_VERSION "1.4.3" +#define YASSL_VERSION "1.4.5" #if defined(__cplusplus) @@ -361,6 +361,8 @@ SSL_METHOD *SSLv3_client_method(void); SSL_METHOD *TLSv1_server_method(void); SSL_METHOD *TLSv1_client_method(void); +SSL_METHOD *TLSv1_1_server_method(void); +SSL_METHOD *TLSv1_1_client_method(void); SSL_METHOD *SSLv23_server_method(void); int SSL_CTX_use_certificate_file(SSL_CTX*, const char*, int); @@ -529,6 +531,10 @@ #define SSL_DEFAULT_CIPHER_LIST "" /* default all */ + + +/* yaSSL adds */ +int SSL_set_compression(SSL*); /* turn on yaSSL zlib compression */ --- 1.6/extra/yassl/include/yassl_error.hpp 2006-10-16 12:20:04 +02:00 +++ 1.7/extra/yassl/include/yassl_error.hpp 2006-10-16 12:20:04 +02:00 @@ -56,7 +56,9 @@ receive_error = 114, certificate_error = 115, privateKey_error = 116, - badVersion_error = 117 + badVersion_error = 117, + compress_error = 118, + decompress_error = 119 // !!!! add error message to .cpp !!!! --- 1.6/extra/yassl/include/yassl_imp.hpp 2006-10-16 12:20:04 +02:00 +++ 1.7/extra/yassl/include/yassl_imp.hpp 2006-10-16 12:20:04 +02:00 @@ -132,7 +132,6 @@ public: Data(); Data(uint16 len, opaque* b); - Data(uint16 len, const opaque* w); friend output_buffer& operator<<(output_buffer&, const Data&); @@ -141,9 +140,9 @@ ContentType get_type() const; uint16 get_length() const; - const opaque* get_buffer() const; void set_length(uint16 l); opaque* set_buffer(); + void SetData(uint16, const opaque*); void Process(input_buffer&, SSL&); private: Data(const Data&); // hide copy @@ -232,11 +231,11 @@ void Process(input_buffer&, SSL&); const opaque* get_random() const; - friend void buildClientHello(SSL&, ClientHello&, CompressionMethod); + friend void buildClientHello(SSL&, ClientHello&); friend void ProcessOldClientHello(input_buffer& input, SSL& ssl); ClientHello(); - explicit ClientHello(ProtocolVersion pv); + ClientHello(ProtocolVersion pv, bool useCompression); private: ClientHello(const ClientHello&); // hide copy ClientHello& operator=(const ClientHello&); // and assign @@ -253,7 +252,7 @@ opaque cipher_suite_[SUITE_LEN]; CompressionMethod compression_method_; public: - explicit ServerHello(ProtocolVersion pv); + ServerHello(ProtocolVersion pv, bool useCompression); ServerHello(); friend input_buffer& operator>>(input_buffer&, ServerHello&); @@ -629,7 +628,9 @@ bool send_server_key_; // server key exchange? bool master_clean_; // master secret clean? bool TLS_; // TLSv1 or greater + bool TLSv1_1_; // TLSv1.1 or greater bool sessionID_Set_; // do we have a session + bool compression_; // zlib compression? ProtocolVersion version_; RandomPool& random_; --- 1.13/extra/yassl/include/yassl_int.hpp 2006-10-16 12:20:04 +02:00 +++ 1.14/extra/yassl/include/yassl_int.hpp 2006-10-16 12:20:04 +02:00 @@ -40,6 +40,13 @@ #include "lock.hpp" #include "openssl/ssl.h" // ASN1_STRING and DH +// Check if _POSIX_THREADS should be forced +#if !defined(_POSIX_THREADS) && (defined(__NETWARE__) || defined(__hpux)) +// HPUX does not define _POSIX_THREADS as it's not _fully_ implemented +// Netware supports pthreads but does not announce it +#define _POSIX_THREADS +#endif + #ifdef _POSIX_THREADS #include <pthread.h> #endif @@ -593,6 +600,7 @@ const Socket& getSocket() const; YasslError GetError() const; bool GetMultiProtocol() const; + bool CompressionOn() const; Crypto& useCrypto(); Security& useSecurity(); @@ -610,9 +618,12 @@ void set_preMaster(const opaque*, uint); void set_masterSecret(const opaque*); void SetError(YasslError); + int SetCompression(); + void UnSetCompression(); // helpers bool isTLS() const; + bool isTLSv1_1() const; void order_error(); void makeMasterSecret(); void makeTLSMasterSecret(); @@ -645,6 +656,10 @@ const SSL& operator=(const SSL&); // and assign }; + +// compression +int Compress(const byte*, int, input_buffer&); +int DeCompress(input_buffer&, int, input_buffer&); // conversion functions --- 1.14/extra/yassl/include/yassl_types.hpp 2006-10-16 12:20:04 +02:00 +++ 1.15/extra/yassl/include/yassl_types.hpp 2006-10-16 12:20:04 +02:00 @@ -211,6 +211,7 @@ const int SEED_LEN = RAN_LEN * 2; // TLS seed, client + server random const int DEFAULT_TIMEOUT = 500; // Default Session timeout in seconds const int MAX_RECORD_SIZE = 16384; // 2^14, max size by standard +const int COMPRESS_EXTRA = 1024; // extra compression possible addition typedef uint8 Cipher; // first byte is always 0x00 for SSLv3 & TLS @@ -222,7 +223,7 @@ typedef bool IsExportable; -enum CompressionMethod { no_compression = 0 }; +enum CompressionMethod { no_compression = 0, zlib = 21 }; enum CipherType { stream, block }; --- 1.13/extra/yassl/src/handshake.cpp 2006-10-16 12:20:04 +02:00 +++ 1.14/extra/yassl/src/handshake.cpp 2006-10-16 12:20:04 +02:00 @@ -40,8 +40,7 @@ // Build a client hello message from cipher suites and compression method -void buildClientHello(SSL& ssl, ClientHello& hello, - CompressionMethod compression = no_compression) +void buildClientHello(SSL& ssl, ClientHello& hello) { ssl.getCrypto().get_random().Fill(hello.random_, RAN_LEN); if (ssl.getSecurity().get_resuming()) { @@ -55,7 +54,6 @@ memcpy(hello.cipher_suites_, ssl.getSecurity().get_parms().suites_, hello.suite_len_); hello.comp_len_ = 1; - hello.compression_methods_ = compression; hello.set_length(sizeof(ProtocolVersion) + RAN_LEN + @@ -83,7 +81,7 @@ hello.cipher_suite_[0] = ssl.getSecurity().get_parms().suite_[0]; hello.cipher_suite_[1] = ssl.getSecurity().get_parms().suite_[1]; - hello.compression_method_ = no_compression; + hello.compression_method_ = hello.compression_method_; hello.set_length(sizeof(ProtocolVersion) + RAN_LEN + ID_LEN + sizeof(hello.id_len_) + SUITE_LEN + SIZEOF_ENUM); @@ -151,12 +149,18 @@ // add handshake from buffer into md5 and sha hashes, exclude record header -void hashHandShake(SSL& ssl, const output_buffer& output) +void hashHandShake(SSL& ssl, const output_buffer& output, bool removeIV = false) { uint sz = output.get_size() - RECORD_HEADER; const opaque* buffer = output.get_buffer() + RECORD_HEADER; + if (removeIV) { // TLSv1_1 IV + uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); + sz -= blockSz; + buffer += blockSz; + } + ssl.useHashes().use_MD5().update(buffer, sz); ssl.useHashes().use_SHA().update(buffer, sz); } @@ -229,6 +233,18 @@ ssl.useCrypto().use_cipher().decrypt(plain.get_buffer(), cipher, sz); memcpy(cipher, plain.get_buffer(), sz); ssl.useSecurity().use_parms().encrypt_size_ = sz; + + if (ssl.isTLSv1_1()) // IV + input.set_current(input.get_current() + + ssl.getCrypto().get_cipher().get_blockSize()); +} + + +// output operator for input_buffer +output_buffer& operator<<(output_buffer& output, const input_buffer& input) +{ + output.write(input.get_buffer(), input.get_size()); + return output; } @@ -239,9 +255,12 @@ uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ; uint sz = RECORD_HEADER + HANDSHAKE_HEADER + finishedSz + digestSz; uint pad = 0; + uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); + if (ssl.getSecurity().get_parms().cipher_type_ == block) { + if (ssl.isTLSv1_1()) + sz += blockSz; // IV sz += 1; // pad byte - uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); pad = (sz - RECORD_HEADER) % blockSz; pad = blockSz - pad; sz += pad; @@ -252,10 +271,16 @@ buildHeaders(ssl, hsHeader, rlHeader, fin); rlHeader.length_ = sz - RECORD_HEADER; // record header includes mac // and pad, hanshake doesn't + input_buffer iv; + if (ssl.isTLSv1_1()) { // IV + iv.allocate(blockSz); + ssl.getCrypto().get_random().Fill(iv.get_buffer(), blockSz); + iv.add_size(blockSz); + } output.allocate(sz); - output << rlHeader << hsHeader << fin; + output << rlHeader << iv << hsHeader << fin; - hashHandShake(ssl, output); + hashHandShake(ssl, output, ssl.isTLSv1_1() ? true : false); opaque digest[SHA_LEN]; // max size if (ssl.isTLS()) TLS_hmac(ssl, digest, output.get_buffer() + RECORD_HEADER, @@ -282,9 +307,12 @@ uint digestSz = ssl.getCrypto().get_digest().get_digestSize(); uint sz = RECORD_HEADER + msg.get_length() + digestSz; uint pad = 0; + uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); + if (ssl.getSecurity().get_parms().cipher_type_ == block) { + if (ssl.isTLSv1_1()) // IV + sz += blockSz; sz += 1; // pad byte - uint blockSz = ssl.getCrypto().get_cipher().get_blockSize(); pad = (sz - RECORD_HEADER) % blockSz; pad = blockSz - pad; sz += pad; @@ -294,8 +322,15 @@ buildHeader(ssl, rlHeader, msg); rlHeader.length_ = sz - RECORD_HEADER; // record header includes mac // and pad, hanshake doesn't + input_buffer iv; + if (ssl.isTLSv1_1()) { // IV + iv.allocate(blockSz); + ssl.getCrypto().get_random().Fill(iv.get_buffer(), blockSz); + iv.add_size(blockSz); + } + output.allocate(sz); - output << rlHeader << msg; + output << rlHeader << iv << msg; opaque digest[SHA_LEN]; // max size if (ssl.isTLS()) @@ -456,6 +491,10 @@ // some clients still send sslv2 client hello void ProcessOldClientHello(input_buffer& input, SSL& ssl) { + if (input.get_remaining() < 2) { + ssl.SetError(bad_input); + return; + } byte b0 = input[AUTO]; byte b1 = input[AUTO]; @@ -721,6 +760,7 @@ // each message in record, can be more than 1 if not encrypted if (ssl.getSecurity().get_parms().pending_ == false) // cipher on decrypt_message(ssl, buffer, hdr.length_); + mySTL::auto_ptr<Message> msg(mf.CreateObject(hdr.type_)); if (!msg.get()) { ssl.SetError(factory_error); @@ -761,7 +801,8 @@ ssl.verifyState(serverNull); if (ssl.GetError()) return; - ClientHello ch(ssl.getSecurity().get_connection().version_); + ClientHello ch(ssl.getSecurity().get_connection().version_, + ssl.getSecurity().get_connection().compression_); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; output_buffer out; @@ -885,7 +926,20 @@ for (;;) { int len = min(sz - sent, MAX_RECORD_SIZE); output_buffer out; - const Data data(len, static_cast<const opaque*>(buffer) + sent); + input_buffer tmp; + + Data data; + + if (ssl.CompressionOn()) { + if (Compress(static_cast<const opaque*>(buffer) + sent, len, + tmp) == -1) { + ssl.SetError(compress_error); + return -1; + } + data.SetData(tmp.get_size(), tmp.get_buffer()); + } + else + data.SetData(len, static_cast<const opaque*>(buffer) + sent); buildMessage(ssl, out, data); ssl.Send(out.get_buffer(), out.get_size()); @@ -947,7 +1001,8 @@ ssl.verifyState(clientHelloComplete); if (ssl.GetError()) return; - ServerHello sh(ssl.getSecurity().get_connection().version_); + ServerHello sh(ssl.getSecurity().get_connection().version_, + ssl.getSecurity().get_connection().compression_); RecordLayerHeader rlHeader; HandShakeHeader hsHeader; mySTL::auto_ptr<output_buffer> out(NEW_YS output_buffer); --- 1.19/extra/yassl/src/ssl.cpp 2006-10-16 12:20:04 +02:00 +++ 1.20/extra/yassl/src/ssl.cpp 2006-10-16 12:20:04 +02:00 @@ -184,6 +184,18 @@ } +SSL_METHOD* TLSv1_1_server_method() +{ + return NEW_YS SSL_METHOD(server_end, ProtocolVersion(3,2)); +} + + +SSL_METHOD* TLSv1_1_client_method() +{ + return NEW_YS SSL_METHOD(client_end, ProtocolVersion(3,2)); +} + + SSL_METHOD* SSLv23_server_method() { // compatibility only, no version 2 support, but does SSL 3 and TLS 1 @@ -510,6 +522,19 @@ { return ssl->getStates().What(); } + + + +/* turn on yaSSL zlib compression + returns 0 for success, else error (not built in) + only need to turn on for client, becuase server on by default if built in + but calling for server will tell you whether it's available or not +*/ +int SSL_set_compression(SSL* ssl) +{ + return ssl->SetCompression(); +} + X509* SSL_get_peer_certificate(SSL* ssl) --- 1.8/extra/yassl/src/yassl_error.cpp 2006-10-16 12:20:04 +02:00 +++ 1.9/extra/yassl/src/yassl_error.cpp 2006-10-16 12:20:04 +02:00 @@ -133,6 +133,14 @@ strncpy(buffer, "protocl version mismatch", max); break; + case compress_error : + strncpy(buffer, "compression error", max); + break; + + case decompress_error : + strncpy(buffer, "decompression error", max); + break; + // openssl errors case SSL_ERROR_WANT_READ : strncpy(buffer, "the read operation would block", max); --- 1.11/extra/yassl/src/yassl_imp.cpp 2006-10-16 12:20:04 +02:00 +++ 1.12/extra/yassl/src/yassl_imp.cpp 2006-10-16 12:20:04 +02:00 @@ -437,6 +437,7 @@ ProtocolVersion pv, bool haveDH) : entity_(ce) { pending_ = true; // suite not set yet + strncpy(cipher_name_, "NONE", 5); if (ciphers.setSuites_) { // use user set list suites_size_ = ciphers.suiteSz_; @@ -445,6 +446,7 @@ } else SetSuites(pv, ce == server_end && !haveDH); // defaults + } @@ -838,6 +840,14 @@ int aSz = get_length(); // alert size already read on input opaque verify[SHA_LEN]; const opaque* data = input.get_buffer() + input.get_current() - aSz; + int ivExtra = 0; + + if (ssl.getSecurity().get_parms().cipher_type_ == block) + if (ssl.isTLSv1_1()) { // IV + int blockSz = ssl.getCrypto().get_cipher().get_blockSize(); + aSz += blockSz; + data -= blockSz; + } if (ssl.isTLS()) TLS_hmac(ssl, verify, data, aSz, alert, true); @@ -849,11 +859,13 @@ opaque mac[SHA_LEN]; input.read(mac, digestSz); + if (ssl.getSecurity().get_parms().cipher_type_ == block) { opaque fill; int padSz = ssl.getSecurity().get_parms().encrypt_size_ - aSz - digestSz; for (int i = 0; i < padSz; i++) fill = input[AUTO]; + } // verify if (memcmp(mac, verify, digestSz)) { @@ -879,9 +891,13 @@ {} -Data::Data(uint16 len, const opaque* w) - : length_(len), buffer_(0), write_buffer_(w) -{} +void Data::SetData(uint16 len, const opaque* buffer) +{ + assert(write_buffer_ == 0); + + length_ = len; + write_buffer_ = buffer; +} input_buffer& Data::set(input_buffer& in) { @@ -907,17 +923,12 @@ } -const opaque* Data::get_buffer() const -{ - return write_buffer_; -} - - void Data::set_length(uint16 l) { length_ = l; } + opaque* Data::set_buffer() { return buffer_; @@ -937,27 +948,43 @@ { int msgSz = ssl.getSecurity().get_parms().encrypt_size_; int pad = 0, padByte = 0; + int ivExtra = 0; + if (ssl.getSecurity().get_parms().cipher_type_ == block) { - pad = *(input.get_buffer() + input.get_current() + msgSz - 1); + if (ssl.isTLSv1_1()) // IV + ivExtra = ssl.getCrypto().get_cipher().get_blockSize(); + pad = *(input.get_buffer() + input.get_current() + msgSz -ivExtra - 1); padByte = 1; } int digestSz = ssl.getCrypto().get_digest().get_digestSize(); - int dataSz = msgSz - digestSz - pad - padByte; + int dataSz = msgSz - ivExtra - digestSz - pad - padByte; opaque verify[SHA_LEN]; + const byte* rawData = input.get_buffer() + input.get_current() - ivExtra; + int rawSize = dataSz + ivExtra; + // read data - if (dataSz) { + if (dataSz) { // could be compressed + if (ssl.CompressionOn()) { + input_buffer tmp; + if (DeCompress(input, dataSz, tmp) == -1) { + ssl.SetError(decompress_error); + return; + } + ssl.addData(NEW_YS input_buffer(tmp.get_size(), + tmp.get_buffer(), tmp.get_size())); + } + else { input_buffer* data; ssl.addData(data = NEW_YS input_buffer(dataSz)); input.read(data->get_buffer(), dataSz); data->add_size(dataSz); + } if (ssl.isTLS()) - TLS_hmac(ssl, verify, data->get_buffer(), dataSz, application_data, - true); + TLS_hmac(ssl, verify, rawData, rawSize, application_data, true); else - hmac(ssl, verify, data->get_buffer(), dataSz, application_data, - true); + hmac(ssl, verify, rawData, rawSize, application_data, true); } // read mac and fill @@ -1252,6 +1279,10 @@ ssl.useSecurity().set_resuming(false); ssl.useLog().Trace("server denied resumption"); } + + if (ssl.CompressionOn() && !compression_method_) + ssl.UnSetCompression(); // server isn't supporting yaSSL zlib request + ssl.useStates().useClient() = serverHelloComplete; } @@ -1263,8 +1294,9 @@ } -ServerHello::ServerHello(ProtocolVersion pv) - : server_version_(pv) +ServerHello::ServerHello(ProtocolVersion pv, bool useCompression) + : server_version_(pv), + compression_method_(useCompression ? zlib : no_compression) { memset(random_, 0, RAN_LEN); memset(session_id_, 0, ID_LEN); @@ -1361,8 +1393,12 @@ // Compression hello.comp_len_ = input[AUTO]; - while (hello.comp_len_--) // ignore for now - hello.compression_methods_ = CompressionMethod(input[AUTO]); + hello.compression_methods_ = no_compression; + while (hello.comp_len_--) { + CompressionMethod cm = CompressionMethod(input[AUTO]); + if (cm == zlib) + hello.compression_methods_ = zlib; + } return input; } @@ -1444,6 +1480,9 @@ ssl.matchSuite(cipher_suites_, suite_len_); ssl.set_pending(ssl.getSecurity().get_parms().suite_[1]); + if (compression_methods_ == zlib) + ssl.SetCompression(); + ssl.useStates().useServer() = clientHelloComplete; } @@ -1478,8 +1517,9 @@ } -ClientHello::ClientHello(ProtocolVersion pv) - : client_version_(pv) +ClientHello::ClientHello(ProtocolVersion pv, bool useCompression) + : client_version_(pv), + compression_methods_(useCompression ? zlib : no_compression) { memset(random_, 0, RAN_LEN); } @@ -1919,6 +1959,11 @@ // verify hashes const Finished& verify = ssl.getHashes().get_verify(); uint finishedSz = ssl.isTLS() ? TLS_FINISHED_SZ : FINISHED_SZ; + uint ivExtra = 0; + + if (ssl.getSecurity().get_parms().cipher_type_ == block) + if (ssl.isTLSv1_1()) + ivExtra = ssl.getCrypto().get_cipher().get_blockSize(); // IV input.read(hashes_.md5_, finishedSz); @@ -1929,7 +1974,7 @@ // read verify mac opaque verifyMAC[SHA_LEN]; - uint macSz = finishedSz + HANDSHAKE_HEADER; + uint macSz = finishedSz + HANDSHAKE_HEADER + ivExtra; if (ssl.isTLS()) TLS_hmac(ssl, verifyMAC, input.get_buffer() + input.get_current() @@ -1944,7 +1989,7 @@ input.read(mac, digestSz); opaque fill; - int padSz = ssl.getSecurity().get_parms().encrypt_size_ - + int padSz = ssl.getSecurity().get_parms().encrypt_size_ - ivExtra - HANDSHAKE_HEADER - finishedSz - digestSz; for (int i = 0; i < padSz; i++) fill = input[AUTO]; @@ -2018,7 +2063,9 @@ Connection::Connection(ProtocolVersion v, RandomPool& ran) : pre_master_secret_(0), sequence_number_(0), peer_sequence_number_(0), pre_secret_len_(0), send_server_key_(false), master_clean_(false), - TLS_(v.major_ >= 3 && v.minor_ >= 1), version_(v), random_(ran) + TLS_(v.major_ >= 3 && v.minor_ >= 1), + TLSv1_1_(v.major_ >= 3 && v.minor_ >= 2), compression_(false), + version_(v), random_(ran) { memset(sessionID_, 0, sizeof(sessionID_)); } --- 1.22/extra/yassl/src/yassl_int.cpp 2006-10-16 12:20:04 +02:00 +++ 1.23/extra/yassl/src/yassl_int.cpp 2006-10-16 12:20:04 +02:00 @@ -38,6 +38,11 @@ #endif +#ifdef HAVE_LIBZ + #include "zlib.h" +#endif + + #ifdef YASSL_PURE_C void* operator new(size_t sz, yaSSL::new_t) @@ -727,6 +732,32 @@ } +// set yaSSL zlib type compression +int SSL::SetCompression() +{ +#ifdef HAVE_LIBZ + secure_.use_connection().compression_ = true; + return 0; +#else + return -1; // not built in +#endif +} + + +// unset yaSSL zlib type compression +void SSL::UnSetCompression() +{ + secure_.use_connection().compression_ = false; +} + + +// is yaSSL zlib compression on +bool SSL::CompressionOn() const +{ + return secure_.get_connection().compression_; +} + + // store master secret void SSL::set_masterSecret(const opaque* sec) { @@ -1344,6 +1375,12 @@ } +bool SSL::isTLSv1_1() const +{ + return secure_.get_connection().TLSv1_1_; +} + + void SSL::addData(input_buffer* data) { buffers_.useData().push_back(data); @@ -2312,7 +2349,108 @@ } +#ifdef HAVE_LIBZ + + void* myAlloc(void* /* opaque */, unsigned int item, unsigned int size) + { + return NEW_YS unsigned char[item * size]; + } + + + void myFree(void* /* opaque */, void* memory) + { + unsigned char* ptr = static_cast<unsigned char*>(memory); + yaSSL::ysArrayDelete(ptr); + } + + + // put size in front of compressed data + int Compress(const byte* in, int sz, input_buffer& buffer) + { + byte tmp[LENGTH_SZ]; + z_stream c_stream; /* compression stream */ + + buffer.allocate(sz + sizeof(uint16) + COMPRESS_EXTRA); + + c_stream.zalloc = myAlloc; + c_stream.zfree = myFree; + c_stream.opaque = (voidpf)0; + + c_stream.next_in = const_cast<byte*>(in); + c_stream.avail_in = sz; + c_stream.next_out = buffer.get_buffer() + sizeof(tmp); + c_stream.avail_out = buffer.get_capacity() - sizeof(tmp); + + if (deflateInit(&c_stream, 8) != Z_OK) return -1; + int err = deflate(&c_stream, Z_FINISH); + deflateEnd(&c_stream); + if (err != Z_OK && err != Z_STREAM_END) return -1; + + c16toa(sz, tmp); + memcpy(buffer.get_buffer(), tmp, sizeof(tmp)); + buffer.add_size(c_stream.total_out + sizeof(tmp)); + + return 0; + } + + + // get uncompressed size in front + int DeCompress(input_buffer& in, int sz, input_buffer& out) + { + byte tmp[LENGTH_SZ]; + + in.read(tmp, sizeof(tmp)); + + uint16 len; + ato16(tmp, len); + + out.allocate(len); + + z_stream d_stream; /* decompression stream */ + + d_stream.zalloc = myAlloc; + d_stream.zfree = myFree; + d_stream.opaque = (voidpf)0; + + d_stream.next_in = in.get_buffer() + in.get_current(); + d_stream.avail_in = sz - sizeof(tmp); + d_stream.next_out = out.get_buffer(); + d_stream.avail_out = out.get_capacity(); + + if (inflateInit(&d_stream) != Z_OK) return -1; + int err = inflate(&d_stream, Z_FINISH); + inflateEnd(&d_stream); + if (err != Z_OK && err != Z_STREAM_END) return -1; + + out.add_size(d_stream.total_out); + in.set_current(in.get_current() + sz - sizeof(tmp)); + + return 0; + } + + +#else // LIBZ + + // these versions should never get called + int Compress(const byte* in, int sz, input_buffer& buffer) + { + assert(0); + return -1; + } + + + int DeCompress(input_buffer& in, int sz, input_buffer& out) + { + assert(0); + return -1; + } + + +#endif // LIBZ + + } // namespace + extern "C" void yaSSL_CleanUp() --- 1.4/extra/yassl/taocrypt/include/aes.hpp 2006-10-16 12:20:04 +02:00 +++ 1.5/extra/yassl/taocrypt/include/aes.hpp 2006-10-16 12:20:04 +02:00 @@ -34,6 +34,12 @@ #include "modes.hpp" +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_AES_ASM +#endif + + + namespace TaoCrypt { @@ -46,15 +52,14 @@ enum { BLOCK_SIZE = AES_BLOCK_SIZE }; AES(CipherDir DIR, Mode MODE) - : Mode_BASE(BLOCK_SIZE), dir_(DIR), mode_(MODE) {} + : Mode_BASE(BLOCK_SIZE, DIR, MODE) {} +#ifdef DO_AES_ASM void Process(byte*, const byte*, word32); +#endif void SetKey(const byte* key, word32 sz, CipherDir fake = ENCRYPTION); void SetIV(const byte* iv) { memcpy(r_, iv, BLOCK_SIZE); } private: - CipherDir dir_; - Mode mode_; - static const word32 rcon_[]; word32 rounds_; --- 1.3/extra/yassl/taocrypt/include/arc4.hpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/taocrypt/include/arc4.hpp 2006-10-16 12:20:04 +02:00 @@ -46,7 +46,6 @@ ARC4() {} void Process(byte*, const byte*, word32); - void AsmProcess(byte*, const byte*, word32); void SetKey(const byte*, word32); private: byte x_; @@ -55,6 +54,8 @@ ARC4(const ARC4&); // hide copy const ARC4 operator=(const ARC4&); // and assign + + void AsmProcess(byte*, const byte*, word32); }; } // namespace --- 1.10/extra/yassl/taocrypt/include/asn.hpp 2006-10-16 12:20:04 +02:00 +++ 1.11/extra/yassl/taocrypt/include/asn.hpp 2006-10-16 12:20:04 +02:00 @@ -34,7 +34,11 @@ #include "misc.hpp" #include "block.hpp" #include "error.hpp" -#include STL_LIST_FILE +#ifdef USE_SYS_STL + #include <list> +#else + #include "list.hpp" +#endif namespace STL = STL_NAMESPACE; --- 1.9/extra/yassl/taocrypt/include/block.hpp 2006-10-16 12:20:04 +02:00 +++ 1.10/extra/yassl/taocrypt/include/block.hpp 2006-10-16 12:20:04 +02:00 @@ -34,7 +34,12 @@ #include "misc.hpp" #include <string.h> // memcpy #include <stddef.h> // ptrdiff_t -#include STL_ALGORITHM_FILE + +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif namespace STL = STL_NAMESPACE; --- 1.4/extra/yassl/taocrypt/include/des.hpp 2006-10-16 12:20:04 +02:00 +++ 1.5/extra/yassl/taocrypt/include/des.hpp 2006-10-16 12:20:04 +02:00 @@ -34,6 +34,12 @@ #include "misc.hpp" #include "modes.hpp" + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_DES_ASM +#endif + + namespace TaoCrypt { @@ -53,13 +59,9 @@ class DES : public Mode_BASE, public BasicDES { public: DES(CipherDir DIR, Mode MODE) - : Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {} + : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} - void Process(byte*, const byte*, word32); private: - CipherDir dir_; - Mode mode_; - void ProcessAndXorBlock(const byte*, const byte*, byte*) const; DES(const DES&); // hide copy @@ -71,14 +73,10 @@ class DES_EDE2 : public Mode_BASE { public: DES_EDE2(CipherDir DIR, Mode MODE) - : Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {} + : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} void SetKey(const byte*, word32, CipherDir dir); - void Process(byte*, const byte*, word32); private: - CipherDir dir_; - Mode mode_; - BasicDES des1_; BasicDES des2_; @@ -94,15 +92,14 @@ class DES_EDE3 : public Mode_BASE { public: DES_EDE3(CipherDir DIR, Mode MODE) - : Mode_BASE(DES_BLOCK_SIZE), dir_(DIR), mode_(MODE) {} + : Mode_BASE(DES_BLOCK_SIZE, DIR, MODE) {} void SetKey(const byte*, word32, CipherDir dir); void SetIV(const byte* iv) { memcpy(r_, iv, DES_BLOCK_SIZE); } +#ifdef DO_DES_ASM void Process(byte*, const byte*, word32); +#endif private: - CipherDir dir_; - Mode mode_; - BasicDES des1_; BasicDES des2_; BasicDES des3_; --- 1.5/extra/yassl/taocrypt/include/hmac.hpp 2006-10-16 12:20:04 +02:00 +++ 1.6/extra/yassl/taocrypt/include/hmac.hpp 2006-10-16 12:20:04 +02:00 @@ -60,12 +60,12 @@ T mac_; // MSVC 6 HACK, gives compiler error if calculated in array - enum { BSIZE = T::BLOCK_SIZE / sizeof(word32), - DSIZE = T::DIGEST_SIZE / sizeof(word32) }; + enum { HMAC_BSIZE = T::BLOCK_SIZE / sizeof(word32), + HMAC_DSIZE = T::DIGEST_SIZE / sizeof(word32) }; - word32 ip_[BSIZE]; // align ipad_ on word32 - word32 op_[BSIZE]; // align opad_ on word32 - word32 innerH_[DSIZE]; // align innerHash_ on word32 + word32 ip_[HMAC_BSIZE]; // align ipad_ on word32 + word32 op_[HMAC_BSIZE]; // align opad_ on word32 + word32 innerH_[HMAC_DSIZE]; // align innerHash_ on word32 void KeyInnerHash(); --- 1.11/extra/yassl/taocrypt/include/integer.hpp 2006-10-16 12:20:04 +02:00 +++ 1.12/extra/yassl/taocrypt/include/integer.hpp 2006-10-16 12:20:04 +02:00 @@ -45,7 +45,11 @@ #include "random.hpp" #include "file.hpp" #include <string.h> -#include STL_ALGORITHM_FILE +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif #ifdef TAOCRYPT_X86ASM_AVAILABLE @@ -67,7 +71,8 @@ #endif // SSE2 intrinsics work in GCC 3.3 or later -#if defined(__SSE2__) && (__GNUC_MAJOR__ > 3 || __GNUC_MINOR__ > 2) +#if defined(__SSE2__) && (__GNUC__ == 4 || __GNUC_MAJOR__ > 3 || \ + __GNUC_MINOR__ > 2) #define SSE2_INTRINSICS_AVAILABLE #endif @@ -106,7 +111,6 @@ #endif }; - template class TAOCRYPT_DLL AlignedAllocator<word>; typedef Block<word, AlignedAllocator<word> > AlignedWordBlock; #else typedef WordBlock AlignedWordBlock; --- 1.3/extra/yassl/taocrypt/include/md5.hpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/taocrypt/include/md5.hpp 2006-10-16 12:20:04 +02:00 @@ -31,6 +31,11 @@ #include "hash.hpp" + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_MD5_ASM +#endif + namespace TaoCrypt { @@ -49,7 +54,9 @@ MD5(const MD5&); MD5& operator= (const MD5&); +#ifdef DO_MD5_ASM void Update(const byte*, word32); +#endif void Init(); void Swap(MD5&); --- 1.14/extra/yassl/taocrypt/include/misc.hpp 2006-10-16 12:20:04 +02:00 +++ 1.15/extra/yassl/taocrypt/include/misc.hpp 2006-10-16 12:20:04 +02:00 @@ -151,6 +151,17 @@ #endif +#ifdef TAOCRYPT_X86ASM_AVAILABLE + bool HaveCpuId(); + bool IsPentium(); + void CpuId(word32 input, word32 *output); + + extern bool isMMX; +#endif + + + + // Turn on ia32 ASM for Ciphers and Message Digests // Seperate define since these are more complex, use member offsets // and user may want to turn off while leaving Big Integer optos on @@ -200,17 +211,9 @@ #ifdef USE_SYS_STL // use system STL - #define STL_VECTOR_FILE <vector> - #define STL_LIST_FILE <list> - #define STL_ALGORITHM_FILE <algorithm> - #define STL_MEMORY_FILE <memory> #define STL_NAMESPACE std #else // use mySTL - #define STL_VECTOR_FILE "vector.hpp" - #define STL_LIST_FILE "list.hpp" - #define STL_ALGORITHM_FILE "algorithm.hpp" - #define STL_MEMORY_FILE "memory.hpp" #define STL_NAMESPACE mySTL #endif --- 1.7/extra/yassl/taocrypt/include/modes.hpp 2006-10-16 12:20:04 +02:00 +++ 1.8/extra/yassl/taocrypt/include/modes.hpp 2006-10-16 12:20:04 +02:00 @@ -38,6 +38,7 @@ enum Mode { ECB, CBC }; + // BlockCipher abstraction template<CipherDir DIR, class T, Mode MODE> class BlockCipher { @@ -63,14 +64,16 @@ public: enum { MaxBlockSz = 16 }; - explicit Mode_BASE(int sz) + explicit Mode_BASE(int sz, CipherDir dir, Mode mode) : blockSz_(sz), reg_(reinterpret_cast<byte*>(r_)), - tmp_(reinterpret_cast<byte*>(t_)) + tmp_(reinterpret_cast<byte*>(t_)), dir_(dir), mode_(mode) { assert(sz <= MaxBlockSz); } virtual ~Mode_BASE() {} + virtual void Process(byte*, const byte*, word32); + void SetIV(const byte* iv) { memcpy(reg_, iv, blockSz_); } protected: int blockSz_; @@ -80,6 +83,9 @@ word32 r_[MaxBlockSz / sizeof(word32)]; // align reg_ on word32 word32 t_[MaxBlockSz / sizeof(word32)]; // align tmp_ on word32 + CipherDir dir_; + Mode mode_; + void ECB_Process(byte*, const byte*, word32); void CBC_Encrypt(byte*, const byte*, word32); void CBC_Decrypt(byte*, const byte*, word32); @@ -90,6 +96,18 @@ private: virtual void ProcessAndXorBlock(const byte*, const byte*, byte*) const = 0; }; + + +inline void Mode_BASE::Process(byte* out, const byte* in, word32 sz) +{ + if (mode_ == ECB) + ECB_Process(out, in, sz); + else if (mode_ == CBC) + if (dir_ == ENCRYPTION) + CBC_Encrypt(out, in, sz); + else + CBC_Decrypt(out, in, sz); +} // ECB Process blocks --- 1.3/extra/yassl/taocrypt/include/ripemd.hpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/taocrypt/include/ripemd.hpp 2006-10-16 12:20:04 +02:00 @@ -31,6 +31,11 @@ #include "hash.hpp" + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_RIPEMD_ASM +#endif + namespace TaoCrypt { @@ -49,7 +54,9 @@ RIPEMD160(const RIPEMD160&); RIPEMD160& operator= (const RIPEMD160&); +#ifdef DO_RIPEMD_ASM void Update(const byte*, word32); +#endif void Init(); void Swap(RIPEMD160&); private: --- 1.3/extra/yassl/taocrypt/include/sha.hpp 2006-10-16 12:20:04 +02:00 +++ 1.4/extra/yassl/taocrypt/include/sha.hpp 2006-10-16 12:20:04 +02:00 @@ -31,6 +31,11 @@ #include "hash.hpp" + +#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) + #define DO_SHA_ASM +#endif + namespace TaoCrypt { @@ -46,7 +51,9 @@ word32 getDigestSize() const { return DIGEST_SIZE; } word32 getPadSize() const { return PAD_SIZE; } +#ifdef DO_SHA_ASM void Update(const byte* data, word32 len); +#endif void Init(); SHA(const SHA&); --- 1.4/extra/yassl/taocrypt/src/aes.cpp 2006-10-16 12:20:04 +02:00 +++ 1.5/extra/yassl/taocrypt/src/aes.cpp 2006-10-16 12:20:04 +02:00 @@ -34,33 +34,19 @@ #include "aes.hpp" -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_AES_ASM -#endif - - namespace TaoCrypt { -#if !defined(DO_AES_ASM) - -// Generic Version -void AES::Process(byte* out, const byte* in, word32 sz) -{ - if (mode_ == ECB) - ECB_Process(out, in, sz); - else if (mode_ == CBC) - if (dir_ == ENCRYPTION) - CBC_Encrypt(out, in, sz); - else - CBC_Decrypt(out, in, sz); -} - -#else +#if defined(DO_AES_ASM) // ia32 optimized version void AES::Process(byte* out, const byte* in, word32 sz) { + if (!isMMX) { + Mode_BASE::Process(out, in, sz); + return; + } + word32 blocks = sz / BLOCK_SIZE; if (mode_ == ECB) --- 1.11/extra/yassl/taocrypt/src/algebra.cpp 2006-10-16 12:20:04 +02:00 +++ 1.12/extra/yassl/taocrypt/src/algebra.cpp 2006-10-16 12:20:04 +02:00 @@ -29,7 +29,11 @@ #include "runtime.hpp" #include "algebra.hpp" -#include STL_VECTOR_FILE +#ifdef USE_SYS_STL + #include <vector> +#else + #include "vector.hpp" +#endif namespace STL = STL_NAMESPACE; --- 1.5/extra/yassl/taocrypt/src/arc4.cpp 2006-10-16 12:20:04 +02:00 +++ 1.6/extra/yassl/taocrypt/src/arc4.cpp 2006-10-16 12:20:04 +02:00 @@ -80,12 +80,18 @@ } // namespace -#ifndef DO_ARC4_ASM void ARC4::Process(byte* out, const byte* in, word32 length) { if (length == 0) return; +#ifdef DO_ARC4_ASM + if (isMMX) { + AsmProcess(out, in, length); + return; + } +#endif + byte *const s = state_; word32 x = x_; word32 y = y_; @@ -100,13 +106,16 @@ y_ = y; } -#else // DO_ARC4_ASM +#ifdef DO_ARC4_ASM + #ifdef _MSC_VER __declspec(naked) +#else + __attribute__ ((noinline)) #endif -void ARC4::Process(byte* out, const byte* in, word32 length) +void ARC4::AsmProcess(byte* out, const byte* in, word32 length) { #ifdef __GNUC__ #define AS1(x) asm(#x); --- 1.4/extra/yassl/taocrypt/src/des.cpp 2006-10-16 12:20:04 +02:00 +++ 1.5/extra/yassl/taocrypt/src/des.cpp 2006-10-16 12:20:04 +02:00 @@ -34,16 +34,16 @@ #include "runtime.hpp" #include "des.hpp" -#include STL_ALGORITHM_FILE +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif namespace STL = STL_NAMESPACE; -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_DES_ASM -#endif - namespace TaoCrypt { @@ -357,18 +357,6 @@ } -void DES::Process(byte* out, const byte* in, word32 sz) -{ - if (mode_ == ECB) - ECB_Process(out, in, sz); - else if (mode_ == CBC) - if (dir_ == ENCRYPTION) - CBC_Encrypt(out, in, sz); - else - CBC_Decrypt(out, in, sz); -} - - typedef BlockGetAndPut<word32, BigEndian> Block; @@ -386,17 +374,6 @@ } -void DES_EDE2::Process(byte* out, const byte* in, word32 sz) -{ - if (mode_ == ECB) - ECB_Process(out, in, sz); - else if (mode_ == CBC) - if (dir_ == ENCRYPTION) - CBC_Encrypt(out, in, sz); - else - CBC_Decrypt(out, in, sz); -} - void DES_EDE2::SetKey(const byte* key, word32 sz, CipherDir dir) { des1_.SetKey(key, sz, dir); @@ -429,25 +406,16 @@ -#if !defined(DO_DES_ASM) - -// Generic Version -void DES_EDE3::Process(byte* out, const byte* in, word32 sz) -{ - if (mode_ == ECB) - ECB_Process(out, in, sz); - else if (mode_ == CBC) - if (dir_ == ENCRYPTION) - CBC_Encrypt(out, in, sz); - else - CBC_Decrypt(out, in, sz); -} - -#else +#if defined(DO_DES_ASM) // ia32 optimized version void DES_EDE3::Process(byte* out, const byte* in, word32 sz) { + if (!isMMX) { + Mode_BASE::Process(out, in, sz); + return; + } + word32 blocks = sz / DES_BLOCK_SIZE; if (mode_ == CBC) --- 1.25/extra/yassl/taocrypt/src/integer.cpp 2006-10-16 12:20:04 +02:00 +++ 1.26/extra/yassl/taocrypt/src/integer.cpp 2006-10-16 12:20:04 +02:00 @@ -55,12 +55,15 @@ #pragma intrinsic (myUMULH) #endif +#ifdef __GNUC__ + #include <signal.h> + #include <setjmp.h> +#endif + #ifdef SSE2_INTRINSICS_AVAILABLE #ifdef __GNUC__ #include <xmmintrin.h> - #include <signal.h> - #include <setjmp.h> #ifdef TAOCRYPT_MEMALIGN_AVAILABLE #include <malloc.h> #else @@ -1015,44 +1018,20 @@ // ************** x86 feature detection *************** -static bool s_sse2Enabled = true; - -static void CpuId(word32 input, word32 *output) -{ -#ifdef __GNUC__ - __asm__ - ( - // save ebx in case -fPIC is being used - "push %%ebx; cpuid; mov %%ebx, %%edi; pop %%ebx" - : "=a" (output[0]), "=D" (output[1]), "=c" (output[2]), "=d"(output[3]) - : "a" (input) - ); -#else - __asm - { - mov eax, input - cpuid - mov edi, output - mov [edi], eax - mov [edi+4], ebx - mov [edi+8], ecx - mov [edi+12], edx - } -#endif -} #ifdef SSE2_INTRINSICS_AVAILABLE + #ifndef _MSC_VER -static jmp_buf s_env; -static void SigIllHandler(int) -{ + static jmp_buf s_env; + static void SigIllHandler(int) + { longjmp(s_env, 1); -} + } #endif static bool HasSSE2() { - if (!s_sse2Enabled) + if (!IsPentium()) return false; word32 cpuid[4]; @@ -1081,23 +1060,22 @@ if (setjmp(s_env)) result = false; else - __asm __volatile ("xorps %xmm0, %xmm0"); + __asm __volatile ("xorpd %xmm0, %xmm0"); signal(SIGILL, oldHandler); return result; #endif } -#endif +#endif // SSE2_INTRINSICS_AVAILABLE + static bool IsP4() { - word32 cpuid[4]; - - CpuId(0, cpuid); - STL::swap(cpuid[2], cpuid[3]); - if (memcmp(cpuid+1, "GenuineIntel", 12) != 0) + if (!IsPentium()) return false; + word32 cpuid[4]; + CpuId(1, cpuid); return ((cpuid[0] >> 8) & 0xf) == 0xf; } @@ -1147,7 +1125,12 @@ static void SetPentiumFunctionPointers() { - if (IsP4()) + if (!IsPentium()) + { + s_pAdd = &Portable::Add; + s_pSub = &Portable::Subtract; + } + else if (IsP4()) { s_pAdd = &P4Optimized::Add; s_pSub = &P4Optimized::Subtract; @@ -1159,7 +1142,13 @@ } #ifdef SSE2_INTRINSICS_AVAILABLE - if (HasSSE2()) + if (!IsPentium()) + { + s_pMul4 = &Portable::Multiply4; + s_pMul8 = &Portable::Multiply8; + s_pMul8B = &Portable::Multiply8Bottom; + } + else if (HasSSE2()) { s_pMul4 = &P4Optimized::Multiply4; s_pMul8 = &P4Optimized::Multiply8; @@ -1177,11 +1166,6 @@ static const char s_RunAtStartupSetPentiumFunctionPointers = (SetPentiumFunctionPointers(), 0); -void DisableSSE2() -{ - s_sse2Enabled = false; - SetPentiumFunctionPointers(); -} class LowLevel : public PentiumOptimized { @@ -3984,6 +3968,9 @@ template hword DivideThreeWordsByTwo<hword, Word>(hword*, hword, hword, Word*); #endif template word DivideThreeWordsByTwo<word, DWord>(word*, word, word, DWord*); +#ifdef SSE2_INTRINSICS_AVAILABLE +template class AlignedAllocator<word>; +#endif #endif --- 1.5/extra/yassl/taocrypt/src/md5.cpp 2006-10-16 12:20:04 +02:00 +++ 1.6/extra/yassl/taocrypt/src/md5.cpp 2006-10-16 12:20:04 +02:00 @@ -28,15 +28,16 @@ #include "runtime.hpp" #include "md5.hpp" -#include STL_ALGORITHM_FILE +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif namespace STL = STL_NAMESPACE; -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_MD5_ASM -#endif namespace TaoCrypt { @@ -84,10 +85,17 @@ } -// Update digest with data of size len, do in blocks +#ifdef DO_MD5_ASM + +// Update digest with data of size len void MD5::Update(const byte* data, word32 len) { - byte* local = (byte*)buffer_; + if (!isMMX) { + HASHwithTransform::Update(data, len); + return; + } + + byte* local = reinterpret_cast<byte*>(buffer_); // remove buffered data if possible if (buffLen_) { @@ -99,27 +107,14 @@ len -= add; if (buffLen_ == BLOCK_SIZE) { - ByteReverseIf(local, local, BLOCK_SIZE, LittleEndianOrder); Transform(); AddLength(BLOCK_SIZE); buffLen_ = 0; } } - // do block size transforms or all at once for asm + // at once for asm if (buffLen_ == 0) { - #ifndef DO_MD5_ASM - while (len >= BLOCK_SIZE) { - memcpy(&local[0], data, BLOCK_SIZE); - - data += BLOCK_SIZE; - len -= BLOCK_SIZE; - - ByteReverseIf(local, local, BLOCK_SIZE, LittleEndianOrder); - Transform(); - AddLength(BLOCK_SIZE); - } - #else word32 times = len / BLOCK_SIZE; if (times) { AsmTransform(data, times); @@ -128,7 +123,6 @@ len -= add; data += add; } - #endif } // cache any data left @@ -139,7 +133,6 @@ } -#ifdef DO_MD5_ASM /* --- 1.17/extra/yassl/taocrypt/src/misc.cpp 2006-10-16 12:20:04 +02:00 +++ 1.18/extra/yassl/taocrypt/src/misc.cpp 2006-10-16 12:20:04 +02:00 @@ -30,6 +30,20 @@ #include "misc.hpp" +#ifdef __GNUC__ + #include <signal.h> + #include <setjmp.h> +#endif + +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif + +namespace STL = STL_NAMESPACE; + + #ifdef YASSL_PURE_C void* operator new(size_t sz, TaoCrypt::new_t) @@ -154,6 +168,129 @@ else return value; } + + + +#ifdef TAOCRYPT_X86ASM_AVAILABLE + +#ifndef _MSC_VER + static jmp_buf s_env; + static void SigIllHandler(int) + { + longjmp(s_env, 1); + } +#endif + + +bool HaveCpuId() +{ +#ifdef _MSC_VER + __try + { + __asm + { + mov eax, 0 + cpuid + } + } + __except (1) + { + return false; + } + return true; +#else + typedef void (*SigHandler)(int); + + SigHandler oldHandler = signal(SIGILL, SigIllHandler); + if (oldHandler == SIG_ERR) + return false; + + bool result = true; + if (setjmp(s_env)) + result = false; + else + __asm__ + ( + "mov $0, %%eax; cpuid" + : + : + : "%ebx", "%ecx", "%edx" + ); + + signal(SIGILL, oldHandler); + return result; +#endif +} + + +void CpuId(word32 input, word32 *output) +{ +#ifdef __GNUC__ + __asm__ + ( + // save ebx in case -fPIC is being used + "push %%ebx; cpuid; mov %%ebx, %%edi; pop %%ebx" + : "=a" (output[0]), "=D" (output[1]), "=c" (output[2]), "=d"(output[3]) + : "a" (input) + ); +#else + __asm + { + mov eax, input + cpuid + mov edi, output + mov [edi], eax + mov [edi+4], ebx + mov [edi+8], ecx + mov [edi+12], edx + } +#endif +} + + +bool IsPentium() +{ + if (!HaveCpuId()) + return false; + + word32 cpuid[4]; + + CpuId(0, cpuid); + STL::swap(cpuid[2], cpuid[3]); + if (memcmp(cpuid+1, "GenuineIntel", 12) != 0) + return false; + + CpuId(1, cpuid); + byte family = ((cpuid[0] >> 8) & 0xf); + if (family < 5) + return false; + + return true; +} + + + +static bool IsMmx() +{ + if (!IsPentium()) + return false; + + word32 cpuid[4]; + + CpuId(1, cpuid); + if ((cpuid[3] & (1 << 23)) == 0) + return false; + + return true; +} + + +bool isMMX = IsMmx(); + + +#endif // TAOCRYPT_X86ASM_AVAILABLE + + } // namespace --- 1.5/extra/yassl/taocrypt/src/ripemd.cpp 2006-10-16 12:20:04 +02:00 +++ 1.6/extra/yassl/taocrypt/src/ripemd.cpp 2006-10-16 12:20:04 +02:00 @@ -28,15 +28,16 @@ #include "runtime.hpp" #include "ripemd.hpp" -#include STL_ALGORITHM_FILE +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif namespace STL = STL_NAMESPACE; -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_RIPEMD_ASM -#endif namespace TaoCrypt { @@ -86,10 +87,17 @@ } -// Update digest with data of size len, do in blocks +#ifdef DO_RIPEMD_ASM + +// Update digest with data of size len void RIPEMD160::Update(const byte* data, word32 len) { - byte* local = (byte*)buffer_; + if (!isMMX) { + HASHwithTransform::Update(data, len); + return; + } + + byte* local = reinterpret_cast<byte*>(buffer_); // remove buffered data if possible if (buffLen_) { @@ -101,27 +109,14 @@ len -= add; if (buffLen_ == BLOCK_SIZE) { - ByteReverseIf(local, local, BLOCK_SIZE, LittleEndianOrder); Transform(); AddLength(BLOCK_SIZE); buffLen_ = 0; } } - // do block size transforms or all at once for asm + // all at once for asm if (buffLen_ == 0) { - #ifndef DO_RIPEMD_ASM - while (len >= BLOCK_SIZE) { - memcpy(&local[0], data, BLOCK_SIZE); - - data += BLOCK_SIZE; - len -= BLOCK_SIZE; - - ByteReverseIf(local, local, BLOCK_SIZE, LittleEndianOrder); - Transform(); - AddLength(BLOCK_SIZE); - } - #else word32 times = len / BLOCK_SIZE; if (times) { AsmTransform(data, times); @@ -130,7 +125,6 @@ len -= add; data += add; } - #endif } // cache any data left @@ -139,6 +133,8 @@ buffLen_ += len; } } + +#endif // DO_RIPEMD_ASM // for all --- 1.5/extra/yassl/taocrypt/src/sha.cpp 2006-10-16 12:20:04 +02:00 +++ 1.6/extra/yassl/taocrypt/src/sha.cpp 2006-10-16 12:20:04 +02:00 @@ -28,16 +28,16 @@ #include "runtime.hpp" #include <string.h> #include "sha.hpp" -#include STL_ALGORITHM_FILE +#ifdef USE_SYS_STL + #include <algorithm> +#else + #include "algorithm.hpp" +#endif namespace STL = STL_NAMESPACE; -#if defined(TAOCRYPT_X86ASM_AVAILABLE) && defined(TAO_ASM) - #define DO_SHA_ASM -#endif - namespace TaoCrypt { @@ -108,10 +108,18 @@ } -// Update digest with data of size len, do in blocks + +#ifdef DO_SHA_ASM + +// Update digest with data of size len void SHA::Update(const byte* data, word32 len) { - byte* local = (byte*)buffer_; + if (!isMMX) { + HASHwithTransform::Update(data, len); + return; + } + + byte* local = reinterpret_cast<byte*>(buffer_); // remove buffered data if possible if (buffLen_) { @@ -123,27 +131,15 @@ len -= add; if (buffLen_ == BLOCK_SIZE) { - ByteReverseIf(local, local, BLOCK_SIZE, BigEndianOrder); + ByteReverse(local, local, BLOCK_SIZE); Transform(); AddLength(BLOCK_SIZE); buffLen_ = 0; } } - // do block size transforms or all at once for asm + // all at once for asm if (buffLen_ == 0) { - #ifndef DO_SHA_ASM - while (len >= BLOCK_SIZE) { - memcpy(&local[0], data, BLOCK_SIZE); - - data += BLOCK_SIZE; - len -= BLOCK_SIZE; - - ByteReverseIf(local, local, BLOCK_SIZE, BigEndianOrder); - Transform(); - AddLength(BLOCK_SIZE); - } - #else word32 times = len / BLOCK_SIZE; if (times) { AsmTransform(data, times); @@ -152,7 +148,6 @@ len -= add; data += add; } - #endif } // cache any data left @@ -161,6 +156,8 @@ buffLen_ += len; } } + +#endif // DO_SHA_ASM void SHA::Transform()
| Thread | ||
|---|---|---|
| • bk commit into 5.0 tree (msvensson:1.2302) | msvensson | 16 Oct |
© 1995-2008 MySQL AB, 2008-2009 Sun Microsystems, Inc.
Page generated in 1.337 sec. using MySQL 5.1.14-beta-log