/*#define SSL_HOST_NAME "193.118.187.102" */
#define SSL_HOST_NAME "localhost"
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
+/* no default cert. */
+/*#define TEST_CERT "client.pem" */
#undef BUFSIZZ
#define BUFSIZZ 1024*8
#define SSL_CONNECT_NAME "localhost:4433"
-/*#define TEST_CERT "client.pem" */ /* no default cert. */
+/* no default cert. */
+/*#define TEST_CERT "client.pem" */
#undef BUFSIZZ
#define BUFSIZZ 1024*10
* be expanded to the appropriate size if needed.
*/
-int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b); /*r = a + b*/
+/*r = a + b*/
+int BN_GF2m_add(BIGNUM *r, const BIGNUM *a, const BIGNUM *b);
#define BN_GF2m_sub(r, a, b) BN_GF2m_add(r, a, b)
-int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p); /*r=a mod p*/
+/*r=a mod p*/
+int BN_GF2m_mod(BIGNUM *r, const BIGNUM *a, const BIGNUM *p);
+/* r = (a * b) mod p */
int BN_GF2m_mod_mul(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx); /* r = (a * b) mod p */
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a * a) mod p */
int BN_GF2m_mod_sqr(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx); /* r = (a * a) mod p */
+ BN_CTX *ctx);
+/* r = (1 / b) mod p */
int BN_GF2m_mod_inv(BIGNUM *r, const BIGNUM *b, const BIGNUM *p,
- BN_CTX *ctx); /* r = (1 / b) mod p */
+ BN_CTX *ctx);
+/* r = (a / b) mod p */
int BN_GF2m_mod_div(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx); /* r = (a / b) mod p */
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = (a ^ b) mod p */
int BN_GF2m_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const BIGNUM *p, BN_CTX *ctx); /* r = (a ^ b) mod p */
+ const BIGNUM *p, BN_CTX *ctx);
+/* r = sqrt(a) mod p */
int BN_GF2m_mod_sqrt(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx); /* r = sqrt(a) mod p */
+ BN_CTX *ctx);
+/* r^2 + r = a mod p */
int BN_GF2m_mod_solve_quad(BIGNUM *r, const BIGNUM *a, const BIGNUM *p,
- BN_CTX *ctx); /* r^2 + r = a mod p */
+ BN_CTX *ctx);
#define BN_GF2m_cmp(a, b) BN_ucmp((a), (b))
/*-
* Some functions allow for representation of the irreducible polynomials
* t^p[0] + t^p[1] + ... + t^p[k]
* where m = p[0] > p[1] > ... > p[k] = 0.
*/
+/* r = a mod p */
int BN_GF2m_mod_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[]);
- /* r = a mod p */
+/* r = (a * b) mod p */
int BN_GF2m_mod_mul_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx); /* r = (a * b) mod p */
+ const unsigned int p[], BN_CTX *ctx);
+/* r = (a * a) mod p */
int BN_GF2m_mod_sqr_arr(BIGNUM *r, const BIGNUM *a, const unsigned int p[],
- BN_CTX *ctx); /* r = (a * a) mod p */
+ BN_CTX *ctx);
+/* r = (1 / b) mod p */
int BN_GF2m_mod_inv_arr(BIGNUM *r, const BIGNUM *b, const unsigned int p[],
- BN_CTX *ctx); /* r = (1 / b) mod p */
+ BN_CTX *ctx);
+/* r = (a / b) mod p */
int BN_GF2m_mod_div_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx); /* r = (a / b) mod p */
+ const unsigned int p[], BN_CTX *ctx);
+/* r = (a ^ b) mod p */
int BN_GF2m_mod_exp_arr(BIGNUM *r, const BIGNUM *a, const BIGNUM *b,
- const unsigned int p[], BN_CTX *ctx); /* r = (a ^ b) mod p */
+ const unsigned int p[], BN_CTX *ctx);
+/* r = sqrt(a) mod p */
int BN_GF2m_mod_sqrt_arr(BIGNUM *r, const BIGNUM *a,
- const unsigned int p[], BN_CTX *ctx); /* r = sqrt(a) mod p */
+ const unsigned int p[], BN_CTX *ctx);
+/* r^2 + r = a mod p */
int BN_GF2m_mod_solve_quad_arr(BIGNUM *r, const BIGNUM *a,
- const unsigned int p[], BN_CTX *ctx); /* r^2 + r = a mod p */
+ const unsigned int p[], BN_CTX *ctx);
int BN_GF2m_poly2arr(const BIGNUM *a, unsigned int p[], int max);
int BN_GF2m_arr2poly(const unsigned int p[], BIGNUM *a);
/* Methods here */
int (*generate_key)(DH *dh);
int (*compute_key)(unsigned char *key,const BIGNUM *pub_key,DH *dh);
+
+ /* Can be null */
int (*bn_mod_exp)(const DH *dh, BIGNUM *r, const BIGNUM *a,
const BIGNUM *p, const BIGNUM *m, BN_CTX *ctx,
- BN_MONT_CTX *m_ctx); /* Can be null */
+ BN_MONT_CTX *m_ctx);
int (*init)(DH *dh);
int (*finish)(DH *dh);
return a > b ? a : b;
}
+/* timeout, -1 means no timeout */
static void
-tls_sockets_select(int read_select_1, int read_select_2, int write_select_1, int write_select_2, int seconds /* timeout, -1 means no timeout */)
+tls_sockets_select(int read_select_1, int read_select_2, int write_select_1, int write_select_2, int seconds)
{
int maxfd, n;
fd_set reads, writes;
}
}
+ /* p[4] < 5 ... silly record length? */
else if ((p[0] == SSL3_RT_HANDSHAKE) &&
(p[1] == SSL3_VERSION_MAJOR) &&
(p[5] == SSL3_MT_CLIENT_HELLO) &&
- ((p[3] == 0 && p[4] < 5 /* silly record length? */)
+ ((p[3] == 0 && p[4] < 5)
|| (p[9] >= p[1])))
{
/*
if (j <= 0) return(j);
ssl3_finish_mac(s, s->packet+2, s->packet_length-2);
+
+ /* CLIENT-HELLO */
if (s->msg_callback)
- s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg); /* CLIENT-HELLO */
+ s->msg_callback(0, SSL2_VERSION, 0, s->packet+2, s->packet_length-2, s, s->msg_callback_arg);
p=s->packet;
p+=5;
SSL3_ST_CR_SRVR_HELLO_A,
SSL3_ST_CR_SRVR_HELLO_B,
-1,
- 20000, /* ?? */
+ 20000,
&ok);
if (!ok) return((int)n);
int ok,ret=0;
long n;
+ /* Second to last param should be very small, like 0 :-) */
n=s->method->ssl_get_message(s,
SSL3_ST_CR_SRVR_DONE_A,
SSL3_ST_CR_SRVR_DONE_B,
SSL3_MT_SERVER_DONE,
- 30, /* should be very small, like 0 :-) */
+ 30,
&ok);
if (!ok) return((int)n);
{
if (check_srvr_ecc_cert_and_alg(sc->peer_pkeys[idx].x509,
s->s3->tmp.new_cipher) == 0)
- { /* check failed */
+ {
+ /* check failed */
SSLerr(SSL_F_SSL3_CHECK_CERT_AND_ALGORITHM,SSL_R_BAD_ECC_CERT);
goto f_err;
}
header[j++] = rec->length >> 8;
header[j++] = rec->length & 0xff;
+ /* Final param == is SSLv3 */
ssl3_cbc_digest_record(
hash,
md, &md_size,
header, rec->input,
rec->length + md_size, orig_len,
mac_sec, md_size,
- 1 /* is SSLv3 */);
+ 1);
}
else
{
}
/* else cookie verification succeeded */
}
+ /* default verification */
else if ( memcmp(s->d1->rcvd_cookie, s->d1->cookie,
- s->d1->cookie_len) != 0) /* default verification */
+ s->d1->cookie_len) != 0)
{
al=SSL_AD_HANDSHAKE_FAILURE;
SSLerr(SSL_F_SSL3_GET_CLIENT_HELLO,
SSL3_ST_SR_KEY_EXCH_A,
SSL3_ST_SR_KEY_EXCH_B,
SSL3_MT_CLIENT_KEY_EXCHANGE,
- 2048, /* ??? */
+ 2048,
&ok);
if (!ok) return((int)n);
static void process_proxy_debug(int indent, const char *format, ...)
{
+ /* That's 80 > */
static const char indentation[] =
">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"
- ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>"; /* That's 80 > */
+ ">>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>";
char my_format[256];
va_list args;
* timing-side channel information about how many blocks of
* data we are hashing because that gives an attacker a
* timing-oracle. */
+ /* Final param == not SSLv3 */
ssl3_cbc_digest_record(
hash,
md, &md_size,
rec->length + md_size, orig_len,
ssl->s3->read_mac_secret,
EVP_MD_size(ssl->read_hash),
- 0 /* not SSLv3 */);
+ /* not SSLv3 */
+ 0);
}
else
{
#ifdef CHARSET_EBCDIC
#undef TLS_MD_CLIENT_FINISH_CONST
-#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*client finished*/
+/*client finished*/
+#define TLS_MD_CLIENT_FINISH_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
#undef TLS_MD_SERVER_FINISH_CONST
-#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64" /*server finished*/
+/*server finished*/
+#define TLS_MD_SERVER_FINISH_CONST "\x73\x65\x72\x76\x65\x72\x20\x66\x69\x6e\x69\x73\x68\x65\x64"
+
#undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
+/*server write key*/
+#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
#undef TLS_MD_KEY_EXPANSION_CONST
-#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e" /*key expansion*/
+/*key expansion*/
+#define TLS_MD_KEY_EXPANSION_CONST "\x6b\x65\x79\x20\x65\x78\x70\x61\x6e\x73\x69\x6f\x6e"
+
#undef TLS_MD_CLIENT_WRITE_KEY_CONST
-#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*client write key*/
+/*client write key*/
+#define TLS_MD_CLIENT_WRITE_KEY_CONST "\x63\x6c\x69\x65\x6e\x74\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
#undef TLS_MD_SERVER_WRITE_KEY_CONST
-#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79" /*server write key*/
+/*server write key*/
+#define TLS_MD_SERVER_WRITE_KEY_CONST "\x73\x65\x72\x76\x65\x72\x20\x77\x72\x69\x74\x65\x20\x6b\x65\x79"
+
#undef TLS_MD_IV_BLOCK_CONST
-#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b" /*IV block*/
+/*IV block*/
+#define TLS_MD_IV_BLOCK_CONST "\x49\x56\x20\x62\x6c\x6f\x63\x6b"
+
#undef TLS_MD_MASTER_SECRET_CONST
-#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74" /*master secret*/
+/*master secret*/
+#define TLS_MD_MASTER_SECRET_CONST "\x6d\x61\x73\x74\x65\x72\x20\x73\x65\x63\x72\x65\x74"
#endif
#ifdef __cplusplus
projects / thirdparty / openssl.git / commitdiff
