projects
/
BearSSL
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
New AES and GHASH implementations using POWER8 crypto opcodes.
[BearSSL]
/
tools
/
client.c
diff --git
a/tools/client.c
b/tools/client.c
index
ce3c6d6
..
fad18e0
100644
(file)
--- a/
tools/client.c
+++ b/
tools/client.c
@@
-29,6
+29,10
@@
#include <errno.h>
#include <signal.h>
#include <errno.h>
#include <signal.h>
+#ifdef _WIN32
+#include <winsock2.h>
+#include <ws2tcpip.h>
+#else
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
#include <sys/types.h>
#include <sys/socket.h>
#include <netdb.h>
@@
-37,14
+41,17
@@
#include <unistd.h>
#include <fcntl.h>
#include <unistd.h>
#include <fcntl.h>
+#define SOCKET int
+#define INVALID_SOCKET (-1)
+#endif
+
#include "brssl.h"
#include "brssl.h"
-#include "bearssl.h"
static int
host_connect(const char *host, const char *port, int verbose)
{
struct addrinfo hints, *si, *p;
static int
host_connect(const char *host, const char *port, int verbose)
{
struct addrinfo hints, *si, *p;
-
int
fd;
+
SOCKET
fd;
int err;
memset(&hints, 0, sizeof hints);
int err;
memset(&hints, 0, sizeof hints);
@@
-54,9
+61,9
@@
host_connect(const char *host, const char *port, int verbose)
if (err != 0) {
fprintf(stderr, "ERROR: getaddrinfo(): %s\n",
gai_strerror(err));
if (err != 0) {
fprintf(stderr, "ERROR: getaddrinfo(): %s\n",
gai_strerror(err));
- return
-1
;
+ return
INVALID_SOCKET
;
}
}
- fd =
-1
;
+ fd =
INVALID_SOCKET
;
for (p = si; p != NULL; p = p->ai_next) {
if (verbose) {
struct sockaddr *sa;
for (p = si; p != NULL; p = p->ai_next) {
if (verbose) {
struct sockaddr *sa;
@@
-84,17
+91,21
@@
host_connect(const char *host, const char *port, int verbose)
fprintf(stderr, "connecting to: %s\n", tmp);
}
fd = socket(p->ai_family, p->ai_socktype, p->ai_protocol);
fprintf(stderr, "connecting to: %s\n", tmp);
}
fd = socket(p->ai_family, p->ai_socktype, p->ai_protocol);
- if (fd
< 0
) {
+ if (fd
== INVALID_SOCKET
) {
if (verbose) {
perror("socket()");
}
continue;
}
if (verbose) {
perror("socket()");
}
continue;
}
- if (connect(fd, p->ai_addr, p->ai_addrlen)
< 0
) {
+ if (connect(fd, p->ai_addr, p->ai_addrlen)
== INVALID_SOCKET
) {
if (verbose) {
perror("connect()");
}
if (verbose) {
perror("connect()");
}
+#ifdef _WIN32
+ closesocket(fd);
+#else
close(fd);
close(fd);
+#endif
continue;
}
break;
continue;
}
break;
@@
-102,7
+113,7
@@
host_connect(const char *host, const char *port, int verbose)
if (p == NULL) {
freeaddrinfo(si);
fprintf(stderr, "ERROR: failed to connect\n");
if (p == NULL) {
freeaddrinfo(si);
fprintf(stderr, "ERROR: failed to connect\n");
- return
-1
;
+ return
INVALID_SOCKET
;
}
freeaddrinfo(si);
if (verbose) {
}
freeaddrinfo(si);
if (verbose) {
@@
-111,9
+122,18
@@
host_connect(const char *host, const char *port, int verbose)
/*
* We make the socket non-blocking, since we are going to use
/*
* We make the socket non-blocking, since we are going to use
- * poll() to organise I/O.
+ * poll()
or select()
to organise I/O.
*/
*/
+#ifdef _WIN32
+ {
+ u_long arg;
+
+ arg = 1;
+ ioctlsocket(fd, FIONBIO, &arg);
+ }
+#else
fcntl(fd, F_SETFL, O_NONBLOCK);
fcntl(fd, F_SETFL, O_NONBLOCK);
+#endif
return fd;
}
return fd;
}
@@
-321,14
+341,16
@@
static uint32_t
cc_do_keyx(const br_ssl_client_certificate_class **pctx,
unsigned char *data, size_t *len)
{
cc_do_keyx(const br_ssl_client_certificate_class **pctx,
unsigned char *data, size_t *len)
{
+ const br_ec_impl *iec;
ccert_context *zc;
size_t xoff, xlen;
uint32_t r;
zc = (ccert_context *)pctx;
ccert_context *zc;
size_t xoff, xlen;
uint32_t r;
zc = (ccert_context *)pctx;
- r = br_ec_all_m15.mul(data, *len, zc->sk->key.ec.x,
+ iec = br_ec_get_default();
+ r = iec->mul(data, *len, zc->sk->key.ec.x,
zc->sk->key.ec.xlen, zc->sk->key.ec.curve);
zc->sk->key.ec.xlen, zc->sk->key.ec.curve);
- xoff =
br_ec_all_m15.
xoff(zc->sk->key.ec.curve, &xlen);
+ xoff =
iec->
xoff(zc->sk->key.ec.curve, &xlen);
memmove(data, data + xoff, xlen);
*len = xlen;
return r;
memmove(data, data + xoff, xlen);
*len = xlen;
return r;
@@
-370,8
+392,8
@@
cc_do_sign(const br_ssl_client_certificate_class **pctx,
}
return 0;
}
}
return 0;
}
- x = br_rsa_
i31_pkcs1_sign(hash_oid, hv, hv_len,
- &zc->sk->key.rsa, data);
+ x = br_rsa_
pkcs1_sign_get_default()(
+
hash_oid, hv, hv_len,
&zc->sk->key.rsa, data);
if (!x) {
if (zc->verbose) {
fprintf(stderr, "ERROR: RSA-sign failure\n");
if (!x) {
if (zc->verbose) {
fprintf(stderr, "ERROR: RSA-sign failure\n");
@@
-398,8
+420,8
@@
cc_do_sign(const br_ssl_client_certificate_class **pctx,
}
return 0;
}
}
return 0;
}
- sig_len = br_ecdsa_
i31_sign_asn1(&br_ec_all_m15,
- hc, hv, &zc->sk->key.ec, data);
+ sig_len = br_ecdsa_
sign_asn1_get_default()(
+
br_ec_get_default(),
hc, hv, &zc->sk->key.ec, data);
if (sig_len == 0) {
if (zc->verbose) {
fprintf(stderr, "ERROR: ECDSA-sign failure\n");
if (sig_len == 0) {
if (zc->verbose) {
fprintf(stderr, "ERROR: ECDSA-sign failure\n");
@@
-494,7
+516,7
@@
do_client(int argc, char *argv[])
const char *sni;
anchor_list anchors = VEC_INIT;
unsigned vmin, vmax;
const char *sni;
anchor_list anchors = VEC_INIT;
unsigned vmin, vmax;
- VECTOR(c
onst c
har *) alpn_names = VEC_INIT;
+ VECTOR(char *) alpn_names = VEC_INIT;
cipher_suite *suites;
size_t num_suites;
uint16_t *suite_ids;
cipher_suite *suites;
size_t num_suites;
uint16_t *suite_ids;
@@
-514,7
+536,7
@@
do_client(int argc, char *argv[])
size_t minhello_len;
int fallback;
uint32_t flags;
size_t minhello_len;
int fallback;
uint32_t flags;
-
int
fd;
+
SOCKET
fd;
retcode = 0;
verbose = 1;
retcode = 0;
verbose = 1;
@@
-539,7
+561,7
@@
do_client(int argc, char *argv[])
minhello_len = (size_t)-1;
fallback = 0;
flags = 0;
minhello_len = (size_t)-1;
fallback = 0;
flags = 0;
- fd =
-1
;
+ fd =
INVALID_SOCKET
;
for (i = 0; i < argc; i ++) {
const char *arg;
for (i = 0; i < argc; i ++) {
const char *arg;
@@
-926,54
+948,29
@@
do_client(int argc, char *argv[])
}
/* TODO: algorithm implementation selection */
if ((req & REQ_AESCBC) != 0) {
}
/* TODO: algorithm implementation selection */
if ((req & REQ_AESCBC) != 0) {
- br_ssl_engine_set_aes_cbc(&cc.eng,
- &br_aes_ct_cbcenc_vtable,
- &br_aes_ct_cbcdec_vtable);
- br_ssl_engine_set_cbc(&cc.eng,
- &br_sslrec_in_cbc_vtable,
- &br_sslrec_out_cbc_vtable);
+ br_ssl_engine_set_default_aes_cbc(&cc.eng);
}
if ((req & REQ_AESGCM) != 0) {
}
if ((req & REQ_AESGCM) != 0) {
- br_ssl_engine_set_aes_ctr(&cc.eng,
- &br_aes_ct_ctr_vtable);
- br_ssl_engine_set_ghash(&cc.eng,
- &br_ghash_ctmul);
- br_ssl_engine_set_gcm(&cc.eng,
- &br_sslrec_in_gcm_vtable,
- &br_sslrec_out_gcm_vtable);
+ br_ssl_engine_set_default_aes_gcm(&cc.eng);
}
if ((req & REQ_CHAPOL) != 0) {
}
if ((req & REQ_CHAPOL) != 0) {
- br_ssl_engine_set_chacha20(&cc.eng,
- &br_chacha20_ct_run);
- br_ssl_engine_set_poly1305(&cc.eng,
- &br_poly1305_ctmul_run);
- br_ssl_engine_set_chapol(&cc.eng,
- &br_sslrec_in_chapol_vtable,
- &br_sslrec_out_chapol_vtable);
+ br_ssl_engine_set_default_chapol(&cc.eng);
}
if ((req & REQ_3DESCBC) != 0) {
}
if ((req & REQ_3DESCBC) != 0) {
- br_ssl_engine_set_des_cbc(&cc.eng,
- &br_des_ct_cbcenc_vtable,
- &br_des_ct_cbcdec_vtable);
- br_ssl_engine_set_cbc(&cc.eng,
- &br_sslrec_in_cbc_vtable,
- &br_sslrec_out_cbc_vtable);
+ br_ssl_engine_set_default_des_cbc(&cc.eng);
}
if ((req & REQ_RSAKEYX) != 0) {
}
if ((req & REQ_RSAKEYX) != 0) {
- br_ssl_client_set_
rsapub(&cc, &br_rsa_i31_publi
c);
+ br_ssl_client_set_
default_rsapub(&c
c);
}
if ((req & REQ_ECDHE_RSA) != 0) {
}
if ((req & REQ_ECDHE_RSA) != 0) {
- br_ssl_engine_set_ec(&cc.eng, &br_ec_all_m15);
- br_ssl_engine_set_rsavrfy(&cc.eng,
- &br_rsa_i31_pkcs1_vrfy);
+ br_ssl_engine_set_default_ec(&cc.eng);
+ br_ssl_engine_set_default_rsavrfy(&cc.eng);
}
if ((req & REQ_ECDHE_ECDSA) != 0) {
}
if ((req & REQ_ECDHE_ECDSA) != 0) {
- br_ssl_engine_set_ec(&cc.eng, &br_ec_all_m15);
- br_ssl_engine_set_ecdsa(&cc.eng,
- &br_ecdsa_i31_vrfy_asn1);
+ br_ssl_engine_set_default_ecdsa(&cc.eng);
}
if ((req & REQ_ECDH) != 0) {
}
if ((req & REQ_ECDH) != 0) {
- br_ssl_engine_set_
ec(&cc.eng, &br_ec_all_m15
);
+ br_ssl_engine_set_
default_ec(&cc.eng
);
}
}
if (fallback) {
}
}
if (fallback) {
@@
-1005,9
+1002,9
@@
do_client(int argc, char *argv[])
&br_tls12_sha384_prf);
}
}
&br_tls12_sha384_prf);
}
}
- br_x509_minimal_set_rsa(&xc,
&br_rsa_i31_pkcs1_vrfy
);
+ br_x509_minimal_set_rsa(&xc,
br_rsa_pkcs1_vrfy_get_default()
);
br_x509_minimal_set_ecdsa(&xc,
br_x509_minimal_set_ecdsa(&xc,
-
&br_ec_all_m15, &br_ecdsa_i31_vrfy_asn1
);
+
br_ec_get_default(), br_ecdsa_vrfy_asn1_get_default()
);
/*
* If there is no provided trust anchor, then certificate validation
/*
* If there is no provided trust anchor, then certificate validation
@@
-1031,7
+1028,8
@@
do_client(int argc, char *argv[])
br_ssl_engine_set_all_flags(&cc.eng, flags);
if (VEC_LEN(alpn_names) != 0) {
br_ssl_engine_set_protocol_names(&cc.eng,
br_ssl_engine_set_all_flags(&cc.eng, flags);
if (VEC_LEN(alpn_names) != 0) {
br_ssl_engine_set_protocol_names(&cc.eng,
- &VEC_ELT(alpn_names, 0), VEC_LEN(alpn_names));
+ (const char **)&VEC_ELT(alpn_names, 0),
+ VEC_LEN(alpn_names));
}
if (chain != NULL) {
}
if (chain != NULL) {
@@
-1055,15
+1053,17
@@
do_client(int argc, char *argv[])
br_ssl_client_reset(&cc, sni, 0);
/*
br_ssl_client_reset(&cc, sni, 0);
/*
- *
W
e need to avoid SIGPIPE.
+ *
On Unix systems, w
e need to avoid SIGPIPE.
*/
*/
+#ifndef _WIN32
signal(SIGPIPE, SIG_IGN);
signal(SIGPIPE, SIG_IGN);
+#endif
/*
* Connect to the peer.
*/
fd = host_connect(host, port, verbose);
/*
* Connect to the peer.
*/
fd = host_connect(host, port, verbose);
- if (fd
< 0
) {
+ if (fd
== INVALID_SOCKET
) {
goto client_exit_error;
}
goto client_exit_error;
}
@@
-1092,8
+1092,12
@@
client_exit:
free_certificates(chain, chain_len);
free_private_key(sk);
xfree(iobuf);
free_certificates(chain, chain_len);
free_private_key(sk);
xfree(iobuf);
- if (fd >= 0) {
+ if (fd != INVALID_SOCKET) {
+#ifdef _WIN32
+ closesocket(fd);
+#else
close(fd);
close(fd);
+#endif
}
return retcode;
}
return retcode;