asn1.h   asn1.h 
/* /*
* asn1.h * asn1.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added


 coreApi.h   coreApi.h 
/* /*
* coreApi.h * coreApi.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Prototypes for the PeerSec core public APIs * Prototypes for the PeerSec core public APIs
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 112 skipping to change at line 112
unsigned char *end; /* Pointer to first byte of invalid data */ unsigned char *end; /* Pointer to first byte of invalid data */
int32 size; /* Size of buffer in bytes */ int32 size; /* Size of buffer in bytes */
} psBuf_t; } psBuf_t;
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Public APIs Public APIs
*/ */
/************************************************************************** ****/ /************************************************************************** ****/
PSPUBLIC int32 psCoreOpen(void); PSPUBLIC int32 psCoreOpen(void);
PSPUBLIC int32 psCoreClose(void); PSPUBLIC void psCoreClose(void);
PSPUBLIC void psBurnStack(uint32 len); PSPUBLIC void psBurnStack(uint32 len);
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Public interface to OS-dependant core functionality Public interface to OS-dependant core functionality
OS/osdep.c must implement the below functions OS/osdep.c must implement the below functions
*/ */
PSPUBLIC int32 psGetEntropy(unsigned char *bytes, uint32 size); PSPUBLIC int32 psGetEntropy(unsigned char *bytes, uint32 size);
PSPUBLIC int32 psGetTime(psTime_t *t); PSPUBLIC int32 psGetTime(psTime_t *t);
PSPUBLIC int32 psDiffMsecs(psTime_t then, psTime_t now); PSPUBLIC int32 psDiffMsecs(psTime_t then, psTime_t now);
PSPUBLIC int32 psCompareTime(psTime_t a, psTime_t b); PSPUBLIC int32 psCompareTime(psTime_t a, psTime_t b);
#ifdef USE_FILE_SYSTEM #ifdef PS_USE_FILE_SYSTEM
PSPUBLIC int32 psGetFileBuf(psPool_t *pool, const char *fileName, PSPUBLIC int32 psGetFileBuf(psPool_t *pool, const char *fileName,
unsigned ch ar **buf, int32 *bufLen); unsigned ch ar **buf, int32 *bufLen);
#endif /* USE_FILE_SYSTEM */ #endif /* PS_USE_FILE_SYSTEM */
#ifdef USE_MULTITHREADING #ifdef USE_MULTITHREADING
PSPUBLIC int32 psCreateMutex(psMutex_t *mutex); PSPUBLIC int32 psCreateMutex(psMutex_t *mutex);
PSPUBLIC int32 psLockMutex(psMutex_t *mutex); PSPUBLIC int32 psLockMutex(psMutex_t *mutex);
PSPUBLIC int32 psUnlockMutex(psMutex_t *mutex); PSPUBLIC int32 psUnlockMutex(psMutex_t *mutex);
PSPUBLIC void psDestroyMutex(psMutex_t *mutex); PSPUBLIC void psDestroyMutex(psMutex_t *mutex);
#endif /* USE_MULTITHREADING */ #endif /* USE_MULTITHREADING */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
 End of changes. 5 change blocks. 
5 lines changed or deleted 5 lines changed or added


 coreConfig.h   coreConfig.h 
/* /*
* coreConfig.h * coreConfig.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Configuration settings for PeerSec core module * Configuration settings for PeerSec core module
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 52 skipping to change at line 52
/* #define HALT_ON_PS_ERROR */ /* NOT RECOMMENDED FOR PRODUCTION BUILDS */ /* #define HALT_ON_PS_ERROR */ /* NOT RECOMMENDED FOR PRODUCTION BUILDS */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Turn on the psTraceCore set of APIs for log trace of the core module Turn on the psTraceCore set of APIs for log trace of the core module
*/ */
/* #define USE_CORE_TRACE */ /* #define USE_CORE_TRACE */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Enable file access using platform open() for some features
*/
#define USE_FILE_SYSTEM
/**************************************************************************
****/
/*
Include the osdepMutex family of APIs Include the osdepMutex family of APIs
*/ */
/* #define USE_MULTITHREADING */ /* #define USE_MULTITHREADING */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Does the platform support a native 64-bit data type (long long)? Does the platform support a native 64-bit data type (long long)?
Most 32 bit platforms do support native 64 bit integers, or at least can Most 32 bit platforms do support native 64 bit integers, or at least can
accumulate 32 bit products into a 64 bit register result. accumulate 32 bit products into a 64 bit register result.
(Formerly this option was named USE_INT64) (Formerly this option was named USE_INT64)
 End of changes. 3 change blocks. 
9 lines changed or deleted 2 lines changed or added


 cryptoApi.h   cryptoApi.h 
/* /*
* cryptoApi.h * cryptoApi.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Prototypes for the PeerSec crypto public APIs * Prototypes for the PeerSec crypto public APIs
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 193 skipping to change at line 193
#ifdef USE_RSA #ifdef USE_RSA
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Private Key Parsing Private Key Parsing
PKCS#1 - RSA specific PKCS#1 - RSA specific
PKCS#8 - General private key storage format PKCS#8 - General private key storage format
*/ */
#ifdef USE_PRIVATE_KEY_PARSING #ifdef USE_PRIVATE_KEY_PARSING
PSPUBLIC int32 pkcs1ParsePrivBin(psPool_t *pool, unsigned char *p, PSPUBLIC int32 pkcs1ParsePrivBin(psPool_t *pool, unsigned char *p,
uint32 size, psPubKey_t **key); uint32 size, psPubKey_t **key);
#ifdef USE_FILE_SYSTEM #ifdef PS_USE_FILE_SYSTEM
PSPUBLIC int32 pkcs1ParsePrivFile(psPool_t *pool, char *fileName, PSPUBLIC int32 pkcs1ParsePrivFile(psPool_t *pool, char *fileName,
char *password, psPubKey_t **outkey); char *password, psPubKey_t **outkey);
PSPUBLIC int32 pkcs1DecodePrivFile(psPool_t *pool, char *fileName, PSPUBLIC int32 pkcs1DecodePrivFile(psPool_t *pool, char *fileName,
char *password, unsigned char **DERout, uint 32 *DERlen); char *password, unsigned char **DERout, uint 32 *DERlen);
#endif /* USE_FILE_SYSTEM */ #endif /* PS_USE_FILE_SYSTEM */
#endif /* USE_PRIVATE_KEY_PARSING */ #endif /* USE_PRIVATE_KEY_PARSING */
#endif /* USE_RSA */ #endif /* USE_RSA */
/************************************************************************** ****/ /************************************************************************** ****/
/************************************************************************** ****/ /************************************************************************** ****/
#ifdef USE_PKCS5 #ifdef USE_PKCS5
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
PKCS#5 PBKDF v1 and v2 key generation PKCS#5 PBKDF v1 and v2 key generation
 End of changes. 4 change blocks. 
4 lines changed or deleted 4 lines changed or added


 cryptoConfig.h   cryptoConfig.h 
/* /*
* cryptoConfig.h * cryptoConfig.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 43 skipping to change at line 43
/************************************************************************** ****/ /************************************************************************** ****/
/* Configurable features */ /* Configurable features */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Enable psTraceCrypto family of APIs for debugging the crypto module Enable psTraceCrypto family of APIs for debugging the crypto module
*/ */
/* #define USE_CRYPTO_TRACE */ /* #define USE_CRYPTO_TRACE */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Public-Key Algorithms Public-Key Algorithms and performance settings
*/ */
#define USE_RSA #define USE_RSA
/************************************************************************** ****/
/* /*
Symmetric bock ciphers (including CBC mode) Set to either optimize for faster speed or for smaller ram usage
when using public key operations. Only one may be defined.
The speed gain for optimizing for speed is around 5%
The memory savings for optimizing for ram is around 50%
*/ */
#define PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM
/* #define PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED */
/**************************************************************************
****/
/*
Symmetric bock ciphers (including CBC mode) and performance settings
*/
#define USE_AES #define USE_AES
#define USE_3DES #define USE_3DES
/* #define USE_DES */ /* #define USE_DES */
/*
Optionally set to improve performance at the cost of larger binary c
ode
size. Platforms vary, but ciphers will generally see a 5%-10% perfo
rmance
boost at the cost of 10-20 kilobytes (per algorithm).
*/
/* #define PS_AES_IMPROVE_PERF_INCREASE_CODESIZE */
/* #define PS_3DES_IMPROVE_PERF_INCREASE_CODESIZE */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Symmetric stream ciphers Symmetric stream ciphers
*/ */
/* #define USE_ARC4 */ /* #define USE_ARC4 */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Digest algorithms Digest algorithms
*/ */
#define USE_SHA1 #define USE_SHA1
#define USE_MD5 #define USE_MD5
#define USE_HMAC /* Requires USE_MD5 and/or USE_SHA1 */ #define USE_HMAC /* Requires USE_MD5 and/or USE_SHA1 */
/*
Optionally set to improve performance at the cost of larger binary c
ode
size. Platforms vary, but digests will generally see a 5%-10% perfo
rmance
boost at the cost of 1-10 kilobytes (per algorithm).
*/
/* #define PS_MD5_IMPROVE_PERF_INCREASE_CODESIZE */
/* #define PS_SHA1_IMPROVE_PERF_INCREASE_CODESIZE */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
X.509 Certificate X.509 Certificate
*/ */
#define USE_X509 #define USE_X509
#define USE_CERT_PARSE /* Usually required. USE_X509 must be enabled */ #define USE_CERT_PARSE /* Usually required. USE_X509 must be enabled */
/* #define USE_FULL_CERT_PARSE */ /* USE_CERT_PARSE must be enabled */ /* #define USE_FULL_CERT_PARSE */ /* USE_CERT_PARSE must be enabled */
#define USE_BASE64_DECODE #define USE_BASE64_DECODE
skipping to change at line 98 skipping to change at line 123
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
PRNG Algorithms PRNG Algorithms
*/ */
#define USE_YARROW #define USE_YARROW
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
All below here are configurable tweaks (do not need to touch, in genera l) All below here are configurable tweaks (do not need to touch, in genera l)
*/ */
#define SMALL_CODE
#define USE_BURN_STACK #define USE_BURN_STACK
#endif /* _h_PS_CRYPTOCONFIG */ #endif /* _h_PS_CRYPTOCONFIG */
/************************************************************************** ****/ /************************************************************************** ****/
 End of changes. 10 change blocks. 
6 lines changed or deleted 35 lines changed or added


 cryptolib.h   cryptolib.h 
/* /*
* cryptolib.h * cryptolib.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 128 skipping to change at line 128
#define OID_ECDSA_KEY_ALG 518 /* 42.134.72.206.61.2.1 */ #define OID_ECDSA_KEY_ALG 518 /* 42.134.72.206.61.2.1 */
#ifdef USE_PKCS5 #ifdef USE_PKCS5
#define OID_DES_EDE3_CBC 652 /* 42.134.72.134.247.13.3.7 */ #define OID_DES_EDE3_CBC 652 /* 42.134.72.134.247.13.3.7 */
#define OID_PKCS_PBKDF2 660 /* 42.134.72.134.247.13. 1.5.12 */ #define OID_PKCS_PBKDF2 660 /* 42.134.72.134.247.13. 1.5.12 */
#define OID_PKCS_PBES2 661 /* 42.134.72.134.247.13.1.5.13 * / #define OID_PKCS_PBES2 661 /* 42.134.72.134.247.13.1.5.13 * /
#endif /* USE_PKCS5 */ #endif /* USE_PKCS5 */
/************************************************************************** ****/ /************************************************************************** ****/
/* These values are all mutually exlusive bits to define Cipher flags */
#define CRYPTO_FLAGS_AES 0x01
#define CRYPTO_FLAGS_AES256 0x02
#define CRYPTO_FLAGS_3DES 0x04
#define CRYPTO_FLAGS_ARC4 0x08
#define CRYPTO_FLAGS_SEED 0x10
#define CRYPTO_FLAGS_SHA1 0x20
#define CRYPTO_FLAGS_MD5 0x40
#define CRYPTO_FLAGS_TLS 0x80
#define CRYPTO_FLAGS_INBOUND 0x100
#define CRYPTO_FLAGS_ARC4INIT 0x200
#define CRYPTO_FLAGS_DISABLED 0x800
/**************************************************************************
****/
#define CRYPT_INVALID_KEYSIZE -21 #define CRYPT_INVALID_KEYSIZE -21
#define CRYPT_INVALID_ROUNDS -22 #define CRYPT_INVALID_ROUNDS -22
/************************************************************************** ****/ /************************************************************************** ****/
/* 32-bit Rotates */ /* 32-bit Rotates */
/************************************************************************** ****/ /************************************************************************** ****/
#if defined(_MSC_VER) #if defined(_MSC_VER)
/************************************************************************** ****/ /************************************************************************** ****/
 End of changes. 3 change blocks. 
2 lines changed or deleted 21 lines changed or added


 digest.h   digest.h 
/* /*
* digest.h * digest.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Header for internal symmetric key cryptography support * Header for internal symmetric key cryptography support
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added


 list.h   list.h 
/* /*
* list.h * list.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added


 matrixsslApi.h   matrixsslApi.h 
/* /*
* matrixsslApi.h * matrixsslApi.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Public header file for MatrixSSL * Public header file for MatrixSSL
* Implementations interacting with the matrixssl library should * Implementations interacting with the matrixssl library should
* only use the APIs and definitions used in this file. * only use the APIs and definitions used in this file.
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 129 skipping to change at line 129
PSPUBLIC void matrixSslDeleteHelloExtension(tlsExtension_t *extension); PSPUBLIC void matrixSslDeleteHelloExtension(tlsExtension_t *extension);
#endif /* USE_CLIENT_SIDE_SSL */ #endif /* USE_CLIENT_SIDE_SSL */
/************************************************************************** ****/ /************************************************************************** ****/
#ifdef USE_SERVER_SIDE_SSL #ifdef USE_SERVER_SIDE_SSL
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Server side APIs Server side APIs
*/ */
PSPUBLIC int32 matrixSslNewServerSession(ssl_t **ssl, sslKeys_t *keys, PSPUBLIC int32 matrixSslNewServerSession(ssl_t **ssl, sslKeys_t *keys,
int32 (*certCb)(ssl_t *ssl, psX509Cert_t * int32 (*certCb)(ssl_t *ssl, psX509Cert_t *ce
cert, int32 alert)); rt, int32 alert));
PSPUBLIC int32 matrixSslSetCipherSuiteEnabledStatus(ssl_t *ssl, uint16 ciph
erId,
uint32 status);
#endif /* USE_SERVER_SIDE_SSL */ #endif /* USE_SERVER_SIDE_SSL */
/************************************************************************** ****/ /************************************************************************** ****/
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* _h_MATRIXSSL */ #endif /* _h_MATRIXSSL */
 End of changes. 3 change blocks. 
4 lines changed or deleted 7 lines changed or added


 matrixsslConfig.h   matrixsslConfig.h 
/* /*
* matrixsslConfig.h * matrixsslConfig.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Configuration settings for building the MatrixSSL library. * Configuration settings for building the MatrixSSL library.
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 131 skipping to change at line 131
REQUIRE_SECURE_REHANDSHAKES and a compile error will occur REQUIRE_SECURE_REHANDSHAKES and a compile error will occur
To completely disable rehandshaking comment out all three of these d efines To completely disable rehandshaking comment out all three of these d efines
*/ */
#define ENABLE_SECURE_REHANDSHAKES #define ENABLE_SECURE_REHANDSHAKES
/* #define REQUIRE_SECURE_REHANDSHAKES */ /* #define REQUIRE_SECURE_REHANDSHAKES */
/* #define ENABLE_INSECURE_REHANDSHAKES */ /* NOT RECOMMENDED */ /* #define ENABLE_INSECURE_REHANDSHAKES */ /* NOT RECOMMENDED */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Google has an implementation of HTTPS client (Chrome) that sends app
lication
data immedately after the client FINISHED message, and before the se
rver
has responded with a CHANGE_CIPHER_SPEC and FINISHED message. This s
aves
a round trip when sending the HTTP request, since it is sent with th
e
FINISHED message in a single IP packet, and does not wait for the se
rver
handshake response.
A similar technique is used and supported by MatrixSSL for including
application data at the end of a finished message that does not requ
ire
a response (a standard server Finished message for example). However
,
this implementation in Chrome is subtly and importantly different.
MatrixSSL was written to explicitly ignore any data after any handsh
ake
message that requires a response, because in all cases, this respons
e
changes the state of the client.
Chrome cannot be assured that the final handshake hash matches (and
that
the handshake was not tampered with) before it sends the potentially
sensitive HTTP request.
Apparently most other SSL implementations do allow this "trick" to
succeed, and so we have added support as well using a conditional co
mpile.
Enabling this allows Chrome browsers to connect to HTTPS servers run
ning
MatrixSSL. Sending app data with a client finished message from Matr
ixSSL
is still NOT SUPPORTED for the security reasons above.
For more information:
http://tools.ietf.org/html/draft-bmoeller-tls-falsestart-00
*/
#define ENABLE_FALSE_START
/**************************************************************************
****/
/*
Enable certificate chain message "stream" parsing. This allows sing le Enable certificate chain message "stream" parsing. This allows sing le
certificates to be parsed on-the-fly without having to wait for the entire certificates to be parsed on-the-fly without having to wait for the entire
certificate chain to be recieved in the buffer. This is a memory sa ving certificate chain to be recieved in the buffer. This is a memory sa ving
feature for the application buffer but will add a small amount of co de feature for the application buffer but will add a small amount of co de
size for the parsing and structure overhead. size for the parsing and structure overhead.
This feature will only save memory if the CERTIFICATE message is the This feature will only save memory if the CERTIFICATE message is the
only message in the record, and multiple certs are present in the ch ain. only message in the record, and multiple certs are present in the ch ain.
*/ */
/* #define USE_CERT_CHAIN_PARSING */ /* #define USE_CERT_CHAIN_PARSING */
 End of changes. 3 change blocks. 
2 lines changed or deleted 49 lines changed or added


 matrixssllib.h   matrixssllib.h 
/* /*
* matrixssllib.h * matrixssllib.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Internal header file used for the MatrixSSL implementation. * Internal header file used for the MatrixSSL implementation.
* Only modifiers of the library should be intersted in this file * Only modifiers of the library should be intersted in this file
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 52 skipping to change at line 52
Start with compile-time checks for the necessary crypto support. Start with compile-time checks for the necessary crypto support.
*/ */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
SHA1 and MD5 are essential elements for SSL key derivation during pr otocol SHA1 and MD5 are essential elements for SSL key derivation during pr otocol
*/ */
#if !defined USE_MD5 || !defined USE_SHA1 #if !defined USE_MD5 || !defined USE_SHA1
#error "Must enable both USE_MD5 and USE_SHA1 in cryptoConfig.h for MatrixS SL" #error "Must enable both USE_MD5 and USE_SHA1 in cryptoConfig.h for MatrixS SL"
#endif #endif
#if !defined USE_CLIENT_SIDE_SSL && !defined USE_SERVER_SIDE_SSL
#error "Must enable either USE_CLIENT_SIDE_SSL or USE_SERVER_SIDE_SSL (or b
oth)"
#endif
#ifndef USE_CERT_PARSE #ifndef USE_CERT_PARSE
#ifdef USE_CLIENT_SIDE_SSL #ifdef USE_CLIENT_SIDE_SSL
#error "Must enable USE_CERT_PARSE if building client with USE_CLIENT_SIDE_ SSL" #error "Must enable USE_CERT_PARSE if building client with USE_CLIENT_SIDE_ SSL"
#endif #endif
#endif #endif
/* /*
X.509 is required for all configurations of SSL below X.509 is required for all configurations of SSL below
*/ */
#ifndef USE_X509 #ifndef USE_X509
skipping to change at line 182 skipping to change at line 186
#define VALIDATE_KEY_MATERIAL #define VALIDATE_KEY_MATERIAL
#endif /* USE_CERT_PARSE */ #endif /* USE_CERT_PARSE */
/************************************************************************** ****/ /************************************************************************** ****/
/************************************************************************** ****/ /************************************************************************** ****/
/* SSL protocol and MatrixSSL defines */ /* SSL protocol and MatrixSSL defines */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Maximum SSL record size, per specification Maximum SSL record size, per specification
*/ */
#define SSL_MAX_PLAINTEXT_LEN 0x4000 /* 16KB */ #define SSL_MAX_PLAINTEXT_LEN 0x4000 /* 16KB */
#define SSL_MAX_RECORD_LEN SSL_MAX_PLAINTEXT_LEN + 2048 #define SSL_MAX_RECORD_LEN SSL_MAX_PLAINTEXT_LEN + 2048
#define SSL_MAX_BUF_SIZE SSL_MAX_RECORD_LEN + 0x5 #define SSL_MAX_BUF_SIZE SSL_MAX_RECORD_LEN + 0x5
#define SSL_MAX_DISABLED_CIPHERS 8
/* /*
Maximum buffer sizes for static SSL array types Maximum buffer sizes for static SSL array types
*/ */
#define SSL_MAX_MAC_SIZE 20 #define SSL_MAX_MAC_SIZE 20
#define SSL_MAX_IV_SIZE 16 #define SSL_MAX_IV_SIZE 16
#define SSL_MAX_BLOCK_SIZE 16 #define SSL_MAX_BLOCK_SIZE 16
#define SSL_MAX_SYM_KEY_SIZE 32 #define SSL_MAX_SYM_KEY_SIZE 32
/* /*
Negative return codes must be between -50 and -69 in the MatrixSSL m odule Negative return codes must be between -50 and -69 in the MatrixSSL m odule
skipping to change at line 261 skipping to change at line 265
MUST NOT OVERLAP WITH ANY OF THE ALERT CODES ABOVE MUST NOT OVERLAP WITH ANY OF THE ALERT CODES ABOVE
*/ */
#define SSL_ALLOW_ANON_CONNECTION 254 #define SSL_ALLOW_ANON_CONNECTION 254
/* /*
Flags. DO NOT TOUCH Flags. DO NOT TOUCH
*/ */
#define SSL_FLAGS_SERVER 0x1 #define SSL_FLAGS_SERVER 0x1
#define SSL_FLAGS_READ_SECURE 0x2 #define SSL_FLAGS_READ_SECURE 0x2
#define SSL_FLAGS_WRITE_SECURE 0x4 #define SSL_FLAGS_WRITE_SECURE 0x4
#define SSL_FLAGS_RESUMED 0x10 #define SSL_FLAGS_RESUMED 0x8
#define SSL_FLAGS_CLOSED 0x20 #define SSL_FLAGS_CLOSED 0x10
#define SSL_FLAGS_NEED_ENCODE 0x40 #define SSL_FLAGS_NEED_ENCODE 0x20
#define SSL_FLAGS_ERROR 0x80 #define SSL_FLAGS_ERROR 0x40
#define SSL_FLAGS_TLS 0x100 #define SSL_FLAGS_TLS 0x80
#define SSL_FLAGS_CLIENT_AUTH 0x200 #define SSL_FLAGS_CLIENT_AUTH 0x100
#define SSL_FLAGS_ANON_CIPHER 0x2000 #define SSL_FLAGS_ANON_CIPHER 0x200
#define SSL_FLAGS_FALSE_START 0x400
/* /*
Buffer flags (ssl->bFlags) Buffer flags (ssl->bFlags)
*/ */
#define BFLAG_CLOSE_AFTER_SENT 0x01 #define BFLAG_CLOSE_AFTER_SENT 0x01
#define BFLAG_HS_COMPLETE 0x02 #define BFLAG_HS_COMPLETE 0x02
/* /*
Cipher types Cipher types
*/ */
skipping to change at line 459 skipping to change at line 464
#ifdef USE_CLIENT_SIDE_SSL #ifdef USE_CLIENT_SIDE_SSL
int32 certMatch; int32 certMatch;
#endif /* USE_CLIENT_SIDE_SSL */ #endif /* USE_CLIENT_SIDE_SSL */
psDigestContext_t msgHashMd5; psDigestContext_t msgHashMd5;
psDigestContext_t msgHashSha1; psDigestContext_t msgHashSha1;
psCipherContext_t encryptCtx; psCipherContext_t encryptCtx;
psCipherContext_t decryptCtx; psCipherContext_t decryptCtx;
int32 anon; int32 anon;
} sslSec_t; } sslSec_t;
typedef struct { typedef struct {
unsigned short ident; uint16 ident; /* Official cipher ID */
int32 type; uint16 type; /* Key exchange method */
uint32 flags; /* from CRYPTO_FLAGS_* */
unsigned char macSize; unsigned char macSize;
unsigned char keySize; unsigned char keySize;
unsigned char ivSize; unsigned char ivSize;
unsigned char blockSize; unsigned char blockSize;
/* Init function */ /* Init function */
int32 (*init)(sslSec_t *sec, int32 type, uint32 keysize); int32 (*init)(sslSec_t *sec, int32 type, uint32 keysize);
/* Cipher functions */ /* Cipher functions */
int32 (*encrypt)(psCipherContext_t *ctx, unsigned char *in, int32 (*encrypt)(psCipherContext_t *ctx, unsigned char *in,
unsigned char *out, uint32 len); unsigned char *out, uint32 len);
int32 (*decrypt)(psCipherContext_t *ctx, unsigned char *in, int32 (*decrypt)(psCipherContext_t *ctx, unsigned char *in,
skipping to change at line 520 skipping to change at line 527
sslSec_t sec; /* Security structur e */ sslSec_t sec; /* Security structur e */
sslKeys_t *keys; /* SSL public and pr ivate keys */ sslKeys_t *keys; /* SSL public and pr ivate keys */
psPool_t *sPool; /* SSL session pool */ psPool_t *sPool; /* SSL session pool */
psPool_t *hsPool; /* Full session hand shake pool */ psPool_t *hsPool; /* Full session hand shake pool */
unsigned char sessionIdLen; unsigned char sessionIdLen;
char sessionId[SSL_MAX_SESSION_ID_SIZE]; char sessionId[SSL_MAX_SESSION_ID_SIZE];
sslSessionId_t *sid; sslSessionId_t *sid;
#ifdef USE_SERVER_SIDE_SSL
uint16 disabledCiphers[SSL_MAX_DISABLED_CIPHERS];
#endif /* USE_SERVER_SIDE_SSL */
unsigned char *inbuf; unsigned char *inbuf;
unsigned char *outbuf; unsigned char *outbuf;
int32 inlen; /* Bytes unprocessed in inbu f */ int32 inlen; /* Bytes unprocessed in inbu f */
int32 outlen; /* Bytes unsent in outbuf */ int32 outlen; /* Bytes unsent in outbuf */
int32 insize; /* Total allocated size of i nbuf */ int32 insize; /* Total allocated size of i nbuf */
int32 outsize; /* Total allocated size of o utbuf */ int32 outsize; /* Total allocated size of o utbuf */
uint32 bFlags; /* Buffer related flags */ uint32 bFlags; /* Buffer related flags */
/* Pointer to the negotiated cipher information */ /* Pointer to the negotiated cipher information */
 End of changes. 8 change blocks. 
15 lines changed or deleted 26 lines changed or added


 osdep.h   osdep.h 
/* /*
* osdep.h * osdep.h
* Operating System and Hardware Abstraction Layer * Operating System and Hardware Abstraction Layer
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 36 skipping to change at line 36
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* http://www.gnu.org/copyleft/gpl.html * http://www.gnu.org/copyleft/gpl.html
*/ */
/************************************************************************** ****/ /************************************************************************** ****/
#ifndef _h_PS_PLATFORM #ifndef _h_PS_PLATFORM
#define _h_PS_PLATFORM #define _h_PS_PLATFORM
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Standard types APIs that must be implemented on every platform
POSIX define is used for Linux and Mac OS X */
extern int osdepTraceOpen(void);
extern void osdepTraceClose(void);
extern int osdepTimeOpen(void);
extern void osdepTimeClose(void);
extern int osdepEntropyOpen(void);
extern void osdepEntropyClose(void);
#ifdef HALT_ON_PS_ERROR
extern void osdepBreak(void);
#endif
#ifndef min
#define min(a,b) (((a) < (b)) ? (a) : (b))
#endif /* min */
/**************************************************************************
****/
/*
If the Makefile specifies that PeerSec MatrixSSL does not currently hav
e
a layer for the given OS, or the port is to "bare metal" hardware,
do basic defines here and include externally provided file "matrixos.h"
.
In addition, if building for such a platform, a C file defining the abo
ve
functions must be linked with the final executable.
*/
#ifdef PS_UNSUPPORTED_OS
#define PSPUBLIC extern
#define likely(x) x
#define unlikely(x) x
#include "matrixos.h"
#else
/**************************************************************************
****/
/*
Supported Platforms below. The implementations of the apis are in
platform specific directories, such as core/POSIX and core/ECOS
POSIX define is used for Linux and Mac OS X
*/ */
#include <stdio.h> #include <stdio.h>
#ifndef POSIX #ifndef POSIX
#if defined(LINUX) || defined(OSX) #if defined(LINUX) || defined(OSX)
#define POSIX #define POSIX
#endif #endif
#endif #endif
/* Branch hints for GCC. */ /* Branch hints for GCC. */
#ifdef __GNUC__ #ifdef __GNUC__
#define likely(x) __builtin_expect((x), 1) #define likely(x) __builtin_expect((x), 1)
#define unlikely(x) __builtin_expect((x), 0) #define unlikely(x) __builtin_expect((x), 0)
#else #else
#define likely(x) x #define likely(x) x
#define unlikely(x) x #define unlikely(x) x
#endif #endif
#ifdef POSIX #ifdef POSIX
#include <stdint.h> #include <stdint.h>
typedef int32_t int32; typedef int32_t int32;
typedef uint32_t uint32; typedef uint32_t uint32;
/* 64 bit native integers */ typedef int16_t int16;
#ifdef HAVE_NATIVE_INT64 typedef uint16_t uint16;
#ifdef HAVE_NATIVE_INT64
typedef int64_t int64; typedef int64_t int64;
typedef uint64_t uint64; typedef uint64_t uint64;
#endif #endif
#endif /* POSIX */ #endif /* POSIX */
#ifdef WIN32 #ifdef WIN32
#include <windows.h> #include <windows.h>
typedef signed long int32; typedef signed long int32;
typedef unsigned long uint32; typedef unsigned long uint32;
#ifdef HAVE_NATIVE_INT64 typedef signed short int16;
typedef unsigned short uint16;
#ifdef HAVE_NATIVE_INT64
typedef unsigned long long uint64; typedef unsigned long long uint64;
typedef signed long long int64; typedef signed long long int64;
#endif #endif
#endif /* WIN32 */ #endif /* WIN32 */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Internal os core APIs Hardware Abstraction Layer
NOTE: If the compile is failing here the os is probably not set
as a compile-time definition (POSIX, WIN32, ...)
*/ */
extern int32 osdepTraceOpen(void);
extern int32 osdepTraceClose(void);
extern int32 osdepTimeOpen(void);
extern int32 osdepTimeClose(void);
extern int32 osdepEntropyOpen(void);
extern int32 osdepEntropyClose(void);
#ifdef HALT_ON_PS_ERROR
extern void osdepBreak(void);
#endif
#define halAlert() #define halAlert()
/************************************************************************** ****/ /************************************************************************** ****/
#ifdef USE_MULTITHREADING
/**************************************************************************
****/
/*
Defines to make library multithreading safe
*/
/**************************************************************************
****/
/*
Mutex
*/
extern int32 osdepMutexOpen(void);
extern int32 osdepMutexClose(void);
/*
OS-specific psMutex_t types
*/
#ifdef WIN32
/**************************************************************************
****/
typedef CRITICAL_SECTION psMutex_t;
/**************************************************************************
****/
#elif POSIX
/**************************************************************************
****/
#include <pthread.h>
#include <string.h>
typedef pthread_mutex_t psMutex_t;
/**************************************************************************
****/
#elif VXWORKS
/**************************************************************************
****/
#include "semLib.h"
typedef SEM_ID psMutex_t;
/**************************************************************************
****/
#endif /* OS specific mutex */
/**************************************************************************
****/
#endif /* USE_MULTITHREADING */
/**************************************************************************
****/
/**************************************************************************
****/
#ifdef USE_FILE_SYSTEM
/**************************************************************************
****/
#ifdef POSIX
#include <sys/stat.h>
#endif /* POSIX */
#endif /* USE_FILE_SYSTEM */
/**************************************************************************
****/
#ifndef min
#define min(a,b) (((a) < (b)) ? (a) : (b))
#endif /* min */
/**************************************************************************
****/
/* /*
OS-specific psTime_t types OS-specific psTime_t types
Make psTime_t an opaque time value. Make psTime_t an opaque time value.
*/ */
#ifdef WIN32 #ifdef WIN32
typedef LARGE_INTEGER psTime_t; typedef LARGE_INTEGER psTime_t;
#endif #endif
#ifdef VXWORKS #ifdef VXWORKS
typedef struct { typedef struct {
long sec; long sec;
long usec; long usec;
} psTime_t; } psTime_t;
#endif #endif
/* #define USE_HIGHRES_TIME */
#ifdef POSIX #ifdef POSIX
#include <sys/time.h> #include <sys/time.h>
#include <time.h> #include <time.h>
typedef struct timeval psTime_t; typedef struct timeval psTime_t;
#endif #endif
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
PSPUBLIC magic for Win DLLs Export or import functions for Windows DLLs
*/ */
#ifndef _USRDLL #ifdef WIN32
#ifdef WIN32 #ifndef _USRDLL
#define PSPUBLIC extern __declspec(dllimport) #define PSPUBLIC extern __declspec(dllimport)
#endif /* WIN32 */ #else
#else /* h_EXPORT_SYMOBOLS */ #define PSPUBLIC extern __declspec(dllexport)
#ifdef WIN32 #endif
#define PSPUBLIC extern __declspec(dllexport) #else
#endif /* WIN */ #define PSPUBLIC extern
#endif /* h_EXPORT_SYMOBOLS */
#ifndef WIN32
#define PSPUBLIC extern
#endif /* !WIN */ #endif /* !WIN */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Raw trace and error Raw trace and error
*/ */
PSPUBLIC void _psTrace(char *msg); PSPUBLIC void _psTrace(char *msg);
PSPUBLIC void _psTraceInt(char *msg, int32 val); PSPUBLIC void _psTraceInt(char *msg, int32 val);
PSPUBLIC void _psTraceStr(char *msg, char *val); PSPUBLIC void _psTraceStr(char *msg, char *val);
PSPUBLIC void _psTracePtr(char *message, void *value); PSPUBLIC void _psTracePtr(char *message, void *value);
skipping to change at line 242 skipping to change at line 206
_psError(a); _psError(a);
#define psErrorStr(a,b) \ #define psErrorStr(a,b) \
halAlert();_psTraceStr("psError %s", __FILE__);_psTraceInt(":%d ", __LINE_ _); \ halAlert();_psTraceStr("psError %s", __FILE__);_psTraceInt(":%d ", __LINE_ _); \
_psErrorStr(a,b) _psErrorStr(a,b)
#define psErrorInt(a,b) \ #define psErrorInt(a,b) \
halAlert();_psTraceStr("psError %s", __FILE__);_psTraceInt(":%d ", __LINE_ _); \ halAlert();_psTraceStr("psError %s", __FILE__);_psTraceInt(":%d ", __LINE_ _); \
_psErrorInt(a,b) _psErrorInt(a,b)
/**************************************************************************
****/
/*
OS specific file system apis
*/
#ifdef PS_USE_FILE_SYSTEM
#ifdef POSIX
#include <sys/stat.h>
#endif /* POSIX */
#endif /* PS_USE_FILE_SYSTEM */
#ifdef USE_MULTITHREADING
/**************************************************************************
****/
/*
Defines to make library multithreading safe
*/
extern int32 osdepMutexOpen(void);
extern int32 osdepMutexClose(void);
#ifdef WIN32
typedef CRITICAL_SECTION psMutex_t;
#elif POSIX
#include <pthread.h>
#include <string.h>
typedef pthread_mutex_t psMutex_t;
#elif VXWORKS
#include "semLib.h"
typedef SEM_ID psMutex_t;
#else
#error psMutex_t must be defined
#endif /* OS specific mutex */
#endif /* USE_MULTITHREADING */
/**************************************************************************
****/
#endif /* !PS_UNSUPPORTED_OS */
#endif /* _h_PS_PLATFORM */ #endif /* _h_PS_PLATFORM */
 End of changes. 19 change blocks. 
118 lines changed or deleted 111 lines changed or added


 prng.h   prng.h 
/* /*
* prng.h * prng.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added


 psmalloc.h   psmalloc.h 
/* /*
* psmalloc.h * psmalloc.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Header for psMalloc functions * Header for psMalloc functions
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 35 skipping to change at line 35
* You should have received a copy of the GNU General Public License * You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software * along with this program; if not, write to the Free Software
* Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
* http://www.gnu.org/copyleft/gpl.html * http://www.gnu.org/copyleft/gpl.html
*/ */
/************************************************************************** ****/ /************************************************************************** ****/
#ifndef _h_PS_MALLOC #ifndef _h_PS_MALLOC
#define _h_PS_MALLOC #define _h_PS_MALLOC
/**************************************************************************
****/
/*
*/
#ifdef PS_UNSUPPORTED_OS
#include "matrixos.h"
#else
/**************************************************************************
****/
/*
*/
#include <string.h> /* memset, memcpy */ #include <string.h> /* memset, memcpy */
/************************************************************************** ****/ /************************************************************************** ****/
/************************************************************************** ****/
/* /*
Native memory routines Native memory routines
*/ */
#include <stdlib.h> /* malloc, free, etc... */ #include <stdlib.h> /* malloc, free, etc... */
#define MAX_MEMORY_USAGE 0 #define MAX_MEMORY_USAGE 0
#define psOpenMalloc() 0 #define psOpenMalloc() 0
#define psCloseMalloc() #define psCloseMalloc()
#define psDefineHeap(A, B) #define psDefineHeap(A, B)
#define psAddPoolCache(A, B) #define psAddPoolCache(A, B)
skipping to change at line 61 skipping to change at line 70
#define psMallocNoPool malloc #define psMallocNoPool malloc
#define psRealloc realloc #define psRealloc realloc
#define psFree free #define psFree free
#define psMemset memset #define psMemset memset
#define psMemcpy memcpy #define psMemcpy memcpy
typedef int32 psPool_t; typedef int32 psPool_t;
/************************************************************************** ****/ /************************************************************************** ****/
#endif /* !PS_UNSUPPORTED_OS */
#endif /* _h_PS_MALLOC */ #endif /* _h_PS_MALLOC */
/************************************************************************** ****/ /************************************************************************** ****/
 End of changes. 5 change blocks. 
3 lines changed or deleted 15 lines changed or added


 pstm.h   pstm.h 
/* /*
* pstm.h * pstm.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* multiple-precision integer library * multiple-precision integer library
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 112 skipping to change at line 112
#define PSTM_MEM PS_MEM_FAIL #define PSTM_MEM PS_MEM_FAIL
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Various build options Various build options
*/ */
#define PSTM_DEFAULT_INIT 64 /* default (64) digits of allocation */ #define PSTM_DEFAULT_INIT 64 /* default (64) digits of allocation */
#define PSTM_MAX_SIZE 4096 #define PSTM_MAX_SIZE 4096
typedef struct { typedef struct {
int32 used, alloc, sign; int16 used, alloc, sign;
pstm_digit *dp; pstm_digit *dp;
} pstm_int; } pstm_int;
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Operations on large integers Operations on large integers
*/ */
#define pstm_iszero(a) (((a)->used == 0) ? PS_TRUE : PS_FALSE) #define pstm_iszero(a) (((a)->used == 0) ? PS_TRUE : PS_FALSE)
#define pstm_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? PS_TRU E : PS_FALSE) #define pstm_iseven(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 0)) ? PS_TRU E : PS_FALSE)
#define pstm_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? PS_TRU E : PS_FALSE) #define pstm_isodd(a) (((a)->used > 0 && (((a)->dp[0] & 1) == 1)) ? PS_TRU E : PS_FALSE)
skipping to change at line 134 skipping to change at line 134
extern void pstm_set(pstm_int *a, pstm_digit b); extern void pstm_set(pstm_int *a, pstm_digit b);
extern void pstm_zero(pstm_int * a); extern void pstm_zero(pstm_int * a);
extern int32 pstm_init(psPool_t *pool, pstm_int * a); extern int32 pstm_init(psPool_t *pool, pstm_int * a);
extern int32 pstm_init_size(psPool_t *pool, pstm_int * a, uint32 size); extern int32 pstm_init_size(psPool_t *pool, pstm_int * a, uint32 size);
extern int32 pstm_init_copy(psPool_t *pool, pstm_int * a, pstm_int * b, extern int32 pstm_init_copy(psPool_t *pool, pstm_int * a, pstm_int * b,
int32 toSqr); int16 toSqr);
extern int32 pstm_count_bits (pstm_int * a); extern int16 pstm_count_bits (pstm_int * a);
extern int32 pstm_init_for_read_unsigned_bin(psPool_t *pool, pstm_int *a, extern int32 pstm_init_for_read_unsigned_bin(psPool_t *pool, pstm_int *a,
uint32 len); uint32 len);
extern int32 pstm_read_unsigned_bin(pstm_int *a, unsigned char *b, int32 c) ; extern int32 pstm_read_unsigned_bin(pstm_int *a, unsigned char *b, int32 c) ;
extern int32 pstm_unsigned_bin_size(pstm_int *a); extern int32 pstm_unsigned_bin_size(pstm_int *a);
extern int32 pstm_copy(pstm_int * a, pstm_int * b); extern int32 pstm_copy(pstm_int * a, pstm_int * b);
extern void pstm_clear(pstm_int * a); extern void pstm_clear(pstm_int * a);
extern void pstm_clear_multi(pstm_int *mp0, pstm_int *mp1, pstm_int *mp2, extern void pstm_clear_multi(pstm_int *mp0, pstm_int *mp1, pstm_int *mp2,
pstm_int *mp3, pstm_int *mp4, pstm_int *mp5, pstm_int *mp6, pstm_int *mp3, pstm_int *mp4, pstm_int *mp5, pstm_int *mp6,
pstm_int *mp7); pstm_int *mp7);
extern int32 pstm_grow(pstm_int * a, int32 size); extern int32 pstm_grow(pstm_int * a, int16 size);
extern void pstm_clamp(pstm_int * a); extern void pstm_clamp(pstm_int * a);
extern int32 pstm_cmp(pstm_int * a, pstm_int * b); extern int32 pstm_cmp(pstm_int * a, pstm_int * b);
extern int32 pstm_cmp_mag(pstm_int * a, pstm_int * b); extern int32 pstm_cmp_mag(pstm_int * a, pstm_int * b);
extern void pstm_rshd(pstm_int *a, int32 x); extern void pstm_rshd(pstm_int *a, int16 x);
extern int32 pstm_lshd(pstm_int * a, int32 b); extern int32 pstm_lshd(pstm_int * a, int16 b);
extern int32 pstm_div(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c , extern int32 pstm_div(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c ,
pstm_int *d); pstm_int *d);
extern int32 pstm_div_2d(psPool_t *pool, pstm_int *a, int32 b, pstm_int *c, extern int32 pstm_div_2d(psPool_t *pool, pstm_int *a, int16 b, pstm_int *c,
pstm_int *d); pstm_int *d);
extern int32 pstm_div_2(pstm_int * a, pstm_int * b); extern int32 pstm_div_2(pstm_int * a, pstm_int * b);
extern int32 s_pstm_sub(pstm_int *a, pstm_int *b, pstm_int *c); extern int32 s_pstm_sub(pstm_int *a, pstm_int *b, pstm_int *c);
extern int32 pstm_sub(pstm_int *a, pstm_int *b, pstm_int *c); extern int32 pstm_sub(pstm_int *a, pstm_int *b, pstm_int *c);
extern int32 pstm_sub_d(psPool_t *pool, pstm_int *a, pstm_digit b, pstm_int *c); extern int32 pstm_sub_d(psPool_t *pool, pstm_int *a, pstm_digit b, pstm_int *c);
extern int32 pstm_mul_2(pstm_int * a, pstm_int * b); extern int32 pstm_mul_2(pstm_int * a, pstm_int * b);
extern int32 pstm_mod(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c ); extern int32 pstm_mod(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c );
extern int32 pstm_mulmod(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c, extern int32 pstm_mulmod(psPool_t *pool, pstm_int *a, pstm_int *b, pstm_int *c,
pstm_int *d); pstm_int *d);
extern int32 pstm_exptmod(psPool_t *pool, pstm_int *G, pstm_int *X, pstm_in t *P, extern int32 pstm_exptmod(psPool_t *pool, pstm_int *G, pstm_int *X, pstm_in t *P,
pstm_int *Y); pstm_int *Y);
extern int32 pstm_2expt(pstm_int *a, int32 b); extern int32 pstm_2expt(pstm_int *a, int16 b);
extern int32 pstm_add(pstm_int *a, pstm_int *b, pstm_int *c); extern int32 pstm_add(pstm_int *a, pstm_int *b, pstm_int *c);
extern int32 pstm_to_unsigned_bin(psPool_t *pool, pstm_int *a, extern int32 pstm_to_unsigned_bin(psPool_t *pool, pstm_int *a,
unsigned char *b); unsigned char *b);
extern int32 pstm_montgomery_setup(pstm_int *a, pstm_digit *rho); extern int32 pstm_montgomery_setup(pstm_int *a, pstm_digit *rho);
extern int32 pstm_montgomery_reduce(psPool_t *pool, pstm_int *a, pstm_int * m, extern int32 pstm_montgomery_reduce(psPool_t *pool, pstm_int *a, pstm_int * m,
pstm_digit mp, pstm_digit *paD, uint32 paDle n); pstm_digit mp, pstm_digit *paD, uint32 paDle n);
 End of changes. 10 change blocks. 
10 lines changed or deleted 10 lines changed or added


 pubkey.h   pubkey.h 
/* /*
* pubkey.h * pubkey.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
skipping to change at line 45 skipping to change at line 45
/* Public Key types for psPubKey_t */ /* Public Key types for psPubKey_t */
#define PS_RSA 1 #define PS_RSA 1
#define PS_ECC 2 #define PS_ECC 2
#define PS_DH 3 #define PS_DH 3
/* Sig types */ /* Sig types */
#define RSA_TYPE_SIG 5 #define RSA_TYPE_SIG 5
#define DSA_TYPE_SIG 6 #define DSA_TYPE_SIG 6
/*
Pub key speed or size optimization handling
*/
#if defined(PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED) && defined(PS_PUBKEY_OP
TIMIZE_FOR_SMALLER_RAM)
#error "May only enable either PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED or PS_PU
BKEY_OPTIMIZE_FOR_SMALLER_RAM"
#endif
#if !defined(PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED) && !defined(PS_PUBKEY_OPT
IMIZE_FOR_SMALLER_RAM)
#define PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM
#endif
#ifdef PS_PUBKEY_OPTIMIZE_FOR_SMALLER_RAM
#define PS_EXPTMOD_WINSIZE 3
#endif
#ifdef PS_PUBKEY_OPTIMIZE_FOR_FASTER_SPEED
#define PS_EXPTMOD_WINSIZE 5
#endif
/************************************************************************** ****/ /************************************************************************** ****/
#ifdef USE_RSA #ifdef USE_RSA
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Primary RSA Key struct. Define here for crypto Primary RSA Key struct. Define here for crypto
*/ */
typedef struct { typedef struct {
pstm_int e, d, N, qP, dP, dQ, p, q; pstm_int e, d, N, qP, dP, dQ, p, q;
uint32 size; /* Size of the key in bytes */ uint32 size; /* Size of the key in bytes */
int32 optimized; /* 1 for optimized */ int32 optimized; /* 1 for optimized */
 End of changes. 3 change blocks. 
2 lines changed or deleted 24 lines changed or added


 symmetric.h   symmetric.h 
/* /*
* symmetric.h * symmetric.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
* *
* Header for internal symmetric key cryptography support * Header for internal symmetric key cryptography support
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added


 version.h   version.h 
/* /*
Copyright 2010 PeerSec Networks, Inc. Copyright 2011 PeerSec Networks, Inc.
This file is auto-generated This file is auto-generated
*/ */
#ifndef _h_MATRIXSSL_VERSION #ifndef _h_MATRIXSSL_VERSION
#define _h_MATRIXSSL_VERSION #define _h_MATRIXSSL_VERSION
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#define MATRIXSSL_VERSION "3.1.3-OPEN" #define MATRIXSSL_VERSION "3.1.4-OPEN"
#define MATRIXSSL_VERSION_MAJOR 3 #define MATRIXSSL_VERSION_MAJOR 3
#define MATRIXSSL_VERSION_MINOR 1 #define MATRIXSSL_VERSION_MINOR 1
#define MATRIXSSL_VERSION_PATCH 3 #define MATRIXSSL_VERSION_PATCH 4
#define MATRIXSSL_VERSION_CODE "OPEN" #define MATRIXSSL_VERSION_CODE "OPEN"
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* _h_MATRIXSSL_VERSION */ #endif /* _h_MATRIXSSL_VERSION */
 End of changes. 3 change blocks. 
3 lines changed or deleted 3 lines changed or added


 x509.h   x509.h 
/* /*
* x509.h * x509.h
* Release $Name: MATRIXSSL-3-1-3-OPEN $ * Release $Name: MATRIXSSL-3-1-4-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2010. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
* This General Public License does NOT permit incorporating this softw are * This General Public License does NOT permit incorporating this softw are
* into proprietary programs. If you are unable to comply with the GPL , a * into proprietary programs. If you are unable to comply with the GPL , a
* commercial license for this software may be purchased from PeerSec N etworks * commercial license for this software may be purchased from PeerSec N etworks
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/