asn1.h   asn1.h 
/* /*
* asn1.h * asn1.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 coreApi.h   coreApi.h 
/* /*
* coreApi.h * coreApi.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Prototypes for the PeerSec core public APIs * Prototypes for the PeerSec core public APIs
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
skipping to change at line 65 skipping to change at line 65
/* NOTE: The range for core error codes should be between -2 and -29 */ /* NOTE: The range for core error codes should be between -2 and -29 */
#define PS_ARG_FAIL -6 /* Failure due to bad functi on param */ #define PS_ARG_FAIL -6 /* Failure due to bad functi on param */
#define PS_PLATFORM_FAIL -7 /* Failure as a result of system cal l error */ #define PS_PLATFORM_FAIL -7 /* Failure as a result of system cal l error */
#define PS_MEM_FAIL -8 /* Failure to allocate reque sted memory */ #define PS_MEM_FAIL -8 /* Failure to allocate reque sted memory */
#define PS_LIMIT_FAIL -9 /* Failure on sanity/limit tests */ #define PS_LIMIT_FAIL -9 /* Failure on sanity/limit tests */
#define PS_UNSUPPORTED_FAIL -10 /* Unimplemented feature error */ #define PS_UNSUPPORTED_FAIL -10 /* Unimplemented feature error */
#define PS_DISABLED_FEATURE_FAIL -11 /* Incorrect #define toggle for featur e */ #define PS_DISABLED_FEATURE_FAIL -11 /* Incorrect #define toggle for featur e */
#define PS_PROTOCOL_FAIL -12 /* A protocol error occurred */ #define PS_PROTOCOL_FAIL -12 /* A protocol error occurred */
#define PS_TIMEOUT_FAIL -13 /* A timeout occurred and MAY be an error */ #define PS_TIMEOUT_FAIL -13 /* A timeout occurred and MAY be an error */
#define PS_INTERRUPT_FAIL -14 /* An interrupt occurred and MAY be an e rror */ #define PS_INTERRUPT_FAIL -14 /* An interrupt occurred and MAY be an e rror */
#define PS_PENDING -15 /* In process. Not necessarily a n error */
#define PS_TRUE 1 #define PS_TRUE 1
#define PS_FALSE 0 #define PS_FALSE 0
/************************************************************************** ****/ /************************************************************************** ****/
/* Public structures */ /* Public structures */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
psBuf_t psBuf_t
Empty buffer: Empty buffer:
 End of changes. 2 change blocks. 
1 lines changed or deleted 2 lines changed or added


 coreConfig.h   coreConfig.h 
/* /*
* coreConfig.h * coreConfig.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Configuration settings for PeerSec core module * Configuration settings for PeerSec core module
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 cryptoApi.h   cryptoApi.h 
/* /*
* cryptoApi.h * cryptoApi.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Prototypes for the PeerSec crypto public APIs * Prototypes for the PeerSec crypto public APIs
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
skipping to change at line 193 skipping to change at line 194
#ifdef USE_RSA #ifdef USE_RSA
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Private Key Parsing Private Key Parsing
PKCS#1 - RSA specific PKCS#1 - RSA specific
PKCS#8 - General private key storage format PKCS#8 - General private key storage format
*/ */
#ifdef USE_PRIVATE_KEY_PARSING #ifdef USE_PRIVATE_KEY_PARSING
PSPUBLIC int32 pkcs1ParsePrivBin(psPool_t *pool, unsigned char *p, PSPUBLIC int32 pkcs1ParsePrivBin(psPool_t *pool, unsigned char *p,
uint32 size, psPubKey_t **key); uint32 size, psPubKey_t **key);
#ifdef USE_PKCS8
PSPUBLIC int32 pkcs8ParsePrivBin(psPool_t *pool, unsigned char *p,
int32 size, char *pass, psPubKey_t **key);
#endif /* USE_PKCS8 */
#ifdef PS_USE_FILE_SYSTEM #ifdef PS_USE_FILE_SYSTEM
PSPUBLIC int32 pkcs1ParsePrivFile(psPool_t *pool, char *fileName, PSPUBLIC int32 pkcs1ParsePrivFile(psPool_t *pool, char *fileName,
char *password, psPubKey_t **outkey); char *password, psPubKey_t **outkey);
PSPUBLIC int32 pkcs1DecodePrivFile(psPool_t *pool, char *fileName, PSPUBLIC int32 pkcs1DecodePrivFile(psPool_t *pool, char *fileName,
char *password, unsigned char **DERout, uint 32 *DERlen); char *password, unsigned char **DERout, uint 32 *DERlen);
#endif /* PS_USE_FILE_SYSTEM */ #endif /* PS_USE_FILE_SYSTEM */
#endif /* USE_PRIVATE_KEY_PARSING */ #endif /* USE_PRIVATE_KEY_PARSING */
#endif /* USE_RSA */ #endif /* USE_RSA */
/************************************************************************** ****/ /************************************************************************** ****/
 End of changes. 2 change blocks. 
1 lines changed or deleted 5 lines changed or added


 cryptoConfig.h   cryptoConfig.h 
/* /*
* cryptoConfig.h * cryptoConfig.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
skipping to change at line 111 skipping to change at line 111
#define USE_CERT_PARSE /* Usually required. USE_X509 must be enabled */ #define USE_CERT_PARSE /* Usually required. USE_X509 must be enabled */
/* #define USE_FULL_CERT_PARSE */ /* USE_CERT_PARSE must be enabled */ /* #define USE_FULL_CERT_PARSE */ /* USE_CERT_PARSE must be enabled */
#define USE_BASE64_DECODE #define USE_BASE64_DECODE
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
PKCS support PKCS support
*/ */
#define USE_PRIVATE_KEY_PARSING #define USE_PRIVATE_KEY_PARSING
#define USE_PKCS8 /* Alternative private key storage format */
/* #define USE_PKCS5 */ /* PBKDF key generation for encrypted private keys */ /* #define USE_PKCS5 */ /* PBKDF key generation for encrypted private keys */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
PRNG Algorithms PRNG Algorithms
*/ */
#define USE_YARROW #define USE_YARROW
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
All below here are configurable tweaks (do not need to touch, in genera l) All below here are configurable tweaks (do not need to touch, in genera l)
*/ */
#define USE_BURN_STACK /* #define USE_BURN_STACK */
#endif /* _h_PS_CRYPTOCONFIG */ #endif /* _h_PS_CRYPTOCONFIG */
/************************************************************************** ****/ /************************************************************************** ****/
 End of changes. 3 change blocks. 
2 lines changed or deleted 3 lines changed or added


 cryptolib.h   cryptolib.h 
/* /*
* cryptolib.h * cryptolib.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
skipping to change at line 104 skipping to change at line 104
RFC 3279 OID RFC 3279 OID
PeerSec uses an oid summing mechanism to arrive at these defines. PeerSec uses an oid summing mechanism to arrive at these defines.
The byte values of the OID are summed to produce a "relatively uniqu e" int The byte values of the OID are summed to produce a "relatively uniqu e" int
The duplicate defines do not pose a problem as long as they don't The duplicate defines do not pose a problem as long as they don't
exist in the same OID groupings exist in the same OID groupings
*/ */
#ifdef USE_X509 #ifdef USE_X509
/* Raw digest algorithms */ /* Raw digest algorithms */
#define OID_SHA1_ALG 88 #define OID_SHA1_ALG 88
#define OID_SHA256_ALG 414
#define OID_SHA512_ALG 416
#define OID_MD2_ALG 646 #define OID_MD2_ALG 646
#define OID_MD5_ALG 649 #define OID_MD5_ALG 649
/* Signature algorithms */ /* Signature algorithms */
#define OID_MD2_RSA_SIG 646 #define OID_MD2_RSA_SIG 646
#define OID_MD5_RSA_SIG 648 /* 42.134.72.134.247.13. 1.1.4 */ #define OID_MD5_RSA_SIG 648 /* 42.134.72.134.247.13. 1.1.4 */
#define OID_SHA1_RSA_SIG 649 /* 42.134.72.134.247.13.1.1.5 */ #define OID_SHA1_RSA_SIG 649 /* 42.134.72.134.247.13.1.1.5 */
#define OID_SHA256_RSA_SIG 655 /* 42.134.72.134.247.13.1.1.11 *
/
#define OID_SHA512_RSA_SIG 657 /* 42.134.72.134.247.13.1.1.13 *
/
#define OID_SHA1_ECDSA_SIG 520 /* 42.134.72.206.61.4.1 */ #define OID_SHA1_ECDSA_SIG 520 /* 42.134.72.206.61.4.1 */
#define OID_SHA224_ECDSA_SIG 523 /* 42.134.72.206.61.4.3.1 */ #define OID_SHA224_ECDSA_SIG 523 /* 42.134.72.206.61.4.3.1 */
#define OID_SHA256_ECDSA_SIG 524 /* 42.134.72.206.61.4.3.2 */ #define OID_SHA256_ECDSA_SIG 524 /* 42.134.72.206.61.4.3.2 */
#define OID_SHA384_ECDSA_SIG 525 /* 42.134.72.206.61.4.3.3 */
#define OID_SHA512_ECDSA_SIG 526 /* 42.134.72.206.61.4.3.4 */
#endif /* USE_X509 */ #endif /* USE_X509 */
/* Public key algorithms */ /* Public key algorithms */
#define OID_RSA_KEY_ALG 645 /* 42.134.72.134.247.13. 1.1.1 */ #define OID_RSA_KEY_ALG 645 /* 42.134.72.134.247.13. 1.1.1 */
#define OID_ECDSA_KEY_ALG 518 /* 42.134.72.206.61.2.1 */ #define OID_ECDSA_KEY_ALG 518 /* 42.134.72.206.61.2.1 */
#ifdef USE_PKCS5 #ifdef USE_PKCS5
#define OID_DES_EDE3_CBC 652 /* 42.134.72.134.247.13.3.7 */ #define OID_DES_EDE3_CBC 652 /* 42.134.72.134.247.13.3.7 */
#define OID_PKCS_PBKDF2 660 /* 42.134.72.134.247.13. 1.5.12 */ #define OID_PKCS_PBKDF2 660 /* 42.134.72.134.247.13. 1.5.12 */
skipping to change at line 142 skipping to change at line 148
#define CRYPTO_FLAGS_ARC4 0x08 #define CRYPTO_FLAGS_ARC4 0x08
#define CRYPTO_FLAGS_SEED 0x10 #define CRYPTO_FLAGS_SEED 0x10
#define CRYPTO_FLAGS_SHA1 0x20 #define CRYPTO_FLAGS_SHA1 0x20
#define CRYPTO_FLAGS_MD5 0x40 #define CRYPTO_FLAGS_MD5 0x40
#define CRYPTO_FLAGS_TLS 0x80 #define CRYPTO_FLAGS_TLS 0x80
#define CRYPTO_FLAGS_INBOUND 0x100 #define CRYPTO_FLAGS_INBOUND 0x100
#define CRYPTO_FLAGS_ARC4INIT 0x200 #define CRYPTO_FLAGS_ARC4INIT 0x200
#define CRYPTO_FLAGS_BLOCKING 0x400
#define CRYPTO_FLAGS_DISABLED 0x800 #define CRYPTO_FLAGS_DISABLED 0x800
/************************************************************************** ****/ /************************************************************************** ****/
#define CRYPT_INVALID_KEYSIZE -21 #define CRYPT_INVALID_KEYSIZE -21
#define CRYPT_INVALID_ROUNDS -22 #define CRYPT_INVALID_ROUNDS -22
/************************************************************************** ****/ /************************************************************************** ****/
/* 32-bit Rotates */ /* 32-bit Rotates */
skipping to change at line 263 skipping to change at line 270
(y)[6] = (unsigned char)(((x)>>48)&255); \ (y)[6] = (unsigned char)(((x)>>48)&255); \
(y)[5] = (unsigned char)(((x)>>40)&255); \ (y)[5] = (unsigned char)(((x)>>40)&255); \
(y)[4] = (unsigned char)(((x)>>32)&255); \ (y)[4] = (unsigned char)(((x)>>32)&255); \
(y)[3] = (unsigned char)(((x)>>24)&255); \ (y)[3] = (unsigned char)(((x)>>24)&255); \
(y)[2] = (unsigned char)(((x)>>16)&255); \ (y)[2] = (unsigned char)(((x)>>16)&255); \
(y)[1] = (unsigned char)(((x)>>8)&255); \ (y)[1] = (unsigned char)(((x)>>8)&255); \
(y)[0] = (unsigned char)((x)&255); \ (y)[0] = (unsigned char)((x)&255); \
} }
#define LOAD64L(x, y) { \ #define LOAD64L(x, y) { \
x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48)| \ x = (((uint64)((y)[7] & 255))<<56)|(((uint64)((y)[6] & 255))<<48)| \
(((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32)| \ (((uint64)((y)[5] & 255))<<40)|(((uint64)((y)[4] & 255))<<32)| \
(((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16)| \ (((uint64)((y)[3] & 255))<<24)|(((uint64)((y)[2] & 255))<<16)| \
(((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); \ (((uint64)((y)[1] & 255))<<8)|(((uint64)((y)[0] & 255))); \
} }
#define STORE32H(x, y) { \ #define STORE32H(x, y) { \
(y)[0] = (unsigned char)(((x)>>24)&255); \ (y)[0] = (unsigned char)(((x)>>24)&255); \
(y)[1] = (unsigned char)(((x)>>16)&255); \ (y)[1] = (unsigned char)(((x)>>16)&255); \
(y)[2] = (unsigned char)(((x)>>8)&255); \ (y)[2] = (unsigned char)(((x)>>8)&255); \
(y)[3] = (unsigned char)((x)&255); \ (y)[3] = (unsigned char)((x)&255); \
} }
#define LOAD32H(x, y) { \ #define LOAD32H(x, y) { \
skipping to change at line 295 skipping to change at line 302
(y)[1] = (unsigned char)(((x)>>48)&255); \ (y)[1] = (unsigned char)(((x)>>48)&255); \
(y)[2] = (unsigned char)(((x)>>40)&255); \ (y)[2] = (unsigned char)(((x)>>40)&255); \
(y)[3] = (unsigned char)(((x)>>32)&255); \ (y)[3] = (unsigned char)(((x)>>32)&255); \
(y)[4] = (unsigned char)(((x)>>24)&255); \ (y)[4] = (unsigned char)(((x)>>24)&255); \
(y)[5] = (unsigned char)(((x)>>16)&255); \ (y)[5] = (unsigned char)(((x)>>16)&255); \
(y)[6] = (unsigned char)(((x)>>8)&255); \ (y)[6] = (unsigned char)(((x)>>8)&255); \
(y)[7] = (unsigned char)((x)&255); \ (y)[7] = (unsigned char)((x)&255); \
} }
#define LOAD64H(x, y) { \ #define LOAD64H(x, y) { \
x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \ x = (((uint64)((y)[0] & 255))<<56)|(((uint64)((y)[1] & 255))<<48) | \
(((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32) | \ (((uint64)((y)[2] & 255))<<40)|(((uint64)((y)[3] & 255))<<32) | \
(((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16) | \ (((uint64)((y)[4] & 255))<<24)|(((uint64)((y)[5] & 255))<<16) | \
(((ulong64)((y)[6] & 255))<<8)|(((ulong64)((y)[7] & 255))); \ (((uint64)((y)[6] & 255))<<8)|(((uint64)((y)[7] & 255))); \
} }
#endif /* ENDIAN_NEUTRAL */ #endif /* ENDIAN_NEUTRAL */
#ifdef ENDIAN_LITTLE #ifdef ENDIAN_LITTLE
#define STORE32H(x, y) { \ #define STORE32H(x, y) { \
(y)[0] = (unsigned char)(((x)>>24)&255); \ (y)[0] = (unsigned char)(((x)>>24)&255); \
(y)[1] = (unsigned char)(((x)>>16)&255); \ (y)[1] = (unsigned char)(((x)>>16)&255); \
(y)[2] = (unsigned char)(((x)>>8)&255); \ (y)[2] = (unsigned char)(((x)>>8)&255); \
skipping to change at line 331 skipping to change at line 338
(y)[1] = (unsigned char)(((x)>>48)&255); \ (y)[1] = (unsigned char)(((x)>>48)&255); \
(y)[2] = (unsigned char)(((x)>>40)&255); \ (y)[2] = (unsigned char)(((x)>>40)&255); \
(y)[3] = (unsigned char)(((x)>>32)&255); \ (y)[3] = (unsigned char)(((x)>>32)&255); \
(y)[4] = (unsigned char)(((x)>>24)&255); \ (y)[4] = (unsigned char)(((x)>>24)&255); \
(y)[5] = (unsigned char)(((x)>>16)&255); \ (y)[5] = (unsigned char)(((x)>>16)&255); \
(y)[6] = (unsigned char)(((x)>>8)&255); \ (y)[6] = (unsigned char)(((x)>>8)&255); \
(y)[7] = (unsigned char)((x)&255); \ (y)[7] = (unsigned char)((x)&255); \
} }
#define LOAD64H(x, y) { \ #define LOAD64H(x, y) { \
x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48) | \ x = (((uint64)((y)[0] & 255))<<56)|(((uint64)((y)[1] & 255))<<48) | \
(((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32) | \ (((uint64)((y)[2] & 255))<<40)|(((uint64)((y)[3] & 255))<<32) | \
(((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16) | \ (((uint64)((y)[4] & 255))<<24)|(((uint64)((y)[5] & 255))<<16) | \
(((ulong64)((y)[6] & 255))<<8)|(((ulong64)((y)[7] & 255))); } (((uint64)((y)[6] & 255))<<8)|(((uint64)((y)[7] & 255))); }
#ifdef ENDIAN_32BITWORD #ifdef ENDIAN_32BITWORD
#define STORE32L(x, y) { \ #define STORE32L(x, y) { \
unsigned long __t = (x); memcpy(y, &__t, 4); \ unsigned long __t = (x); memcpy(y, &__t, 4); \
} }
#define LOAD32L(x, y) memcpy(&(x), y, 4); #define LOAD32L(x, y) memcpy(&(x), y, 4);
#define STORE64L(x, y) { \ #define STORE64L(x, y) { \
skipping to change at line 356 skipping to change at line 363
(y)[6] = (unsigned char)(((x)>>48)&255); \ (y)[6] = (unsigned char)(((x)>>48)&255); \
(y)[5] = (unsigned char)(((x)>>40)&255); \ (y)[5] = (unsigned char)(((x)>>40)&255); \
(y)[4] = (unsigned char)(((x)>>32)&255); \ (y)[4] = (unsigned char)(((x)>>32)&255); \
(y)[3] = (unsigned char)(((x)>>24)&255); \ (y)[3] = (unsigned char)(((x)>>24)&255); \
(y)[2] = (unsigned char)(((x)>>16)&255); \ (y)[2] = (unsigned char)(((x)>>16)&255); \
(y)[1] = (unsigned char)(((x)>>8)&255); \ (y)[1] = (unsigned char)(((x)>>8)&255); \
(y)[0] = (unsigned char)((x)&255); \ (y)[0] = (unsigned char)((x)&255); \
} }
#define LOAD64L(x, y) { \ #define LOAD64L(x, y) { \
x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48)| \ x = (((uint64)((y)[7] & 255))<<56)|(((uint64)((y)[6] & 255))<<48)| \
(((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32)| \ (((uint64)((y)[5] & 255))<<40)|(((uint64)((y)[4] & 255))<<32)| \
(((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16)| \ (((uint64)((y)[3] & 255))<<24)|(((uint64)((y)[2] & 255))<<16)| \
(((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); \ (((uint64)((y)[1] & 255))<<8)|(((uint64)((y)[0] & 255))); \
} }
#else /* 64-bit words then */ #else /* 64-bit words then */
#define STORE32L(x, y) \ #define STORE32L(x, y) \
{ unsigned long __t = (x); memcpy(y, &__t, 4); } { unsigned long __t = (x); memcpy(y, &__t, 4); }
#define LOAD32L(x, y) \ #define LOAD32L(x, y) \
{ memcpy(&(x), y, 4); x &= 0xFFFFFFFF; } { memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
#define STORE64L(x, y) \ #define STORE64L(x, y) \
{ ulong64 __t = (x); memcpy(y, &__t, 8); } { uint64 __t = (x); memcpy(y, &__t, 8); }
#define LOAD64L(x, y) \ #define LOAD64L(x, y) \
{ memcpy(&(x), y, 8); } { memcpy(&(x), y, 8); }
#endif /* ENDIAN_64BITWORD */ #endif /* ENDIAN_64BITWORD */
#endif /* ENDIAN_LITTLE */ #endif /* ENDIAN_LITTLE */
#ifdef ENDIAN_BIG #ifdef ENDIAN_BIG
#define STORE32L(x, y) { \ #define STORE32L(x, y) { \
skipping to change at line 407 skipping to change at line 414
(y)[6] = (unsigned char)(((x)>>48)&255); \ (y)[6] = (unsigned char)(((x)>>48)&255); \
(y)[5] = (unsigned char)(((x)>>40)&255); \ (y)[5] = (unsigned char)(((x)>>40)&255); \
(y)[4] = (unsigned char)(((x)>>32)&255); \ (y)[4] = (unsigned char)(((x)>>32)&255); \
(y)[3] = (unsigned char)(((x)>>24)&255); \ (y)[3] = (unsigned char)(((x)>>24)&255); \
(y)[2] = (unsigned char)(((x)>>16)&255); \ (y)[2] = (unsigned char)(((x)>>16)&255); \
(y)[1] = (unsigned char)(((x)>>8)&255); \ (y)[1] = (unsigned char)(((x)>>8)&255); \
(y)[0] = (unsigned char)((x)&255); \ (y)[0] = (unsigned char)((x)&255); \
} }
#define LOAD64L(x, y) { \ #define LOAD64L(x, y) { \
x = (((ulong64)((y)[7] & 255))<<56)|(((ulong64)((y)[6] & 255))<<48) | \ x = (((uint64)((y)[7] & 255))<<56)|(((uint64)((y)[6] & 255))<<48) | \
(((ulong64)((y)[5] & 255))<<40)|(((ulong64)((y)[4] & 255))<<32) | \ (((uint64)((y)[5] & 255))<<40)|(((uint64)((y)[4] & 255))<<32) | \
(((ulong64)((y)[3] & 255))<<24)|(((ulong64)((y)[2] & 255))<<16) | \ (((uint64)((y)[3] & 255))<<24)|(((uint64)((y)[2] & 255))<<16) | \
(((ulong64)((y)[1] & 255))<<8)|(((ulong64)((y)[0] & 255))); \ (((uint64)((y)[1] & 255))<<8)|(((uint64)((y)[0] & 255))); \
} }
#ifdef ENDIAN_32BITWORD #ifdef ENDIAN_32BITWORD
#define STORE32H(x, y) \ #define STORE32H(x, y) \
{ unsigned long __t = (x); memcpy(y, &__t, 4); } { unsigned long __t = (x); memcpy(y, &__t, 4); }
#define LOAD32H(x, y) memcpy(&(x), y, 4); #define LOAD32H(x, y) memcpy(&(x), y, 4);
#define STORE64H(x, y) { \ #define STORE64H(x, y) { \
skipping to change at line 432 skipping to change at line 439
(y)[1] = (unsigned char)(((x)>>48)&255); \ (y)[1] = (unsigned char)(((x)>>48)&255); \
(y)[2] = (unsigned char)(((x)>>40)&255); \ (y)[2] = (unsigned char)(((x)>>40)&255); \
(y)[3] = (unsigned char)(((x)>>32)&255); \ (y)[3] = (unsigned char)(((x)>>32)&255); \
(y)[4] = (unsigned char)(((x)>>24)&255); \ (y)[4] = (unsigned char)(((x)>>24)&255); \
(y)[5] = (unsigned char)(((x)>>16)&255); \ (y)[5] = (unsigned char)(((x)>>16)&255); \
(y)[6] = (unsigned char)(((x)>>8)&255); \ (y)[6] = (unsigned char)(((x)>>8)&255); \
(y)[7] = (unsigned char)((x)&255); \ (y)[7] = (unsigned char)((x)&255); \
} }
#define LOAD64H(x, y) { \ #define LOAD64H(x, y) { \
x = (((ulong64)((y)[0] & 255))<<56)|(((ulong64)((y)[1] & 255))<<48)| \ x = (((uint64)((y)[0] & 255))<<56)|(((uint64)((y)[1] & 255))<<48)| \
(((ulong64)((y)[2] & 255))<<40)|(((ulong64)((y)[3] & 255))<<32)| \ (((uint64)((y)[2] & 255))<<40)|(((uint64)((y)[3] & 255))<<32)| \
(((ulong64)((y)[4] & 255))<<24)|(((ulong64)((y)[5] & 255))<<16)| \ (((uint64)((y)[4] & 255))<<24)|(((uint64)((y)[5] & 255))<<16)| \
(((ulong64)((y)[6] & 255))<<8)| (((ulong64)((y)[7] & 255))); \ (((uint64)((y)[6] & 255))<<8)| (((uint64)((y)[7] & 255))); \
} }
#else /* 64-bit words then */ #else /* 64-bit words then */
#define STORE32H(x, y) \ #define STORE32H(x, y) \
{ unsigned long __t = (x); memcpy(y, &__t, 4); } { unsigned long __t = (x); memcpy(y, &__t, 4); }
#define LOAD32H(x, y) \ #define LOAD32H(x, y) \
{ memcpy(&(x), y, 4); x &= 0xFFFFFFFF; } { memcpy(&(x), y, 4); x &= 0xFFFFFFFF; }
#define STORE64H(x, y) \ #define STORE64H(x, y) \
{ ulong64 __t = (x); memcpy(y, &__t, 8); } { uint64 __t = (x); memcpy(y, &__t, 8); }
#define LOAD64H(x, y) \ #define LOAD64H(x, y) \
{ memcpy(&(x), y, 8); } { memcpy(&(x), y, 8); }
#endif /* ENDIAN_64BITWORD */ #endif /* ENDIAN_64BITWORD */
#endif /* ENDIAN_BIG */ #endif /* ENDIAN_BIG */
#ifdef HAVE_NATIVE_INT64
#define ROL64c(x, y) \
( (((x)<<((uint64)(y)&63)) | \
(((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((uint64)64-((y)&63)))) & CONST64(0xFFF
FFFFFFFFFFFFF))
#define ROR64c(x, y) \
( ((((x)&CONST64(0xFFFFFFFFFFFFFFFF))>>((uint64)(y)&CONST64(63))) | \
((x)<<((uint64)(64-((y)&CONST64(63)))))) & CONST64(0xFFFFFFFFFFFFFFFF))
#endif /* HAVE_NATIVE_INT64 */
/************************************************************************** ****/ /************************************************************************** ****/
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Return the length of padding bytes required for a record of 'LEN' by tes Return the length of padding bytes required for a record of 'LEN' by tes
The name Pwr2 indicates that calculations will work with 'BLOCKSIZE' The name Pwr2 indicates that calculations will work with 'BLOCKSIZE'
that are powers of 2. that are powers of 2.
Because of the trailing pad length byte, a length that is a multiple Because of the trailing pad length byte, a length that is a multiple
of the pad bytes of the pad bytes
*/ */
 End of changes. 14 change blocks. 
27 lines changed or deleted 47 lines changed or added


 digest.h   digest.h 
/* /*
* digest.h * digest.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Header for internal symmetric key cryptography support * Header for internal symmetric key cryptography support
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
skipping to change at line 49 skipping to change at line 49
uint64 length; uint64 length;
#else #else
uint32 lengthHi; uint32 lengthHi;
uint32 lengthLo; uint32 lengthLo;
#endif /* HAVE_NATIVE_INT64 */ #endif /* HAVE_NATIVE_INT64 */
uint32 state[5], curlen; uint32 state[5], curlen;
unsigned char buf[64]; unsigned char buf[64];
}; };
#endif /* USE_SHA1 */ #endif /* USE_SHA1 */
#define SHA256_HASH_SIZE 32
#ifdef USE_MD5 #ifdef USE_MD5
#define MD5_HASH_SIZE 16 #define MD5_HASH_SIZE 16
struct md5_state { struct md5_state {
#ifdef HAVE_NATIVE_INT64 #ifdef HAVE_NATIVE_INT64
uint64 length; uint64 length;
#else #else
uint32 lengthHi; uint32 lengthHi;
uint32 lengthLo; uint32 lengthLo;
#endif /* HAVE_NATIVE_INT64 */ #endif /* HAVE_NATIVE_INT64 */
uint32 state[4], curlen; uint32 state[4], curlen;
unsigned char buf[64]; unsigned char buf[64];
}; };
#endif /* USE_MD5 */ #endif /* USE_MD5 */
#define MAX_HASH_SIZE SHA1_HASH_SIZE
/************************************************************************** ****/ /************************************************************************** ****/
typedef union { typedef union {
#ifdef USE_SHA1 #ifdef USE_SHA1
struct sha1_state sha1; struct sha1_state sha1;
#endif /* USE_SHA1 */ #endif /* USE_SHA1 */
#ifdef USE_MD5 #ifdef USE_MD5
struct md5_state md5; struct md5_state md5;
#endif /* USE_MD5 */ #endif /* USE_MD5 */
 End of changes. 3 change blocks. 
1 lines changed or deleted 5 lines changed or added


 list.h   list.h 
/* /*
* list.h * list.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 matrixsslApi.h   matrixsslApi.h 
/* /*
* matrixsslApi.h * matrixsslApi.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Public header file for MatrixSSL * Public header file for MatrixSSL
* Implementations interacting with the matrixssl library should * Implementations interacting with the matrixssl library should
* only use the APIs and definitions used in this file. * only use the APIs and definitions used in this file.
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
skipping to change at line 79 skipping to change at line 79
PSPUBLIC void matrixSslDeleteKeys(sslKeys_t *keys); PSPUBLIC void matrixSslDeleteKeys(sslKeys_t *keys);
PSPUBLIC void matrixSslDeleteSession(ssl_t *ssl); PSPUBLIC void matrixSslDeleteSession(ssl_t *ssl);
PSPUBLIC int32 matrixSslGetReadbuf(ssl_t *ssl, unsigned char **buf); PSPUBLIC int32 matrixSslGetReadbuf(ssl_t *ssl, unsigned char **buf);
PSPUBLIC int32 matrixSslGetOutdata(ssl_t *ssl, unsigned char **buf); PSPUBLIC int32 matrixSslGetOutdata(ssl_t *ssl, unsigned char **buf);
PSPUBLIC int32 matrixSslGetWritebuf(ssl_t *ssl, unsigned char **buf, PSPUBLIC int32 matrixSslGetWritebuf(ssl_t *ssl, unsigned char **buf,
uint32 reqLen); uint32 reqLen);
PSPUBLIC int32 matrixSslEncodeWritebuf(ssl_t *ssl, uint32 len); PSPUBLIC int32 matrixSslEncodeWritebuf(ssl_t *ssl, uint32 len);
PSPUBLIC int32 matrixSslEncodeToOutdata(ssl_t *ssl, unsigned char *buf,
uint32 len);
PSPUBLIC int32 matrixSslSentData(ssl_t *ssl, uint32 bytes); PSPUBLIC int32 matrixSslSentData(ssl_t *ssl, uint32 bytes);
PSPUBLIC int32 matrixSslReceivedData(ssl_t *ssl, uint32 bytes, PSPUBLIC int32 matrixSslReceivedData(ssl_t *ssl, uint32 bytes,
unsigned char **ptbuf, uint32 *ptlen); unsigned char **ptbuf, uint32 *ptlen);
PSPUBLIC int32 matrixSslProcessedData(ssl_t *ssl, PSPUBLIC int32 matrixSslProcessedData(ssl_t *ssl,
unsigned char **ptbuf, uint32 *ptlen); unsigned char **ptbuf, uint32 *ptlen);
PSPUBLIC int32 matrixSslEncodeClosureAlert(ssl_t *ssl); PSPUBLIC int32 matrixSslEncodeClosureAlert(ssl_t *ssl);
PSPUBLIC int32 matrixSslLoadRsaKeys(sslKeys_t *keys, const char *certFile, PSPUBLIC int32 matrixSslLoadRsaKeys(sslKeys_t *keys, const char *certFile,
const char *privFile, const char *privPass, const char *privFile, const char *privPass,
const char *trustedCAFile); const char *trustedCAFile);
skipping to change at line 136 skipping to change at line 138
Server side APIs Server side APIs
*/ */
PSPUBLIC int32 matrixSslNewServerSession(ssl_t **ssl, sslKeys_t *keys, PSPUBLIC int32 matrixSslNewServerSession(ssl_t **ssl, sslKeys_t *keys,
int32 (*certCb)(ssl_t *ssl, psX509Cert_t *ce rt, int32 alert)); int32 (*certCb)(ssl_t *ssl, psX509Cert_t *ce rt, int32 alert));
PSPUBLIC int32 matrixSslSetCipherSuiteEnabledStatus(ssl_t *ssl, uint16 ciph erId, PSPUBLIC int32 matrixSslSetCipherSuiteEnabledStatus(ssl_t *ssl, uint16 ciph erId,
uint32 status); uint32 status);
#endif /* USE_SERVER_SIDE_SSL */ #endif /* USE_SERVER_SIDE_SSL */
/************************************************************************** ****/ /************************************************************************** ****/
/**************************************************************************
****/
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* _h_MATRIXSSL */ #endif /* _h_MATRIXSSL */
/************************************************************************** ****/ /************************************************************************** ****/
 End of changes. 3 change blocks. 
1 lines changed or deleted 6 lines changed or added


 matrixsslConfig.h   matrixsslConfig.h 
/* /*
* matrixsslConfig.h * matrixsslConfig.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Configuration settings for building the MatrixSSL library. * Configuration settings for building the MatrixSSL library.
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
skipping to change at line 48 skipping to change at line 48
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Recommended cipher suites: Recommended cipher suites:
Define the following to enable various cipher suites Define the following to enable various cipher suites
At least one of these must be defined. If multiple are defined, At least one of these must be defined. If multiple are defined,
the handshake will determine which is best for the connection. the handshake will determine which is best for the connection.
*/ */
#define USE_TLS_RSA_WITH_AES_128_CBC_SHA #define USE_TLS_RSA_WITH_AES_128_CBC_SHA
#define USE_SSL_RSA_WITH_3DES_EDE_CBC_SHA #define USE_TLS_RSA_WITH_AES_256_CBC_SHA
/* #define USE_SSL_RSA_WITH_3DES_EDE_CBC_SHA */
/* #define USE_SSL_RSA_WITH_RC4_128_SHA */ /* #define USE_SSL_RSA_WITH_RC4_128_SHA */
/* #define USE_SSL_RSA_WITH_RC4_128_MD5 */ /* #define USE_SSL_RSA_WITH_RC4_128_MD5 */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
These cipher suites do not combine authentication and encryption and These cipher suites do not combine authentication and encryption and
are not recommended for use-cases that require strong security are not recommended for use-cases that require strong security
*/ */
/* #define USE_SSL_RSA_WITH_NULL_SHA */ /* #define USE_SSL_RSA_WITH_NULL_SHA */
/* #define USE_SSL_RSA_WITH_NULL_MD5 */ /* #define USE_SSL_RSA_WITH_NULL_MD5 */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Support for TLS protocols. Support for TLS protocols.
TLS versions must 'stack' (can't support 1.1 without 1.0)
- SSLv3 is always on unless disabled
- TLS versions must 'stack' (can't support 1.1 without 1.0)
*/ */
#define USE_TLS /* TLS 1.0 */ #define USE_TLS /* TLS 1.0 aka SSL 3.1 */
#define USE_TLS_1_1
/* #define DISABLE_SSLV3 */ /* Disable SSL 3.0 */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Compile time support for server or client side SSL Compile time support for server or client side SSL
*/ */
#define USE_CLIENT_SIDE_SSL #define USE_CLIENT_SIDE_SSL
#define USE_SERVER_SIDE_SSL #define USE_SERVER_SIDE_SSL
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
The initial buffer size for send and receive buffers in each ssl_t s ession. The initial buffer sizes for send and receive buffers in each ssl_t session.
Buffers are internally grown if more incoming or outgoing data stora ge is Buffers are internally grown if more incoming or outgoing data stora ge is
needed, up to a maximum of SSL_MAX_BUF_SIZE. Once the memory used by the needed, up to a maximum of SSL_MAX_BUF_SIZE. Once the memory used by the
buffer again drops below SSL_DEFAULT_BUF_SIZE, the buffer will be re duced buffer again drops below SSL_DEFAULT_X_BUF_SIZE, the buffer will be reduced
to this size. Most standard SSL handshakes require on the order of 1 024 B. to this size. Most standard SSL handshakes require on the order of 1 024 B.
SSL_DEFAULT_BUF_SIZE value in bytes, maximum SSL_MAX_BUF_SIZE SSL_DEFAULT_X_BUF_SIZE value in bytes, maximum SSL_MAX_BUF_SIZE
*/ */
#define SSL_DEFAULT_BUF_SIZE 256 /* Baseline send/recv buf si #define SSL_DEFAULT_IN_BUF_SIZE 1500 /* Baseline
ze */ recv buf size */
#define SSL_DEFAULT_OUT_BUF_SIZE 1500 /* Baseline
send buf size */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
If SERVER you may define the number of sessions to cache and how If SERVER you may define the number of sessions to cache and how
long a session will remain valid in the cache from first access. long a session will remain valid in the cache from first access.
Session caching enables very fast "session resumption handshakes". S ession Session caching enables very fast "session resumption handshakes". S ession
caching can effectively by disabled by setting SSL_SESSION_ENTRY_LIF E to 0 caching can effectively by disabled by setting SSL_SESSION_ENTRY_LIF E to 0
SSL_SESSION_TABLE_SIZE minimum value is 1 SSL_SESSION_TABLE_SIZE minimum value is 1
 End of changes. 8 change blocks. 
9 lines changed or deleted 17 lines changed or added


 matrixssllib.h   matrixssllib.h 
/* /*
* matrixssllib.h * matrixssllib.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Internal header file used for the MatrixSSL implementation. * Internal header file used for the MatrixSSL implementation.
* Only modifiers of the library should be intersted in this file * Only modifiers of the library should be intersted in this file
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
skipping to change at line 42 skipping to change at line 42
#ifndef _h_MATRIXSSLLIB #ifndef _h_MATRIXSSLLIB
#define _h_MATRIXSSLLIB #define _h_MATRIXSSLLIB
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
/************************************************************************** ***/ /************************************************************************** ***/
/* /*
Start with compile-time checks for the necessary crypto support. Start with compile-time checks for the necessary proto and crypto su pport.
*/ */
#if !defined(USE_TLS) && defined(DISABLE_SSLV3)
#error "Must enable a protocol: USE_TLS enabled or DISABLE_SSLV3 disabled"
#endif
#if defined(USE_TLS_1_1) && !defined(USE_TLS)
#error "Must define USE_TLS if defining USE_TLS_1_1"
#endif
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
SHA1 and MD5 are essential elements for SSL key derivation during pr otocol SHA1 and MD5 are essential elements for SSL key derivation during pr otocol
*/ */
#if !defined USE_MD5 || !defined USE_SHA1 #if !defined USE_MD5 || !defined USE_SHA1
#error "Must enable both USE_MD5 and USE_SHA1 in cryptoConfig.h for MatrixS SL" #error "Must enable both USE_MD5 and USE_SHA1 in cryptoConfig.h for MatrixS SL"
#endif #endif
#if !defined USE_CLIENT_SIDE_SSL && !defined USE_SERVER_SIDE_SSL #if !defined USE_CLIENT_SIDE_SSL && !defined USE_SERVER_SIDE_SSL
#error "Must enable either USE_CLIENT_SIDE_SSL or USE_SERVER_SIDE_SSL (or b oth)" #error "Must enable either USE_CLIENT_SIDE_SSL or USE_SERVER_SIDE_SSL (or b oth)"
skipping to change at line 260 skipping to change at line 268
#define SSL_ALERT_UNSUPPORTED_EXTENSION 110 #define SSL_ALERT_UNSUPPORTED_EXTENSION 110
/* /*
Use as return code in user validation callback to allow Use as return code in user validation callback to allow
anonymous connections to proceed. anonymous connections to proceed.
MUST NOT OVERLAP WITH ANY OF THE ALERT CODES ABOVE MUST NOT OVERLAP WITH ANY OF THE ALERT CODES ABOVE
*/ */
#define SSL_ALLOW_ANON_CONNECTION 254 #define SSL_ALLOW_ANON_CONNECTION 254
/* /*
Flags. DO NOT TOUCH Internal flags for ssl_t.flags field.
*/ */
#define SSL_FLAGS_SERVER 0x1 #define SSL_FLAGS_SERVER 0x000001
#define SSL_FLAGS_READ_SECURE 0x2 #define SSL_FLAGS_READ_SECURE 0x000002
#define SSL_FLAGS_WRITE_SECURE 0x4 #define SSL_FLAGS_WRITE_SECURE 0x000004
#define SSL_FLAGS_RESUMED 0x8 #define SSL_FLAGS_RESUMED 0x000008
#define SSL_FLAGS_CLOSED 0x10 #define SSL_FLAGS_CLOSED 0x000010
#define SSL_FLAGS_NEED_ENCODE 0x20 #define SSL_FLAGS_NEED_ENCODE 0x000020
#define SSL_FLAGS_ERROR 0x40 #define SSL_FLAGS_ERROR 0x000040
#define SSL_FLAGS_TLS 0x80 #define SSL_FLAGS_TLS 0x000080
#define SSL_FLAGS_CLIENT_AUTH 0x100 #define SSL_FLAGS_CLIENT_AUTH 0x000100
#define SSL_FLAGS_ANON_CIPHER 0x200 #define SSL_FLAGS_ANON_CIPHER 0x000200
#define SSL_FLAGS_FALSE_START 0x400 #define SSL_FLAGS_FALSE_START 0x000400
#define SSL_FLAGS_TLS_1_1 0x000800
/* /*
Buffer flags (ssl->bFlags) Buffer flags (ssl->bFlags)
*/ */
#define BFLAG_CLOSE_AFTER_SENT 0x01 #define BFLAG_CLOSE_AFTER_SENT 0x01
#define BFLAG_HS_COMPLETE 0x02 #define BFLAG_HS_COMPLETE 0x02
/* /*
Cipher types Cipher types
*/ */
skipping to change at line 465 skipping to change at line 474
#ifdef USE_CLIENT_SIDE_SSL #ifdef USE_CLIENT_SIDE_SSL
int32 certMatch; int32 certMatch;
#endif /* USE_CLIENT_SIDE_SSL */ #endif /* USE_CLIENT_SIDE_SSL */
psDigestContext_t msgHashMd5; psDigestContext_t msgHashMd5;
psDigestContext_t msgHashSha1; psDigestContext_t msgHashSha1;
psCipherContext_t encryptCtx; psCipherContext_t encryptCtx;
psCipherContext_t decryptCtx; psCipherContext_t decryptCtx;
#ifdef USE_TLS_1_1
int32 explicitIv;
#endif /* USE_TLS_1_1 */
int32 anon; int32 anon;
} sslSec_t; } sslSec_t;
typedef struct { typedef struct {
uint16 ident; /* Official cipher ID */ uint16 ident; /* Official cipher ID */
uint16 type; /* Key exchange method */ uint16 type; /* Key exchange method */
uint32 flags; /* from CRYPTO_FLAGS_* */ uint32 flags; /* from CRYPTO_FLAGS_* */
unsigned char macSize; unsigned char macSize;
unsigned char keySize; unsigned char keySize;
unsigned char ivSize; unsigned char ivSize;
skipping to change at line 602 skipping to change at line 614
Former public APIS in 1.x and 2.x. Now deprecated in 3.x Former public APIS in 1.x and 2.x. Now deprecated in 3.x
These functions are still heavily used internally, just no longer pu blically These functions are still heavily used internally, just no longer pu blically
supported. supported.
*/ */
extern int32 matrixSslDecode(ssl_t *ssl, unsigned char **buf, uint32 *len, extern int32 matrixSslDecode(ssl_t *ssl, unsigned char **buf, uint32 *len,
uint32 size, uint32 *remaini ng, uint32 *requiredLen, uint32 size, uint32 *remaini ng, uint32 *requiredLen,
int32 *error, unsigned char *alertLevel, int32 *error, unsigned char *alertLevel,
unsigned char *alertDescript ion); unsigned char *alertDescript ion);
extern int32 matrixSslEncode(ssl_t *ssl, unsigned char *buf, uint32 size, extern int32 matrixSslEncode(ssl_t *ssl, unsigned char *buf, uint32 size,
unsigned char *ptBuf, uint32 *len); unsigned char *ptBuf, uint32 *len);
extern int32 matrixSslGetEncodedHeaderSize(ssl_t *ssl);
extern int32 matrixSslGetEncodedSize(ssl_t *ssl, uint32 len); extern int32 matrixSslGetEncodedSize(ssl_t *ssl, uint32 len);
extern void matrixSslSetCertValidator(ssl_t *ssl, extern void matrixSslSetCertValidator(ssl_t *ssl,
int32 (*certValidator)(void *, psX509Cert_t *, int32)); int32 (*certValidator)(void *, psX509Cert_t *, int32));
extern int32 matrixSslNewSession(ssl_t **ssl, sslKeys_t *keys, extern int32 matrixSslNewSession(ssl_t **ssl, sslKeys_t *keys,
sslSessionId_t *session, int 32 flags); sslSessionId_t *session, int 32 flags);
extern void matrixSslSetSessionOption(ssl_t *ssl, int32 option, void *arg); extern void matrixSslSetSessionOption(ssl_t *ssl, int32 option, void *arg);
extern int32 matrixSslHandshakeIsComplete(ssl_t *ssl); extern int32 matrixSslHandshakeIsComplete(ssl_t *ssl);
typedef int32 (*sslExtCb_t)(void *, unsigned short, unsigned short, void * ); typedef int32 (*sslExtCb_t)(void *, unsigned short, unsigned short, void * );
/* This used to be prefixed with 'matrix' */ /* This used to be prefixed with 'matrix' */
skipping to change at line 680 skipping to change at line 691
int32 addScsv); int32 addScsv);
extern int32 csRsaEncryptPub(psPool_t *pool, psPubKey_t *key, extern int32 csRsaEncryptPub(psPool_t *pool, psPubKey_t *key,
unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen); unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen);
extern int32 csRsaDecryptPub(psPool_t *pool, psPubKey_t *key, extern int32 csRsaDecryptPub(psPool_t *pool, psPubKey_t *key,
unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen); unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen);
extern int32 csRsaEncryptPriv(psPool_t *pool, psPubKey_t *key, extern int32 csRsaEncryptPriv(psPool_t *pool, psPubKey_t *key,
unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen); unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen);
extern int32 csRsaDecryptPriv(psPool_t *pool, psPubKey_t *key, extern int32 csRsaDecryptPriv(psPool_t *pool, psPubKey_t *key,
unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen); unsigned char *in, uint32 inlen, unsigned char *out, uint32 outlen);
#ifndef DISABLE_SSLV3
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
sslv3.c sslv3.c
*/ */
extern int32 sslGenerateFinishedHash(psDigestContext_t *md5, extern int32 sslGenerateFinishedHash(psDigestContext_t *md5,
psDigestContext_t *sha1, unsigned char *mast erSecret, psDigestContext_t *sha1, unsigned char *mast erSecret,
unsigned char *out, int32 sender); unsigned char *out, int32 sender);
extern int32 sslDeriveKeys(ssl_t *ssl); extern int32 sslDeriveKeys(ssl_t *ssl);
skipping to change at line 701 skipping to change at line 713
extern int32 ssl3HMACSha1(unsigned char *key, unsigned char *seq, extern int32 ssl3HMACSha1(unsigned char *key, unsigned char *seq,
unsigned char type, unsigned char *data, uint32 len, unsigned char type, unsigned char *data, uint32 len,
unsigned char *mac); unsigned char *mac);
#endif /* USE_SHA1_MAC */ #endif /* USE_SHA1_MAC */
#ifdef USE_MD5_MAC #ifdef USE_MD5_MAC
extern int32 ssl3HMACMd5(unsigned char *key, unsigned char *seq, extern int32 ssl3HMACMd5(unsigned char *key, unsigned char *seq,
unsigned char type, unsigned char *data, uint32 len, unsigned char type, unsigned char *data, uint32 len,
unsigned char *mac); unsigned char *mac);
#endif /* USE_MD5_MAC */ #endif /* USE_MD5_MAC */
#endif /* DISABLE_SSLV3 */
#ifdef USE_TLS #ifdef USE_TLS
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
tls.c tls.c
*/ */
extern int32 tlsDeriveKeys(ssl_t *ssl); extern int32 tlsDeriveKeys(ssl_t *ssl);
extern int32 tlsGenerateFinishedHash(psDigestContext_t *md5, extern int32 tlsGenerateFinishedHash(psDigestContext_t *md5,
psDigestContext_t *sha1, unsigned char *mast erSecret, psDigestContext_t *sha1, unsigned char *mast erSecret,
unsigned char *out, int32 sender); unsigned char *out, int32 sender);
 End of changes. 9 change blocks. 
15 lines changed or deleted 28 lines changed or added


 osdep.h   osdep.h 
/* /*
* osdep.h * osdep.h
* Operating System and Hardware Abstraction Layer * Operating System and Hardware Abstraction Layer
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
skipping to change at line 61 skipping to change at line 61
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
If the Makefile specifies that PeerSec MatrixSSL does not currently hav e If the Makefile specifies that PeerSec MatrixSSL does not currently hav e
a layer for the given OS, or the port is to "bare metal" hardware, a layer for the given OS, or the port is to "bare metal" hardware,
do basic defines here and include externally provided file "matrixos.h" . do basic defines here and include externally provided file "matrixos.h" .
In addition, if building for such a platform, a C file defining the abo ve In addition, if building for such a platform, a C file defining the abo ve
functions must be linked with the final executable. functions must be linked with the final executable.
*/ */
#ifdef PS_UNSUPPORTED_OS #ifdef PS_UNSUPPORTED_OS
#define PSPUBLIC extern #define PSPUBLIC extern
#define likely(x) x
#define unlikely(x) x
#include "matrixos.h" #include "matrixos.h"
#else #else
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Supported Platforms below. The implementations of the apis are in Supported Platforms below. The implementations of the apis are in
platform specific directories, such as core/POSIX and core/ECOS platform specific directories, such as core/POSIX and core/ECOS
POSIX define is used for Linux and Mac OS X POSIX define is used for Linux and Mac OS X
*/ */
#include <stdio.h> #include <stdio.h>
#ifndef POSIX #ifndef POSIX
#if defined(LINUX) || defined(OSX) #if defined(LINUX) || defined(OSX)
#define POSIX #define POSIX
#endif #endif
#endif #endif
/* Branch hints for GCC. */
#ifdef __GNUC__
#define likely(x) __builtin_expect((x), 1)
#define unlikely(x) __builtin_expect((x), 0)
#else
#define likely(x) x
#define unlikely(x) x
#endif
#ifdef POSIX #ifdef POSIX
#include <stdint.h> #include <stdint.h>
typedef int32_t int32; typedef int32_t int32;
typedef uint32_t uint32; typedef uint32_t uint32;
typedef int16_t int16; typedef int16_t int16;
typedef uint16_t uint16; typedef uint16_t uint16;
#ifdef HAVE_NATIVE_INT64 #ifdef HAVE_NATIVE_INT64
typedef int64_t int64; typedef int64_t int64;
typedef uint64_t uint64; typedef uint64_t uint64;
#endif #endif
skipping to change at line 164 skipping to change at line 152
#endif /* !WIN */ #endif /* !WIN */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Raw trace and error Raw trace and error
*/ */
PSPUBLIC void _psTrace(char *msg); PSPUBLIC void _psTrace(char *msg);
PSPUBLIC void _psTraceInt(char *msg, int32 val); PSPUBLIC void _psTraceInt(char *msg, int32 val);
PSPUBLIC void _psTraceStr(char *msg, char *val); PSPUBLIC void _psTraceStr(char *msg, char *val);
PSPUBLIC void _psTracePtr(char *message, void *value); PSPUBLIC void _psTracePtr(char *message, void *value);
PSPUBLIC void psTraceBytes(char *tag, unsigned char *p, int l);
PSPUBLIC void _psError(char *msg); PSPUBLIC void _psError(char *msg);
PSPUBLIC void _psErrorInt(char *msg, int32 val); PSPUBLIC void _psErrorInt(char *msg, int32 val);
PSPUBLIC void _psErrorStr(char *msg, char *val); PSPUBLIC void _psErrorStr(char *msg, char *val);
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Core trace Core trace
*/ */
#ifndef USE_CORE_TRACE #ifndef USE_CORE_TRACE
skipping to change at line 190 skipping to change at line 179
#define psTraceStrCore(x, y) _psTraceStr(x, y) #define psTraceStrCore(x, y) _psTraceStr(x, y)
#define psTraceIntCore(x, y) _psTraceInt(x, y) #define psTraceIntCore(x, y) _psTraceInt(x, y)
#define psTracePtrCore(x, y) _psTracePtr(x, y) #define psTracePtrCore(x, y) _psTracePtr(x, y)
#endif /* USE_CORE_TRACE */ #endif /* USE_CORE_TRACE */
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
HALT_ON_PS_ERROR define at compile-time determines whether to halt o n HALT_ON_PS_ERROR define at compile-time determines whether to halt o n
psAssert and psError calls psAssert and psError calls
*/ */
#define psAssert(C) if (likely(C)) ; else \ #define psAssert(C) if (C) ; else \
{halAlert();_psTraceStr("psAssert %s", __FILE__);_psTraceInt(":%d ", __LINE __);\ {halAlert();_psTraceStr("psAssert %s", __FILE__);_psTraceInt(":%d ", __LINE __);\
_psError(#C);} _psError(#C);}
#define psError(a) \ #define psError(a) \
halAlert();_psTraceStr("psError %s", __FILE__);_psTraceInt(":%d ", __LINE_ _); \ halAlert();_psTraceStr("psError %s", __FILE__);_psTraceInt(":%d ", __LINE_ _); \
_psError(a); _psError(a);
#define psErrorStr(a,b) \ #define psErrorStr(a,b) \
halAlert();_psTraceStr("psError %s", __FILE__);_psTraceInt(":%d ", __LINE_ _); \ halAlert();_psTraceStr("psError %s", __FILE__);_psTraceInt(":%d ", __LINE_ _); \
_psErrorStr(a,b) _psErrorStr(a,b)
 End of changes. 5 change blocks. 
14 lines changed or deleted 3 lines changed or added


 prng.h   prng.h 
/* /*
* prng.h * prng.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
skipping to change at line 57 skipping to change at line 57
int32 blocklen; /** The AESBLOCKSIZE */ int32 blocklen; /** The AESBLOCKSIZE */
unsigned char ctr[AESBLOCKSIZE]; /** The counter being encryp ted */ unsigned char ctr[AESBLOCKSIZE]; /** The counter being encryp ted */
unsigned char pad[AESBLOCKSIZE]; /** The actual prn */ unsigned char pad[AESBLOCKSIZE]; /** The actual prn */
psAesKey_t key; /** The sche duled key */ psAesKey_t key; /** The sche duled key */
} psYarrow_t; } psYarrow_t;
#endif /* USE_YARROW */ #endif /* USE_YARROW */
/* /*
prng.c wrapper prng.c wrapper
*/ */
#define RANDOM_BYTES_BEFORE_ENTROPY 256 /* add entropy each time # bytes read */ #define RANDOM_BYTES_BEFORE_ENTROPY 1024 /* add entropy each time # byte s read */
#define RANDOM_CALLS_BEFORE_RESEED 32 /* Reseed context each # times c alled */ #define RANDOM_CALLS_BEFORE_RESEED 32 /* Reseed context each # times c alled */
#define RANDOM_ENTROPY_BYTES 8 /* Bytes of entropy from sou rce */ #define RANDOM_ENTROPY_BYTES 8 /* Bytes of entropy from sou rce */
typedef struct { typedef struct {
#ifdef USE_YARROW #ifdef USE_YARROW
psYarrow_t yarrow; psYarrow_t yarrow;
#endif #endif
uint32 bytecount; /* number of bytes read from this context */ uint32 bytecount; /* number of bytes read from this context */
uint32 callcount; /* number of times this context was calle d */ uint32 callcount; /* number of times this context was calle d */
} psRandom_t; } psRandom_t;
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added


 psmalloc.h   psmalloc.h 
/* /*
* psmalloc.h * psmalloc.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Header for psMalloc functions * Header for psMalloc functions
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
skipping to change at line 47 skipping to change at line 47
*/ */
#ifdef PS_UNSUPPORTED_OS #ifdef PS_UNSUPPORTED_OS
#include "matrixos.h" #include "matrixos.h"
#else #else
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
*/ */
#include <string.h> /* memset, memcpy */ #include <string.h> /* memset, memcpy */
#define PEERSEC_NO_POOL (void *)0x0
/************************************************************************** ****/ /************************************************************************** ****/
/* /*
Native memory routines Native memory routines
*/ */
#include <stdlib.h> /* malloc, free, etc... */ #include <stdlib.h> /* malloc, free, etc... */
#define MAX_MEMORY_USAGE 0 #define MAX_MEMORY_USAGE 0
#define psOpenMalloc() 0 #define psOpenMalloc() 0
#define psCloseMalloc() #define psCloseMalloc()
#define psDefineHeap(A, B) #define psDefineHeap(A, B)
 End of changes. 2 change blocks. 
1 lines changed or deleted 3 lines changed or added


 pstm.h   pstm.h 
/* /*
* pstm.h * pstm.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* multiple-precision integer library * multiple-precision integer library
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 pubkey.h   pubkey.h 
/* /*
* pubkey.h * pubkey.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 symmetric.h   symmetric.h 
/* /*
* symmetric.h * symmetric.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
* *
* Header for internal symmetric key cryptography support * Header for internal symmetric key cryptography support
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
 End of changes. 1 change blocks. 
1 lines changed or deleted 1 lines changed or added


 version.h   version.h 
/* /*
Copyright 2011 PeerSec Networks, Inc. Copyright 2011 PeerSec Networks, Inc.
This file is auto-generated This file is auto-generated
*/ */
#ifndef _h_MATRIXSSL_VERSION #ifndef _h_MATRIXSSL_VERSION
#define _h_MATRIXSSL_VERSION #define _h_MATRIXSSL_VERSION
#ifdef __cplusplus #ifdef __cplusplus
extern "C" { extern "C" {
#endif #endif
#define MATRIXSSL_VERSION "3.1.4-OPEN" #define MATRIXSSL_VERSION "3.2.1-OPEN"
#define MATRIXSSL_VERSION_MAJOR 3 #define MATRIXSSL_VERSION_MAJOR 3
#define MATRIXSSL_VERSION_MINOR 1 #define MATRIXSSL_VERSION_MINOR 2
#define MATRIXSSL_VERSION_PATCH 4 #define MATRIXSSL_VERSION_PATCH 1
#define MATRIXSSL_VERSION_CODE "OPEN" #define MATRIXSSL_VERSION_CODE "OPEN"
#ifdef __cplusplus #ifdef __cplusplus
} }
#endif #endif
#endif /* _h_MATRIXSSL_VERSION */ #endif /* _h_MATRIXSSL_VERSION */
 End of changes. 2 change blocks. 
3 lines changed or deleted 3 lines changed or added


 x509.h   x509.h 
/* /*
* x509.h * x509.h
* Release $Name: MATRIXSSL-3-1-4-OPEN $ * Release $Name: MATRIXSSL-3-2-1-OPEN $
*/ */
/* /*
* Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved. * Copyright (c) PeerSec Networks, 2002-2011. All Rights Reserved.
* The latest version of this code is available at http://www.matrixssl .org * The latest version of this code is available at http://www.matrixssl .org
* *
* This software is open source; you can redistribute it and/or modify * This software is open source; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by * it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or * the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version. * (at your option) any later version.
* *
skipping to change at line 140 skipping to change at line 140
x509DNattributes_t subject; x509DNattributes_t subject;
int32 timeType; int32 timeType;
char *notBefore; char *notBefore;
char *notAfter; char *notAfter;
psPubKey_t publicKey; psPubKey_t publicKey;
int32 pubKeyAlgorithm; /* public key algor ithm OID */ int32 pubKeyAlgorithm; /* public key algor ithm OID */
int32 certAlgorithm; /* signature algorith m OID */ int32 certAlgorithm; /* signature algorith m OID */
int32 sigAlgorithm; /* signature algorithm OID */ int32 sigAlgorithm; /* signature algorithm OID */
unsigned char *signature; unsigned char *signature;
uint32 signatureLen; uint32 signatureLen;
unsigned char sigHash[32]; /* SHA256 MAX */ unsigned char sigHash[MAX_HASH_SIZE];
unsigned char *uniqueIssuerId; unsigned char *uniqueIssuerId;
uint32 uniqueIssuerIdLen; uint32 uniqueIssuerIdLen;
unsigned char *uniqueSubjectId; unsigned char *uniqueSubjectId;
uint32 uniqueSubjectIdLen; uint32 uniqueSubjectIdLen;
x509v3extensions_t extensions; x509v3extensions_t extensions;
int32 authStatus; /* See psX509Authenticat eCert doc */ int32 authStatus; /* See psX509Authenticat eCert doc */
#endif /* USE_CERT_PARSE */ #endif /* USE_CERT_PARSE */
unsigned char *unparsedBin; /* see psX509ParseCertFile */ unsigned char *unparsedBin; /* see psX509ParseCertFile */
uint32 binLen; uint32 binLen;
struct psCert *next; struct psCert *next;
 End of changes. 2 change blocks. 
2 lines changed or deleted 2 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/