tmk_core/tool/mbed/mbed-sdk/libraries/net/https/axTLS/ssl/openssl.c

   1 /*
   2  * Copyright (c) 2007, Cameron Rich
   3  *
   4  * All rights reserved.
   5  *
   6  * Redistribution and use in source and binary forms, with or without
   7  * modification, are permitted provided that the following conditions are met:
   8  *
   9  * * Redistributions of source code must retain the above copyright notice,
  10  *   this list of conditions and the following disclaimer.
  11  * * Redistributions in binary form must reproduce the above copyright notice,
  12  *   this list of conditions and the following disclaimer in the documentation
  13  *   and/or other materials provided with the distribution.
  14  * * Neither the name of the axTLS project nor the names of its contributors
  15  *   may be used to endorse or promote products derived from this software
  16  *   without specific prior written permission.
  17  *
  18  * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
  19  * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
  20  * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
  21  * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR
  22  * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
  23  * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
  24  * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
  25  * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
  26  * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
  27  * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
  28  * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
  29  */
  30
  31 /*
  32  * Enable a subset of openssl compatible functions. We don't aim to be 100%
  33  * compatible - just to be able to do basic ports etc.
  34  *
  35  * Only really tested on mini_httpd, so I'm not too sure how extensive this
  36  * port is.
  37  */
  38
  39 #include "config.h"
  40
  41 #ifdef CONFIG_OPENSSL_COMPATIBLE
  42 #include <stdlib.h>
  43 #include <string.h>
  44 #include <stdarg.h>
  45 #include "os_port.h"
  46 #include "ssl.h"
  47
  48 #define OPENSSL_CTX_ATTR  ((OPENSSL_CTX *)ssl_ctx->bonus_attr)
  49
  50 static char *key_password = NULL;
  51
  52 void *SSLv23_server_method(void) { return NULL; }
  53 void *SSLv3_server_method(void) { return NULL; }
  54 void *TLSv1_server_method(void) { return NULL; }
  55 void *SSLv23_client_method(void) { return NULL; }
  56 void *SSLv3_client_method(void) { return NULL; }
  57 void *TLSv1_client_method(void) { return NULL; }
  58
  59 typedef void * (*ssl_func_type_t)(void);
  60 typedef void * (*bio_func_type_t)(void);
  61
  62 typedef struct
  63 {
  64     ssl_func_type_t ssl_func_type;
  65 } OPENSSL_CTX;
  66
  67 SSL_CTX * SSL_CTX_new(ssl_func_type_t meth)
  68 {
  69     SSL_CTX *ssl_ctx = ssl_ctx_new(0, 5);
  70     ssl_ctx->bonus_attr = malloc(sizeof(OPENSSL_CTX));
  71     OPENSSL_CTX_ATTR->ssl_func_type = meth;
  72     return ssl_ctx;
  73 }
  74
  75 void SSL_CTX_free(SSL_CTX * ssl_ctx)
  76 {
  77     free(ssl_ctx->bonus_attr);
  78     ssl_ctx_free(ssl_ctx);
  79 }
  80
  81 SSL * SSL_new(SSL_CTX *ssl_ctx)
  82 {
  83     SSL *ssl;
  84     ssl_func_type_t ssl_func_type;
  85
  86     ssl = ssl_new(ssl_ctx, -1);        /* fd is set later */
  87     ssl_func_type = OPENSSL_CTX_ATTR->ssl_func_type;
  88
  89 #ifdef CONFIG_SSL_ENABLE_CLIENT
  90     if (ssl_func_type == SSLv23_client_method ||
  91         ssl_func_type == SSLv3_client_method ||
  92         ssl_func_type == TLSv1_client_method)
  93     {
  94         SET_SSL_FLAG(SSL_IS_CLIENT);
  95     }
  96     else
  97 #endif
  98     {
  99         ssl->next_state = HS_CLIENT_HELLO;
 100     }
 101
 102     return ssl;
 103 }
 104
 105 int SSL_set_fd(SSL *s, int fd)
 106 {
 107     s->client_fd = fd;
 108     return 1;   /* always succeeds */
 109 }
 110
 111 int SSL_accept(SSL *ssl)
 112 {
 113     while (ssl_read(ssl, NULL) == SSL_OK)
 114     {
 115         if (ssl->next_state == HS_CLIENT_HELLO)
 116             return 1;   /* we're done */
 117     }
 118
 119     return -1;
 120 }
 121
 122 #ifdef CONFIG_SSL_ENABLE_CLIENT
 123 int SSL_connect(SSL *ssl)
 124 {
 125     return do_client_connect(ssl) == SSL_OK ? 1 : -1;
 126 }
 127 #endif
 128
 129 void SSL_free(SSL *ssl)
 130 {
 131     ssl_free(ssl);
 132 }
 133
 134 int SSL_read(SSL *ssl, void *buf, int num)
 135 {
 136     uint8_t *read_buf;
 137     int ret;
 138
 139     while ((ret = ssl_read(ssl, &read_buf)) == SSL_OK);
 140
 141     if (ret > SSL_OK)
 142     {
 143         memcpy(buf, read_buf, ret > num ? num : ret);
 144     }
 145
 146     return ret;
 147 }
 148
 149 int SSL_write(SSL *ssl, const void *buf, int num)
 150 {
 151     return ssl_write(ssl, buf, num);
 152 }
 153
 154 int SSL_CTX_use_certificate_file(SSL_CTX *ssl_ctx, const char *file, int type)
 155 {
 156     return (ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CERT, file, NULL) == SSL_OK);
 157 }
 158
 159 int SSL_CTX_use_PrivateKey_file(SSL_CTX *ssl_ctx, const char *file, int type)
 160 {
 161     return (ssl_obj_load(ssl_ctx, SSL_OBJ_RSA_KEY, file, key_password) == SSL_OK);
 162 }
 163
 164 int SSL_CTX_use_certificate_ASN1(SSL_CTX *ssl_ctx, int len, const uint8_t *d)
 165 {
 166     return (ssl_obj_memory_load(ssl_ctx,
 167                         SSL_OBJ_X509_CERT, d, len, NULL) == SSL_OK);
 168 }
 169
 170 int SSL_CTX_set_session_id_context(SSL_CTX *ctx, const unsigned char *sid_ctx,
 171                                             unsigned int sid_ctx_len)
 172 {
 173     return 1;
 174 }
 175
 176 int SSL_CTX_set_default_verify_paths(SSL_CTX *ctx)
 177 {
 178     return 1;
 179 }
 180
 181 int SSL_CTX_use_certificate_chain_file(SSL_CTX *ssl_ctx, const char *file)
 182 {
 183     return (ssl_obj_load(ssl_ctx,
 184                         SSL_OBJ_X509_CERT, file, NULL) == SSL_OK);
 185 }
 186
 187 int SSL_shutdown(SSL *ssl)
 188 {
 189     return 1;
 190 }
 191
 192 /*** get/set session ***/
 193 SSL_SESSION *SSL_get1_session(SSL *ssl)
 194 {
 195     return (SSL_SESSION *)ssl_get_session_id(ssl); /* note: wrong cast */
 196 }
 197
 198 int SSL_set_session(SSL *ssl, SSL_SESSION *session)
 199 {
 200     memcpy(ssl->session_id, (uint8_t *)session, SSL_SESSION_ID_SIZE);
 201     return 1;
 202 }
 203
 204 void SSL_SESSION_free(SSL_SESSION *session) { }
 205 /*** end get/set session ***/
 206
 207 long SSL_CTX_ctrl(SSL_CTX *ctx, int cmd, long larg, void *parg)
 208 {
 209     return 0;
 210 }
 211
 212 void SSL_CTX_set_verify(SSL_CTX *ctx, int mode,
 213                                  int (*verify_callback)(int, void *)) { }
 214
 215 void SSL_CTX_set_verify_depth(SSL_CTX *ctx,int depth) { }
 216
 217 int SSL_CTX_load_verify_locations(SSL_CTX *ctx, const char *CAfile,
 218                                            const char *CApath)
 219 {
 220     return 1;
 221 }
 222
 223 void *SSL_load_client_CA_file(const char *file)
 224 {
 225     return (void *)file;
 226 }
 227
 228 void SSL_CTX_set_client_CA_list(SSL_CTX *ssl_ctx, void *file)
 229 {
 230
 231     ssl_obj_load(ssl_ctx, SSL_OBJ_X509_CERT, (const char *)file, NULL);
 232 }
 233
 234 void SSLv23_method(void) { }
 235
 236 void SSL_CTX_set_default_passwd_cb(SSL_CTX *ctx, void *cb) { }
 237
 238 void SSL_CTX_set_default_passwd_cb_userdata(SSL_CTX *ctx, void *u)
 239 {
 240     key_password = (char *)u;
 241 }
 242
 243 int SSL_peek(SSL *ssl, void *buf, int num)
 244 {
 245     memcpy(buf, ssl->bm_data, num);
 246     return num;
 247 }
 248
 249 void SSL_set_bio(SSL *ssl, void *rbio, void *wbio) { }
 250
 251 long SSL_get_verify_result(const SSL *ssl)
 252 {
 253     return ssl_handshake_status(ssl);
 254 }
 255
 256 int SSL_state(SSL *ssl)
 257 {
 258     return 0x03; // ok state
 259 }
 260
 261 /** end of could do better list */
 262
 263 void *SSL_get_peer_certificate(const SSL *ssl)
 264 {
 265     return &ssl->ssl_ctx->certs[0];
 266 }
 267
 268 int SSL_clear(SSL *ssl)
 269 {
 270     return 1;
 271 }
 272
 273
 274 int SSL_CTX_check_private_key(const SSL_CTX *ctx)
 275 {
 276     return 1;
 277 }
 278
 279 int SSL_CTX_set_cipher_list(SSL *s, const char *str)
 280 {
 281     return 1;
 282 }
 283
 284 int SSL_get_error(const SSL *ssl, int ret)
 285 {
 286     ssl_display_error(ret);
 287     return 0;   /* TODO: return proper return code */
 288 }
 289
 290 void SSL_CTX_set_options(SSL_CTX *ssl_ctx, int option) {}
 291 int SSL_library_init(void ) { return 1; }
 292 void SSL_load_error_strings(void ) {}
 293 void ERR_print_errors_fp(FILE *fp) {}
 294
 295 #ifndef CONFIG_SSL_SKELETON_MODE
 296 long SSL_CTX_get_timeout(const SSL_CTX *ssl_ctx) {
 297                             return CONFIG_SSL_EXPIRY_TIME*3600; }
 298 long SSL_CTX_set_timeout(SSL_CTX *ssl_ctx, long t) {
 299                             return SSL_CTX_get_timeout(ssl_ctx); }
 300 #endif
 301 void BIO_printf(FILE *f, const char *format, ...)
 302 {
 303     va_list(ap);
 304     va_start(ap, format);
 305     vfprintf(f, format, ap);
 306     va_end(ap);
 307 }
 308
 309 void* BIO_s_null(void) { return NULL; }
 310 FILE *BIO_new(bio_func_type_t func)
 311 {
 312     if (func == BIO_s_null)
 313         return fopen("/dev/null", "r");
 314     else
 315         return NULL;
 316 }
 317
 318 FILE *BIO_new_fp(FILE *stream, int close_flag) { return stream; }
 319 int BIO_free(FILE *a) { if (a != stdout && a != stderr) fclose(a); return 1; }
 320
 321
 322
 323 #endif