adds curve
Bu işleme şunda yer alıyor:
ebeveyn
43ed9c9c3f
işleme
b4a1417ab2
@ -4,7 +4,7 @@ BORINGSSL_LIB=$(BORINGSSL_DIR)/build.64bitRel/
|
|||||||
CC = clang
|
CC = clang
|
||||||
SRCDIR = src
|
SRCDIR = src
|
||||||
OBJDIR = obj
|
OBJDIR = obj
|
||||||
DBG ?= 1
|
DBG ?= 0
|
||||||
|
|
||||||
ifeq ($(DBG),1)
|
ifeq ($(DBG),1)
|
||||||
DEBUG = -DDEBUG -g -O0
|
DEBUG = -DDEBUG -g -O0
|
||||||
|
@ -7,21 +7,21 @@
|
|||||||
|
|
||||||
// Buffer used for read/write tests
|
// Buffer used for read/write tests
|
||||||
unsigned char rw_buf[BUFFER_SIZE];
|
unsigned char rw_buf[BUFFER_SIZE];
|
||||||
static const int Curves[1] = {NID_X25519};
|
static const char* DefaultCurves = "CECPQ2b:CECPQ2:X25519";
|
||||||
static const uint16_t TLS_PROT_VERSION = TLS1_3_VERSION;
|
static const uint16_t TLS_PROT_VERSION = TLS1_3_VERSION;
|
||||||
|
|
||||||
SSL_CTX *setup_client_ctx(void)
|
SSL_CTX *setup_client_ctx(const char* curves)
|
||||||
{
|
{
|
||||||
SSL_CTX* ctx = NULL;
|
SSL_CTX* ctx = NULL;
|
||||||
|
|
||||||
ctx = SSL_CTX_new(TLS_method());
|
ctx = SSL_CTX_new(TLS_method());
|
||||||
assert(ctx != NULL);
|
assert(ctx != NULL);
|
||||||
SSL_CTX_set_verify(ctx, SSL_VERIFY_NONE, NULL);
|
SSL_CTX_set_verify(ctx, SSL_VERIFY_PEER, NULL);
|
||||||
if( SSL_CTX_load_verify_locations(ctx, CACERT, NULL) != 1) {
|
if( SSL_CTX_load_verify_locations(ctx, CACERT, NULL) != 1) {
|
||||||
ERR("Error loading CA DIR");
|
ERR("Error loading CA DIR");
|
||||||
}
|
}
|
||||||
|
|
||||||
if (SSL_CTX_set1_curves(ctx, Curves, 1) != 1) {
|
if (SSL_CTX_set1_curves_list(ctx, curves)!=1) {
|
||||||
ERR("Can't set SIDH group");
|
ERR("Can't set SIDH group");
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -52,44 +52,47 @@ int do_client_loop(SSL* ssl)
|
|||||||
return 1;
|
return 1;
|
||||||
}
|
}
|
||||||
|
|
||||||
void test_Handshake(const char* IP, size_t handshake_nb) {
|
void test_Handshake(const char* IP, const char* curves, size_t handshake_nb) {
|
||||||
SSL* ssl;
|
SSL* ssl;
|
||||||
SSL_CTX* ctx;
|
SSL_CTX* ctx;
|
||||||
int err;
|
int err;
|
||||||
|
|
||||||
init();
|
init();
|
||||||
ctx = setup_client_ctx();
|
ctx = setup_client_ctx(curves);
|
||||||
|
|
||||||
DBG("Trying to connect");
|
DBG("Trying to connect");
|
||||||
|
int fd = connect_once(IP);
|
||||||
|
|
||||||
for (size_t i=0; i<handshake_nb; i++) {
|
for (size_t i=0; i<handshake_nb; i++) {
|
||||||
const int fd = connect_once(IP);
|
|
||||||
|
|
||||||
DBG("SSL ctx setup");
|
DBG("SSL ctx setup");
|
||||||
if (!(ssl = SSL_new(ctx))) {
|
if (!(ssl = SSL_new(ctx))) {
|
||||||
ERR("Error creating an SSL context");
|
ERR("Error creating an SSL context");
|
||||||
}
|
}
|
||||||
SSL_set_fd(ssl, fd);
|
SSL_set_fd(ssl, fd);
|
||||||
|
|
||||||
DBG("SSL handshake");
|
DBG("SSL handshake");
|
||||||
// OZAPTF: do handshake thing
|
|
||||||
err = SSL_connect(ssl);
|
err = SSL_connect(ssl);
|
||||||
if (err<=0) {
|
if (err<=0) {
|
||||||
ERR("Error connecting SSL err=%d", err);
|
ERR("Error connecting SSL err=%d", err);
|
||||||
}
|
}
|
||||||
assert(!SSL_session_reused(ssl));
|
assert(!SSL_session_reused(ssl));
|
||||||
|
assert(SSL_shutdown(ssl) == 0);
|
||||||
|
assert(SSL_shutdown(ssl) == 1);
|
||||||
SSL_free(ssl);
|
SSL_free(ssl);
|
||||||
close(fd);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
SSL_CTX_free(ctx);
|
SSL_CTX_free(ctx);
|
||||||
|
close(fd);
|
||||||
}
|
}
|
||||||
|
|
||||||
void test_Read(const char* IP) {
|
void test_Read(const char* IP, const char* curves) {
|
||||||
int err, nread=0;
|
int err, nread=0;
|
||||||
SSL* ssl;
|
SSL* ssl;
|
||||||
SSL_CTX* ctx;
|
SSL_CTX* ctx;
|
||||||
|
|
||||||
init();
|
init();
|
||||||
ctx = setup_client_ctx();
|
ctx = setup_client_ctx(curves);
|
||||||
|
|
||||||
DBG("Trying to connect");
|
DBG("Trying to connect");
|
||||||
int fd = connect_once(IP);
|
int fd = connect_once(IP);
|
||||||
@ -136,13 +139,13 @@ void test_Read(const char* IP) {
|
|||||||
close(fd);
|
close(fd);
|
||||||
}
|
}
|
||||||
|
|
||||||
void test_Write(const char* IP) {
|
void test_Write(const char* IP, const char* curves) {
|
||||||
SSL* ssl;
|
SSL* ssl;
|
||||||
SSL_CTX* ctx;
|
SSL_CTX* ctx;
|
||||||
int err,nread=0;
|
int err,nread=0;
|
||||||
|
|
||||||
init();
|
init();
|
||||||
ctx = setup_client_ctx();
|
ctx = setup_client_ctx(curves);
|
||||||
|
|
||||||
DBG("Trying to connect");
|
DBG("Trying to connect");
|
||||||
int fd = connect_once(IP);
|
int fd = connect_once(IP);
|
||||||
@ -186,12 +189,19 @@ int main(int argc, char* argv[]) {
|
|||||||
goto usage;
|
goto usage;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
const char *curves = NULL;
|
||||||
|
if (argc==4) {
|
||||||
|
curves = argv[3];
|
||||||
|
} else {
|
||||||
|
curves = DefaultCurves;
|
||||||
|
}
|
||||||
|
|
||||||
if (!strncmp("test_Handshake", argv[2], strlen("test_Handshake"))) {
|
if (!strncmp("test_Handshake", argv[2], strlen("test_Handshake"))) {
|
||||||
test_Handshake(argv[1], HANDHAKE_REPS);
|
test_Handshake(argv[1], curves, HANDHAKE_REPS);
|
||||||
} else if (!strncmp("test_Read", argv[2], strlen("test_Read"))) {
|
} else if (!strncmp("test_Read", argv[2], strlen("test_Read"))) {
|
||||||
test_Read(argv[1]);
|
test_Read(argv[1], curves);
|
||||||
} else if (!strncmp("test_Write", argv[2], strlen("test_Write"))) {
|
} else if (!strncmp("test_Write", argv[2], strlen("test_Write"))) {
|
||||||
test_Write(argv[1]);
|
test_Write(argv[1], curves);
|
||||||
} else {
|
} else {
|
||||||
printf("Unknown test");
|
printf("Unknown test");
|
||||||
goto usage;
|
goto usage;
|
||||||
@ -202,7 +212,7 @@ exit:
|
|||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
usage:
|
usage:
|
||||||
ERR("\n\nUsage: %s <host_ip> test_name\nOptions for 'test_name':\n\t"
|
ERR("\n\nUsage: %s host_ip test_name [groups]\nOptions for 'test_name':\n\t"
|
||||||
"test_Handshake\n\ttest_Write\n\ttest_Read\n", argv[0]);
|
"test_Handshake\n\ttest_Write\n\ttest_Read\n", argv[0]);
|
||||||
goto exit;
|
goto exit;
|
||||||
}
|
}
|
@ -56,8 +56,8 @@ void cleanup(void);
|
|||||||
void fill_buffer_from_file(unsigned char *b, size_t sz);
|
void fill_buffer_from_file(unsigned char *b, size_t sz);
|
||||||
|
|
||||||
// Available tests
|
// Available tests
|
||||||
void test_Write(const char*);
|
void test_Write(const char*, const char*);
|
||||||
void test_Read(const char*);
|
void test_Read(const char*, const char*);
|
||||||
void test_Handshake(const char*, size_t);
|
void test_Handshake(const char*, const char*, size_t);
|
||||||
|
|
||||||
#endif // __COMMON_H__
|
#endif // __COMMON_H__
|
Yükleniyor…
Yeni konuda referans
Bir kullanıcı engelle